|
Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
FW: Security In The News - March 29, 2004
- From: Howell, Paul
- Date: Tue Mar 30 07:14:09 2004
Title: Message
Security In The News
LAST UPDATED: 3/29/04
This report is
also available on the Internet at http://news.ists.dartmouth.edu/todaysnews.html
,
Homeland Security & Infrastructure Protection
Dec. 4 target set for terrorist list
- Federal
Computer Week, 3/26/04
Cybercrime-Hacking
Canadian Web sleuths save U.S. girl in
porn case
- The
Globe and Mail, 3/26/04
Politics-Legislation
Bush Pushes Broadband Rollout by
2007
- Reuters,
3/26/04
Congress Moves to Criminalize P2P
- Wired
News, 3/26/04
Callahan resigns from Homeland Security
Department
- Government
Computer News, 3/26/04
Malware
Net Viruses Hobble Europe's Small
Business Sector
- Reuters,
3/29/04
- Also - vnunet.com,
3/29/04
Malicious code targets earlier Cisco
flaws
- vnunet.com, 3/29/04
Witty sets a new worm record
- Silicon.com,
3/29/04
Technology
GPO signs on to using PKI
- Government
Computer News, 3/29/04
Route to security
- Information
Security Magazine, 3/25/04
Oregon alliance pushes info-sharing
standard
- Federal
Computer Week, 3/26/04
- Also - EWeek.com,
3/29/04
Vulnerabilities & Exploits
Security product flaws are magnet for
attackers
- Computer
Weekly, 3/29/04
Civil & Consumer Issues
Postini antispam patent could cause
headaches
- Computerworld,
3/26/04
German company clogs SCO's legal
machine
- InfoWorld,
3/26/04
Music industry way off track with song
and dance about falling sales
- Sydney
Morning Herald, 3/29/04
Homeland Security & Infrastructure Protection
- Title: Dec. 4 target set for terrorist
list
- Source: Federal Computer Week
- Date Written: March 26, 2004
- Date Collected: March 29, 2004
- At a March 25, 2004, hearing before a House Judiciary subcommittee and a
House Select subcommittee, officials from the Terrorist Screening Center
(TSC) said they plan to have a complete restructuring of its terrorist watch
list database by December 4. However, that list will only include the names
and identifiers of suspected terrorists. "We are not the record holder for
every agency," said Donna Bucella, director of the TSC. The consolidated
watch list has been delayed multiple times since different agencies use
differing criteria to classify someone as a terrorist. Representative Jim
Turner (D-Texas) has been highly critical of the watch list's multiple
delays, arguing that no technological barriers hinder the project. The
Federal Bureau of Investigation (FBI), rather than the Department of
Homeland Security (DHS), oversees the TSC since the FBI already had
personnel with the necessary security clearances, though DHS is working with
the FBI on the list.
- http://www.fcw.com/fcw/articles/2004/0322/web-tsc-03-26-04.asp
Cybercrime-Hacking
- Title: Canadian Web sleuths save U.S. girl in
porn case
- Source: The Globe and Mail
- Date Written: March 26, 2004
- Date Collected: March 29, 2004
- Toronto Police officers have aided the United States' Federal Bureau of
Investigation (FBI) in tracking down a victim in a set of child pornography
images, leading to the arrest of the photographer and possibly saving the
life of the child. Analyzing a collection of images posted to an
international police website, the police found clues to one girl's location
and identity from a badge on her Girl Scout uniform and a blurred out logo
on a t-shirt under her school jumper, allowing them to direct FBI
investigators to the girl's school in North Carolina. The FBI later arrested
Brad Tod Schellenberger, 41, on four counts of child exploitation and one
count of possession of child pornography. Mr. Schellenberger allegedly is a
member of a small group of pornographers responsible for producing
"hurt-core porn," involving the physical battery of children under the age
of thirteen.
- http://www.globetechnology.com/servlet/story/RTGAM.20040326.gtblatch26/BNStory/Technology
Politics-Legislation
- Title: Bush Pushes Broadband Rollout by
2007
- Source: Reuters
- Date Written: March 26, 2004
- Date Collected: March 29, 2004
- As the campaigning for the 2004 Presidential election heats up,
President George W. Bush called for "universal, affordable" access to
broadband Internet by 2007 while speaking in New Mexico. Mr. Bush cited the
role of broadband in keeping the United States competitive and innovative,
but outlined no policy steps to reach the 2007 goal. However, Mr. Bush
called for broadband access to remain tax-free. Federal Communication
Commission chair Michael Powell has worked to reduce regulation on telephone
companies to spur competition. Democratic presidential hopeful John Kerry
named broadband as a key growth area while speaking on economic policy in
Detroit, Michigan. Around 20.6 million homes and small businesses subscribe
to broadband services either from telephone or cable providers.
- http://www.reuters.com/newsArticle.jhtml?type=internetNews&storyID=4675254
- Title: Congress Moves to Criminalize
P2P
- Source: Wired News
- Date Written: March 26, 2004
- Date Collected: March 29, 2004
- Congress is currently considering two bills aimed at piracy over
peer-to-peer (P2P) file-sharing networks. A draft bill circulated among
members of the House Judiciary Committee would ease the burden of proof for
the Justice Department in criminal prosecutions against file-sharers, with
penalties up to ten years imprisonment. The proposed law would apply to
anyone who shares over 2,500 files of copyrighted content, distributes
content before its public release, as with pre-release DVD screeners for
upcoming movies, or a single file determined to be worth more than $10,000.
Senators Orrin Hatch (R-Utah) and Patrick Leahy (D-Vermont) have introduced
a bill to allow the Justice Department to file civil suits against
file-sharers, calling it the Protecting Intellectual Rights Against Theft
and Expropriation (PIRATE) Act. Adam Eisgrau of trade group P2P United
argues that both proposals are misguided, while the Recording Industry
Association of America (RIAA) and the Motion Picture Association of America
(MPAA) have welcomed the PIRATE Act as giving federal prosecutors
"flexibility and discretion in P2P cases."
- http://www.wired.com/news/digiwood/0,1412,62830,00.html?tw=wn_tophead_2
- Title: Callahan resigns from Homeland Security
Department
- Source: Government Computer News
- Date Written: March 26, 2004
- Date Collected: March 29, 2004
- Laura Callahan has resigned her post as senior director of Homeland
Security's CIO (Chief Information Officer) Office. Ms. Callahan has been on
leave with pay since June 2003 after a Government Computer News (GCN) report
uncovered that she held three questionable degrees from a diploma mill in
Wyoming. Homeland Security spokeswomen Valeria Smith declined to comment on
the resignation. The GCN report led Senator Susan Collins (R-Maine) and
Representative Tom Davis (R-Virginia) to press for action against fake
degrees. Education Secretary Ron Paige plans for his department to post a
list of accredited institutions on the Web, while the Office of Personnel
Management has held seminars to train human resources officials in detecting
false credentials. The General Accounting Office (GAO) will release a report
on the matter to Ms. Collins's and Mr. Davis's committees.
- http://www.gcn.com/vol1_no1/daily-updates/25419-1.html
Malware
- Title: Net Viruses Hobble Europe's Small
Business Sector
- Source: Reuters
- Date Written: March 29, 2004
- Date Collected: March 29, 2004
- McAfee Security, a division of Network Associates, has released a report
on Internet viruses among European businesses, finding that 22% of small
businesses needed to close down to recover from a recent virus attacks. The
report finds that a virus attack costs Western Europe's 14 million small
business around ?5,000 ($6,090) each in clean-up and recovery, while total
costs for cybercrime reached ?22 billion ($26.7 billion) last year. Jack
Clarke, technology consultant with McAfee, cites the number of virus
outbreaks in early 2004 as a sign that the situation may get worse. Police
blame criminal organizations for e-mail phishing scams, extorting online
gambling sites with denial of service attacks during sporting events, and
writing viruses to take control of computers. The McAfee report covered 500
small businesses in the United Kingdom, France, Germany, the Netherlands,
Spain, and Italy.
- http://www.reuters.com/newsArticle.jhtml?type=internetNews&storyID=4688569??on=news
- Also - http://www.vnunet.com/News/1153867
- Title: Malicious code targets earlier Cisco
flaws
- Source: vnunet.com
- Date Written: March 29, 2004
- Date Collected: March 29, 2004
- Cisco Systems is warning users that proof-of-concept code has been
released to exploit several flaws in a number of Cisco products. While
theflaws have all been documented and patches released, Cisco advises users
to check that they have applied all relevant patches, or upgrade their
systems to avoid risks from the new code. The flaws affected include a Cisco
IOS router denial of service vulnerability, a Cisco IOS HTTP authorization
vulnerability, and a Cisco Catalyst 3500 XL remote arbitrary command flaw,
among others. The article provides a link to more details on Cisco's
website.
- http://www.vnunet.com/News/1153864
- Title: Witty sets a new worm record
- Source: Silicon.com
- Date Written: March 29, 2004
- Date Collected: March 29, 2004
- According to a report published by the University of California at San
Diego (UCSD) and the Cooperative Association for Internet Data Analysis
(CAIDA), the Witty worm emerged too quickly to allow organizations to apply
the relevant patch. The Witty worm began spreading less than 48 hours after
the publication of a flaw in Internet Security Systems' (ISS) BlackIce and
RealSecure products. As many as 12,000 computers may have been infected in
the first hour. 110 compromised hosts appeared in the first ten seconds, an
apparent attempt to spread the worm through "preseeding." The Witty worm
burned out quickly due to its highly malicious attack, and caused hard drive
failure by writing 65 kilobytes of data randomly all over the hard drive.
The rapid development of the virus after vulnerability release leads many to
believe that end-users can no longer hold the responsibility for updating
systems against attack. Many are also concerned over the worm's targeting of
security products.
- http://www.silicon.com/research/specialreports/protectingid/0,3800002220,39119598,00.htm
Technology
- Title: GPO signs on to using PKI
- Source: Government Computer News
- Date Written: March 29, 2004
- Date Collected: March 29, 2004
- The Government Printing Office (GPO) plans to authenticate government
documents through public key encryption (PKI) and digital signatures by the
middle of 2004. The technology will be part of electronic submission of
documents through the GPO website. Judy Russel, GPO superintendent of
documents and managing director of information dissemination, says the
office will be able to authenticate submissions and to allow others to
authenticate final products published by the Office. The GPO is also
considering digital watermarks for print publications and electronic master
documents. GPO is also working to cross-certify on the federal bridge,
allowing the office to accept other agencies' PKI certificates.
- http://www.gcn.com/vol1_no1/daily-updates/25416-1.html
- Title: Route to security
- Source: Information Security Magazine
- Date Written: March 25, 2004
- Date Collected: March 29, 2004
- While many organizations invest in firewalls, intrusion prevention
systems, and virtual private networks to protect their computers, most
forget the routing protocols that drive the Internet, making them an easy
target for attackers. Compromised routers can be used for man-in-the-middle
attacks to redirect traffic through the attacker's system, degrade network
performance, seize sensitive data, and deny service. Route filtering is a
site-specific method to control network traffic, prevent unauthorized
routing updates, and hide sensitive network topology data from outsiders.
Some routing methods direct suspected distributed denial of service (DDoS)
attack traffic to a "blackhole" null-interface that simply drops the
traffic, or a "sinkhole" machine that analyzes the traffic and forwards
legitimate traffic to its destination. All routing protocols use the MD5
(Message Digest 5) algorithm to provide cryptographic authentication to
protect the integrity of the routing domain, guarding against message
insertion, deletion and modification, man-in-the-middle attacks, and DDoS
attacks.
- http://infosecuritymag.techtarget.com/ss/0,295796,sid6_iss346_art668,00.html
- Title: Oregon alliance pushes info-sharing
standard
- Source: Federal Computer Week
- Date Written: March 26, 2004
- Date Collected: March 29, 2004
- On March 29, 2004 Oregon's Regional Alliance for Infrastructure and
Network Security (RAINS) will publish its Open Specification for Sensitive
Information Sharing (OsSIS), designed to provide interoperability and data
security for government networks. OSSIS is based on RAINS' Connect and
Protect program, designed to connect geographically dispersed organizations
into a centrally-managed and protected wide-area network. OSSIS promotes web
services standards and proposes a RAIN-managed Universal Description,
Discovery, and Integration registry to allow accredited RAINS participants
to transact with each other. RAINS is promoting its framework for use in
other states and localities. Homeland Security, which has a number of
initiatives regarding information sharing, has discussed joining the
program, but has made no final plan.
- http://www.fcw.com/geb/articles/2004/0322/web-rains-03-26-04.asp
- Also - http://www.eweek.com/article2/0,1759,1556003,00.asp
Vulnerabilities & Exploits
- Title: Security product flaws are magnet for
attackers
- Source: Computer Weekly
- Date Written: March 29, 2004
- Date Collected: March 29, 2004
- Users will have to consider the security of security products as more
malicious hackers seek to exploit their vulnerabilities. The Witty worm
exploited a flaw in Internet Security Services' (ISS) BlackIce and
RealSecure intrusion prevention products, infecting 15,000 to 20,000
computers worldwide and corrupting infected hard drives. Chris Rouland,
director of ISS' X-Force security team, noted that the Witty flaw was only
the second major flaw from ISS in five years, crediting the company's strong
quality assurance measures. Vulnerabilities were earlier discovered in
firewalls from Zone Labs and Check Point Security, while another was found
in a product from Symantec. John Pescatore of research firm Gartner says
attackers looking for publicity are increasingly targeting security
products. Some researchers, such as Pete Lindstrom of Spire Consulting,
question whether security vendors have conflicts of interest when searching
for flaws in their competitors' products.
- http://www.computerweekly.com/articles/article.asp?liArticleID=129588
Civil & Consumer Issues
- Title: Postini antispam patent could cause
headaches
- Source: Computerworld
- Date Written: March 26, 2004
- Date Collected: March 29, 2004
- A patent owned by e-mail security company Postini could cause problems
for its competitors. Patent 6,650,890, filed in September 2000 and awarded
November 2003, gives Postini rights to technology to preprocess e-mails for
a number of purposes, including spam and virus detection. This could make
the e-mail filtering services of such competitors as FrontBridge
Technologies, MX Logic, and MessageLabs infringing technologies. Postini is
currently studying ways to "maximize" the patent's value to the company.
However, many legal experts warn the patent suffers from a number of
weaknesses. The patent application only cites other patents in its
References section, raising the possibility that the company has not
adequately searched for examples of prior art. While many suspect that
Postini may have abused the patent application process, making it easy for a
competitor to challenge it, it could be used for harassing litigation.
- http://www.computerworld.com/governmenttopics/government/legalissues/story/0,10801,91685,00.html
- Title: German company clogs SCO's legal
machine
- Source: InfoWorld
- Date Written: March 26, 2004
- Date Collected: March 29, 2004
- While the SCO Group targets big companies such as IBM, DaimlerChrysler,
and AutoZone over alleged infringements of SCO's Unix copyrights through the
Linux operating system, a software start-up has successfully halted SCO from
making similar claims in Germany, Europe's largest open source market. On
February 18, 2004 Univention GmBH and two other German companies won a court
restraining order preventing SCO's German subsidiary from making
infringement claims. The order also requires SCO to provide Univention with
proof of copyright violations one month after making such claims public.
However, in an interview with the newspaper Financial Times, Gregory Blepp,
a vice president of SCO in the United States, says he is working to legally
require German Linux users to purchase a license from SCO. Univention
founder Peter Ganten expressed surprise that SCO would talk of violating the
order only a month after agreeing to it, but the law is unclear whether the
order applies to SCO's American branch.
- http://www.infoworld.com/article/04/03/26/HNclogslegal_1.html
- Title: Music industry way off track with song
and dance about falling sales
- Source: Sydney Morning Herald
- Date Written: March 29, 2004
- Date Collected: March 29, 2004
- The Australian Recording Industry Association (ARIA) has put out a press
release showing that album sales reached 50 million for 2003, and 65 million
when singles sales are included; both are record numbers. This fact, buried
within a press release entitled "Music DVD continues its rise whilst CD
singles slide further," casts doubt on industry claims that they are losing
CD sales as peer-to-peer file trading networks allow pirates to download
songs for free. Finance reporter Peter Martin examined ARIA numbers to track
the discrepancy between statistics and headline, and found that while album
sales increased 7.85%, singles sales dropped 16.5%. The music industry makes
its profits primarily from album sales; in the United States, singles,
primarily a promotional tool, have almost disappeared from sale. The author
asserts that the ARIA is trying to divert attention to bolster its legal
arguments.
- http://www.smh.com.au/articles/2004/03/28/1080412234274.html
To change your delivery preferences please go
to:
http://news.ists.dartmouth.edu/cgi-bin/change.cgi
If you wish to
stop receiving the 'Security in the News' service please go
to:
http://news.ists.dartmouth.edu/substop.html
The Institute for
Security Technology Studies (ISTS) accepts no responsibility for any error
or omissions in this e-mail. The information presented is a compilation of
material from various sources and has not been verified by staff of the
ISTS. Therefore, the ISTS cannot be made responsible for the factual
accuracy of the material presented. The ISTS is not liable for any loss or
damage arising from or in connection with the information contained in this
report. It is the responsibility of the user to evaluate the content and
usefulness of this information. References in this e-mail to any specific
commercial products, processes, or services by trade name, trademark,
manufacturer, or otherwise, does not constitute or imply endorsement,
recommendation, or favoring by the ISTS. ISTS is a research, not
operational, organization, and makes its Security in the News e-mail
available as a public service on a best-effort basis. Security in the News
will be sent out on most business days, but not all.
Institute for
Security Technology Studies
Dartmouth College
45 Lyme Road, Suite
200
Hanover, NH 03755
Tel: (603) 646 0700
E-mail:
dailyreport@ists.dartmouth.edu
|
|
|
