http://www.ocipep.gc.ca/DOB/DOB02-134_e.html

DAILY BRIEF Number: DOB02-134 Date: 29 August 2002

NEWS

Consultation on lawful access to telecommunications information
The Department of Justice, in collaboration with Industry Canada and the office
of the Solicitor General, are examining ways to lawfully access information
transmitted through Canadian telecommunications technology. The departments have
released a legislative proposal that requires all service providers (wireless,
wireline and Internet) to ensure that their systems have the technical
capability to provide lawful access to law enforcement and national security
agencies. The proposal also addresses the legislative amendments that would be
necessary in order to grant selected government agencies the right to effect
such access. The purpose of the document is to provide an opportunity for
concerned stakeholders to articulate their comments with respect to the proposed
update to Canada's lawful access provisions. The proposed legislation would also
permit Canada to ratify the Council of Europe's Convention on Cyber-Crime.

Comment: The legislative proposal consultation document can be viewed at:
http://www.canada.justice.gc.ca/en/cons/la_al/. In 1996, the Canadian Government
acquired official observer status at the Council of Europe (a position shared
with the United States, Japan, Mexico and the Holy See). Canada assisted in
drafting the COE Convention on Cybercrime, which would serve as a group
extradition treaty between signatories on matters related to cybercrime.

Microsoft revealed critical flaw in windows operating system
A flaw in most versions of Microsoft's Windows Operating System could enable a
web page, through an extremely complex process, to use ActiveX control in a way
that would delete certificates on a user's system. Such certificates are used to
hold encryption keys used in e-mail, the encrypted files system (ESS) in certain
versions of Windows and in the Secure Socket Layer (SSL) communications protocol
used by many e-commerce web sites. The company recommends that all users of
Windows (98, Millennium, NT 4.0, 2000 and XP) patch their system immediately.
(Source: News.com, 28 August, 2002)
Click here for the source article


Comment: The Microsoft Security Bulletin MS02-048 can be viewed at:
http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS02-0
48.asp

U.S. plans limited flight ban on September 11
Although the decision has not been finalized, the U.S. is planning to restrict
foreign aircraft from flying into and out of New York and Washington for
September 11 and September 12. According to a spokesperson of the Federal
Aviation Administration (FAA), the restriction would entail a flight ban within
30 miles of Washington's area airports and similar restrictions to New York's
airports. The decision was made by several U.S. agencies including Homeland
Security. (Source: FT.com, 29 August, 2003.)
Click here for the source article

Comment: OCIPEP has no information to indicate that Canadian air transportation
will be restricted during 11-12 September 2002. The current U.S. Homeland
Security Advisory System nationwide threat level remains unchanged at "Elevated"
(Yellow).


IN BRIEF

Canadian Pacific facing class action suit over toxic spill derailment
Following a 112-car train derailment that occurred on 18 January 2002, resulting
in a spill of anhydrous ammonia near Minot, South Dakota, Canadian Pacific
Railway is now facing a class action suit from affected area residents. The
spilled anhydrous ammonia caused a toxic cloud over the city that resulted in
pulmonary injuries and affected property value. (Source: CBC News, 28 August,
2002)
Click here for the source article


Electromagnetic bomb developed
The British company Matra Bae Dynamics has developed an electromagnetic pulse
bomb for military use that could disable the radio, radar and computer systems
on which modern defences depend. The weapon can also bring civil infrastructure
to a standstill, closing national electricity grids, stopping telephone, radio
and television systems. (Source: The Ottawa Citizen, 26 August 2002)
Click here for the source article


Innovation in hydrogen fuel production
Chemists have found an easier way of creating hydrogen from plant matter. A more
economical catalyst, however, remains to be discovered. Mass-produced hydrogen
could provide a cheap, clean and practical alternative to fossil fuels. (Source:
ananova.com, 29 August 2002)
Click here for the source article


Comment: Ballard Power Systems has developed zero-emission fuel cells powered by
hydrogen. The fuel cells emit only water as the waste by-product.

Giant weather balloon will survey ozone-depleting layer
A giant weather balloon will be launched Thursday to collect information on the
amount of ozone-depleting chemicals in the atmosphere. This is the third
experiment of this nature conducted jointly by Environment Canada, the
University of Toronto and the Canadian Space Agency. According to the Globe and
Mail article, the first craft, launched in 1998, caused some passenger flight
disruptions as it drifted over air traffic lanes in North America. (Source:
globeandmail.com, 28 August, 2002)
Click here for the source article

CYBER UPDATES
See: What's New for the latest Alerts, Advisories and Information Products

Threats

Central Command reports on Worm/Toguivi, which is a worm written in Visual
Basic. If executed, the worm copies itself in the \windows\%system% directory
under the filename "DLL32RUN.EXE" and "PAMELA.EXE" (alternative filenames can be
used). These files get written to the root of all accessible drives and any
other mapped network drive.
http://support.centralcommand.com/cgi-bin/command.cfg/php/enduser/std_adp.php?p_
refno=020828-000005


McAfee Security reports on Reboot-R, which is a Trojan horse written in Visual
Basic that shuts down the host machine upon execution and at subsequent Windows
startup. It uses a system tool that is only included with Windows XP.
http://vil.nai.com/vil/content/v_99657.htm


Symantec reports on Backdoor.Kryost, which is a Trojan horse that allows
unauthorized access to an infected computer through MSN Messenger. It allows
remote execution of files and the opening and closing of the CD-ROM drive and it
attempts to delete anti-virus software files.
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.kryost.html


Symantec reports on Backdoor.Laphex, which is a Trojan horse that allows
unauthorized access to the infected computer. Depending on the default settings
inside the Trojan, it can open any port on the compromised computer.
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.laphex.html


Trend Micro reports on WORM_ELITOR.A, which is a Win32 worm that propagates via
MSN Messenger. It creates a copy of itself at this path:
C:\WINDOWS\SYSTEM\britney spears naked.jpg.exe.
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_ELITOR.A

Vulnerabilities

Omnicron OmniHTTPD (multiple versions) HTML injection and cross-site scripting
vulnerabilities (SecurityFocus).
http://online.securityfocus.com/bid/5572/discussion/
http://online.securityfocus.com/bid/5568/discussion/

Patches:

Updated packages are now available for Mandrake Linux xinetd (SecurityFocus).
http://online.securityfocus.com/advisories/4426


Updated packages are now available for Debian GNU/Linux gaim (SecurityFocus).
http://online.securityfocus.com/advisories/4424

Tools

Arp-sk 0.0.13 is an ARP packet generator for Unix designed to illustrate ARP
protocol flaws and applications such as ARP cache poisoning and MAC spoofing.
http://www.arp-sk.org/

CONTACT US

For additions to, or removals from the distribution list for this product, or to
report a change in contact information, please send to:
Email: [EMAIL PROTECTED]

For urgent matters or to report any incidents, please contact OCIPEPís Emergency
Operations Centre at:

Phone: (613) 991-7000
Fax: (613) 996-0995
Secure Fax: (613) 991-7094
Email: [EMAIL PROTECTED]

For general information, please contact OCIPEPís Communications Division at:

Phone: (613) 991-7035 or 1-800-830-3118
Fax: (613) 998-9589
Email: [EMAIL PROTECTED]
Web Site: www.ocipep-bpiepc.gc.ca

Disclaimer
The information in the OCIPEP Daily Brief has been drawn from a variety of
external sources. Although OCIPEP makes reasonable efforts to ensure the
accuracy, currency and reliability of the content, OCIPEP does not offer any
guarantee in that regard. The links provided are solely for the convenience of
OCIPEP Daily Brief users. OCIPEP is not responsible for the information found
through these links.







IWS INFOCON Mailing List
@ IWS - The Information Warfare Site
http://www.iwar.org.uk


Reply via email to