-----Original Message----- From: Wanja Eric Naef [IWS] [mailto:[EMAIL PROTECTED]] Sent: 04 July 2002 12:14 To: Infocon Subject: News 07/04/02 & Happy Independence Day _________________________________________________________________ London, Thursday, July 04, 2002 _________________________________________________________________ INFOCON News _________________________________________________________________ IWS - The Information Warfare Site http://www.iwar.org.uk _________________________________________________________________ IWS Sponsor National Center for Manufacturing Sciences http://www.ncms.org host of the InfraGard Manufacturing Industry Association http://trust.ncms.org _________________________________________________________________ ---------------------------------------------------- [News Index] ---------------------------------------------------- [1] Appropriators criticize Bush's homeland security plan [2] White House crafting homeland security technology plan [3] EU delves further into .NET Passport [4] Much remains to be done on U.S. security, analysts say [5] Religious sect hacks Chinese TV [6] Technology: INS launches Web site to track international students [7] Wi-Fi Users: Chalk This Way [8] United States, European Union to sign agreement on exchanging personal data on terror suspects [9] Japan targets mobile phone spammers [10] INTERNET SECURITY: Denial Of Service Attack On Pakistan [11] Cyberwar is Hell [12] Zimmermann calls for NAI to free PGP [13] Hacker drops DVD piracy case appeal [14] Bug puts Unix servers in a BIND [15] Twenty Don'ts for ASP Developers [16] One of These Things is not Like the Others: The State of Anomaly Detection [17] British ID cards to revolutionise crime _________________________________________________________________ News _________________________________________________________________ [1] Appropriators criticize Bush's homeland security plan By Charlie Mitchell, CongressDaily Senate appropriators, weighing in on President Bush's proposal to create a Homeland Security Department, Tuesday sharply criticized language in the plan that would allow the department's secretary to shift funds among programs without congressional approval. "The proposal by the president provides the new secretary with extraordinary powers, powers that potentially could tip the delicate balance of constitutional powers between the legislative and executive branches of government," Senate Appropriations Committee Chairman Robert Byrd, D-W.Va., and ranking member Ted Stevens, R- Alaska, said in a letter to Governmental Affairs Committee Chairman Joseph Lieberman, D-Conn. Lieberman's committee has solicited advice from other Senate panels as it crafts an amendment to implement Bush's homeland security proposal. "These are powers that even the secretary of Defense and the secretary of State do not currently have, nor should they have," Byrd and Stevens wrote. http://www.govexec.com/dailyfed/0702/070202cd1.htm ---------------------------------------------------- [2] White House crafting homeland security technology plan By Shane Harris The White House is writing a massive blueprint, known as an information technology architecture, to integrate the computer systems of all of the agencies that would be moved into the new Homeland Security Department under Bush administration plans. The Office of Homeland Security, the Office of Management and Budget and the agencies slated to move into the new department are preparing a "communication document" to explain to federal, state and local officials, as well as to private companies, how the plan will work, said Steve Cooper, the chief information officer at the Office of Homeland Security, in an interview with Government Executive. The new department's architecture will mirror the overall federal enterprise architecture, designed by the Chief Information Officers Council in 1999 as "a road map for the federal government in achieving better alignment of technology solutions with business mission needs." http://www.govexec.com/dailyfed/0702/070102h1.htm ---------------------------------------------------- [3] EU delves further into .NET Passport By ComputerWire Posted: 07/04/2002 at 04:58 EST European Union (EU) regulators are not satisfied that Microsoft Corp's .NET Passport complies with data protection law. Regulators have said that while Microsoft has put in place measures to address data protection, elements of .NET Passport require further consideration. http://www.theregus.com/content/6/25492.html ---------------------------------------------------- [4] Much remains to be done on U.S. security, analysts say Progress is encouraging, they say, but many areas still vulnerable to terror By Susan Baer Sun National Staff Originally published July 1, 2002 WASHINGTON - In the months since the Sept. 11 attacks, new security measures have been put in place not only at airports, but also at border crossings, ports, and nuclear power and water supply plants. Emergency room staffs are rehearsing responses to bioterrorism. Immigration laws are being tightened. From Caribou, Maine, to San Diego, people are looking at their mail with a more suspicious eye. http://www.sunspot.net/news/bal-te.homeland01jul01.story ---------------------------------------------------- [5] Religious sect hacks Chinese TV By Chris Lee in Melbourne [01-07-2002] Falun Gong hijacks satellite channels Chinese religious sect Falun Gong successfully hijacked satellite TV broadcasts to homes in the Shandong province last week. Viewers were surprised to find a banner reading 'Falun Gong is good' beamed across their screens during prime time on Tuesday. At the same time, people in Beijing complained of picking up their phones and hearing a five-minute recorded message from Falun Gong attacking the Chinese regime's attempts to silence the group. http://www.vnunet.com/News/1133117 ---------------------------------------------------- [What is the US going to do with the rest of students who might study nuclear physics in other countries? Also there are privacy implications as it does not look like the web site is going to be very secure. Furthermore, this will not stop terrorism as terrorists will just find another loophole of which there are many. WEN] [6] Technology: INS launches Web site to track international students Copyright C 2002 AP Online Special Report: America Responds SEVIS By CHRISTOPHER NEWTON, Associated Press WASHINGTON (July 2, 2002 6:41 p.m. EDT) - The Immigration and Naturalization Service has launched the Internet Web site that the nation's universities will soon use to register foreign students - the first step in the government's plan to track the movements of all those with temporary visas, according to INS officials. Schools that have received INS permission to accept foreign students for three years can begin using the Web site system immediately, the agency announced Tuesday. http://www.nandotimes.com/technology/story/454363p-3636328c.html ---------------------------------------------------- [7] Wi-Fi Users: Chalk This Way By Paul Boutin P. Boutin. Enlarge image The double-curve symbol of warchalking. 2:00 a.m. July 3, 2002 PDT SAN FRANCISCO -- No, it's not the Burning Man logo. The iconic sign in a storefront window along downtown San Francisco's busy Folsom Street is there to alert passersby to the presence of an available 802.11b wireless network. Its double-curve symbol is one of the few physical manifestations of this year's fastest-spreading tech fad: warchalking. http://www.wired.com/news/wireless/0,1382,53638,00.html ---------------------------------------------------- [8] United States, European Union to sign agreement on exchanging personal data on terror suspects The Associated Press 7/3/02 3:48 PM COPENHAGEN, Denmark (AP) -- The European Union is expected to reach an agreement with the United States later this year to exchange personal data on terror suspects, Denmark's justice minister said Wednesday. The 15-nation bloc and the United States agreed after the Sept. 11 terrorist attacks to beef up anti-terrorist cooperation with a deal on sharing more information. But the agreement stopped short of U.S. desires to include personal data on suspects. http://www.nj.com/newsflash/international/index.ssf?/cgi-free/getstory_ssf.cgi?a 0669_BC_Attacks-EU&&news&newsflash-international ---------------------------------------------------- [9] Japan targets mobile phone spammers The Japanese government has moved to crack down on mobile phone spam.It has passed new legislation targeting unscrupulous advertisers. From this week senders must include a special identifying character in the subject line of each ad message. Leading operator NTT DoCoMo has responded by promising to allow users to block all mails bearing the asterisk-like symbol. http://www.ananova.com/news/story/sm_620193.html?menu=news.technology ---------------------------------------------------- [10] INTERNET SECURITY: Denial Of Service Attack On Pakistan 02 Jul 2002 03:03 GMT Indian hackers attack A widespread Internet worm has launched an attack on the Pakistan Government's website and is encouraging Indian hackers and virus writers to join forces and attack Pakistan, according to security software and services firm Sophos. The W32/Yaha-E worm highlights the current political tensions between India and Pakistan by attempting a rudimentary denial of service attack the Pakistani Government's website. It also creates a file on infected computers, exhorting others to join the fight against the Pakistanis. http://www.content-wire.com/FreshPicks/Index.cfm?ccs=86&cs=2000 ---------------------------------------------------- [11] Cyberwar is Hell The campaign against cyber terrorism has at least one thing in common with genuine conflicts... wartime profiteers. By George Smith Jul 01, 2002 Cyberwar is Hell! But it's never too hellish for feverish salesmanship. Take, for example, McAfee's recent botched attempt to sell the public on the merits of the fiendish "JPEG virus" said to be hanging over beloved digital stockpiles of family photos and Swedish pornography like the sword of Damocles. http://online.securityfocus.com/columnists/92 ---------------------------------------------------- [12] Zimmermann calls for NAI to free PGP By John Leyden Posted: 03/07/2002 at 12:10 GMT Phil Zimmermann is calling on Network Associates to open source portions of the PGP encryption program he sold to the security giant in 1997. The suggestion from the author of PGP comes as NAI continues to search for a buyer for the popular desktop encryption program, having decided to cease development work on the product as part of its reorganisation last year. http://www.theregister.co.uk/content/55/26021.html ---------------------------------------------------- [13] Hacker drops DVD piracy case appeal 7/4/02 1:42 AM Source: Reuters SAN FRANCISCO (Reuters) - The publisher of a hacker Web site will not appeal a ruling that prohibits the posting of links to software that unlocks digital copyright protections on DVDs, lawywers say. Both the New York District Court and the 2nd Circuit Court of Appeals have ruled that Eric Corley and his 2600 Magazine Web site violated the 1998 Digital Millennium Copyright Act, which was enacted to protect intellectual property rights from digital piracy. http://news.cnet.com/investor/news/newsitem/0-9900-1028-20118349-0.html?tag=ats ---------------------------------------------------- [14] Bug puts Unix servers in a BIND By John Leyden Posted: 02/07/2002 at 17:45 GMT Security watchers are warning that a security flaw affecting Domain Name System servers running Unix could prove difficult to fix. A buffer overflow vulnerability in DNS Resolver Library represents a serious risk to many Unix system using the BIND or BSD resolver libraries, CERT warned last week. http://www.theregister.co.uk/content/55/26002.html ---------------------------------------------------- [15] Twenty Don'ts for ASP Developers by Mark Burnett last updated July 3, 2002 Firewalls block hackers from directly connecting to your network shares. Windows administrators keep their systems up-to-date with the latest software patches to thwart worms such as Nimda and Code Red. And user passwords are stronger than ever. But are we secure yet? While the situation is much better than it was just a couple years ago, many companies are still quite vulnerable to a number of attacks. Blocking ports and installing patches has not stopped hackers, it has just forced them to find new ways to break in. And chances are, the first place they are going to look is your Web application. http://online.securityfocus.com/infocus/1603 ---------------------------------------------------- [16] One of These Things is not Like the Others: The State of Anomaly Detection by Matthew Tanase last updated July 1, 2002 Introduction "To some, our observations can be summarized succinctly as "bugs happen". That certainly is not news. But dismissing our results so cavalierly misses the point. Yes, bugs happen. But bugs can be fixed -if they are detected. The Internet is, as a whole, working remarkably well. Huge software packages (i.e., X11R5) can be distributed electronically. Connections span the globe. But the very success of the Internet makes some bugs invisible." - Steven Bellovin [1] http://online.securityfocus.com/infocus/1600 ---------------------------------------------------- [17] British ID cards to revolutionise crime By John Leyden Posted: 03/07/2002 at 16:09 GMT Home Secretary David Blunkett announced the start of a six month consultation in Parliament today on plans by the government to introduce "entitlement cards" (that's ID cards to you and me). Lobby group Privacy International reckons the proposal for a national identity card has little to do with the government's stated objectives of reducing the threat of crime, terrorism and illegal immigration. Its real purpose is part of a broader objective outlined in the Cabinet Office report "Privacy & Data Sharing" to create a new administrative basis for the linkage of government databases and information systems. http://www.theregister.co.uk/content/55/26029.html ---------------------------------------------------- _____________________________________________________________________ The source material may be copyrighted and all rights are retained by the original author/publisher. Copyright 2002, IWS - The Information Warfare Site _____________________________________________________________________ Wanja Eric Naef Webmaster & Principal Researcher IWS - The Information Warfare Site <http://www.iwar.org.uk> --------------------------------------------------------------------- To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe infocon" in the body To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe infocon" in the body --------------------------------------------------------------------- IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk