_________________________________________________________________
London, Wednesday, November 13, 2002
_________________________________________________________________
INFOCON News
_________________________________________________________________
IWS - The Information Warfare Site
http://www.iwar.org.uk
_________________________________________________________________
---------------------------------------------------------------------
To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe
infocon" in the body
To unsubscribe - send an email to "[EMAIL PROTECTED]" with
"unsubscribe infocon" in the body
---------------------------------------------------------------------
_________________________________________________________________
----------------------------------------------------
[News Index]
----------------------------------------------------
[1] Brit Accused of Hacking Pentagon
[2] President Bush Pushes for Homeland Security Department
[3] Bush wins on homeland security bill
[4] Comment: An ally in the fight for safer IT
[5] Purported Bin Laden Tape Lauds Bali, Moscow Attacks
[6] Incident underscores need for space access
[7] House OKs $903M for Cyber Security Research
[8] E-tailers opt for Early Warning system
[9] ICANN ponders new top level domains
[10] Hackers could be planning major attack, says White House
[11] BIND vulnerable, upgrade now
[12] U.S. Hopes to Check Computers Globally
[13] Drawing up Homeland 'interstate'
[14] UK) Text scam warning for consumers
[15] Supreme Court agrees to review challenge of filtering software at
libraries
[16] Net pirates poach Harry Potter film
[17] The next big Internet flop
[18] Computer Hacker May Bust Breeders Cup
[19] Oracle in buffer overflow brown alert
_________________________________________________________________
News
_________________________________________________________________
(I am curious whether they will be able to extradite him or whether they
will have to try him in the UK which they do not want as they remember
well the Rome Lab Case with Kujii & Datastream Cowboy (whilst Kujii (the
brain) pleaded guilty to 12 hacking offences, he ended up payinga fine
of only 1200 pounds. In comparison to that the attacks cost the US Air
Force $211,722 (excluding investigation costs). At least this time it
was not a teenager which makes it kind of interesting. WEN)
------
US attorney, Paul McNulty issued a warning for those contemplating
similar action.
"You are not invisible. You cannot act anonymously on the Internet," he
said.
"If you hack us, we will find you, we will prosecute you and we will
send you to prison."
------
[1] Brit Accused of Hacking Pentagon
By Associated Press Page 1 of 1
11:45 AM Nov. 12, 2002 PT
WASHINGTON -- Federal authorities on Tuesday accused a British computer
administrator of hacking into 92 computer networks operated by the U.S.
military and NASA, including one break-in that shut down systems at a
Navy facility in New Jersey immediately after the Sept. 11, 2001
attacks.
Authorities said two of the computer systems were at the Pentagon. The
intrusions also made inoperable the network that serves the military
district for Washington, officials said.
Authorities disclosed indictments in northern Virginia and New Jersey
against Gary McKinnon, 36, of the Hornsey section of London. He was
indicted on eight counts of computer-related crimes, including break-ins
at six private companies.
http://www.wired.com/news/politics/0,1283,56332,00.html
Briton Is Indicted in 92 Hacker Cases
http://www.nytimes.com/2002/11/13/national/13HACK.html?ex=1037854800&en=
8d0d1452aa6ef0de&ei=5040&partner=MOREOVER
US seeks hacker's extradition
http://www.itv.com/news/World1285785.html
British man 'hacked into US military computers'
http://news.independent.co.uk/digital/news/story.jsp?story=351657
US seeks extradition of Briton accused of hacking into military
computers
http://www.guardian.co.uk/online/netnews/story/0,12582,838856,00.html
Briton sought for Pentagon 'hacking'
http://www.telegraph.co.uk/news/main.jhtml;$sessionid$ZIHOSAE11VDAJQFIQM
FCFGGAVCBQYIV0?xml=/news/2002/11/13/whack13.xml&sSheet=/news/2002/11/13/
ixworld.html
UK 'hacker' wanted by US
http://news.bbc.co.uk/1/hi/world/americas/2456403.stm
U.S. charges U.K. hacker did $900,000 in damage
http://www.miami.com/mld/miamiherald/news/world/4504080.htm
US seeks extradition of British hacker
http://www.abc.net.au/news/scitech/2002/11/item20021113185357_1.htm
British man charged in military hacks
http://www.msnbc.com/news/833723.asp
----------------------------------------------------
[2] President Bush Pushes for Homeland Security Department
Remarks by the President at District of Columbia Metropolitan Police
Operations Center
District of Columbia Metropolitan Police Operations Center
Washington, D.C.
10:24 A.M. EST
THE PRESIDENT: Thank you all. Please be seated. Thanks a lot. I want you
to note, the Mayor said I made him a senior advisor. (Laughter.) Mr.
Mayor, you're doing a great job for the city of Washington, D.C. I'm
honored that I'm living in your neighborhood. And as I told a lot of the
folks who I had the honor of meeting just a while ago at the Emergency
Operations Center, I feel safe living here. And so does my family. And
so do a lot of families, thanks to the dedication and hard work of
people on the front line of making sure that this city is buttoned up,
dealing with the threats we face.
http://www.whitehouse.gov/news/releases/2002/11/20021112-1.html
----------------------------------------------------
[3] Bush wins on homeland security bill
By Joseph Curl and Audrey Hudson
THE WASHINGTON TIMES
President Bush, capitalizing on the Republicans' historic victory in
last week's congressional elections, yesterday won the battle with the
Democrat-controlled Senate over his plan to create a Department of
Homeland Security.
Senate Democrats led by John B. Breaux of Louisiana and Ben Nelson of
Nebraska signed off on a White House-backed proposal, which is expected
to pass overwhelmingly in the House and Senate, where it has been bogged
down for weeks.
http://www.washtimes.com/national/20021113-14803141.htm
----------------------------------------------------
[4] Comment: An ally in the fight for safer IT
Mark Street, IT Week [08-11-2002]
The narrow emphasis on return on investment (ROI) to justify spending is
getting to be extremely counterproductive.
This approach discourages risk-taking, because it is hard to make
financial forecasts for projects that have uncertainty attached to them.
It is little wonder that most IT directors are loath to champion new,
potentially business-transforming initiatives given the fact that they
will shoulder most of the blame if things go wrong.
http://www.vnunet.com/Analysis/1136696
----------------------------------------------------
(I would be really surprised if he were dead as then he would have been
a martyr and there would have been a media blitz in some extremist
circle.
To see how difficult it is to hunt someone down just read Mark Bowden
book 'Killing Pablo'. WEN)
[5] Purported Bin Laden Tape Lauds Bali, Moscow Attacks
A voice attributed to Osama bin Laden praises recent attacks on Western
targets. (File Photo/AP)
By Rajiv Chandrasekaran
Washington Post Foreign Service
Wednesday, November 13, 2002; Page A01
CAIRO, Nov. 12 -- An audiotape recording attributed to Osama bin Laden,
the fugitive al Qaeda leader, extolled the recent attacks in Bali and
Moscow in a bellicose statement that, if authentic, would be the
clearest indication in almost a year that bin Laden is alive and
determined to pursue his Islamic war on the United States.
http://www.washingtonpost.com/wp-dyn/articles/A45816-2002Nov12.html
----------------------------------------------------
[6] Incident underscores need for space access
by Tech. Sgt. Scott Elliott
Air Force Print News
11/12/02 - WASHINGTON -- The Air Force's senior space official said a
rocket test failure has sounded a warning and underscores the need to
apply the resources necessary for assure access to space.
The RL-10, designed by Pratt & Whitney in 1958, is an upper-stage engine
used in Centaur and Atlas II rockets, as well as the Delta IV rocket
scheduled for its first launch Nov. 16.
http://www.af.mil/news/Nov2002/111202726.shtml
----------------------------------------------------
[7] House OKs $903M for Cyber Security Research
By Roy Mark
The U.S. House of Representatives made the approval of $903 million for
cyber security research its first order of business Tuesday, unanimously
passing legislation that will create scholarships, grants and research
centers at American colleges and universities. The Senate has already
approved the legislation, and the bill now goes President George W.
Bush, who is expected to sign the measure.
The bill, the Cyber Security Research and Development Act (H.R. 3394),
more than triples federal spending on security research. Approved on a
voice vote, the legislation increases government spending on cyber
security research over five years from its current annual level of
approximately $60 million to $111 million in 2003 and peaking at $231
million in 2007.
http://www.atnewyork.com/news/article.php/1499391
----------------------------------------------------
[8] E-tailers opt for Early Warning system
By Dinah Greek [13-11-2002]
Fraudbusting programme gives e-tailers advance warning of online scams
Online retailers are fighting back against credit card fraud with
another scheme designed to protect them against fraudsters.
Official estimates report that "card not present" fraud cost industry
£95.7m in 2001, with internet fraud accounting for 12 per cent of this
figure.
http://www.vnunet.com/News/1136779
----------------------------------------------------
[9] ICANN ponders new top level domains
09:06 Wednesday 13th November 2002
Evan Hansen, CNET News.com
The body responsible for overseeing the Internet wants to expand its
role and the number of domains. It just doesn't know what they should be
A key Internet address administrator has recommended taking steps to add
three new top-level domains to the Web's navigation system.
Stuart Lynn, president of the Internet Corporation for Assigned Names
and Numbers (ICANN) published a recommendation last week proposing
preparations begin for a new expansion of the Net namespace even as the
group prepares to evaluate the effects of a similar expansion
implemented last year. The report did not recommend the specific
top-level domains to be considered.
http://news.zdnet.co.uk/story/0,,t269-s2125820,00.html
----------------------------------------------------
[10] Hackers could be planning major attack, says White House
By Shane Harris
A new computer worm infecting a popular World Wide Web technology is
proof that computer hackers have grown more sophisticated and could be
preparing a significant attack, according to a senior White House
official.
Marcus Sachs, director of communication and infrastructure protection at
the White House Office of Cyberspace Security, said hackers driven to
“the back streets and back alleys of the Internet” by intense law
enforcement scrutiny following the Sept. 11 attacks have quietly been
building new threats. The new worm, widely known as Slapper, is a prime
example of their abilities, he said.
Officials believe millions of devices are vulnerable to Slapper, which
is a computer code that burrows into a server, the program that provides
the files that constitute Web pages. It enters through a well-known
weakness in the Secure Socket Layer (SSL) that connects servers to the
Internet. Once inside, the worm forces the server to seek out other
infected machines, forming an army of so-called “zombies” that could
bombard Web sites with bogus requests for information, causing a massive
traffic jam on the Internet.
http://www.govexec.com/dailyfed/1102/111202h1.htm
----------------------------------------------------
[11] BIND vulnerable, upgrade now
By ComputerWire
Posted: 13/11/2002 at 09:28 GMT
There are several newly discovered "serious vulnerabilities" in BIND,
the internet's dominant domain name system server that hypothetically
could be exploited to bring the internet to a grinding halt if not
widely patched.
Internet Security Systems Inc, which discovered the flaws, and the
Internet Software Consortium, which maintains BIND (Berkeley Internet
Name Domain), warned yesterday that all versions of BIND 4 and 8 up to
4.9.10 and 8.3.3 are affected by multiple vulnerabilities and that
administrators should upgrade to unaffected versions.
"The vulnerabilities... affect nearly all currently deployed recursive
DNS servers on the internet," ISS said in an advisory. Recursive DNS
servers are those used by ISP subscribers and companies to find out the
correct IP address for a domain without having to go to that domain's
authoritative name server every time.
http://www.theregister.co.uk/content/55/28066.html
----------------------------------------------------
[12] U.S. Hopes to Check Computers Globally
System Would Be Used to Hunt Terrorists
By Robert O'Harrow Jr.
Washington Post Staff Writer
Tuesday, November 12, 2002; Page A04
A new Pentagon research office has started designing a global
computer-surveillance system to give U.S. counterterrorism officials
access to personal information in government and commercial databases
around the world.
The Information Awareness Office, run by former national security
adviser John M. Poindexter, aims to develop new technologies to sift
through "ultra-large" data warehouses and networked computers in search
of threatening patterns among everyday transactions, such as credit card
purchases and travel reservations, according to interviews and
documents.
http://www.washingtonpost.com/wp-dyn/articles/A40942-2002Nov11.html
----------------------------------------------------
[13] Drawing up Homeland 'interstate'
BY Diane Frank
Nov. 12,
The Bush administration's concept of an "interstate communications
expressway" for homeland security — comparable to the nation's
interstate highway system — is still very much in the development stage.
In fact, it's simply two pages of scribbled notes, said Steve Cooper,
senior director of information integration and chief information officer
at the Office of Homeland Security.
But there are grand plans for this new idea, under which the national
data and voice network needed for homeland security will be built from
the bottom up, relying on and connecting to the systems already in place
at the state level instead of creating a single, huge federal network.
http://www.fcw.com/geb/articles/2002/1111/web-inter-11-12-02.asp
----------------------------------------------------
[14] Text scam warning for consumers
One con involved an "I love you" text message
Scams using e-mail, text messaging and faxes are increasingly ripping
off consumers, the UK Government has warned.
Unscrupulous firms often use bogus prize draws and special offers to
entice recipients to reply, the Department of Trade and Industry has
said.
The growing number of people with the internet and mobile phones has
raised concern that the problem is increasing.
There is particular concern that because of the popularity of texting
among children, they could often be the victims of cons
http://news.bbc.co.uk/2/hi/technology/2446363.stm
----------------------------------------------------
[15] Supreme Court agrees to review challenge of filtering software at
libraries
WASHINGTON (AP) - The Supreme Court said Tuesday it will decide if
public libraries can be forced to install software blocking sexually
explicit Web sites.
Congress has struggled to find ways to protect children from Internet
pornography without infringing on free speech rights for Web site
operators.
Lawmakers have passed three laws since 1996, but the Supreme Court
struck down the first and blocked the second from taking effect.
The latest measure, signed by President Clinton in 2000, requires public
libraries receiving federal technology funds to install filters on their
computers or risk losing aid.
A three-judge federal panel ruled the Children's Internet Protection Act
violates the First Amendment because the filtering programs also block
sites on politics, health, science and other non-pornographic topics.
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/4502224.ht
m
----------------------------------------------------
[16] Net pirates poach Harry Potter film
Film copied with DV camera, posted in chat rooms
By Bob Sullivan
MSNBC
Nov. 12 — “Harry Potter and the Chamber of Secrets” apparently isn’t
such a secret any more. The sequel to last year’s record-setting
blockbuster fantasy film, perhaps the year’s most-anticipated movie, is
scheduled for U.S. release Friday. But Internet movie piracy Web sites
are brimming with news that the film is already making its way around
the Internet. Warner Bros. studios has disputed the reports, but dozens
of pirates are claiming to have seen it already. Such Internet
pre-releases are becoming so commonplace that both pirates and movie
studios are beginning to expect them.
http://www.msnbc.com/news/834107.asp
----------------------------------------------------
[17] The next big Internet flop
Movielink: Now playing at a computer near you — but for how long?
The home page of Movielink.com
By Ben Fritz
SLATE.COM
Nov. 12 — Yesterday, five major studios — Universal, Paramount, Sony,
Warner Bros., and MGM — unveiled Movielink, a joint venture that, for
the first time, allows customers to download a large assortment of
studio films. Movielink’s initial library contains about 175 movies —
new and old, from Jimmy Neutron to Last Tango in Paris. They range in
price from $1.99 to $4.99 for a 24-hour rental. It’s a cool service,
attractively priced. It’s also going to be a flop on the order of The
Adventures of Pluto Nash.
http://www.msnbc.com/news/834034.asp
----------------------------------------------------
[18] Computer Hacker May Bust Breeders Cup
By staff
After the federal authorities formally joined the investigation into
suspicious betting on the Breeders’ Cup races, more details are coming
to light about the software engineer embroiled in the controversy.
http://www.onlinecasinonews.com/ocn/article/article.asp?id=2422
----------------------------------------------------
[19] Oracle in buffer overflow brown alert
By John Leyden
Posted: 12/11/2002 at 13:28 GMT
Security researchers are warning of a potentially nasty buffer over-run
flaw in Oracle Database 9i
databases.
In common with such flaws, a buffer overflow in the iSQL*Plus module of
Oracle 9i might allow an attacker to run arbitrary code in the security
context of the Web server. iSQL*Plus is a Web-based application that
allows users to query the database.
http://www.theregister.co.uk/content/55/28057.html
----------------------------------------------------
_____________________________________________________________________
The source material may be copyrighted and all rights are
retained by the original author/publisher.
Copyright 2002, IWS - The Information Warfare Site
_____________________________________________________________________
Wanja Eric Naef
Webmaster & Principal Researcher
IWS - The Information Warfare Site
<http://www.iwar.org.uk>
---------------------------------------------------------------------
To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe
infocon" in the body
To unsubscribe - send an email to "[EMAIL PROTECTED]" with
"unsubscribe
infocon" in the body
---------------------------------------------------------------------
IWS INFOCON Mailing List
@ IWS - The Information Warfare Site
http://www.iwar.org.uk
IWS INFOCON Mailing List
@ IWS - The Information Warfare Site
http://www.iwar.org.uk
