[iwar] Historical posting

From: Fred Cohen
From: fc@all.net
To: iwar@onelist.com
Mon, Jan 1, 1999
Messages sorted by: [ date ][ subject ][ author ][ recipient ]
Next message: From: Fred Cohen To: "[iwar] Historical posting"
Previous message: From: Fred Cohen To: "[iwar] Historical posting"
fc  Mon Jan 1, 1999
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id FAA15269 for iwar@onelist.com; Tue, 18 Apr 2000 05:21:43 -0700
To: iwar@onelist.com
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe: 
Date: Mon, Jan 1, 1999
From: Fred Cohen 
Reply-To: iwar@egroups.com
Subject: [iwar] Historical posting

          


             Legit hackers roam cyberspace for security

So you thought hackers were nerds in dark rooms travelling in

cyberspace to attack companies' computer systems or steal data.

Think again. A new breed of hackers licensed to hack legally

into companies around the world, ranging from banks in Israel

and Britain to e-commerce companies in Spain, and check their

systems' security, is at work in Sweden. The Stockholm-based

private company Defcom, set up in April last year, is a pioneer

in a shadowy business that may seem more like a scene from one

of legendary American science fiction author William Gibson's

novels than reality.

http://www.sjmercury.com/svtech/news/breaking/merc/docs/069448.htm



Expert highlights threat of journalist hackers

Hacks get into hacking... er not ZDNet hacks...

A Linux security expert says there is evidence that unscrupulous

journalists have turned to hacking computer systems in order to

win exclusive news stories. At a tutorial on computer security at

the LinuxWorld Expo in New York, this week Michael H. Warfield said

that he and fellow researchers at Internet Security Systems (ISS)

believe members of the press are part of a growing lesser-known

threat to modern computer security.

http://www.zdnet.co.uk/news/2000/4/ns-13127.html



Deutch controversy raises security questions for Internet users

Former CIA Director John Deutch's alleged use of a home computer to

store classified materials has sparked a security scare in the U.S.

intelligence community and has also pointed out a problem many

Internet users are not aware of. The minute anyone logs onto the

Internet, financial records and other personal information stored

on a home computer are an open book to any cyber-thief. Security

experts say Deutch would be a much bigger target than the average

person. "There are known foreign intelligence agents operating on

the Internet today ... and they are actively seeking U.S. intelligence

on the Internet," said Daniel Verton of Federal Computer Week.

http://www.cnn.com/2000/TECH/computing/02/04/pc.security/index.html



CyberPeepers from Korean Sites Peek at U.S. Networks

In the past two weeks, a large number of United States Internet

sites have reported an on-slaught of network probes or scans from

the Republic of Korea. Security engineers and systems administrators

have been spending a lot of time in the last few weeks asking each

other, "Why are we seeing so many scans from Korea." and, "Who is

scanning for what?" There have been numerous speculations made about

all the ubiquitous Korean network probes.

http://www.technologyevaluation.com/news_analysis/02-00/NA_ST_LPT_02_04_00_1.htm



Security experts warn of potential Web site dangers

The Federal Computer Incident Response Capability team is telling

agencies to be wary of malicious code surreptitiously embedded in

scripting language that could activate when a user visits a Web site,

or downloads or provides data online. An advisory said hackers could

use such code to gain access to data on a Web server or to information

provided by visitors to a site. FedCIRC said agencies should give the

alert a high priority because of the government's increased reliance

on the Web as a communications medium. "Users may unintentionally

execute scripts written by an attacker when they follow untrusted links

in Web pages, mail messages or newsgroups," the advisory said. "Because

the malicious scripts are executed in a context that appears to have

originated from the targeted site, the attacker has full access to the

document retrieved."

http://www.gcn.com/vol1_no1/daily-updates/1253-1.html



Hacking hazards come with Web scripting territory

Heard about a Web security issue lately? Chances are scripting was part

of the problem. If you've surfed the Web recently, you've almost certainly

seen scripts at work performing some of the most common tasks of today's

Web pages, from helping users search pages to scrolling text across the

screen and launching new windows. In the wake of a government advisory

about a newly recognized Web scripting security threat, software providers

fear scripting is getting a bum rap despite security protections built into

the top scripting implementations. Web scripting is the method most sites

use to create moving parts. Scripting languages such as JavaScript--invented

in 1995 by Brendan Eich at Netscape, now a division of America Online--bring

to the Web the kind of features that at the dawn of the Web could be found

only on the computer desktop, features that let users interact with sites

without calling up a new page from the server.

http://news.cnet.com/news/0-1005-200-1542676.html



U.S. regulators float tough financial privacy rules

U.S. regulators took a tough line Thursday on privacy protection for

personal financial information included in a historic overhaul of

Depression-era U.S. banking laws passed by Congress last year.

The legislation requires financial firms to disclose their policies

on collecting, using and protecting customer information. They also

have to give customers the ability to block the transfer of any

non-public personal information to unaffiliated third parties, such

as marketing firms. The initial rules proposed by the Federal Reserve

and Office of the Comptroller of the Currency Thursday embody a fairly

broad reading of those responsibilities, creating some potential

headaches for the financial industry.

http://www.sjmercury.com/svtech/news/breaking/merc/docs/070169.htm



Another Legal Defeat for Victim of Online Hoax

Kenneth M. Zeran, a low-key but determined Seattle resident whose

name will be forever linked to one of the seminal cases in Internet

law, has been handed another defeat in his five-year legal battle to

seek redress for an online hoax. Last week, a three-judge panel of

the United States Court of Appeals for the 10th Circuit in Denver

rejected all of Zeran's claims against the owner of a radio station

which, Zeran contended, recklessly publicized a bizarre cyberspace

prank against him. The decision appears to mark the final chapter in

the Zeran saga, legal experts said. It also illustrates a hard fact

of life: Sometimes there is no legal remedy for those who suffer wrongs.

(NY Times Article, free registration required)

http://www.nytimes.com/library/tech/00/02/cyber/cyberlaw/04law.html



FC
Next message: From: Fred Cohen To: "[iwar] Historical posting"
Previous message: From: Fred Cohen To: "[iwar] Historical posting"