[iwar] news
From: Fred Cohen
To: Information Warfare Mailing List
From: fc@all.net
To: iwar@onelist.com
Fri, 2 Feb 2001 05:55:56 -0800 (PST)
fc Fri Feb 2 05:58:07 2001
Received: from 207.222.214.225
by localhost with POP3 (fetchmail-5.1.0)
for fc@localhost (single-drop); Fri, 02 Feb 2001 05:58:07 -0800 (PST)
Received: by multi33.netcomi.com for fc
(with Netcom Interactive pop3d (v1.21.1 1998/05/07) Fri Feb 2 13:58:00 2001)
X-From_: fc@all.net Fri Feb 2 07:57:13 2001
Received: from mo.egroups.com (mo.egroups.com [208.50.144.78])
by multi33.netcomi.com (8.9.3/8.9.3) with SMTP id HAA23048
for ; Fri, 2 Feb 2001 07:57:07 -0600
X-eGroups-Return: sentto-279987-904-981122159-fc=all.net@returns.onelist.com
Received: from [10.1.4.56] by mo.egroups.com with NNFMP; 02 Feb 2001 13:56:44 -0000
X-Sender: fc@all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_0_2_1); 2 Feb 2001 13:55:58 -0000
Received: (qmail 50668 invoked from network); 2 Feb 2001 13:55:57 -0000
Received: from unknown (10.1.10.26) by l10.egroups.com with QMQP; 2 Feb 2001 13:55:57 -0000
Received: from unknown (HELO all.net) (65.0.156.78) by mta1 with SMTP; 2 Feb 2001 13:55:57 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id FAA00677 for iwar@onelist.com; Fri, 2 Feb 2001 05:55:56 -0800
Message-Id: <200102021355.FAA00677@all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen
MIME-Version: 1.0
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe:
Date: Fri, 2 Feb 2001 05:55:56 -0800 (PST)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] news
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Panel urges better security at Defense agencies
The U.S. Commission on National Security/21st
Century on Wednesday called for sweeping changes
within the government's defense agencies to
address emerging threats such as cyberterrorism.
"There ought to be central, strategic planning
in national security," said former Sen. Gary Hart,
D-Colo., who, along with former Sen. Warren Rudman,
R-N.H., co-chaired the congressionally mandated
commission that released its third report on
national security. "We believe very deeply the
threats to our homeland, in terms of chemical
[and] cyberwarfare ... have to be dealt with."
http://www.govexec.com/dailyfed/0201/020101td.htm
Head Agency Technicians Keep Wary Eye On Security
Agency chief technology officers face a growing
list of security threats without any sure-fire
solutions, two CTOs said yesterday at the ComNet
trade show in Washington, DC. Robert A. Flores,
CTO of the CIA, and Jeffrey D. Pound Sr., CTO of
the Air Force Research Laboratory at
Wright-Patterson Air Force Base, Ohio, said their
time is consumed by security and bandwidth issues.
"Every day something is bigger and more complicated
than the day before," Flores said. "We're basically
competing with CNN [for intelligence], but we don't
get to charge for our services."
http://www.gcn.com/vol1_no1/daily-updates/3618-1.html
Report Slams D.C. Agency's Computer Security Practices
Computer systems at more than 60 agencies in
the District of Columbia remain at risk because
of shoddy computer security practices at the DC
Department of Public Works, the General
Accounting Office (GAO) said today. In a
comprehensive audit of security practices at
the department released today, the GAO found
that the District had not adequately limited
computer access granted to employees. The report
also said the District had improperly managed the
majority of its employees' user IDs and passwords,
and failed to maintain software controls or
sufficiently protect its networks and other
computer systems from unauthorized use.
http://www.newsbytes.com/news/01/161323.html
Senator proposes spyware security bill
A U.S. SENATOR has reintroduced a bill that seeks
to protect the privacy of consumers from software
that monitors their Web surfing habits. John Edwards,
D-N.C., on Tuesday refiled the legislation that would
uncloak so-called spyware programs that use encrypted
codes to monitor users' online activity and later
share that usage information with advertisers,
telemarketers, or other businesses, according to a
statement. Edwards initially filed the Spyware Control
and Privacy Protection Act bill in Oct. 2000, but
Congress failed to take action on it. Under the
proposed legislation, companies that use codes to
track the activities of Internet users would have to
notify consumers in plain language when the users surf
their sites and download information. No information
on Internet surfing habits could be collected without
first obtaining each consumer's permission, according
to the proposal.
http://www.idg.net/ic_394071_1794_9-10000.html
IT Industry Council Signals Privacy-Law Advocacy
A lobbying group for 30 of the nation's largest
info-tech companies - including AOL Time Warner,
Cisco, Microsoft and Intel - today signaled its
intent to wade into the Congressional debate over
online privacy, advocating federal privacy
legislation that would supercede conflicting state
laws and give strong protections to medical and
financial data. In a legislative blueprint released
today, the Information Technology Industry Council
(ITI) said it would back stronger federal protections
for consumers' health and financial data, and that
any policies adopted should be national in scope to
"avoid the confusion and disruption - that would
be caused by a patchwork of state and local mandates."
http://www.newsbytes.com/news/01/161378.html
New kids' video game spotlights Web predators
Nicole Flores had heard it all before. The San Diego
sixth grader yawned when her mother warned her about
online predators who could lure her into face-to-face
encounters. "It was like, 'Mom, this could never
happen to me,' " she says. But last week, after
playing a new video game, the 11-year-old realized she
could indeed fall into that trap. The interactive video
whodunit, Missing, is based on the true story of a
Canadian boy who almost ran off with a convicted
pedophile he met in a cybersex chat room. "I thought,
'Oh, my gosh, if that could really happen, I better be
more careful,' " says Nicole. "I guess it's teaching
us a lesson, but in a fun way."
http://www.usnews.com/usnews/issue/010205/nycu/video.htm
ID theft a worry for CIOs
Almost 6 percent of tech-savvy executives have
had their identities stolen or misused on the
Internet, according to poll results released
by CIO Magazine. The study also found that 64
percent of all chief information officers worried
that their company's management could be
impersonated by identity thieves. The study polled
350 executives attending an industry conference.
Nearly one in five said their company had been
attacked by hackers in the past three months, and
more than 60 percent of those companies lost money
in the attacks.
http://news.cnet.com/news/0-1003-200-4669225.html
NSA looks to Linux for virtual security
Software emulation firm VMware announced it has teamed
up with researchers at the National Security Agency to
create a nearly crack-proof computer that can place
sensitive data in virtual vaults inside the PC. The
concept, assuming it works, would streamline the methods
intelligence agencies use to manage data. At present,
the NSA--the military surveillance arm of the United
States intelligence community--physically separates
networks carrying data of a particular classification.
For example, top-secret data might be kept on a different
computer than data classified merely as sensitive
material. Sometimes, for workers to have access to the
information they need, up to six different computers can
be on a single desk.
http://news.cnet.com/news/0-1003-200-4682851.html
http://www.zdnet.com/zdnn/stories/news/0,4586,2681205,00.html
[If I were a hacker, I would be very insulted at being called
so dumb that a computer could think like me... - FC]
New Security Software Thinks Like A Hacker
Web protection software maker eEye Digital Security
said today it has released Retina 3.0, a network
guard for the Microsoft Windows NT platform. The
company said in a statement that the Retina network
security scanner is the first such software
application with state-of-the-art artificial
intelligence features that allow it to think like
a hacker, a trait the company described as CHAM
(Common Hacking Attack Methods). The feature lets
the scanner look for both known and unknown
vulnerabilities.
http://www.newsbytes.com/news/01/161349.html
`LOVE BUG' VIRUS THE ONE THAT GOT AWAY, HACKERS SAY
Welcome to hackers' paradise, where cyberspace is a
battleground, computers are fortresses that rival
gangs try to wipe out with sophisticated viruses and
Onel de Guzman, the suspected author of the "love
bug," is revered as "The Terminator." Hackers here
are convinced that the love bug went out of control
last May during a cyberspace war between rival local
gangs. The bug is widely considered to have been
history's worst computer virus and may foreshadow
worse to come, some experts fear.
http://chicagotribune.com/news/nationworld/article/0,2669,SAV-0102010226,FF.html
------------------------ Yahoo! Groups Sponsor ---------------------~-~>
eGroups is now Yahoo! Groups
Click here for more details
http://click.egroups.com/1/11231/1/_/595019/_/981122160/
---------------------------------------------------------------------_->
------------------
http://all.net/