_________________________________________________________________

                      London, Thursday, November 07, 2002
    _________________________________________________________________

                                INFOCON News
    _________________________________________________________________

                            IWS - The Information Warfare Site
                                    http://www.iwar.org.uk

    _________________________________________________________________


---------------------------------------------------------------------

To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe
infocon" in the body

To unsubscribe - send an email to "[EMAIL PROTECTED]" with
"unsubscribe
infocon" in the body

---------------------------------------------------------------------

    _________________________________________________________________

    
          ----------------------------------------------------
                              [News Index]
          ----------------------------------------------------

[1] Hackers may get U.S. funds to fight China's Web curbs
[2] Stage Set for Homeland Act  
[3] U.S., Reacting to Pentagon Spy Case, Expels 4 Cuban Envoys
[4] UK workers in the dark over IT security 
[5] Testing the limits of biometrics

[6] Officials worried about ability to inform public of terrorism
[7] Mitnick's 'Lost Chapter' Found  
[8] Action: Virtual Sit-In Against the WTO
[9] Australians warned over e-biz virus threat
[10] Math whiz cracks encryption code

[11] MS ruling leaked through security blunder
[12] Russian firm warns of Roron virus
[13] OMB seeks security at the start
[14] Tool sought to ID data links
[15] Think tanks think about post dotcom future

[16] Complete Snort-based IDS Architecture, Part One
[17] Shipyards, depots unable to calculate cost of Navy intranet

    _________________________________________________________________

                                News
    _________________________________________________________________


[1] Hackers may get U.S. funds to fight China's Web curbs 
  
By Murray Hiebert
THE WALL STREET JOURNAL 
 
Nov. 7 - If some lawmakers in the U.S. get their way, freedom-promoting
computer hackers soon may receive a bucketful of money to battle China's
Internet-censoring police.

http://www.msnbc.com/news/831383.asp 

         ----------------------------------------------------

[2] Stage Set for Homeland Act  

By Ryan Singel  |   

09:00 AM Nov. 06, 2002 PT

As Congress prepares to reconvene in a lame-duck session after Tuesday's
election, one of the largest pieces of legislation on the Senate's
agenda is the controversial and deadlocked Homeland Security Act, which
the House passed Sept. 9. 

A little-known amendment in the Senate version of the bill makes it much
easier for ISPs to disclose e-mail communications without being served
with a warrant, which had been prohibited before the Patriot Act of
2001.

http://www.wired.com/news/privacy/0,1848,56234,00.html

         ----------------------------------------------------

[3] U.S., Reacting to Pentagon Spy Case, Expels 4 Cuban Envoys
By TIM GOLDEN

The Bush administration has ordered the expulsion of two Cuban diplomats
from Washington and has moved to expel two others at the United Nations
for what American officials described yesterday as serious espionage
activities against the United States.

State Department officials called the action against the two envoys in
Washington retaliation for the case of Ana B. Montes, a senior Pentagon
intelligence analyst who pleaded guilty earlier this year to spying for
Fidel Castro's government.

http://www.nytimes.com/2002/11/07/international/americas/07CUBA.html?ex=
1037336400&en=d342247e51d5bb78&ei=5040&partner=MOREOVER

         ----------------------------------------------------

[4] UK workers in the dark over IT security
By Rachel Fielding [07-11-2002]
Formal training remains dangerously inadequate
 
  
Companies are leaving themselves open to security breaches because their
IT security training is woefully inadequate, new research has revealed. 
Three-quarters of staff in the UK admit that they have never received
any formal training from their employer on how to use the internet and
email at work in a way that minimises network security problems.

http://www.pcw.co.uk/News/1136635 

         ----------------------------------------------------

[5] Testing the limits of biometrics
BY Dibya Sarkar 
Nov. 6, 2002 

Biometric technologies have expanded greatly in the past decade and
especially following the attacks of Sept. 11. With recently enacted
federal statutes and many more bills promoting their use, the market
could reach $2 billion in revenues in four years. 

But there are few judicial developments regarding collection of
biometric identifiers, even as public policy debates have swelled over
their use and their potential to invade people's privacy.

http://www.fcw.com/geb/articles/2002/1104/web-bio-11-06-02.asp 

         ----------------------------------------------------

[6] Officials worried about ability to inform public of terrorism
By Teri Rucker, National Journal's Technology Daily

The preparation for another terrorist attack or other wide-scale
disaster should include having a plan to ensure that the public has the
information it needs to make life-and-death decisions and that the
information is disseminated should networks go down, members of an FCC
panel said Wednesday, but thus far the plans are in the nascent stages.

Virtually everyone on the agency's Media Security and Reliability
Council, including those from the White House Office of Homeland
Security, agreed that the United States will be hit by another terrorist
attack. But most of the council's working groups will not submit final
proposals on protecting the nation's broadcast and multichannel
video-program distribution systems for a year.

"Time is not on our side," said William Baker, president of
Thirteen/WNET in New York. He urged the council to create a list of
interim steps and best practices that will help people get access to the
information they will need.

http://www.govexec.com/dailyfed/01102/110602td1.htm 

         ----------------------------------------------------

[7] Mitnick's 'Lost Chapter' Found  

By Michelle Delio 02:00 AM Nov. 05, 2002 PT

A missing chapter from hacker Kevin Mitnick's recent book has been
published on the Internet. 

The chapter was originally slated to be the first chapter in Mitnick's
new book, The Art of Deception, but was not included in the published
version of the book. 

Chapter One appeared only in about 300 unbound galley copies that
publishing company Wiley distributed to the media several months before
releasing the book, according to a Wiley spokeswoman. 

http://www.wired.com/news/culture/0,1284,56187,00.html 

The chapter:
http://littlegreenguy.fateback.com/chapter1/Chapter%201%20-%20Banned%20E
dition.doc

         ----------------------------------------------------

[8] Action: Virtual Sit-In Against the WTO 
Tuesday, November 05, 2002 - 04:10 PM CST
    
An Action Against the WTO at next round of WTO talks
in Sydney, Australia on November 14, 2002 is being conducted by the
toy-soldiers group. 

http://thehacktivist.com/modules.php?op=modload&name=News&file=article&s
id=50&mode=thread&order=0&thold=0 

http://toy-soldiers.5er.com/ 

         ----------------------------------------------------

[9] Australians warned over e-biz virus threat

By James Pearce, ZDNet Australia
06 November 2002
    
Companies and individuals worldwide face a significantly higher risk of
computer virus infection from retail and leisure companies than other
sectors, a new report has found. 

The ratios of e-mails infected with viruses to other e-mails in the
retail and leisure industries globally are more than one in 50,
according to a report from managed e-mail security company MessageLabs.
By contrast, accounting and legal companies have the lowest proportion,
with less than one in 350 e-mails infected with viruses. 

http://www.zdnet.com.au/newstech/security/story/0,2000024985,20269688,00
.htm

         ----------------------------------------------------

[10] Math whiz cracks encryption code 
 
Certicom challenge has been running since 1997 
  
OTTAWA, Nov. 6 - And you thought you had tough math homework?Consider
the work that went into cracking a secret code developed by
Toronto-based Certicom Corp., which makes wireless encryption software.
It took the power of 10,000 computers running around the clock for 549
days, coupled with the brain power of a mathematician at Indiana's
University of Notre Dame, to complete one of the world's largest single
math computations.

http://www.msnbc.com/news/831549.asp 

         ----------------------------------------------------

[11] MS ruling leaked through security blunder
09:25 Tuesday 5th November 2002
Patrick Gray, ZDNet Australia   

Judge Colleen Kollar-Kotelly's ruling on the Microsoft anti-trust trial
leaked onto the Web two hours before the official release 
A security specialist is highly critical of apparent procedural
inadequacies which saw the long-awaited judgment in the Microsoft
anti-trust case posted online almost two hours before its official
release. Stephen Martin, a senior security consultant with SMS
Management Technology in Melbourne, said whoever posted the information
online before its planned release time was severely underestimating the
risk that it would be located early.

http://news.zdnet.co.uk/story/0,,t269-s2125336,00.html

         ----------------------------------------------------

[12] Russian firm warns of Roron virus 

By Robert Lemos 
Staff Writer, CNET News.com
November 6, 2002, 3:07 PM PT

A Russian antivirus company on Wednesday warned that a new virus could
help hackers gain control of home computers, but other security
companies downplayed the threat. 
Kaspersky Labs has named the virus, or worm, Roron, and it is known as
Oror.B by several other companies. The new computer virus can spread
through e-mail messages, shared hard drives and the Kazaa file-sharing
network, Kaspersky Labs spokesman Denis Zemkin said. 

"We see that this worm is particularly dangerous for home users," Zemkin
said. "Corporate customers are already aware of the danger of
attachments," and are unlikely to open the file containing the program. 

http://news.com.com/2100-1001-964809.html?tag=lh 

         ----------------------------------------------------

[13] OMB seeks security at the start
BY Diane Frank 
Nov. 6, 2002 

Despite improvements in information security management, enough gaps
remain for the Office of Management and Budget to ask industry to help
federal agencies shore up budget requests that are likely to be turned
back because of inadequate security provisions.

Speaking Nov. 5 at the Industry Advisory Council's Executive Leadership
Conference in Hershey, Pa., Mark Forman, the nation's e-government
chief, called on vendors to help agencies plan and design IT projects
that include security from the start.

http://www.fcw.com/fcw/articles/2002/1104/web-gisra-11-06-02.asp

         ----------------------------------------------------

[14] Tool sought to ID data links 
BY Diane Frank 
Nov. 6, 2002 

The Office of Homeland Security is evaluating technologies that could
help tie together information held by different agencies, and eventually
other levels of government and the private sector, without violating
legal or privacy barriers.

The office is working with research and development groups within
federal agencies, industry and academia to look at technical tools that
could identify the links among data held by separate sources, finding
the "nonobvious relationships" and areas where potential leads need to
be investigated by analysts, said Steve Cooper, senior director for
information integration and chief information officer at the Office of
Homeland Security.

http://www.fcw.com/fcw/articles/2002/1104/web-home-11-06-02.asp 

         ----------------------------------------------------

[15] Think tanks think about post dotcom future
By Tim Richardson
Posted: 07/11/2002 at 08:04 GMT

The hangover associated with the end of the dotcom party should not
overshadow the huge social and economic potential made possible by
digital technologies. 

That's just one of the issues due to be discussed at a conference today
in London as four think-tanks comes together to try and map a post
dotcom path for the digital economy. 

Demos, the Forum for the Future, the Institute for Public Policy
research (IPPR)and iSociety at the Work Foundation will be joined by
ecommerce minister Stephen Timms and Martha Lane Fox of Lastminute.com
at the event.

http://www.theregister.co.uk/content/6/27982.html 

         ----------------------------------------------------

[16] Complete Snort-based IDS Architecture, Part One 
by Anton Chuvakin, Ph.D. and Vladislav V. Myasnyankin 
last updated November 6, 2002 

Introduction 

Intrusion detection systems (IDS) are one of the fastest growing
technologies within the security space. Unfortunately, many companies
find it hard to justify acquiring IDS systems due to their perceived
high cost of ownership (for example see Justifying the Expense of IDS by
Kevin Timm and David Kinn). However, not all IDS systems are
prohibitively expensive. This two-part article will provide a set of
detailed directions to build an affordable intrusion detection
architecture from hardware and freely available software. This
discussion will avoid the classic "build or buy" debate and instead
focus on building the system at a minimum cost. 

Building often provides a definite cost advantage, especially for
companies that are unsure about the long-term necessity of the IDS.
Building it cheaply allows one to evaluate the technology with very
little investment and without necessarily possessing sophisticated
network security skills. That said, it is reasonable to expect that
maintaining and tuning the IDS will require relatively advanced security
knowledge. 

http://online.securityfocus.com/infocus/1640

         ----------------------------------------------------

[17] Shipyards, depots unable to calculate cost of Navy intranet
By Amelia Gruber

Shipyards and air depots are having a hard time estimating the cost of
implementing the Navy's multibillion dollar intranet, according to a new
General Accounting Office report.

Officials have not decided who will pay for various transitional costs,
and "as a result, the shipyards' and depots' ability to effectively plan
and budget is being impaired," the report said (GAO-03-33). GAO based
its study on conversations with officials at six capital-funded
facilities from March to August. Capital-funded means that the
facilities recover their costs through fees charged to customers.

The Navy-Marine Corps Intranet (NMCI) is a massive project designed to
increase and streamline information sharing among the roughly 300 Navy
and Marine Corps bases in the United States, Puerto Rico, Cuba, Guam,
Iceland and Japan. The internal network is also intended to protect
sensitive information from cyberattacks.

http://www.govexec.com/dailyfed/1102/110602a1.htm

         ----------------------------------------------------



_____________________________________________________________________

The source material may be copyrighted and all rights are
retained by the original author/publisher.

Copyright 2002, IWS - The Information Warfare Site
_____________________________________________________________________

Wanja Eric Naef
Webmaster & Principal Researcher
IWS - The Information Warfare Site
<http://www.iwar.org.uk>

---------------------------------------------------------------------

To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe
infocon" in the body

To unsubscribe - send an email to "[EMAIL PROTECTED]" with
"unsubscribe
infocon" in the body

---------------------------------------------------------------------




IWS INFOCON Mailing List
@ IWS - The Information Warfare Site
http://www.iwar.org.uk


Reply via email to