[INFOCON] - (CIA) CSI's Studies in Intelligence (UnclassifiedStudies Volume 46, Number 3, 2002)
(It contains some interesting articles. I would recommend to have a look at The Coming Revolution in Intelligence Analysis and the counterpoint article In addition to that there is also an article about PsyOps during WWII: The Information War in the Pacific, 1945. WEN) http://www.cia.gov/csi/studies/vol46no3/index.html INTELLIGENCE TODAY AND TOMORROW Policymakers and the Intelligence Community Supporting US Foreign Policy in the Post-9/11 World Richard N. Haass Understanding Our Craft Wanted: A Definition of "Intelligence" Michael Warner The Coming Revolution in Intelligence Analysis What To do When Traditional Models Fail Carmen A. Medina Counterpoint to "The Coming Revolution in Intelligence Analysis" Evolution Beats Revolution in Analysis Steven R. Ward Sorting Out "National Interests" Ways To Make Analysis Relevant But Not Prescriptive Fulton T. Armstrong HISTORICAL PERSPECTIVES Work Force Evolution One Woman's Contribution to Social Change at CIA Dawn Ellison Paths to Peace The Information War in the Pacific, 1945 Josette H. Williams INTELLIGENCE IN RECENT LITERATURE God's Eye: Aerial Photography and the Katyn Forest Reviewed by Benjamin B. Fischer >From Munich to Pearl Harbor: Roosevelt's America and the Origins of the Second World War Reviewed by Michael Warner. Secrets of Victory: The Office of Censorship and The American Press and Radio in World War II Reviewed by Robert J. Hanyok COMMENTARY Response to "Two Strategic Intelligence Mistakes in Korea, 1950" A Personal Perspective Thomas J. Patton IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk
[INFOCON] - OCIPEP DAILY BRIEF Number: DOB02-176 Date: 30 October2002
http://www.ocipep.gc.ca/DOB/DOB02-176_e.html OCIPEP DAILY BRIEF Number: DOB02-176 Date: 30 October 2002 NEWS New act to make Ontario's drinking water safe - Update As reported in the OCIPEP Daily Brief DOB02-175 released 29 October 2002, the Safe Drinking Water Act was unveiled yesterday by the Ontario provincial government. The law will call for: licenses for all labs; a new position of chief provincial inspector; annual reports by the government to the legislature; and, new standards for water testing, treatment, distribution and quality. Early reaction to the bill has been mixed, with NDP MPP Marilyn Churley, the architect of the initial draft of the Safe Drinking Water Act, unhappy that the Conservative government version doesn't deal with source protection. Ontario Premier Ernie Eves said the government intends to follow Justice O'Connor's advice that it amend the Environmental Protection Act to cover source water protection. (Source: thestar.com, 30 October 2002) Click here for the source article OCIPEP Comment: Justice O'Connor's reports, made in the wake of the Walkerton tragedy, contained 121 recommendations to improve the safety and security of Ontario's drinking water. With regard to water source protection, the report stated that a strong source-protection program "lowers risk cost-effectively, because keeping contaminants out of drinking water sources is an efficient way of keeping them out of the drinking water". Windows 2000 earns Common Criteria certification The Microsoft Windows 2000 operating system was awarded a Common Criteria certification, a document that spells out common security criteria recognized by 15 countries, including Canada and the U.K. Windows 2000 was certified at Evaluation Assurance Level 4, meaning that it was "methodically designed, tested and reviewed. " (Source: news.com, 29 October 2002) Click here for the source article U.S. Department of Commerce releases certification and accreditation guidelines The U.S. Department of Commerce has released the first of three sections of information security guidelines designed to fix the "inconsistent and flawed" security assessments for systems used by government agencies. Some current security certification procedures are "excessively complex, outdated and costly to implement," according to the National Institute of Standards and Technology (NIST). A NIST researcher stresses that there is a need to "move toward the adoption of a standardized process," which would allow federal agencies "to better understand how their partners are dealing with the security issues." The other two sections of guidelines, one dealing with system controls, and the other with verification procedures and techniques, will be released next spring. (Source: computerworld.com, 29 October 2002) Click here for the source article OCIPEP Comment: A draft copy (PDF version) of the Guidelines for the Security Certification and Accreditation of Federal Information Technology Systems can be viewed at: http://csrc.nist.gov/sec-cert/SP-800-37-v1.0.pdf According to recent reports, although leading software companies have recently committed themselves to improving the latent security of the products they bring to market, there remains a significant threat to the security of information networks due to poorly secured software. According to @Stake, a U.S. security consultancy, 70 percent of security defects are due to flaws in software design. Microsoft recently publicly committed itself to ensuring the security of its products. However, according to analysts, the work the programmers are doing now will not be reflected in the company's products for a year or two. (Source: economist.com, 26 October, 2002) http://www.economist.com/surveys/displayStory.cfm?Story_id=1389575 IN BRIEF Alberta forest fires cost $300M The cost of fighting forest fires in Alberta this year was over $300 million, five times more than budgeted, according to a provincial fire information officer. The continuing droughts, as well as the evacuation of residents from several communities and road closures, were factors that contributed to the record expenses. (Source: cbc.ca, 29 October 2002) Click here for the source article CIA report warns against cyberterrorism In a report to the Senate Intelligence Committee, the Central Intelligence Agency (CIA) warns that groups such as Sunni extremists, Hezbollah and Aleph-formerly known as Aum Shinrikyo-may join al-Qaeda to wage cyberwarfare against the U.S. (Source: news.com, 29 October 2002) Click here for the source article Port Simpson - Update The B.C. Provincial Emergency Program has issued its tenth and final update concerning the power outage and roadway access closure at Port Simpson, 55 km north of Prince Rupert. Power has been restored since October 22, and community officials indicate they are past the crisis stage and have moved into recovery operations. A meeting will be held today to address the road restoration, w
[INFOCON] - News 10/30/02
_ London, Wednesday, October 30, 2002 _ INFOCON News _ IWS - The Information Warfare Site http://www.iwar.org.uk _ - To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe infocon" in the body To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe infocon" in the body - _ [News Index] [1] 12th Annual EICAR Conference: Call For Papers [2] Don't Touch that Dial [3] Defense, cybersecurity officials praise 'open source' software [4] China prevented repeat cyber attack on US [5] Politicians, police recruited to talk up IT security [6] Responsible Disclosure by Corporate Fiat [7] Homeland goes interstate route [8] Q & A Kevin Mitnick [9] MS gets top security rating for Win2k, makes big noise [10] OMB issues draft standards to increase info-sharing, cut IT costs [11] NIST details certification process [12] Transcom chief touts IT [13] Tech firms seek to play role in military transformation effort [14] Defense procurement system prone to security lapses [15] Sniper leaves a mark [16] Brussels to spend 250k on Linux migration study [17] Introducing Network Attached Encryption [18] Wireless WarDrive: Wee Bit of Fun [19] Reuters says it wasn't hacking [20] Greeting card email is not a worm [21] Home-based cybersecurity defense won't work [22] Nowhere to Hide [23] Lawsuit to Test USA Patriot Act [24] CIA warns of Net terror threat [25] Online sales decline for first time [26] A new threat to ICANN authority? [27] Dear Saddam, How Can I Help? [28] Technology: Military conference highlights information systems [29] Golden Age of IT Hasn't Arrived Yet [30] DoCoMo gets defaced [31] Is a larger Net attack on the way? [32] Employee surveillance unaffected by terror threat [33] FIPS testing finds lots of mistakes in crypto IT _ News _ [1] 12th Annual EICAR Conference: Call For Papers 12th Annual EICAR Conference: Call For Papers The Conference will be held May 10-13 in Copenhagen, with three streams of interest: -Malware -Critical Infrastructure Protection (CIP) -IT-Law and Forensics with contributions from industry, government, and research. With the goal of keeping abreast of new developments, EICAR will be a forum for discussions on subjects past, present and future, pertaining to "IT-Security in an Insecure Web". Papers can be submitted through to December 1st, 2002. For more information on formatting, panels, area chairs and other things, check out http://conference.EICAR.org Submission of Papers to Area Chairs December 1, 2002 Notifications to Authors of Acceptance and Reviewers' Comments January 15, 2003 Submission of Camera-Ready Papers February 1, 2003 First Round Registration March 1, 2003 (I have seen a prototyp of such a phone due for release in January and it looks amazing as it got so many features, but unfortuntely it looks like they missed out the security bit. WEN) [2] Don't Touch that Dial Mobile phones packing Java virtual machines are gaining in popularity, and are headed for American shores. Will they be the next arena for malicious hacking? By Michael Fitzgerald, Oct 29 2002 9:05AM Java phones are coming to the U.S., bringing with them a second chance for mobile applications, and, experts caution, a new platform for malicious code. "It's going to be an issue," says Tony Davis, acting CEO of Tira Wireless, a Toronto startup that certifies and publishes J2ME (Java 2 MicroEdition) applications. Davis already uses a Trojan horse program when he makes sales calls. "When I meet with European carriers, I pull up a phone and show them a car racing game that's actually not just that, it's sending a huge amount of traffic back and forth," Davis says. "I tell them, your customer is going to get a bill for 500 pounds at the end of the month, and who are they going to come after? You." http://online.securityfocus.com/news/1531 [3] Defense, cybersecurity officials praise 'open source' softwa
