_________________________________________________________________ London, Monday, September 23, 2002 _________________________________________________________________
INFOCON News _________________________________________________________________ IWS - The Information Warfare Site http://www.iwar.org.uk _________________________________________________________________ IWS Sponsor IQPC Defence Conference: Information Operations 2002 25-26/09/02 Information Operations 2002: Analysing development in defensive and offensive information operations, critical infrastructure protection, information assurance and perception management. September 25 - 26, 2002. London, UK (Pre-Conference Masterclass: 24th September 2002) Information Operations 2002 Conference Web Site http://www.iqpc-defence.com/GB-1826 _________________________________________________________________ ---------------------------------------------------- [News Index] ---------------------------------------------------- [1] A Cybersecurity Sleeping Pill [2] Cybersecurity plan on the lite side [3] How Uncle Sam wimped out on cybersecurity [4] UK hacker gets 18 months [5] Stamp-Size Plastic Chip Provides New Approach to Cryptography [6] Energy agency says Web info poses threat [7] Want to know how RIAA.org was hacked? [8] (UK) Hacker abuses MSP's e-mail address to send porn images [9] Officials: Netcom ready for launch [10] US tightens ICANN leash [11] Copyright Hurdles Confront Selling of Music on the Internet [12] Online Gaming Illegal (Wink Wink) [13] Chinese programmer arrested in US for e-theft [14] Marines poised for Dell deal [15] Dot-com Era Start-Ups Still Feeling Woes [16] (UK) Joint loyalty card dips into customer data honeypot [17] Smart roads could help homeland _________________________________________________________________ News _________________________________________________________________ [1] A Cybersecurity Sleeping Pill >From a White House given to dramatic warnings of electronic Pearl Harbors comes an incongruously meek national strategy. Did industry lobbyists slip someone a Mickey? By George Smith Sep 23, 2002 For sixty-five pages, a fat lot of nothing. That's the only sensible verdict possible upon scanning Richard Clarke's much-hyped draft of "The National Strategy to Secure Cyberspace." After a huge noise in the media, Clarke and the Bush administration pulled coitus interruptus on its grand September 18 roll out. What was delivered is best described as a muffled, mildly grumbling fart of toothless suggestions for industry and stupidly obvious homilies in government-ese expressing a childishly wishful desire for better national computer security practice. http://online.securityfocus.com/columnists/110 ---------------------------------------------------- [2] Cybersecurity plan on the lite side BY Diane Frank Sept. 23, 2002 The Bush administration's long-awaited plan for protecting the nation's critical computer systems from cyberattacks is too weak because it does not set specific requirements for federal agencies or the private sector to follow, and politics is mostly to blame for the watered-down plan, information technology experts say. http://www.fcw.com/fcw/articles/2002/0923/news-cyber-09-23-02.asp ---------------------------------------------------- [3] How Uncle Sam wimped out on cybersecurity David Coursey, Executive Editor, AnchorDesk Monday, September 23, 2002 I'm a little worried that President Dubya is so busy with an Iraqi maniac who may or may not be a huge threat to us, but seems so little concerned about cybercrime and cyberterrorism, which both present "credible threats" to our critical digital infrastructure right now. I know you hate it when I get political, but what is a National Strategy to Secure Cyberspace if not political? For that matter, because the 64-page document is little more than a request that companies use good data hygiene, does it really qualify as a "strategy"? http://www.zdnet.com/anchordesk/stories/story/0,10738,2881029,00.html ---------------------------------------------------- [4] UK hacker gets 18 months By James Middleton [23-09-2002] Revenge is far from sweet for disgruntled consultant A UK hacker has received an 18-month prison sentence for corporate sabotage. Stephen Carey, a 28-year-old computer engineer from Eastbourne, Sussex, was yesterday sentenced to 18 months by Hove Crown Court for hacking into a firm's database and modifying information. He had been hired by sheet metalwork firm RP Duct Work in April last year to carry out essential maintenance and upgrades on the company's database. But after he botched the job the firm was forced to pay a troubleshooter ?80 per hour to fix the system. http://www.vnunet.com/News/1135240 ---------------------------------------------------- [5] Stamp-Size Plastic Chip Provides New Approach to Cryptography Modern encryption techniques are tested every time someone makes a purchase over the Internet or spends electronic cash stored in smart cards. These strategies rely on so-called one-way functions, which are easy to execute in one direction (for instance, multiplying two prime numbers) but difficult to reverse (factoring a large number into two primes). With ever-increasing computer power and advances in quantum computing, however, such methods may soon become breakable. According to a report published in the current issue of the journal Science, researchers have developed a new approach to cryptography--built around a piece of plastic the size of a stamp--that is hard to crack and nearly impossible to forge. http://www.sciam.com/article.cfm?chanID=sa003&articleID=00053B03-8299-1D8B-B3B98 09EC588EEDF ---------------------------------------------------- [6] Energy agency says Web info poses threat BY William Matthews Sept. 23, 2002 Citing the threat of terrorism, the Federal Energy Regulatory Commission (FERC) is proposing new rules to limit the public's access to information about power plants, pipelines and other components of the energy infrastructure. Only those with "a need to know" will have access to the information, and they might be required to sign an agreement that prohibits them from revealing what they have learned. http://www.fcw.com/fcw/articles/2002/0923/pol-energy-09-23-02.asp ---------------------------------------------------- [7] Want to know how RIAA.org was hacked? By zone-h.org Posted: 09/21/2002 at 04:45 EST Two weeks ago the Recording Industry Association of America website was defaced.Twice. Even more embarrassing, the crackers installed pirate music files on the site for download. But how? zone-h.org, a security site-based in Estonia, has uncovered the elementary mistake in RIAA's robot.txt files which gave the crackers their back door. This is our first exposure to Estonian humour. And we like it. The Register is publishing zone-h's entertaining treatment by permission. Elementary, Watson! American recording industry's mystery is solved It was a cold night and thick lay of fog was covering Connecticut Avenue of DC. Streets around were empty as all the pawns rushed into the only pub that was still opened at the time: the Romeo India Alpha Alpha. Holmes and Watson had been sitting there for a couple of hours discussing all the latest mysteries reported by newspapers. http://www.theregus.com/content/6/26386.html ---------------------------------------------------- [8] Hacker abuses MSP's e-mail address to send porn images MURDO MacLEOD A SENIOR MSP has called in detectives after a computer hacker used her parliamentary e-mail address to send pornographic images over the internet. Fiona Hyslop, one of John Swinney's most senior aides within the party, and the SNP's chief of policy, also found that a hacker had used her name to send junk e-mail offering internet users cheap loans. Hyslop said: "I was extremely concerned to discover my name and parliament e-mail had been used fraudulently. I have made sure that the details have been passed on to the relevant authorities. "I know that contact details of MSPs are widely available and that is meant to help us provide a public service. The parliament was set up to be open and accessible. http://www.scotlandonsunday.com/politics.cfm?id=1053342002 ---------------------------------------------------- [9] Officials: Netcom ready for launch BY Dan Caterinicchia Sept. 20, 2002 With the Oct. 1 launch of the Army's Network Enterprise Technology Command (Netcom) less than two weeks away, service leaders say the pieces are in place to ensure a coordinated implementation. Netcom was established to provide management for the Army's information technology and networks as an enterprise, and officials are working to "ensure that the installations, Army contracting and Netcom implementation are postured for an integrated implementation," said Maj. Gen. James Hylton, commander of the Army Signal Command, who will assume command of Netcom. http://www.fcw.com/fcw/articles/2002/0916/web-army-09-20-02.asp ---------------------------------------------------- [10] US tightens ICANN leash By ComputerWire Posted: 09/23/2002 at 06:01 EST Saying its progress over the four years since its inception has been "disappointing", the US Department of Commerce nevertheless has renewed the powers of the Internet Corp for Assigned Names and Numbers, which coordinates the internet's addressing systems, Kevin Murphy writes. But the one-year renewal of the Memorandum of Understanding that gives ICANN its powers and responsibilities reins in the California non-profit. The DoC is to oversee ICANN more closely, and has made it clear in one case that if a task is not completed on time, ICANN's future will be in jeopardy. http://www.theregus.com/content/6/26391.html ---------------------------------------------------- [11] Copyright Hurdles Confront Selling of Music on the Internet By AMY HARMON When the world's major media companies gave in to the idea of selling music over the Internet, it seemed to herald a sonic paradise, where every song ever recorded would be available to listen to and perhaps download, legally, with a few clicks and a small monthly fee. But for the online services trying to get there - chief among them MusicNet, Pressplay and Listen.com - the road to paradise is proving to be more like an intellectual property labyrinth paved with administrative quicksand. http://www.nytimes.com/2002/09/23/technology/23MUSI.html?ex=1033444800&en=103b48 d5d32ee7d4&ei=5040&partner=MOREOVER ---------------------------------------------------- [12] Online Gaming Illegal (Wink Wink) By Elliot Borin 2:00 a.m. Sep. 23, 2002 PDT Despite the defection of several big-name credit card issuers and a recent Justice Department "advisory" declaring all Internet gambling illegal, many watchers of online casino operations remain convinced the industry is still on a roll. As proof, they cite a federal court decision in Louisiana that could de-fang the Justice Department's virtual bite, Congress' repeated repudiation of such measures as the Internet Gambling Prohibition Act and a successful Nevada ballot initiative directing the state legislature to begin issuing online gambling licenses. (Several Las Vegas casinos now operate online by way of the Isle of Man.) http://www.wired.com/news/politics/0,1283,55202,00.html ---------------------------------------------------- [13] Chinese programmer arrested in US for e-theft A Chinese programmer who works for the state-run China National Petroleum Corp. has been arrested for allegedly trying to steal software used to map underground oil deposits from a Silicon Valley company by the federal authorities. Reuters Saturday, September 21, 2002 SAN FRANCISCO: Chinese national, Shan Yan Ming was arrested Tuesday by the FBI after workers at privately held 3DGeo company, discovered him trying to download an expensive, proprietary software program last week. A California-based company The Mountain View, sells software used in seismic imaging of oil fields. http://www.ciol.com/content/news/repts/102092103.asp ---------------------------------------------------- [14] Marines poised for Dell deal BY Christopher J. Dorobek Sept. 23, 2002 The Marine Corps this week will officially sign a blanket purchase agreement with Dell Computer Corp. that will enable the service to begin replacing its aging information technology infrastructure as it prepares to move to the Navy Marine Corps Intranet. http://www.fcw.com/fcw/articles/2002/0923/web-dell-09-23-02.asp ---------------------------------------------------- [15] Dot-com Era Start-Ups Still Feeling Woes By Michael Chait According to new research released Friday morning, companies that rode in on the "dot-com boom" of the late '90s are still feeling the woes of the "dot-com bust" harder than their associates at more established companies. The new report, issued by VentureOne, showed that venture-backed companies that received initial financing in 1999 and 2000 are going out of business at an accelerated rate, compared to startups initially funded from 1992 to 1998. Twenty-two percent of the 1,842 companies first financed in 1999 have already gone out of business, compared with an average of 15 percent for companies started over the previous seven years. Of the companies initially financed in 2000, 18 percent are already defunct. In all, the amount invested in startups founded since 1999 that are no longer operational totals $15.3 billion. http://siliconvalley.internet.com/news/article.php/1467101 ---------------------------------------------------- [16] Joint loyalty card dips into customer data honeypot Friday 20 September 2002 Some of the biggest players in the loyalty card market have joined forces to improve their use of customer data but industry experts remain sceptical about the benefits they anticipate. Daniel Thomas reports. Last week, Sainsbury's, Barclaycard, Debenhams and BP teamed up to launch a joint loyalty card programme. They expect 50% of UK households to sign up within the first year. The Nectar programme, which officially began on 16 September with a ?40m advertising campaign, will allow UK shoppers to accumulate loyalty points at 1,800 outlets of Sainsbury's, Debenhams and BP and wherever they pay with their Barclaycards. http://www.cw360.com/bin/bladerunner?REQSESS=HM7UY6YC&2149REQEVENT=&CARTI=115874 &CARTT=3&CCAT=1&CCHAN=12&CFLAV=1 ---------------------------------------------------- [17] Smart roads could help homeland BY Megan Lisagor Sept. 23, 2002 Intelligent transportation systems, originally conceived of as a way to reduce traffic congestion in major metropolitan areas, are now being considered for roles in homeland security. Such systems use a range of technologies, including cameras, telecommunications and sensors, to make commuting easier and safer. More than 384 public transit systems nationwide have implemented or are installing some of these devices. http://www.fcw.com/geb/articles/2002/0923/web-its-09-23-02.asp ---------------------------------------------------- _____________________________________________________________________ The source material may be copyrighted and all rights are retained by the original author/publisher. Copyright 2002, IWS - The Information Warfare Site _____________________________________________________________________ Wanja Eric Naef Webmaster & Principal Researcher IWS - The Information Warfare Site <http://www.iwar.org.uk> --------------------------------------------------------------------- To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe infocon" in the body To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe infocon" in the body --------------------------------------------------------------------- IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk