[iwar] News
From: Fred Cohen
From: fc@all.net
To: iwar@egroups.com
Sat, 15 Jul 2000 06:30:51 -0700 (PDT)
fc Sat Jul 15 06:31:14 2000
Received: from 207.222.214.225
by localhost with POP3 (fetchmail-5.1.0)
for fc@localhost (single-drop); Sat, 15 Jul 2000 06:31:14 -0700 (PDT)
Received: by multi33.netcomi.com for fc
(with Netcom Interactive pop3d (v1.21.1 1998/05/07) Sat Jul 15 13:25:13 2000)
X-From_: sentto-279987-453-963667853-fc=all.net@returns.onelist.com Sat Jul 15 08:24:56 2000
Received: from c9.egroups.com (c9.egroups.com [208.50.99.230]) by multi33.netcomi.com (8.8.5/8.7.4) with SMTP id IAA00360 for ; Sat, 15 Jul 2000 08:24:56 -0500
X-eGroups-Return: sentto-279987-453-963667853-fc=all.net@returns.onelist.com
Received: from [10.1.10.35] by c9.egroups.com with NNFMP; 15 Jul 2000 13:30:55 -0000
Received: (qmail 17247 invoked from network); 15 Jul 2000 13:30:52 -0000
Received: from unknown (10.1.10.27) by m1.onelist.org with QMQP; 15 Jul 2000 13:30:52 -0000
Received: from unknown (HELO all.net) (24.1.84.100) by mta1 with SMTP; 15 Jul 2000 13:30:51 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id GAA13785 for iwar@onelist.com; Sat, 15 Jul 2000 06:30:51 -0700
Message-Id: <200007151330.GAA13785@all.net>
To: iwar@egroups.com
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe:
Date: Sat, 15 Jul 2000 06:30:51 -0700 (PDT)
Reply-To: iwar@egroups.com
Subject: [iwar] News
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Hackers plant Milosevic hoax on daily's Web page
Hackers broke into the Web site of Yugoslavia's main
pro-government daily and posted a fake report saying
President Slobodan Milosevic had been killed in a
bomb explosion, a source at Politika said on Thursday.
"We noticed it at around 10 p.m. (2000 GMT on Wednesday),
and soon afterwards we closed the site to protect it
from further intrusions," the source told Reuters.
http://www.cnn.com/2000/TECH/computing/07/14/yugoslavia.hackers.milosevic.re
ut/index.html
Police Net Group of Local Telephone Hackers
Four men have been charged with defrauding 10
St. Petersburg-based companies out of $100,000 by
hacking into their telephone systems and stealing
dialing codes. According to officials of the city
police department that deals with hi-tech crime -
also known as Department R - two unemployed
St. Petersburg citizens broke into the telephone
switchboards of the companies and stole the codes,
while the other two, from Turkmenistan and Bulgaria,
were involved in permitting others to make use of
the codes, and in selling them.
http://www.times.spb.ru/current/news/n_police.htm
Microsoft yanks site containing violent threats
Microsoft's MSN today pulled a Web page that called for
the assassination of Israeli Prime Minister Ehud Barak
and other officials at this week's Middle East peace
talks at Camp David. The Anti-Defamation League (ADL)
said they faxed a letter to Microsoft yesterday pointing
out the page posted on the portal's popular online
community, a network of personal Web pages. The site,
created by an unknown organization called the Israel
Liberation Army, described Barak as "a traitor" and
called for his execution. "Someone MUST execute him
and any future PM who negotiates with our death
enemies," the site read.
http://news.cnet.com/news/0-1007-200-2255875.html
NASA blocks all Excite@Home traffic to thwart hackers
The US government's normally lame efforts to secure
its computer networks from malicious script kiddies
fell to new lows earlier this week as the National
Aeronautics and Space Administration (NASA) secretly
blocked access to several of its Web sites from more
than 1.5 million cable subscribers belonging to ISP
Excite@Home. For nearly thre days this week,
subscribers to Excite's broadband Net services were
unable to visit the Web site for NASA's Jet Propulsion
Laboratory (JPL), among others.
http://www.theregister.co.uk/content/6/11960.html
EarthLink will do FBI's surveillances itself
EarthLink today said it has reached an agreement with
the FBI to avoid future use of the email surveillance
device "Carnivore," which disrupted Internet access
for some EarthLink customers earlier this year. The
Atlanta-based company, which has about 4.2 million
subscribers nationwide, said it had installed the
snooping software for the FBI at a data center in
Pasadena, Calif., earlier this year after it lost
a decision on the matter in federal court.
http://news.cnet.com/news/0-1005-200-2257522.html
ACLU seeks computer code on Internet wiretap system
A top civil liberties group demanded on Friday that
the FBI reveal the computer source code and other
information about an automated system to wiretap
e-mails of criminal suspects. The American Civil
Liberties Union (ACLU) filed a Freedom of Information
Act request seeking all of the codes, records, letters
and memorandums related to the FBI programs dubbed
''Carnivore'', ``Omnivore'' and ``Etherpeek.''
http://www.mercurycenter.com/svtech/news/breaking/internet/docs/198537l.htm
http://www.fcw.com/fcw/articles/2000/0710/web-aclu-07-14-00.asp
Congress To Hold Hearings On FBI Cyber-Snoop Device
Dropping the proverbial cherry atop the FBI's ice-cream
sundae of a week, a congressional subcommittee announced
late Thursday it would hold a hearing to investigate the
law enforcement agency's controversial e-mail surveillance
device, "Carnivore." Disregarding the lateness of the
legislative session, Rep. Charles Canady, R-Fla., said
his House Constitution Subcommittee would hold hearings
to address concerns surrounding Carnivore, a year-old
surveillance technology that allows the FBI to sift through
millions of private e-mails in order to find potential
criminal evidence.
http://www.newsbytes.com/pubNews/00/152154.html
Web Service Can Breach Computers' Private Files
A popular Internet service that locates digital music
and video files also has allowed users to peer at any
kind of multimedia file stored on many personal computers
--sometimes without the owners' knowledge. Scour Inc.,
a Beverly Hills-based new-media company backed by Hollywood
super-agent Michael Ovitz, has attracted millions of users
eager to tap into what the company boasts is one of the
Internet's biggest collections of digital entertainment.
http://www.latimes.com/business/updates/lat_scour000714.htm
MS admits Hotmail shares users' data
Microsoft Corp. acknowledged that its Hotmail service
sends users' e-mail addresses to advertisers and related
companies under certain circumstances. The company said
it expects to have the problem fixed sometime in August.
There is no evidence that advertisers or other companies
have compiled users' addresses for sending unsolicited
mail or other purposes, Microsoft said. The problem has
periodically arisen in other services besides Hotmail,
said Richard Smith, an independent security consultant
who helped publicize the issue.
http://www.zdnet.com/zdnn/stories/news/0,4586,2603784,00.html
White House reassembling e-mails, computer technician testifies
New and reliable equipment is helping the White House
reassemble thousands of missing e-mails that were once
thought to be irretrievable, a computer technician
testified. Terrence Misich, an Army chief warrant officer
who is overseeing the project, testified Thursday that a
searchable database of the e-mails should be ready in four
to six weeks. He blamed earlier delays on poor copier systems.
Also Thursday, two former White House computer consultants
said workers could have retrieved the lost e-mails in a matter
of months if the White House had committed enough resources.
http://www.techserver.com/noframes/story/0,2294,500227878-500328543-501869195-0,00.html
Government power over cryptography dented by Lords
An amendment that would significantly limit government powers
to access encryption keys was defeated by just one vote in the
House of Lords Thursday. The RIP (Regulation of Investigatory
Powers) Bill has become the government's most controversial
pieces of Internet legislation. Sweeping powers to snoop on
email have met with widespread criticism. The business
community is particularly worried that clauses giving law
enforcers access to encryption keys will damage UK e-commerce.
http://www.zdnet.co.uk/news/2000/27/ns-16618.html
Beware: E-signatures can be easily forged
You may need to be more careful about whom you do business
with from now on. Consumer groups say the electronic
signatures recently authorized by President Clinton are
easy to forge. "This law has very, very lax standards as
to what constitutes your electronic signature," says
Vergil Bushnell, e-commerce policy analyst for the Consumer
Project on Technology in Washington. Many people believe
that the Electronic Signatures Act (ESA) requires "digital
signatures." Digital signatures, which are a type of
e-signature, make it practically impossible to alter
a document without the changes being detectable.
http://www.news.com/Perspectives/Column/0,176,463,00.html
Security champion leaving government
Richard Guida, longtime champion of security within federal
agencies, will be leaving government at the end of the year
to move to the private sector. Guida served in government
for 28 years, most recently as security champion on the
Government Information Technology Services Board and
chairman of the Federal Public Key Infrastructure Steering
Committee, based at the Treasury Department.
http://www.fcw.com/fcw/articles/2000/0710/web-guida-07-14-00.asp
A taste of H2K: Not your typical yawner of a conference
The hall on the sixth floor outside the Paris conference
room is jampacked with people, all waiting to attend the
one pm session, Counterfeiting Ids and Identity Theft.
The security guard looks at the patiently waiting crowd
and says, amused, "All those kids who aren't old enough
to drink yet."
http://www.msnbc.com/news/432997.asp
Hard times at Hacker High
"Phearfree" thought he did the right thing. When the
high-school student wanted to print out a presentation
for class on the school library's color printer, the
system asked him to type a password to change the settings.
On a hunch, computer-savvy teen tried a well-known default
setting, one that many administrators fail to change:
"PASSWORD."
http://www.zdnet.com/zdnn/stories/news/0,4586,2604043,00.html
The Devil You Know
Computer attacks are a people problem. Computers do not
attack other computers. Granted, insecure software and
careless network designs often make the criminal's job
easier, but behind every break-in, a human finger is
pressing a key. So it stands to reason that to prevent
computer crime, you must first identify the probable
computer criminal - and the likely suspect is not your
stereotypical hacker.
http://www.zdnet.com/intweek/stories/columns/0,4164,2603607,00.html
Kissing the Secure Socket Layer Frog
Any clear text sent through network services such as e-mail,
web pages and similar mediums are easily read by individuals
using packet sniffers as the packets with the clear text
information travel across networks. Information that is
transmitted over insecure communications are subject to
intercept or collection by criminals or others snooping
on the Internet. In addition, false messages, a form of
"electronic forgery" can be inserted into network traffic
since there is neither confirmation of a message's accuracy
or true source. A vulnerability that recent virus attacks
have used to pass themselves as legitimate messages to their
unsuspecting victims.
http://www.securityportal.com/topnews/sslfrog20000713.html
------------------------------------------------------------------------
Respond.com - Technology Solutions for your Business!
http://click.egroups.com/1/6893/14/_/595019/_/963667853/
------------------------------------------------------------------------
------------------
http://all.net/