_________________________________________________________________ London, Thursday, October 15, 2002 _________________________________________________________________
INFOCON News _________________________________________________________________ IWS - The Information Warfare Site http://www.iwar.org.uk _________________________________________________________________ To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe infocon" in the body To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe infocon" in the body _________________________________________________________________ ---------------------------------------------------- [News Index] ---------------------------------------------------- [1] House lawmaker renews push for cybersecurity measures [2] Report on blonds won't wash [3] The Book on Mitnick Is by Mitnick [4] Pro-Islamic militant hacker groups boost attacks security company says [5] Gartner slams MS security after latest flaw [6] A radical rethink of international relations [7] Professor stresses Net security awareness [8] Bugbear virus threat increases [9] Pentagon contempt is hurting the cause [10] Internet rekindles 'Nigerian scam' [11] New U.S. strategy in Afghanistan: winning hearts and minds [12] Help! MS issues another critical security fix [13] Hong Kong news site hacked [14] Plan aimed at Iraqi commanders raises doubts [15] FBI names 20 most unwanted security flaws [16] P2P network funded by US government [17] Quantum cryptography takes to the skies _________________________________________________________________ News _________________________________________________________________ [1] House lawmaker renews push for cybersecurity measures By Maureen Sirhal, National Journal's Technology Daily A key House lawmaker is moving to reauthorize legislation that would impose security requirements on federal agencies through two different vehicles, signaling what he sees as the urgency of extending information security measures before Congress adjourns. The House Government Reform Technology and Procurement Policy Subcommittee on Tuesday approved legislation to promote online government and included in that bill, H.R. 2458, a provision-based on the Federal Information Security Act (FISMA)-to permanently reauthorize 2000 Government Information Security Reform Act (GISRA) and institute other cybersecurity requirements for agencies. Subcommittee Chairman Tom Davis, a Virginia Republican, added the FISMA language to the e-government bill even though he already has won House passage of the proposal as part of another measure, H.R. 5005, that would create a Homeland Security Department. A Senate e-government bill, S. 803, also contains a provision to permanently reauthorize GISRA. http://www.govexec.com/dailyfed/1002/100102td1.htm ---------------------------------------------------- (This story has nothing to do with IA, but it is a brilliant example of how some media folks pick up stories without checking the facts. I still remember the rather ridiculous printer virus story during the Gulf War.... WEN) '... Jeffrey Schneider, a spokesman for ABC News, said that the anchors got the information from an ABC producer in London who said that he had read it in a British newspaper. ...' [2] Report on blonds won't wash Lawrence K. Altman The New York Times Thursday, October 3, 2002 Forecast demise of fair hair had no roots in truth NEW YORK NEW YORK: Apparently it fell into the category "too good to check." Last week, several British newspapers reported that the World Health Organization had found in a study that blonds would become extinct within 200 years because blondness was caused by a recessive gene that was dying out. The reports were repeated by anchors for ABC and CNN. There was only one problem: The health organization says that it never reported that blonds would become extinct and that it had never done a study on the subject. "WHO has no knowledge of how these news reports originated," the organization, a Geneva-based agency of the United Nations, declared. The agency added that it "would like to stress that we have no opinion of the future existence of blonds." http://www.iht.com/articles/72474.html ---------------------------------------------------- [3] The Book on Mitnick Is by Mitnick By Michelle Delio 2:00 a.m. Oct. 3, 2002 PDT Six months ago, the world's most notorious hacker was wondering if he'd ever be able to live down his reputation as a serial killer of corporate computer systems. Kevin Mitnick was unemployed, depressed and in danger of losing his treasured amateur radio license. He was starting to think that even though he'd been released from prison, he'd still somehow be serving time forever. Now he's happily wondering how he'll manage to juggle a cross-country book tour schedule with the demands of his new security business. Things are certainly looking up for the man who was once the media's evil hacker poster boy. Mitnick even has the government's seal of approval now -- the Federal Communications Commission has just officially declared him a reformed man and has decided to allow Mitnick to keep his radio license. http://www.wired.com/news/culture/0,1284,55516,00.html Mitnick hawks notorious laptops http://news.com.com/2100-1040-960540.html?tag=lh ---------------------------------------------------- (FUD of the week. WEN) [4] Pro-Islamic militant hacker groups boost attacks security company says By THE JERUSALEM POST STAFF LONDON Pro-Islamic hacker group Unix Security Guards increased its activity tenfold in September to highlight the Palestinian cause and show solidarity with the Arab world as tensions rise in regard to the US conflict with Iraq, according to computer security firm mi2g. http://www.jpost.com/servlet/Satellite?pagename=JPost/A/JPArticle/ShowFu ll&cid=1033392592857 ---------------------------------------------------- [5] Gartner slams MS security after latest flaw By John Leyden Posted: 02/10/2002 at 18:16 GMT The latest flaw with a major Microsoft product shows Redmond is unlikely to have anything that approximates to secure software until 2004 at the earliest. That's the damning assessment of analysts Gartner in response to a serious, but little publicised, vulnerability with FrontPage Server Extensions that emerged last week. http://www.theregister.co.uk/content/55/27393.html ---------------------------------------------------- [6] A radical rethink of international relations William Pfaff International Herald Tribune, Los Angeles Times Syndicate International Thursday, October 3, 2002 National Security Strategy PARIS The new U.S. National Security Strategy document, issued on Sept. 20, is an implicit American denunciation of the modern state order that has governed international relations since the Westphalian Settlement of 1648. That agreement, which ended the Thirty Years' War, recognized the absolute sovereignty and legal equality of states as the basis of international order. These principles of sovereignty and equality have been generally recognized ever since, if often in the breach. The consensus among governments and jurists has been that without acknowledging national sovereignty as the foundation of law, the world risked anarchic power struggles. The National Security Strategy statement is thus a radical document, whether Condoleezza Rice, reputedly its main author, understands this or not. There was another declaration of this kind, made 154 years ago: the Communist Manifesto. It denounced the existing international order of monarchies and "bourgeois" republics in the name of a new and superior legitimacy, that of the proletariat. It claimed this to be a universal and liberating legitimacy. http://www.iht.com/articles/72506.html ---------------------------------------------------- [7] Professor stresses Net security awareness By DAVID BROOKS, Telegraph staff [EMAIL PROTECTED] The term "cyberterrorism" produces reactions ranging from fear to scorn, but Dartmouth professor Andrew Macpherson thinks the reaction should be more prosaic: Roll up your sleeves and take action. "A lot of people feel it's not that important - what's wrong if a few teenage hackers deface a few Web sites?" Macpherson said in a recent interview. "But awareness is an absolutely critical issue - and that is one of the very positive aspects we've seen in the past year, following 9/11. There's more awareness as a nation, debate and dialogue concerning cyber security." http://www.nashuatelegraph.com/Main.asp?SectionID=27&SubSectionID=357&Ar ticleID=65250 ---------------------------------------------------- [8] Bugbear virus threat increases Bugbear itself has a bug making it easier to spot The Bugbear e-mail virus is still going strong and could have infected hundreds of thousands of computers worldwide. Estimates of the damage the virus has done are difficult to make. One anti-virus firm MessageLabs has reported 60,000 copies so far. http://news.bbc.co.uk/1/hi/technology/2296117.stm ---------------------------------------------------- '... There is too much criticism-with-contempt oozing from the Pentagon, which, unfortunately, has become the voice of America lately. It feels as if America does not have a rounded foreign policy anymore, only a defense policy. I would like to hear more of Secretary of State Colin Powell's voice - a voice that says America is not just about disarming rogues, although it will if it has to, but also about inviting others into America's future. ...' [9] Pentagon contempt is hurting the cause Thomas L. Friedman The New York Times Thursday, October 3, 2002 America's image problem NEW YORK It is hard to believe that just a year ago in the wake of Sept. 11 the French newspaper Le Monde carried the headline "We are all Americans now." What a difference a year makes. Today, I figured, that headline would probably read: "We are all anti-Americans now." So I called Alain Frachon, a senior editor of Le Monde, and asked him how his paper was viewing America today. I was close. He said: "The same columnist who wrote that piece a year ago on 9/11 wrote another one this year on the first anniversary. This year, though, his headline was: 'We are all still Americans - but not every day now.'" http://www.iht.com/articles/72508.html ---------------------------------------------------- [10] Internet rekindles 'Nigerian scam' Fraud complaints on increase in central Illinois By CHRIS DETTRO STAFF WRITER The popularity of the Internet has brought with it a resurgence of a fraud scheme generically known as "advance fee fraud" and more commonly called the "Nigerian scam." Versions of the scheme have circulated since the 1980s, but the Central Illinois Financial and Cybercrime Task Force has recorded a recent increase in central Illinois consumer complaints. "The Nigerian scam is just one example of many," said Jack Fox, resident agent in charge of the Springfield office of the U.S. Secret Service. "There is so much of it now it is just ridiculous. The advent of the cyberworld has kind of rekindled it to like it was in the mid-'80s when it was running big time." http://www.sj-r.com/sections/news/stories/N10022002,h.asp ---------------------------------------------------- [11] New U.S. strategy in Afghanistan: winning hearts and minds The Washington Post The Washington Post Wednesday, October 2, 2002 KABUL The U.S. military campaign against Al Qaeda and Taliban remnants is undergoing a subtle but important shift, relying less on air and ground assaults and more on digging wells, school construction and "stability operations," according to American officials and Western diplomats. The change is most visible in the realm of "civil-military operations," the army's term for humanitarian projects aimed at winning friends in potentially hostile terrain. Such teams operate in 11 villages and cities, a number that is slated to grow to 15, while the number of civil-military affairs specialists - most of them reservists - will rise from 150 last month to 350 by early November, U.S. officers say. http://www.iht.com/articles/72353.html ---------------------------------------------------- [12] Help! MS issues another critical security fix By John Leyden Posted: 03/10/2002 at 13:26 GMT Microsoft has released a patch to fix critical flaws within Windows Help Facility which could enable attackers to execute arbitrary code on a victim's PC. The HTML Help facility in Windows includes an ActiveX control which provides much of its functionality. One of the functions exposed via the control contains an unchecked buffer, Microsoft says, warning that the flaw poses a critical risk for all Windows users. http://www.theregister.co.uk/content/55/27409.html ---------------------------------------------------- [13] Hong Kong news site hacked Thursday, October 3, 2002 Posted: 9:18 AM EDT (1318 GMT) HONG KONG (AP) -- Mainland Chinese who went online Thursday to read a Hong Kong newspaper were redirected by hackers to a Web site full of Falun Gong messages, a newspaper spokesman said. Several mainland readers of Ming Pao newspaper's online edition complained about being sent to the Web site run by the Falun Gong meditation sect, which is outlawed in mainland China as an "evil cult." Kevin Lau, Chief Operating Officer of www.MingPao.com, said the newspaper alerted mainland authorities to the hacking, which targeted servers in China, but the problem was not immediately solved. Ming Pao published an online story about the incident and said it suspected Falun Gong was responsible. "We can't directly do anything about it," Lau told The Associated Press by telephone. http://www.cnn.com/2002/TECH/internet/10/03/china.hack.ap/index.html ---------------------------------------------------- [14] Plan aimed at Iraqi commanders raises doubts By John Diamond, USA TODAY WASHINGTON - Defense and intelligence officials are raising doubts about a classified Pentagon plan to persuade Iraqi commanders to hold back their most lethal weapons in the event of war with the United States. Officials familiar with the psychological operations, or "psyops," plan say its aim is to persuade Iraqi weapons handlers to disobey any order Saddam Hussein issues to launch chemical or biological attacks in the face of a U.S. invasion. Methods would include hacking into Iraqi military computers, dropping leaflets on Iraqi military bases, jamming Iraqi radio and television and substituting signals sent by special U.S. broadcasting aircraft, and contacting key officers through clandestine intermediaries or even e-mail. http://www.usatoday.com/news/washington/2002-09-22-psyop_x.htm ---------------------------------------------------- [15] FBI names 20 most unwanted security flaws By John Leyden Posted: 03/10/2002 at 11:23 GMT The FBI has teamed up with the SANS Institute to draw up a list of the worst 20 security vulnerabilities bedevilling Windows and *Nix systems. http://www.theregister.co.uk/content/55/27407.html ---------------------------------------------------- [16] New P2P network funded by US government 14:28 01 October 02 NewScientist.com news service A team of government-funded US scientists is building a Peer-2-Peer (P2P) network that they say will solve technical problems with existing P2P networks, such as Gnutella and Kazaa, and might even one day supersede the web. The network, dubbed the Infrastructure for Resilient Internet Systems (IRIS), will speed up searches and information transfer over the internet, and aims to foil "Denial of Service" attacks by hackers - in which a web server is swamped with requests for a page until it crashes. http://www.newscientist.com/news/news.jsp?id=ns99992861 ---------------------------------------------------- [17] Quantum cryptography takes to the skies 19:00 02 October 02 NewScientist.com news service Quantum cryptography keys encoded in photons of light have been transmitted more than 23 kilometres through air, British researchers have announced. They say the breakthrough is an important step towards a global communications system that is completely secure. Earlier in 2002 a Swiss company managed to send quantum keys over 60 kilometres. But this was through optical fibres, which limits the technology to ground-based transmission. "Our experiment paves the way for the development of a secure global key-distribution network based on optical links to low-Earth-orbit satellites," says John Rarity, at QinetiQ, the public arm of the UK's defence research agency. http://www.newscientist.com/news/news.jsp?id=ns99992875 ---------------------------------------------------- _____________________________________________________________________ The source material may be copyrighted and all rights are retained by the original author/publisher. Copyright 2002, IWS - The Information Warfare Site _____________________________________________________________________ Wanja Eric Naef Webmaster & Principal Researcher IWS - The Information Warfare Site <http://www.iwar.org.uk> --------------------------------------------------------------------- To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe infocon" in the body To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe infocon" in the body --------------------------------------------------------------------- IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk