_________________________________________________________________
London, Thursday, December 19, 2002
_________________________________________________________________
INFOCON News
_________________________________________________________________
IWS - The Information Warfare Site
http://www.iwar.org.uk
_________________________________________________________________
---------------------------------------------------------------------
To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe
infocon" in the body
To unsubscribe - send an email to "[EMAIL PROTECTED]" with
"unsubscribe infocon" in the body
---------------------------------------------------------------------
_________________________________________________________________
----------------------------------------------------
[News Index]
----------------------------------------------------
[1] Senator calls for federal job cuts to pay for homeland security
[2] House leaders discuss oversight of Homeland Security Department
[3] Transit agencies seek federal guidance on counterterror technology
[4] Agencies seek stronger controls on trade in dual-use technologies
[5] Cities Say No to Federal Snooping
[6] Sysadmin accused of Paine Webber computer sabotage
[7] Beware the Latest MP3 Worms
[8] Australian Govt 'safe list' snubs Microsoft
[9] Snooping in All the Wrong Places
[10] Police can't access terrorist watch lists
[11] White House will not support Pentagon's disinformation plan
[12] Software, Security, and Ethnicity
[13] One Man's Info War on al-Qaida
[14] OPM progressing on e-clearances
[15] States bypass rural Internet obstacles
[16] US e-gov spending to soar
[17] SSH flaws sighted
[18] Macromedia Flash Crash
[19] Evaluating Network Intrusion Detection Signatures, Part Three
_________________________________________________________________
CURRENT THREAT LEVELS
_________________________________________________________________
Electricity Sector Physical: Elevated (Yellow)
Electricity Sector Cyber: Elevated (Yellow)
Homeland Security Elevated (Yellow)
DOE Security Condition: 3, modified
NRC Security Level: III (Yellow) (3 of 5)
_________________________________________________________________
News
_________________________________________________________________
[1] Senator calls for federal job cuts to pay for homeland security
By Jason Peckenpaugh
Sen. John Edwards, D-N.C., Wednesday reiterated his call for eliminating
10 percent of all federal jobs that are not related to national
security-about 97,000 government jobs in all.
The job cuts would free up money to fund homeland security and help
restore fiscal discipline, Edwards said in a speech to the Brookings
Institution, a liberal Washington think-tank.
Edwards, a possible Democratic presidential candidate in 2004, first
urged reducing the federal workforce in a Nov. 12 speech to a conference
sponsored by Fortune magazine. In that speech, he criticized the Bush
administration for adding federal jobs and called for a 10 percent cut
in the federal workforce except at the Defense and Homeland Security
departments.
http://www.govexec.com/dailyfed/1202/121802p1.htm
----------------------------------------------------
[2] House leaders discuss oversight of Homeland Security Department
By Mark Wegner, CongressDaily
House Republican leaders this week began to consider the
jurisdictionally thorny issue of congressional oversight for the new
Homeland Security Department.
Incoming House Majority Leader Tom DeLay, R-Texas, confirmed Tuesday
that Republican leaders during meetings Monday and Tuesday began to
discuss their oversight options. DeLay said he wants to smooth the
transition to the new department for Office of Homeland Security
Director Tom Ridge, the White House's choice to head the department.
"We have to see how things progress in the executive branch," DeLay
said. "We need to be as helpful as we can."
http://www.govexec.com/dailyfed/1202/121802cd3.htm
----------------------------------------------------
[3] Transit agencies seek federal guidance on counterterror technology
>From National Journal's Technology Daily
State and local transit agencies say they need more guidance from the
federal government in acquiring counterterrorism technologies, according
to a General Accounting Office report released Wednesday.
Officials from one agency, for example, told GAO that they have been
"bombarded" by vendors selling security technologies since Sept. 11,
2001, but they have been unsure about the quality and usefulness of
those products and whether they soon might be rendered obsolete.
In the report (GAO-03-263) Federal Transit Administration officials told
GAO they are developing a secure Web site to share more security-related
"best practices" with transit agencies. FTA also is funding a
mass-transit information sharing and analysis center that will
disseminate intelligence information to transit agencies.
GAO also noted that FTA's Office of Technology has requested about $4.2
million for safety and security technologies in fiscal 2003. That would
be a 272 percent increase over fiscal 2002 spending of $1.1 million.
http://www.govexec.com/dailyfed/1202/121802td2.htm
----------------------------------------------------
[4] Agencies seek stronger controls on trade in dual-use technologies
By William New, National Journal's Technology Daily
In the Bush administration's effort to attack the rising problem of
sensitive products falling into the wrong hands through trade,
technology cuts two ways.
"Technologies with sensitive military applications frequently have
legitimate commercial applications as well," John Schlosser, director of
the Office of Export Control Cooperation at the State Department's
Bureau of Nonproliferation, said in a speech last week in Bangkok,
Thailand. "Weapons proliferators know this and cleverly mask their
acquisitions as innocent business transactions to deceive government
officials and legitimate businesses."
Several agencies in the administration are working to convince countries
that have the world's biggest shipping hubs and are located near
terrorist activity to adopt stronger export controls. The United States
controls its exports of military items and commercial items with
potential military uses, known as dual-use items, by restricting which
countries can receive the items.
http://www.govexec.com/dailyfed/1202/121802td1.htm
----------------------------------------------------
[5] Cities Say No to Federal Snooping
By Julia Scheeres |
02:00 AM Dec. 19, 2002 PT
Fearing that the Patriot Act will curtail Americans' civil rights,
municipalities across the country are passing resolutions to repudiate
the legislation and protect their residents from a perceived abuse of
authority by the federal government.
On Tuesday, Oakland became the 20th municipality to pass a resolution
barring its employees -- from police officer to librarian -- from
collaborating with federal officials who may try to use their new power
to investigate city residents.
http://www.wired.com/news/politics/0,1283,56922,00.html
----------------------------------------------------
[6] Sysadmin accused of Paine Webber computer sabotage
By John Leyden
Posted: 18/12/2002 at 18:00 GMT
A former sysadmin with UBS PaineWebber was indicted yesterday on federal
charges of trying to manipulate the stock price of the brokerage's
parent company by crippling its computer network.
Roger Duronio, 60, allegedly sent a logic bomb to over 1,000 PCs used by
Painewebber brokers in hopes of disrupting operations to such an extent
that the stock price of parent company UBS fell.
He invested more than $21,000 in put options and stood to make a fortune
if UBS share price fell dramatically, prosecutors allege.
http://www.theregister.co.uk/content/55/28630.html
http://www.vnunet.com/News/1137678
http://zdnet.com.com/2100-1106-978386.html
----------------------------------------------------
[7] Beware the Latest MP3 Worms
By Michelle Delio
04:30 PM Dec. 18, 2002 PT
Music file swappers may unknowingly be sharing their computers as well
as their favorite tunes.
Two new security vulnerabilities, disclosed late Wednesday, allow an
attacker to completely take over a computer system by using malicious
music files.
http://www.wired.com/news/technology/0,1282,56924,00.html
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
ity/bulletin/MS02-072.asp
----------------------------------------------------
[8] Australian Govt 'safe list' snubs Microsoft
By James Pearce, ZDNet Australia
17 December 2002
Microsoft's products have been left off a list compiled by the Defence
Signals Directorate that aims to evaluate and advise whether software is
appropriate for use by Australian Government agencies.
The Defence Signals Directorate Evaluated Product List (DSD EPL)
provides a listing of products that have been deemed appropriate for use
within the Australian Government for the protection of non-national
security electronic information, according to the Directorate.
http://www.zdnet.com.au/newstech/security/story/0,2000024985,20270727,00
.htm
----------------------------------------------------
[9] Snooping in All the Wrong Places
Not only would the Administration's plan to centralize every American's
records destroy privacy, the security payoff would be minimal
The 2002 elections proved one thing: The promise of security wins votes.
The GOP campaigned on a pledge to make the country safer, and it brought
home one of the biggest midterm victories in decades. That huge win may
have emboldened the Bush Administration to ignore widespread criticism
of the Defense Dept.'s $240 million effort to develop a Total
Information Awareness system (TIA).
http://www.businessweek.com/technology/content/dec2002/tc20021218_8515.h
tm
----------------------------------------------------
[10] Police can't access terrorist watch lists
By Susan M. Menke
GCN Staff
Local and state police "operate in a virtual intelligence vacuum"
without access to State Department terrorist watch lists, according to a
report last month from the Council on Foreign Relations Inc. of New
York.
Former U.S. senators Gary Hart and Warren B. Rudman chaired the
high-profile task force that produced the report, posted at
www.cfr.org/publication.php?id=5099. Among their findings:
http://www.gcn.com/21_34/security/20617-1.html
----------------------------------------------------
[11] White House will not support Pentagon's disinformation plan
Eric Schmitt NYT
Wednesday, December 18, 2002
WASHINGTON The White House has distanced itself from a Pentagon
directive that would authorize the military to carry out covert
operations to influence public opinion and policy-makers in friendly and
neutral countries.
The White House spokesman, Ari Fleischer, acknowledged Monday that there
had been widespread recognition throughout the Bush administration that
the United States had to work harder "in better communicating America's
message of hope and opportunity."
But Fleischer told reporters they should not presume that the Pentagon's
idea had advanced very far and cautioned that President George W. Bush
would not approve of anything that involved lying.
http://www.iht.com/articles/80665.html
----------------------------------------------------
[12] Software, Security, and Ethnicity
By Alex Salkever, Business Week Dec 18 2002 7:40AM
The 2,000-mile distance from the stark high desert of Los Alamos, N.M.,
to the high-tech office parks of Boston's suburbs appears to have
shrunken dramatically in the past two weeks. I'm referring to the cases
of Wen Ho Lee and Oussama Ziade. Both represent the federal government's
fears that moles could work their way into the U.S. and achieve
positions of trust that they later use to harm national interests.
Whether Ziade is in fact such a mole seems unlikely, but expect the
scenario playing out in Quincy, Mass., where his company, Ptech, is
based, to be often repeated as the war on radical Islamic terrorists
ramps up.
The connection between Lee and Ziade? Call it the ghost of Christmas
past. On Dec. 23, 1998, Lee, then a computer scientist at Los Alamos
National Laboratory, failed a polygraph test. He had been working on
semisecret nuclear weapons programs, and the lie-detector results
sparked FBI concerns that China had used Lee to steal sensitive U.S.
bomb plans. The scientist's eight-month incarceration left a noxious
taste in the mouths of thousands of U.S.-based researchers of Chinese
nationality or Chinese descent who had to take polygraph tests at the
U.S. government's behest. Lee walked free in the end, but the specter of
electronic espioniage by foreign nations and terrorist groups has loomed
large ever since.
http://online.securityfocus.com/news/1868
----------------------------------------------------
[13] One Man's Info War on al-Qaida
By Brian McWilliams |
02:00 AM Dec. 18, 2002 PT
In a case that shows both the risks and rewards of vigilante tactics, an
American man has hijacked two Web addresses apparently used by al-Qaida
to laud terrorist attacks.
The domains, jehad.net and jehadonline.org, are now in the control of a
manager for a large Minnesota financial services firm. The man said he
wrested control of the domains from their owners after reading on Dec. 8
that al-Qaida used jehad.net to claim responsibility for recent attacks
on an Israeli airliner and a hotel in Kenya.
"I believe in free speech, but it upsets me to see people using this
great medium for such evil purposes," said the man, who asked not to be
identified but said he was willing to cooperate with U.S. investigators.
http://www.wired.com/news/conflict/0,2100,56896,00.html
----------------------------------------------------
[14] OPM progressing on e-clearances
BY Colleen O'Hara
Dec. 18, 2002
The Office of Personnel Management is making progress on speeding up the
time it takes federal employees to receive security clearances.
OPM is the lead agency on the e-Clearance program - one of the
president's 24 e-government initiatives. The goal is to move from a
paper-based system to an electronic clearance system, but it has to
happen one step at a time, said John Crandell, e-Clearance project
manager at OPM.
http://www.fcw.com/fcw/articles/2002/1216/web-opm-12-18-02.asp
----------------------------------------------------
[15] States bypass rural Internet obstacles
BY Dibya Sarkar
Dec. 19, 2002
Although the number of Internet users in rural areas has been increasing
steadily, barriers still hinder broadband deployment - namely high cost,
low demand, a lack of awareness and infrastructure, and low return on
investment.
Several state governments have taken different approaches to overcoming
such roadblocks, including offering tax incentives, low-interest loans
and grants, as well as allowing local public-sector entities to enter
the broadband business itself.
http://www.fcw.com/geb/articles/2002/1216/web-rural-12-19-02.asp
----------------------------------------------------
[16] US e-gov spending to soar
By ComputerWire
Posted: 19/12/2002 at 10:32 GMT
President George Bush signed the US E-Government Act of 2002 into law on
Tuesday, potentially helping unlock Federal spending that could amount
to $5bn a year by 2007.
In a statement, Bush said the act is designed to set "strong leadership"
of the government's information technology activities, including a
comprehensive framework for security and uniform standards to protect
the confidentiality of information provided by the public.
http://www.theregister.co.uk/content/6/28638.html
----------------------------------------------------
[17] SSH flaws sighted
By John Leyden
Posted: 18/12/2002 at 15:44 GMT
Secure shell (SSH) protocol implementations from several vendors are
subject to a number of potentially serious security flaws, security
clearing house CERT warned earlier this week.
Read further down the noticeand you'll see that most major system
vendors - and OpenSSH - are immune, but there's some work ahead for
users of SSH implementations for Pragma Systems, F-Secure and others.
http://www.theregister.co.uk/content/55/28628.html
----------------------------------------------------
[18] Macromedia Flash Crash
By John Leyden
Posted: 19/12/2002 at 12:30 GMT
A buffer overrun flaw in Macromedia Flash can be used to inject
malicious code into target systems.
Potential attackers could try to persuade victims to download
maliciously altered versions of Macromedia Flash movies (SWF) but
there's still a risk there as crackers are hardly adverse to disguising
Trojan code as prOn download or Warez. Unusually, the vulnerability
affects users of multiple operating systems (Windows, Unix, Mac) who use
Macromedia's application.
http://www.theregister.co.uk/content/55/28645.html
----------------------------------------------------
[19] Evaluating Network Intrusion Detection Signatures, Part Three
by Karen Kent
last updated December 18, 2002
In this three-part series of articles, we are presenting recommendations
that will help readers to evaluate the quality of network intrusion
detection (NID) signatures, either through hands-on testing or through
careful consideration of third-party product reviews and comparisons.
The first installment discussed some of the basics of evaluating NID
signature quality, as well as selecting attacks to be used in testing.
The second installment concluded the discussion of criteria for choosing
attacks and provided recommendations for generating attacks and creating
a good testing environment. This article will wrap up the series by
examining other ways of generating attacks with other security-related
tools and by manually creating your own attacks.
http://online.securityfocus.com/infocus/1651
----------------------------------------------------
_____________________________________________________________________
The source material may be copyrighted and all rights are
retained by the original author/publisher.
Copyright 2002, IWS - The Information Warfare Site
_____________________________________________________________________
------------------------------------------------------------------------
'Information is the currency of victory on the battlefield.'
GEN Gordon Sullivan, CSA (1993)
------------------------------------------------------------------------
Wanja Eric Naef
Principal Researcher
IWS - The Information Warfare Site
http://www.iwar.org.uk
------------------------------------------------------------------------
Join the IWS Infocon Mailing List @
http://www.iwar.org.uk/general/mailinglist.htm
------------------------------------------------------------------------
To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe
infocon" in the body
To unsubscribe - send an email to "[EMAIL PROTECTED]" with
"unsubscribe infocon" in the body
---------------------------------------------------------------------
IWS INFOCON Mailing List
@ IWS - The Information Warfare Site
http://www.iwar.org.uk
