_________________________________________________________________
London, Wednesday, May 29, 2002
_________________________________________________________________
INFOCON News
_________________________________________________________________
IWS - The Information Warfare Site
http://www.iwar.org.uk
_________________________________________________________________
IWS Sponsor
National Center for Manufacturing Sciences
http://www.ncms.org
host of the
InfraGard Manufacturing Industry Association
http://trust.ncms.org
_________________________________________________________________
----------------------------------------------------
[News Index]
----------------------------------------------------
[1] PDAs make easy pickings for data thieves
[2] FAA will test smart cards
[3] Memo Reveals FBI E-Mail Snafu
[4] New York's attorney-general sues email 'spammers'
[5] Hearing set on hacked state computers; employee groups complain
[6] Security Hole Striptease
[7] Yahoo! Messenger! multiple! vulns!
[8] Liberty Alliance expands membership
[9] Xbox hacking not for amateurs
[10] What a difference a year makes at Amazon
[11] Justice officials to unveil plans for restructuring the FBI
[12] Navy prepares wireless LAN for testing at sea
[13] Speakers cover Information Assurance waterfront
[14] ICANN to Consider Restructuring this Weekend
[15] Online pharmacy fined $88 million
[16] 'Soft Talk: New Hotmail settings might share your info, addresses
[17] Bioterrorism bill includes provision renewing drug user-fee law
[18] Wireless on the battlefield
_________________________________________________________________
News
_________________________________________________________________
[1] PDAs make easy pickings for data thieves
By John Leyden
Posted: 28/05/2002 at 11:04 GMT
PDAs make easy pickings; a survey reveals that private and corporate secrets
are all too frequently left unprotected.
One in ten peoples' bank accounts could be accessed if they lost their
Personal Digital Assistant (PDA).
That's according to a survey of PDA usage by mobile security firm Pointsec,
which discovered owners commonly download substantial slices of their
personal and business lives onto their PDAs - but leave the information
unencrypted and without password protection
http://www.theregister.co.uk/content/54/25478.html
----------------------------------------------------
[2] FAA will test smart cards
By Preeti Vasishtha
GCN Staff
The Federal Aviation Administration will dole out more than 50,000 smart
cards to employees and contract workers for a Transportation Department
pilot. FAA will release a request for proposals for the pilot within a
couple of weeks, FAA spokeswoman Tammy Jones said.
http://www.gcn.com/vol1_no1/daily-updates/18789-1.html
----------------------------------------------------
[3] Memo Reveals FBI E-Mail Snafu
WASHINGTON, May 29, 2002
(AP) The FBI destroyed evidence gathered in an investigation involving Osama
bin Laden's al Qaeda terror network after the FBI's e-mail wiretap system
mistakenly captured information to which the agency was not entitled.
http://www.cbsnews.com/stories/2002/05/29/attack/main510393.shtml
----------------------------------------------------
[4] New York's attorney-general sues email 'spammers'
New York Attorney General Eliot Spitzer is suing a firm he says sent more
than 500 million messages to computer users, many of them unwanted "spam"
advertisements.
Mr Spitzer says MonsterHut.com of Niagara Falls sent hundreds of millions of
the ads through emails since March 2001 to people who didn't want them.
http://www.ananova.com/business/story/sm_597489.html?menu=business.latesthea
dlines
----------------------------------------------------
[5] Hearing set on hacked state computers; employee groups complain
SACRAMENTO, Calif. (AP) - State senators said Tuesday they would investigate
why it took weeks for 260,000 government employees to be notified that a
hacker accessed a computer system containing their personal financial
information.
``There's a lot of people screaming,'' said Dennis Alexander of the
Professional Engineers in California Government.
http://www.siliconvalley.com/mld/siliconvalley/news/3355173.htm
----------------------------------------------------
[6] Security Hole Striptease
By letting the public catch a tantalizing peek at unannounced security
holes, one prolific bug-finder turns up the heat on vendors to close them.
By Tim Mullen May 27, 2002
The success of "SQLSpida," the worm that targets MS-SQL servers set upon the
Net with a blank "SA" password, is testament to how badly basic security
education is still needed.
As always, I place primary blame on the administrators of these
boxes-leaving the SA password blank on any installation is a rookie move. To
do so on a production machine placed on the Internet is just plain stupid.
You have probably guessed that my use of "primary" infers a secondary party
in responsibility; and indeed it does: Microsoft.
http://online.securityfocus.com/columnists/84
----------------------------------------------------
[7] Yahoo! Messenger! multiple! vulns!
By Thomas C Greene in Washington
Posted: 28/05/2002 at 09:08 GMT
There are two new Yahoo Instant Messenger (YIM) vulnerabilities which can
potentially compromise a user's machine, Vietnamese researcher Phuong Nguyen
has discovered. Yahoo! has been notified and a fixed version is available
for download here.
http://www.theregister.co.uk/content/55/25466.html
----------------------------------------------------
[8] Liberty Alliance expands membership
By Mike Ricciuti
Staff Writer, CNET News.com
May 28, 2002, 9:00 PM PT
The Liberty Alliance Project gained five new members Wednesday, boosting Sun
Microsystems' effort to outgun Microsoft's Passport online identification
system.
The Liberty Alliance Project seeks to establish a standard method for online
identifications, so a computer user can log on to a Web site once, then have
other sites recognize that user as authenticated. Microsoft already offers a
single sign-on technology called Passport.
New members include Cingular Wireless, i2 Technologies, Nippon Telegraph and
Telephone, SAP and Wave Systems. The companies join the Liberty Alliance as
sponsors, meaning they can attend and vote in meetings. The Alliance,
launched last September, now has more than 40 members, including United
Airlines, Sony, Fidelity Investments, AOL Time Warner and others, according
to Michael Barrett, vice president of Internet strategy at American Express
and a member of the Liberty Alliance management board.
http://news.com.com/2100-1001-927232.html?tag=cd_mh
----------------------------------------------------
[9] Xbox hacking not for amateurs
By David Becker
Staff Writer, CNET News.com
May 28, 2002, 4:10 PM PT
The first Xbox add-ons that purportedly allow the console to play illegally
copied game software have gone on sale, but analysts say they're unlikely to
inspire a Napster-like wave of copy infringement.
http://news.com.com/2100-1040-924666.html?tag=cd_mh
----------------------------------------------------
[10] What a difference a year makes at Amazon
Wednesday, May 29, 2002
By KATHY MULADY
SEATTLE POST-INTELLIGENCER REPORTER
Shareholders attending Amazon.com's annual meeting today will hear about a
company that is slightly different from the one they heard about last year.
This one has turned a profit.
The shareholder meeting begins at 9 a.m. at the Sheraton Seattle Hotel and
Towers at 1400 Sixth Ave.
http://seattlepi.nwsource.com/business/72278_amazon29.shtml
----------------------------------------------------
[I am still sceptical. It sounds to me that the FBI wants to usurp
more functions within the Homeland Defense framework. The FBI
needs a cultural change (move from an information blackhole to an
information sharing agency). Maybe a new agency or some other
organisation should take over some of the responsibilities of the FBI.
WEN)
[11] Justice officials to unveil plans for restructuring the FBI
>From National Journal's Technology Daily
Attorney General John Ashcroft and FBI Director Robert Mueller will hold a
press briefing Wednesday to detail their plans for restructuring the FBI, an
agency spokeswoman confirmed Tuesday.
Along with hiring new agents, the plan will call for 14 new sections to the
counterterrorism division that will specialize in terrorism, technology,
languages, intelligence gathering, cultures and other areas, according to
news reports. Agents from the white-collar and anti-drug divisions may be
reassigned to counter-terrorism operations.
Mueller has said reforms will emphasize replacing outdated technology and
computers.
http://www.govexec.com/dailyfed/0502/052802td1.htm
----------------------------------------------------
[12] Navy prepares wireless LAN for testing at sea
By William Jackson
GCN Staff
The Navy this month will begin the final tests of a wireless shipboard
network that service brass expect will lead to the use of such LANs across
the fleet.
The service outfitted a new destroyer, the USS Howard, with a wireless LAN
for this last evaluation leg of its SmartShip program. Forty wireless
gateways from 3e Technologies International Inc. of Rockville, Md., extend
Ethernet connectivity from the Howard's asynchronous transfer mode backbone.
http://www.gcn.com/21_11/mobile_wireless/18698-1.html
----------------------------------------------------
[13] Speakers cover Information Assurance waterfront
>From development of the Federal Public Key Infrastructure to agency
initiatives to combat hackers, information assurance dominates federal,
state and local IT budgets and priorities. Speakers at the May 17, 2001
Technology Excellence in Government seminar gave their views and case
studies on what works and what doesn't in information assurance. Click on
the links below to view the webcast of each presentation.
If you have difficulty hearing or viewing the presentations below, please
visit our technical support page.
http://www.gcn.com/webcast/080101.html
----------------------------------------------------
[14] ICANN to Consider Restructuring this Weekend
May 24, 2002 08:30 CDT
ICANN, the group that oversees the Internet's addressing system, will meet
this weekend. The main purpose of this meeting is to try to sort out its
most contentious issue to date: how it should function and who should
participate.
The board of directors of the Internet Corporation for Assigned Names and
Numbers will meet in private this weekend in New York to sift through the
various restructuring proposals that have dominated the group's agenda over
the past year, Reuters reports.
http://www.cosmiverse.com/news/tech/tech05240202.html
----------------------------------------------------
[15] Online pharmacy fined $88 million
By: Greg Sandoval
5/28/02 8:45 PM
Source: News.com
A Los Angeles pharmacy and a pair of employees were fined $88 million by the
state of California for being too lax in prescribing drugs over the
Internet.
California Gov. Gray Davis announced the fines Tuesday and said in a
statement that the pharmacy violated a year-old law that makes it illegal
for Internet pharmacies to fill prescriptions for patients who aren't
properly examined by a licensed physician. An 8-month-long investigation
showed that Total Remedy and Prescription Center II filled more than 3,500
prescriptions over the Web that were written by doctors not licensed to
practice medicine in California. Most of the prescriptions were for
"lifestyle drugs" such as Propecia, a hair loss treatment.
http://news.cnet.com/investor/news/newsitem/0-9900-1028-9967426-0.html?tag=a
ts
----------------------------------------------------
[16] 'Soft Talk: New Hotmail settings might share your info, addresses
2002-05-14
by Cydney Gillis
MSN and Hotmail keep giving Microsoft Corp. headaches and embarrassment.
The latest is a doozy. Yesterday an irate reader tipped me off to the fact
that Microsoft has changed the privacy settings for Hotmail.
What that means for subscribers to Microsoft's Internet service and millions
more who use its free Hotmail e-mail service is that the company can share a
Hotmail address with its partner Web sites.
In short, if you are already signed up for and use Hotmail, Microsoft has
given itself the right to share your e-mail address and other data with
outside companies -- even if you explicitly told Microsoft not to do so when
you signed up.
http://www.eastsidejournal.com/92308.html
----------------------------------------------------
[17] Bioterrorism bill includes provision renewing drug user-fee law
By April Fulton, National Journal
While it is becoming increasingly unlikely that Congress this year will
approve compromise legislation providing prescription drug benefits to
Medicare recipients, a lower-profile piece of multibillion-dollar drug
legislation is flying through with little public scrutiny.
Back in 1992, Congress passed the Prescription Drug User Fee Act, which
allows the pharmaceutical industry to pay the Food and Drug Administration
to review industry products more quickly. The idea was born out of a unique
collaboration between AIDS activists, then-FDA Commissioner David Kessler,
the drug industry, and Congress. In 1997, Congress renewed the law after
vigorous debate and numerous hearings.
Now, through a series of secret meetings and behind-the-scenes negotiations,
key lawmakers have again renewed and updated the law and quietly added it in
conference committee-without much notice by the media or the public-to a
high-profile $3 billion bill to battle bioterrorism.
http://www.govexec.com/dailyfed/0502/052802nj1.htm
----------------------------------------------------
[18] Wireless on the battlefield
Commercial products not always best security solution for Defense Department
BY Dan Caterinicchia
May 27,
Concerns over battery life, the need for ruggedized machines and
ever-present bandwidth issues are among the many obstacles that the Defense
Department faces as it attempts to outfit soldiers with reliable,
interoperable wireless communications on the battlefield.
But securing those communications is still far and away the biggest
challenge the department must overcome. And despite a push to use commercial
off-the-shelf (COTS) solutions to do it, those solutions may not be the best
answer, according to some academic and industry experts.
http://www.fcw.com/fcw/articles/2002/0527/tec-wire-05-27-02.asp
------------------------------------------------
_____________________________________________________________________
The source material may be copyrighted and all rights are
retained by the original author/publisher.
Copyright 2002, IWS - The Information Warfare Site
_____________________________________________________________________
Wanja Eric Naef
Webmaster & Principal Researcher
IWS - The Information Warfare Site
<http://www.iwar.org.uk>
---------------------------------------------------------------------
To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe
infocon" in the body
To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe
infocon" in the body
---------------------------------------------------------------------
IWS INFOCON Mailing List
@ IWS - The Information Warfare Site
http://www.iwar.org.uk
