_________________________________________________________________
London, Tuesday, May 28, 2002
_________________________________________________________________
INFOCON News
_________________________________________________________________
IWS - The Information Warfare Site
http://www.iwar.org.uk
_________________________________________________________________
IWS Sponsor
National Center for Manufacturing Sciences
http://www.ncms.org
host of the
InfraGard Manufacturing Industry Association
http://trust.ncms.org
_________________________________________________________________
----------------------------------------------------
[News Index]
----------------------------------------------------
[1] Webbed, Wired and Worried
[2] Anti-virus evals waste precious resources
[3] Chinese crackers prepare for cyber war
[4] Aussies surf to top of web crime list
[5] Excel hole opens PCs to hackers
[6] Klez-H is the worst virus ever - official
[7] Security researchers warn of worm blitzkriegs
[8] An Education in Hacking
[9] (UK) Time for openness over online fraud
[10] Internet Gambling May Become Legal in Canada
[11] Security Hole Strip Tease
[12] Opera vuln gives up local files
[13] E-gov security gateway in works
[14] Music industry sues Napster-like Internet firm, Audiogalaxy
[15] Dot-com stigma fails to turn off UK businesses
[16] Hackers go wireless with greatest of ease
[17] US plan to strike enemy with Valium
_________________________________________________________________
News
_________________________________________________________________
[1] Webbed, Wired and Worried
By THOMAS L. FRIEDMAN
Ever since I learned that Mohamed Atta made his reservation for Sept. 11
using his laptop and the American Airlines Web site, and that several of his
colleagues used Travelocity.com, I've been wondering how the entrepreneurs
of Silicon Valley were looking at the 9/11 tragedy - whether it was giving
them any pause about the wired world they've been building and the
assumptions they are building it upon.
In a recent visit to Stanford University and Silicon Valley, I had a chance
to pose these questions to techies. I found at least some of their
libertarian, technology-will-solve-everything cockiness was gone. I found a
much keener awareness that the unique web of technologies Silicon Valley was
building before 9/11 - from the Internet to powerful encryption software -
can be incredible force multipliers for individuals and small groups to do
both good and evil. And I found an acknowledgment that all those
technologies had been built with a high degree of trust as to how they would
be used, and that that trust had been shaken. In its place is a greater
appreciation that high-tech companies aren't just threatened by their
competitors - but also by some of their users.
http://www.nytimes.com/2002/05/26/opinion/26FRIE.html
----------------------------------------------------
[2] Anti-virus evals waste precious resources
By George Smith, SecurityFocus Online
Posted: 27/05/2002 at 15:10 GMT
In 1991, essayist Paul Fussell wrote, "The current United States can be
defined as an immense accumulation of not terribly acute or attentive people
obliged to operate a uniquely complex technology, which, all other things
being equal, always wins."
http://www.theregister.co.uk/content/55/25454.html
----------------------------------------------------
[Rubbish, rubbish, rubbish. A journalist who likes to call an event
where some teenagers played around and did some cybergraffiti 'Cyberwar'???
I wonder if he were to write an article about some kids who did some
graffiti in Wimbledon. I guess the title would be 'Wimbledon
graffiti artists prepare for war'. It is interesting to see
that journalists in such articles never mention any Chinese
IW thinkers (like Shen Weiguang, Wang Pufeng, Dai Quingmin, ...) or
mention the Echeng Reserve IW organisation, .... But I guess that
would require some serious journalism (i.e. someone who checks his
facts first). WEN]
[3] Chinese crackers prepare for cyber war
By Nick Farrell [24-05-2002]
Students may launch attacks on vital western systems
Chinese hackers could be readying themselves to launch a cyber attack on key
western computer systems.
The Institute for Strategic Studies, run by the US Army War College, has
released a classified report warning the Defense Department, US diplomats
and law enforcement agencies to be on the look out for Chinese student
hacking attacks some time this summer.
The Institute believes that the attacks will try to spread computer viruses
and deface sensitive government websites.
http://www.vnunet.com/News/1132068
----------------------------------------------------
[4] Aussies surf to top of web crime list
By Nick Farrell [27-05-2002]
Cyber crime down under 'worse than the US'
Australia is suffering a cyber crime wave which makes it a bigger per-capita
sufferer of hack attacks than the US, according to a recent survey.
The annual Australian Computer Crime and Security Survey, funded by the New
South Wales Police, the Australian Computer Emergency Response Team and
Deloitte Touche, shows that more than 67 per cent of companies were hacked
last year.
http://www.vnunet.com/News/1132138
----------------------------------------------------
[5] Excel hole opens PCs to hackers
16:01 Monday 27th May 2002
Matt Loney
Specially formed XML stylesheets can be used to fool PCs running Microsoft's
latest spreadsheet application into executing rogue code
A security hole in Microsoft Excel XP spreadsheet application could allow
hackers to take over a user's PC by using specially formed XML stylesheets.
http://news.zdnet.co.uk/story/0,,t272-s2110945,00.html
----------------------------------------------------
[It is just another dumb worm. Worms would have an
enormous potential to create havoc, but luckly the worm/virus
writers do not manage to achieve it yet. WEN]
[6] Klez-H is the worst virus ever - official
By John Leyden
Posted: 27/05/2002 at 17:26 GMT
Klez-H is the worst virus ever, according to figures from managed services
firm MessageLabs, which has blocked 775,000 copies of the pathogen since it
first appeared on April 15. Klez-H overtakes the infamous SirCam worm.
MessageLabs is blocking 20,000 Klez-H infected emails per day. The virus
accounts for one in 300 of the emails it scans.
http://www.theregister.co.uk/content/55/25461.html
----------------------------------------------------
[7] Security researchers warn of worm blitzkriegs
By John Leyden
Posted: 05/27/2002 at 09:55 EST
Security researchers are warning of the availability of more powerful virus
writing techniques, which call for a more co-ordinated approach to combat
next generation worms.
In a paper, How to 0wn the Internet in Your Spare Time, Stuart Staniford of
Silicon Defense, Vern Paxson of the ICSI centre for internet research and
Nicholas Weaver of University of California Berkeley, argue the ability of
attackers to rapidly gain control of vast numbers of Internet hosts poses
grave security risks. They suggest surreptitious worms, which spread more
slowly but are much harder to detect, "could arguably subvert upwards of
10,000,000 Internet hosts".
http://www.theregus.com/content/55/25055.html
----------------------------------------------------
[8] An Education in Hacking
At Dan Clements' Fraud Museum, businesses can see how online scamsters
operate. It's all very informative -- maybe too much so
Netrepreneur Dan Clements is a museum curator, only you won't find him
working at the Met or the Louvre. Rather, Clements is the CEO of
CardCops.com, an online credit-card fraud-prevention site. In February,
2001, Clements and CardCops opened the cyberdoors of their own online Fraud
Museum, which contains what Clements judges to be most egregious examples of
crime in the annals of hackerdom.
http://www.businessweek.com/technology/content/may2002/tc20020528_8754.htm
----------------------------------------------------
[9] Time for openness over online fraud
Admitting you have a problem - it's the first step...
The British Chambers of Commerce has decided to tackle the difficult subject
of cybercrime.
This plucky guardian of UK trade has acknowledged there is a problem which
could seriously affect the success of UK business at home and abroad.
So the BCC has launched a massive awareness campaign urging any company to
step forward if its IT security has been breached.
http://www.silicon.com/bin/bladerunner?30REQEVENT=&REQAUTH=21046&14001REQSUB
=REQINT1=53343
----------------------------------------------------
[10] Internet Gambling May Become Legal in Canada
By Earl
The government in Ottawa is considering the efforts of Liberal MP Dennis
Mills (Toronto-Danforth) that would make Canada one of the first western
countries to legalize online gambling. Mills stunned hundreds of people at
the Global Interactive Gaming Summit, an international e-gaming convention
here, by suggesting that "legislation could come as early as this fall,"
reports the National Post.
http://www.onlinecasinonews.com/ocn/article/article.asp?id=1381
----------------------------------------------------
[11] Security Hole Strip Tease
By letting the public catch a tantalizing peek at unannounced security
holes, one prolific bug-finder turns up the heat on vendors to close them.
By Tim Mullen May 27, 2002
The success of "SQLSpida," the worm that targets MS-SQL servers set upon the
Net with a blank "SA" password, is testament to how badly basic security
education is still needed.
As always, I place primary blame on the administrators of these
boxes-leaving the SA password blank on any installation is a rookie move. To
do so on a production machine placed on the Internet is just plain stupid.
You have probably guessed that my use of "primary" infers a secondary party
in responsibility; and indeed it does: Microsoft.
http://online.securityfocus.com/columnists/84
----------------------------------------------------
[12] Opera vuln gives up local files
By Thomas C Greene in Washington
Posted: 27/05/2002 at 16:10 GMT
A vulnerability in Opera 6.01 and 6.02 for Windows allows a malicious Web
site to grab any file off a client's local drive with ease, GreyMagic
Software has discovered. That's the bad news. The good news is that affects
only Windows, and it's fixed in version 6.03 which is now available for
download. Version 6.0 is not affected.
http://www.theregister.co.uk/content/55/25459.html
----------------------------------------------------
[13] E-gov security gateway in works
BY Diane Frank
May 27, 2002
The General Services Administration this fall plans to take bids on the
development of one of the linchpins of the Bush administration's vision for
e-government: a security gateway that would provide a single point at which
users can sign on to access services that require passwords or other means
of authentication.
http://www.fcw.com/fcw/articles/2002/0527/news-egov-05-27-02.asp
----------------------------------------------------
[14] Music industry sues Napster-like Internet firm, Audiogalaxy
LOS ANGELES (AP) - The recording and music publishing industries extended
their legal pursuit of online music swapping firms Friday, suing Audiogalaxy
for copyright infringement.
The Recording Industry Association of America and the National Music
Publishers Association accused the Austin, Texas, firm of ``willfully and
intentionally'' encouraging and facilitating millions of users to copy and
distribute copyright work of artists, ranging from Dave Mathews and Celine
Dion to Alicia Keyes and the Beatles.
http://www.siliconvalley.com/mld/siliconvalley/news/3336947.htm
----------------------------------------------------
[15] Dot-com stigma fails to turn off UK businesses
Battle-hardened SMEs keep the online faith...
The UK's small and medium size enterprises (SMEs) still see ecommerce as
important to their business strategy despite the dot-com crash.
A study from web services firm Genuity found that 32 per cent of SMEs are
planning to increase their web budgets during this year and 98 per cent have
a website in place for marketing or sales purposes.
http://www.silicon.com/bin/bladerunner?30REQEVENT=&REQAUTH=21046&14001REQSUB
=REQINT1=53486
----------------------------------------------------
[16] Hackers go wireless with greatest of ease
by Joy Russell Perez
Monday, May 27, 2002
As the number of reported computer hacking incidents more than doubled to
over 52,000 last year, a new technology was opening doors to illegal data
spies: wireless access.
Experts say many company executives are not doing enough to protect their
organizations from losing sensitive data, such as payroll, strategic plans
or even employee Social Security numbers and customer credit card numbers.
http://www.businesstoday.com/business/technology/tech05272002.htm
----------------------------------------------------
[17] US plan to strike enemy with Valium
Pentagon scientists aim for future battlefield victories with the aid of
tranquillising drugs and GM bugs
Antony Barnett, public affairs editor
Sunday May 26, 2002
The Observer
American military chiefs are developing plans to use Valium as a potential
weapon against enemy forces and to control hostile populations, according to
official documents seen by The Observer.
The Pentagon has also asked scientists to evaluate proposals to use
genetically modified bugs that 'eat' the enemy's fuel and ammunition
supplies without harming humans.
http://www.observer.co.uk/international/story/0,6903,722395,00.html
----------------------------------------------------
_____________________________________________________________________
The source material may be copyrighted and all rights are
retained by the original author/publisher.
Copyright 2002, IWS - The Information Warfare Site
_____________________________________________________________________
Wanja Eric Naef
Webmaster & Principal Researcher
IWS - The Information Warfare Site
<http://www.iwar.org.uk>
---------------------------------------------------------------------
To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe
infocon" in the body
To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe
infocon" in the body
---------------------------------------------------------------------
IWS INFOCON Mailing List
@ IWS - The Information Warfare Site
http://www.iwar.org.uk
