TROJAN USERS CAUGHT IN CHINA Three local high school students were arrested
on Monday for allegedly running Trojan programs to steal dial-up account
passwords from compromised computer systems. Reporter speaks about SunSeven
trojan program, but it is obvious that SubSeven was used... Link:
http://www.net-security.org/cgi-bin/news.cgi?url=http://www.chinatimes.com.tw//english/esociety/89082202.htm
http://www.net-security.org/dl/newsletter/txt/issue027.txt
Securities next steps.
Encryption's quantum leap
While firewalls beef up, cryptography will get a quick lesson in physics.
Quantum cryptography, which uses principles of quantum physics to encrypt
data and track attempts to steal it, is one next-generation security
technology attracting more attention.
MagiQ Technologies' quantum-key distribution hardware box, Navajo, pushes
this technology toward business use. Designed to flip randomly generated
digital keys once a second to keep prying eyes away from data traveling
over fiber-optic lines, Navajo allows users to implement any encryption
method to guarantee a message has been securely delivered between two
parties -- and that no copy exists.
Based on the laws of quantum mechanics, the technology works on a series of
triggers: Once someone reads quantum-encrypted information, the data is
altered on a molecular level. After a correction procedure is conducted by
the sender and receiver, the high error rate found in comparing the
original and received messages will produce eavesdropper evidence and
outline the form of attack used to steal the information, explains Bob
Gelfond, CEO and founder of New York-based MagiQ.
"Quantum cryptography does not use mathematical complexity; it relies on
laws of physics to guarantee its success," Gelfond says. "You can't clone
or copy a photon in any way and don't have to worry about a message being
compromised."
Despite its benefits, quantum coding faces obstacles. In the case of
Navajo, which will be available later this year, the box can only extend
its coverage over a 30-kilometer radius between two specific devices.
Gelfond expects a range of 100 kilometers to be reachable in over a year's
time.
Further impeding its progress, the strong encryption technology's elegance
may not be applicable to most enterprises outside the U.S. government, says
Ray Wagner, research director of information security strategies at
Stamford, Conn.-based Gartner.
"The main problem with quantum-key distribution is the current method for
key distribution is good enough for most enterprises," Wagner says.
"There's not a lot of organizations that can afford to put in private fiber
optic, then protect that private optic."
MagiQ's Gelfond disagrees, countering that the existing glut of laid fiber
allows Navajo to become even easier and less costly to use. The
proliferation of quantum repeater devices is expected to boost quantum
signals much the same way optical boosters are needed for long-haul networks.
EXTRACT from...
http://www.infoworld.com/article/03/01/10/030113fenextsec_1.html