[iwar] News


From: Fred Cohen
From: fc@all.net
To: iwar@egroups.com

Wed, 24 May 2000 06:08:47 -0700 (PDT)


fc  Wed May 24 06:09:13 2000
Received: from 207.222.214.225
	by localhost with POP3 (fetchmail-5.1.0)
	for fc@localhost (single-drop); Wed, 24 May 2000 06:09:13 -0700 (PDT)
Received: by multi33.netcomi.com for fc
 (with Netcom Interactive pop3d (v1.21.1 1998/05/07) Wed May 24 13:06:21 2000)
X-From_: sentto-279987-378-959173741-fc=all.net@returns.onelist.com  Wed May 24 08:06:12 2000
Received: from fj.egroups.com (fj.egroups.com [208.50.144.72]) by multi33.netcomi.com (8.8.5/8.7.4) with SMTP id IAA03952 for ; Wed, 24 May 2000 08:06:12 -0500
X-eGroups-Return: sentto-279987-378-959173741-fc=all.net@returns.onelist.com
Received: from [10.1.10.36] by fj.egroups.com with NNFMP; 24 May 2000 13:09:03 -0000
Received: (qmail 23141 invoked from network); 24 May 2000 13:08:48 -0000
Received: from unknown (10.1.10.27) by m2.onelist.org with QMQP; 24 May 2000 13:08:48 -0000
Received: from unknown (HELO all.net) (24.1.84.100) by mta2 with SMTP; 24 May 2000 13:08:47 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id GAA10845 for iwar@onelist.com; Wed, 24 May 2000 06:08:47 -0700
Message-Id: <200005241308.GAA10845@all.net>
To: iwar@egroups.com
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen 
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe: 
Date: Wed, 24 May 2000 06:08:47 -0700 (PDT)
Reply-To: iwar@egroups.com
Subject: [iwar] News
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Swarm of Yahoo bugs raises security questions
A series of bugs is plunging Yahoo account holders
into repeated identity crises. For the third time
in recent months, Yahoo has acknowledged software
glitches that have compromised the integrity of
people's accounts. In the current instance, "My
Yahoo" account holders found themselves shut out
of their accounts, in some cases finding that
other people had signed up successfully with their
usernames.
http://news.cnet.com/news/0-1005-200-1933988.html

Israeli spies tapped Clinton e-mail
MORE than 20 years of Israeli spying operations in
Washington culminated in the interception of e-mails
from President Bill Clinton, intelligence sources
claimed last week. The revelations come at a sensitive
time as Ehud Barak, the Israeli prime minister, is
expected to fly to Washington today for talks with
Clinton about the Middle East peace process. The
latest spying operation is said to have taken place
in 1998 while Benjamin Netanyahu was Israel's prime
minister. According to the sources, it entailed
hacking into White House computer systems during
intense speculation about the direction of the peace
process.
http://www.the-times.co.uk/news/pages/sti/2000/05/21/stifgnusa02003.html

Papers sent on 1st underage hacker
The Metropolitan Police Department's Computer Crimes
Control Center has sent papers on an 18-year-old male
high school student to the Tokyo District Public
Prosecutors Office on suspicion that he used other
people's passwords to hack into an Internet service
provider's server and obstructed the provider's
business, it was learned Monday. This was the first
case in which papers have been sent to prosecutors
on a minor suspected of hacking since a law banning
illegal computer access went into effect in February.
http://www.yomiuri.co.jp/newse/0523cr11.htm

Laptops stolen from Parliament
FIVE laptop computers worth about $30,000 have been
stolen from Parliament House in what appears to have
been an inside job. The laptops could allow hackers
access to the parliamentary network, a Senate
committee heard today. They were taken over a short
period of time from secured areas at parliament.
http://australianit.com.au/common/storyPage/0,3811,715221%255E442,00.html

The Information Gauge
Pentagon Initiates 'DEF-CON'-style Warnings for
Computer Threats. Following the Love Bug computer
virus earlier this month, the Pentagon has now
decided to post warnings when it is under an
information warfare attack much as it would if
there was a more traditional military or terrorist
threat. Throughout the Cold War, for example, the
military posted defense conditions, more commonly
referred to as Def-Cons, which spelled out the
state of military alert. Def-Con Normal indicated
there was no unusual activity. If tensions rose,
then troops would be placed on a rising scale of
alert status such as Def-Con Alpha, Bravo,
Charlie, and Delta.
http://www.abcnews.go.com/sections/tech/DailyNews/pentagon000523.html

Cyber defence team closer to online reality
A COMPUTER emergency response team is to be set up to
help defend the SAR against cyber attacks. According
to the Deputy Secretary for Information Technology and
Broadcasting, Alan Siu Yu-bun, agreement has been
reached in principle to create the team. But, he said,
it should not be operated by the administration.
http://online.hkstandard.com/today/default.asp?PageType=aho3

Suspected 'Love Bug' hacker swamped with job offers
Being cast in a bad light is not so bad, after all.
Michael Buen, a 23-year-old graduate of AMA Computer
College, may yet hit pay dirt despite being implicated
in the "ILOVEYOU" virus computer mess. Buen's younger
sister Maan told The STAR that job offers have been
knocking at their door since last week following the
worldwide media reports on the deadly cyber virus.
http://www.philstar.com/datedata/g22_may22/gen7.htm

Agencies urged to secure networks
Agencies need to move quickly to secure their critical
networks even without the immediate backing of Congress
and the president, federal officials urged. It will
take time before Congress can act on the president's
recommendations for critical infrastructure protection
(CIP) within the National Plan for Information Systems
Protection, said Jeffery Hunker, director of
transnational threats at the National Security Council,
at the CIP 2000 Conference.
http://www.fcw.com/fcw/articles/2000/0522/web-cipo-05-23-00.asp

CIO Council launches security best practices Web site
The Chief Information Officers Council on Monday
introduced a Web site that will contain a database
of security best practices documents. The Web site,
at bsp.cio.gov, allows agencies to post security
best practices and lets others comment on those
practices. The site has been developed by the CIO
Council's Security, Privacy and Critical
Infrastructure Protection Committee and by the
Agency for International Development.
http://www.gcn.com/vol1_no1/daily-updates/2067-1.html

Sen. Hollings Unveils Net Privacy Bill
Web sites that collect and use personal consumer data
would be required to gain those consumers' consent
under a new privacy bill introduced Monday by Senate
Commerce Committee Ranking Member Ernest "Fritz"
Hollings, D-S.C. Hollings' bill - the Consumer Privacy
Protection Act - has the ambitious goal not only of
requiring consumer consent for information use, but
it also offers "limited protections in the offline
world" for "video rental (style) protection to books
  and recorded music," said a Hollings spokesman.
http://www.newsbytes.com/pubNews/00/149494.html

Bill is a sneak attack on our digital liberties
THE uproar was fierce but quick last summer when an
internal Clinton administration document leaked out,
revealing yet again the administration's hostility
to fundamental liberties. The idea was to give law
enforcement the authority to secretly break into
people's homes and businesses to conduct searches,
including discovering what was on computer hard
disks or even plant rogue programs on the machines
to record keystrokes or transmit data to the government.
http://www.mercurycenter.com/svtech/columns/gillmor/docs/dg052300.htm

EU Parliament Endorses Anti-Piracy Initiative
Intellectual copyrights are back at the top of the
agenda at the European Union (EU), which has given
its endorsement to a report on the theft of creative
works. The report, which was endorsed by a vote of
504 to zero earlier this month by the European
Parliament, recommends the need for new legislation
and pro-active measures to combat piracy of all types
within the EU territories.
http://www.newsbytes.com/pubNews/00/149484.html

European Union sets free export of encryption products
EU sets encryption free, USA protest. The European
ministers of Foreign Affairs are expected to decide
monday to lift all barriers to the export of
encryption software to countries outside the
European Union. Till now, companies wanting to
export encryption products had to ask for permission.
The authorities first investigated if the buyer was
'secure'. Intelligence services also investigated the
products, which made it possible to copy the keys or
demand weakening of the encryption standard as a
condition for approval.
http://www.heise.de/tp/english/inhalt/te/8179/1.html

Critics say French Internet bill will trigger exodus
It's called the Liberty of Communication Act, but
critics say the French government-sponsored
legislation would instead encourage the Internet's
first mass emigration. By requiring that people who
publish on the Internet to register with authorities,
the bill could push French people to use Internet
companies in other nations, opponents said. The
legislation, passed by the House and being debated
in the Senate this week, would apply to anyone
hosting a Web page viewable by the public. It is
apparently without precedent in Europe and the
United States.
http://www.mercurycenter.com/svtech/news/breaking/merc/docs/028854.htm

Anti-virus firm accommodates employee monitoring
Network Associates anti-virus division McAfee has
decided to stop scanning for a Trojan called NetBus
Pro, made by UltraAccess Networks, which can give
a third party complete control over someone else's
computer. Little more than a dressed-up hacker's
toy, the NetBus Trojan is called a "remote
administration tool" by its maker. It enables a
remote 'administrator' to do anything s/he wishes
on a target machine with considerable stealth.
http://www.theregister.co.uk/000523-000018.html

CYBERTERRORISM: Testimony before the Special
Oversight Panel on Terrorism Committee on Armed
Services U.S. House of Representatives (by
Dorothy E. Denning, Georgetown University)
Cyberterrorism is the convergence of terrorism
and cyberspace. It is generally understood to
mean unlawful attacks and threats of attack
against computers, networks, and the information
stored therein when done to intimidate or coerce
a government or its people in furtherance of
political or social objectives.
http://www.cs.georgetown.edu/%7Edenning/infosec/cyberterror.html

We're not ready for cyberspace attacks
Computer hackers made headlines recently by
lobbing virtual grenades at some of the world's
most popular Internet sites. The ''Love Bug'' and
its mutations have wreaked havoc around the world.
But in the war to make businesses secure in today's
interconnected world, these attacks were merely
skirmishes, nuisance attacks that could have been
orchestrated by a C-student testing classroom
theories. What would happen if malicious hackers
mounted a concerted assault?
http://www.boston.com/dailyglobe2/144/business/We_re_not_ready_for_cyberspace_attacks+.shtml

Beware The Security Zealot
In a certain way, the "hunters" couldn't have
been more different. Ex-hacker Chris Davis was
responsible for cornering the Welsh teenage
Curador - the 18-year-old computer security
consultant turned computer criminal - who thought
it was cool to snare credit cards from mom-and-pop
Web sites and post them where all could see and
admire his cunning. It took Davis two days to
locate Curador's name, address and phone number.
http://www.zdnet.com/intweek/stories/columns/0,4164,2573856,00.html

FC

------------------------------------------------------------------------
Best friends, most artistic, class clown Find 'em here:
http://click.egroups.com/1/4054/7/_/595019/_/959173741/
------------------------------------------------------------------------

------------------
http://all.net/