|
Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
FW: Security In The News - March 1, 2004
- From: Howell, Paul
- Date: Tue Mar 02 06:36:03 2004
Title: Message
Security In The News
LAST UPDATED: 3/1/04
This report is
also available on the Internet at http://news.ists.dartmouth.edu/todaysnews.html
,
Cybercrime-Hacking
Hackers gain free access to MSN
Premium
- ZDNet
UK, 2/27/04
Youth cleared of trying to hack Mossad Web
site
- Haaretz,
3/1/04
Malware
Bagle worm spawns five siblings
- ZDNet,
3/1/04
Netsky.D worm spreading at 'record
speed'
- ZDNet
UK, 3/1/04
Technology
Thomson Offering Lock for MP3 Files
- LA
Times, 3/1/04
Microsoft's Security Plan Gets Mixed
Reviews
- EWeek.com,
3/1/04
An Extra Eye in Combat, and Maybe Aboard
Airplanes
- NY
Times, 3/1/04
Wisconsin prisoners tracked by .Net
- Government
Computer News, 2/27/04
Vulnerabilities & Exploits
Security warning on internet telephony
- Australian
IT, 3/2/04
File Sharing Vulnerability Discovered in
Mac OS X
- EWeek.com,
2/27/04
Civil & Consumer Issues
Court Says Net-Spread DVD Code Isn't Trade
Secret
- LA
Times (Bloomberg), 2/28/04
- Also - ZDNet
UK, 3/1/04
E-Voting Terminals Face Super Tuesday
Test
- Reuters,
2/29/04
Court Adds Copyright to SCO's IBM Suit
- Internet News,
2/27/04
Report Raises Questions About Fighting
Online Piracy
- NY Times,
3/1/04
Is password-lending a cybercrime?
- Security Focus,
3/1/04
Metro Store bows to pressure from
anti-RFID activists
- Computerworld,
3/1/04
Cybercrime-Hacking
- Title: Hackers gain free access to MSN
Premium
- Source: ZDNet UK
- Date Written: February 27, 2004
- Date Collected: March 1, 2004
- Chinese hackers have exploited a flaw in Microsoft's MSN Explorer to gain
free access to services that cost $9.95 a month, including thirty megabytes of
online storage and a twenty-five megabyte e-mail account. The exploit uses a
feature in MSN Explorer 8.5 that allowed subscribers of Verizon's DSL (digital
subscriber line) free access to MSN Explorer 9 premium services; Verizon DSL
and MSN Explorer 9 are not currently marketed in China. Microsoft says that
exploit does not endanger customer data.
- http://news.zdnet.co.uk/internet/security/0,39020375,39147418,00.htm
- Title: Youth cleared of trying to hack Mossad Web
site
- Source: Haaretz
- Date Written: March 1, 2004
- Date Collected: March 1, 2004
- The Jerusalem Magistrate Court has cleared Avi Mizrahi of hacking into the
website of Mossad, Israel's intelligence agency. Judge Abraham Tennenbaum
found that Mr. Mizrahi had no malicious intent, but was merely assessing the
security of the site, calling it a "public service" which "should even be
praised." Mr. Mizrahi sent his resume to Mossad in June 2003 via their
website, the used an automatic program to check the site's security. The judge
dismissed prosecution arguments that Mr. Mizrahi is an expert on security and
hacking.
- http://www.haaretz.com/hasen/pages/ShArt.jhtml?itemNo=399602&sw=
Malware
- Title: Bagle worm spawns five siblings
- Source: ZDNet
- Date Written: March 1, 2004
- Date Collected: March 1, 2004
- Five new variants of the Bagle worm--C, D, E, F, and G--have been
released. While the first three closely resemble the original Bagle, F and G
are designed to bypass mail filters and virus scanners. F and G come in an
encrypted .zip e-mail attachment, with the password to open the file included
in the text. .zip files are not blocked by most gateways since such files
often contain legitimate data, and virus scanners cannot open the encrypted
file. David Emm, of McAfee Avert, cannot recall any worm with so may variants
in so short a time span. Mikko Hypponen of F-Secure notes that the variants
are similar to each other, with just enough differences to keep ahead of
antivirus companies.
- http://news.zdnet.co.uk/0,39020330,39147909,00.htm
- Title: Netsky.D worm spreading at 'record
speed'
- Source: ZDNet UK
- Date Written: March 1, 2004
- Date Collected: March 1, 2004
- The Netsky.D variant has started spreading Monday, March 1, 2004, clogging
e-mail gateways in a traffic flood Graham Cluley of the Sophos antivirus firm
compares to the SoBig worm of 2003. Previous Netsky worms came as an e-mail
attachment or spread through shared network folders. The new variant only
spreads over e-mail and is slightly smaller. Infected computers will play a
series of beeps from computer speakers between 6:00 am and 8:59 am on March 2.
Mr. Cluley expects the virus to spread even further as Americans wake up and
turn on their machines. Finnish antivirus company F-Secure rates Netsky.D at
its highest threat level for its rapid spread.
- http://news.zdnet.co.uk/internet/security/0,39020375,39147916,00.htm
Technology
- Title: Thomson Offering Lock for MP3
Files
- Source: LA Times
- Date Written: March 1, 2004
- Date Collected: March 1, 2004
- Thomson, a French distributor of MP3 technology, has proposed a modified
MP3 format to allow music labels to limit the number of times a file may be
copied to media and devices. The MP3 format, developed by the Fraunhofer
Institute in Germany as a Motion Picture Entertainment Group (MPEG) standard,
has become the favorite format for sharing music files, chosen for its high
quality and compact size. Thomson hopes the new MP3, to include digital rights
management, can capitalize on the popularity of the MP3 name. However, the new
MP3 may not work on older music devices, and adds yet another data format to
the hodgepodge offered by Microsoft, Apple, RealNetworks, and Sony, which have
suffered from lack of interoperability.
- http://www.latimes.com/technology/la-fi-music1mar01,1,2661693.story?coll=la-headlines-technology
- Title: Microsoft's Security Plan Gets Mixed
Reviews
- Source: EWeek.com
- Date Written: March 1, 2004
- Date Collected: March 1, 2004
- New Windows security features announced by Microsoft chair and chief
software architect Bill Gates at the RSA Conference in San Francisco are
garnering mixed reviews from attendees. Mr. Gates announced improvements in
the Windows XP firewall, behavior blocking and other dynamic security
technology, and code-scanning tools for Visual Studio. Bruce Schneier of
Counterpane Internet Security was unimpressed, saying Microsoft needs to make
security its bottom line. An unnamed security manager for a government agency
argues that Microsoft is basically making their own versions of other
company's products, possibly threatening the market for other security
vendors. Microsoft has partnered with a number of security vendors to develop
new technology, such as Active Protection Technology.
- http://www.eweek.com/article2/0,4149,1540980,00.asp?kc=EWRSS03119TX1K0000594
- Title: An Extra Eye in Combat, and Maybe Aboard
Airplanes
- Source: NY Times
- Date Written: March 1, 2004
- Date Collected: March 1, 2004
- Essential Viewing, a technology firm based in Glasgow, Scotland, is
looking to expand its video encoding hardware and software out of the
battlefield--commanders used it in Iraq for situational awareness--to other
military and civilian applications, such as homeland security and law
enforcement. Essential Viewing's technology compresses video images so they
can be transmitted over narrow-band networks. Rather than sending images pixel
by pixel, Essential Viewing uses a neural network to break images down into
shapes, and transmit the shape data. Technicians at PhotoTelesis and Sandia
National Labs note Essential Viewing's technology is one of the few that can
efficiently encode video data for low-capacity networks with as little
computing power as that found on a cellphone. The Department of Homeland
Security is looking into purchasing Essential Viewing devices the size of a
cigarette pack that can be attached anywhere, and even used on airliners.
- http://www.nytimes.com/2004/03/01/technology/01video.html
- Title: Wisconsin prisoners tracked by
.Net
- Source: Government Computer News
- Date Written: February 27, 2004
- Date Collected: March 1, 2004
- County Corrections officials in Wisconsin have developed a system to
manage prisoner transfers, saving money and time in travel costs. The Prisoner
Exchange and transport Scheduling (PETS) was developed after one county
sheriff noticed that officials from nearby counties would often show up at the
same prison for scheduled transfers, causing a duplication of effort and
travel costs. The sheriff approached Emerald Systems Inc. about the problem,
who developed PETS with Visual Studio.Net, C# .Net and a Microsoft SQL Server
2000 database. All 72 Wisconsin counties are now connected to the system; with
30,000 transfers a year, the state expects to save about $3 million with the
system.
- http://www.gcn.com/vol1_no1/daily-updates/25098-1.html
Vulnerabilities & Exploits
- Title: Security warning on internet
telephony
- Source: Australian IT
- Date Written: March 2, 2004
- Date Collected: March 1, 2004
- Research firm META Group reports that many corporations are moving to VoIP
(Voice over Internet Protocol) without understanding the security risks of the
technology, possibly opening themselves to toll fraud, voicemail intrusion,
and other data theft. Many corporations are deploying VoIP networks separate
from the corporate data infrastructure, detached from corporate security.
Viruses could exploit VoIP networks, attackers can still deny service, and
many firewalls are not equipped to handle voice traffic. Businesses should
conduct a cross-discipline security review before adopting VoIP and take
measures to encrypt voice traffic. Only 5% of Australian businesses have
adopted VoIP, while 60 to 70% would evaluate it, leading to increased
deployment in late 2004.
- http://australianit.news.com.au/articles/0,7204,8837492^15331^^nbv^15306-15319,00.html
- Title: File Sharing Vulnerability Discovered in
Mac OS X
- Source: EWeek.com
- Date Written: February 27, 2004
- Date Collected: March 1, 2004
- A flaw has been discovered in the Apple Filing Protocol (AFP) that could
allow an attacker to steal passwords. When users attempt to make a secure
connection over SSH (secure shell), AFP does not issue a warning when it finds
that no secure connection is available and defaults to an insecure connection.
An alert user must notice that the "Opening Secure Connection" message did not
appear. Users who do not notice the lack of that message may unknowingly
transmit their passwords as clear text. However, the user would have to be the
target of an active attack; AFP prevents passive password collection, so an
attacker would have to masquerade as the server a user wanted to connect to.
Chris Adams, the systems administrator who discovered the flaw, presented
several work-arounds in a Bugtraq post, but recommended that SSH be set as the
default connection for clients and servers, and the interface modified to give
clear warning. Mr. Adams informed Apple of the flaw in December 2003, and
followed up on it a few weeks later, but has not yet received any response
from the company.
- http://www.eweek.com/article2/0,1759,1540557,00.asp
Civil & Consumer Issues
- Title: Court Says Net-Spread DVD Code Isn't Trade
Secret
- Source: LA Times (Bloomberg)
- Date Written: February 28, 2004
- Date Collected: March 1, 2004
- A California appeals court has overturned a lower court ruling against
Andrew Bunner for publishing the DeCSS computer program, which breaks
copy-protection measures on DVDs. The court found that the DeCSS program had
been so widely distributed before the DVD Copy Control Association filed its
case against Mr. Bunner, that the technology may have lost its trade-secret
status. Under the ruling, Mr. Bunner is entitled to recoup the costs of the
appeal.
- http://www.latimes.com/technology/la-fi-dvd28feb28,1,1773972.story?coll=la-headlines-technology
- Also - http://news.zdnet.co.uk/business/legal/0,39020651,39147906,00.htm
- Title: E-Voting Terminals Face Super Tuesday
Test
- Source: Reuters
- Date Written: February 29, 2004
- Date Collected: March 1, 2004
- On March 2, 2004, American voters in ten states will cast ballots in the
"Super Tuesday" Democratic primary elections. Voters in Maryland, Georgia, and
parts of California will vote with electronic voting systems; Election Data
Systems estimates that 29% of American voters will do so in the November
elections. However, a number of activists and computer scientists are
protesting the use of such machines, arguing that software flaws make
elections vulnerable to tampering. The California Voter Foundation is urging
voters to use absentee ballots rather than e-voting machines. Ohio has delayed
certification of Diebold machines over security concerns, while California
will use Diebold machines on Tuesday even while considering a ban on Diebold
machines. Activists argue that voters should be able to verify their votes
with a paper print-out.
- http://www.reuters.com/newsArticle.jhtml?type=internetNews&storyID=4463249
- Title: Court Adds Copyright to SCO's IBM
Suit
- Source: Internet News
- Date Written: February 27, 2004
- Date Collected: March 1, 2004
- A US district court has allowed the SCO Group to add copyright
infringement claims to its suit against IBM for use of Linux, after IBM said
it would not oppose the claims. While IBM does not agree with the claims,
legal experts point out that such additions to lawsuits are common practice,
and IBM likely wants to begin its defense. The additional claims increase
potential damages from $3 billion to $5 billion. The SCO Group is also in a
legal battle with Novell over Unix ownership, while Linux distributor Red Hat
has sued SCO for making "untrue" claims about it business practices.
- http://www.internetnews.com/ent-news/article.php/3319031
- Title: Report Raises Questions About Fighting
Online Piracy
- Source: NY Times
- Date Written: March 1, 2004
- Date Collected: March 1, 2004
- The Committee for Economic Development (CED), a Washington policy group,
has released a report entitled "Promoting Innovation and Economic Growth: The
Special Problem of Digital Intellectual Property," arguing that legislative
efforts against copyright infringement by music, movie, and television studios
may harm the economy and upset the balance between the rights of content
providers and the rights of the public. The report recognizes the need for
some form of copy-protection and/or new business models to enable copyright
holders to profit. The report calls for a two-year moratorium on changing
copyright law to allow for greater public debate and recommends the use of
digital rights management (DRM) technology so long as they are not required by
government or create a burden to consumers. The report also recommends tools
to let copyright holders put their work in the public domain sooner than the
law allows. For technical reasons, the report is not an official policy
statement of the CED, but the group recommends the report as an excellent
analysis.
- http://nytimes.com/2004/03/01/technology/01rights.html
- Title: Is password-lending a cybercrime?
- Source: Security Focus
- Date Written: March 1, 2004
- Date Collected: March 1, 2004
- Berkshire Information Systems obtained a customer password to the database
of competitor Inquiry Management Systems (IMS), which they then used to access
copyrighted material and compete with IMS. While this constitutes a breach of
contract and fraud, IMS chose to sue Berkshire for computer crime and
violation of the DMCA (Digital Millennium Copyright Act), arguing that the
password is a technological measure to prevent access to a copyrighted work.
The judge dismissed the DMCA claim, but upheld charges under the Computer
Fraud and Abuse Act, finding that the "break-in" caused damages to IMS. The
author argues this is a misreading of the law, which requires the integrity of
the data to be compromised. The author argues that such misreadings are a
danger of allowing civil cases to enforce criminal law.
- http://www.securityfocus.com/columnists/222
- Title: Metro Store bows to pressure from
anti-RFID activists
- Source: Computerworld
- Date Written: March 1, 2004
- Date Collected: March 1, 2004
- German company Metro AG has announced that it would drop RFID (radio
frequency identification) tags from its customer loyalty cards as they prepare
to test new technologies at its Extra Future Store in Rheinberg. Metro joins
such retailers as Wal-Mart and the Benetton Group who scaled back RFID plans
under pressure from such consumer advocates as Consumers Against Supermarket
Privacy Invasion and Numbering (CASPIAN). Such groups worry that RFID could
endanger privacy by allowing store clerks to read the contents of a shopper's
handbag, or track cash transactions through RFID chips embedded in bank notes.
Metro planned to used RFID tags to restrict the purchase of certain movies by
minors. Metro says its decision does not affect plans to use RFID for supply
chain management and inventory.
- http://www.computerworld.com/mobiletopics/mobile/technology/story/0,10801,90628,00.html
To change your delivery preferences please go
to:
http://news.ists.dartmouth.edu/cgi-bin/change.cgi
If you wish to
stop receiving the 'Security in the News' service please go
to:
http://news.ists.dartmouth.edu/substop.html
The Institute for
Security Technology Studies (ISTS) accepts no responsibility for any error or
omissions in this e-mail. The information presented is a compilation of
material from various sources and has not been verified by staff of the ISTS.
Therefore, the ISTS cannot be made responsible for the factual accuracy of the
material presented. The ISTS is not liable for any loss or damage arising from
or in connection with the information contained in this report. It is the
responsibility of the user to evaluate the content and usefulness of this
information. References in this e-mail to any specific commercial products,
processes, or services by trade name, trademark, manufacturer, or otherwise,
does not constitute or imply endorsement, recommendation, or favoring by the
ISTS. ISTS is a research, not operational, organization, and makes its
Security in the News e-mail available as a public service on a best-effort
basis. Security in the News will be sent out on most business days, but not
all.
Institute for Security Technology Studies
Dartmouth
College
45 Lyme Road, Suite 200
Hanover, NH 03755
Tel: (603) 646
0700
E-mail: dailyreport@ists.dartmouth.edu
|
|
|
