[iwar] Historical posting


From: Fred Cohen
From: fc@all.net
To: iwar@onelist.com

Mon, Jan 1, 1999


fc  Mon Jan 1, 1999
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id FAA15269 for iwar@onelist.com; Tue, 18 Apr 2000 05:21:43 -0700
To: iwar@onelist.com
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe: 
Date: Mon, Jan 1, 1999
From: Fred Cohen 
Reply-To: iwar@egroups.com
Subject: [iwar] Historical posting

          

 Date: Wed, 26 Jan 2000 15:37:53 -0800
Subject: French spies listen in to British business phone calls

French intelligence is intercepting British businessmen's calls after
investing millions in satellite technology for its listening stations.  The
French government upgraded signals intelligence last year.  Now secret
service elements are using it to tap into commercial secrets. At least eight
centres, scattered across France, are being "aimed" at British defence
firms, petroleum companies and other commercial targets.  Eavesdroppers can
"pluck" GSM digital mobile phone signals from the air by targeting
individual numbers or sweeping sets of numbers. Targets have included
executives at British Aerospace, British Petroleum and British Airways,
according to French sources.  Senior executives have been told not to
discuss sensitive issues on mobile phones, and BAe staff have been told to
be "especially careful" during campaigns for new business, such as the
current battle to supply Eurofighter missiles.  [...]

  [Source: French spies listen in to British calls, James Clark, 
http://www.sunday-times.co.uk/news/pages/sti/2000/01/23/stinwenws03006.html?999
  Distributed via Declan's POLITECH, a moderated mailing list of politics
  and technology.  See http://www.well.com/~declan/politech/ ]

------------------------------

Date: Wed, 26 Jan 2000 06:48:32 -0500
Subject: DoE password policy comic relief?

  [The] DOE security "czar" ... said it is now virtually impossible for
  employees to transfer nuclear secrets from classified to unclassified
  computer networks ...

To quote Don Adams of "Get Smart" - Would you believe ... no more than
once a week? ... once a day?

  Many [nuke] employees used their last names or initials, and some simply
  typed "password" when logging onto classified networks, he said.
  Now, [the czar] added, "we have a password policy that I would put up
  against any in industry and academia."

Password Policy?  Reusable passwords to guard nuclear secrets?  Doesn't
this constitute a well-known RISK, of breach followed by fusion?

Does anybody in the press ever question these publicity handouts?  Do we
in the industry just sit on our hands, letting this travesty continue?

  [Source: Energy Chief Touts Security Upgrades at Nuclear Labs, 
  Vernon Loeb, *The Washington Post*, 26 Jan 2000, A13:
  http://www.washingtonpost.com/wp-srv/WPlate/2000-01/26/126l-012600-idx.html]

------------------------------