Return-Path: <sentto-279987-4438-1013093910-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Thu, 07 Feb 2002 07:01:08 -0800 (PST) Received: (qmail 11939 invoked by uid 510); 7 Feb 2002 14:58:53 -0000 Received: from n21.groups.yahoo.com (216.115.96.71) by all.net with SMTP; 7 Feb 2002 14:58:53 -0000 X-eGroups-Return: sentto-279987-4438-1013093910-fc=all.net@returns.groups.yahoo.com Received: from [216.115.97.162] by n21.groups.yahoo.com with NNFMP; 07 Feb 2002 14:45:09 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_2); 7 Feb 2002 14:58:30 -0000 Received: (qmail 93216 invoked from network); 7 Feb 2002 14:58:29 -0000 Received: from unknown (216.115.97.167) by m8.grp.snv.yahoo.com with QMQP; 7 Feb 2002 14:58:29 -0000 Received: from unknown (HELO red.all.net) (12.232.72.98) by mta1.grp.snv.yahoo.com with SMTP; 7 Feb 2002 14:58:29 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g17F0CZ11915 for iwar@onelist.com; Thu, 7 Feb 2002 07:00:12 -0800 Message-Id: <200202071500.g17F0CZ11915@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Thu, 7 Feb 2002 07:00:12 -0800 (PST) Subject: [iwar] [NewsBits] NewsBits - 02/06/02 (fwd) Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Interior Dept. Web site still offline Government officials said Wednesday they did not know when computer systems that provide everthing from oil and gas royalty payments to information on wildlife management programs would be up and running again. Interior Department officials said at a congressional hearing that they were working long hours to bring their computers back online, but had no idea when a court-appointed investigator would give them the green light. http://www.usatoday.com/life/cyber/tech/2002/02/06/interior-dept-site.htm U.S. National Lab Bans Wireless Networks 'It's easy to take a Palm PDA or laptop PC with wireless networking capability from a non-classified area into a classified area inadvertently,' Livermore Lab spokesperson David Schwoeglen told Wireless NewsFactor. 'That creates a serious security violation.' Citing security concerns associated with the pervasive nature of, and potential flaws in, wireless LANs (local area networks), the Lawrence Livermore National Laboratory has banned their use in its facilities. http://www.newsfactor.com/perl/story/16206.html U.S.: Critical Government Computers Under Threat Analysts are less worried about the vulnerability risks from the average hacker than about international espionage and fraud on a global scale. Government computers responsible for doling out Social Security, tax refunds and other payments were found to have significant security flaws, a government agency reported on Monday, leaving the systems vulnerable to hackers, cyber-terrorists and internal fraud. http://www.newsfactor.com/perl/story/16171.html Global Net Crime Treaty Hurts Free Speech High-tech lobby groups and civil liberties associations today told Secretary of State Colin Powell and Attorney General John Ashcroft that an addition to the Council of Europe's proposal to ban "xenophobic" and "racist" speech on the Internet is a violation of the U.S. free speech principles. http://www.newsbytes.com/news/02/174285.html Search engine's display of copyright photos ruled infringement An Internet search engine violated a professional photographer's copyright by displaying full-sized images of his work through ``inline linking,'' a federal appeals court ruled Wednesday.The 9th U.S. Circuit Court of Appeals found that small, low-quality thumbnail images were covered by the ``fair use'' provision of the Copyright Act, but reversed a lower court opinion that found the display of larger high-quality images also was protected. http://www.siliconvalley.com/docs/news/tech/078264.htm Scientist Ends Crusade Against Copyright Law A Princeton University professor today announced that he would end his legal challenge of a controversial U.S. copyright law that he says was invoked to prevent him from publishing research that exposed holes in recording industry backed anti-piracy technology. Princeton professor Edward Felten and his team of scientists said they would not appeal a New Jersey federal court's decision to dismiss their case against the Recording Industry Association of America (RIAA). Felten announced the decision through the San Francisco-based Electronic Frontier Foundation (EFF), which has been representing his scientific team. http://www.newsbytes.com/news/02/174284.html http://www.wired.com/news/politics/0,1283,50272,00.html MS taunted with 'trustworthy computing' Web page Someone with a sense of humor has either registered or hijacked the domain TrustworthyComputing.com, and is using it to refer Web surfers to a vast archive of news stories covering Microsoft's dismal record in, well, trustworthy computing. We may recall Chairman Gates using the phrase with initial caps (as if preparing to trademark it) in a recent memo ordering the Redmond rank and file to begin taking security seriously. http://www.theregister.co.uk/content/4/23966.html Microsoft 'code scrub' ridiculed http://www.vnunet.com/News/1128986 Encryption Leaves DES Behind Nothing moves fast in the world of encryption, which may help explain why the U.S. is only now about to leave 56-bit DES behind for new encryption schemes. It's been a long time coming, almost 20 years, in fact. The Data Encryption Standard has long outlived its usefulness. But the new Advanced Encryption Standard sets out key lengths of 128, 192, and 256 bits. How much stronger is AES? The National Institutes of Standards and Technology says a machine that could crack DES in just one second would need 149 trillion years to do the same to a 128-bit AES key. http://www.techweb.com/tech/security/20020206_security Group to boost code review for Linux A government-funded initiative announced Tuesday aims to boost code review of open-source software to prevent security holes. Funded by the Defense Advanced Research Project Agency, the same organization to initially bankroll the predecessor to the Internet, the Sardonix Audit Portal aims to be the one-stop portal for organizing the efforts of critical code reviewers everywhere and boost the frequency with which programmers critique the code of others. http://zdnet.com.com/2100-1104-830255.html http://news.com.com/2100-1001-830130.html U.K. Launches 'Cybercourt' For Small Claims While it may lack the biting wit of U.S. TV's "Judge Judy," a new online service launched this week by Britain's Court Service may make it almost as easy for individuals and small businesses to collect money owed to them. The new service, a pilot project dubbed Money Claim Online, allows people making claims for amounts less than 100,000 pounds ($140,000) to file their paperwork using forms on a court service Web site. http://www.newsbytes.com/news/02/174270.html The Devil You Know: Responding to Interfacebased Insider Attacks. Carl made a mistake. In his repetitious data entry job he entered employee information every workday. He always was careful to input the correct job requisition number in the user screen's JRN field. "Without a correct JRN entered, the new employee input won't process," his supervisor told him the first day. This time instead of "34896KN" his fingers danced the wrong way with an input of "34896KL." The input processed. Carl was able to go into the EMP_DATA file and correct it. The procedure was a bit of a pain, but he learned a valuable lesson his employer never meant for him to know. He realized he could set up bogus new employees on the payroll using a dummy JRN. By entering the wrong input he won the sjackpot - his employer lost big time. http://www.securityfocus.com/infocus/1543 ------------------------ Yahoo! Groups Sponsor ---------------------~--> Sponsored by VeriSign - The Value of Trust Secure all your Web servers now - with a proven 5-part strategy. The FREE Server Security Guide shows you how. http://us.click.yahoo.com/iWSNbC/VdiDAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:03 PST