http://www.ocipep.gc.ca/DOB/DOB02-134_e.html
DAILY BRIEF Number: DOB02-134 Date: 29 August 2002 NEWS Consultation on lawful access to telecommunications information The Department of Justice, in collaboration with Industry Canada and the office of the Solicitor General, are examining ways to lawfully access information transmitted through Canadian telecommunications technology. The departments have released a legislative proposal that requires all service providers (wireless, wireline and Internet) to ensure that their systems have the technical capability to provide lawful access to law enforcement and national security agencies. The proposal also addresses the legislative amendments that would be necessary in order to grant selected government agencies the right to effect such access. The purpose of the document is to provide an opportunity for concerned stakeholders to articulate their comments with respect to the proposed update to Canada's lawful access provisions. The proposed legislation would also permit Canada to ratify the Council of Europe's Convention on Cyber-Crime. Comment: The legislative proposal consultation document can be viewed at: http://www.canada.justice.gc.ca/en/cons/la_al/. In 1996, the Canadian Government acquired official observer status at the Council of Europe (a position shared with the United States, Japan, Mexico and the Holy See). Canada assisted in drafting the COE Convention on Cybercrime, which would serve as a group extradition treaty between signatories on matters related to cybercrime. Microsoft revealed critical flaw in windows operating system A flaw in most versions of Microsoft's Windows Operating System could enable a web page, through an extremely complex process, to use ActiveX control in a way that would delete certificates on a user's system. Such certificates are used to hold encryption keys used in e-mail, the encrypted files system (ESS) in certain versions of Windows and in the Secure Socket Layer (SSL) communications protocol used by many e-commerce web sites. The company recommends that all users of Windows (98, Millennium, NT 4.0, 2000 and XP) patch their system immediately. (Source: News.com, 28 August, 2002) Click here for the source article Comment: The Microsoft Security Bulletin MS02-048 can be viewed at: http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS02-0 48.asp U.S. plans limited flight ban on September 11 Although the decision has not been finalized, the U.S. is planning to restrict foreign aircraft from flying into and out of New York and Washington for September 11 and September 12. According to a spokesperson of the Federal Aviation Administration (FAA), the restriction would entail a flight ban within 30 miles of Washington's area airports and similar restrictions to New York's airports. The decision was made by several U.S. agencies including Homeland Security. (Source: FT.com, 29 August, 2003.) Click here for the source article Comment: OCIPEP has no information to indicate that Canadian air transportation will be restricted during 11-12 September 2002. The current U.S. Homeland Security Advisory System nationwide threat level remains unchanged at "Elevated" (Yellow). IN BRIEF Canadian Pacific facing class action suit over toxic spill derailment Following a 112-car train derailment that occurred on 18 January 2002, resulting in a spill of anhydrous ammonia near Minot, South Dakota, Canadian Pacific Railway is now facing a class action suit from affected area residents. The spilled anhydrous ammonia caused a toxic cloud over the city that resulted in pulmonary injuries and affected property value. (Source: CBC News, 28 August, 2002) Click here for the source article Electromagnetic bomb developed The British company Matra Bae Dynamics has developed an electromagnetic pulse bomb for military use that could disable the radio, radar and computer systems on which modern defences depend. The weapon can also bring civil infrastructure to a standstill, closing national electricity grids, stopping telephone, radio and television systems. (Source: The Ottawa Citizen, 26 August 2002) Click here for the source article Innovation in hydrogen fuel production Chemists have found an easier way of creating hydrogen from plant matter. A more economical catalyst, however, remains to be discovered. Mass-produced hydrogen could provide a cheap, clean and practical alternative to fossil fuels. (Source: ananova.com, 29 August 2002) Click here for the source article Comment: Ballard Power Systems has developed zero-emission fuel cells powered by hydrogen. The fuel cells emit only water as the waste by-product. Giant weather balloon will survey ozone-depleting layer A giant weather balloon will be launched Thursday to collect information on the amount of ozone-depleting chemicals in the atmosphere. This is the third experiment of this nature conducted jointly by Environment Canada, the University of Toronto and the Canadian Space Agency. According to the Globe and Mail article, the first craft, launched in 1998, caused some passenger flight disruptions as it drifted over air traffic lanes in North America. (Source: globeandmail.com, 28 August, 2002) Click here for the source article CYBER UPDATES See: What's New for the latest Alerts, Advisories and Information Products Threats Central Command reports on Worm/Toguivi, which is a worm written in Visual Basic. If executed, the worm copies itself in the \windows\%system% directory under the filename "DLL32RUN.EXE" and "PAMELA.EXE" (alternative filenames can be used). These files get written to the root of all accessible drives and any other mapped network drive. http://support.centralcommand.com/cgi-bin/command.cfg/php/enduser/std_adp.php?p_ refno=020828-000005 McAfee Security reports on Reboot-R, which is a Trojan horse written in Visual Basic that shuts down the host machine upon execution and at subsequent Windows startup. It uses a system tool that is only included with Windows XP. http://vil.nai.com/vil/content/v_99657.htm Symantec reports on Backdoor.Kryost, which is a Trojan horse that allows unauthorized access to an infected computer through MSN Messenger. It allows remote execution of files and the opening and closing of the CD-ROM drive and it attempts to delete anti-virus software files. http://securityresponse.symantec.com/avcenter/venc/data/backdoor.kryost.html Symantec reports on Backdoor.Laphex, which is a Trojan horse that allows unauthorized access to the infected computer. Depending on the default settings inside the Trojan, it can open any port on the compromised computer. http://securityresponse.symantec.com/avcenter/venc/data/backdoor.laphex.html Trend Micro reports on WORM_ELITOR.A, which is a Win32 worm that propagates via MSN Messenger. It creates a copy of itself at this path: C:\WINDOWS\SYSTEM\britney spears naked.jpg.exe. http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_ELITOR.A Vulnerabilities Omnicron OmniHTTPD (multiple versions) HTML injection and cross-site scripting vulnerabilities (SecurityFocus). http://online.securityfocus.com/bid/5572/discussion/ http://online.securityfocus.com/bid/5568/discussion/ Patches: Updated packages are now available for Mandrake Linux xinetd (SecurityFocus). http://online.securityfocus.com/advisories/4426 Updated packages are now available for Debian GNU/Linux gaim (SecurityFocus). http://online.securityfocus.com/advisories/4424 Tools Arp-sk 0.0.13 is an ARP packet generator for Unix designed to illustrate ARP protocol flaws and applications such as ARP cache poisoning and MAC spoofing. http://www.arp-sk.org/ CONTACT US For additions to, or removals from the distribution list for this product, or to report a change in contact information, please send to: Email: [EMAIL PROTECTED] For urgent matters or to report any incidents, please contact OCIPEP’s Emergency Operations Centre at: Phone: (613) 991-7000 Fax: (613) 996-0995 Secure Fax: (613) 991-7094 Email: [EMAIL PROTECTED] For general information, please contact OCIPEP’s Communications Division at: Phone: (613) 991-7035 or 1-800-830-3118 Fax: (613) 998-9589 Email: [EMAIL PROTECTED] Web Site: www.ocipep-bpiepc.gc.ca Disclaimer The information in the OCIPEP Daily Brief has been drawn from a variety of external sources. Although OCIPEP makes reasonable efforts to ensure the accuracy, currency and reliability of the content, OCIPEP does not offer any guarantee in that regard. The links provided are solely for the convenience of OCIPEP Daily Brief users. OCIPEP is not responsible for the information found through these links. IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk