[iwar] news
From: Fred Cohen
To: Information Warfare Mailing List
From: fc@all.net
To: iwar@onelist.com
Thu, 29 Mar 2001 07:19:13 -0800 (PST)
fc Thu Mar 29 07:21:10 2001
Return-Path:
Delivered-To: fc@all.net
Received: from 204.181.12.215
by localhost with POP3 (fetchmail-5.1.0)
for fc@localhost (single-drop); Thu, 29 Mar 2001 07:21:10 -0800 (PST)
Received: (qmail 28692 invoked by uid 510); 29 Mar 2001 15:21:10 -0000
Received: from hk.egroups.com (208.50.99.220)
by 204.181.12.215 with SMTP; 29 Mar 2001 15:21:10 -0000
X-eGroups-Return: sentto-279987-1079-985879229-fc=all.net@returns.onelist.com
Received: from [10.1.4.54] by hk.egroups.com with NNFMP; 29 Mar 2001 15:20:31 -0000
X-Sender: fc@all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_0_4); 29 Mar 2001 15:20:28 -0000
Received: (qmail 14121 invoked from network); 29 Mar 2001 15:19:15 -0000
Received: from unknown (10.1.10.27) by l8.egroups.com with QMQP; 29 Mar 2001 15:19:15 -0000
Received: from unknown (HELO all.net) (65.0.156.78) by mta2 with SMTP; 29 Mar 2001 15:19:14 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id HAA15714 for iwar@onelist.com; Thu, 29 Mar 2001 07:19:14 -0800
Message-Id: <200103291519.HAA15714@all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen
MIME-Version: 1.0
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe:
Date: Thu, 29 Mar 2001 07:19:13 -0800 (PST)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] news
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Pro-Israel hackers told to ignore 'cyberterror'
Like the pro-Palestinian e-mail virus that
struck 10,000 Israeli e-mail users this week,
most "cyberwar" actions by the two sides since
the start of the Al Aqsa Intifada have not
done any permanent damage. "But this virus,
and others like it, could cause a boomerang
effect if pro-Israeli hackers play into the
[pro-Palestinian hackers'] hands," says Yael
Shahar, Webmaster at the International Policy
Institute for Counter Terrorism (ICT) at the
Interdisciplinary Center, Herzliya. "We don't
know what the intent was, but it's likely that
it was done to prompt malicious reaction by
the other side, and then if we allow ourselves
to be manipulated, we come off looking like the
bad guys."
http://www3.haaretz.co.il/eng/scripts/article.asp?mador=19&datee=3/23/01&id114425
The Net as Corruption Disruption
Civic activists in Latin America have discovered
a new tool to combat government corruption: the
Internet. Crooked officials cost Latin America
tens of billions of dollars each year by
discouraging investment and economic growth,
according to the Inter-American Development
Bank. Now citizens and progressive governments
have started to bite back by posting everything
from bureaucrats' personal assets to agency
transactions online in an effort to reduce
rampant payola. "The Internet has allowed
citizens to scrutinize the political process
like never before in Latin America," said
Eduardo Flores, a research analyst at
Casals & Associates, a consulting firm in
Alexandria, Virginia. "People are realizing
they can make a difference."
http://www.wired.com/news/politics/0,1283,42608,00.html
Private labs help companies fight computer crime in secret
FBI and CIA baseball caps -- gifts from friends
-- are propped on top of her computer monitor,
and though Haworth doesn't carry a badge, her
abilities rival the best sleuths in either
agency. Haworth, who runs Deloitte & Touche's
computer forensics lab in San Francisco, is one
of a growing number of cyber avengers in the
private sector, helping companies fight computer
crimes that the government is ill-equipped to
prosecute or that companies would rather not
report in the first place. Companies are turning
to these specialists for all kinds of private
detective work: pinpointing internal sources of
misstated earnings or trade secret theft;
gathering evidence for hacking cases; disputing
legal claims of wrongful termination or sexual
harassment; or uncovering improper Internet usage
by employees.
http://www.siliconvalley.com/docs/news/tech/047336.htm
U.S. needs better plan to fight cyber-terrorists
We have seen the enemy, and it stares us in the
face every day. Forget the hoopla about Russian
spies. They do it. We do it. And most of the time,
it's just a game. Even President Bush said a few
hours after expelling Russian diplomats that the
United States labeled spies, ``I am confident we
can have good relations with the Russians.'' ``We
are pleased to have it behind us,'' Condoleezza
Rice, his national security adviser, said of the
current we'll-expel-yours-if-you-expel-ours episode,
as if to say, ``That's that.'' (At least until the
next time.) The threat of rogue missiles raining
down on American cities is no longer the true worry.
Beyond nuclear weapons and chemical and biological
warfare, the newest enemy is to be found behind the
facade of the computer monitor, an amorphous evil
lurking in an ominous new term: Cyber-terrorism.
http://www.siliconvalley.com/docs/opinion/svguest/069678.htm
Pentagon bans wireless from sensitive areas
The Pentagon has begun prohibiting workers in
classified meeting areas from using wireless
devices unless they disable their transmission
capabilities. Personnel cannot bring digital
devices with wireless data transmission
capabilities into Pentagon sensitive
compartmented information facilities (SCIF)
"unless the device's infrared port has been
taped over by an opaque tape and its antenna
has been removed/disconnected," wrote
David O. Cooke, the Pentagon's director of
administration and management. "It's a very
good policy to have," said Alan Paller,
research director at the SANS Institute in
Bethesda, Md. "The reason a SCIF exists is to
isolate" classified information, he said. The
wireless policy exists for "the same reason
you don't allow floppy diskettes to leave
SCIFs. It's the same reason you don't allow
tape recorders at the CIA."
http://www.fcw.com/fcw/articles/2001/0326/web-pent-03-26-01.asp
'Universal' key claimed to disable MS Office XP security
Microsoft's vaunted Product Activation protection
technology may not have been fully implemented in
Office XP after all. Product keys claimed to be
"universal" have been circulating on the Web for
some weeks now, and a WinXP beta tester's newsgroup
posting forwarded to The Register suggests that
use of one of these keys circumvents the activation
process. It is not at the moment possible to verify
this completely. Warez copies of code claimed to
Office XP "final" reportedly run without requiring
activation if one of the keys is used, but those
keys can't be said to be definitely universal
until such time as they can be tested on
production copies of Office XP sold at retail.
http://www.theregister.co.uk/content/4/17869.html
Ending Trust in Certificates
For a while now I've been writing articles
about SSL. I've outlined various problems,
and explained why SSL in general is a poor
solution that should be improved (before
we start doing things like online voting --
yikes). The whole premise of certificates
is that multiple parties trust a central
certificate authority (CA), so that when
Alice wants to talk to Bob they can verify
each others' certificates through the CA --
in theory proving they are actually taking
to the person they claim to be.
http://securityportal.com/articles/certs20010326.html
------------------------ Yahoo! Groups Sponsor ---------------------~-~>
Secure your servers with 128-bit SSL encryption!
Grab your copy of VeriSign's FREE Guide,
"Securing Your Web site for Business." Get it now!
http://us.click.yahoo.com/4cW4jC/e.WCAA/bT0EAA/kzAVlB/TM
---------------------------------------------------------------------_->
------------------
http://all.net/
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/