[iwar] Moew news

From: Fred Cohen
From: fc@all.net
To: iwar@egroups.com
Tue, 30 May 2000 12:32:33 -0700 (PDT)
Messages sorted by: [ date ][ subject ][ author ][ recipient ]
Next message: From: Fred Cohen To: "[iwar] news"
Previous message: From: Fred Cohen To: "[iwar] News"
fc  Tue May 30 12:33:14 2000
Received: from 207.222.214.225
	by localhost with POP3 (fetchmail-5.1.0)
	for fc@localhost (single-drop); Tue, 30 May 2000 12:33:14 -0700 (PDT)
Received: by multi33.netcomi.com for fc
 (with Netcom Interactive pop3d (v1.21.1 1998/05/07) Tue May 30 19:33:07 2000)
X-From_: sentto-279987-380-959715154-fc=all.net@returns.onelist.com  Tue May 30 14:32:29 2000
Received: from mv.egroups.com (mv.egroups.com [208.50.144.81]) by multi33.netcomi.com (8.8.5/8.7.4) with SMTP id OAA00122 for ; Tue, 30 May 2000 14:32:29 -0500
X-eGroups-Return: sentto-279987-380-959715154-fc=all.net@returns.onelist.com
Received: from [10.1.10.35] by mv.egroups.com with NNFMP; 30 May 2000 20:32:34 -0000
Received: (qmail 5146 invoked from network); 30 May 2000 19:32:34 -0000
Received: from unknown (10.1.10.27) by m1.onelist.org with QMQP; 30 May 2000 19:32:34 -0000
Received: from unknown (HELO all.net) (24.1.84.100) by mta2 with SMTP; 30 May 2000 19:32:33 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id MAA21790 for iwar@onelist.com; Tue, 30 May 2000 12:32:33 -0700
Message-Id: <200005301932.MAA21790@all.net>
To: iwar@egroups.com
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen 
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe: 
Date: Tue, 30 May 2000 12:32:33 -0700 (PDT)
Reply-To: iwar@egroups.com
Subject: [iwar] Moew news
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

http://www.theage.com.au/breaking/0005/25/A17287-2000May25.shtml
WASHINGTON, May 24 - Using bogus credentials anyone can obtain from a
catalogue or the Internet, armed investigators posing as federal agents or
police officers easily breached security at the Pentagon, Justice
Department, FBI, CIA, State Department and 14 other United States agencies
and two large airports earlier this month.

In one test of security, two investigators from the General Accounting
Office flashing phoney IDs drove a rental van into the courtyard of the
Department of Justice building. The vehicle was not searched or inspected,
according to officials familiar with the investigation.

"A team of undercover agents successfully penetrated (these agencies) and
could have introduced weapons, explosives, chemical-biological agents,
listening devices or other hazardous materials," said Robert Hast, assistant
comptroller general at GAO, in a draft of prepared testimony obtained by
Knight Ridder.

A hearing on the security breaches is set for tomorrow before the House
Judiciary Crime Subcommittee.

Hast, who supervised the security tests at the request of the House
subcommittee, told a closed-door meeting of federal officials yesterday that
GAO employees, including two retired Secret Service agents, used counterfeit
law enforcement IDs - FBI and New York Police credentials - from sources
advertising on the Internet.

"We did not utilise any genuine law enforcement credential," said Hast. "At
least one agent always carried a briefcase or bag. In all cases, our agents
were able to enter the facility by being either waved around or through a
magnetometer, without their person or bag being screened."

At Washington's Reagan National Airport and the Orlando (Florida)
International Airport, the two GAO investigators had tickets and were able
to obtain boarding passes and firearms permits to carry their weapons onto
flights. Security staffers looked at their fake IDs and waved the pair
through without having their briefcases go through an X-ray machine.

At the CIA, FBI and the State Department, investigators were allowed to keep
their weapons and unscreened bags but required to have an escort. At the CIA
and FBI, the investigators were able to enter toilets with their bags,
unescorted. At State they ditched their escort and walked through the
building without being challenged.

In five cases, including the Justice Department and the Pentagon, the
investigators were able to reach the suites of offices occupied by the
Cabinet official or agency head.

The security tests followed reports to the House subcommittee alleging easy
access to phoney badges and other credentials on the Internet. The
counterfeit IDs were not even good imitations of the real thing, said
subcommittee chairman Bill McCollum, an Orlando Republican.

The GAO investigation was conducted at a time when security at federal
buildings is coming under increased scrutiny. The State Department has been
criticised for recent breaches that include a missing laptop computer that
contained classified information on nuclear and chemical weapons.

One security consultant who has worked with the federal government said he
was not surprised by the GAO investigation.

"There is little security consciousness among top officials, and their
budgets scrimp on it," said Neil Livingstone of GlobalOptions, a Washington,
D.C., security consulting firm. "Now with desktop publishing and colour
printers, it's easy to make your own credentials."

------------------------------------------------------------------------
Was the salesman clueless? Productopia has the answers.
http://click.egroups.com/1/4633/7/_/595019/_/959715154/
------------------------------------------------------------------------

------------------
http://all.net/
Next message: From: Fred Cohen To: "[iwar] news"
Previous message: From: Fred Cohen To: "[iwar] News"