Directory: Security 00-02-00-CACM-IdentityTheftSocialSecurityNumbersAndTheWeb.txt 00-04-00-CACM-IntrusionDetectionAndMultisensoryDataFusion.txt 00-04-00-CACM-SecuringUserPasswords.txt 00-05-00-CACM-InternetUseISRiddlesWithVulnerabilities.txt 00-06-00-ACMNetWorker-SecurityIsAnImperfectArt.txt 00-06-00-CACM-InformationSystemSecurityManagement.txt 00-09-00-ACMNetWorker-IsAnybodyDoingAnythingAboutInternetSecurity.txt 00-09-00-CACM-UsingVoiceToVerifyPersonalIdentity.txt 01-02-00-CACM-AnOperatingSystemApproachToSecuringEServices.txt 01-02-00-CACM-ConsideringTrustAssumptionsDuringSoftwareDevelopment.txt 01-02-00-CACM-IntroductionToSecuringSoftwareApplications.txt 01-02-00-CACM-SecurityAndPrivacyIssuesInMobileECommerce.txt 01-02-00-CACM-UsingAccessControlApproachesForSecureWebApplication.txt 01-03-00-CACM-FutureComputerSoftwareWillBeConstrainedByInsuranceConsiderations.txt 01-03-00-CACM-IsThereAFixInSightForComputerSecurity.txt 01-04-00-CACM-AnOrganizatonToRateComputerSecurityIsABadIdea.txt 01-05-00-ACMUbiquity-LowFacultySalariesAndShortageOfSecuritySpecialists.txt 01-08-00-CACM-AProcessControlApproachToCyberAttackDetection.txt 01-08-00-CACM-RisksInEmailSecurity.txt 01-09-00-CACM-SecurityIssuesForElectronicMedicalRecords.txt 01-10-00-ACMUbiquity-PeterNeumannOnSecurityVulnerabilities.txt 01-11-08-Reuters-Hack-Bank.txt 01-11-13-Wired-ICANN.txt 01-11-17-SFCron-Internet.txt 01-11-26-ZDNet-Google.txt 01-12-00-CACM-CodeRedWorm-MaliciousSoftwareKnowsNoBounds.txt 01-12-04-AP-SecuritySW.txt 01-12-04-Reuters-InfrastructureMap.txt 01-12-05-WashPost-MCI.txt 01-12-11-ComputerWorld-NIPC-DNS.txt 01-12-12-WashPost-NetSecBill.txt 01-12-14-WashPost-CyberCrimeBill.txt 01-12-17-SJMerc-802.11Crypto.txt 01-12-22-SJMerc-MSXPPnP.txt 02-01-02-BusWeek-Changes.txt 02-01-07-WiredDigital-VirusWriters.txt 02-01-08-MSNBC-WinUPnP.txt 02-01-08-SecurityFocus-NASRept.txt 02-01-14-eWeek-SWLiability.txt 02-01-14-InfoWeek-DrversLicenseID.txt 02-01-14-LATimes-MS-Security.txt 02-01-14-LATimes-MSWindows.txt 02-01-18-SJMerc-China.txt 02-01-19-SJMerc-DG-WebServices.txt 02-01-20-SJMerc-Internet.txt 02-01-23-WashPost-CrossSiteScriptAttacks.txt 02-01-29-DJMerc-MSPassport.txt 02-01-29-EPIC-MSPassport.txt 02-01-29-PCWorld-CybersecurityBills.txt 02-01-29-WashPost-MSPassportBug.txt 02-01-31-CSTB-InfrastructureSecurity.txt 02-02-04-IDG-NIPC.txt 02-02-07-SJMerc-CyberSecurityBill.txt 02-02-08-WashPost-HR3482-CybeSecEnhance.txt 02-02-08-WasPost-WhiteHouseAdvisertxt.txt 02-02-12-Wired-CyberSecEnhance-CSEA.txt 02-02-14-Reuters-ElecSignatures.txt 02-02-19-InfoWorld-CyberSecurityCzar.txt 02-02-23-SJMerc-BuiltInPCSecurity.txt 02-02-27-SJMerc-DisneyFundsGilian.txt 02-02-27-Wired-CyberSecEnhanceAct-CSEA.txt 02-03-00-ACMNetWorker-ExAndTrustedEmployeesMayBeGreatestThreatsToNetworkSecurity.txt 02-03-04-UnknownSource-FOIA-Exemption-CyberSecurity.txt 02-03-12-USAToday-MS-AirForceSecurity.txt 02-04-00-CACM-ManyPCSecurityProblemsRemainUnaddressed.txt 02-04-00-CACM-TechnicalAspectsUnderlyingInternetSecurityAndPrivacy.txt 02-04-08-EWeek-EGovTechChallenges.txt 02-04-17-Wired-ArgentineHackerLaw.txt 02-04-20-UPenn-Dyson.txt 02-04-22-EETimes-InternetSecurityIssues.txt 02-05-12-NYT-Markoff-SmartCardsCracked.txt 02-05-14-CNETNews-SuccessfulHackers.txt 02-05-17-NYT-ExperianCreditDataStolen.txt 02-06-03-CNETNews-MITStudentHacksXBox.txt 02-06-03-SJMerc-MITStudentHacksXBox.txt 02-06-04-TheRegister-MITStudentHacksXBox.txt 02-06-06-TheRegister-SecurityThruObsolescence.txt 02-06-07-NYT-Markoff-KaZaASecurityHole.txt 02-06-13-CanberraTimes-ThumbprintSystemProblems.txt 02-06-19-InfoWorld-FedsUrgePrivateAction.txt 02-06-24-InfoWorld-MS-Palladium-DRM.txt 02-06-24-TheRegister-2-MS-Palladium-DRM.txt 02-06-24-TheRegister-MS-Palladium-DRM.txt 02-06-25-TheRegister-Palladium-GPL.txt 02-06-26-ExtremeTech-MS-Palladium-AMD-MotherboardDesign.txt 02-06-26-NewsFactor-PurdueSelfHealingSoftware.txt 02-06-26-RossAnderson-TCPA-PalladiumFAQs.txt 02-06-27-WashPost-MS-Palladium.txt 02-07-01-Newsweek-MS-Palladium-DRM.txt 02-07-02-SJMerc-MS-EU-PalladiumAntitrust.txt 02-07-04-WashPost-CyberSecurityNeeded.txt 02-07-08-ActiveWin-PalladiumExplained-TCPA.txt 02-07-08-BostonGlobe-TCPA-Palladium.txt 02-07-08-PCWorld-MSPalladiumDiscussionOpen.txt 02-07-09-NetworkWorldFusion-CyberCatastrophePredicted.txt 02-07-09-RossAnderson-UpdatedTCPA-PalladiumFAQs.txt 02-07-10-SJMerc-OutlookPGPPluginBug.txt 02-07-15-LibertyAlliance-1.0Spec.txt 02-07-15-SJMerc-CybercrimeBill-HR3482.txt 02-07-19-CIOInsight-WirelessNetworkSecurityIssues.txt 02-07-20-SJMerc-DG-MSPalladium.txt 02-07-29-PCWorld-MSRevealsPalladiumDetails.txt 02-07-30-CNETNews-HPUsesDMCAforSecurityThreat.txt 02-07-31-AP-BushAdvisorEncouragesHackers.txt 02-07-31-CNETNews-SecurityCzarBlamesISPsAndSWMakers.txt 02-08-01-CNETNews-HP-BacksDown-DMCA.txt 02-08-01-HPPressRelease-HP-BacksDown-DMCA.txt 02-08-03-SJMerc-DG-HPComesToItsSenses-DMCA.txt 02-08-03-SJMerc-HackBackCounterattack.txt 02-08-05-SJMerc-JapanNationaID-GlitchesProtests.txt 02-08-22-WashPost-CyberwarfareRulesAndConsumerBroadband.txt 02-09-00-ACMNetWorker-SecuritRisksInWebServices.txt 02-09-00-ACM-USACMVoiceInSecurityAndPrivacy.txt 02-09-00-AtlanticMonthly-HomelandInsecurity.txt 02-09-08-SJMerc-DG-SecurityPoliciesNeeded-BroadbandDecentralization-EnergyIndependence.txt 02-09-09-ComputerWorld-WardriveFindsManyUnsecuredWirelessLANs.txt 02-09-17-SJMerc-DG-FederalSecurityPlanForControlFreaks.txt 02-09-17-SJMerc-VoluntaryFedPlanHasCritics.txt 02-09-18-SFChronicle-CybersecurotyChiefDefendsPlan.txt 02-09-24-Wired-BermanBillDebate.txt 02-10-00-CACM-QualityRatherThanQuantityForComputerSecurity.txt 02-10-00-CACM-ShouldInternetSecurityTechnologiesBeBlendedWithBiometrics.txt 02-10-07-Markle-TaskForce-ProtectingFreedomInInfoAge.txt 02-10-17-BostonGlobe-CyberCzarCommentsOnDMCAAndSecurityIssues.txt 02-10-17-CyberSecurity-CyberCzarCommentsOnDMCAAndSecurityIssues.txt 02-10-20-Cryptome-Reinhold-PalladiumPresentationAtUCB.txt 02-10-21-Cryptome-ReviewOfMSPalladiumMITTalk.txt 02-10-21-NewsForge-Stallman-TrustedComputingTakesControlFromUser.txt 02-10-21-NewsForge-Stallman-trustedComputing.txt 02-10-23-PCWorld-DNSRootServerAttackCouldBeFirstOfMany.txt 02-10-24-ComputerWorld-CrockerOnDNSServerAttack.txt 02-10-31-Reuters-WiFiSecurityUpgrade.txt 02-11-00-ACMUbiquity-AreECommerceSecurityMeasureWorthTheTrouble.txt 02-11-00-WashMonthly-CyberTerrorismNotLethal.txt 02-11-02-ACMUbiquity-TheFutureOfInternetSecurity.txt 02-11-03-AP-TrustedComputing-UsersCedeControl.txt 02-11-03-STMerc-CriticsSayTrustedComputingThreatensConsumerFreedom.txt 02-11-08-CNETNews-VoteNearOnCyberSecurityRandDAct.txt 02-11-11-NewScientist-TechChangesCouldStopAttacksOnP2P.txt 02-11-13-CNETNews-CyberSecurityEnhancementAct-CSEA.txt 02-11-13-Wired-HousePassesCyberSecurityRandDAct.txt 02-11-14-Wired-CriticsBashStudyShowingDecreaseInHackAttacks.txt 02-11-15-ACMUbiquity-AreECommerceSecurityMeasuresWorthIt.txt 02-11-20-ALA-HomelandSecurityAndTotalInfoAwareness.txt 02-11-20-CNETNews-TechAspectsOfHomelandsecurityLaw.txt 02-11-20-SJMerc-TotalInfoAwareness-Concerns.txt 02-11-20-UPI-InternetNeedsWorkAfter9-11.txt 02-11-22-EWeek-ITIndustryWarnsAgainstRegulation.txt 02-11-25-NewsFactor-NewApproachesToSecurityPatchesNeeded.txt 02-12-00-CACM-WhySecurityStandardsSometimesFail.txt 02-12-02-ZDNet-Schneier-NoSecurityMagicAvailable.txt 02-12-06-SJMerc-TelcomIndustryOutlinesSecurityPlans.txt 02-12-06-Wired-FedsSayWiFiSecurityThreat.txt 02-12-10-PCWorld-FinancialInstitutionsTackleCybersecurity.txt 02-12-11-MSNBC-SpamAndVirusesIncreasingProblem.txt 02-12-16-SJMerc-DMCA-TIA-P2PPiracyBill-UndermineCybersecurity.txt 02-12-19-SJMerc-WebActivistsWatchTIAsPoindexter.txt 02-12-20-DARPA-InfoAwarenessOffice-IAO.txt 02-12-20-MSNBC-AdminSaysCyberspaceProtectionPlanWontInvadePrivacy.txt 02-12-20-NYT-Markoff-BushAdminProposesInternetMonitoringSystem.txt 02-12-20-Reuters-WhiteHouseSaysWebSecurityPlanWontInvadePrivacy.txt 02-12-20-Wired-TerroristsUnlikelyToDamageNet.txt 02-12-30-NYT-TamingTheTaskOfCheckingTerroristsNames.txt 02-12-31-TechNews-TechPoliciesInThe107thCongress.txt 03-01-02-AOL-UnivResearchersTurnDownGrantsWithRestrictions.txt 03-01-03-ComputerWorld-Cyberthreats-WarnsClarke.txt 03-01-03-Wired-WhyRIAAKeepsGettingHacked.txt 03-01-07-WashPost-GovernmentParesBackSecurityInitiative.txt 03-01-08-PCWorld-RevisedCyberSecurityPlanPosesProblems.txt 03-01-08-ZDNet-RootServerDDoSAttacks.txt 03-01-09-InternetWeek-Doctorow-MaliciousWiFiInternetAccessIsNonsense.txt 03-01-09-ITManagement-CyberSecurityRDActGoodIfFunded.txt 03-01-11-TheRegister-RIAASiteDefacedAgain.txt 03-01-12-ESecurityPlanet-InternetThreatsWillGetWorse.txt 03-01-13-DCInternet-OpenWebAppSecurityProjIssuesTopWebVulnerabilities.txt 03-01-13-FedCompWeek-WiFiProtectedAccess-WPA-BetterThanWEP.txt 03-01-13-SecurityFocus-USSentencingCommAsksInputOnHackers.txt 03-01-15-CNETNews-OldHardDrivesStillContainData.txt 03-01-15-Yahoo-OldHardDrivesStillContainData.txt 03-01-24-CNETNews-MSDropsPalladiumName.txt 03-01-24-SJMerc-DG-MSDropsPalladiumName.txt 03-01-27-TheRegister-MSDropsPalladiumName.txt 03-01-29-CNETNews-BushProposesTerroristThreatIntegrationCenter.txt 03-01-30-ComputerWorld-I3P-ConsortiumPromotesCybersecurityResearch.txt 03-01-31-WashPost-FedsBulidingInternetMonitoringCenter-GEWIS.txt 03-01-31-ZDNet-MSFailsToProtectAgainstSQLSlammer.txt 03-02-00-BusCommRev-ExpertsCiteSeveralReasonsForPoorInternetSecurity.txt 03-02-03-PCWorld-VulnerabilitiesIncreaseButNetAttacksDown.txt 03-02-04-eWeek-LatestCybersecurityPlanCountsOnPrivateSector.txt 03-02-06-NewsFactor-ASUReserchersSayCascadingFailuresCouldCrashInternet.txt 03-02-07-WasPost-BushOrdersCyberWarfareGuidelines.txt 03-02-10-SJMerc-MakeCompaniesLiableForSoftwareSecurityProblems.txt 03-02-13-StarTrib-SomeExpertsSayCyberterrorismUnlikely.txt 03-02-15-WashPost-BushCybersecurityPlanLeavesItToIndustry.txt 03-02-17-FoxNews-108thCongressPreparesTechAgenda.txt 03-02-19-ChicagoTrib-HackerAccesses8MillionCreditCardRecords.txt 03-02-20-CNETNews-CriminalDefenseLawyersAndEFFSayHackersSentencesTooHarsh.txt 03-02-21-TheRegister-InsidersCouldEasilyGuessATM-PINs.txt 03-02-25-SJMerc-WiFiHotspotsCouldLeadToHacking.txt 03-02-26-SJMerc-CountyEVotingPlansAdvanceInSpiteOfConcerns.txt 03-02-27-CNETNews-AttorneySaysHackingAttackingComputersMayBeLegal.txt 03-03-00-CACM-FirewallsHaveManyHoles.txt 03-03-00-CACM-UsingInsuranceForCyberRiskManagement.txt 03-03-03-CalAggie-UCDResearchersTackleComputerSecurity.txt 03-03-03-Computerworld-MajorVulnerabilityInSendmailDiscovered.txt 03-03-03-SJMerc-GovtPublicationRestrcitionsStallScientificResearch.txt 03-03-03-SJMerc-SecurityRestrictingSciencePublicationAndTravel.txt 03-03-11-SecurityFocus-HomelandSecuritySybersecurityEffortsDoubted.txt 03-03-13-Yahoo-CMU-SCCWorkshopOnWirelessTrustAndDependability.txt 03-03-14-CeBITPanelSaysBombsMoreLikelyThanCyberterrorism.txt 03-03-15-Wired-NRICSaysBusinessesMustGetSeriousAboutNetworkSecurity.txt 03-03-18-WashPost-USHeightensCybersecurityMonitoring.txt 03-03-20-Fortune-WeAreVulnerableToCyberAttacks.txt 03-03-20-NewsFactor-InternetStillNotSecure.txt 03-03-20-PCWorld-CongressionalBriefing-Security-Privacy.txt 03-03-21-ChronHighEdu-Shibboleth-Internet2-Authentication.txt 03-03-21-Computerworld-DNSSec-AttemptsToStopSophisticatedDOSAttacks.txt 03-03-24-WaskTech-SomeSayBushAdminMovesDowngradeCyberSecurity.txt 03-03-25-NAS-NRDReport-IdentityVerificationAndPrivacy.txt 03-03-25-NewsFactor-WPAWillNotMakeWiFiSecure.txt 03-03-26-Felten-StatesIntroBillsToExtendDMCAToFirewalls.txt 03-03-26-WSJ-IraqWarCausesMoreWebSiteDefacementHacking.txt 03-03-31-Provos-WebPagesMovedOffshore-MichSuperDMCA.txt 03-04-00-ACMUbiquity-InsecureInformationSubmissionMethodsDisourageApplicants.txt 03-04-00-IEEESpectrum-UpdatingElectronicSurveillanceSystems.txt 03-04-01-EETimes-ConnectedRealTineSystemsHaveSecurityNeeds.txt 03-04-01-EETimes-DNSNeedsBetterSecurity.txt 03-04-01-PCWorld-CFP2003-SecurityVsPrivacy.txt 03-04-02-InternetWeek-MSNeedsToImproveAppsSecurity.txt 03-04-02-PCWorld-FedOfficialDefendsBushCybersecurityPlan.txt 03-04-04-NetMag-Honeypots-StrategiesAndIssues.txt 03-04-08-GovtCompNews-DebateOverCybersecurityResources.txt 03-04-08-TechDaily-DebateOverCybersecurityResources.txt 03-04-09-WashPost-DebateOverCybersecurityResources.txt 03-04-10-SFGate-CFP03FocussesonCivilLibertiesIssues.txt 03-04-11-CNETNews-HoneypotsGetBetter.txt 03-04-11-ComputerWorld-RSA2003Conf-IntrusionPrevention.txt 03-04-11-PCWorld-HomelandSecuritySeeksTechSolutions.txt 03-04-12-FreedomToTinker-MPAA-StateSuperDMCALaws.txt 03-04-14-EFF-MPAA-StateSuperDMCALawsOpposed.txt 03-04-14-NYT-DOSAttackUsingTheUSPS.txt 03-04-14-SJMerc-DG-DMCAUsedToStopIDCardPresentation.txt 03-04-14-Slashdot-DMCAUsedToStopIDCardPresentation.txt 03-04-14-TheRegister-StateDMCALawsPreventAnonymousCommunications.txt 03-04-15-Counterpane-DOSAttackUsingTheUSPS.txt 03-04-15-EETimes-MS-EnSCB-UsersDontGetControlOfKeys.txt 03-04-15-InternetWeek-Sun-SymantecUnveilIntrusionDetection.txt 03-04-15-TheRegister-Sun-SymantecUnveilIntrusionDetection.txt 03-04-16-CNETNews-HomelandSecurityAsksIndustryForData.txt 03-04-16-MplsStarTrib-GovtAndIndustryPartnerToFightCyberterrorism.txt 03-04-16-PCWorld-ExpertWarnsOfCyberthreats.txt 03-04-16-SJMerc-DG-HoneypotTrapsRaiseLegalAndEthicalIssues.txt 03-04-17-BusWeek-ShouldHackersBeHired.txt 03-04-17-SJMerc-DMCAUsedToStopIDCardPresentation.txt 03-04-17-SJMerc-InternetUsersHaveToolsToProtectThemselves.txt 03-04-17-TheRegister-EmployeesQuickToGivePasswords.txt 03-04-25-SmallTimes-PARC-NSF-SensorNetsIssues.txt 03-04-27-CNN-TooMuchBuggySoftware.txt 03-04-28-NYT-HoneynetProjectSetToCatchHackers.txt 03-04-29-WIred-NHBillWouldLegalizeAccessToOpenWirelessNets.txt 03-05-00-CACM-802DOT11bWirelessNetworkingSecurity-AccessPointMapping.txt 03-05-00-CACM-IntroductionToWirelessNetworkingSecurity.txt 03-05-00-CACM-WirelessSecurityFlawsIn802DOT11.txt 03-05-03-NetMag-CybersecurityEarlyWarningSystems.txt 03-05-06-SJMerc-Gates-FutureMSSecurityWillBeOptional.txt 03-05-07-PFIR-TripoliProj-NewEmailEnvironment.txt 03-05-08-CNETNews-MSPassportFacesPossibleFTCAction.txt 03-05-08-PFIR-TripoliProj-NewEmailEnvironment.txt 03-05-08-WashPost-PARC-TIA-PrivacyProject.txt 03-05-13-CNETNews-ProposalsToCurbDOSAttacks.txt 03-05-13-PCWorld-NewOrgToDevelopWirelessSecurityStandards.txt 03-05-13-SecFocus-ACM-UrgesDMCASecurityResearchExemption.txt 03-05-13-SecFocus-ResearchersWantDMCAExemption.txt 03-05-14-SJMerc-USVulnerableToCyberAttack.txt 03-05-14-Wired-MS-NGSCB-UsersCanOptOut.txt 03-05-16-CNETNews-IRCOperatorsStopVirus.txt 03-05-18-WashPost-RussianHackersTurnToCrime.txt 03-05-20-NewScientist-GPSDataCouldStopWirelessAttack.txt 03-05-20-NYT-SpammersUseUnprotectedComputersToRoute.txt 03-05-22-PCWorld-CyberDefense-MoreFundingNeeded.txt 03-05-28-PCWorld-StudySaysCIABehindInInfoTech.txt 03-05-29-NYT-TeensEnlistedHasWhiteHatHackers.txt 03-06-00-CACM-AnalyzingDirectAndIndirectSecurityCosts.txt 03-06-00-CACM-TaxonomyOfSecurityConsiderationsAndSoftwareQuality.txt 03-06-02-ZDNet-Farber-CybersecurityImprovementsNeeded.txt 03-06-16-WSJ-CalLawRequiresNotifactionOfIntrusions.txt 03-06-17-SenJudiciary-TheDarkSideOfP2P.txt 03-06-18-NCNewsObs-CybersecurityFundsAttractResearchers.txt 03-06-18-SecFocus-Bluetooth1.2RaisesSecurityIssues.txt 03-06-24-MSNBC-HijackersTakingOverInternetAddresses.txt 03-06-26-ZDNet-GatesSaysTechWillHelpPrivacyAndSecurity.txt 03-06-27-SJMerc-PaloAltoSchoolsWiFiNetworkOpen.txt 03-06-27-TheWhir-EUCyberSecurityPlan.txt 03-06-29-NYT-TrustedComputingIssues.txt 03-06-30-Wired-NewHomelandSecPrivacyOfficer.txt 03-07-00-CACM-PFIRES-APolicyFrameworkForInformationSecurity.txt 03-07-08-AusITNews-InternetAttacksJustStarting.txt 03-07-08-CompWeekly-ProblemsWithBiometrics.txt 03-07-08-NWFusion-IBM-MS-PublishWebServicesSpec.txt 03-07-09-CNETNews-IBM-MS-PublishWebServicesSpec.txt 03-07-09-PCWorld-USFarFromSecuringCyberspace.txt 03-07-11-NYT-HackersHijackPCsForSexSites.txt 03-07-11-PCWorld-CybersecurityLawsExpected.txt 03-07-15-InetWeek-USCybersecurityEffortsLacking.txt 03-07-15-MSNBC-HomeComputersHijackedToServePornography.txt 03-07-22-MissStateU-MSUComputerSecurityCapabilities.txt 03-07-23-TechNewsWorld-NewWindowsPasswordCracking.txt 03-07-24-NYT-ResearchersFindDieboldEVotingProblems.txt 03-07-25-KohoEtc-AnalysisOfAnElecVotingSystem.txt 03-07-26-SJMerc-DG-MDOfficialsIgnoreEVotingWoes.txt 03-07-26-WashPost-MDOfficials-EVotingOK.txt 03-07-28-CNETNews-CERTInvestigatesSecurityPlan.txt 03-07-28-NYT-DODPreparesTerroristFuturesMarket.txt 03-07-29-NYT-DODCancelsTerroristFuturesMarket.txt 03-07-30-CNETNews-TheStateOfSecurity.txt 03-07-30-CNN-FuturesContractsOnPoindexter.txt 03-07-30-US-DHS-PotentialForImpactFromMS-Windows.txt 03-07-31-CNETNews-HomelandSecurity-HSARPA.txt 03-07-31-ITMgmt-AlertForLargeScaleHackerAttacks.txt 03-08-00-CACM-MoreEffectiveSecurityByIdentifyingAndRankingSeverityOfThreats.txt 03-08-00-GovTech-FaifaxVAUsesWiFiEvotingMachines.txt 03-08-01-ALA-BillsToCurbUSAPatriotsActPowers.txt 03-08-01-CNETNews-CanSMTPStopSpam.txt 03-08-04-DenPost-BusinessUnderReportsHackAttacks.txt 03-08-04-InetWeek-SWVulnerabilitiesHaveHalfLife.txt 03-08-04-PCWorld-SachsInterview-DHSCyberExec.txt 03-08-04-Wired-EVotingMachineVulnerabilities.txt 03-08-05-Wired-EVotingLawsuitToFedAppealsCourt.txt 03-08-06-GovtCompNews-CyberSecurityResearch.txt 03-08-06-NewsFact-InternetSecurityIssues.txt 03-08-07-BaltoSun-MDToReviewE-votingPlans.txt 03-08-11-NewSci-BluetoothSecurityIssues.txt 03-08-11-WashPost-ProblemsWithE-Voting.txt 03-08-13-BusStd-DNSCanBeEnhanceSecurity.txt 03-08-15-InfoWorld-CybersecurityMandatesMayBeNeeded.txt 03-08-15-NewsFactor-NetworksSurvivePowerBlackout.txt 03-08-19-SJMerc-HomeUsersVulnerableToSobigVirus.txt 03-08-20-SJMerc-Sobig-BlasterVirusesSpreadFast.txt 03-08-20-SJMerc-VirusShutsDownCSXSignalSystem.txt 03-08-21-WashPost-PoorSoftwareSpeadsViruses.txt 03-08-21-Wired-SoftwarePatchesNotAnswerToSecurity.txt 03-08-22-WashPost-InfectionsSlowNetworks.txt 03-08-23-SJMerc-DG-IsThisTheEndOfEmail.txt 03-08-25-BaltoSun-ResearcherCriticalOfEVotingCode.txt 03-08-25-SeaTimes-ArrestDueInBlasterWormCase.txt 03-08-26-WSJ-VirusesAWakeUpCallForSWIndustry.txt 03-08-27-ABCNews-CanPCsAutomaticallyDefendAgainstThreats.txt 03-08-27-NYT-ResearchersTryToStayAheadOfWorms.txt 03-08-28-WashPost-VirusProtectionMayMoveToServers.txt 03-08-29-SJMerc-BlasterWormWriterToBeArrested.txt 03-08-30-BosGlobe-FBIArrestsBlasterWormSuspect.txt 03-09-00-CACM-SecurityAndPrivacyIssuesInHandheldAndWearableDevices.txt 03-09-00-NAP-Neuman-ComputerSecurityIssues.txt 03-09-01-InfoWeek-Viruses-AWorldwideProblem.txt 03-09-01-NYT-FedsCallForCybersecurityOversight.txt 03-09-01-VNUNet-FBIArrestsStupidBlasterWormSuspect.txt 03-09-02-MSNBC-InterviewWithBlasterWormSuspect.txt 03-09-03-NewSci-AntiVirusSoftwareInadequate.txt 03-09-04-CompWorld-CongressProposesCybersecurityReportingLaw.txt 03-09-04-SFChron-MoreWormsAndVirusesComing.txt 03-09-04-SJMerc-FTCWarns-IdentityTheftGrowing.txt 03-09-04-SJMerc-SecondBlasterWormArrest.txt 03-09-04-Wired-ReturningStudentComputersUnleashViruses.txt 03-09-06-NewSci-StudyIdentifiesImageAntiTamperingSteps.txt 03-09-08-BusWeek-VirusesReachEpidemicProportions.txt 03-09-08-InfoWeek-HackerForHireAtWork.txt 03-09-10-MSNBC-DieboldOpticalVotingResultsSentToWebsite.txt 03-09-11-PCWorld-HouseWitnessesSuggestSecurityApproaches.txt 03-09-11-TechNewsWorld-IssuesWithBiometrics.txt 03-09-11-Wired-HouseWitnessesSuggestSecurityApproaches.txt 03-09-12-MSNBC-WirelessWebCouldAidInEmergencies.txt 03-09-12-TorontoStar-CybersecurityThreats.txt 03-09-14-SeattleTimes-MSIssuesNewPatchForFlawExploitedByBlaster.txt 03-09-15-CompWorld-SoftwareQualityMeasuresWillImproveSecuity.txt 03-09-16-BusWeek-NewApproachesNeededForNetSecurity.txt 03-09-16-NewsFactor-InternetWorms-WorstIsYetToCome.txt 03-09-17-SJMerc-BlasterWormAccusedPleadsNotGuilty.txt 03-09-18-PCWorld-SwenWormPosesAsMSPatch.txt 03-09-18-SJMerc-MelissaVirusWriterCooperatedWithFBI.txt 03-09-18-Wired-MarylandSaysDieboldVotingSystemOK.txt 03-09-18-ZDNet-SwenWormPosesAsMSPatch.txt 03-09-23-ABCNews-SomeFearTerroristCyberAttacks.txt 03-09-23-RMSmith-IESupercookiesBypassP3PAndCookieControls.txt 03-09-23-Salon-DieboldVotingSystemAnInvitationToFraud.txt 03-09-24-CNETNews-ReportBlamesMSForSecurityProblems.txt 03-09-24-InfoWorld-USImmigrationSystemHitByWelchiaWorm.txt 03-09-24-WashPost-ReportBlamesMSForSecurityProblems.txt 03-09-25-Reuters-AntiSpamWebsitesShutDownByAttack.txt 03-09-25-TheReg-AntiSpamWebsitesShutDownByAttackLinedToSobig.txt 03-09-25-Wired-MarylandSaysDieboldVotingSystemOK.txt 03-09-25-Wired-MSDominanceThreatensCyberSecurity.txt 03-09-28-SJMerc-DG-InternetHasGoodGuysAndBadGuys.txt 03-10-00-CACM-RisksInTrustingSystemsThatMightNotBeTrustworthy.txt 03-10-00-FBI-RegionalComputerForensicLabs.txt 03-10-02-Baseline-CalifEVotingCertificationIssues.txt 03-10-03-EWeek-MSVulnerabilitiesBlamedForTheftOfSourceCode.txt 03-10-04-ECommTimes-BecomingSecurityExpertMightBreakLaws.txt 03-10-06-Wired-DieboldEVotingMachinesFlawed.txt 03-10-08-CompWorld-ConsensusIdentifiesTop20NetVulnerabilities.txt 03-10-08-FBI-RegionalComputerForensicLabs-PressRelease.txt 03-10-08-TechNewsWorld-SwenWormPosesAsMSPatch.txt 03-10-09-CNETNews-MSSaysSecurityImprovementsWillTakeTime.txt 03-10-09-MS-BlamerOnSecuityAndOtherIssues.txt 03-10-10-DCMil-DDenningDiscussesCybersecurity.txt 03-10-10-SJMerc-MSSaysSecurityImprovementsWillTakeTime.txt 03-10-10-TheReg-MSSaysSecurityImprovementsWillTakeTime.txt 03-10-13-Wired-WorkerSaysDieboldInstalledUnauditedSWPatch.txt 03-10-15-CBR-DNSRootServerSecurityImprovementNeeded.txt 03-10-15-UPI-InternetIsIndispensableAndVulnerable.txt 03-10-16-PCMag-SecurityExpertDiscussessIssues.txt 03-10-20-CNETNews-NewBillWOuldRequireDownloadWarnings.txt 03-10-20-INetWeek-MSBallmerDiscussesSecurityIssues.txt 03-10-21-CNETNews-MSBallmerDiscussesSecurityIssues.txt 03-10-21-CRN-MSBallmerDiscussesSecurityIssues.txt 03-10-22-CMU-NewCybersecurityCenterAnnounced.txt 03-10-22-GrokLaw-MSExecSaysCommercialSoftwareIsMoreSecure.txt 03-10-22-NewsFact-MSToutsNewWindowsSecurity.txt 03-10-23-NYT-PlanetLabServersWatchNetForAttacks.txt 03-10-27-NWFusion-DNSRootServersUseAnycastToStopDoSAttacks.txt 03-10-28-CalgaryHerald-GatesToutsNewWindowsSecurity.txt 03-10-29-ACMUbiquity-FirewallSoftwareWillNeedAddOns.txt 03-11-00-CACM-TheMythOfComputerSecurityByKeepingSoftwareSecret.txt 03-11-03-CalifHaltsAuditOfDieboldEVotingMachines.txt 03-11-03-MSNBC-EVotingIssues.txt 03-11-03-SFChron-UCN-USCResearchersToModelTheInternet.txt 03-11-04-CNETNews-MSOffersRewardsToStopViruses.txt 03-11-04-WashPost-DNSRootServersStillVulnerableToDDoSAttacks.txt 03-11-05-ITMgmt-ITManagersConcernedAboutWirelessSecurity.txt 03-11-05-PRNewsWire-MSOffersRewardsToStopViruses.txt 03-11-05-SJMerc-MSOffersRewardsToStopViruses.txt 03-11-06-PCWorld-LawmakerSuggestsRequiredAntivirusSoftware.txt 03-11-06-TechNewsWorld-FlawFoundInWPAWirelessSecurity.txt 03-11-07-PCWorld-MSOffersRewardsToStopViruses.txt 03-11-10-FCW-EVotingMachinesQuestioned.txt 03-11-10-NZZ-ETHOpensInfoSecurityCenter.txt 03-11-11-SJMerc-20YearsOfViruses.txt 03-11-11-Wired-DieboldForcedToPayForEVotingMachineAudit.txt 03-11-12-WashU-DeviceTrapsMalware.txt 03-11-13-INetWeek-NewDNSSecurityNearlyCompleteByIETF.txt 03-11-17-NWFusion-ISPsTakeOnDDoSAttacks.txt 03-11-19-OaklandTrib-SandiaLabOpensHoneynet.txt 03-11-20-CompWorld-EUApprovesCyberSecurityAgency.txt 03-11-20-NatlJour-ReviewOfACM-CRAPanelOnCybersecurity.txt 03-11-20-USACM-ACMAndCRASponsorCyberSecurityPanel.txt 03-11-21-ChronHigherEd-ReviewOfACM-CRAPanelOnCybersecurity.txt 03-11-21-TheStandard-NCVIFormedToPromoteVerifiedEVoting.txt 03-11-22-SJMerc-WellsFargoCustomerDataStolen.txt 03-11-22-Stanford-CybersecurityResearchConference.txt 03-11-24-CompWorld-DiversityNeededToFoilCyberAttacks.txt 03-11-25-CNETNews-After20YearsVirusesDefyCure.txt 03-11-25-CNETNews-BlackoutsHighlightNetVulnerabilities.txt 03-11-25-NewsWise-DiversityNeededToFoilCyberAttacks.txt 03-11-27-Economist-FightingSpamAndWorms.txt 03-11-28-LATimes-TechCompaniesTryToControlInfoAboutSecurityHoles.txt 03-11-28-NYT-WormsAndVirusesInCellPhoneInternetAccess.txt 03-11-30-ACMWashUpdate-ACM-CRASponsorCyberSecurityEvent.txt 03-11-30-USACM-ACMWashingtonUpdate-7-11.txt 03-12-00-CACM-KillersVirusesAffectMillionsOfInternetUsers.txt 03-12-00-CACM-StandardsCanHelpInComputerSecurity.txt 03-12-01-CNETNews-YoranNewTopUSCybersecurityDefender.txt 03-12-03-DCInternet-USCybersecurityStillStalled.txt 03-12-03-SJMerc-CybersecuritySummitToRefocusAttention.txt 03-12-03-SJMerc-RetailerHackerSentencedToPrison.txt 03-12-03-SJMerc-SecRidgeTellsTechFirmsToCooperateOnCyberSecurity.txt 03-12-03-USDHS-RemarksBySecRidge.txt 03-12-04-SJMerc-ChinaOrdersDomesticSecurityOnWirelessNets.txt 03-12-04-SJMerc-DebianDefendedInLinuxSecurityIssue.txt 03-12-04-SJMerc-SecRidgeTellsTechFirmsToCooperateOnCyberSecurity.txt 03-12-04-WashPost-USDHSTellsTechFirmsToCooperateOnCyberSecurity.txt 03-12-06-ZDNet-Farber-CybersecurityRequiresSoftwareEngrReform.txt 03-12-08-NYT-TrojanHorsePutsHijackedComputersOnP2PNet.txt 03-12-09-CompWorld-SeveralUSAgenciesFailInCybersecurity.txt 03-12-09-FCW-USAgenciesGetPoorCyberSecurityGrades.txt 03-12-09-GovExec-USAgenciesGetPoorCybersecurityGrades.txt 03-12-09-NWFusion-IEEESaysChinasWirelessSecurityUnderminesWiFi.txt 03-12-09-USHouse-CybersecurityGrades-2000-2003.txt 03-12-11-ESecurityWeb-VerifiableEmailProposals.txt 03-12-12-CompWorld-CriticismOfEvotingMachinesSecurityMounting.txt 03-12-14-SJMerc-DG-ChinaOrdersDomesticSecurityOnWirelessNets.txt 03-12-15-CompWorld-UsersPlanForCybersecurityAttacks.txt 03-12-17-EarthWeb-BlueprintForInternetSecurity.txt 03-12-17-TechResNews-DeviceScansInternetPacketsForViruses.txt 03-12-19-BBC-CybersecurityThreatsARiskToNetsFuture.txt 03-12-19-WebHostIndRev-CERT-RacingToSecureTheInternet.txt 03-12-22-CompWorld-NewAntiHackingToolsComing.txt 03-12-23-BadYearForVirusAttacks.txt 03-12-28-WashPost-SpamSpywareVirusesAndWorms.txt 03-12-29-CompWorld-SecurityPredictionsFor2004.txt 03-12-29-NYT-SmartCarsAreCauseForConcern.txt 03-12-29-SJMerc-VoteHere-EvotingFirmsWebsiteHacked.txt 03-12-29-Wired-WishListsFor2004.txt 03-12-30-BusWeek-TopTechTrendsFor2004.txt 04-01-04-ECommTimes-TheSecureEmailChallenge.txt 04-01-05-InfoWeek-CybersecurityThreatsWontLetUp.txt 04-01-07-TechRev-IPv6WillMakeNetSlowerAndLessSecure.txt 04-01-08-SJMerc-NYTimesHackerPleadsGuilty.txt 04-01-09-Wired-MuchOfKazaaCodeIsMalware.txt 04-01-11-SwissInfo-SwissExpertTalksAboutViruses.txt 04-01-11-WashPost-HoneypotsCatchEvilDoers.txt 04-01-12-ITMgmt-IncreasingDamageFromHackersSlowing.txt 04-01-12-WSJ-TeachingCybersecurity.txt 04-01-15-CNETNews-LackOfDiversityIncreasesNetViruses.txt 04-01-15-SJMerc-GAOSaysGovtSlowToMakeSecurityImprovements.txt 04-01-20-MSNBC-RootServerPhysicalSecurityLiesInObscurity.txt 04-01-20-ServeSec-JohsHopkinsReportCriticalOfDODOnlineEvoting.txt 04-01-20-WashPost-BagleBeagleWormSpreadsByEmail.txt 04-01-21-NYT-JohsHopkinsReportCriticalOfDODOnlineEvoting.txt 04-01-21-UCBerkeley-ExpertsSayDODInternetVotingProgramNotSecure.txt 04-01-22-CNETNews-SecurityProsQuestionFlawFind.txt 04-01-22-SJMerc-JohsHopkinsReportBlastsDODOnlineEvoting.txt 04-01-25-NewSci-MutatingSoftwareCouldPredictAttacks.txt 04-01-26-WSJ-SimpleCookieIDsPresentSecurityProblem.txt 04-01-28-CompWorld-MyDoomTargetsMSWebsite.txt 04-01-28-SJMerc-DG-MyDoomEmailWorm.txt 04-01-28-Wired-MyDoomWormStillDangerous.txt 04-01-29-MSNBC-NationalCyberAlertSystem.txt 04-01-29-PCWorld-FTCFinds1MServersOpenToSpammers.txt 04-01-29-SJMerc-MSOffersRewardForMyDoomVirusWriter.txt 04-01-29-SJMerc-MyDoomTargetsMSWebsite.txt 04-01-29-WashPost-DHSComputerToTrackCyberAttacks.txt 04-01-30-SecFocus-DODLinuxSecurityProjectsLacksParticipants.txt 04-01-30-SJMerc-MSPlansDefensesAgainstMyDoomVirus.txt 04-01-30-SJMerc-StudyFindsMarylandSystemVulnerableToHackers.txt 04-01-30-TechNewsWorld-TerroristsNotLikelyToUseWorms.txt 04-01-31-USACMWashUpdate-SenateExpectedToApproveLegislationTargetingPeer-to-PeerSecurityRisks.txt 04-02-00-ACMQueue-DesigningSensibleAuthentication.txt 04-02-00-ACMQueue-RequiringProofOfAuthentication.txt 04-02-00-BusCommRev-RethinkingNetworkSecurity.txt 04-02-00-CACM-SOAP-SimpleObjectAccessProtocolMayLooseAbilityToGetThruFirewalls.txt 04-02-01-CSOOnline-FourSecurityGrandChallenges.txt 04-02-02-CompWorld-ITMgrsBiggestProblems-VirusesAndSpam.txt 04-02-02-WSJ-HighProfileWebSecurityFlawsSurface.txt 04-02-03-NatJourTechDaily-GAOOfficialUrgesStrengtheningStrategies.txt 04-02-03-SFChron-MyDoomPropagatesAttacksAndSpam.txt 04-02-03-SJMerc-MyDoomPlaguesSCOAgain.txt 04-02-04-GoVCompNews-SenSchumerCallsForMandatoryVirusReporting.txt 04-02-04-NextGenss-RealReleasesSecurityUpdate.txt 04-02-04-RealNetworks-RealReleasesSecurityUpdate.txt 04-02-05-NYT-ExpertsBlameNaiveUsersForVirusesSpread.txt 04-02-05-SJMerc-FlawFoundInCheckPointFirewallSoftware.txt 04-02-08-NYTMag-TheVirusUnderground.txt 04-02-09-CNETNews-DoomjuiceVirusFeedsOnMyDoomInfections.txt 04-02-09-NetCraft-MyDoomDDoSAttacksBeseigeMSServers.txt 04-02-09-NewsFact-LinuxMayHaveSecurityVulnerabilities.txt 04-02-09-WSJ-InternetSafety.txt 04-02-09-ZDNet-NokiaAdmitsBluetoothSecurityHolesInCellPhones.txt 04-02-10-CNETNews-DoomjuiceVirusFeedsOnMyDoomInfections.txt 04-02-10-ElectricNews-ExpertDownplaysNokiaBluetoothSecurityProblems.txt 04-02-10-SJMerc-MSWarnsAboutCriticalWindowsSecurityFlaws.txt 04-02-10-TechWeb-DoomjuiceVirusFeedsOnMyDoomInfections.txt 04-02-11-PCWorld-DHSReleasesCybersecurityReportCard.txt 04-02-11-SJMerc-MSWarnsAboutCriticalWindowsSecurityFlaws.txt 04-02-11-TechWeb-DoomjuiceVirusToLaunchDDoSOnMSWebsite.txt 04-02-12-CompWorld-GAOWarnsCAPPSIIFacesDelays.txt 04-02-12-WashPost-CongressAndCybersecurity.txt 04-02-13-CNETNews-WindowsCodeUpForGrabs.txt 04-02-13-InfoWorld-IBMAndCiscoSeekBetterSecurity.txt 04-02-13-SJMerc-IBMAndCiscoSeekBetterSecurity.txt 04-02-13-TechNewsWorld-HackersForHire.txt 04-02-13-WashPost-WindowsSourceCodeIllegallyLeaked.txt 04-02-15-CIOMag-CIOsChooseIntegratedSecurityProducts.txt 04-02-16-BostonGLobe-ComputerMonocultureDebated.txt 04-02-16-EWeek-WindowsCodeLeakShowsIEVulnerability.txt 04-02-16-SJMerc-SpammersExploitHighSpeedInternetConnections.txt 04-02-16-StanfordU-PasswordsAreInsufficient.txt 04-02-17-ECommTimes-SecurityIsWirelessWeakestLink.txt 04-02-17-PCMag-CanEmailSurvive.txt 04-02-18-ITMgmt-SomeSmallWormsInCirculation.txt 04-02-19-EWeek-LinuxSercurityHolesFoundAndFixed.txt 04-02-20-MIT-NSAWorkingOnInternetSecurity.txt 04-02-21-SJMerc-MainsoftInTroubleOverLeakedWindowsSource.txt 04-02-22-NewSci-NewAMDProcessorsStopBufferOverflowHoles.txt 04-02-23-EWeek-CongressToReviewTechAgenda.txt 04-02-23-NWFusion-RSAShowHighlightsNewProducts.txt 04-02-23-WSJ-ComputerSecurityEffortsIntensify.txt 04-02-25-CompWorld-LatestMydoomVariantCanDeleteFiles.txt 04-02-25-LATimes-CyberSecurityWarningSounded.txt 04-02-25-SJMerc-MSUnveilsNewSecurityInitiatives.txt 04-02-25-ZDNet-SenBennettSaysInfoSharingKeyToCybersecurity.txt 04-02-26-USC-ISI-NSFGrantFundsSelfDefenseForGridComputingNets.txt 04-02-26-WashPost-AntiVirusFirmsRaceToNameViruses.txt 04-02-27-BBC-HackersReverseEngrMSPatchesToExploitHoles.txt 04-02-27-BBC-MSAdmitsW95HadNoSecurityFeatures.txt 04-02-27-FinTimes-InspirationFromNature.txt 04-02-28-SJMerc-HackersAndSpammersWorkTogether.txt 04-02-29-USACM-HomelandSecurityEfforts.txt 04-03-00-CACM-CreatingAnExperimentalInfrastructionForDevelopingSecurityTechnologies.txt 04-03-00-CACM-EmergingTechnologiesForCyberSecurity.txt 04-03-00-CACM-IncreasedComputerPerformanceIncreasesSecurityDemands.txt 04-03-00-SCMag-FBIProjectDevelopsInto10000MemberInfraGardOrganization.txt 04-03-00-TechRev-ICANNIssues.txt 04-03-00-Wired-SchneierOnAntiTerrorismSecurity.txt 04-03-01-CommSysDes-PacketInspectionSystemsAidSecurity.txt 04-03-01-NWFusion-AntiSpamAppliancesBetterThanSoftware.txt 04-03-03-NetMag-XMLsAVDLSchemaSimplifiesSecurityPatching.txt 04-03-03-SJMerc-NewSystemsAllowsOwnersToHoldCreditCards.txt 04-03-04-ChamNewsGaz-NCSADevelopsSecurityVizTool.txt 04-03-04-SJMerc-VirusWritersDisableOtherViruses.txt 04-03-04-WashPost-VirusWritersAttackOtherViruses.txt 04-03-05-TechNewsWorld-SelfInnoculatingComputers.txt 04-03-08-EWeek-IndustryReadiesCyberSecurityPlan.txt 04-03-08-PCWorld-ApproachesToSecureAndSpamlessEmail.txt 04-03-13-ECommTimes-ProblemsMayDoomPasswords.txt 04-03-14-Oregonian-UCBResearchersFundedForVirusLab.txt 04-03-14-SJMerc-PassMarkIconLetsUsersVerifySiteAuthenticity.txt 04-03-14-SJMerc-ReconnexHardwareHelpsTrackInfoLeaks.txt 04-03-14-SJMerc-Reconnex-PassMark-ServGate-NewInternetSecurityFirms.txt 04-03-14-SJMerc-ServGateHasMultiThreatSecurityServiceForFirms.txt 04-03-15-CompWorld-NewBookTellsHowToExploitSecurityHoles.txt 04-03-17-CompWorld-QualitySoftwareCanImproveSecurity.txt 04-03-17-UPI-WarringVirusWritersThreatenCybersecurity.txt 04-03-17-WashPost-PhatbotP2PTrojanHorseInfectsManyComputers.txt 04-03-18-Wired-AntiVirusSoftwareWontStopFastSpreadingViruses.txt 04-03-18-WSJ-VirusesPossibleThreatToSmartCellphones.txt 04-03-19-TriValHerald-ResearchersVieForDHSFunding.txt 04-03-22-NatJourTechDaily-MarkleForumCallsForGovtSecurityNetwork.txt 04-03-23-CNETNews-VirusCausesRIAASiteToGoDown.txt 04-03-25-NYT-InstantMessagingUsedToSendSpamAndViruses.txt 04-03-26-TechNewsWorld-SWConfigurationMgmtCouldImproveSecurity.txt 04-03-29-CNETNews-XMLSecurityIssues.txt 04-03-29-CompWorld-InsideSymantecSecurityOpsCenter.txt 04-03-29-EWeek-RAINSGroupDevelopsSpecForSharingSensitiveData.txt 04-03-29-NetWorld-InterviewWithMotorolaSecurityVPBoni.txt 04-03-29-NetWorld-PatchMgmtBestDefenseAgainstVulnerabilities.txt 04-03-31-BosGlobe-TechGroupUrgesFedSecurityStandards.txt 04-03-31-PennState-NewDigitalPostmarkingInvention.txt 04-04-00-ACMQueue-SecurityRisksOfInstantMessaging.txt 04-04-00-CACM-TheRisksOfPasswordReuse.txt 04-04-00-UCB-CITRIS-UnivResearchersDevelopTestbedForNetAttackStudy.txt 04-04-01-CSOOnline-ChallengesImplemetingCybersecurity.txt 04-04-01-EUOrders8NationsToAdoptSpamAndCookieLaws.txt 04-04-03-TechNewsWorld-TheMythOfTheSecureOperatingSystem.txt 04-04-05-FinTimes-ExistingEffortsCannotStopRisingTideOfThreats.txt 04-04-05-NetWorld-ShouldUsersOrSWSuppliersBeResponsibleForSecurity.txt 04-04-06-GovCompNews-WorkingGroupSuggest25WaysToImproveITSecurity.txt 04-04-06-NewSci-EmailAttackCouldKillEmailServers.txt 04-04-07-ECommTimes-Interview-AntiVirusExpertMikkoHypponen.txt 04-04-07-TechRev-PureSWActWouldMandateLabeling.txt 04-04-08-CNETNews-RealNetworksIssuesSecurityPatch.txt 04-04-08-MacCentral-IntegoIssuesMacOSXTrojanHorseWarning.txt 04-04-08-USCERT-VulnerabilityInInternetExplorerITSProtocolHandler.txt 04-04-09-FedReg-DHSDataIntegrityAndPrivacyAdvisoryCommitteeSeekingMembers.txt 04-04-09-Wired-SomeExpertsSayOSXTrojanHorseNotAPoroblem.txt 04-04-10-ECommTimes-OpenessOfTCP-IPPosesSecurityProblems.txt 04-04-12-CNETNews-RiskOfBrowserBasedMaliciousCodeAttacksOnRise.txt 04-04-12-GovExec-HomelandSecurityAndITIndustryDevelopSecurityFramework.txt 04-04-15-SJMerc-HackersAccessUnivResearchComputers.txt 04-04-16-InfoWorld-HackersAccessUnivResearchComputers.txt 04-04-19-EETimes-NoGeneralUseOSsIsSecure.txt 04-04-19-NetWorld-SecurityHolesForcesRethinkingProgrammingProcesses.txt 04-04-19-ZDNet-ProfilesOfFamousHackers.txt 04-04-20-CFP2004-WhoIsWatchingTheWatchers.txt 04-04-20-InetWeek-TCPFlawCouldAllowRemoteShutDown.txt 04-04-20-US-CERT-TCPFlawCouldAllowRemoteShutDown.txt 04-04-20-WashPost-TCPFlawCouldAllowRemoteShutDown.txt 04-04-21-CommutarianNet-GapingHolesInDriversLicenseSystems.txt 04-04-21-CRN-CiscoReportsRouterSecurityFlaws.txt 04-04-21-SJMerc-TCPFlawCouldAllowRemoteShutDown.txt 04-04-21-ZDNet-NewProductsCheckForSecurityProblemsFromTheInside.txt 04-04-21-ZDNet-TCPFlawThreatOverstatedSaysDiscoverer.txt 04-04-22-CNETNews-BluetoothStillHasSecurityIssues.txt 04-04-22-IntlHeraldTrib--CiscoReportsRouterSecurityFlaws.txt 04-04-22-SJMerc-ChinaDownplaysDelayInWirlessSecurityStandard.txt 04-04-22-WashPost-IndustryGroupReportSaysTechProvidersShouldMakeSaferProducts.txt 04-04-23-WSJ-ChinaShelvesWirlessSecurityStandard.txt 04-04-24-SJMerc-TCPFlawCouldAllowRemoteShutDown.txt 04-04-26-EWeek-RecentUnixAttacksBasedOn1986HanoverHackersMethodology.txt 04-04-29-SJMerc-BarnesAndNobleFixesLeakThatExposedPersonalInfo.txt 04-04-30-DetFreePress-CompanySecurityLapsesAllowedIllegalSpamToBeSent.txt 04-04-30-SJMerc-CompanySecurityLapsesAllowedIllegalSpamToBeSent.txt 04-05-00-CACM-FinancialOrganizationsMustMaintainSecurityAwareness.txt 04-05-00-Cisco-SelfDefendingNetwork.txt 04-05-00-SWDevMag-GuideToHomelandSecurity.txt 04-05-03-CNETNews-NetskyVirusAuthorsClaimAuthorshipOfSasserWorm.txt 04-05-03-InfoWeek-ExposingCustomerDataAConstantThreat.txt 04-05-03-ISTResults-OperatingComputerSecurityIncidentResponseTeams.txt 04-05-03-SJMerc-SasserWormSpreadsRapidly.txt 04-05-05-CompResNews-MSShelvesNextGenerationSecureComputingBase-NGSCB.txt 04-05-05-TechWeb-SecurityProblemsIncreaseTotalCostOfWindows.txt 04-05-07-TechNewsWorld-WirelessPDAsAndSmartphonesAreHackersHeaven.txt 04-05-08-SJMerc-InformersIdentifySasserWormCreatorForMSReward.txt 04-05-10-CompWorld-BluetoothSecurityConcerns.txt 04-05-10-EWeek-EUCybercrimeLawsTooRestrictive.txt 04-05-10-EWeek-TrustedComputingGroupsWorkingOnWirelessSecuritySpec.txt 04-05-10-Guardian-SasserWormAuthorClaimsHeWasHelpingHisMother.txt 04-05-10-IDG-InformersIdentifySasserWormCreatorForMSReward.txt 04-05-11-IOL-SasserWormAuthorClaimsHeWasHelpingHisMother.txt 04-05-15-ArsTechnica-BreakinCompromisesCiscoSourceCode.txt 04-05-15-SecurityLab-BreakinCompromisesCiscoSourceCode.txt 04-05-19-CNETNews-SecurityFlawsInOpenSourceRepositorySystems.txt 04-05-19-MacNewsWorld-MacOSXSecurityFlawPlaguesWebBrowsers.txt 04-05-19-NewsFact-NonProgrammersCanNowCreateViruses.txt 04-05-24-InfoWorld-AppleSecurityPatchStillLeavesUsersVulnerable.txt 04-05-25-InfoWorld-RussiaBecomingMajorSourceOfVirusWriters.txt 04-05-25-USAToday-CIAInfoTechInPoorState.txt 04-05-26-CNETNews-SourceCoderCheckingProgramsMightFindVulnerabilities.txt 04-05-27-EWeek-First64BitMalwareAppears.txt 04-05-30-SJMerc-ManyWiFiSystemsNotSecure.txt 04-06-00-ACMQueue-AnotherLookAtTheCostOfTheBlasterWorm.txt 04-06-00-ACMQueue-BuildingSecureVirtualMachineSystems.txt 04-06-00-ACMQueue-FewTechnologiesForGuardingAgainstInsiderSecurityRisks.txt 04-06-00-ACMQueue-IsSecurityAProblemThatCantBeSolved.txt 04-06-00-ACMQueue-WhyCantWeProduceHighQualitySecureSoftware.txt 04-06-00-ACMUbiquity-SoftwareBasedComputingSecurityAndFaultTolerance.txt 04-06-00-CACM-AlmostEveryComputerOnTheInternetIsConstantlyScreenedForVulnerabilities.txt 04-06-00-GovTech-BetterSolutionsNeededForCybersecurity.txt 04-06-00-IEEEComputer-RichardClarkeDiscussesCybersecurity.txt 04-06-01-SJMerc-TwoFactorAuthenticationSystemsNeeded-SuperPasswordSystems.txt 04-06-02-NationalJ-FedSecurityOfficialsFaceScrutiny.txt 04-06-03-CERT-MSIEDoesNotProperlyValidateSourceOfRedirectedFrame.txt 04-06-03-CNETNews-AppleNeedsToImproveCommunicationAboutSecurity.txt 04-06-04-INetWeek-WorstCaseWormCouldCost50BInUSDamages.txt 04-06-04-NewSci-PasswordsCanStayOnHardDrivesEvenIfUserDoesNotSaveThem.txt 04-06-07-PCWorld-PolicyVSMarketplaceSolutionsToCybersecurity.txt 04-06-09-ACMUbiquity-SWApproachToComputerSecurity.txt 04-06-09-PCWorld-ExpertsWarmOfVoIPSecurityProblems.txt 04-06-10-GovExec-DHSDecidesNotToUpdateCybersecurityStrategy.txt 04-06-15-NetCraft-AkamaiOutageCausedByDoSAttacks.txt 04-06-15-Reuters-MSPlanningAntiVirusSWSeparateFromWindows.txt 04-06-15-SJMerc-AkamaiServedSitesAttacked.txt 04-06-16-Bloomberg-MSPlanningAntiVirusSWSeparateFromWindows.txt 04-06-16-ZDNet-AkamaiOutageCausedByDoSAttacks.txt 04-06-18-SJMerc0SymbiotProductAttacksHackers.txt 04-06-24-EWeek-CompromisedWebsitesInfectVisitorsComputers.txt 04-06-25-SansInst-CompromisedWebsitesInfectVisitorsComputers.txt 04-06-25-SJMerc-ScobVirusSpreadsThroughInfectedWebsites.txt 04-06-30-SearchWebSvcs-McNealyFlamesMSandOthersOverSecurityAndJava.txt 04-06-30-USACMWashUpdate-EUCybercrimeTreatyMovesTowarSenateRatification.txt 04-06-30-USACMWashUpdate-USACMRecommendsChangesToDMCA.txt 04-07-00-ACMQueue-SecurityIsHarderThanYouThink.txt 04-07-00-CACM-HIPAACreatesNewSecurityRisksInHealthCareData.txt 04-07-00-CyberDefMag-ExpertsCommentOnCybersecurityStatus.txt 04-07-00-GovTech-Book-TheTransparentSociety-PrivacySecurityTradeoffs.txt 04-07-00-GovTech-SAMLToKeepTrackOfOnlineIdentities.txt 04-07-00-IST-SECRETSProjectEvaluatesCybesecurityProtocols.txt 04-07-06-EWeek-EnterprisesSlowToDumpInternetExplorer.txt 04-07-06-NewsFact-ExpertsDebateMSSecurityEfforts.txt 04-07-07-CNETNews-YetAnotherInternetExplorerSecurityFlawFound.txt 04-07-08-EWeek-PatchReleasedForShellProtocolSecurityProblem.txt 04-07-08-GovtCompNews-MoreFundingNeededForCybersecurityResearch.txt 04-07-08-PCWorld-NoFedResponseToCybercrimeTaskForceRecommendations.txt 04-07-09-Mozilla-PatchReleasedForShellProtocolSecurityProblem.txt 04-07-09-SJMerc-MSEmployeeArrestedForHackingIntoAltaVistaComputer.txt 04-07-12-NYT-WozniakDefendsHackersAtHOPEConference.txt 04-07-13-Secunia-MultipleIESecurityVulnerabilities.txt 04-07-13-TechNewsWorld-IEMarketShareDropsTo94Percent.txt 04-07-23-InfoWorld-SurveyShowsEnterpriseSecurityIsShaky.txt 04-07-27-SansOrg-NewMyDoomUsesSearchEnginesToFindRecipients.txt 04-07-27-SecResponse-NewMydoomVirusDiscovered.txt 04-07-27-SJMerc-MyDoomWormVersionDisruptsSearchEngines.txt 04-07-28-Sophos-RankingsOfVirusAndWormThreats.txt 04-07-29-CompWorld-SearchEnginesUsedToFindSourceCodeAndVulnerabilities.txt 04-07-30-CNETNews-GhettoHackersAnnounceGlobalHackingContest.txt 04-08-00-CACM-CertifiedEmailToGuaranteeDelivery.txt 04-08-00-CACM-HierarchicalAuthenticationStructuresMayNotBeSufficientlySecure.txt 04-08-02-NYT-HackersDiscoveringVoIP.txt 04-08-02-USAToday-ExpertsWarnCyberattackCouldBeHighlyDisruptive.txt 04-08-03-PCWorld-USCybersecurityUnitsRecruitingHackers.txt 04-08-03-ZDNet-OracleRefusesToConfirmSecurityFlaws.txt 04-08-03-ZDNet-UKFirmDiscoversManySecurityFlawsInOracleSoftware.txt 04-08-04-NetWorld-ExpertSaysVirusWritersAreWinning.txt 04-08-07-WIred-HackerGetsCopiesOfInternalDataFromDieboldComputer.txt 04-08-09-PhysOrg-StevensInstProfDiscoversWeaknessesInWiFiSecurity.txt 04-08-12-SeattlePI-BlasterWormVariantPerpetratorHeadedForPrison.txt 04-08-12-TheReg-BlasterWormVariantPerpetratorHeadedForPrison.txt 04-08-16-SJMerc-DG-ServicePack2MakesComputerSaferButNotSafe.txt 04-08-18-TechNewsWorld-SpamAndVirusesBeingCombined.txt 04-08-18-VNUNet-SymantecCTOTalksAboutFutureOfITSecurity.txt 04-08-23-CompWorld-802dot11iWirelessSecurity.txt 04-08-24-EWeek-ConcernsMountOverTerroristAttackOnInternet.txt 04-08-27-TheReg-USIndictsInstigatorOfDDoSAttackForHire.txt 04-08-27-Wired-ArtExhibitFeaturesComputerVisusesAsArt.txt 04-08-30-EETimes-TestRevealEPassportSecurityAndPrivacyFlaws.txt 04-09-00-ACMCrossroads-ComputerSecurityAndIntrusionDetection.txt 04-09-00-ACMCrossroads-DistributedSecurityForAdHocNetworks.txt 04-09-00-ACMNetWorker-TheStateOfSecurityAndSpywareOnTheInternet.txt 04-09-00-ACMQueue-VoIPSecurityShouldNotBeAnAfterthought.txt 04-09-00-CACM-ManagingP2PSecurity.txt 04-09-00-InfoSecMag-USCriticalInfrastructureRemainsVulnerable.txt 04-09-13-UToronto-ProfsResearchComputerHackingAndDataRecovery.txt 04-09-21-NSF-CyberTrustProgramFundsCMUandUCSDCenters.txt 04-09-24-ChronHigherEd-Spafford-NoSoftwareIsSecure.txt 04-09-28-GermanSecurityFirmHiresWriterOfNetskyAndSasserVirusVariants.txt 04-09-29-SJMerc-CyberGateKeeperKeepsOutOfDateComputersOffLocalNetwork.txt 04-09-30-EWeek-ApplicationDevelopersNeedToIncreaseSecurityEfforts.txt 04-09-30-HarvardU-ProfDevelopingSWToolsToCheckProgramsForSecurityProblems.txt 04-09-30-USACM-CouncilOfEuropeAcceleratesActionOnCybercrimeConvention.txt 04-09-30-WashPost-FlawsInMSAppsAllowVirusesPlantedInJPEGImages.txt 04-10-00-CACM-SecrecyDoesNotProvideSecurity.txt 04-10-00-NewSci-IMProgramCouldBreakIntoComputers.txt 04-10-01-SJMerc-DHSCybersecurityChiefCifesFrustrationInResigning.txt 04-10-04-InfoWorld-SuperConnectedIMUsersAidSpreadOfWorms.txt 04-10-05-SciTech-NSFCenterForInternetDefensesTargetsCyberPlagues.txt 04-10-05-SJMerc-HackersAttackDutchGovtWebSites.txt 04-10-05-SJMerc-T-MobileUpgradesSecurityAtWiFiLocations.txt 04-10-08-CNETNews-ApplicationsSecurityConsortiumDefinesFirewallBenchmark.txt 04-10-12-GlobeMail-TheQuestForSecureComputerPrograms.txt 04-10-13-InfoSocTech-VocalidCardsUseCryptoAcousticTechnologyForSecureTransactions.txt 04-10-13-SJMerc-USAndIndiaAgreeToCooperateOnTechSecurity.txt 04-10-15-InformIT-FightingVirusesWithGoodViruses.txt 04-10-18-CNETNews-ThrowingMoneyAtCyberSecurity.txt 04-10-18-SJMerc-CiscoAndMSToWorkTogetherToFightViruses.txt 04-10-19-SecFocus-UCBHackingAllowedAccessToDataOn600KPeople.txt 04-10-19-TechWeb-AntiVirusSoftwareCanBeFooledByHackers.txt 04-10-20-TheReg-RegisterSuffersDDOSAttack.txt 04-10-21-CNETNews-Lofgren-BillIntroducedToPromoteCybersecurity.txt 04-10-21-SJMerc-UCBHackingAllowedAccessToDataOn600KPeople.txt 04-10-25-EntSec-ResearchersStudyWiFiSecurityWeaknesses.txt 04-10-25-GovtCompNews-CybersecurityIsIndustryBurden.txt 04-10-25-SJMerc-SecurityForHomeInternetUsersWeak.txt 04-10-27-InfoSocTech-JavaSmartCardsPromiseSecurityAndReliability.txt 04-10-27-VNUNet-CybersecurityRequiresIndustryAndGovernmentToShareInfo.txt 04-10-28-CNETNews-HackersNowEarningMoneyFromTheirExploits.txt 04-10-31-USACM-InfoTechIndustrySeeksElevationOfCybersecurityAtDHS.txt 04-11-00-ACMQueue-BookReview-WiFoo-SecretsOfWirelessHacking.txt 04-11-00-GovtSecNews-DHSCreatesDETERCybersecurityTestbed.txt 04-11-04-Yahoo-USAndEuropeUnpreparedForCyberAttack.txt 04-11-05-ChronHigherEd-UniversitiesDealWithHackerAttacks.txt 04-11-10-WSJ-ComputerSecurityIsAGrowingBusiness.txt 04-11-11-WSJ-MydoomWormRenewsDebateOnNotification.txt 04-11-12-CNETNews-SupercomputerClustersNeedToAddressCybersecurity.txt 04-11-12-CornellSun-PanelDiscussesCyberterrorism.txt 04-11-12-PennStateU-QFilterProvidesIncreasedDatabaseSecurity.txt 04-11-13-NewSci-CheritonProposesRadicalExtensionAsAlternativeToIPv6.txt 04-11-15-CompWorld-SecurityProsBemoanLackOfStrategicFocus.txt 04-11-15-InfoWeek-RFIDSecurityAndPrivacyIssues.txt 04-11-15-SciAm-SomeBluetoothDevicesVulnerableToHacking.txt 04-11-17-CNETNews-ExUSCybersecurityCzarCitesProblems.txt 04-11-17-DenPost-HackersBreakIntoColoradoUComputerSystem.txt 04-11-18-CNETNews-CybersecurityNeedsLeadership.txt 04-11-18-UFlorida-UFResearcherDevelopsComputerIntruderDetectionSystem.txt 04-11-19-GovtCompNews-CommitteeSaysMoreFundingNeededForCybersecurityRandD.txt 04-11-22-CompWorld-CMUsCyLabToStudycomputerSecurity.txt 04-11-22-GovtCompNews-SomeProgressInCybersecurityAtUSFederalLevel.txt 04-11-29-USAToday-TestShowsUnprotectedPCsLikelyToBeCompromised.txt 04-11-30-AvantGarde-TestShowsUnprotectedPCsLikelyToBeCompromised.txt 04-11-30-SeattlePI-HPToIncludeAntiVirusSoftwareWithServers.txt 04-11-30-TchWeb-TestShowsUnprotectedPCsLikelyToBeCompromised.txt 04-12-00-ACMNetWorker-PackagedSolutionsToNetworkSecurity.txt 04-12-00-BusCommRev-TheEvolutionOfNetworkSecurity.txt 04-12-00-CACM-AssessingExtentOfSecurityRislsInWirelessNetworking.txt 04-12-00-CACM-ProtectionOfArtisticContentFromIllegalDistribution.txt 04-12-00-CACM-SecurityInDistributionOfDigitalMedia.txt 04-12-00-CommACM-ProtectingArtisticContentFromIllegalDistribution.txt 04-12-01-SJMerc-HPToIncludeAntiVirusSoftwareWithServers.txt 04-12-02-CompWorld-CodeCheckingToolsNeededToFindSecurityBugs.txt 04-12-03-SJMerc-MailingAboutUCBSecurityBreach.txt 04-12-05-SeattlePI-FormerCIAChiefWarnsOnCyberterror.txt 04-12-06-SJMerc-FormerCIAChiefWarnsOnCyberterror.txt 04-12-07-WSJ-ComputerSecurityIndustryRecommendations.txt 04-12-09-InvestBusDaily-TimeToExploitVulnerabilitiesDecreasing.txt 04-12-10-EWeek-USCyberSecurityOfficePlansToMoveAhead.txt 04-12-12-Wired-CellPhoneSecurityIssues.txt 04-12-13-CNETNews-CodeAnalysisProjectSuggestsLinuxHasFewerFlawsThanWindows.txt 04-12-13-EWeek-ApplicationsNeedToBeSecureToo.txt 04-12-14-ACMUbq-Burke-TheNeedForCybersecurityCivilDefense.txt 04-12-14-InfoWeek-CybersecuritySlipsAsHomelandSecurityPriority.txt 04-12-17-ChronHighEd-ColleagesFaceRisingCostsForComputerSecurity.txt 04-12-20-NetWorld-NetAppsConsortiumNearsReleaseOfSecurityArchitecture.txt 04-12-20-NYT-Markoff-SecurityFlawFoundInGoogleDesktopSearch.txt 04-12-20-NYT-TrackingTerroristInternetUseDifficult.txt 04-12-21-SJMerc-GoogleQuicklyFixesDesktopSearchFlaw.txt 04-12-27-PCWorld-2004WasGoodAndBadForSecurity.txt 04-12-27-TechRep-ITProfesionalsAnIntgralPartOfCybersecurity.txt 04-12-28-InfoWeek-BushUrgedToRampUpCybersecurityEfforts.txt 05-01-00-ACMUbiquity-UsersDislikeSlowingSoftwareForSecurity.txt 05-01-00-CACM-VirusesAndWormsGetLittleAttentionInCSEducation.txt 05-01-03-CNETNews-DoomsdayCyberAttackPossible.txt 05-01-03-InvestBusDaily-SecurityRemainsInternetTroubleSpot.txt 05-01-05-Waynesville-56PercentOfWirelessNetworksUnprotected.txt 05-01-06-MS-MSOffersFreeVirusAndAntiSpywarePrograms.txt 05-01-06-SJMerc-MSOffersFreeVirusAndAntiSpywarePrograms.txt 05-01-09-Clickz-DevastingCyberAttackLikelyWithin10Years.txt 05-01-11-NatJTechDaily-ExCybersecurityChiefToFocusOnInternationalEfforts.txt 05-01-11-SecFocus-HackerBreaksIntoT-MobileNetwork.txt 05-01-12-SJMerc-HackerBreaksIntoT-MobileNetwork.txt 05-01-12-WashPost-AnotherComputerSecurityOfficialQuitsDHS.txt 05-01-13-InetNews-TorvaldsCriticizesSecurityProblemNotification.txt 05-01-13-LATimes-HackerBreaksIntoT-MobileNetwork.txt 05-01-17-InfoWeek-CyberAttackIncreasinglyUseAutomatedTools.txt 05-01-24-InfoWeek-WhatIsUSFederalRoleInCybersecurity.txt 05-01-26-CNETNews-USBattleToSecureCyberspace.txt 05-01-26-SecPipe-FormerDHSCybersecurityChiefInterview.txt 05-01-27-BetaNews-BagleWormAnniversaryBringsNewVariants.txt 05-01-27-CompResNews-WindowsMySQLWormExploitsPoorPasswords.txt 05-01-27-InetNews-MoreFlawsDiscoveredInCiscoIOS.txt 05-01-27-NetWorld-MoreFlawsDiscoveredInCiscoIOS.txt 05-01-28-NewsFact-BagleWormAnniversaryBringsNewVariants.txt 05-01-28-NewsFact-WindowsMySQLWormExploitsPoorPasswords.txt 05-01-30-NYT-JohnsHokinsResearchersCrackTICarKeyCode.txt 05-01-31-USACM-PITACApprovesReportOnFederalCybersecurityRandD.txt 05-01-31-USACM-WhiteHouseNamesNewHomelandSecurityDirector.txt 05-02-00-TechRev-TerroristsCouldUseCyberAttacks.txt 05-02-01-EWeek-PHPConsortiumTacklesApplicationSecurity.txt 05-02-07-WashTimes-NewDHSChiefFacesDilemma.txt 05-02-07-Wired-SecurityRisksFoundInVoIPProtocols.txt 05-02-09-SecFocus-AntiVirusSoftwareDoesNotCheckAllFileTypes.txt 05-02-10-eWeek-VirusAttacksMSAntiSpywareSystem.txt 05-02-10-InfoWeek-MSSaysItsMakingProgressOnSecurity.txt 05-02-10-Newsweek-RadicalIslamicWebsiteCallForCyberTerror.txt 05-02-10-SJMerc-VirusAttacksMSAntiSpywareSystem.txt 05-02-11-CNETNews-SmartAppliancesCouldBecomeVirusVictums.txt 05-02-12-SJMerc-LookForAttacksFromOnlineValentines.txt 05-02-13-SJMerc-CEOsToDiscussSecurityAtRSAConference.txt 05-02-14-CNETNews-NewSecurityProductsToBeAnnouncedAtRSAConference.txt 05-02-14-CNETNews-TechniqueForSecureIdentificationOfIMUsers.txt 05-02-14-NetWorld-NewSecurityProductsToBeAnnouncedAtRSAConference.txt 05-02-14-RSA-RSAConference.txt 05-02-15-CNETNews-MSToReleaseNewVersionOfIEToFixSecurityProblems.txt 05-02-15-CNETNews-SymantecDefendsSWAgainstMSAntiVirusSW.txt 05-02-15-MS-BillGatesRSAKeynoteOnSecurity.txt 05-02-15-SJMerc-CiscoAnnouncesNewSecurityProducts.txt 05-02-16-CNETNews-SoftwareFirmsFaultCollegeSecurityEducation.txt 05-02-16-SJMerc-USAgenciesGetDPlusOnSecurity.txt 05-02-17-InfoWorld-MSResearchersWarnOfRootkitMonitoringPrograms.txt 05-02-17-NewsFact-NewMydoomMutantIsOut.txt 05-02-17-SeattlePI-ClarkeCriticizesMSOverSecurityIssues.txt 05-02-17-SJMerc-ClarkeSaysUSFailsToDealWithCybersecurity.txt 05-02-17-Wired-RSAPanel-IssuesOfCybersecurityOversight.txt 05-02-18-InfoWorld-CallForEndToInfoSharingAndAnalysisCenters.txt 05-02-18-ZDNet-FirefoxCommunityPredictsContinuedGrowth.txt 05-02-21-NewSci-CVSS-CommonVulnerabiltiyScoringSystemAnnounced.txt 05-02-22-SJMerc-MSDecidesToSellVirusProtectionSoftware.txt 05-02-23-CNETNews-AlternativesToPasswordsShownAtRSAConf.txt 05-02-24-SJMerc-JapaneseGovernmentComputersSufferDoSAttack.txt 05-02-24-SpoBusJ-EasternWashUnivProfTeachesCybersecurity.txt 05-03-00-GovtSecMag-NewUSCybersecurityChiefDiscussesAgenda.txt 05-03-00-TechRev-TheFutureOfHacking.txt 05-03-01-NewSci-IPodEnthusiastsFindWayToInstallLinux.txt 05-03-02-PCWorld-InformationTheftFromChoicePointRaisesQuestions.txt 05-03-03-SJMerc-HackerBreaksIntoBusinessSchoolsAdmissionsData.txt 05-03-07-CompWorld-ITTheats-SecurityAndProductQuality.txt 05-03-07-TorontoStar-QuatumCryptographyCouldProvideGreaterDecurity.txt 05-03-08-SJMerc-HarvardRejectsApplicantsWhoAccessedAdmissionsData.txt 05-03-09-SJMerc-HarvardRejectsApplicantsWhoAccessedAdmissionsData.txt 05-03-09-SJMerc-LexisNexisReportsPersonalRecordsAccessed.txt 05-03-09-WashPost-LexisNexisReportsPersonalRecordsAccessed.txt 05-03-11-CompWorld-Experts-TechnologyWillStopPhishing.txt 05-03-11-SJMerc-MSBetaPatchTestingRaisesSecurityConcerns.txt 05-03-11-WashPost-HackersTargerUSPowerGrid.txt 05-03-13-SJMerc-FutureVirusesMightInfectAutoElectronics.txt 05-03-14-CNETNews-CompromisedComputersThreatenInternet.txt 05-03-14-Forbes-ComputersCreateManyProblems.txt 05-03-15-CIOMag-SeveralApproachedToBetterInternetSecurity.txt 05-03-15-CompWorld-Schneier-TechnologyWillNotStopPhishing.txt 05-03-16-CircleID-Auerback-CertifyDevicesThatAttachComputersToInternet.txt 05-03-18-GlobeAndMail-RSAConference-TheFutureOfSecurity.txt 05-03-18-GlobeAndMail-TheFutureOfITSecurity.txt 05-03-18-PITAC-Report-CyberSecurity-ACrisisOfPrioritization.txt 05-03-19-NYT-PITACReport-CyberSecurity-ACrisisOfPrioritization.txt 05-03-19-NYT-WiFiAllowsCriminalsToCoverTheirTracks.txt 05-03-21-CompWorld-NewSecuritySystemsDetectBeforeDmageIsdone.txt 05-03-21-NetWorld-NewRandDApproachesToSecurity.txt 05-03-22-CompWorld-SHA-1FlawNotSeenAsRiskToOneTimePasswords.txt 05-03-22-Scotsman-UKSuspectsTerroristCyberAttack.txt 05-03-22-SJMerc-PersonalDataStolenFromCalStateChicoComputers.txt 05-03-23-CNETNews-InstantMessagingVulnerable.txt 05-03-23-NewSci-SymantecSaysFirefox-Linux-MacOSAreVulnerable.txt 05-03-23-SJMerc-Counterpane-BruceSchneier.txt 05-03-25-FedCompWeek-Report-CybersecurityRegulationsDifficultToDefine.txt 05-03-26-NewSci-GermanHoneypotFindsBotsThatTakeControlOfPCs.txt 05-03-28-CompWorld-CMULabSeeksToAdvanceITSecurityAndReliability.txt 05-03-29--CFChron-StolenUCBLaptopExposesPersonalData.txt 05-03-29-SJMerc-LaptopTheftExposesUCBPersonalData.txt 05-03-31-NewSci-ReportUrgesChangesToDNSToImproveSecurity.txt 05-04-00-CACM-ITRiskManagementAndIncarceration.txt 05-04-04-SJMerc-NYLegislatureTargetsModemHighjacking.txt 05-04-05-ACM-USACMQuestionsRealIDActSecurityStandards.txt 05-04-05-ACM-USACMQuestionsRealIDAct'sSecurityStandards.txt 05-04-05-ITWorldCanada-BCInternetSecurityConference.txt 05-04-05-VNUNet-NRCStudy-DNSNeedUpdates.txt 05-04-06-SJMerc-PharmingRedirectsUsersToFakeWebsites.txt 05-04-08-SJMerc-MedicalBroupPatientsDataOnStolenComputers.txt 05-04-09-SJMerc-BogusWindowsUpdateEmailSendsUsersBogusWebsite.txt 05-04-10-SJMerc-VerisignCeo-ProtectingCriticalAssets.txt 05-04-11-UCB-UCBToLeadNSFCybersecurityTechCenter.txt 05-04-11-USAToday-LawsAimedAtDigitalMisdeedsLackBite.txt 05-04-12-SearchSec-Diffie-CriticalInfrastructuer-DisasterInTheMaking.txt 05-04-12-SJMerc-CongressMustAdoptStrongDataTheftBill.txt 05-04-14-CNETNews-USCybercrimePolicyNeedsTeeth.txt 05-04-14-GovySecNews-ISACsHaveCriticsAndAdvocates.txt 05-04-14-SJMerc-DataTheftAtRalphLaurenCompromisesThousands.txt 05-04-14-Stanford-StanfordJoinsNSFCybersecurityTechCenter.txt 05-04-18-CompWorld-EUTaskForceToStudyCybersecurity.txt 05-04-18-NetWorld-SomeArgueMoreNeedsInCybersecurity.txt 05-04-18-SJMerc-LexisNexisBeginsNotifyingVictimsOfDataBreach.txt 05-04-18-Wired-USMilitaryHasEliteCyberWarfareGroup.txt 05-04-20-EWeek-ResearchersProposeEarlyWarningSysyemForWorms.txt 05-04-21-CompWorld-CIDDAC-NewCyberterrorismSecuityCenter.txt 05-04-21-ZDNet-SecurityExpertsAsksSoftwareDevelopersForAccessToBugDatabases.txt 05-04-22-PittsTribRev-ExpertsSayHackersCanPenetrateComputersAnywhere.txt 05-04-25-IndianaUniv-CenterForAppliedCybersecurityResearch.txt 05-04-25-SJMerc-MSLonghornOSToUseHardwareCryptographicKey.txt 05-04-26-CompWeekly-DataEncryptionCouldBeKeyToMoreSecureData.txt 05-04-29-Computer-DoesTrustedComputingSolveSecurityProblems.txt 05-04-29-CyberCzarLegislationTaksFirstStepInCongress.txt 05-04-29-USACM-USACMQuestionsRealIDActSecurityStandards.txt 05-05-00-CACM-TransparencyAndTrustInSecurityAssurances.txt 05-05-00-IEEESpectrum-IntrusionDetectionSystems.txt 05-05-00-PubicCIO-Spafford-PolicyMakersNotConcernedEnoughWithCybersecurity.txt 05-05-04-ChronHigherEd-NSFSetsStrategyToImproveUSCyberinfrastructure.txt 05-05-06-SJMerc-VeriSignStuntGetsPeopleToGivePasswordsForCoffeeCoupon.txt 05-05-10-NYT-ComputerBreachAtCiscoAffectsThousandsOfComputers.txt 05-05-10-SJMerc-ComputerBreachAtCiscoAffectsThousandsOfComputers.txt 05-05-13-SJMerc-WachoviaAndBofANotifyCustomersOfSecurityBreach.txt 05-05-14-NewScientist-SoberComputerWormHitsInstantMessagingService.txt 05-05-15-SDTimes-SecurityExpertsSuggestImprovements.txt 05-05-18-RedHerring-USPowerGridVulnerableToComputerHackers.txt 05-05-19-WashPost-ComputersSeizedInLexisNexisDataTheftCase.txt 05-05-23-AP-BanksNotifyCustomersOfDataTheft.txt 05-05-24-ECommTimes-SecurityExpert-WebSecurityIssuesBasedOnRepeatedMistakes.txt 05-05-25-SJMerc-StanfordComputerSystemHacked.txt 05-05-25-Wired-LexisNexisCrackersRevealTactics.txt 05-05-26-Computing-CybersecurityRequiresCollaboration.txt 05-05-26-CompWorld-DHSCyberSecurityPlansCritcized.txt 05-05-26-CompWorld-GAOCallsDHSCybersecurityUnacceptable.txt 05-05-26-SecFocus-ManyDeviceDrivesContainSecurityFlaws.txt 05-05-26-SJMerc-CIAConductingWarGameOnInternetAttack.txt 05-05-31-USACM-CybersecurityIssuesMoveForwardInUSHouse.txt 05-06-00-ACMQueue-BetterSecurityByAskingTheRightQuestions.txt 05-06-00-ACMQueue-BiologicalTermsWidelyUsedInComputerSecurity.txt 05-06-00-ACMQueue-ComputerAttackTrendsIn2004And2005.txt 05-06-00-ACMQueue-FeelingSecureInAnUnsafeWorld.txt 05-06-00-ACMQueue-SecurityAttackTrendsIn2004And2005.txt 05-06-00-ACMQueue-WhyAreWeStillSoVulnerableToSecurityProblems.txt 05-06-02-InfoSecCon-WorkshopOnTheEconomicsOfInformationSecurity.txt 05-06-03-InfoWeek-ExpertSaysCybersecurityGettingBetter.txt 05-06-03-NewSci-CryptographersCrackSecureBluetoothDevices.txt 05-06-05-ChronHigherEd-SpaffordWarnsFederalStudentDatabaseVulnerable.txt 05-06-06-InfoWorld-Pharming-HackedDNSServersRedirectUsers.txt 05-06-06-NetWorld-IowaStateBuildsModelInternet.txt 05-06-07-CompWorld-UniversitiesOpenToSecurityBreaches.txt 05-06-08-GovtExec-DHSCybersecurityInitiativesExpected.txt 05-06-09-NewSci-NewBreedOfVirusesReportSecurityProblemsToHackers.txt 05-06-09-NYT-CompaniesAndGovtToImprovePersonalDataProtection.txt 05-06-13-PCWorld-VoIPAndMobileVirusThreatsMayBeOverhyped.txt 05-06-14-PRNewswire-AOLIdentifiedAsNetworkWithMostHijackedComputers.txt 05-06-15-InfoWeek-AOLNotSurprisedItHasMostHijackedComputers.txt 05-06-16-WSJ-BluetoothWirelessVlnerableToBeingCracked.txt 05-06-17-BusWeek-ComputerSecuritySoftwareVulnerabilitiesIncrease.txt 05-06-17-CNETNews-DHSBehindOnCybersecurity.txt 05-06-17-Newsday-NYLegisalturePassesBillToRequireDataTheftNotification.txt 05-06-17-SJMerc-KeyUSLegisatorsAgreeDataTheftNotificationIsNeeded.txt 05-06-20-NYT-CardSystemsShouldNotHaveKeptTransactionData.txt 05-06-20-YankeeGroup-ComputerSecuritySoftwareVulnerabilitiesIncrease.txt 05-06-22-TechNewsWorld-BetterCybersecurityStillYearsAway.txt 05-06-23-Corante-FTCReleasesP2PWorkshopReport-NotConvincedP2PDangerous.txt 05-06-23-SJMerc-ConfidentialJapaneseNuclearPlantDataOnTheInteret.txt 05-06-23-ZDNet-Farber-WebIsHazardousAndPoliticiansAreWorriedAboutControl.txt 05-06-24-NYT-ComputerTakeoversBecomingMajorProblem-ZombieNetworks.txt 05-06-26-WashPost-SecurityIssuesUndermineInternet.txt 05-06-27-CompWorld-CybersecurityGroupLooksToEuropeForMembers.txt 05-06-29-SJMerc-SenatorsProposeSweepingDataSecurityBill.txt 05-06-30-SJMerc-InsidersMayPoseGreatestDataTheftRisk.txt 05-06-30-SJMerc-SecurityBreachAtCardSystemsLeavesFewLeads.txt 05-06-31-USACM-SenatorsIntroducePrivacyAndSecurityBill.txt 05-07-00-Computer-InstantMessagingBecomingSecurityTarget.txt 05-07-00-TodaysEngr-VotingMachineStandardsMoveForward.txt 05-07-01-SetworkMag-TrustedComputingArchitectures.txt 05-07-07-GovtExec-LegislationToElevateCybersecurityPostMayDieInSenate.txt 05-07-11-GovExec-GAO-DHSInformationSecurityPlansLacking.txt 05-07-13-CompWorld-DHSReorgCreatesNewCybersecurityPosition.txt 05-07-17-NYT-CorruptedPCsDiscardedInsteadOfCleaned.txt 05-07-18-CNETNews-MoreSecurityAttacksComingFromNonUSLocations.txt 05-07-19-PCWorld-GAOtellsSenateRecoveryPlanNeedForInternetAttack.txt 05-07-21-OnLamp-ColinPercivalDiscussesSecurityThreats.txt 05-07-25-eWeek-GridComputingGroupIssuesSecurityRequirements.txt 05-07-25-eWeek-USBDriberBufferOverflowsProvideSecurityBreach.txt 05-07-25-RedHerring-ITFirmsSeeLackOfLeadershipInCyberSecurityResearch.txt 05-07-26-TechDaily-ExpertsSayMoreMoneyNeededOnCyberSecurity.txt 05-07-27-CNETNews-ExpertsWarnAntiVirusSoftwareCouldBeSecurityRisk.txt 05-07-27-WashPost--ResearcherRevealsDetailsOfCiscoFlaw.txt 05-07-27-WashPost--ThreatsIssuedAsResearcherRevealsDetailsOfCiscoFlaw.txt 05-07-28-CNETNews--LawsuitsFiledAsResearcherRevealsDetailsOfCiscoFlaw.txt 05-07-28-CNETNews-SenateMovesTowardNewDataSecurityRules.txt 05-07-28-CompWorld-ResearcherAgreesToStopRevealingDetailsOfCiscoFlaw.txt 05-07-28-NetworkWorld--ResearcherRevealsDetailsOfCiscoFlaw.txt 05-07-29-Reuters-BluetoothMakesCarSystemsVulnerableToViruses.txt 05-07-29-SJMerc-ResearcherAgreesToStopRevealingDetailsOfCiscoFlaw.txt 05-07-29-SJSecFocus-ResearcherAgreesToStopRevealingDetailsOfCiscoFlaw.txt 05-07-31-NYT-SniffersLocateSecretsOnUnsecureSystems.txt 05-08-00-CACM-SpywarePosesMultipleThreatsToSecurity.txt 05-08-00-TodaysEngr-CongressToldUSFacingCybersecurityCrisis.txt 05-08-01-Wired-InterviewWithResearcherWhoRevealedDetailsOfCiscoFlaw.txt 05-08-02-NetWorld-GoogleCanBeUsedToFindSitesToIntrude.txt 05-08-03-CNETNews-ManyDNSServersVulnerableToDNSCachePoisoning.txt 05-08-03-eWeek-SpeakerVerificationCouldProvideComputerSecurity.txt 05-08-03-Slashdot-CiscoWebsiteMayRequireNewPassword.txt 05-08-04-CNETNews-ComputerWormsCouldDodgeTraps.txt 05-08-04-SecFocus-GameMeasuresHackingSkill.txt 05-08-04-Stanford-ResearchersExtendBrowserToHelpProtectPasswords.txt 05-08-04-WashPost-VeriSignUsesExtremeSecurityMeasures.txt 05-08-05-Reuters-WirelessNetworksAreEasyPickingsForHackers.txt 05-08-09-InvestBusdaily-CriticsSayComputerSecurityStillLags.txt 05-08-11-CompWorld-NewEnergyBillHasCybersecurityRepercussions.txt 05-08-11-CompWorld-USDHSHeadChertoff-BusinessNeedToFocusOnCybersecurity.txt 05-08-15-FedCompWeek-NISTCreatesOnLineCybersecurityDatabase.txt 05-08-17-Reuters-NewVirusesAttackABCNewsComputers.txt 05-08-18-ABCNews-WarOfWormsLaunchesLatestCyberAttack.txt 05-08-22-CSMonitor-HackerSoftwareFightsHackerSoftware.txt 05-08-22-InvestBusDaily-DataBreachesInspireCongressionalAction.txt 05-08-23-NewsFact-IncreasingInternetSecurityMightUndermineInfrastructure.txt 05-08-24-InfoWeek-CyberIncidentDetectionAndDataAnalysisCentersWarnsOnCybersecurity.txt 05-08-25-WashPost-AttacksOnUnclassifiedUSGovernmentSitesComingFromChina.txt 05-08-26-LosAlamosMon-LANLComputersWithstandDailyCyberAttacks.txt 05-08-27-GovtCompNews-DHSTakingCrossSectorApproachToCyberSecurity.txt 05-08-29-CompWorld-DistanceDetectionMayHelpSecureWiFi.txt 05-08-29-InfoWeek-CybersecurityThreatsGetNastierAndDoneForFinancialGain.txt 05-08-30-ITObserver-TheFutureOfComputerWorms.txt 05-09-00-CACM-DataSecurityAndGovernmentRegulations.txt 05-09-00-CardTech-ElectronicPassportsDebutAmidSecurityConcerns.txt 05-09-00-SoftDev-SecuritySoftwareASourceOfAttacks.txt 05-09-02-CompWorld-TrevorBarrBelievesChaosWillRuleInternetIn2010.txt 05-09-02-ZDNetAus-MSClaimsSecureDevelopmentSuccess.txt 05-09-05-NetWorld-UsingGoogleToFacilitateHacking.txt 05-09-05-Time-StoppingChineseCyberspies.txt 05-09-07-CNETNews-BugHuntersAndSoftwareFirmsInUneasyAlliance.txt 05-09-07-SecFocus-ResearcherIdentifiesICMPSecurityIssues.txt 05-09-09-ZDNet-MacUsersMustWakeUpToSecurity.txt 05-09-10-NewSci-BiometricsCarriesRisksAsWellAsRewards.txt 05-09-12-CompWorld-NewSoftwareCanDefendAgainstHighSpeedWorms.txt 05-09-12-OReilly-NextFiftyYearsOfCybersecurity-AlanCoxInterview.txt 05-09-13-WashPost-TeenPleadsGuiltyToHackingParisHiltonCellPhone.txt 05-09-14-SearchSec-DangerTheoryCouldAidIntrusionDetection.txt 05-09-15-CIOMag-GlobalStateOfInformationSecurity2005.txt 05-09-16-PCWorld-CongressWondersIfCrucialNetworksAreProtected.txt 05-09-16-SJMerc-AudioRecordingsOfKeystrokesYieldUsersInput.txt 05-09-18-LATimes-ManyTypesOfKeystrokeMonitoringSchemesAvailable.txt 05-09-23-ChronHigherEd-CollegeStudentsAttendCybersecurityBootCamp.txt 05-09-26-InfoWorld-TheEscalatingCybersecurityArmsRace.txt 05-09-27-CompWorld-RepLungrenWontRuleOutCybersecurityRegulation.txt 05-09-30-USACM-CyberCrimeOnRise.txt 05-09-30-USACM-SneateJudiciaryCommitteeHoldsHearings.txt 05-10-05-NYT-InnundatingSystemWithTextMesageSpamCouldDisableCellPhones.txt 05-10-07-NIST-ThreatAnalysisWorkshop.txt 05-10-10-CNETNews-WillUSCybersecurityBecomeNextFEMA-LikeDisaster.txt 05-10-13-InfoWorld-VoIPMayHaveSecurityVulnerabilities.txt 05-10-17-eWeek-CybersecurityThreatsGetMoreSophisticated.txt 05-10-19-WashTech-HurricanesPostponeDHSCyberStormExercise.txt 05-10-20-Wired-ShouldProgrammersBeHeldResponsibleForTheCodeTheyWrite.txt 05-10-27-NJTechDaily-CyberSecurityIndustryAllianceUrgesWhiteHousePriority.txt 05-10-28-CompWorld-IBMResearchersDevelopWhiteListApproachToUnknownPrograms.txt 05-10-28-SJMerc-WebBankingToGetSecurityUpgrades.txt 05-10-29-NewSci-AttacksOnQuantumComputersInevitable.txt 05-10-31-eWeek-MSProjectsShowSeriousAboutSecurity.txt 05-10-31-USACM-USACMChairWarnsAgainstUnderfundingResearch.txt 05-11-00-CACM-DetectionAndPreventionOfStackBufferOverflowAttacks.txt 05-11-00-EETimes-MetcalfOnTheInternet-SecurityAndSpam.txt 05-11-01-CNETNews-USConsidersNewDigitalSignatureStandard.txt 05-11-04-SJMerc-ArrestInZombieNetworkCase.txt 05-11-07-CNETNews-DHSCybersecurityPlanIsVague.txt 05-11-07-ISTResults-SecurityAndPrivacyIssuesInMobileCommunications.txt 05-11-10-SearchDec-TrojansTargetSonyRootkitDRMAndWindowsGraphics.txt 05-11-10-Sophos-TrojanHorseExploitsSonyDRMCopyProtection.txt 05-11-14-Felten-SonyRootkitUninstallerOpensBigSecurityHole.txt 05-11-14-InfoWeek-ITProsBeingTrainedToThinkLikeHackers.txt 05-11-15-SJMerc-ResearchersSayRemovalOfSonyRootkitCompromisesSecurity.txt 05-11-16-FinTimes-USRelyingOnPrivateCompaniesToCounterCyberterrorism.txt 05-11-16-InfoWeek-IowaStateHoldsAntiHackerCompetition.txt 05-11-24-SiliconCom-ExpertsRevealChineseHackersAtttackingUSComputers.txt 05-11-28-InfoWeek-ApplicationsAreNewTargetOfCyberAttacks.txt 05-11-28-ISTRes-SecurityExpertsInitiative-SeemlessSecurity.txt 05-11-29-BusWire-Study-PCUsersBelieveBiometricsWillMakeComputersMoreSecure.txt 05-11-29-PCWorld-ExpertSaysMoreSophisticatedInternetAttacksLikely.txt 05-12-00-ACMQueue-CrossSiteScriptingAttackHitsMySpace.txt 05-12-00-AusPCWorld-NewFormsOfAttacks.txt 05-12-00-CACM-BiometricsPromisingSecurityImprovement-MustOvercomeTechnicalAndSocialChallenges.txt 05-12-00-CACM-DirectionsForSecurityAndPrivacyForSemanticEBusinessApplications.txt 05-12-00-CACM-IdentifyingAndDefendingAgainstPortrelatedVulnerabilities.txt 05-12-00-CACM-SecureKnowledgeManagementAndTheSemanticWeb.txt 05-12-00-OptimizeMag-TeamingUpToTackleRiskMgmt.txt 05-12-01-CompBusRev-SecureDNSFacesResistance.txt 05-12-01-NewSci-NewSolutionsToVirusProblemOfferHope.txt 05-12-05-BusWeek-ComputersMightFixProblemsAutomatically.txt 05-12-05-InfoWeek-ITDepartmentsUnderfundedAndUnderstaffed.txt 05-12-06-CNETNews-9-11PanelsFaultsGovernmentOnCybersecurity.txt 05-12-06-CNETNews-IMWormRepliesToUsers.txt 05-12-06-Wired-ResearcherFindsCiscoRouterBugs.txt 05-12-07-CompWorld-IMWormRepliesToUsers.txt 05-12-07-CompWorld-PortScansNotAlwaysAttacksOnComputers.txt 05-12-07-Yahoo-IntelWorkingOnRootkitDetection.txt 05-12-09-ClarksonU-VulnerabititiesOfBiometricSystemsStudied.txt 05-12-12-CNETNews-SecureSocketLayerToGetHighAssuranceCertificates.txt 05-12-13-FinTimes-USOffiicalSaysTechLeadershipKeyToCybersecurity.txt 05-12-13-WashPost-TechIndustyGroupBlastsUSLeadershipOnCybersecurity.txt 05-12-19-TechRev-TheInternetIsBroken.txt 05-12-19-WashPost-SecurityFirmGuidanceCustomerDatabaseBrokenInto.txt 05-12-20-TechRev-TheInternetIsBroken.txt 05-12-26-USAToday-NewCyberattacksAimedAtCorporateEspionage.txt 05-12-29-SJMerc-OregonManPleadsGuityToCyberattcks.txt 05-12-31-TelecomWeb-HouseDemsReleaseCriticalReportOnDHSCybersecurity.txt 05-12-31-USACM-USACMChairCommentsOnDODCybersecurity.txt 05-USACM-DataSecurityLegislationMovingForwardInCongress.txt 06-01-00-ACMInteractions-PeopleGiveUpTheirPasswardsTooEasily.txt 06-01-00-ACMUbiquity-KeepingInformationSecure.txt 06-01-00-CACM-UsablePrivacyAndSecurityForPersonalInformationManagement.txt 06-01-00-CACM-UsingCostBenefitAnalysisInBudgetingForCyberSecurity.txt 06-01-00-IEEEInternetComp-DenialOfServiceAttackDetectionTechiques.txt 06-01-01-CampusTech-SetGoalsForVulnerabilityScanners.txt 06-01-03-CompWorld-RSACEOSeesLackOfUSCybersecurityLeadership.txt 06-01-05-RedHerring-MSToReleaseSecurityFixEarly.txt 06-01-05-SecFocus-SecurityFlawsOnTheRise.txt 06-01-10-CNETNews-USHomelandSecuritySupportsOpenSourceBugHunt.txt 06-01-10-Symantec-NortonProtectedRecycleBinHasHiddenFile.txt 06-01-10-Telephony-HomelandSecurityConferenceFocusesOnCollaboration.txt 06-01-11-eWeek-NortonProtectedRecycleBinHasHiddenFile.txt 06-01-11-SearchSec-FBISaysCyberAttacksSucceeding.txt 06-01-15-SFChron-USMoreVulnerableToTerroristCyberAttacks.txt 06-01-17-CyberIndia-USAndIndiaAgreeToWorkTogetherOnCybersecurity.txt 06-01-19-CNETNews-CyberCrimeCostsUSBusiness67BDollars.txt 06-01-22-KCStar-ManySayInternetNeedsRedoingForBetterSecurity.txt 06-01-23-SJMerc-HackerPleadsGuiltyToProvidingAttackNetwork.txt 06-01-24-USACM-LetterToCongressUrgingBroaderViewOfDataSecurity.txt 06-01-25-FedCompWeek-Panel-CybercrimeWillIncrease.txt 06-01-25-SJMerc-StopBadSWCoalitionToIdentifyCompanies.txt 06-01-25-WashPost-StopBadSWCoalitionToIdentifyCompanies.txt 06-01-27-CompReseller_AllchinDiscussesMSVistaSecurity.txt 06-01-28-MilInfoTech-DesigningARoadmapForCybersecurity.txt 06-01-30-FinTimes-CompputerVirusesAdvanceOver20YearsAgo.txt 06-01-31-ISNSecNews-GovtRegulationNotTheAnswerToNetSecurity.txt 06-01-31-SJMerc-CME-24WormSetToCorruptDocumentFiles.txt 06-01-31-TechWorld-BrowserCookieHandlingCouldLeadToAttacks.txt 06-02-00-CACM-InvestigatingSophisticatedCyberSecurityBreaches.txt 06-02-00-CACM-StateAndLocalLawEnforcementNotReadyForCyberSecurity.txt 06-02-02-BusWeek-MoreWorkNeededToStopCybercrime.txt 06-02-03-CNN-UsersPracticeSafeComputingToAvoidKamaSutraWormDamage.txt 06-02-03-SJMerc-KamaSutraWormCausesLittledamageSoFar.txt 06-02-03-TMCnet-BeneficialWormsToTrackDownAndEliminateMaliciousWorms.txt 06-02-07-AP-MSWillOfferNewPaidSecuritySubscriptionService.txt 06-02-07-SecFocus-SchmooCon-AppleTargetForHackers.txt 06-02-08-SecFocus-AppleComputerWithOS-XDisabledByAttack.txt 06-02-08-ZDNet-SecurityExpertsReportOnStateOfCybersecurityAtDemo2006.txt 06-02-09-AP-NewGoogleFeatureTransfersUsersHardDriveData.txt 06-02-09-AP-USAirPassengerScreeningPlanSuspended.txt 06-02-10-AP-USWrapsCyberStormExerciseTestingInternetDefenses.txt 06-02-13-SJMerc-VoIPCallsCanBeHackedSpammedAndSavedOnServers.txt 06-02-14-AP-GatesOutlinesStepsToImproveComputerSecurity.txt 06-02-14-EETimes-CryptoExpertsSaysRFIDTagsCanBeCrackedWithCellphone.txt 06-02-14-FinTimes-GatesDefendsVisionOnInternetSecurity.txt 06-02-14-SJMerc-GatesOutlinesStepsToImproveComputerSecurity.txt 06-02-15-PanelOfexpertsSeesProgressInCybersecurity.txt 06-02-15-SJMerc-AreComputerSecurityCompaniesSucceedingInProvidingProtection.txt 06-02-15-SJMerc-GatesUnveilsNewPCSecurity-SeesEndOfPasswords.txt 06-02-16-AP-AppleHackersEncounterPoeticWarning.txt 06-02-16-SJMerc-FBIChiefAsksTechForHelpOnCriminalHacking.txt 06-02-16-TechRev-SecurityExpertsReadyToFightBackWithCryptography.txt 06-02-19-WashPost-HackersHijackingThousandsOfPCs.txt 06-02-21-RedHerring-GartnerSuggestsDisablingGoogleSearchFeature.txt 06-02-21-UMass-OnlineShoppingHazards.txt 06-02-24-ScienceMag-ACareerInComputerSecurity.txt 06-02-24-SJMerc-McAfeeEmployeeDataLost-NotEncrypted.txt 06-03-00-InfoToday-GraphicalPasswordsPromiseEasierUse.txt 06-03-01-SCMag-DHSCyberSecurityExecDescribesMission.txt 06-03-05-NYT-NeighborsPiggybackOnOthersWiFi.txt 06-03-06-ElecWeekly-HackersAccessSmartcardInformation.txt 06-03-06-ZDNet-MacOSXHackedInUnderThirtyMinutes.txt 06-03-07-SearchSec-NSF-TRUSTProject-MultipleUniversities.txt 06-03-10-eWeel-VirtualMachineMonitorRootkits.txt 06-03-13-InfoWorld-SecurityHoleFoundInGnuPGCryptoProgram.txt 06-03-15-GovExec-CongressionalReportRatesUSGovtOrganizationsCybersecurityAsDismal.txt 06-03-15-NYT-Study-RFIDChipsVulnerableToHacking.txt 06-03-16-AP-ICANNToLookAtUsingDNSNameServersToAttackWebsites.txt 06-03-16-InfoWeek-Researcher-RFIDsVulnerableToViruses.txt 06-03-17-ITMgmt-CongressionalReportRatesUSGovtOrganizationsCybersecurityAsDismal.txt 06-03-23-SJMerc-FidelitySaysRecordsFor196KH-PEmployeesOnStolenLaptop.txt 06-03-24-AP-UsingDNSNameServersToAttackWebsites.txt 06-03-24-SJMerc-LossOfLaptopsAGrowingProblem.txt 06-03-27-WashTech-ITCoordinationCouncilDraftsCyberattackResponse.txt 06-04-00-ACMQueue-MonitoringOutboundNetworkConnections-ExtrusionDetection.txt 06-04-00-CACM-BiometricAppliancesOfferedForSale.txt 06-04-00-EnterNetsAndServers-TestbedsBoostCyberSecurityResearch.txt 06-04-00-NatlSciAndTechCouncil-FederalPlanForCyberSecurity.txt 06-04-03-CompBusRev-USGovtTakesInterestInDenialOfServiceAttacks.txt 06-04-04-NSF-NSFFundsStudiesOfVoIPSecurity.txt 06-04-04-USACM-DataSecurityLegislationInchesForward.txt 06-04-05-PCWorld-WillNewBillsProtectYourPersonalData.txt 06-04-07-ByteAndSwitch-ITManagersWarnedOfSmartViruses.txt 06-04-07-CompWorld-SecurityRisksInWebServicesIgnored.txt 06-04-07-UBuffalo-SpaffordToDiscussCybersecurityCrisis.txt 06-04-10-GovExec-RepDavisMayRevisitComputerSecurityLaw.txt 06-04-11-AP-OnlineVoteOnWashStateQuarterSuspended.txt 06-04-17-GovtCompNews-USDHSStillGearingUpResponseToCyberthreats.txt 06-04-18-GovtCompNews-DebateOverWhetherDevelopersOrUsersCauseSecurityProblems.txt 06-04-20-AP-WestchesterCtyToRequireWirelessNetworkSecurity.txt 06-04-21-CNETNews-AuthenticatingEmailCanBreakIt.txt 06-04-24-AP-MacUsersFaceGrowingSecurityRisk.txt 06-04-25-NatlJ-CouncilReleasesPlanForCybersecurityResearch.txt 06-04-26-CompWorld-BugsPutWidelyUsedDNSSoftwareAtRisk.txt 06-04-27-UIllinois-NewSoftwareAllowsPrivacyAndSecurityInSharingNetworkConnection.txt 06-04-28-BBC-DNSServersOpenToAttack.txt 06-05-00-ACMInteractions-EvaluatingSecurityAndPrivacyIndicators.txt 06-05-00-ACMInteractions-HumanComputerInteractionAndFeelingSecure.txt 06-05-00-ACMInteractions-HumanComputerInterfacesCanPromoteSecurity.txt 06-05-00-ACMInteractions-IntroductionToHumanComputerInterfacesAndSecurity.txt 06-05-00-ACMInteractions-IsUsableSecurityAnOxymoron-HumanComputerInteractionIssues.txt 06-05-00-ACMInteractions-MinimalFeedbackHintsForRememberingPasswords.txt 06-05-00-ACMInteractions-UserInterfaceDesign-EvaluatingSecurityAndPrivacyIndicators.txt 06-05-00-ACMInteractions-UsingHumanComputerInterfacesToPromoteSecurity.txt 06-05-00-ACMInterations-KeepingUsersAwayFromDangerousThigsOrPermittingDoingThingsSafely.txt 06-05-00-CACM-DecidingWhetherToDownloadOrNot.txt 06-05-00-CornellU-DNSNamingSystemIsNotSecure.txt 06-05-01-FedCompWeek-CybersecurityPlanIdentifiesResearchThreats.txt 06-05-01-GovtCompNews-ExpertSaysGovtNeedsBetterOrganizationAndFocus.txt 06-05-05-AP-CAManPleadsGuiltyToComputerAttacks.txt 06-05-05-BBC-NASAHackerSuspectFearedUFOCoverup.txt 06-05-05-NetWorld-USDataDataBreachNotificationLawUnlikelyThisYear.txt 06-05-08-CornellUniv-SurveyOfDNSSecurity-VulnerableAndBaluableAssets.txt 06-05-10-AP-BritishCourtOKsExtraditionOfHackerSuspectToUS.txt 06-05-11-eWeek-AJAX-AsyncJavaScriptAndXML-TacklesSecurity.txt 06-05-11-eWeek-MSResearchersDevelopingAutomatedMalwareClassification.txt 06-05-12-NewSci-MashupWebsitesAreHackersDreamComeTrue.txt 06-05-14-Reuters-CyberThreatsToUSBusinessGrowMoreDangerous.txt 06-05-16-ZDNetr-BadSecurity-EveryoneDoesIt.txt 06-05-19-InfoWorld-ResearchersSaySpendMoreToProtectSeriousAttacks.txt 06-05-19-ITNews-USDHSBashesRFIDToTrackPeople.txt 06-05-19-MasseyUniv-HackingUsingGoogleBigProblem.txt 06-05-22-NetWorld-SecurityExpertRecommendsNetDiversity.txt 06-05-22-USACM-VALaptopWithPersonalInformationStolen.txt 06-05-22-VetAffairs-VALaptopWithPersonalInformationStolen.txt 06-05-24-EEYE-RemotelyExploitableVulnerabilityExistsInSymantecAntivirusProgram.txt 06-05-25-AP-SymantecAntivirusSoftwareExposesCustomerComputers.txt 06-05-25-AP-VADiscoversTheftOfPersonalDataForMillionsOfVeterans.txt 06-05-25-AP-VAEmployeeImproperlyTookDataHome.txt 06-05-25-CNET-MPAAAccusedOfHiringHacker.txt 06-05-25-eWeek-SymantecAntiVirusWormHolePutsCustomersAtRisk.txt 06-05-26-AP-MPAAAccusedOfHiringHacker.txt 06-05-29-BusWeek-CybercrooksAreStealingBillions.txt 06-06-00-ACMCrossroads-TrustedP2PFileSharingApplications.txt 06-06-00-CACM-AcademicFreedomANdTheHackerEthic.txt 06-06-00-CACM-ComplexityAndFeedbackHighlightsNeedForBetterFailureModes.txt 06-06-00-CACM-ComputersAreVeryVulnerableInWirelessHotspots.txt 06-06-00-CACM-MeansSoughtToDetectAndPreventSecurityVulnerabilitiesFromBeingExploited.txt 06-06-00-CACM-ThinkLikeAnAttackerNotLegally.txt 06-06-00-CACM-WhiteHatHackingAcrossTheDomainNameSystem.txt 06-06-00-CACM-WirelessHotspotsCauseManySecurityProblems.txt 06-06-01-AP-PersonalDataOnOverOneMillionLostByStudentLoanCompany.txt 06-06-01-ConcordiaJ-SecurityResearchersToProduceNewTools.txt 06-06-01-NZHerald-ComputerNetworksVulnerableToTerroristAttacks.txt 06-06-01-Schneier-BadSecurity-EveryoneDoesIt.txt 06-06-02-AP-SwedishPoliceComputerShutDownByAttack.txt 06-06-06-FtWorthST-CompaniesSeenAsLaxOnProtectingData.txt 06-06-06-USACM-VALosesPersonalInfoOnVeterans.txt 06-06-07-NYT-ArrestMadeInHackingSchemeToResellnternetPhoneService.txt 06-06-08-MiamiHerald-ArrestMadeInVoIPHackingScheme.txt 06-06-10-AP-HackersGetSSNsFor1500OnDOEComputers.txt 06-06-12-AP-VirusTargetsWinnyFileSharingProgram.txt 06-06-12-CNET-MSSaysRootkitInfectedZombieComputersMostPrevalentThreat.txt 06-06-12-eWeek-MSSaysRootkitInfectedZombieComputersMostPrevalentThreat.txt 06-06-12-eWeek-SecurityOnusIsOnSoftwareDevelopers.txt 06-06-12-FedCompWeek-IsTheNationalStrategyToSecureCyberspaceStillRelevant.txt 06-06-13-AP-YahooSaysMaliciousEmailWormContained.txt 06-06-14-ACMCrossroads-ProblemsWithWiFiSecurity.txt 06-06-19-AP-MSConfirmsVulnerabilityInExcel.txt 06-06-19-AP-PettyThievesBiggerThreatToDataSecurityThanHackers.txt 06-06-19-ITWeek-DomainNameSystemDNSDefencesNeedStrengthening.txt 06-06-26-CNET-BusinessRoundtableWarmsOfInternetOutage.txt 06-06-26-GovtCompNews-ITExecutivesPushToGuardInternet.txt 06-06-29-FedCompWeek-BushAdminRandDMemoStressesCompetitivenesAndCybersecurity.txt 06-07-00-CACM-AnImprovedTrustModelGoesBeyondSecurity.txt 06-07-00-IEEESecAndPrivacy-IntrusionTolerantMiddleware.txt 06-07-05-CompWorld-ResearchersClaimWorkaroundForChinaFirewall.txt 06-07-05-NetWorld-DOEFederatedModelTriesToIdentifySecurityThreats.txt 06-07-06-USACM-SpaffordTestifiesAboutVADataBreach.txt 06-07-09-ISTResults-EULaunchesInformationSecurityAndReliabilityInitiative.txt 06-07-10-ISTResults-SecurityProvidersPlayingCatchupUnCyberattacks.txt 06-07-11-AP-USStateDeptInvestigatingAttacksOnItsComputers.txt 06-07-12-OMB-MemoToAgenciesOnReportingIncidentsInvolvingPersonallyIdentifyingInformation.txt 06-07-14-AP-FBIComputerConsultatntAvoidsJailForStealingPasswords.txt 06-07-14-AP-McAfeeUrgesCustomersToUpdateItsFlawedSoftware.txt 06-07-19-ZDNet-80PercentOfProgramsCanDefeatAntivirusSoftware.txt 06-07-24-Wired-HackersOnPlanetEarthConference.txt 06-07-27-GovtCompNews-DHSSetsUpResearchGroupToStudyWhatHappensInCyberAttack.txt 06-07-28-CNET-SecurityBecomesAfterthoughtInWeb20.txt 06-07-31-AP-McAfeeSecuritySoftwareMayExposeSensitiveInformation.txt 06-08-01-AP-HackersAndSecurityExpertsMingleAtConferences.txt 06-08-04-CSIA-CyberSecurityIndustryAllianceSupportsEUConventionOnCybercrime.txt 06-08-06-AP-HackersgatherAtDefComToExploitComputerSecurityFlaws.txt 06-08-07-ISTResults-SolvingTheSecurityChallengeOfDynamicNetworks.txt 06-08-07-NSF-ResearchProgramOnDataConfidentiality.txt 06-08-09-AP-GoogleWarnsUsersAboutMaliciousWebsites.txt 06-08-09-AP-HomelandSecurityUrgesUsersToGetWindowsPatch.txt 06-08-10-CircleID-ALookAtDNSSecurityExtensions.txt 06-08-11-GovtCompNews-OMBPushingGovtAgenciesTowardStricterITSecurityAccoutability.txt 06-08-28-SJMerc-WhatNewUsersNeedToKnowAboutWiFiSecurity.txt 06-08-29-AP-TMobileHackerSentencedToYearOnHomeDetention.txt 06-09-01-InfoWeek-ResearchersReportFingerprintMethodForSecuringWiFiNetworks.txt 06-09-01-SDTimes-DHSLackOfAttentionToCybersecurityIsProblem.txt 06-09-03-eWeek-TheHuntForInfrastructureSecurityHoles.txt 06-09-04-eWeek-ExperimentalMaliciousCodeZapperForBrowser.txt 06-09-06-DarkReading-ResearchersChallengeDenialOfServiceAttackData.txt 06-09-07-InfoWorld-CyberSecurityLagsPost9-11.txt 06-09-08-CNET-AReportCardOnPost9-11AntiTerrorRechnology.txt 06-09-08-RFIDJ-NSFAwardsConsortiumGrantToImproveRFIDSecurity.txt 06-09-11-AP-AOLOffersUsersInsuranceAgainstIDTheftAndComputerDamage.txt 06-09-12-Sandia-ResearchersSayFingerprintingTechniqueDemosWirelessDeviceDriverVulnerabilities.txt 06-09-13-AP-FakeCyberAttackersWinDHSWarGame.txt 06-09-13-CompWorld-HouseCommQuestionsDHSPrepardnessForCyberAttacks.txt 06-09-13-eWeek-SimulatedAttacksRevealCybersecurityResponseFlaws.txt 06-09-18-AP-WhiteHouseSelectsCyberSecurityChiefAfterOneYearDelay.txt 06-09-18-USHouse-CongBoehlertPraisesGarciaAppointmentToUSDHSSecurityPosition.txt 06-09-22-AP-ActingDHSCybersecurityChiefContractorQuits.txt 06-09-22-AP-MissingCensusBureauLaptopsCreateLossOfPublicConfidence.txt 06-09-22-USHouse-CongDavisSaysCommerceDeptLaptopLossesShocking.txt 06-09-22-WashPost-1100LaptopsMissingFromCommerceDept-250FromCensusBureau.txt 06-09-25-GovtCompNews-USDHSExecToRaiseAwarenessOfCybersecurity.txt 06-09-28-OhipStateU-StudyShowsInternetToBeResilientAgainstCyberAttack.txt 06-09-28-PennStateU-IBMLedConsortiumSelectedToWorkOnWirelessAndRFIDSecurity.txt 06-10-00-CACM-VirtualMachinesMayNotProvideSecurity.txt 06-10-00-PopSci-NewIdeasMayMakeInternetSafeFromHackers.txt 06-10-02-SJMerc-CrooksAttackingLessSecureHomeComputers.txt 06-10-04-CNET-DomainNameSystemNotSecure.txt 06-10-04-UTexas-UTSAAwardedUSDHSCybersecurityGrant.txt 06-10-06-AP-OnelaptopPerChildComputerHasRevolutionarySecurityMeasures.txt 06-10-06-NewSci-TactilePasswordsCouldProvideGreaterSecurityInPublicEnvironments.txt 06-10-06-WashPost-HackersUsingChineseServersAttackUSDOCComputers.txt 06-10-10-Newswise-NewTechniqueEnablesSendingSecretMessagesOverInternet.txt 06-10-11-PCWorld-RealIDActsProblemsWithCostsPrivacyAndSecurity.txt 06-10-11-WiscTechNet-ProfSaysSafeInternetRequiresTotalNetworkSecurity.txt 06-10-12-CompWorldAus-SecuritySoftwareNeedsBetterUsability.txt 06-10-16-AP-TodaysVirusesAreLongTermThreats.txt 06-10-17-BusWire-W3CLaunchesSecureBrowsingInitiative.txt 06-10-23-NYT-ResearchersSeeProblemsWithNewRFIDCreditCards.txt 06-10-26-eWeek-AntVirusSoftwareIsIneffective.txt 06-10-27-Science-TheEconomicsOfInformationSecurity.txt 06-10-30-InfoWorld-SmallTafgetedAttacksAreTheNextWaveOfITSecurityProblems.txt 06-10-31-GovtCompNews-GAOSaysBetterCoordinationOfCybersecurityRandDNeeded.txt 06-11-00-ACMQueue-FictionalAccountOfTransitionFromHackerToBigTimeCriminal.txt 06-11-00-ACMQueue-HowWeHandleTheSecurityProblemWillHaveLastingEffectOnCOmputing.txt 06-11-00-CACM-DevelopingAnEffectivePlatformForDeterringNetworkAttacks.txt 06-11-02-Heise-VirusAuthorsUseWkipediaInSeveralWaysToSpreadViruses.txt 06-11-02-NetworkWorld-IETFChairSpeaksOutOnVPNsAndP2PSIP.txt 06-11-03-Sophos-VirusAuthorsUseWkipediaInSeveralWaysToSpreadViruses.txt 06-11-06-AP-ChileChargesForWithHackingGovernmentSitesAroundTheWorld.txt 06-11-06-AP-McAfeeHasNewSoftwareThatTriesToBlockAccessToProblemSites.txt 06-11-06-USACM-DataSecurityProblemsContinueToPlagueTheUSGovernment.txt 06-11-14-Wired-Bots-AutonomousPrograms-ALosingBattle.txt 06-11-15-AP-FormerexecChargedWithHackingIntoSourceMediaComputers.txt 06-11-15-IndianaUnivScientistsWorkingOnToolsToMakeWiFiMoreSecure.txt 06-11-17-TheGuardian-ComputerExpertCracksBritishElectronicPassportSecurity.txt 06-11-20-NewSci-MicrochipEncryptionProcessingMayRevealKeys.txt 06-11-23-NYT-AsHouseholdsBecomeIntegratedIntoInternetPotentialForDamageIncreases.txt 06-12-01-AP-RomanianIndictedOnHackingIntoUSGovernmentComputers.txt 06-12-01-AP-USWarnsOfPossibleAttackOnFinancialWebsites.txt 06-12-05-AP-HackersAttackUSNavalWarCollegeComputerNetwork.txt 06-12-07-UnivOfDelaware-SpaffordAddressesCybersecurityThreats.txt 06-12-10-AP-WindowsSecurityImprovementsWontMakeOnlineLifeSaver.txt 06-12-12-LinuxDotCom-SystemsShouldBeSecurelyConfiguredFromTheBeginning.txt 06-12-14-AP-PersonalDataCompromisedAtUTDallas.txt 06-12-15-AP-WormAttacksComputersViaSymantecAntivirusProgram.txt 06-12-18-SecFocus-PHPSecurityApplicationsNeedBetterSecurity.txt 06-12-19-AP-DisgruntledEmployeePlantedElectronicBombInPrescriptionManagementCompanyComputers.txt 06-12-21-WSJ-BiometricSecurityDevicesAreFarFromFoolproof.txt 06-12-24-AP-WebSafeSecurityMarkFeaturesEludeSmallOnlineMerchants.txt 06-12-26-UnivOfMass-ResearcherSaysNotReusingMemoryWouldMakeComputersMoreSecure.txt 06-12-29-Wired-ComputersClockSkewCanBeUsedToIdentifySpecificComputers.txt 06-12-30-TechNewsWorld-PredictingTopSecurityThreatsFor2007.txt 07-01-00-CACM-OpenSourceSoftwareIsTheMostSecure.txt 07-01-03-ResearchersSayAdobeAcrobatReaderHasSecurityVulnerabilities.txt 07-01-03-SJMerc--2006SawMoreSophisticatedCriminalAcitvityOnComputers.txt 07-01-07-NatlJ-FederalDataSecurityStandardsAgainInDanger.txt 07-01-07-NYT-ZombieComputersAGrowingThreat.txt 07-01-08-CompWorld-IntelDevelopsWaysForSystemsToAdaptToSecurityChallenges.txt 07-01-16-Bus2-MustKnowSecurityInsightsFor2007.txt 07-01-16-GovtExec-AdvidsoryCouncilCallsForMoreCollaborationWithPrivateSector.txt 07-01-17-APRetailerMarshallsReportsCustomerDataTheft.txt 07-01-18-AP-eBayTightensSecurityPrecautions.txt 07-01-19-AP-VirusSpreadsDisguisedAsEuropeanStorms.txt 07-01-19-ZDNetUK-LinuxDeveloperArguesAgainstSecurityLiability.txt 07-01-20-ITBus-CodeObfuscationTechniquesBeingUsedByHackers.txt 07-01-21-AP-HackersAttackGorbachevWebsite.txt 07-01-21-AP-SpammersUseEuropeanStormInterestToSendVirus.txt 07-01-23-CNET-StormWormTrojanHorseProliferates.txt 07-01-25-BBCNews-CriminalsControllingMillionsOfComputersThreatenInternetFuture.txt 07-01-26-Fosters-ResearchersDevelopComputerModelForCyberSecurityThreats.txt 07-01-29-MedisNews-PotentialCyberAttacksWorriesExpert.txt 07-01-29-UMassCollegian-ScientistProgramCombatsHackers.txt 07-01-30-NYT-MSOffersBountyForFindingVistaBugs.txt 07-02-00-ACMQueue-UnderstandingHowRootkitsHideProcessesAndFilesFromDetection.txt 07-02-00-CACM-ApproachingITSecurityAsAnEngineeringAndManagementProblem.txt 07-02-01-DarkReading-SchneierToDiscussInteracrtionBetweenPsychologyAndSecurity.txt 07-02-03-MichStNews-SurveyFindsOnly10PercentOnInternetUsersConfidentOfTheirSecurity.txt 07-02-06-AP-HackersOverwhelmAtLeast3Of13InternetTrafficComputers.txt 07-02-06-AP-MSGatesSaysBiggestChallengeIsKeepingDataSecure.txt 07-02-06-PRNewswire-UmarylandStudySaysComputersAttackedEvery39Seconds.txt 07-02-07-AP-HackersOverwhelmAtLeast3Of13InternetTrafficComputers.txt 07-02-07-OpenID-UsersCanHaveUniversalIdentifierAndProtectPasswords.txt 07-02-07-SJMerc-MSDescribesNewSecurityTechnologoes.txt 07-02-08-NetWorld-USDODPreparedToRetaliateToCyberAttack.txt 07-02-09-InfoWorld-NewUSCybersecurityChiefProvidesGuidance.txt 07-02-12-CompWorld-WillSpamVirusesAndBotnetsDestryTheInternet.txt 07-02-12-InfoWorld-USDHSReadyingCybersecurityTest.txt 07-02-12-SJMerc-LaptopsAtRSASecurityConferenceFoundVulnerableToAttacks.txt 07-02-15-AP-TRUSTeCertifiesFirstDownloadableProgramsAsSafe.txt 07-02-20-CNET-USDHSCyberSecurityChiefWantsCongressToDeviseWaysToPromoteAdoptionOfSecurityTechnologies.txt 07-02-22-TechDaily-USDHSCybersecurityHeadSeesChallengesAhead.txt 07-03-00-CACM-PoorInformationSecurityDerivesFromRiskBasedApproach.txt 07-03-00-Symantec-InternetSecurityThreatReport.txt 07-03-01-eWeek-DemosShowPowerfulNewHackingTechniques.txt 07-03-01-NetWorld-PoorCodeInWebApplicationsLeavesThemVulnerable.txt 07-03-07-HoneyBlog-Puppetnets-MisusingWebBrowsersToAttackComputers.txt 07-03-12-AP-3FromIndiaIndictedForHackingBrokerageAccountsToPumpUpStockValues.txt 07-03-12-UWash-2BPersonalRecordsCompromised-HackersNotAlwaysToBlame.txt 07-03-14-USAToday-ChineseHackersLikelyBehindAttackOnUSMilitaryComputers.txt 07-03-19-StanfordCIS-2BPersonalRecordsCompromised-HackersNotAlwaysToBlame.txt 07-03-21-CNET-JavaScriptProgramJiktoWillMakePCsHuntForEntryIntoComputers.txt 07-03-23-QuennslandUnivOfTech-SearchEngineRankingsGiveMaliciousSitesHighRankings.txt 07-03-28-NetWorld-QandAWithIABChairOnDNSSecurityAndOtherIssues.txt 07-03-30-WashPost-HackersSteal46MCreditCardsDataFromTJX.txt 07-04-00-ACMQueue-TheEvolutionOfSecurity.txt 07-04-00-CACM-AnalysisOnIntrusionPreventionDataForPredictingHostileActivity.txt 07-04-04-InfoWorld-SecurityResearchesDiscoverFasterWayToCrackWiFiWEP.txt 07-04-05-TechDaily-BiggestThreatToInternetCouldBeMassiveVirtualBlackout.txt 07-04-10-VaTech-NewResearchToProtectPersonalInformationFromThjeftAndAbuse.txt 07-04-12-UPI-USGovtPlansToImplementANewInternetSecurityRegime.txt 07-04-13-Dartmouth-DartmouthCyberSecurityProjectGetsUSDHSResearchFunding.txt 07-04-13-SJMerc-StormWormEmailVirusReturns.txt 07-04-16-InfoWorld-P2PWormsAndBotnetsIncreasing.txt 07-04-17-eWeek-SecurityRemainsAChallengeForBrowserDevelopers.txt 07-04-19-WashPost-USGovernmentComputersTargetedAtUnprecidentedScale.txt 07-04-25-MSAndACM-BotnetBrownBagSession.txt 07-05-00-ACMQueue-HarwiredHomeNetworksAreBetterThanWireless.txt 07-05-01-CFP2007-ComputersFreedomAndPrivacyConference.txt 07-05-05-NewSci-FirewallsAndAntivirusProgramsDoNotExamineBrowserDownloadedMaterial.txt 07-05-07-TechDaily-USDHSAdvisoryPanelProposalsForRealIDActDocuments.txt 07-05-08-ACM-USACMProposesDelayInRealIDImplementationToAssurePrivacyAndSecurity.txt 07-05-08-AP-UnivOfMissouriStudentDataCompromised.txt 07-05-08-USACM-USACMBriefsLawmakersAboutBotnetThreats.txt 07-05-09-eWeek-JavaSecurityProblemsGettingWorse.txt 07-05-11-IdahoNatlLab-CriticalInfrastructureInSeriousJepardyFromHackerAttacks.txt 07-05-14-NetWorld-OffensiveTEchnologiesUsedToSecureComputerNetworks.txt 07-05-16-InternetWormAttackedVoterDatabaseInFloridaDuringEarlyVoting.txt 07-05-17-AP-EstonianOfficialSuggestsRussianRoleInCyberAttacks.txt 07-05-17-TimesOnline-GovernmentsPrepareForInternetBasedAttackOnInfrastructure.txt 07-05-18-SyracuseUniv-ResearchersPublishPlanToDecentralizeDNSWithDNSSecurityExtensions.txt 07-05-18-WashInternetDaily-DNSSecurityExtensionsCostlyInternetGovernanceProjectTold.txt 07-05-19-WashPost-EstoniaSubjectOfMassiveCyberAttacks.txt 07-05-21-FedCompWeek-USDHSSeeksCybersecurityResearchWhitePapers.txt 07-05-22-CompWorld-USDHAPublishesSectorSpecificPlanForSecureITInfrastructure.txt 07-05-22-KansasCityInfoZine-BetterSecurityWouldLeadToMoreInternetApplications.txt 07-05-22-PressDemo-SonomaStateProfessorDefendsTeachingVirusProgramming.txt 07-05-23-CompWorldAus-GlobalNatureOfSoftwareDevelopmentRaisesSecurityIssues.txt 07-05-23-SecSearch-SixSecurityResearchersWorkingBehindTheScenes.txt 07-05-24-CarnegieMellonUniv-CompScientistsUsesCAPTCHATechnologyToImproveSecurityAndScannedTextSearchability.txt 07-05-24-eGovMonitor-NovInternetGovernanceForumToAddressAccessAndSecurityIssues.txt 07-05-24-UWisc-ResearchersTryToStayOneStepAheadOfVirusCreators.txt 07-05-28-WashTech-RealIDCouldCreateSecurityAndPrivacyIssues.txt 07-05-29-NYT-EstonianDataSiegeLooksLikeCyberWarfare.txt 07-05-30-eWeek-ChineseMilitaryPreparesForCyberWarfareFirstStrike.txt 07-05-30-NewSci-P2PFileSharingNetworksBeingSubvertedForWebAttacks.txt 07-06-00-CACM-DevelopersAreResponsibleForSystemRisks.txt 07-06-00-CACM-DNSSEC-DNSSecurityExtensionsAndSecuringInternetInfrastructure.txt 07-06-00-FTC-HackersAndSpammersMayBeUsingYourComputer.txt 07-06-00-USGAO-ReportOnOnSocialSecurityNumberSecurity.txt 07-06-02-InfoWeek-NewDigitalIdentitySystemsAreMoreComprehensive.txt 07-06-04-AP-SearchTermsRelatedToMusicAndTechMostLikelyToReturnSitesWithMaliciousCode.txt 07-06-04-FedCompWeek-USDHSSeeksCyberSecurityResearchInNineAreas.txt 07-06-05-ArsTechnica-ExpertsSayGovernmentInvolvementNeededToCombatPhishing.txt 07-06-05-WSJ-ResearchersSayAttacksOnDNSRootServersThreatenGlobalEconomy.txt 07-06-07-ACM-ExpertUrgesIdentityVerificationSafeguardsForElmployeeElegibilitySystems.txt 07-06-07-AScribeNewswire-ExpertUrgesIdentityVerificationSafeguardsForEmployeeElicibilitySystems.txt 07-06-07-CSMonitor-CouldUSRepelCyberattack.txt 07-06-07-NetWorld-NewAntivirusTechnologyReliesOnSystemStateChanges.txt 07-06-07-USACM-ExpertUrgesIdentityVerificationSafeguardsForEmployeeElicibilitySystems.txt 07-06-08-DarkReading-AntiHackingLawsThreatenWebSecurityResearchers.txt 07-06-11-ChicTrib-ResearchersDevelopingHardwareToProtectComputerDataByUniqueSignature.txt 07-06-12-AP-MSFixesSecirityFlawsInWindowsIE.txt 07-06-12-Guardian-SafariForWindowsHasSecurityIssues.txt 07-06-12-Larholm-SafariForWindowsHasSecurityIssues.txt 07-06-13-AP-FBISyasMillionsOfComputersAreControlledByHackers.txt 07-06-13-PCWorld-SafariForWindowsHasSecurityIssues.txt 07-06-13-TheReg-FBIIdentifiesMillionthIpAddressOfCompromisedComputers.txt 07-06-14-FBI-HowToKeepYourComputerSafeWhileOnline.txt 07-06-16-NewSci-ConsutantSaysInternetSecurityCouldBeImprovedIfResearchersHadFinancialIncentives.txt 07-06-18-CongQuarterly-USShouldDrawWarningFromEstonianCyberAttacks.txt 07-06-18-USAToday-NATOConsidersSafetyAgainstCyberAttacks.txt 07-06-20-AP-FranceBansGovernmentOfficialsBlackBerryUseCitingSecurityIssues.txt 07-06-20-AP-USDHSAcknowledgesComputerBreakIns.txt 07-06-20-ArsTechnica-ReportWarnsAdvancedAuthenticationSystemsNotAsEffectiveAsClaimed.txt 07-06-20-BBC-FranceBansGovernmentOfficialsBlackBerryUseCitingSecurityIssues.txt 07-06-21-AP-OhioComputerTapeWithTaxpayerDataStolen.txt 07-06-21-Ascribe-ComputerExpertWarnsOfRisksToSocialSecurityNumbers.txt 07-06-21-USACM-TestimonyOnSocialSecurityNumberSecurity.txt 07-06-21-USGAO-TestimonyOnSocialSecurityNumberSecurity.txt 07-06-24-NYT-ExpertsWarnOfCyberWarfare.txt 07-06-25-ZDNetBlogs-SecurityRequiresProperUSeOfProgrammingLanguages.txt 07-06-28-CNET-WebPopularityAndSecuritySolutions.txt 07-06-28-CompResAssoc-NRCReleasesNewReportOnCyberSecurity.txt 07-06-28-TechRev-AnalysisOfHandwrittenPasswordsCouldMakeLoggingInMoreConvenient.txt 07-06-29-ChronHigherEd-CanInternetBeSavedFromConstantThreats.txt 07-07-00-CACM-AKnowledgeArchitectureForITSecurity.txt 07-07-01-SanDiegoTimes-SoftwareNeedsSecurityStandards.txt 07-07-01-Wired-ExpertSaysEPassportsAreVulnerable.txt 07-07-02-SJMerc-GoodAndBadGuysMingleAtBlackHatAndDefconConferences.txt 07-07-03-FedCompWeek-LawmakersTellUSDHSToSpendMoreOnCybersecurity.txt 07-07-03-NetWorld-SecurityResearchersDetailP2PThreatsVulnerabilityDisclosuresAndHackerProfiling.txt 07-07-03-USACM-ComputerExpertsTestifyOnEmploymentEligibilityVerificationSystems.txt 07-07-03-USACM-ComputerExpertsTestifyOnSocialSecurityNumberPrivacyAndSecurity.txt 07-07-04-DalhousieUniv-HowSafeAreWirelessNetworks.txt 07-07-05-AP-GAOReportSaysConnectingDataBreachesToIDTheftDifficult.txt 07-07-05-ArsTechnica-USGovernmentPreparesForCybersecurityWarGames.txt 07-07-07-BaseLineMag-SecurityAsAToolToProtectJobsAndBuildBusiness.txt 07-07-07-InfoWeek-CyberterrorismOnTheIncrease.txt 07-07-09-CompWorld-RiceUnivResearcherDanWallachExposesSecurityFlaws.txt 07-07-10-CompWorld-ResearcherDevelopsBootableLiveCDForEnhancedSecurity.txt 07-07-11-AP-BritishDataWatchdogOutlinesHorrifyingNumberOfSecurityBreaches.txt 07-07-11-AP-SensitveUSMilitaryDocumentsLeftUnprotectedOnline.txt 07-07-12-DarkReading-DNSPinningVulnerabilityCouldSpellTroubleForWeb2.txt 07-07-12-InfoWorld-GoogleBusinessApplicationsCauseIncreasedSecurityQuestions.txt 07-07-13-Science-25thAnniversaryOfFirstComputerVirusForAppleIIComputers.txt 07-07-14-NatonalJ-USDOJSaysCountriesWithWeakCybercrimeLawsHavenForHackers.txt 07-07-20-SJMerc-VirginAtlanticWebsiteFloodedByHackers.txt 07-07-22-ArsTechnica-HacksLetThirdPartyApplicationsRunOnIPhone.txt 07-07-23-NYT-IPhoneFlawLetsHackersTakeOver.txt 07-07-23-SJMerc-SecurityFlawFoundInIPhone.txt 07-07-24-InfoWeek-GAOReport-CybercrimePosesNationalRiskToUS.txt 07-07-24-SecurityEvaluators-ResearchDiscoverIPhoneVulnerability.txt 07-07-26-NetWorld-SecurityIsTopConcernforNewIETFChief.txt 07-07-30-SFChron-WorldwideCriminalsInfectingUnprotectedComputersWithMalware.txt 07-07-31-NetWorld-StanfordEthaneProjectProvidesStrongNetworkSecurity.txt 07-08-00-CACM-IsASingleOperatingSystemASecurityRisk.txt 07-08-00-CACM-RisksOfUnauthorizedUseOfWiFiAccessPoints.txt 07-08-00-CACM-SecurityForGeneralAudiences.txt 07-08-00-InfoTofay-IntlTelecomUnionAnnoucesGlobalCybersecurityAgenda.txt 07-08-01-GovtCompNews-FormerCounterterrorismChiefSaysUSLostItsWayInCybersecurity.txt 07-08-03-AP-ComputerMediaPlayersVulnerableToMaliciousAttack.txt 07-08-03-AP-StudyFindsLaxComputerSecurityByIRSEmployees.txt 07-08-03-WashPost-GAOStudySaysUSBorderControlComputersVulnerableToAttack.txt 07-08-04-SJMerc-HardToTellGoodHackersFromBadAtHackerConferences.txt 07-08-07-TheRegister-ProfsSayTeachingHackingHelpsStudentLearnAboutComputerSecurity.txt 07-08-09-CompWorld-CleversafeSlicesCorporateDataForSafeStorageOnOneOrManyServers.txt 07-08-09-InfoWorld-IsolatingApplicationsForTestingCouldImproveComputerSecurity.txt 07-08-13-SJMerc-BestOnlineSecurityIsUpToUsers.txt 07-08-15-SJMerc-ManyFacebookUsersExposeThemselvesToVulnerabilities.txt 07-08-16-UMich-AdvancesInQuantumComputersCouldElevateSecurityToNewLevels.txt ==========> 00-02-00-CACM-IdentityTheftSocialSecurityNumbersAndTheWeb.txt========== Identity theft, social security numbers, and the Web Hal Berghel February 2000 Communications of the ACM, Volume 43 Issue 2 Privacy is lost in the proliferation of technology's omnipresent accessibility. When one changes employers, as I have recently, the different institutional and cultural attitudes become obvious. For example, consider salary-benefit packages. From my perspective, as an academic for the past 20-plus years, ==========> 00-04-00-CACM-IntrusionDetectionAndMultisensoryDataFusion.txt========== Intrusion detection systems and multisensor data fusion Tim Bass April 2000 Communications of the ACM, Volume 43 Issue 4 Creating a cyberspace situational awareness environment will take more sophisticated tools and network sensors. Next-generation cyberspace intrusion detection (ID) systems will require the fusion of data from myriad heterogeneous distributed network sensors to ==========> 00-04-00-CACM-SecuringUserPasswords.txt========== Securing user passwords April 2000 Communications of the ACM, Volume 43 Issue 4 Anne Adams and Martina Angela Sasse say a lot of sensible things in their article about password selection, "Users Are Not the Enemy" (Dec. 1999, p. 41). They note correctly that users rarely know what is needed to construct a secure password and observe that "without feedback from security experts, users [create] their own rules on password design that [are] often anything but secure." They also note that within an organization, users may need several ==========> 00-05-00-CACM-InternetUseISRiddlesWithVulnerabilities.txt========== Inside risks: Internet risks Lauren Weinstein, Peter G. Neumann May 2000 Communications of the ACM, Volume 43 Issue 5 The Internet is expanding at an unprecedented rate. However, along with the enormous potential benefits, almost all of the risks discussed here in past columns are relevant, in many cases made worse by the Internet, due to widespread remote-access capabilities, ever-increasing communication speeds, the Net's exponential growth, and weak infrastructure. This month we summarize ==========> 00-06-00-ACMNetWorker-SecurityIsAnImperfectArt.txt========== Business: The 8th layer: Shoring up security—an imperfect art Kate Gerwig June 2000 netWorker, Volume 4 Issue 2 The build-up to Y2K and the dire predictions for its aftermath were nothing compared to last February's distributed denial of service (DDoS) hacker attacks, which managed to shut down several of the Internet's most heavily trafficked Web sites, including Yahoo!, E*TRADE, CNN.com and eBay. These sites had already spent heavily on security measures to protect their servers. ==========> 00-06-00-CACM-InformationSystemSecurityManagement.txt========== Technical opinion: Information system security management in the new millennium Gurpreet Dhillon, James Backhouse July 2000 Communications of the ACM, Volume 43 Issue 7 Future users of information systems must address organizational problems at a time when the organizational form is being revolutionized. Rapid advances in electronic networks and computer-based information systems have given us enormous capabilities to process, store, and transmit digital ==========> 00-09-00-ACMNetWorker-IsAnybodyDoingAnythingAboutInternetSecurity.txt========== Putting it together: Living on the internet security plateau Win Treese September 2000 netWorker, Volume 4 Issue 3 Does the Internet have a security problem? If it does, is anyone really doing anything about it? In the past year, we've seen major incidents on the Internet and wide media coverage to go with them. Two widespread viruses—Melissa and the Love Bug—caused major disruptions of e-mail systems around the world. A series of distributed denial-of-service attacks interrupted service at many ==========> 00-09-00-CACM-UsingVoiceToVerifyPersonalIdentity.txt========== Voice biometrics Judith A. Markowitz September 2000 Communications of the ACM, Volume 43 Issue 9 Who are you? Your voice alone can be used to verify your personal identity—unobtrusively and invisibly. "It's me!" ==========> 01-02-00-CACM-AnOperatingSystemApproachToSecuringEServices.txt========== An operating system approach to securing e-services Chris Dalton, Tse Huong Choo February 2001 Communications of the ACM, Volume 44 Issue 2 Implementing Trusted Linux, an ideal platform for e-services application hosting. As more and more services turn electronic and are exposed to the public world of the Internet, many will become attractive and lucrative targets to would-be ==========> 01-02-00-CACM-ConsideringTrustAssumptionsDuringSoftwareDevelopment.txt========== Trust (and mistrust) in secure applications John Viega, Tadayoshi Kohno, Bruce Potter February 2001 Communications of the ACM, Volume 44 Issue 2 Exploring and considering trust assumptions during every stage of software development. Trust and trustworthiness are the foundations of security. Homeowners trust lock manufacturers to create quality locks to protect their homes. Some locks ==========> 01-02-00-CACM-IntroductionToSecuringSoftwareApplications.txt========== Securing network software applications: introduction Imran Bashir, Enrico Serafini, Kevin Wall February 2001 Communications of the ACM, Volume 44 Issue 2 Ask a school-age child about Melissa, and instead of hearing about the "red-haired girl in Mrs. Stiefel's class," the most likely answer would point to the Microsoft Word macro virus that wreaked havoc around the world in March 1999. The impact of the ubiquitous World Wide Web, the fastest growing element of the Internet, is mind-boggling. The debate about its social and economic ==========> 01-02-00-CACM-SecurityAndPrivacyIssuesInMobileECommerce.txt========== Software security and privacy risks in mobile e-commerce Anup K. Ghosh, Tara M. Swaminatha February 2001 Communications of the ACM, Volume 44 Issue 2 Examining the risks in wireless computing that will likely influence the emerging m-commerce market. Most current e-commerce transactions are conducted by users in fixed locations using workstations and personal computers. Soon, we expect a significant ==========> 01-02-00-CACM-UsingAccessControlApproachesForSecureWebApplication.txt========== Security models for web-based applications James B. D. Joshi, Walid G. Aref, Arif Ghafoor, Eugene H. Spafford February 2001 Communications of the ACM, Volume 44 Issue 2 Using traditional and emerging access control approaches to develop secure applications for the Web. The rapid proliferation of the Internet and the cost-effective growth of its key enabling technologies are revolutionizing information technology and ==========> 01-03-00-CACM-FutureComputerSoftwareWillBeConstrainedByInsuranceConsiderations.txt========== Insurance and the computer industry Bruce Schneier March 2001 Communications of the ACM, Volume 44 Issue 3 In the future, the computer security industry will be run by the insurance industry. I don't mean insurance companies will start selling firewalls, but rather the kind of firewall you use—along with the kind of authentication scheme you use, the kind of operating system you use, and the kind of network monitoring scheme you use—will be strongly influenced by the constraints of ==========> 01-03-00-CACM-IsThereAFixInSightForComputerSecurity.txt========== Computer security—an end state? Steven M. Bellovin March 2001 Communications of the ACM, Volume 44 Issue 3 It seems that one cannot open a newspaper without reading about yet another computer security breach. Worse yet, even sites that should be well protected, such as the CIA's Web site, have been hacked. Is this inevitable? Will matters continue to get worse? Or is there some fix in sight for the computer security problem? ==========> 01-04-00-CACM-AnOrganizatonToRateComputerSecurityIsABadIdea.txt========== Inside risks: cyber underwriters lab Bruce Schneier April 2001 Communications of the ACM, Volume 44 Issue 4 Underwriters Laboratories (UL) is an independent testing organization created in 1893, when William Henry Merrill was called in to find out why the Palace of Electricity at the Columbian Exposition in Chicago kept catching on fire (which is not the best way to tout the wonders of electricity). After making the exhibit safe, he realized he had a business model on his hands. Eventually, if ==========> 01-05-00-ACMUbiquity-LowFacultySalariesAndShortageOfSecuritySpecialists.txt========== Time for industry to support academic INFOSEC M. E. Kabay May 2001 Ubiquity, Volume 2 Issue 15 Low faculty salaries contribute to the shortage of trained security specialists. In October 2000, Dr Eugene Spafford was given the NCSC (National Computer Security Center) Achievement Award for 2000 at the 23rd NISSC (National Information Systems Security Conference) in Baltimore. In his plenary address, ==========> 01-08-00-CACM-AProcessControlApproachToCyberAttackDetection.txt========== A process control approach to cyber attack detection Nong Ye, Joseph Giordano, John Feldman August 2001 Communications of the ACM, Volume 44 Issue 8 Using engineering process control to protect against attacks at various system levels. A cyber attack is an attack on a computer and network system, consisting of computer actions such as remote or local connection, computer file access, or ==========> 01-08-00-CACM-RisksInEmailSecurity.txt========== Inside risks: Risks in email security Albert Levi, Çetin Kaya Koç August 2001 Communications of the ACM, Volume 44 Issue 8 It is easy to create bogus email with someone else's email name and address: SMTP servers don't check sender authenticity. Secure/Multipurpose Internet Mail Extensions (S/MIME) can help, as can digital signatures and globally-known trustworthy certification authorities (CAs) that issue certificates. The recipient's email software verifies the sender's certificate to determine his ==========> 01-09-00-CACM-SecurityIssuesForElectronicMedicalRecords.txt========== Security issues for implementation of e-medical records Terry Huston September 2001 Communications of the ACM, Volume 44 Issue 9 Effective administration of a medical database requires balancing technical and nontechnical managerial challenges. As the electronic version of the patient medical record becomes more technologically advanced for the purposes of electronic billing, telemedicine, ==========> 01-10-00-ACMUbiquity-PeterNeumannOnSecurityVulnerabilities.txt========== Expect the unexpected John Gehl October 2001 Ubiquity, Volume 2 Issue 34 Peter G. Neumann talks about out-of-the-box thinking, the events of Sept. 11, and breakfast with Einstein. Peter G. Neumann (Neumann@CSL.sri.com), who holds doctorates from Harvard and Darmstadt, is Principal Scientist in the Computer Science Laboratory at SRI ==========> 01-11-08-Reuters-Hack-Bank.txt========== Thursday November 8 9:00 PM ET Cambridge Students Find Way to Hack Into Banks By Juliana Liu LONDON (Reuters) - Two graduate students have found a way to hack into security systems that protect many banking and e-commerce transactions, Cambridge University said on Thursday. Michael Bond and Richard Clayton, computer science Ph.D. students, developed programs allowing them to hack into an IBM security computer that was ==========> 01-11-13-Wired-ICANN.txt========== ICANN: To Serve and Protect By Declan McCullagh 2:00 a.m. Nov. 13, 2001 PST WASHINGTON -- The deadly attacks of September 11 didn't just give us tighter airport checkpoints, new wiretapping and surveillance laws, and countless metric tons of explosives air-lifted to Afghanistan. They also prompted the Internet Corporation for Assigned Names and Numbers ==========> 01-11-17-SFCron-Internet.txt========== http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2001/11/17/BU1 19119.DTL&type=tech ICANN forum warns of Web vulnerability Verne Kopytoff, Chronicle Staff Writer Saturday, November 17, 2001 ©2001 San Francisco Chronicle The Internet is vulnerable to hacker and terrorist attacks across a broad front. ==========> 01-11-26-ZDNet-Google.txt========== Search engines find the forbidden By Paul Festa Special to ZDNet News UPDATED November 26, 2001 12:35 PM PT Search-engine spiders crawling the Web are increasingly stumbling upon passwords, credit card numbers, classified documents and even computer vulnerabilities that can be exploited by hackers. The problem is not new, security analysts say: Ever since search robots began ==========> 01-12-00-CACM-CodeRedWorm-MaliciousSoftwareKnowsNoBounds.txt========== Digital Village: The Code Red Worm Hal Berghel December 2001 Communications of the ACM, Volume 44 Issue 12 Malicious software knows no bounds. The concept of combining the "new soft drink flavor of the summer" with "worms" seems to suggest a non-alcoholic variation of tequila rather than an major Internet security breach. However, this past August, the Code Red worm took on ==========> 01-12-04-AP-SecuritySW.txt========== "Cyber-security adviser calls for free Internet security software" ASSOCIATED PRESS WASHINGTON, Dec. 4 — The president's computer security adviser asked technology executives Tuesday for a shopping list of changes, including bundled security software for high-speed Internet users and a new way to get software updates on personal computers. Richard Clarke told software companies that their responsibility doesn't end when they fix a hole in their products that could let hackers in. ==========> 01-12-04-Reuters-InfrastructureMap.txt========== >Tuesday December 4 5:36 PM ET >U.S. Cyber Chief to Map Infrastructure for Security >By Andy Sullivan > >WASHINGTON (Reuters) - The U.S. government plans to develop a model of the >nation's railroads, gas pipelines, telecommunications networks and other >``critical infrastructures'' to better understand how they affect each >other, the nation's top cybersecurity chief said on Tuesday. > >As part of its efforts to beef up homeland security, the federal ==========> 01-12-05-WashPost-MCI.txt========== MCI Security Hole Put AOL, Others, In Hacker's Crosshairs By Brian Krebs, Newsbytes WASHINGTON, D.C., U.S.A., 05 Dec 2001, 2:10 PM CST MCI WorldCom [NASDAQ:MCIT] recently moved to secure several vulnerable portions of their network that allowed a researcher to obtain the keys to private network routers for dozens of Fortune 500 companies. ==========> 01-12-11-ComputerWorld-NIPC-DNS.txt========== NIPC urges heightened attention to domain name servers By Jaikumar Vijayan (Dec. 11, 2001) Corporations need to ensure that their domain name servers are fully redundant and geographically dispersed to avoid risking prolonged loss of connectivity to services such as Web browsing, remote log-in and e-mail, the National Infrastructure Protection Center (NIPC) has cautioned. In its monthly publication, "Highlights" (download PDF), posted on its Web site Friday, the Washington-based NIPC said the Domain Name System (DNS) can be an ==========> 01-12-12-WashPost-NetSecBill.txt========== Lawmaker: Net Security Bill Will Pass This Year By Robert MacMillan, Newsbytes WASHINGTON, D.C., U.S.A., 12 Dec 2001, 3:18 PM CST A bill designed to strengthen U.S. defenses against online attacks appears likely to pass both the full House and Senate this year, according to House Science Committee Chairman Sherwood Boehlert, R-N.Y. Speaking at a conference hosted by the lobbying group Information Technology ==========> 01-12-14-WashPost-CyberCrimeBill.txt========== House Bill Would Toughen Cybercrime Penalties By Brian Krebs, Newsbytes WASHINGTON, D.C., U.S.A., 14 Dec 2001, 5:07 PM CST House lawmakers introduced legislation on Thursday designed to give federal judges more flexibility in imposing sentences for a range of computer crimes. The bill also would grant a liability exemption to Internet service providers that cooperate with law enforcement agencies. ==========> 01-12-17-SJMerc-802.11Crypto.txt========== Posted at 4:47 a.m. PST Monday, Dec. 17, 2001 RSA announces fix for wireless network security hole SAN FRANCISCO (Reuters) - RSA Security Inc. Monday will announce new technology designed to improve the security of wireless networks used within buildings and protect them from so-called ``drive-by hacks.'' Bedford, Massachusetts-based RSA and Hifn of Los Gatos, California, have developed a technology patch for the Wireless Equivalent Privacy (WEP) protocol designed to encrypt communications transferred over standard ==========> 01-12-22-SJMerc-MSXPPnP.txt========== Posted at 2:48 a.m. PST Saturday, Dec. 22, 2001 FBI urges consumers, companies to take additional steps to safeguard Windows XP WASHINGTON (AP) -- The FBI's top cyber-security unit warned consumers and corporations Friday night to take new steps beyond those recommended by Microsoft Corp. to protect against hackers who might try to attack major flaws discovered in the newest version of Windows software. The FBI's National Infrastructure Protection Center said that, in addition to installing a free software fix offered by Microsoft on the company's Web site, ==========> 02-01-02-BusWeek-Changes.txt========== JANUARY 2, 2002 SECURITY NET By Alex Salkever Toward More Cybersecurity in 2002 Here's a list of resolutions that, if put into action, would help make the Net a much safer place Call 2001 The Year of Living Dangerously. ==========> 02-01-07-WiredDigital-VirusWriters.txt========== Virus Writers Here to 'Help' By Michelle Delio 2:00 a.m. Jan. 7, 2002 PST Although it may seem trite to fret about computer virus attacks when compared with larger global security concerns, a seemingly endless onslaught of virtual vermin plagued computer users in 2001. "In 1999, we were catching one virus per hour," said Alex Shipp, chief technology officer at Messagelabs, a security firm. "In 2000, it was one every ==========> 02-01-08-MSNBC-WinUPnP.txt========== No fix in sight for software fixes Windows XP saga illustrates how confusing patches are By Bob Sullivan MSNBC Jan. 8 — It’s Dec. 20, and Microsoft Corp. issues an all-points bulletin to every Windows XP user. Your computer is vulnerable to hackers, it says — but if you download a free patch, you’ll be safe. The next day, the FBI contradicts the Redmond giant, saying even the patch won’t make you safe. In the following days, a leading privacy expert complains that users of other Microsoft Windows ==========> 02-01-08-SecurityFocus-NASRept.txt========== Punish Security Lapses, NAS Urges Report says new laws may be needed to deter companies from producing software with security holes. By Will Rodger Jan 8 2002 2:21PM PT Congress should make it easier to punish companies that produce insecure software that puts business and consumers at risk, a panel assembled by the prestigious National Academy of Sciences said Tuesday. ==========> 02-01-14-eWeek-SWLiability.txt========== January 14, 2002 Software Liability Gaining Attention By Dennis Fisher Hacker attacks that exploit flaws in commercial software have caused tens of billions of dollars in damage in the past year. The Code Red worm alone is estimated to have cost enterprise users more than $2 billion. Software companies have hidden behind user agreements that protect vendors from liability for such damages, and few victims have taken their fight to ==========> 02-01-14-InfoWeek-DrversLicenseID.txt========== http://www.informationweek.com/story/IWK20020111S0048 Security Vs. Privacy State motor-vehicle offices will propose that drivers' licenses incorporate biometrics. Is that the same as a national ID card? By John Rendleman, InformationWeek Jan 14, 2002 (12:00 AM) Calls for creating a national ID card system, which advocates say would make it harder for terrorists to move undetected within U.S. borders, have drawn ==========> 02-01-14-LATimes-MS-Security.txt========== LA Times Security Flaws May Be Pitfall for Microsoft Software: As the company shifts toward interactive services, latest vulnerabilities raise concerns and do little to boost customer confidence. By JOSEPH MENN Times Staff Writer January 14 2002 Competitors and federal regulators have failed to stop Microsoft Corp.'s march toward dominance of new areas of the computing world, but there is an ==========> 02-01-14-LATimes-MSWindows.txt========== http://www.latimes.com/business/la-000003463jan14.story?coll=la%2Dheadlines%2Dbu siness Security Flaws May Be Pitfall for Microsoft Software: As the company shifts toward interactive services, its latest vulnerabilities do little to bolster customer confidence. By JOSEPH MENN TIMES STAFF WRITER January 14 2002 ==========> 02-01-18-SJMerc-China.txt========== Posted at 5:39 p.m. PST Friday, Jan. 18, 2002 China orders Internet providers to screen e-mail, use less foreign software BEIJING (AP) -- China has issued its most intrusive Internet controls to date, ordering service providers to screen private e-mail for political content and holding them responsible for subversive postings on their Web sites. The new rules, posted earlier this week on the Web site of the Ministry of Information Industry, represent Beijing's latest efforts to tighten its grip on the ==========> 02-01-19-SJMerc-DG-WebServices.txt========== Posted at 11:36 a.m. PST Saturday, Jan. 19, 2002 Web services raise security, privacy concerns BY DAN GILLMOR Mercury News Technology Columnist Imagine, said General Motors' chief technology officer, an in-car electronic system that would let the rescue squad medics, arriving after a crash, quickly learn your relevant medical history. It might save your life. But ``who's going to remember to update the medical information?'' asked ==========> 02-01-20-SJMerc-Internet.txt========== Posted at 6:33 p.m. PST Sunday, Jan. 20, 2002 Despite more security spending, Internet is even more vulnerable NEW YORK (AP) -- Spending on Internet security continues to grow, yet the worldwide supernetwork remains more vulnerable than ever to viruses, break-ins and terrorism. Simply put, hackers are getting smarter, and computer networks are getting more complex and difficult to keep safe. ==========> 02-01-23-WashPost-CrossSiteScriptAttacks.txt========== Net Users Warned To Beware Sites With Scripting Holes By Brian McWilliams, Newsbytes PITTSBURGH, PENNSYLVANIA, U.S.A., 23 Jan 2002, 12:59 PM CST The failure of major Web sites to fix an old but serious security flaw has prompted the Computer Emergency Response Team to issue a new warning to Internet users: Self-defense may be your only protection against privacy- and security-stealing cross-site script attacks. ==========> 02-01-29-DJMerc-MSPassport.txt========== Posted at 7:47 p.m. PST Tuesday, Jan. 29, 2002 Privacy group urges probe of Microsoft's Passport service BY KRISTI HEIM Mercury News A privacy group Tuesday called on the 50 state attorneys general to investigate privacy and security risks in Microsoft's Passport service and related Web services. The Washington, D.C.-based Electronic Privacy Information Center urged ==========> 02-01-29-EPIC-MSPassport.txt========== January 29, 2002 Dear State Attorney General, The Electronic Privacy Information Center (EPIC) urges you to take action to protect consumers against unfair and deceptive trade practices raised by Microsoft Corporation's Passport service and related "Wallet," "Kids Passport," "Hailstorm," and ".Net Services." These systems unfairly and deceptively gather personal information and expose consumers to the release, sale, and theft of their personal information. Immediate state action is necessary to ==========> 02-01-29-PCWorld-CybersecurityBills.txt========== Senator Pushes for Stronger Cybersecurity Two proposed bills would increase security on government computers and train more security specialists. Sam Costello, IDG News Service Tuesday, January 29, 2002 Citing the Code Red worm and an attack on U.S. Department of Defense computers, Senator John Edwards (D-North Carolina) Monday introduced two new cybersecurity bills seeking to increase both government computer security and general ==========> 02-01-29-WashPost-MSPassportBug.txt========== Microsoft Passport Melts Down At The Zone By Brian McWilliams, Newsbytes REDMOND, WASHINGTON, U.S.A., 29 Jan 2002, 12:32 AM CST A flawed implementation of Microsoft's .NET Passport technology at the MSN Gaming Zone has caused mayhem for some users of the big software company's Hotmail service. ==========> 02-01-31-CSTB-InfrastructureSecurity.txt========== National Academy of Sciences Report Makes Recommendation to Enhance Infrastructure Security A report by the National Academy of Sciences Computer Science and Telecommunications Board (CSTB) concludes that new laws may be needed to deter software makers from producing software with security holes. The report suggests that Congress should make it easier to punish companies that produce insecure software that puts business and consumers at risk. The nation's ==========> 02-02-04-IDG-NIPC.txt========== Predictions, Prevention Key to Cybersecurity Federal government must work with the private sector to put an end to cyberthreats, NIPC head says. Sam Costello, IDG News Service Monday, February 04, 2002 MASHANTUCKET, CONNECTICUT -- Though communication between the government and private sector in the area of cybersecurity has been good, the U.S. ==========> 02-02-07-SJMerc-CyberSecurityBill.txt========== Posted at 12:04 p.m. PST Thursday, Feb. 7, 2002 House passes bill providing $800 million for computer security research WASHINGTON (AP) -- The House voted Thursday to provide colleges and research groups with $800 million over the next five years to figure out new ways to protect computers against hackers. The bill, fueled in part by the Sept. 11 terrorist attacks and a new focus on weaknesses in business and government computer security, passed 400-12. ==========> 02-02-08-WashPost-HR3482-CybeSecEnhance.txt========== House Panel To Examine Another Net Security Bill By Robert MacMillan, Newsbytes WASHINGTON, D.C., U.S.A., 08 Feb 2002, 12:55 PM CST Following a vote in the House of Representatives this week on an $880 million bill to fund cybersecurity research, a House subcommittee said that next week it will hold a hearing on another Internet and network security bill. The House Judiciary Subcommittee on Crime said that it will hold a hearing ==========> 02-02-08-WasPost-WhiteHouseAdvisertxt.txt========== Cybersecurity a Top Priority White House Adviser Presses Computer Industry to Do More By Ariana Eunjung Cha Washington Post Staff Writer Friday, February 8, 2002; Page E01 The unusual announcements from three of the technology industry's most powerful men came just weeks apart. ==========> 02-02-12-Wired-CyberSecEnhance-CSEA.txt========== Cybercrime Bill Ups the Ante By Declan McCullagh 2:00 a.m. Feb. 12, 2002 PST WASHINGTON -- Some forms of illegal hacking would be punished by life imprisonment under a proposal that Congress will debate on Tuesday. A House Judiciary subcommittee will consider the Cyber Security Enhancement Act (CSEA), which ups the penalties for computer intrusions, funds surveillance research and encourages Internet providers to turn over more information to ==========> 02-02-14-Reuters-ElecSignatures.txt========== Thursday February 14, 8:20 pm Eastern Time Internet industry pushes more flexible ID method NEW YORK, Feb 14 (Reuters) - Leading Internet security companies and top industry standards-setting bodies have settled on a more flexible way to verify electronic signatures for documents sent over the Web, organizers said on Thursday. The World Wide Web Consortium (W3C), the standards-setting body founded by Web inventor Tim Berners-Lee, said that the agreement ==========> 02-02-19-InfoWorld-CyberSecurityCzar.txt========== February 19, 2002 11:47 AM RSA: Cybersecurity czar urges cooperation, spending By Sam Costello SAN JOSE, CALIF. -- Cooperation between the public and private sectors, increased awareness of cybersecurity issues and more spending by both companies and the government are needed to help increase computer and network security, said Richard Clarke, White House cybersecurity czar, in a keynote that kicked off the RSA ==========> 02-02-23-SJMerc-BuiltInPCSecurity.txt========== Posted on Sat, Feb. 23, 2002 Firms announce hardware-based security technology SAN JOSE, Calif. (Reuters) - Technology providers are adopting methods of embedding security features into microprocessors and other hardware, with several announcements made at a computer security conference this week. Experts say hardware-based security systems are much harder to break than security software, from which hackers can extract passwords or steal other sensitive data. By using both existing security software and new hardware-based ==========> 02-02-27-SJMerc-DisneyFundsGilian.txt========== Posted on Wed, Feb. 27, 2002 Matt Marshall: Disney's Steamboat Ventures makes first VC investment by backing Gilian By Matt Marshall Mercury News Mickey Mouse has made his way into the small world of VC. In a characteristically clandestine manner, Walt Disney has set up a venture capital arm to invest in new technologies, called Steamboat Ventures. That's ==========> 02-02-27-Wired-CyberSecEnhanceAct-CSEA.txt========== Hack a PC, Get Life in Jail By Declan McCullagh and Robert Zarate 8:50 a.m. Feb. 27, 2002 PST WASHINGTON -- A House panel voted unanimously late Tuesday to expand the types of hacking crimes that would be punished by life imprisonment. Citing the possibility of terrorists wreaking havoc electronically, the House Judiciary subcommittee on crime voted 8-0 to rewrite the Cyber Security Enhancement Act and forward a more Draconian version to the full committee. ==========> 02-03-00-ACMNetWorker-ExAndTrustedEmployeesMayBeGreatestThreatsToNetworkSecurity.txt========== Inside job Ann Quigley March 2002 netWorker, Volume 6 Issue 1 Ex-employees and trusted partners may pose the greatest threats to network security When someone inserted a "code bomb" into palm pilot software that crashed the computers of 2,000 sales reps at snack food producer Lance, Inc., the ==========> 02-03-04-UnknownSource-FOIA-Exemption-CyberSecurity.txt========== Security Ashcroft Endorses FOIA Exemption Aimed At Cyber Security by Teri Rucker Protecting the nation's critical infrastructure, including the physical infrastructure and cyber systems of the telecommunications network, has become an issue of paramount importance to the Justice Department, Attorney General John Ashcroft told members of the U.S. Telecom Association (USTA) on Friday. "Given the opportunity, extremists would cripple American telecommunications," Ashcroft said, making the ability for companies to share information with the ==========> 02-03-12-USAToday-MS-AirForceSecurity.txt========== Air Force seeks better security from Microsoft By Byron Acohido, USA TODAY SEATTLE A top U.S. Air Force official has warned Microsoft to dramatically improve the security of its software or risk losing the Air Force as a customer. In an interview, Air Force chief information officer John Gilligan revealed he has met with senior Microsoft executives to tell them the Air Force is "raising the bar on our level of expectation" for secure software. Since being named Air Force CIO in November, Gilligan, who controls a $6 ==========> 02-04-00-CACM-ManyPCSecurityProblemsRemainUnaddressed.txt========== Virtual extension: Securing PC applications: the relay race approach Moshe Zviran April 2002 Communications of the ACM, Volume 45 Issue 4 ABSTRACT The widespread use of personal computers and the growth of end-user computing have introduced a myriad of security concerns. As PC-based information systems become readily available and more individuals become computer literate, the ==========> 02-04-00-CACM-TechnicalAspectsUnderlyingInternetSecurityAndPrivacy.txt========== Digital village: Hijacking the web Hal Berghel April 2002 Communications of the ACM, Volume 45 Issue 4 Cookies revisited: Continuing the dialogue on personal security and underlying privacy issues. Based on the positive feedback I received regarding my column, "Caustic Cookies" (May 2001), I conclude there is a genuine interest in the technical ==========> 02-04-08-EWeek-EGovTechChallenges.txt========== http://www.eweek.com/article/0,3658,s%253D709%2526a%253D25089,00.asp April 8, 2002 eGov Challenges Tech By John Taschek The U.S. Government is going electronic but may be setting policy ahead of available technology. A series of initiatives, most of them passed during the Clinton administration, mandates that government agencies—and the hundreds of organizations that work with them—jump into the 21st century. However, many ==========> 02-04-17-Wired-ArgentineHackerLaw.txt========== http://www.wired.com/news/politics/0,1283,51860,00.html Perplexing Argentine Hack Law By Michelle Delio 2:00 a.m. April 17, 2002 PDT A recent legal ruling that defacing Web pages is not a crime isn't turning Argentina into a prosecution-free playground for script kiddies. Argentinean sources said they are upset over several stories on Argentine ==========> 02-04-20-UPenn-Dyson.txt========== http://knowledge.wharton.upenn.edu/articles.cfm?catid=9&articleid=542&homepage=y es Esther Dyson on Internet Privacy, Policing, ICANN and Investing Back in the heyday of the Internet in the late 1990s, Esther Dyson was often referred to as the chief guru of the tech world, a reputation enhanced by the publication of her 1997 book, Release 2.0: A Design for Living in the Digital Age. ==========> 02-04-22-EETimes-InternetSecurityIssues.txt========== http://www.eetimes.com/story/OEG20020419S0063 Security gap looms for Internet architects By Bernard Cole, EE Times Apr 22, 2002 (8:29 AM) URL: http://www.eetimes.com/story/OEG20020419S0063 In many respects the packet-switched, connectionless, Internet protocol-based information superhighway upon which the average consumer is becoming more dependent is very similar to the U.S. mail and is subject to the same threats ==========> 02-05-12-NYT-Markoff-SmartCardsCracked.txt========== New York Times Vulnerability Is Discovered in Security for Smart Cards By JOHN MARKOFF SAN FRANCISCO, May 12 Two University of Cambridge computer security researchers plan to describe on Monday an ingenious and inexpensive attack that employs a $30 camera flashgun and a microscope to extract secret information contained in widely used smart cards. The newly discovered vulnerability is reason for alarm, the researchers ==========> 02-05-14-CNETNews-SuccessfulHackers.txt========== http://news.com.com/2009-1017-912708.html Why hackers are a step ahead of the law By Greg Sandoval Staff Writer, CNET News.com May 14, 2002, 4:00 AM PT By Greg Sandoval Staff Writer, CNET News.com May 14, 2002, 4:00 a.m. PT ==========> 02-05-17-NYT-ExperianCreditDataStolen.txt========== http://www.nytimes.com/2002/05/17/technology/17IDEN.html May 17, 2002 13,000 Credit Reports Stolen by Hackers By JOHN SCHWARTZ Crackers posing as employees of the Ford Motor Credit Company have in recent months harvested a trove of 13,000 credit reports — a virtual one-stop shop for fraud and identity theft — with data on consumers in affluent neighborhoods across the country. ==========> 02-06-03-CNETNews-MITStudentHacksXBox.txt========== http://news.com.com/2100-1040-931296.html?tag=fd_top MIT student hacks into Xbox By David Becker Staff Writer, CNET News.com June 3, 2002, 5:35 PM PT A computer sciences graduate student is claiming to have cracked the security systems that prevent Microsoft's Xbox game console from running unauthorized software. ==========> 02-06-03-SJMerc-MITStudentHacksXBox.txt========== http://www.siliconvalley.com/mld/siliconvalley/business/special_packages/securit y/3392662.htm Posted on Mon, Jun. 03, 2002 MIT grad student hacks into Xbox security system LOS ANGELES (Reuters) - A graduate student at the Massachusetts Institute of Technology has found a way to circumvent the security system for Microsoft Corp.'s Xbox video game console, opening the way for hackers to use it to run competing software, according to documents released over the weekend. ==========> 02-06-04-TheRegister-MITStudentHacksXBox.txt========== http://www.theregister.co.uk/content/3/25568.html MIT grad student shows how to read Xbox security key By John Lettice Posted: 04/06/2002 at 11:20 GMT An MIT graduate student has successfully dismantled Xbox's security system and published (after what appears to have been some discussion with Microsoft and EFF lawyers) the results. Bottom line - Xbox security relies on ==========> 02-06-06-TheRegister-SecurityThruObsolescence.txt========== http://www.theregister.co.uk/content/55/25608.html Security through obsolescence By Robin Miller, NewsForge.com Posted: 06/06/2002 at 12:10 GMT Here's an interesting way to secure an Internet-connected computer against intruders: Make sure the operating system and software it runs are so old that current hacking tools won't work on it. This was suggested by Brian Aker, one of the programmers who works on Linux.com, NewsForge, ==========> 02-06-07-NYT-Markoff-KaZaASecurityHole.txt========== http://www.nytimes.com/2002/06/07/technology/07PRIV.html June 7, 2002 Security Hole Found in KaZaA File-Sharing Service By JOHN MARKOFF and MATT RICHTEL Users of KaZaA, a popular Internet service for sharing music files, frequently expose personal files on their computers by misconfiguring the program, according to a study by two researchers at HP Labs. ==========> 02-06-13-CanberraTimes-ThumbprintSystemProblems.txt========== Security system gets thumbs down from honours student Copyright 2002 The Federal Capital Press of Australia Pty Limited The Canberra Times...06/13/2002 CATRIONA JACKSON, Education Reporter An ANU computer science student has fooled state-of-the-art thumbprint security systems, and warned banks and business they aren't as secure as they seem. ==========> 02-06-19-InfoWorld-FedsUrgePrivateAction.txt========== http://www.infoworld.com/articles/hn/xml/02/06/19/020619hnbushinfra.xml June 19, 2002 05:27 AM Bush urges private sector to shore up networks By Heather Harreld ATLANTA -- THE Bush administration has taken its efforts to bolster private sector support for critical infrastructure protection on the road to encourage companies to ==========> 02-06-24-InfoWorld-MS-Palladium-DRM.txt========== http://www.infoworld.com/articles/hn/xml/02/06/24/020624hnpalladium.xml June 24, 2002 11:32 AM Microsoft plans new security system in future Windows By Sam Costello and Peter Sayer MICROSOFT WANTS TO change the fundamental architecture of the PC, adding security hardware to a future release of its Windows operating system, the company acknowledged Monday, after a media report and an analyst briefed by the ==========> 02-06-24-TheRegister-2-MS-Palladium-DRM.txt========== http://www.theregister.co.uk/content/4/25843.html The register MS to micro-manage your computer By Richard Forno Posted: 24/06/2002 at 05:04 GMT A recent MSNBC article by techno-pundit Steven Levy discusses Microsoft's plans for a new computer operating environment (code-named "Palladium") that links hardware, software, and data into a neat ==========> 02-06-24-TheRegister-MS-Palladium-DRM.txt========== http://www.theregister.co.uk/content/4/25852.html The Register MS DRM OS, retagged 'secure OS' to ship with Longhorn? By John Lettice Posted: 24/06/2002 at 08:59 GMT The Microsoft Secure PC project is rolling out, and could be with us as early as the next major version of Windows, Longhorn. The whole idea of a computer that just plain won't let you steal other people's stuff is of course a ==========> 02-06-25-TheRegister-Palladium-GPL.txt========== http://www.theregister.co.uk/content/4/25891.html The Register MS to eradicate GPL, hence Linux By Thomas C Greene in Washington Posted: 25/06/2002 at 22:30 GMT Yesterday, as we all know, Microsoft fed an 'exclusive' story about its new 'Palladium' DRM/PKI Trust Machine to Newsweek hack Steven Levy (a guy who writes without irony of "high-level encryption"), presumably because they ==========> 02-06-26-ExtremeTech-MS-Palladium-AMD-MotherboardDesign.txt========== http://www.extremetech.com/article2/0,3973,282114,00.asp June 26, 2002 Palladium Clues May Lie In AMD Motherboard Design By Mark Hachman A two-year-old white paper authored by AMD and encryption firm Wave Systems may offer additional clues to the design of PCs incorporating Palladium, Microsoft's new security initiative. ==========> 02-06-26-NewsFactor-PurdueSelfHealingSoftware.txt========== http://www.newsfactor.com/perl/story/18400.html Researchers Say Software Innovation Thwarts Piracy By Jay Lyman NewsFactor Sci::Tech, Part of the NewsFactor Network June 26, 2002 A new method that uses a network of small programs to protect software from being cracked and distributed illegally over the Internet is under development ==========> 02-06-26-RossAnderson-TCPA-PalladiumFAQs.txt========== http://www.cl.cam.ac.uk/users/rja14/tcpa-faq.html TCPA / Palladium Frequently Asked Questions Version 0.1 26 June 2002 1. What are TCPA and Palladium? TCPA stands for the Trusted Computing Platform Alliance (TCPA), an initiative led by Intel. Their website is here. Their stated goal is `a new computing ==========> 02-06-27-WashPost-MS-Palladium.txt========== http://www.washingtonpost.com/wp-dyn/articles/A51780-2002Jun26.html Microsoft Wants Security Hard-Wired in Your Computer By Leslie Walker Thursday, June 27, 2002; Page E01 It's tough to plug holes in a ship's hull once it is at sea, or to reattach an airplane's wing in flight. Yet that's akin to what the computer industry has been trying to do with security: append layer after layer of protection onto the world's increasingly connected computer networks, all as one big ==========> 02-07-01-Newsweek-MS-Palladium-DRM.txt========== http://www.msnbc.com/news/770511.asp?cp1=1 The Big Secret An exclusive first look at Microsoft’s ambitious-and risky-plan to remake the personal computer to ensure security, privacy and intellectual property rights. Will you buy it? By Steven Levy NEWSWEEK July 1 issue — In ancient Troy stood the Palladium, a ==========> 02-07-02-SJMerc-MS-EU-PalladiumAntitrust.txt========== http://www.siliconvalley.com/mld/siliconvalley/3582259.htm Posted on Tue, Jul. 02, 2002 New Microsoft security plan shouldn't shut out competitors, European antitrust official says WASHINGTON (AP) - Microsoft should take care that its recently announced software security plan doesn't shut out competitors, the European Union's new antitrust enforcer said Monday. ==========> 02-07-04-WashPost-CyberSecurityNeeded.txt========== http://www.washingtonpost.com/wp-dyn/articles/A21939-2002Jul3.html Cyber-Security Is Underplayed, Industry Says By Ariana Eunjung Cha Washington Post Staff Writer Thursday, July 4, 2002; Page E01 Among the more contentious questions to arise from President Bush's proposal last month for a Department of Homeland Security is one it did not explicitly address: How should the government deal with threats in cyberspace? ==========> 02-07-08-ActiveWin-PalladiumExplained-TCPA.txt========== http://www.activewin.com/articles/2002/pd.shtml Palladium Details Written By: Seth Schoen Date: July 8th, 2002 Peter Biddle at Microsoft began thinking around 1997 about how to protect his bits when they were on someone else's computer. (He was Microsoft's representative at CPTWG and in the DVD-CCA, and was somewhat skeptical of the technical efficacy of software-based DRM.) ==========> 02-07-08-BostonGlobe-TCPA-Palladium.txt========== http://digitalmass.boston.com/news/globe_tech/upgrade/2002/0708.html Beware the gotcha in new Intel feature By Hiawatha Bray, 07/08/02 Remember the heartwarming spectacle of a few months ago, when mighty Intel Corp. stood tall against a plan by the big media companies to seize control of our personal computers? Well, it turns out that Intel, Microsoft Corp., and a host of other technology companies are hard at work on next-generation computers that may give the media moguls pretty much what they want. ==========> 02-07-08-PCWorld-MSPalladiumDiscussionOpen.txt========== http://www.pcworld.com/news/article/0,aid,102473,00.asp Microsoft Security Chip Open to Discussion Software giant says info about Palladium was released too soon, and that the plan is subject to change. Gillian Law, IDG News Service Monday, July 08, 2002 BARCELONA -- Microsoft would be prepared to license the intellectual property for its proposed Palladium security chip to any software manufacturer, but ==========> 02-07-09-NetworkWorldFusion-CyberCatastrophePredicted.txt========== http://www.pcworld.com/news/article/0,aid,102567,00.asp Expect Cyber-Catastrophe, Says Bush Advisor Network flaws must be mended, or IP address overload could cause system collapse within decade. Ellen Messmer, Network World Fusion Tuesday, July 09, 2002 NEW YORK -- In his keynote address at an information technology auditing conference here, Howard Schmidt, President Bush's advisor on cyber-security, ==========> 02-07-09-RossAnderson-UpdatedTCPA-PalladiumFAQs.txt========== http://www.cl.cam.ac.uk/users/rja14/tcpa-faq.html TCPA / Palladium Frequently Asked Questions Version 1.0 - 9 July 2002 Ross Anderson TCPA stands for the Trusted Computing Platform Alliance, an initiative led by Intel. Their stated goal is `a new computing platform for the next century that will provide for improved trust in the PC platform.' Palladium is software that Microsoft says it plans to incorporate in future versions of Windows; it will ==========> 02-07-10-SJMerc-OutlookPGPPluginBug.txt========== http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3638319.htm Posted on Wed, Jul. 10, 2002 Security flaw afflicts popular technology for encrypting e-mail WASHINGTON (AP) - The world's most popular software for scrambling sensitive e-mails suffers from a programming flaw that could allow hackers to attack a user's computer and, in some circumstances, unscramble messages. The software, called Pretty Good Privacy, or PGP, is the de facto standard ==========> 02-07-15-LibertyAlliance-1.0Spec.txt========== http://www.projectliberty.org/press/releases/2002-07-15-1.html LIBERTY ALLIANCE LAUNCHES FIRST SPECIFICATIONS GIVING USERS SIMPLIFIED SIGN-ON FOR ANY PLATFORM AND DEVICE Alliance's Version 1.0 Specifications and Member Implementations Create Foundation for Federated Network Identification and Authorization San Francisco, Calif. (Burton Group Catalyst Conference) - July 15, 2002 - The Liberty Alliance Project today announced the public availability of its version ==========> 02-07-15-SJMerc-CybercrimeBill-HR3482.txt========== http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3668922.htm Posted on Mon, Jul. 15, 2002 House moves to increase penalties for cybercrime WASHINGTON (AP) - Preparing the nation for future cyberattacks, the House voted Monday to increase penalties for computer crimes and make it easier for Internet service providers to disclose dangerous material to government agencies. ==========> 02-07-19-CIOInsight-WirelessNetworkSecurityIssues.txt========== http://www.cioinsight.com/article2/0,3959,394659,00.asp July 19, 2002 Wireless (In)security: Are Your Networks Snoop-Proof? By Gary A. Bolles Now, someone can steal your company's most sensitive data by snatching it out of thin air—right from the company parking lot. Sound more like scare talk than reality? Guess again. On May 1, an anonymous ==========> 02-07-20-SJMerc-DG-MSPalladium.txt========== http://www.siliconvalley.com/mld/siliconvalley/business/columnists/dan_gillmor/3 703596.htm Posted on Sat, Jul. 20, 2002 Hollywood, tech make suspicious pairing By Dan Gillmor Mercury News Technology Columnist Last week, some of America's most influential technology executives wrote a let's-be-pals letter to the heads of the entertainment industry. Surely, said ==========> 02-07-29-PCWorld-MSRevealsPalladiumDetails.txt========== http://www.pcworld.com/news/article/0,aid,103440,00.asp Microsoft Reveals Palladium Details Hardware-software security strategy will require trust of customer, partners. Sam Costello, IDG News Service Monday, July 29, 2002 During the month since Microsoft announced Palladium, its plan to marry hardware and software security inside every Windows PC has been hailed as either a potential savior or a scourge for computer security and user freedom. ==========> 02-07-30-CNETNews-HPUsesDMCAforSecurityThreat.txt========== http://news.com.com/2100-1023-947325.html Security warning draws DMCA threat By Declan McCullagh Staff Writer, CNET News.com July 30, 2002, 4:48 PM PT WASHINGTON--Hewlett Packard has found a new club to use to pound researchers who unearth flaws in the company's software: the Digital Millennium Copyright Act. ==========> 02-07-31-AP-BushAdvisorEncouragesHackers.txt========== http://story.news.yahoo.com/news?tmpl=story&u=/ap/20020731/ap_on_hi_te/computer_ security_2 Bush Adviser Encourages Hacking Wed Jul 31, 1:37 PM ET By D. IAN HOPPER, AP Technology Writer LAS VEGAS (AP) - A presidential advisor encouraged the nation's top computer security professionals and hackers Wednesday to try to break computer programs, but said they might need protection from the legal wrath of software makers. ==========> 02-07-31-CNETNews-SecurityCzarBlamesISPsAndSWMakers.txt========== http://news.com.com/2100-1001-947409.html Security czar points finger of blame By Robert Lemos Staff Writer, CNET News.com July 31, 2002, 2:42 PM PT LAS VEGAS--Software makers and Internet service providers must share the blame for the nation's vulnerable networks, President Bush's special adviser on cyberspace security said Wednesday. ==========> 02-08-01-CNETNews-HP-BacksDown-DMCA.txt========== http://news.com.com/2100-1023-947745.html?tag=fd_top HP backs down on copyright warning By Declan McCullagh Staff Writer, CNET News.com August 1, 2002, 5:58 PM PT WASHINGTON--Hewlett-Packard has backed away from legal threats it made against security analysts who publicized flaws in the company's software. ==========> 02-08-01-HPPressRelease-HP-BacksDown-DMCA.txt========== http://www.politechbot.com/docs/hp.recants.dmca.080102.html HP Statement August 1, 2002 1) HP is committed to protecting our customer's security environments. 2) We have verified that there is a security vulnerability with Tru64 UNIX, the details of which were brought to our attention July 18. The problem has now been isolated and HP has been preparing a fix, which will be available within ==========> 02-08-03-SJMerc-DG-HPComesToItsSenses-DMCA.txt========== http://www.siliconvalley.com/mld/siliconvalley/3792640.htm Posted on Sat, Aug. 03, 2002 HP backs off threat, but why did they even make it? By Dan Gillmor Mercury News Technology Columnist HP COMES TO ITS SENSES: Hewlett-Packard has sensibly backed off a threat it made early this week against people who'd exposed a security hole in an HP product. The question is what possessed the company to make the threat in the ==========> 02-08-03-SJMerc-HackBackCounterattack.txt========== http://www.siliconvalley.com/mld/siliconvalley/3795332.htm Posted on Sat, Aug. 03, 2002 Computers under attack can hack back, expert says LAS VEGAS (Reuters) - Can vigilantism save computers from the next big virus threat? Striking back against a computer that is attacking you may be illegal under U.S. law, but a security researcher says people should be allowed to neutralize one that is unwittingly spreading destructive Internet worms like Nimda. ==========> 02-08-05-SJMerc-JapanNationaID-GlitchesProtests.txt========== http://www.siliconvalley.com/mld/siliconvalley/3803539.htm Posted on Mon, Aug. 05, 2002 Glitches and protests mar launch of Japanese national ID system TOKYO (AP) - Technical glitches and grass-roots resistance atypical of Japan accompanied Monday's debut of the country's first national identification system, a registry designed to battle bureaucracy by centralizing personal data. The system will assign an 11-digit identification number to each of Japan's ==========> 02-08-22-WashPost-CyberwarfareRulesAndConsumerBroadband.txt========== http://www.washingtonpost.com/wp-dyn/articles/A46967-2002Aug21.html White House Officials Debating Rules for Cyberwarfare By Ariana Eunjung Cha and Jonathan Krim Washington Post Staff Writers Thursday, August 22, 2002; Page A02 The Bush administration is stepping up an internal debate on the rules of engagement for cyberwarfare as evidence mounts that foreign governments are surreptitiously exploring our digital infrastructure, a top official said ==========> 02-09-00-ACMNetWorker-SecuritRisksInWebServices.txt========== Putting it together: XML, web services, and XML Win Treese September 2002 netWorker, Volume 6 Issue 3 Ever since the concept of "Web services" was defined, there have been questions about their security. Early specifications for Web services paid little attention to security, other than to note that security was going to be an issue someday. Depending on whom you talk to, Web services have either forged ahead without much security or limped along over security worries. In the past ==========> 02-09-00-ACM-USACMVoiceInSecurityAndPrivacy.txt========== http://www.acm.org/membernet/stories/usacm_09-02.html After 9/11, USACM Strengthens Voice in Cyber Security, Privacy Issues By Jeff Grove Director, ACM Office of Public Policy Washington, D.C. Since September 11, ACM members and the computing community need to have a stronger voice in cyber security and privacy legislation than ever before. With increased attention to new laws granting law enforcement ==========> 02-09-00-AtlanticMonthly-HomelandInsecurity.txt========== http://www.theatlantic.com/issues/2002/09/mann.htm The Atlantic Monthly | September 2002 Homeland Insecurity A top expert says America's approach to protecting itself will only make matters worse. Forget "foolproof" technology—we need systems designed to fail smartly by Charles C. Mann ==========> 02-09-08-SJMerc-DG-SecurityPoliciesNeeded-BroadbandDecentralization-EnergyIndependence.txt========== http://www.siliconvalley.com/mld/siliconvalley/4033335.htm Posted on Sun, Sep. 08, 2002 Dan Gillmor: New priorities could improve U.S. security By Dan Gillmor Mercury News Technology Columnist National security is not just arms and surveillance. It's also about economic strength and social stability. ==========> 02-09-09-ComputerWorld-WardriveFindsManyUnsecuredWirelessLANs.txt========== http://www.computerworld.com/mobiletopics/mobile/story/0,10801,74103,00.html Worldwide 'war drive' exposes insecure wireless LANs By BOB BREWIN SEPTEMBER 09, 2002 Amateur wireless LAN sniffers detected hundreds and potentially thousands of insecure business and home industry-standard wireless LANs in North America and Europe during the past week in a loosely organized electronic scavenger hunt dubbed the "Worldwide Wardrive." ==========> 02-09-17-SJMerc-DG-FederalSecurityPlanForControlFreaks.txt========== http://www.siliconvalley.com/mld/siliconvalley/4097316.htm Posted on Tue, Sep. 17, 2002 Dan Gillmor: Feds' cyberspace plan should appeal to control freaks By Dan Gillmor Mercury News Technology Columnist Security in the online world has never been much more than an afterthought. A useful new federal document, to be officially unveiled today, aims to change that mindset. ==========> 02-09-17-SJMerc-VoluntaryFedPlanHasCritics.txt========== http://www.siliconvalley.com/mld/siliconvalley/4097314.htm Posted on Tue, Sep. 17, 2002 Critics question national computer security plan's voluntary approach By Mary Anne Ostrom Mercury News The White House released its strategy for strengthening security of the nation's computer networks Tuesday, hoping to quell criticism of the blueprint in advance of its formal presentation today at Stanford University. ==========> 02-09-18-SFChronicle-CybersecurotyChiefDefendsPlan.txt========== http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2002/09/18/BU1 84387.DTL Cybersecurity chief defends his plan Tech firms' cooperation is crucial, he says Carrie Kirby, Chronicle Staff Writer Wednesday, September 18, 2002 ©2002 San Francisco Chronicle. The nation's top cybersecurity official defended his plan to safeguard the ==========> 02-09-24-Wired-BermanBillDebate.txt========== http://www.wired.com/news/politics/0,1283,55294,00.html P2P Pugilists Put Up Their Dukes By Michael Grebb 2:00 a.m. Sep. 24, 2002 PDT WASHINGTON -- In a panel discussion steeped in dogma, adherents on both sides of the Internet peer-to-peer (P2P) debate accused each other of everything from aiding thieves to destroying the Internet. ==========> 02-10-00-CACM-QualityRatherThanQuantityForComputerSecurity.txt========== Security watch: Computer security: quality rather than quantity Rebecca T. Mercuri October 2002 Communications of the ACM, Volume 45 Issue 10 The challenge of applying protection to systems, software, and networks with intrinsic vulnerabilities is a lofty, but ultimately realizable, one. Programming (and also secure system design), as Donald Knuth so wisely pointed out decades ago, is an art, as much, and perhaps even more, than it is a ==========> 02-10-00-CACM-ShouldInternetSecurityTechnologiesBeBlendedWithBiometrics.txt========== The future of internet security Charles Adetokunbo Shoniregun October 2002 Ubiquity, Volume 3 Issue 37 Should common security technologies be blended with biometrics for accuracy and reliability? For centuries, security was synonymous with secrecy. The shared secret between two parties conducting business was a worldwide approach. But secret passwords ==========> 02-10-07-Markle-TaskForce-ProtectingFreedomInInfoAge.txt========== http://www.markletaskforce.org/ October 7, 2002 Task Force Releases New Report, "Protecting America's Freedom in the Information Age" Part I - The Task Force Report Part II - Working Group - Analyses Part III - Selected Background - Research ==========> 02-10-17-BostonGlobe-CyberCzarCommentsOnDMCAAndSecurityIssues.txt========== Cyber chief speaks on Data network security By Hiawatha Bray, Boston Globe Staff, 10/17/2002 President Bush's point man on computer security says that the nation has a long way to go in securing its data networks but that new federal regulations would be a step in the wrong direction. Richard Clarke, head of the White House Office of Cyber Security, also said the government should modify a controversial law designed to prevent exploitation of software security flaws because it can be used to stifle ==========> 02-10-17-CyberSecurity-CyberCzarCommentsOnDMCAAndSecurityIssues.txt========== From TechDaily 10/17/02: Cyber Security Clarke Seeks Copyright Changes For Security's Sake The White House's cyber-security adviser on Wednesday called for changes to a federal law that he said is stifling research to improve computer security, The Boston Globe reports. Richard Clarke, head of the White House Office of Cyberspace Security, told attendees at a town meeting on the White House cyber-security plan that the government ==========> 02-10-20-Cryptome-Reinhold-PalladiumPresentationAtUCB.txt========== http://cryptome.org/palladium-mit.htm 21 October 2002 Date: Sun, 20 Oct 2002 22:38:35 -0400 To: Cypherpunks From: "Arnold G. Reinhold" Subject: Re: palladium presentation - anyone going? At 7:15 PM +0100 10/17/02, Adam Back wrote: >-------- Original Message -------- ==========> 02-10-21-Cryptome-ReviewOfMSPalladiumMITTalk.txt========== http://cryptome.org/palladium-mit.htm 21 October 2002 Date: Friday, Oct 18, 2002 Time: 10:30 a.m.- 12:00 noon Place: NOTE: NE43-518, 200 Tech Square Title: Palladium Speaker: Brian LaMacchia, Microsoft Corp. Hosts: Ron Rivest and Hal Abelson ==========> 02-10-21-NewsForge-Stallman-TrustedComputingTakesControlFromUser.txt========== http://www.newsforge.com/business/02/10/21/1449250.shtml?tid=19 NewsForge The Online Newspaper for Linux and Open Source Can you trust your computer? 2002.10.21 12:14 -By Richard Stallman - Who should your computer take its orders from? Most people think their computers should obey them, not obey someone else. With a plan they call ==========> 02-10-21-NewsForge-Stallman-trustedComputing.txt========== http://newsforge.com/article.pl?sid=02/10/21/1449250 Linux.Com The Online Newspaper of Record for Linux and Open Source Can you trust your computer? 2002.10.21 11:14 By Richard Stallman Who should your computer take its orders from? Most people think their computers should obey them, not obey someone else. With a plan they call ==========> 02-10-23-PCWorld-DNSRootServerAttackCouldBeFirstOfMany.txt========== http://www.pcworld.com/news/article/0,aid,106266,00.asp Net Attack Could Be First of Many, Experts Warn Future attacks could succeed in bringing down the Internet and are surprisingly simple to launch, security insiders say. Paul Roberts, IDG News Service Wednesday, October 23, 2002 The distributed denial-of-service attack launched Monday against all 13 of the Internet domain name system root servers failed to bring down the Internet, but ==========> 02-10-24-ComputerWorld-CrockerOnDNSServerAttack.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,75350,00.html Q&A: Internet pioneer Stephen Crocker on this week's DDOS attack By PATRICK THIBODEAU OCTOBER 24, 2002 This week's distributed denial-of-service (DDOS) attack on the Domain Name System (DNS) root server system (see story) got the attention of the Internet Corporation for Assigned Names and Numbers (ICANN), the U.S.-created private group that is charged with ensuring the stability and security of the DNS. ==========> 02-10-31-Reuters-WiFiSecurityUpgrade.txt========== http://www.reuters.com/news_article.jhtml?type=search&StoryID=1659689# Wireless Network Industry Eyes Tighter Security October 31, 2002 01:07 AM ET By Sinead Carew and Eric Auchard NEW YORK (Reuters) - Short-range wireless computer networks whose endemic vulnerabilities to hackers have become an industry joke will receive a much needed security boost from new ==========> 02-11-00-ACMUbiquity-AreECommerceSecurityMeasureWorthTheTrouble.txt========== E-commerce security measures: are they worth it? Avi Rushinek, Sara Rushinek November 2002 Ubiquity, Volume 3 Issue 39 Cost benefits of the security and systems management of electronic publishing Internet Web server subscription services and e-commerce. This study deals with a perceived cost benefit theory of the security and systems management of electronic publishing Internet Web servers and ==========> 02-11-00-WashMonthly-CyberTerrorismNotLethal.txt========== http://www.washingtonmonthly.com/features/2001/0211.green.html The Myth of Cyberterrorism There are many ways terrorists can kill you--computers aren't one of them. Nov. 2002 By Joshua Green Again and again since September 11, President Bush, Vice President Cheney, and senior administration officials have alerted the public not only to the dangers of chemical, ==========> 02-11-02-ACMUbiquity-TheFutureOfInternetSecurity.txt========== The Future of Internet Security By Charles Adetokunbo Shoniregun Should common security technologies be blended with biometrics for accuracy and reliability? For centuries, security was synonymous with secrecy. The shared secret between two parties conducting business was a worldwide approach. But secret passwords require a great deal of trust between parties sharing the secret. Can we always trust the administrator or other users of the Internet network service ==========> 02-11-03-AP-TrustedComputing-UsersCedeControl.txt========== http://story.news.yahoo.com/news?tmpl=story2&cid=528&ncid=528&e=2&u=/ap/20021103 /ap_on_hi_te/controlled_computing New PCs Likely to Cede Some Control Sun Nov 3, 1:58 PM ET By MATTHEW FORDAHL, AP Technology Writer SAN JOSE, Calif. (AP) - To thwart hackers and foster online commerce, the next generation of computers will almost certainly cede some control to software firms, Hollywood and other outsiders. ==========> 02-11-03-STMerc-CriticsSayTrustedComputingThreatensConsumerFreedom.txt========== http://www.siliconvalley.com/mld/siliconvalley/4437666.htm Posted on Sun, Nov. 03, 2002 Critics: 'Trusted computing' threatens consumer freedom SAN JOSE, Calif. (AP) - To thwart hackers and foster online commerce, the next generation of computers will almost certainly cede some control to software firms, Hollywood and other outsiders. That could break a long-standing tenet of computing: that PC owners ==========> 02-11-08-CNETNews-VoteNearOnCyberSecurityRandDAct.txt========== http://news.com.com/2100-1023-965164.html Cybersecurity bill nears House vote By Declan McCullagh Staff Writer, CNET News.com November 8, 2002, 4:31 PM PT American universities may receive a nearly $1 billion windfall next week, when Congress is expected to approve a massive new spending program for computer security. ==========> 02-11-11-NewScientist-TechChangesCouldStopAttacksOnP2P.txt========== http://www.newscientist.com/news/news.jsp?id=ns99993037 'Rewiring' file-sharing networks may stop attacks 10:51 11 November 02 Will Knight A proposed US law permitting attacks on peer-to-peer file sharing networks to disrupt illegal copying could be undermined by research from two US computer researchers. ==========> 02-11-13-CNETNews-CyberSecurityEnhancementAct-CSEA.txt========== http://news.com.com/2100-1001-965750.html House considers jailing hackers for life By Declan McCullagh Staff Writer, CNET News.com November 13, 2002, 5:57 PM PT WASHINGTON--A last-minute addition to a proposal for a Department of Homeland Security would punish malicious computer hackers with life in prison. ==========> 02-11-13-Wired-HousePassesCyberSecurityRandDAct.txt========== http://www.wired.com/news/politics/0,1283,56351,00.html House OKs Computer Security Bill By Michael 12:00 AM Nov. 13, 2002 PT WASHINGTON -- The U.S. House of Representatives on Tuesday approved the $903 million Cyber Security Research and Development Act. Over the next five years, the act will fund new cybersecurity initiatives and train computer security experts in hopes of thwarting a future terrorist attack ==========> 02-11-14-Wired-CriticsBashStudyShowingDecreaseInHackAttacks.txt========== http://www.wired.com/news/politics/0,1283,56382,00.html Study Makes Less of Hack Threat By Noah Shachtman 02:00 AM Nov. 14, 2002 PT Despite the panting about "cyberterrorists," and despite the scare mongering about venomous hackers preying on fragile federal networks, attacks on government computer systems are declining worldwide, according to a recently released report. ==========> 02-11-15-ACMUbiquity-AreECommerceSecurityMeasuresWorthIt.txt========== http://www.acm.org/ubiquity/views/a_rushinek_1.html E-Commerce Security Measures: Are They Worth It? By Avi Rushinek and Sara Rushinek Cost benefits of the security and systems management of electronic publishing Internet Web server subscription services and e-commerce. This study deals with a perceived cost benefit theory of the security ==========> 02-11-20-ALA-HomelandSecurityAndTotalInfoAwareness.txt========== ALAWON: American Library Association Washington Office Newsline Volume 11, Number 93 November 20, 2002 In This Issue: [1] Homeland Security Act Passes Senate [2] TOTAL INFORMATION AWARENESS PROGRAM - T.I.A. [1] Homeland Security Act Passes Senate ==========> 02-11-20-CNETNews-TechAspectsOfHomelandsecurityLaw.txt========== http://news.com.com/2100-1023-966552.html Homeland Security's tech effects By Declan McCullagh Staff Writer, CNET News.com November 20, 2002, 9:58 AM PT The overwhelming vote by the Senate late Tuesday approving a Homeland Security Department clears the way for massive reorganization of the federal government that will have a dramatic impact on computer and network security. ==========> 02-11-20-SJMerc-TotalInfoAwareness-Concerns.txt========== http://www.siliconvalley.com/mld/siliconvalley/4569587.htm Posted on Wed, Nov. 20, 2002 Massive database dragnet explored ANTI-TERRORISM PROJECT ALARMS PRIVACY ADVOCATES By Jim Puzzanghera Mercury News Washington Bureau WASHINGTON - Its name is Orwellian, its head has a notorious past, and its goal has civil libertarians and computer-privacy advocates in a frenzy: Let the ==========> 02-11-20-UPI-InternetNeedsWorkAfter9-11.txt========== http://www.upi.com/view.cfm?StoryID=20021120-052609-3816r Sept. 11 showed work needed on Internet By Scott R. Burnell UPI Science News From the Science & Technology Desk Published 11/20/2002 6:44 PM WASHINGTON, Nov. 20 (UPI) -- The Sept. 11 terrorist attacks on New York's World Trade Center had a minor physical effect on the Internet, but the experience ==========> 02-11-22-EWeek-ITIndustryWarnsAgainstRegulation.txt========== http://www.eweek.com/article2/0,3959,719819,00.asp November 22, 2002 IT Warns Against Slippery Slope to Regulation By Caron Carlson The IT industry last week answered the Bush administration's call for comments on its draft strategy for securing the country's computer networks. Software and hardware vendors are looking for stronger recommendations to guide them in selling their wares to the government, but at the same time they want ==========> 02-11-25-NewsFactor-NewApproachesToSecurityPatchesNeeded.txt========== http://www.newsfactor.com/perl/story/20084.html Winning the Cybersecurity War By Tim Howes November 25, 2002 Cybersecurity is on everyone's mind. Threats run the gamut, from domestic to foreign, internal to external, from teenage hackers to sophisticated rings with malicious intentions. So, how should corporations protect themselves? And how do they implement security measures without breaking the bank? ==========> 02-12-00-CACM-WhySecurityStandardsSometimesFail.txt========== Inside risks: Why security standards sometimes fail Avishai Wool December 2002 Communications of the ACM, Volume 45 Issue 12 Security experts have long been saying that secure systems, and especially security standards, need to be designed through an open process, allowing review by anyone. Unfortunately, even openly designed standards sometimes result in flawed cryptographic systems. A recent example is the IEEE 802.11 wireless LAN standard, in which several serious cryptographic failures were ==========> 02-12-02-ZDNet-Schneier-NoSecurityMagicAvailable.txt========== http://zdnet.com.com/2100-1105-975690.html Schneier: No "magic security dust" By Alorie Gilbert Special to ZDNet December 2, 2002, 7:14 AM PT Tech entrepreneur Bruce Schneier is one of America's best-known computer security experts. His testimony before Congress helped defeat legal restrictions on ==========> 02-12-06-SJMerc-TelcomIndustryOutlinesSecurityPlans.txt========== http://www.siliconvalley.com/mld/siliconvalley/4683291.htm Posted on Fri, Dec. 06, 2002 Communications industry outlines security plans WASHINGTON (AP) - Communications industry officials endorsed a 300-item list Friday of what they say telephone, cable, satellite and Internet operators should do to protect against terrorist attack. The recommendations -- from simply shutting down computers to ==========> 02-12-06-Wired-FedsSayWiFiSecurityThreat.txt========== http://www.wired.com/news/wireless/0,1382,56742,00.html Feds Label Wi-Fi a Terrorist Tool 02:00 AM Dec. 06, 2002 PT SANTA CLARA, California -- Attention, Wi-Fi users: The Department of Homeland Security sees wireless networking technology as a terrorist threat. That was the message from experts who participated in working groups under federal cybersecurity czar Richard Clarke and shared what they learned at this ==========> 02-12-10-PCWorld-FinancialInstitutionsTackleCybersecurity.txt========== http://www.pcworld.com/news/article/0,aid,107889,00.asp Protecting Cyberspace Takes Teamwork Financial institutions tackle cybersecurity measures together with industry, government. Michael Hardy, IDG News Service Tuesday, December 10, 2002 WASHINGTON -- Protecting financial institutions from cyberattacks will take closer ==========> 02-12-11-MSNBC-SpamAndVirusesIncreasingProblem.txt========== http://www.msnbc.com/news/846241.asp?0si=&cp1=1 Antivirus firm annual report paints bleak picture By Bob Sullivan MSNBC Dec. 11 — Some time next year, there will be more spam than real e-mail floating around the Internet. That’s the conclusion drawn from annual statistics gathered by British e-mail ==========> 02-12-16-SJMerc-DMCA-TIA-P2PPiracyBill-UndermineCybersecurity.txt========== http://www.siliconvalley.com/mld/siliconvalley/4750224.htm Posted on Mon, Dec. 16, 2002 Jonathan Band: Congress unknowingly undermines cyber-security By Jonathan Band Since 9/11, much public attention has focused on the trade-off between security on the one hand and civil liberties and privacy on the other. We see this conflict every day when we read about the detainment of foreign nationals or the latest homeland security initiative ==========> 02-12-19-SJMerc-WebActivistsWatchTIAsPoindexter.txt========== http://www.siliconvalley.com/mld/siliconvalley/4774016.htm Posted on Thu, Dec. 19, 2002 Web activists keep constant eye on Pentagon's data-mining point man By Jim Puzzanghera Mercury News Washington Bureau WASHINGTON - Internet activists have a message for John Poindexter, the head of a controversial Pentagon research project to find terrorists by searching the everyday transactions of Americans: ==========> 02-12-20-DARPA-InfoAwarenessOffice-IAO.txt========== http://www.darpa.mil/iao/ IAO Mission The DARPA Information Awareness Office (IAO) will imagine, develop, apply, integrate, demonstrate and transition information technologies, components and prototype, closed-loop, information systems that will counter asymmetric threats by achieving total information awareness useful for preemption; national security warning; and national security decision making. ==========> 02-12-20-MSNBC-AdminSaysCyberspaceProtectionPlanWontInvadePrivacy.txt========== http://www.msnbc.com/news/850160.asp?0si=-&cp1=1 Administration official disputes New York Times report By Bob Sullivan MSNBC Dec. 20 — The White House wants Internet service providers to help create a system to monitor Internet use, the New York Times reported on Friday. But a high-ranking government official ==========> 02-12-20-NYT-Markoff-BushAdminProposesInternetMonitoringSystem.txt========== http://www.nytimes.com/2002/12/20/technology/20MONI.html December 20, 2002 Bush Administration to Propose System for Monitoring Internet By JOHN MARKOFF and JOHN SCHWARTZ The Bush administration is planning to propose requiring Internet service providers to help build a centralized system to enable ==========> 02-12-20-Reuters-WhiteHouseSaysWebSecurityPlanWontInvadePrivacy.txt========== http://story.news.yahoo.com/news?tmpl=story2&cid=569&ncid=738&e=3&u=/nm/20021221 /tc_nm/ tech_surveillance_dc Technology - Reuters White House: Web Security Plan Won't Invade Privacy Fri Dec 20, 7:06 PM ET By Andy Sullivan WASHINGTON (Reuters) - Efforts to bolster Internet security will not ==========> 02-12-20-Wired-TerroristsUnlikelyToDamageNet.txt========== http://www.wired.com/news/infostructure/0,1377,56935,00.html Terrorists on the Net? Who Cares? By Noah Shachtman 02:00 AM Dec. 20, 2002 PT To all those Chicken Littles clucking frantically about the imminent threat of a terrorist attack on U.S. computer networks, a new report says: Knock it off. ==========> 02-12-30-NYT-TamingTheTaskOfCheckingTerroristsNames.txt========== December 30, 2002 Taming the Task of Checking for Terrorists' Names By SARAH MILSTEIN New York Times When presented with a document like a passport or credit card, certain federal agencies and some private-sector companies, like airlines and insurance companies, are required by law to check whether the name on the document is also on watch lists of suspected terrorists and their supporters. ==========> 02-12-31-TechNews-TechPoliciesInThe107thCongress.txt========== Tech Policy Priorities Changed in Wake of Terrorist Attacks War on Terrorism Shifted Attention Away From Telecom, Copyright Issues By TechNews.com Staff Tuesday, December 31, 2002; 12:00 AM In the two years of the 107th Congress, the technology industry started out with a presence on Capitol Hill that was as strong as its high-flying stock performance. Broadband Internet access regulations, corporate tax breaks and fast-track trade authority for the president dominated the tech business agenda, while consumer concerns abounded -- from what constitutes ==========> 03-01-02-AOL-UnivResearchersTurnDownGrantsWithRestrictions.txt========== http://my.aol.com/news/news_story.psp?type=1&cat=0100&id=030102170713579573 Researchers Worry About Terrorism Fear The Associated Press Jan 2 2003 5:07PM WASHINGTON (AP) - The Massachusetts Institute of Technology walked away from a $404,000 study because the government wanted to restrict participation by foreign students. Other universities are balking at demands that the government check research in the name of national security before scientists ==========> 03-01-03-ComputerWorld-Cyberthreats-WarnsClarke.txt========== http://www.computerworld.com/securitytopics/security/cybercrime/story/0,10801,77 238,00.html Cyberthreats not to be dismissed, warns Clarke By DAN VERTON JANUARY 03, 2003 The U.S. has ignored warning signs before: two attempts by al-Qaeda in 1994 to use airplanes as weapons, as well as public statements in 2000 about terrorists being trained as ==========> 03-01-03-Wired-WhyRIAAKeepsGettingHacked.txt========== http://www.wired.com/news/technology/0,1282,57048,00.html?tw=wn_ascii Why RIAA Keeps Getting Hacked By Michelle Delio 02:00 AM Jan. 03, 2003 PT The Recording Industry Association of America may not want people to share digital files, but the organization certainly seems to be in favor of open access to its website. ==========> 03-01-07-WashPost-GovernmentParesBackSecurityInitiative.txt========== http://www.washingtonpost.com/wp-dyn/articles/A18662-2003Jan6.html A Pared-Back Security Initiative Revised Plan Focuses on Agencies By Ted Bridis Associated Press Tuesday, January 7, 2003; Page E03 The Bush administration has reduced by nearly half its initiatives to tighten security for vital computer networks, ==========> 03-01-08-PCWorld-RevisedCyberSecurityPlanPosesProblems.txt========== http://www.pcworld.com/news/article/0,aid,108560,00.asp Cybersecurity Plan May Pose Privacy Problems Published reports say the President's security plan has been pared down, leaving many wondering what's been left out. Grant Gross, IDG News Service Wednesday, January 08, 2003 WASHINGTON -- Amid published reports that a pared-down Bush administration ==========> 03-01-08-ZDNet-RootServerDDoSAttacks.txt========== http://zdnet.com.com/2100-1107-979650.html Keeping ahead of DNS attacks By Paul Mockapetris Special to ZDNet January 8, 2003, 9:12 AM PT COMMENTARY--The domain name system--the global directory that maps names to Internet protocol addresses--was designed to distribute authority, making organizations ==========> 03-01-09-InternetWeek-Doctorow-MaliciousWiFiInternetAccessIsNonsense.txt========== http://www.internetwk.com/breakingNews/INW20030109S0001 Expert: Alleged Wi-Fi Risks Are Nonsense By Mitch Wagner A popular technology Weblogger says warnings about the supposed security risks of Wi-Fi networking are nonsense. Law-enforcement officials and telecommunications ==========> 03-01-09-ITManagement-CyberSecurityRDActGoodIfFunded.txt========== http://itmanagement.earthweb.com/columns/secugud/article.php/1567191 Dollars, Sense and the Cyber Security Act January 9, 2003 By Paul Desmond With some amount of fanfare, Congress late last year passed and President Bush signed the Cyber Security Research and Development Act (CSRDA), which provides nearly $1 billion for various forms of security research and scholarships. Soon we'll find out whether ==========> 03-01-11-TheRegister-RIAASiteDefacedAgain.txt========== http://www.theregister.co.uk/content/55/28817.html RIAA defaced -again! By Drew Cullen Posted: 11/01/2003 at 22:06 GMT Reader reports are flooding in that the RIAA.org has been defaced - again. At time of writing, the site appears to be down, And several readers have been kind enough to include screen grabs, showing that the front page today carried the following message. ==========> 03-01-12-ESecurityPlanet-InternetThreatsWillGetWorse.txt========== http://itmanagement.earthweb.com/columns/secugud/article.php/1567191 Dollars, Sense and the Cyber Security Act January 9, 2003 By Paul Desmond With some amount of fanfare, Congress late last year passed and President Bush signed the Cyber Security Research and Development Act (CSRDA), which provides nearly $1 billion for various forms of security research and scholarships. Soon we'll find out whether ==========> 03-01-13-DCInternet-OpenWebAppSecurityProjIssuesTopWebVulnerabilities.txt========== http://dc.internet.com/news/article.php/1568761 January 13, 2003 Open Source Group Issues Top Ten Web Vulnerabilities By Roy Mark The 10 most critical Web application security problems for government and the private sector were unveiled Monday by the Open Web Application Security Project (OWASP), ==========> 03-01-13-FedCompWeek-WiFiProtectedAccess-WPA-BetterThanWEP.txt========== Federal Computer Week Gearing up for wireless security By Brian Robinson Jan. 13, 2003 If wireless users can endure one more round of debates about security standards, they may soon be able to buy actual products. It's no secret that built-in security functions lack current wireless local-area network products, a situation due largely to the inadequacy of ==========> 03-01-13-SecurityFocus-USSentencingCommAsksInputOnHackers.txt========== http://online.securityfocus.com/news/2028 Feds seek public input on hacker sentencing By Kevin Poulsen, SecurityFocus Jan 13 2003 12:13AM Sick and tired of a revolving door justice system that lets hackers skate with just a few measly years in prison? Or do you think that the courts are already too hard on online miscreants who sometimes go up the creek for longer than many killers? ==========> 03-01-15-CNETNews-OldHardDrivesStillContainData.txt========== http://news.com.com/2100-1040-980824.html?tag=fd_top Old hard drives yield data bonanza By Sandeep Junnarkar Staff Writer, CNET News.com January 15, 2003, 12:35 PM PT Two Massachusetts Institute of Technology graduate students have uncovered a treasure trove of personal and corporate information on used disk drives. ==========> 03-01-15-Yahoo-OldHardDrivesStillContainData.txt========== http://story.news.yahoo.com/news?tmpl=story&u=/ap/20030115/ap_wo_en_po/na_gen_us _unerased_hard_drives_2 Discarded computer hard drives prove a trove of personal info Wed Jan 15, 4:25 PM ET By JUSTIN POPE, AP Business Writer CAMBRIDGE, Massachusetts - So, you think you cleaned all your personal files from that old computer you got rid of? ==========> 03-01-24-CNETNews-MSDropsPalladiumName.txt========== http://news.com.com/2100-1001-982127.html?tag=fd_top Microsoft flames Palladium name By Robert Lemos Staff Writer, CNET News.com January 24, 2003, 5:47 PM PT Microsoft has dropped the code name of its controversial security technology, Palladium, in favor of this buzzword-bloated tongue twister: "next-generation secure computing base." ==========> 03-01-24-SJMerc-DG-MSDropsPalladiumName.txt========== http://weblog.siliconvalley.com/column/dangillmor/archives/000755.shtml#000755 January 24, 2003 Palladium Name Change; Mission Still Same posted by Dan Gillmor 04:52 PM permanent link to this item This just in from Microsoft's PR folks: "Microsoft is adopting a new name to replace the code name Palladium. ==========> 03-01-27-TheRegister-MSDropsPalladiumName.txt========== http://www.theregister.co.uk/content/4/29039.html Bad publicity, clashes trigger MS Palladium name change By John Lettice Posted: 27/01/2003 at 11:27 GMT Microsoft has abandoned the Palladium name, in favour of the (no doubt deliberately) snooze-provoking "Next Generation Secure Computing Base." The ostensible reasons are twofold. The Palladium name is already used by another company for a product in a similar area, and since its announcement ==========> 03-01-29-CNETNews-BushProposesTerroristThreatIntegrationCenter.txt========== http://news.com.com/2100-1001-982640.html Bush proposes antiterror database plan By Declan McCullagh Staff Writer, CNET News.com January 29, 2003, 1:06 PM PT A forthcoming government database will compile information from all federal agencies and the private sector on people deemed possible terrorist threats, ==========> 03-01-30-ComputerWorld-I3P-ConsortiumPromotesCybersecurityResearch.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,78024,00.html Consortium pushes for cybersecurity R&D By Grant Gross, IDG News Service JANUARY 30, 2003 A consortium of 23 security research institutions is calling on the government and private companies to put more research and development muscle into cybersecurity. Among other things, the group would like to see more effort put into the development of code ==========> 03-01-31-WashPost-FedsBulidingInternetMonitoringCenter-GEWIS.txt========== http://www.washingtonpost.com/wp-dyn/articles/A3409-2003Jan30.html Feds Building Internet Monitoring Center By Brian Krebs washingtonpost.com Staff Writer Friday, January 31, 2003; 12:00 AM The Bush administration is quietly assembling an Internet-wide monitoring center to detect and respond to attacks on vital information systems and key e-commerce ==========> 03-01-31-ZDNet-MSFailsToProtectAgainstSQLSlammer.txt========== http://news.zdnet.co.uk/story/0,,t269-s2129682,00.html Microsoft security effort 'failing' 11:44 Friday 31st January 2003 Reuters The Trustworthy Computing initiative has not succeeded in making Microsoft systems more secure, says expert Computer security experts said on Thursday the recent "SQL Slammer" worm, the ==========> 03-02-00-BusCommRev-ExpertsCiteSeveralReasonsForPoorInternetSecurity.txt========== http://www.bcr.com/bcrmag/2003/02/p49.asp The Sad And Increasingly Deplorable State Of Internet Security from the February 2003 issue of Business Communications Review, pp. 49–53 by David Piscitello, president of Core Competence, Inc., an internationally recognized expert in security technology and founder of the Internet Security Conference; and Dr. Stephen Kent, chief scientist, Internet Security at BBN Technologies, who has been involved with network security R&D for more than 20 years. ==========> 03-02-03-PCWorld-VulnerabilitiesIncreaseButNetAttacksDown.txt========== http://www.pcworld.com/news/article/0,aid,109187,00.asp The Net Is Dangerous, Research Says Attack rates decline, but worms and software flaws keep cyberspace hazardous, Symantec reports. Paul Roberts, IDG News Service Monday, February 03, 2003 Attacks on company networks decreased over the past six months, but the number of ==========> 03-02-04-eWeek-LatestCybersecurityPlanCountsOnPrivateSector.txt========== http://www.eweek.com/article2/0,3959,861870,00.asp Cyber-Security Plan Counts on Private Sector's Input February 4, 2003 By Dennis Fisher The forthcoming final version of the National Strategy to Secure Cyberspace will call for a comprehensive cybersecurity response system that will depend heavily on contributions from the private sector. The system, as described in the most ==========> 03-02-06-NewsFactor-ASUReserchersSayCascadingFailuresCouldCrashInternet.txt========== http://www.newsfactor.com/perl/story/20686.html Cascading Failures Could Crash the Global Internet By Mike Martin NewsFactor Sci::Tech, Part of the NewsFactor Network February 6, 2003 Eliminating central nodes -- for instance, backbone routers in the Internet -- "is likely to cause ==========> 03-02-07-WasPost-BushOrdersCyberWarfareGuidelines.txt========== http://www.washingtonpost.com/wp-dyn/articles/A38110-2003Feb6.html Bush Orders Guidelines for Cyber-Warfare Rules for Attacking Enemy Computers Prepared as U.S. Weighs Iraq Options By Bradley Graham Washington Post Staff Writer Friday, February 7, 2003; Page A01 President Bush has signed a secret directive ordering the government to develop, for the first time, national-level ==========> 03-02-10-SJMerc-MakeCompaniesLiableForSoftwareSecurityProblems.txt========== http://www.siliconvalley.com/mld/siliconvalley/5147205.htm Posted on Mon, Feb. 10, 2003 Miguel Helft: If tech companies were liable for security holes, cyberspace would become safer By Miguel Helft Just two weeks ago, a nasty little piece of software known to security experts as an Internet ``worm,'' wreaked havoc in parts of cyberspace. ==========> 03-02-13-StarTrib-SomeExpertsSayCyberterrorismUnlikely.txt========== http://www.startribune.com/stories/1576/3650296.html Some experts say cyberterrorism is very unlikely Steve Alexander Star Tribune Published Feb. 13, 2003 For years, government Internet experts have warned a "cyberterrorism" attack could steal national secrets, interrupt electric power, disrupt flight control systems, or worse, amounting to "an electronic Pearl Harbor." ==========> 03-02-15-WashPost-BushCybersecurityPlanLeavesItToIndustry.txt========== http://www.washingtonpost.com/wp-dyn/articles/A10274-2003Feb14.html Cyber-Security Strategy Depends on Power of Suggestion By Jonathan Krim Washington Post Staff Writer Saturday, February 15, 2003; Page E01 The Bush administration yesterday announced its strategy for protecting computer systems from attacks by hackers or terrorists, but it backed away from proposals by several ==========> 03-02-17-FoxNews-108thCongressPreparesTechAgenda.txt========== http://www.foxnews.com/story/0,2933,78729,00.html Congress Preps Tech Agenda Monday, February 17, 2003 By Liza Porteus WASHINGTON — U.S. lawmakers continue to pursue their high-tech agendas, having introduced about 20 tech-related bills in the first week of the new Congress alone and seeking dozens of new rules on piracy, privacy and security, among other issues. ==========> 03-02-19-ChicagoTrib-HackerAccesses8MillionCreditCardRecords.txt========== http://www.chicagotribune.com/technology/chi-0302190273feb19,0,1882983.story?col l=chi-business-hed Credit card data accessed by hacker 4 issuers, more than 5.4 million numbers affected From Tribune news services Published February 19, 2003 NEW YORK -- Visa USA Inc., MasterCard International Inc., American Express Co. and ==========> 03-02-20-CNETNews-CriminalDefenseLawyersAndEFFSayHackersSentencesTooHarsh.txt========== http://news.com.com/2100-1001-985407.html Lawyers: Hackers sentenced too harshly By Robert Lemos Staff Writer, CNET News.com February 20, 2003, 3:47 PM PT The nation's largest group of defense lawyers on Wednesday published a position paper arguing that people convicted of computer-related crimes tend to get stiffer ==========> 03-02-21-TheRegister-InsidersCouldEasilyGuessATM-PINs.txt========== http://www.theregister.co.uk/content/55/29425.html How to get an ATM PIN number in 15 guesses By John Leyden Posted: 21/02/2003 at 13:34 GMT Cambridge researchers have documented a worrying PIN cracking technique against the hardware security modules commonly used by bank ATMs. Mike Bond and Piotr Zielinski have published a paper detailing how a ==========> 03-02-25-SJMerc-WiFiHotspotsCouldLeadToHacking.txt========== http://www.siliconvalley.com/mld/siliconvalley/5258369.htm Posted on Tue, Feb. 25, 2003 Warchalking hype raises wireless-security consciousness By Chris Cobbs Orlando Sentinel During the Great Depression, hobos drew symbols on sidewalks and buildings to let one another know where to find free food. ==========> 03-02-26-SJMerc-CountyEVotingPlansAdvanceInSpiteOfConcerns.txt========== http://www.siliconvalley.com/mld/siliconvalley/5266490.htm Posted on Wed, Feb. 26, 2003 County lets e-voting plan advance without paper backup By Karen de Sá Mercury News Santa Clara County supervisors rejected pleas from computer scientists Tuesday that they require new electronic voting machines to produce a paper trail after each touch-screen vote is cast, leaving that decision to the ==========> 03-02-27-CNETNews-AttorneySaysHackingAttackingComputersMayBeLegal.txt========== http://news.com.com/2100-1002-990469.html Is vigilante hacking legal? By Robert Lemos Staff Writer, CNET News.com February 27, 2003, 2:53 PM PT SEATTLE--Striking back at computers that are attacking a company or home network could be legal under federal nuisance laws, a technology-law expert said Thursday. ==========> 03-03-00-CACM-FirewallsHaveManyHoles.txt========== Departments: Opinion: Securing the Edge Avi Freedman March 2003 Queue, Volume 1 Issue 1 Common wisdom has it that enterprises need firewalls to secure their networks. In fact, as enterprise network practitioners can attest, the "must-buy-firewall" mentality has pervaded the field. Maybe you’re a believer too. But if you have any geeks working for you, do you ==========> 03-03-00-CACM-UsingInsuranceForCyberRiskManagement.txt========== A framework for using insurance for cyber-risk management Lawrence A. Gordon, Martin P. Loeb, Tashfeen Sohail March 2003 Communications of the ACM, Volume 46 Issue 3 Seeking to protect an organization against a new form of business losses. The use of the Internet has significantly increased the vulnerability of organizations to information theft, vandalism, and denial-of-service attacks, thereby bringing information security issues to the forefront of the agenda for ==========> 03-03-03-CalAggie-UCDResearchersTackleComputerSecurity.txt========== http://www.californiaaggie.com/_articles/5761.taf March 03, 2003 Securing a digital lock UCD researchers look for solutions in safeguarding vulnerable computers Graciela Guardado / Aggie Graphic Matt Jojola / Aggie By Matt Moffitt Aggie Science Writer February 27, 2003 - Everyone seeks to feel secure in life. Since ==========> 03-03-03-Computerworld-MajorVulnerabilityInSendmailDiscovered.txt========== http://www.computerworld.com/securitytopics/security/holes/story/0,10801,78991,0 0.html Major Internet vulnerability discovered in e-mail protocol By DAN VERTON MARCH 03, 2003 The Department of Homeland Security (DHS) has been working in secret for more than two weeks with the private sector to fix a major Internet vulnerability that could have had disastrous consequences ==========> 03-03-03-SJMerc-GovtPublicationRestrcitionsStallScientificResearch.txt========== http://www.siliconvalley.com/mld/siliconvalley/5304602.htm Posted on Mon, Mar. 03, 2003 Demand for government review stalls research project By Glennda Chui Mercury News Neuroscientist Bruno Olshausen has been waiting nearly a year to launch a study of how the brain recognizes objects against a cluttered background -- one with potential applications for baggage screening at ==========> 03-03-03-SJMerc-SecurityRestrictingSciencePublicationAndTravel.txt========== http://www.siliconvalley.com/mld/siliconvalley/5304603.htm Posted on Mon, Mar. 03, 2003 Security concerns may be shackling science By Glennda Chui Mercury News Russian scientists are invited to the United States for meetings aimed at stopping the spread of nuclear weapons, only to find they can't get past the border. Foreign researchers are yanked from some federal labs. ==========> 03-03-11-SecurityFocus-HomelandSecuritySybersecurityEffortsDoubted.txt========== http://www.securityfocus.com/news/3043 Homeland Cybersecurity Efforts Doubted As the new Department of Homeland Security swallows nearly every cybersecurity office in the U.S. government, high-profile leaders are jumping ship, and analysts worry that only meager funding and muddled goals remain. By Michael Fitzgerald, SecurityFocus Mar 11 2003 1:24PM ==========> 03-03-13-Yahoo-CMU-SCCWorkshopOnWirelessTrustAndDependability.txt========== http://biz.yahoo.com/prnews/030313/nyth102_1.html Press Release Source: Sustainable Computing Consortium Sustainable Computing Consortium Hosts Workshop On Trust and Dependability in Wireless Environments Thursday March 13, 10:45 am ET PITTSBURGH, March 13 /PRNewswire/ -- A workshop hosted by the Sustainable ==========> 03-03-14-CeBITPanelSaysBombsMoreLikelyThanCyberterrorism.txt========== http://www.pcworld.com/news/article/0,aid,109819,tk,dn031403X,00.asp Does Cyberterrorism Pose a True Threat? Experts say terrorists are more likely to strike with bombs than worms. Joris Evers, IDG News Service Friday, March 14, 2003 HANOVER, GERMANY -- The cyberterrorism threat is overstated: Terrorists won't strike the Internet because bombs are more effective, an expert panel agreed Friday. ==========> 03-03-15-Wired-NRICSaysBusinessesMustGetSeriousAboutNetworkSecurity.txt========== http://www.wired.com/news/infostructure/0,1377,58067,00.html Network Guardians Face Thorny Job By Michael 02:00 AM Mar. 15, 2003 PT WASHINGTON -- The task of protecting America's communications and information networks isn't getting any easier. And federal agencies and private companies face a steeper ==========> 03-03-18-WashPost-USHeightensCybersecurityMonitoring.txt========== http://www.washingtonpost.com/wp-dyn/articles/A46583-2003Mar18.html U.S. Heightens Cybersecurity Monitoring By Robert MacMillan washingtonpost.com Staff Writer Tuesday, March 18, 2003; 1:19 PM The Department of Homeland Security is boosting efforts to monitor the Internet for cyberterrorist and hacking incidents as the nation readies for war against Iraq. ==========> 03-03-20-Fortune-WeAreVulnerableToCyberAttacks.txt========== http://www.fortune.com/fortune/fastforward/0,15704,434993,00.html FAST FORWARD Are We Vulnerable to Cyber-Attacks? Most organizations say they're getting more serious about security, but the risks are still growing. FORTUNE Thursday, March 20, 2003 By David Kirkpatrick ==========> 03-03-20-NewsFactor-InternetStillNotSecure.txt========== http://www.newsfactor.com/perl/story/21056.html Cyberspace an Invisible Front in War on Terrorism By Bob Keefe March 20, 2003 Businesses and government agencies have spent billions in recent years on computer security software and equipment, only to see the number and ferocity of computer attacks increase. ==========> 03-03-20-PCWorld-CongressionalBriefing-Security-Privacy.txt========== http://www.pcworld.com/news/article/0,aid,109934,00.asp Will War Swap Privacy for Security? Tech execs, lawmakers ponder role of surveillance. Grant Gross, IDG News Service Thursday, March 20, 2003 WASHINGTON, D.C. -- The challenge of balancing security and privacy is taking a new turn with battles in progress in Iraq. ==========> 03-03-21-ChronHighEdu-Shibboleth-Internet2-Authentication.txt========== http://chronicle.com/free/2003/03/2003032101t.htm INTERNET2 CONNECTIONS Seeking Additional Security After a Big Theft, JSTOR Tests Internet2's Shibboleth By FLORENCE OLSEN Last fall, someone taking advantage of a common method for gaining access to online databases attempted to download the vast collection of ==========> 03-03-21-Computerworld-DNSSec-AttemptsToStopSophisticatedDOSAttacks.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,79576,00.html DNS expert: More sophisticated Internet attacks coming By JAIKUMAR VIJAYAN MARCH 21, 2003 Last October's denial-of-service attacks against the Domain Name System (DNS) were only the opening salvo in what will inevitably be far more sophisticated attacks against the Internet's core addressing system, according ==========> 03-03-24-WaskTech-SomeSayBushAdminMovesDowngradeCyberSecurity.txt========== http://www.washingtontechnology.com/news/17_24/federal/20349-1.html 03/24/03; Vol. 17 No. 24 Cybersecurity downgraded? By PATIENCE WAIT Demise of critical infrastructure board makes industry 'nervous' The decision by the White House to eliminate the President's Critical Infrastructure Protection Board and fold its responsibilities into the new Department of ==========> 03-03-25-NAS-NRDReport-IdentityVerificationAndPrivacy.txt========== http://www4.nationalacademies.org/news.nsf/isbn/0309088968?OpenDocument Date: March 25, 2003 Contacts: Barbara J. Rice, Deputy Director Andrea Durham, Media Relations Assistant Office of News and Public Information (202) 334-2138; e-mail FOR IMMEDIATE RELEASE ==========> 03-03-25-NewsFactor-WPAWillNotMakeWiFiSecure.txt========== http://www.newsfactor.com/perl/story/21081.html NEWSFACTOR SPECIAL REPORT: Are Wireless Networks Secure Yet? By Vincent Ryan NewsFactor Network March 25, 2003 Once vendors and standard-setters solve the encryption and authentication ==========> 03-03-26-Felten-StatesIntroBillsToExtendDMCAToFirewalls.txt========== http://www.freedom-to-tinker.com/archives/000336.html Freedom to Tinker (Ed Felten) ... is your freedom to understand, discuss, repair, and modify the technological devices you own. « Finkelstein Replies on ARDG and the Press | Main | MPAA Lobbying for State Super-DMCA Bills » March 26, 2003 Use a Firewall, Go to Jail ==========> 03-03-26-WSJ-IraqWarCausesMoreWebSiteDefacementHacking.txt========== http://sg.biz.yahoo.com/030326/72/39e6t.html Wednesday March 26, 9:07 AM Web Hacking Is Up As Tensions Rise (From The Wall Street Journal) By Riva Richmond Dow Jones Newswires NEW YORK -- Amid heightened emotions over the war in Iraq, hacker groups have stepped up defacements of Web ==========> 03-03-31-Provos-WebPagesMovedOffshore-MichSuperDMCA.txt========== http://niels.xtdnet.nl/honeyd/ Due to a new Michigan law, the legality of my research or these web pages is currently unclear. Felton provides additional information about the resulting restrictions on technology and research. The web pages will be reinstated once the situation has been resolved. Please, support the EFF. ==========> 03-04-00-ACMUbiquity-InsecureInformationSubmissionMethodsDisourageApplicants.txt========== Job applications and network security, or, how to not limit the online applicant pool Trevis J. Rothwell April 2003 Ubiquity, Volume 4 Issue 10 Employers discourage potential applicants by not offering secure methods for submitting personal information. Browsing through online job postings, you can see that different companies list ==========> 03-04-00-IEEESpectrum-UpdatingElectronicSurveillanceSystems.txt========== http://www.spectrum.ieee.org/WEBONLY/publicfeature/apr03/code.html Listening In Are the glory days of electronic spying over—or just beginning? By Stephen Cass Submarines prowl the ocean floor, while ships above carefully skirt the limits of international waters. On dry land, guards patrol high fences surrounding acres of huge golf ball-shaped radar domes. In the skies, ==========> 03-04-01-EETimes-ConnectedRealTineSystemsHaveSecurityNeeds.txt========== "Internet Connected Real-Time Systems Vulnerable to Attack?" Electronic Engineering Times--Asia (04/01/03); Jones, Richard Connected real-time systems offer many advantages to users, including a richer interface, resource and information sharing, and easier upgradeability, but the trade-off is vulnerability to a variety of assaults; the trick is to adequately protect real-time systems without imperiling performance. Hackers can overload connected real-time systems using denial of service (DoS) ==========> 03-04-01-EETimes-DNSNeedsBetterSecurity.txt========== http://www.commsdesign.com/story/OEG20030401S0048 DNS pioneer warns of Internet security By Margaret Quan EE Times April 1, 2003 (6:01 p.m. EST) MANHASSET, NY — The Internet community can ill afford to rest on its laurels as far as DNS security is concerned. When it comes to the Domain Name System, ==========> 03-04-01-PCWorld-CFP2003-SecurityVsPrivacy.txt========== http://www.pcworld.com/news/article/0,aid,110088,00.asp Does Security Mean Sacrificing Privacy? Conference examines possibility of expanded government powers. Scarlet Pruitt, IDG News Service Tuesday, April 01, 2003 Given the backdrop of war, tightened national security, and new legislation aimed at expanding government powers, the discussions and debates due to take place at the 13th ==========> 03-04-02-InternetWeek-MSNeedsToImproveAppsSecurity.txt========== http://www.internetwk.com/breakingNews/showArticle.jhtml?articleID=8100183 Securing Microsoft Apps -- A Simple How-To By Mitch Wagner Security is the top concern for more than three-quarters of IT managers deploying Microsoft applications, Forrester Research said in a study released Monday. ==========> 03-04-02-PCWorld-FedOfficialDefendsBushCybersecurityPlan.txt========== http://www.pcworld.com/news/article/0,aid,110117,00.asp Feds Defend Plan to Secure Cyberspace All companies and Internet users need to protect their own piece of cyberturf, experts say. Grant Gross, IDG News Service Wednesday, April 02, 2003 WASHINGTON -- U.S. President George W. Bush's top cybersecurity advisor defended his ==========> 03-04-04-NetMag-Honeypots-StrategiesAndIssues.txt========== http://www.networkmagazine.com/shared/article/showArticle.jhtml?articleId=870353 3 Strategies & Issues: Honeypots - Sticking It to Hackers Deterring security breaches may be sticky business, but honeypots can spell sweet success. By Lance Spitzner Network Magazine 04/04/2003, 4:19 PM ET ==========> 03-04-08-GovtCompNews-DebateOverCybersecurityResources.txt========== http://www.gcn.com/vol1_no1/daily-updates/21652-1.html 04/08/03 Administration faulted for lack of IT security leadership By William Jackson Government Computer News GCN Staff Two former government IT security officials today criticized the administration before a ==========> 03-04-08-TechDaily-DebateOverCybersecurityResources.txt========== http://www.govexec.com/dailyfed/0403/040803td1.htm April 8, 2003 Former, current Bush officials battle on cybersecurity By William New, National Journal's Technology Daily The Bush administration's top information technology official and its former cybersecurity czar locked horns Tuesday over the need for dedicated senior officials for cybersecurity. ==========> 03-04-09-WashPost-DebateOverCybersecurityResources.txt========== http://www.washingtonpost.com/wp-dyn/articles/A59970-2003Apr8.html Ex-Officials Urge U.S. To Boost Cybersecurity Resources Are Lacking, Congress Told By Brian Krebs washingtonpost.com Wednesday, April 9, 2003; Page E05 The new Department of Homeland Security lacks the resources and expertise to execute the core elements of the ==========> 03-04-10-SFGate-CFP03FocussesonCivilLibertiesIssues.txt========== http://www.sfgate.com/cgi-bin/article.cgi?file=/gate/archive/2003/04/10/cfp.DTL War on Electronic Privacy Attendees of Computers, Freedom and Privacy conference fight for high tech civil liberties Annalee Newitz, Special to SF Gate Thursday, April 10, 2003 The giant silver coffee dispensers positioned at the center of the meeting rooms in the New Yorker Hotel ==========> 03-04-11-CNETNews-HoneypotsGetBetter.txt========== http://news.com.com/2100-1009-996574.html Honeypots get stickier for hackers By Robert Lemos Staff Writer, CNET News.com April 11, 2003, 1:04 PM PT VANCOUVER, British Columbia--If Lance Spitzner has his way, network defenders will get sweeter on the "honeypot"--a traditional method of detecting online intruders. ==========> 03-04-11-ComputerWorld-RSA2003Conf-IntrusionPrevention.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,80260,00.html Intrusion prevention touted over detection By JAIKUMAR VIJAYAN APRIL 11, 2003 Source: Computerworld Next week's RSA Conference 2003 in San Francisco will feature a range of security technologies meant to let corporations more proactively defend themselves against a ==========> 03-04-11-PCWorld-HomelandSecuritySeeksTechSolutions.txt========== http://www.pcworld.com/news/article/0,aid,110241,00.asp Homeland Security Seeks More Tech Funds Cyber, biometric security efforts top new agency's plans. Grant Gross, IDG News Service Friday, April 11, 2003 WASHINGTON -- The head of the science and technology office of the Department of Homeland Security promises to work with other federal agencies and private vendors to ==========> 03-04-12-FreedomToTinker-MPAA-StateSuperDMCALaws.txt========== http://www.freFreedom to Tinker ... is your freedom to understand, discuss, repair, and modify the technological devices you own. FREEDOM TO TINKER > Topic: Super-DMCA April 12, 2003 Carve-Outs This week, the MPAA reportedly has narrowed its Super-DMCA legislation yet again, this time to add special carve-outs to protect ISPs and telephone companies. This is supposed to improve the bill. ==========> 03-04-14-EFF-MPAA-StateSuperDMCALawsOpposed.txt========== http://www.eff.org/IP/DMCA/states/20030414_eff_sdmca_pr.php For Immediate Release: Monday, April 14, 2003 Electronic Frontier Foundation Opposes Digital Lockdown Some States Pass, Others Consider Copyright Legislation Electronic Frontier Foundation Media Release San Francisco, CA - The Electronic Frontier Foundation (EFF) today released a detailed analysis of the dangers posed by ==========> 03-04-14-NYT-DOSAttackUsingTheUSPS.txt========== "Cyberattacks With Offline Damage" New York Times (04/14/03) P. C4; Schwartz, John Aviel D. Rubin of Johns Hopkins University's Information Security Institute recently presented a paper suggesting that a cyberspace-based attack can have real-world ramifications, and is relatively simple to carry out. All that is needed are tools published by certain search engines--Google, for instance--that can automate large-scale searches and enable malicious ==========> 03-04-14-SJMerc-DG-DMCAUsedToStopIDCardPresentation.txt========== http://weblog.siliconvalley.com/column/dangillmor/archives/000942.shtml#000942 April 14, 2003 DMCA Misused Again, Stifling Speech • posted by Dan Gillmor 05:10 PM Slashdot: Blackboard Campus IDs: Security Thru Cease & Desist. On Saturday night, Virgil and Acidus, two young security researchers, were scheduled to give a talk at ==========> 03-04-14-Slashdot-DMCAUsedToStopIDCardPresentation.txt========== http://features.slashdot.org/features/03/04/14/1846250.shtml Blackboard Campus IDs: Security Thru Cease & Desist Posted by jamie on Monday April 14, @03:14PM from the cease-and-desist dept. On Saturday night, Virgil and Acidus, two young security researchers, were scheduled to give a talk at Interz0ne II on security flaws they'd found ==========> 03-04-14-TheRegister-StateDMCALawsPreventAnonymousCommunications.txt========== http://www.theregister.co.uk/content/55/30231.html Super-DMCA' fears suppress security research By Kevin Poulsen, SecurityFocus Posted: 14/04/2003 at 10:16 GMT Steganography and honeypot expert Niels Provos may risk four years in prison by completing his Ph.D., writes Kevin Poulsen, of SecurityFocus. A University of Michigan graduate student noted for his research into ==========> 03-04-15-Counterpane-DOSAttackUsingTheUSPS.txt========== http://www.counterpane.com/crypto-gram-0304.html April 15, 2003 by Bruce Schneier Founder and CTO Counterpane Internet Security, Inc. schneier@counterpane.com Copyright (c) 2003 by Counterpane Internet Security, Inc. Automated Denial-of-Service Attack Using the U.S. Post Office ==========> 03-04-15-EETimes-MS-EnSCB-UsersDontGetControlOfKeys.txt========== http://www.eetimes.com/sys/news/OEG20030415S0013 Cryptographers sound warnings on Microsoft security plan By Rick Merritt EE Times April 15, 2003 (9:32 a.m. EST) SAN FRANCISCO — Just three weeks before Microsoft Corp. publicly details plans to create a secure operating mode for Windows PCs, two top cryptographers have ==========> 03-04-15-InternetWeek-Sun-SymantecUnveilIntrusionDetection.txt========== http://www.internetwk.com/breakingNews/showArticle.jhtml?articleID=8800106 Sun, Symantec Join Forces On Intrusion Detection By TechWeb News Sun Microsystems and antivirus maker Symantec jointly announced on Monday that they would release a new intrusion-detection appliance later this month for enterprises and service providers. ==========> 03-04-15-TheRegister-Sun-SymantecUnveilIntrusionDetection.txt========== http://www.theregister.co.uk/content/53/30266.html Sun preps intrusion detection appliance By Ashlee Vance in San Francisco Posted: 15/04/2003 at 18:27 GMT Sun Microsystems and Symantec held hands at this week's RSA security conference with the introduction of a new intrusion detection server appliance. The system aptly named the iForce Intrusion Detection Appliance is based on ==========> 03-04-16-CNETNews-HomelandSecurityAsksIndustryForData.txt========== http://news.com.com/2100-1028-997218.html Uncle Sam: Share your system's secrets By Declan McCullagh Staff Writer, CNET News.com April 16, 2003, 4:08 PM PT WASHINGTON--The Department of Homeland Security is hoping to convince technology and telecommunications companies that it's safe to share information about infrastructure vulnerabilities with the federal government. ==========> 03-04-16-MplsStarTrib-GovtAndIndustryPartnerToFightCyberterrorism.txt========== http://24hour.startribune.com/24hour/technology/story/856743p-5999101c.html Feds, tech industry partner to fight cyberterrorism Minneapolis Star-Tribune By RACHEL KONRAD, AP Business Writer SAN FRANCISCO (April 16, 5:36 p.m. CDT) - Instead of pursuing strict regulations to guard against cyberterrorism, the federal government and technology industry have decided to jointly develop voluntary standards. ==========> 03-04-16-PCWorld-ExpertWarnsOfCyberthreats.txt========== http://www.pcworld.com/news/article/0,aid,110287,00.asp Expert Warns of Cyberthreats We shouldn't be complacent about cybersecurity, he says. Paul Roberts, IDG News Service Wednesday, April 16, 2003 SAN FRANCISCO -- The United States is in danger of becoming complacent about the threats posed by international terrorism and should step up its funding of antiterrorism ==========> 03-04-16-SJMerc-DG-HoneypotTrapsRaiseLegalAndEthicalIssues.txt========== http://www.siliconvalley.com/mld/siliconvalley/5646059.htm Posted on Wed, Apr. 16, 2003 Dan Gillmor: Honeypot snares raise ethical and legal issues By Dan Gillmor Mercury News Technology Columnist News and views, culled and edited from my online eJournal (www.dangillmor.com): ==========> 03-04-17-BusWeek-ShouldHackersBeHired.txt========== http://www.businessweek.com/technology/content/apr2003/tc20030416_7638_tc029.htm APRIL 17, 2003 SECURITY FOCUS Debate: Should You Hire a Hacker? Kevin Mitnick squares off with his former prosecutor: can reformed hackers be trusted to guard the corporate henhouse? Should corporations hire known hackers with criminal records to test and secure their ==========> 03-04-17-SJMerc-DMCAUsedToStopIDCardPresentation.txt========== http://www.siliconvalley.com/mld/siliconvalley/5656656.htm Posted on Thu, Apr. 17, 2003 Student barred from discussing flaws in campus technology ATLANTA (AP) - Fifteen minutes before he was to lecture on security flaws in a debit card system used on 223 college campuses, 22-year-old Billy Hoffman found out a judge had banned him from talking. Hoffman had used a screwdriver to break into a laundry room swipe ==========> 03-04-17-SJMerc-InternetUsersHaveToolsToProtectThemselves.txt========== http://www.siliconvalley.com/mld/siliconvalley/5653230.htm Posted on Thu, Apr. 17, 2003 Privacy protection INTERNET USERS HAVE MANY TOOLS AVAILABLE TO HOLD INVADERS AT BAY By Michael Bazeley Mercury News These are sobering times for Internet users who value their privacy. ==========> 03-04-17-TheRegister-EmployeesQuickToGivePasswords.txt========== http://www.theregister.co.uk/content/55/30324.html Office workers give away passwords for a cheap pen By John Leyden Posted: 17/04/2003 at 17:01 GMT Workers are prepared to give away their passwords for a cheap pen, according to a somewhat unscientific - but still illuminating - survey published today. ==========> 03-04-25-SmallTimes-PARC-NSF-SensorNetsIssues.txt========== http://www.smalltimes.com/document_display.cfm?document_id=5904 AS PRIVACY VS. SECURITY DEBATE HEATS UP, NSF PRIMES SENSOR PUMP By Michael Fitzgerald Small Times Correspondent PALO ALTO, Calif., April 25, 2003 – When the Palo Alto Research Center (PARC) celebrates its 30th anniversary this May, Ethernet networking and the personal computer will be its stars. For its 35th anniversary, wireless sensor networks may join the cast. ==========> 03-04-27-CNN-TooMuchBuggySoftware.txt========== http://www.cnn.com/2003/TECH/ptech/04/27/buggy.software.ap/index.html Spread of buggy software raises new questions Sunday, April 27, 2003 Posted: 2:17 PM EDT (1817 GMT) NEW YORK (AP) -- When his dishwasher acts up and won't stop beeping, Jeff Seigle turns it off and then on, just as he does when his computer crashes. Same with the exercise machines at his gym and his CD player. "Now I think of resetting appliances, not just computers," says Seigle, a ==========> 03-04-28-NYT-HoneynetProjectSetToCatchHackers.txt========== http://www.nytimes.com/2003/04/28/technology/28NECO.html "A New Way to Catch a Hacker" New York Times (04/28/03) P. C4; Thompson, Nicholas The nonprofit Honeynet Project, the brainchild of computer security expert Lance Spitzner, has spent the last four years studying hackers and the intrusion methods they use by allowing them to break into honeypots--systems ==========> 03-04-29-WIred-NHBillWouldLegalizeAccessToOpenWirelessNets.txt========== http://www.wired.com/news/wireless/0,1382,58651,00.html Licensed to War Drive in N.H. By Brian McWilliams 02:00 AM Apr. 29, 2003 PT DURHAM, New Hampshire -- A land where white pines easily outnumber wireless computer users, New Hampshire may seem an unlikely haven for the free networking movement. ==========> 03-05-00-CACM-802DOT11bWirelessNetworkingSecurity-AccessPointMapping.txt========== Wireless networking security: 802.11b access point mapping Simon Byers, Dave Kormann May 2003 Communications of the ACM, Volume 46 Issue 5 Considering some of the practical issues encountered when finding and mapping wireless network access points. Scanning the electromagnetic spectrum for interesting non-natural signals has long been a pastime of curious hobbyists and professionals. In generic radio ==========> 03-05-00-CACM-IntroductionToWirelessNetworkingSecurity.txt========== Wireless networking security: Introduction Aviel D. Rubin May 2003 Communications of the ACM, Volume 46 Issue 5 In the time span of just a few years, wireless local area networking went from being a novelty to revolutionizing the way many organizations connect their computers. Visit any major department store, hospital, or office building, and you will encounter 802.11 cards in all of the PCs and access points hanging from the ceiling. The speed with which wireless networking has caught on is not ==========> 03-05-00-CACM-WirelessSecurityFlawsIn802DOT11.txt========== Wireless networking security: Security flaws in 802.11 data link protocols Nancy Cam-Winget, Russ Housley, David Wagner, Jesse Walker May 2003 Communications of the ACM, Volume 46 Issue 5 Understanding the difficulties in security protocol design and attempting to relocate the struggle between hacker and defender to a different protocol layer. It is evident that anyone with a radio receiver can eavesdrop on a wireless local area network (WLAN), and therefore widely acknowledged that a WLAN needs ==========> 03-05-03-NetMag-CybersecurityEarlyWarningSystems.txt========== http://www.networkmagazine.com/article/NMG20030205S0006 Computer Security's Early Warning Systems From honeypots to threat radars, early warning systems give advanced notice of the next big attack. by Andrew Conry-Murray Network Magazine 02/05/03, 3:08 p.m. ET It's ironic that the Internet, which traces its origins to a command ==========> 03-05-06-SJMerc-Gates-FutureMSSecurityWillBeOptional.txt========== http://www.siliconvalley.com/mld/siliconvalley/news/editorial/5798718.htm Posted on Tue, May. 06, 2003 Gates says next-generation security technology to benefit, not stifle users NEW ORLEANS (AP) - Consumers shouldn't be worried that Microsoft Corp.'s new security technology will wrest control of their PCs and give it to media companies, Bill Gates said Tuesday. They can always choose not to use it, he said. ==========> 03-05-07-PFIR-TripoliProj-NewEmailEnvironment.txt========== http://www.pfir.org/tripoli-overview "TRIPOLI" An Empowered E-Mail Environment Putting E-Mail Users in Control While Enhancing Security and Controlling Spam Overview May 7, 2003 Updated August 22, 2003 ==========> 03-05-08-CNETNews-MSPassportFacesPossibleFTCAction.txt========== http://news.com.com/2100-1009-1000655.html?tag=nl Passport problems could cost Microsoft By Robert Lemos Staff Writer, CNET News.com May 8, 2003, 4:10 PM PT Microsoft faces a possible investigation and significant fines for a security lapse that could have exposed the personal information of millions of consumers. ==========> 03-05-08-PFIR-TripoliProj-NewEmailEnvironment.txt========== http://www.pfir.org/tripoli-announce PFIR - People For Internet Responsibility TRIPOLI Project Press Release May 8, 2003 PFIR Announces the "TRIPOLI" Project A Call to Arms to the Internet and Open-Source Communities! It's Time to Secure E-Mail, Control Spam, and Empower E-Mail Users! ==========> 03-05-08-WashPost-PARC-TIA-PrivacyProject.txt========== washingtonpost.com Balancing Data Needs And Privacy By Leslie Walker Thursday, May 8, 2003; Page E01 PALO ALTO, Calif. It's hard to believe much good will come of the Bush administration's plan for a grandiose surveillance network that would scour trillions of data snippets worldwide hunting for signs of terrorism. I think civil ==========> 03-05-13-CNETNews-ProposalsToCurbDOSAttacks.txt========== http://news.com.com/2100-1009_3-1001200.html Taking aim at denial-of-service attacks By Robert Lemos Staff Writer, CNET News.com May 13, 2003, 6:01 AM PT BERKELEY, Calif.--Graduate students from Carnegie Mellon University on Monday proposed two methods aimed at greatly reducing the effects of Internet attacks. ==========> 03-05-13-PCWorld-NewOrgToDevelopWirelessSecurityStandards.txt========== http://www.pcworld.com/news/article/0,aid,110714,00.asp Setting a Standard for Wireless Security Two industry groups team up to make going mobile more secure. Grant Gross, IDG News Service Tuesday, May 13, 2003 Two groups that already have worked closely together on developing wireless security standards have decided to formally join forces. By mid-June, the PAM Forum, a ==========> 03-05-13-SecFocus-ACM-UrgesDMCASecurityResearchExemption.txt========== http://www.securityfocus.com/news/4729 Security research exemption to DMCA considered By Kevin Poulsen, SecurityFocus May 13 2003 4:47PM Computer security researchers would be allowed to hack through copy protection schemes in order to look for security holes in the software being protected, under a proposed exception to the Digital Millennium Copyright Act (DMCA) being debated in official hearings this ==========> 03-05-13-SecFocus-ResearchersWantDMCAExemption.txt========== http://www.securityfocus.com/news/4729 Security research exemption to DMCA considered By Kevin Poulsen, SecurityFocus May 13 2003 4:47PM Computer security researchers would be allowed to hack through copy protection schemes in order to look for security holes in the software being protected, under a proposed exception to the Digital Millennium Copyright Act (DMCA) being debated in official hearings this week. ==========> 03-05-14-SJMerc-USVulnerableToCyberAttack.txt========== http://www.siliconvalley.com/mld/siliconvalley/5864653.htm Posted on Wed, May. 14, 2003 U.S. still vulnerable to cyber attack 4 SECURITY AGENCIES URGED BY CONGRESS TO SPEED EFFORTS By Jim Puzzanghera Mercury News Washington Bureau WASHINGTON - More than 20 months after the Sept. 11 terrorist attacks, the United States remains ill-prepared to defend ==========> 03-05-14-Wired-MS-NGSCB-UsersCanOptOut.txt========== http://www.wired.com/news/print/0,1294,58822,00.html Is Palladium Getting a Bad Rap? By Michelle Delio 02:00 AM May. 14, 2003 PT According to Microsoft, a flood of FUD -- spooky rumors intended to cause fear, uncertainty and doubt -- are swirling around its Next Generation Secure Computing Base. ==========> 03-05-16-CNETNews-IRCOperatorsStopVirus.txt========== http://news.com.com/2100-1002_3-1003894.html IRC operators may out-hack Fizzer By Robert Lemos Staff Writer, CNET News.com May 16, 2003, 3:01 PM PT Administrators of Internet relay chat networks believe they might be able to eradicate the Fizzer virus, but the methods may run them afoul of cybercrime laws, ==========> 03-05-18-WashPost-RussianHackersTurnToCrime.txt========== http://www.washingtonpost.com/wp-dyn/articles/A2619-2003May17.html HACKERS: 'They Can't Get Us in Russia' Internet Dreams Turn To Crime Russian Start-Up Firm Targeted U.S. Companies By Ariana Eunjung Cha Washington Post Staff Writer Sunday, May 18, 2003; Page A01 First of three articles ==========> 03-05-20-NewScientist-GPSDataCouldStopWirelessAttack.txt========== http://www.newscientist.com/news/news.jsp?id=ns99993747 "GPS Data Could Stop Wireless Network Attacks" New Scientist (05/20/03); Knight, Will Carnegie Mellon University's Yi-Chin Hu and Adrian Perrig, along with Rice University's David Johnson, furnished a report presented at the 12th World Wide Web conference detailing a new wireless network security threat and ==========> 03-05-20-NYT-SpammersUseUnprotectedComputersToRoute.txt========== http://www.nytimes.com/2003/05/20/technology/20SPAM.html "Email's Backdoor Open to Spammers" New York Times (05/20/03) P. A1; Hansell, Saul Routing junk email through unwitting third parties, usually home and office Internet users, is the No. 1 distribution method spammers use, and ISPs such as America Online estimate that over 200,000 computers around the world ==========> 03-05-22-PCWorld-CyberDefense-MoreFundingNeeded.txt========== http://www.pcworld.com/news/article/0,aid,110851,00.asp Take Tech Threats Seriously, Feds Say Homeland Security wants more funds for cyberdefense efforts. Elsa Wenzel, Medill News Service Thursday, May 22, 2003 Keeping emergency services' communications lines working or alerting Americans about terrorist attacks by mass-messaging their cell phones are possible tech ==========> 03-05-28-PCWorld-StudySaysCIABehindInInfoTech.txt========== http://www.pcworld.com/news/article/0,aid,110905,00.asp Study: CIA Behind the Times in IT Report says agency's technology systems are inefficient and out of date. Paul Roberts, IDG News Service Wednesday, May 28, 2003 While television viewers marvel at the sophisticated technology and analysis tools used by U.S. Central Intelligence Agency agents on the popular U.S. television show The ==========> 03-05-29-NYT-TeensEnlistedHasWhiteHatHackers.txt========== "Enlisting the Young as White-Hat Hackers" New York Times (05/29/03) P. E5; Flaherty, Julie Tiger Team, a free after-school class that teaches ethical hacking to teenagers, is the pilot program of Andrew Robinson's nonprofit Internet Security Foundation. Tiger Team students are arranged into opposing groups that attempt to hack into each other's networks while simultaneously fortifying them. Participants also follow an honor code that keeps them from hacking ==========> 03-06-00-CACM-AnalyzingDirectAndIndirectSecurityCosts.txt========== Security watch: Analyzing security costs Rebecca T. Mercuri June 2003 Communications of the ACM, Volume 46 Issue 6 Quantification tools, if applied prudently, can assist in the anticipation, budgeting, and control of direct and indirect computer security costs. Costs related to computer security are often difficult to assess, in part because accurate metrics have been inherently unrealistic. Of those costs that ==========> 03-06-00-CACM-TaxonomyOfSecurityConsiderationsAndSoftwareQuality.txt========== Taxonomy of security considerations and software quality Huaiqing Wang, Chen Wang June 2003 Communications of the ACM, Volume 46 Issue 6 Addressing security threats and risks through software quality design factors. Today's software often has countless intricate interdependencies on modern operating systems, other enterprise applications (including databases and legacy systems), and the high-speed networking infrastructure. It is within ==========> 03-06-02-ZDNet-Farber-CybersecurityImprovementsNeeded.txt========== http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2913868,00.html Cybersecurity report card--serious improvements needed By Dan Farber June 2, 2003 IT security is under siege. At this juncture, the intruders have the upper hand, and they are taking advantage of increasingly sophisticated tools and unsophisticated ==========> 03-06-16-WSJ-CalLawRequiresNotifactionOfIntrusions.txt========== "Hacker Alert" Wall Street Journal (06/16/03) P. R9; Richmond, Riva July 1, 2003 will mark the enactment of a precedent-setting California law requiring companies to immediately notify California residents of online intrusions that may have compromised their personal information and made them vulnerable to identity theft; organizations that fall under the law's jurisdiction will include those located in California as well as those who do ==========> 03-06-17-SenJudiciary-TheDarkSideOfP2P.txt========== http://www.senate.gov/~hatch/index.cfm?FuseAction=Statements.Detail&PressRelease _id=205148&Month=6&Year=2003 June 17th, 2003 Contact: Margarita Tapia, 202.224.5225 JUDICIARY STATEMENT: "THE DARK SIDE OF A BRIGHT IDEA" Will Persional and National Security Risks of P2P Networks Compromise the Promise of P2P Networks? ==========> 03-06-18-NCNewsObs-CybersecurityFundsAttractResearchers.txt========== http://www.newsobserver.com/business/technology/story/2626567p-2436758c.html Wednesday, June 18, 2003 12:00AM EDT An opening in cyberspace As network security worries grow, universities see opportunities to attract both research money and interested students By CHRISTINA DYRNESS, Staff Writer An Iraqi attack on U.S. computer systems leaves ==========> 03-06-18-SecFocus-Bluetooth1.2RaisesSecurityIssues.txt========== http://www.securityfocus.org/news/5896 Security Researchers Nibble at Bluetooth By Kevin Poulsen, SecurityFocus Jun 18 2003 8:59AM On Tuesday the organization responsible for the Bluetooth wireless standard unveiled version 1.2 of its official spec at the Bluetooth World Congress in Amsterdam. But for real evidence that that the technology is finally gaining acceptance turn to the conference ==========> 03-06-24-MSNBC-HijackersTakingOverInternetAddresses.txt========== http://www.msnbc.com/news/930843.asp?cp1=1 Hackers move on to hijacking ‘Cyberjackers’ take over Web addresses for porn, spam Hackers are taking over abandoned or little-used Internet addresses for all sorts of unauthorized activity. By Jerry Cobb, CNBC LOS ANGELES, June 24 — Some call it ==========> 03-06-26-ZDNet-GatesSaysTechWillHelpPrivacyAndSecurity.txt========== http://news.zdnet.co.uk/story/0,,t269-s2136612,00.html Gates: Orwell was wrong about Big Brother 09:10 Thursday 26th June 2003 Declan McCullagh, CNET News.com The Microsoft chairman says his technology will make the US more secure without infringing on personal privacy On the 100th anniversary of George Orwell's birth, Microsoft chairman Bill ==========> 03-06-27-SJMerc-PaloAltoSchoolsWiFiNetworkOpen.txt========== http://www.siliconvalley.com/mld/siliconvalley/6184495.htm Posted on Fri, Jun. 27, 2003 Reporter accesses student info through district's open wireless network PALO ALTO, Calif. (AP) - School administrators in the heart of Silicon Valley learned a recent lesson about the insecurity of wireless Internet networks. Armed only with a laptop and a wireless connection card, a reporter for the Palo Alto Weekly succeeded last week in accessing the Palo Alto Unified School ==========> 03-06-27-TheWhir-EUCyberSecurityPlan.txt========== http://thewhir.com/features/euro-security.cfm New Agency to Ensure Internet Security in Europe Adam Eisner, theWHIR.com From Web Hosting Monthly, June 2003 edition June 27, 2003 -- (WEB HOST INDUSTRY REVIEW) -- The European Commission has introduced the first European cyber-security agency. When the European Commission implemented its ambitious eEurope action plans, ==========> 03-06-29-NYT-TrustedComputingIssues.txt========== http://www.nytimes.com/2003/06/30/technology/30SECU.html A Safer System for Home PC's Feels Like Jail to Some Critics John Marshall Mantel for The New York Times A sample of the code for a more secure version of Microsoft Windows. John Marshall Mantel for The New York Times Mario Juarez, left, the group product manager for Microsoft's security business unit, discussing with Aaron Verstraete their work on the "trusted computing" software within the Windows program. ==========> 03-06-30-Wired-NewHomelandSecPrivacyOfficer.txt========== http://www.wired.com/news/privacy/0,1848,59336,00.html Nuala: Tech Not a Complete Fix By Michelle Delio 02:00 AM Jun. 30, 2003 PT Two months into her job as chief privacy officer for the Department of Homeland Security Department, Nuala O'Connor Kelly spoke by phone and e-mail with Wired News about her personal experiences with both terrorism and government surveillance, what she really did at Internet advertising firm DoubleClick, and ==========> 03-07-00-CACM-PFIRES-APolicyFrameworkForInformationSecurity.txt========== PFIRES: a policy framework for information security Jackie Rees, Subhajyoti Bandyopadhyay, Eugene H. Spafford July 2003 Communications of the ACM, Volume 46 Issue 7 Creating and maintaining effective security strategy and policy for software applications. As organizations increasingly rely on information systems as the primary way to conduct operations, keeping such systems (and the associated data) secure ==========> 03-07-08-AusITNews-InternetAttacksJustStarting.txt========== http://australianit.news.com.au/articles/0,7204,6715755%5E15318%5E%5Enbv%5E15306 ,00.html Net hacks just starting Chris Jenkins JULY 08, 2003 RECENT attacks, including an international hacking competition last weekend, are only the thin end of the security wedge, according to a leading internet firm's chief scientist. ==========> 03-07-08-CompWeekly-ProblemsWithBiometrics.txt========== http://www.computerweekly.com/articles/article.asp?liArticleID=123178&liArticleT ypeID=20&liCategoryID=1&liChannelID=13&liFlavourID=1&sSearch=&nPage=1 by Karl Cushing Tuesday 8 July 2003 Researchers keep an eye on the future of security The idea of checking physical characteristics to authenticate a person's identity has a long and distinguished history. ==========> 03-07-08-NWFusion-IBM-MS-PublishWebServicesSpec.txt========== http://www.nwfusion.com/news/2003/0708ibmmsspec.html IBM, Microsoft publish Web services identity spec By John Fontana Network World Fusion, 07/08/03 IBM and Microsoft on Tuesday published the fifth of an eventual seven specifications that will work in unison to help corporations deploy secure and interoperable Web services. ==========> 03-07-09-CNETNews-IBM-MS-PublishWebServicesSpec.txt========== http://news.com.com/2100-1009_3-1024013.html?tag=fd_top Web services spec invites controversy By Stephen Shankland and Matt Hines Staff Writer, CNET News.com July 9, 2003, 6:14 AM PT A Web services security specification, introduced this week by IBM and Microsoft, could emerge as a rival to the existing Sun Microsystems-backed Liberty Alliance Project. ==========> 03-07-09-PCWorld-USFarFromSecuringCyberspace.txt========== http://www.pcworld.com/news/article/0,aid,111497,00.asp Feds Far From Securing Cyberspace Expert says companies must take responsibility for their own protection. PC World Paul Roberts, IDG News Service Wednesday, July 09, 2003 If you're waiting for the government to secure cyberspace, it's going to be a while. ==========> 03-07-11-NYT-HackersHijackPCsForSexSites.txt========== http://www.nytimes.com/2003/07/11/technology/11HACK.html "Hacker Plot Hijacks PCs for Sex Sites" New York Times (07/11/03) P. C1; Schwartz, John Security experts recently indicated that a ring of hackers are hijacking home computers with high-speed Internet access, and equipping them with software that sends them pornographic material and offers to sign up for explicit Web pages as customers. The software downloaded onto the computers does not appear to have any adverse effects on the functions of the devices, but the hackers ==========> 03-07-11-PCWorld-CybersecurityLawsExpected.txt========== http://www.pcworld.com/news/article/0,aid,111535,00.asp PC World.com Cybersecurity Laws Expected Congress considers imposing security standards on businesses. Grant Gross, IDG News Service Friday, July 11, 2003 WASHINGTON -- Businesses will get legal guidelines this year on how to secure their pieces of cyberspace, but lawmakers aren't giving details yet. ==========> 03-07-15-InetWeek-USCybersecurityEffortsLacking.txt========== http://www.internetweek.com/security02/showArticle.jhtml?articleID=12800622 Updated Tuesday, July 15, 2003, 5:00 PM EDT U.S. Cybersecurity Efforts Lacking, Says Former Presidential Cybersecurity Advisor Clarke By Marcia Savage, CRN The federal government has failed to implement its cybersecurity strategy and is less capable of helping protect the nation's critical infrastructure than it was a year ago, said Richard Clarke, former special advisor to the president on ==========> 03-07-15-MSNBC-HomeComputersHijackedToServePornography.txt========== http://msnbc.com/news/939227.asp?0sl=-41&cp1=1 Could your computer be a criminal? PCs hijacked to send spam, serve porn, steal credit cards By Bob Sullivan MSNBC July 15 — One thousand home computers hijacked and used to serve up pornography. Perhaps tens of thousands co-opted by the “SoBig” virus, many of them turned into spam machines. Hundreds of other home computers loaded with ==========> 03-07-22-MissStateU-MSUComputerSecurityCapabilities.txt========== http://www.newswise.com/articles/view/?id=500213 Program to Create Next-Generation Computer Security Experts Mississippi State University's emergence as a leader in the field of computer security research promises to strengthen national defense and improve law enforcement while creating a new generation of experts skilled in the methods of detecting, dissecting and deflecting the growing menace of cybercrime. Mississippi State’s emergence as a leader in the field of computer security ==========> 03-07-23-TechNewsWorld-NewWindowsPasswordCracking.txt========== http://www.technewsworld.com/perl/story/31178.html Cracking Technique Highlights Password Concerns By Jay Lyman TechNewsWorld July 23, 2003 While the new cracking technique illustrates some weakness in the Windows password-protection scheme, there are several less technical and often more effective means of gaining access to passwords. ==========> 03-07-24-NYT-ResearchersFindDieboldEVotingProblems.txt========== http://www.nytimes.com/2003/07/24/technology/24VOTE.html * "Computer Voting Is Open to Easy Fraud, Experts Say" New York Times (07/24/03) P. A12; Schwartz, John Researchers at Johns Hopkins University say software in Diebold Election Systems' voting machines could allow multiple fraudulent votes or let election workers rig the systems. Johns Hopkins Information Security Institute technical director Aviel D. Rubin has published the software's long list of security shortfalls on the Web. Experts have previously called for an open review of ==========> 03-07-25-KohoEtc-AnalysisOfAnElecVotingSystem.txt========== http://avirubin.com/vote.pdf A paper entitled "Analysis of an Electronic Voting System," by Tadayoshi Kohno, Adam Stubblefield, Aviel D. Rubin and Dan Wallach, was released tonight. (The first three authors are at Johns Hopkins University; Wallach is at Rice). An article about the paper will be appearing in tomorrow's (Thursday's) New York Times. You can find the article at http://avirubin.com/vote.pdf. ==========> 03-07-26-SJMerc-DG-MDOfficialsIgnoreEVotingWoes.txt========== http://weblog.siliconvalley.com/column/dangillmor/archives/001233.shtml#001233 July 26, 2003 State Officials Scoff at Voting Machine Security Woes posted by Dan Gillmor 12:29 PM # Washington Post: Voting Machine Study Divides Md. Officials, Experts. In 2001, four out of the five members of the technical group that was asked to recommend to the state which electronic voting system to buy instead recommended against buying any at all. The state ignored the advice. "They ==========> 03-07-26-WashPost-MDOfficials-EVotingOK.txt========== http://www.washingtonpost.com/wp-dyn/articles/A48092-2003Jul25.html Voting Machine Study Divides Md. Officials, Experts Margaret A. Jurgensen, director of Montgomery County elections, says recent voters loved the new machines. (Tom Allen -- The Washington Post) By Brigid Schulte Washington Post Staff Writer Saturday, July 26, 2003; Page B01 For some in Maryland, the report yesterday by Johns Hopkins University computer ==========> 03-07-28-CNETNews-CERTInvestigatesSecurityPlan.txt========== http://www.cbronline.com/cbr_archive/0f399f5f5474301180256d710018c7f6 DATE: 28/07/2003 CERT Project Takes Cue from National Security Plan By Kevin Murphy The CERT Coordination Center, which acts as a high-profile advisor on security issues, is investigating information sharing best practices and standards, with a view to helping the US private sector work together to help prevent internet attacks. ==========> 03-07-28-NYT-DODPreparesTerroristFuturesMarket.txt========== http://www.nytimes.com/2003/07/29/politics/29TERR.html?ex=1060494444&ei=1&en=313 c18e8160af136 Pentagon Prepares a Futures Market on Terror Attacks July 29, 2003 By CARL HULSE WASHINGTON, July 28 - The Pentagon office that proposed spying electronically on Americans to monitor potential terrorists has a new experiment. It is an online futures ==========> 03-07-29-NYT-DODCancelsTerroristFuturesMarket.txt========== http://www.nytimes.com/2003/07/29/politics/29WIRE-PENT.html?ex=1060496625&ei=1&e n=21cf05f8f4cdfeee Pentagon Abandons Plan for Futures Market on Terror July 29, 2003 By CARL HULSE WASHINGTON, July 29 - The Pentagon office that proposed spying electronically on Americans to monitor potential terrorists has quickly abandoned an idea in which anonymous ==========> 03-07-30-CNETNews-TheStateOfSecurity.txt========== http://news.com.com/2100-1009_3-5057566.html Security pros talk, but can they walk? By Robert Lemos Staff Writer, CNET News.com July 30, 2003, 4:00 AM PT LAS VEGAS--The past two weeks have been typical of the current state of Internet security: Industry and government leaders say they're focused on improving security while flaws continue to be found and exploited. ==========> 03-07-30-CNN-FuturesContractsOnPoindexter.txt========== http://money.cnn.com/2003/07/30/markets/poindextercontract/ No future for Poindexter? Irony of ironies -- traders can now speculate on John Poindexter's chances of keeping his job. July 30, 2003: 1:47 PM EDT By Justin Lahart, CNN/Money Senior Writer NEW YORK (CNN/Money) - The uproar over the Defense Department's plan to launch a futures exchange, where traders would speculate on the potential for such ==========> 03-07-30-US-DHS-PotentialForImpactFromMS-Windows.txt========== http://www.nipc.gov/warnings/advisories/2003/Potential7302003.htm Department of Homeland Security (UPDATED) ADVISORY Potential For Significant Impact On Internet Operations Due To Vulnerability In Microsoft Operating Systems July 30, 2003 SYSTEMS AFFECTED: Computers using the following operating systems: ==========> 03-07-31-CNETNews-HomelandSecurity-HSARPA.txt========== http://news.com.com/2100-1020_3-5058618.html Homeland Security courts Silicon Valley By Alorie Gilbert Staff Writer, CNET News.com July 31, 2003, 5:11 PM PT MOUNTAIN VIEW, Calif.--The government has about $1 billion to spend next year on the development of new homeland security technologies and is looking toward Silicon Valley for ideas on how to spend it. ==========> 03-07-31-ITMgmt-AlertForLargeScaleHackerAttacks.txt========== http://www.itmanagement.earthweb.com/secu/article.php/2242891 Security Experts On Alert for Large-Scale Hacker Assault July 31, 2003 By Sharon Gaudin The security industry is on alert that an upswing in hacker activity could be signaling the coming of a broad-scale attack that could potentially affect millions of networks. ==========> 03-08-00-CACM-MoreEffectiveSecurityByIdentifyingAndRankingSeverityOfThreats.txt========== Enemy at the gate: threats to information security Michael E. Whitman August 2003 Communications of the ACM, Volume 46 Issue 8 A firm can build more effective security strategies by identifying and ranking the severity of potential threats to its IS efforts. * "Know the enemy, and know yourself, and in a hundred battles you will never be in peril" [5]. ==========> 03-08-00-GovTech-FaifaxVAUsesWiFiEvotingMachines.txt========== http://www.govtech.net/magazine/story.php?id=61857 A Vote for the Future Wi-Fi voting goes off without a hitch in Fairfax, Va. By Blake Harris August 2003 Following the 2000 election debacle in Florida, the condition of America's election machinery received considerable public scrutiny, prompting a drive to replace aging voting systems with newer technology. ==========> 03-08-01-ALA-BillsToCurbUSAPatriotsActPowers.txt========== ALAWON: American Library Association Washington Office Newsline Volume 12, Number 71 August 1, 2003 ALERT: [1] Senators Murkowski and Wyden introduce new bill: Protecting the Rights of Individuals Act; [2] Library Supporters Asked to Push for Senate Cosponsors for Murkowski-Wyden bill as well as Senator Feingold's S. 1507. Last night, July 31, Senators Lisa Murkowski (R-AK) and Ron Wyden ==========> 03-08-01-CNETNews-CanSMTPStopSpam.txt========== http://news.com.com/2100-1038-5058610.html End of the road for SMTP? By Paul Festa Staff Writer, CNET News.com August 1, 2003, 4:00 AM PT The protocol that has defined e-mail for more than two decades may have a fatal flaw: It trusts you. ==========> 03-08-04-DenPost-BusinessUnderReportsHackAttacks.txt========== http://www.denverpost.com/Stories/0,1413,36%7E33%7E1550174,00.html Monday, August 04, 2003 - 12:00:00 AM MST Survey: Firms mum on hacker attacks FBI seeks to ease fears on reporting By Jennifer Beauprez, Denver Post Business Writer As many as half of all businesses suffered break-ins from hackers last year, but most didn't say a peep about it to law enforcement, a recent government report shows. ==========> 03-08-04-InetWeek-SWVulnerabilitiesHaveHalfLife.txt========== http://www.internetweek.com/story/showArticle.jhtml?articleID=12807962 Software Vulnerabilities Fade But Never Disappear spacer By Gregg Keizer, TechWeb News Security flaws have a half-life, just like radioactive materials, according to new research unveiled Wednesday at the Black Hat security meetings being held in Las Vegas. ==========> 03-08-04-PCWorld-SachsInterview-DHSCyberExec.txt========== http://www.pcworld.com/news/article/0,aid,111883,00.asp Three Minutes With Marcus Sachs Homeland security exec describes his goals for truly trustworthy software and defending the Internet. Andrew Brandt, PCWorld.com Monday, August 04, 2003 Marcus Sachs is helping develop the Department of Homeland Security's Cyber Program. The nascent division will eventually be the central government's point ==========> 03-08-04-Wired-EVotingMachineVulnerabilities.txt========== http://www.wired.com/news/politics/0,1283,59874,00.html More Calls to Vet Voting Machines By Louise Witt 02:00 AM Aug. 04, 2003 PT A recent report that showed touch-screen voting machines could be vulnerable to hackers spurred the National Association of Secretaries of State, a majority of whose members are in charge of their states' elections, to consider whether the standards for the machines should be beefed up to prevent tampering. ==========> 03-08-05-Wired-EVotingLawsuitToFedAppealsCourt.txt========== http://www.wired.com/news/business/0,1367,59898,00.html Voting Suit Gains Momentum By Joanna Glasner 02:00 AM Aug. 05, 2003 PT A lawsuit challenging the constitutionality of computerized touch-screen voting systems has moved to a higher-profile venue in federal appeals court. According to Susan Marie Weber, a Palm Desert, California woman who is suing ==========> 03-08-06-GovtCompNews-CyberSecurityResearch.txt========== http://www.gcn.com/vol1_no1/daily-updates/23053-1.html 08/06/03 Wireless network attacks get a public airing By William Jackson GCN Staff Federal grants are funding research by some very bright investigators in the computer science departments of our nation’s universities to probe the vulnerabilities of wired and wireless networks. ==========> 03-08-06-NewsFact-InternetSecurityIssues.txt========== http://www.newsfactor.com/perl/story/22035.html The Internet Security Demon That Won't Die By Vincent Ryan NewsFactor Network August 6, 2003 "A traditional regulatory model applied to the Internet is doomed to failure. By the time it was regulated, you'd be dealing with an Internet that was two years older," says Larry Clinton, chief operating officer at the Internet ==========> 03-08-07-BaltoSun-MDToReviewE-votingPlans.txt========== http://www.sunspot.net/news/local/bal-md.voting07aug07,0,1419965.story Voting machine review ordered Hopkins study of flaws in security prods action; Purchase no longer 'a certainty'; California firm to analyze touch-screen system By David Nitkin Sun Staff Originally published August 7, 2003 In the wake of a study revealing security flaws in the costly touch-screen voting machines Maryland has agreed to buy, Gov. Robert L. Ehrlich Jr. ordered ==========> 03-08-11-NewSci-BluetoothSecurityIssues.txt========== http://www.newscientist.com/news/news.jsp?id=ns99994041 Many Bluetooth gadgets open to wireless snooping 13:09 11 August 03 NewScientist.com news service A new software tool could allow sensitive data could be pilfered through the air from laptops, mobile phones and handheld computers. An eavesdropper can use the program to identify nearby devices that use the Bluetooth wireless protocol. If the gadget's default security settings mean the ==========> 03-08-11-WashPost-ProblemsWithE-Voting.txt========== http://www.washingtonpost.com/wp-dyn/articles/A42085-2003Aug10.html Jolted Over Electronic Voting Report's Security Warning Shakes Some States' Trust By Brigid Schulte Washington Post Staff Writer Monday, August 11, 2003; Page A01 The Virginia State Board of Elections had a seemingly simple task before it: Certify an upgrade to the state's electronic voting machines. But with a recent ==========> 03-08-13-BusStd-DNSCanBeEnhanceSecurity.txt========== http://www.business-standard.com/ice/story.asp?Menu=119&story=20692 DNS inventor says cure to net identity problems is right under our nose Published : August 13, 2003 Meet Paul Mockapetris. He may not be an industry celebrity like Bill Gates, Michael Dell, Richard Stallman, Eric Raymond, or Linus Torvalds, but he should be. Mockapetris was a key figure in the development of the Domain Name System, the ==========> 03-08-15-InfoWorld-CybersecurityMandatesMayBeNeeded.txt========== http://www.infoworld.com/article/03/08/15/HNcybersecurity_1.html Cybersecurity chairman: Infosec mandates may be needed Private industry might be required to protect its slice of cyberspace from attack By Grant Gross, IDG News Service August 15, 2003 WASHINGTON -- A top Republican congressman with jurisdiction over cybersecurity says it may be time to require private industry to protect its slice of cyberspace from attack. ==========> 03-08-15-NewsFactor-NetworksSurvivePowerBlackout.txt========== http://www.newsfactor.com/perl/story/22100.html Internet, Communications Networks Survive Massive Blackout By Jay Wrolstad NewsFactor Network August 15, 2003 Most problems associated with the blackout were facility-related, not communications-related, says Zeus Kerravala, an enterprise-infrastructure analyst at Yankee Group. "It's important to consider that factor ... when ==========> 03-08-19-SJMerc-HomeUsersVulnerableToSobigVirus.txt========== http://www.siliconvalley.com/mld/siliconvalley/6573111.htm Posted on Tue, Aug. 19, 2003 story:PUB_DESC Virus strikes e-mail systems; home users most at risk By Sam Diaz Mercury News A computer virus bombarded e-mail systems around the globe Tuesday, hijacking addresses and making security staffs scramble to fight the second major attack in less than a week. Home computer users will be the most vulnerable in days to ==========> 03-08-20-SJMerc-Sobig-BlasterVirusesSpreadFast.txt========== http://www.siliconvalley.com/mld/siliconvalley/6578730.htm Posted on Wed, Aug. 20, 2003 story:PUB_DESC Newest Sobig variant called fastest spreading virus ever NEW YORK (Dow Jones/AP) -- A virus that debuted this week has been declared the fastest spreading e-mail plague of all time, while another malicious program that hit last week continued to disrupt computers worldwide. MessageLabs Inc., a company that filters e-mail for corporate clients around ==========> 03-08-20-SJMerc-VirusShutsDownCSXSignalSystem.txt========== http://www.siliconvalley.com/mld/siliconvalley/6578790.htm Posted on Wed, Aug. 20, 2003 story:PUB_DESC Computer virus brings down train signals in East NEW YORK (AP) - A computer virus was blamed for bringing down train signaling systems throughout the East on Wednesday. The virus infected the computer system at CSX Corp.'s Jacksonville, Fla., headquarters, shutting down signaling, dispatching and other systems at about ==========> 03-08-21-WashPost-PoorSoftwareSpeadsViruses.txt========== http://www.washingtonpost.com/wp-dyn/articles/A23036-2003Aug20.html Strong Attackers, Weak Software Recent Outbreaks Show Virus Writers' Growing Power • CSX Blames Virus for Delays (The Washington Post, Aug 21, 2003) By Charles Duhigg Washington Post Staff Writer Thursday, August 21, 2003; Page E01 When Mark Sunner, chief technology officer at e-mail security company ==========> 03-08-21-Wired-SoftwarePatchesNotAnswerToSecurity.txt========== http://www.wired.com/news/infostructure/0,1377,60109,00.html Geeks Grapple With Virus Invasion By Michelle Delio 12:35 AM Aug. 21, 2003 PT Summer vacation, peer pressure, Swiss-cheese programming code and too-quick-to-click Internet users have combined to make the last two weeks a true adventure in computing. ==========> 03-08-22-WashPost-InfectionsSlowNetworks.txt========== http://www.washingtonpost.com/wp-dyn/articles/A28770-2003Aug21.html Record Computer Infections Slow U.S., Private Work By Charles Duhigg Washington Post Staff Writer Friday, August 22, 2003; Page E01 Federal agencies reported sluggish or stalled computer systems yesterday and record levels of e-mail interceptions as the spread of viruses that have tangled Internet traffic in the past 10 days slowed somewhat but remained at ==========> 03-08-23-SJMerc-DG-IsThisTheEndOfEmail.txt========== http://weblog.siliconvalley.com/column/dangillmor/archives/001297.shtml#001297 August 23, 2003 The End of E-Mail? posted by Dan Gillmor 11:42 AM This has been a hellish week for users of e-mail, thanks to an ugly combination consisting of a conscience-less worm-writer, users' gullability and yet another demonstration of Microsoft's preference for profits over user security. To say that it could have been worse, however true that is, doesn't make what happened ==========> 03-08-25-BaltoSun-ResearcherCriticalOfEVotingCode.txt========== http://www.sunspot.net/features/lifestyle/bal-to.vote25aug25.story A vote of no confidence When a Hopkins computer scientist declared a new breed of electronic voting machinery to be junk, he cracked open a wide and costly debate. By Michael Ollove Sun Staff Originally published August 25, 2003 In neither appearance nor demeanor does Avi Rubin suggest the aura of a ==========> 03-08-25-SeaTimes-ArrestDueInBlasterWormCase.txt========== http://seattletimes.nwsource.com/html/businesstechnology/2001659113_blaster290.h tml Arrest due in 'Blaster' computer worm case By Mike Carter and Steve Miletich Seattle Times staff reporters The FBI has identified an 18-year-old suspect in the "Blaster" worm attacks, one of the most destructive computer viruses ever to target the Internet and computers worldwide, according to two U.S. Justice Department sources. ==========> 03-08-26-WSJ-VirusesAWakeUpCallForSWIndustry.txt========== # "Welter of Viruses Is a Wake-Up Call for Software Industry" Wall Street Journal (08/26/03) P. B1; Guth, Robert A. The rapid spread of computer viruses such as SoBig and Blaster in recent weeks sends a clear message that commercial software makers must design more secure products. Although the damage caused by such viruses has been minor so far, Watts Humphrey of Carnegie Mellon University's Software Engineering Institute theorizes that a bug could conceivably result in a loss of life, given the ubiquity of software in today's world. He says software makers "need to focus on the practices of the individual engineers, and by and large nobody does ==========> 03-08-27-ABCNews-CanPCsAutomaticallyDefendAgainstThreats.txt========== http://abcnews.go.com/sections/scitech/FutureTech/saferPCs030827.html Software Self-Defense Can PCs Automatically Defend Themselves From Virus, Security Threats? By Paul Eng ABCNEWS.com Aug. 27— Who's responsible for big computer virus outbreaks such as the recent SoBig attack? Experts say the answer is — you. ==========> 03-08-27-NYT-ResearchersTryToStayAheadOfWorms.txt========== http://www.nytimes.com/2003/08/27/technology/27VIRU.html # "Sleuths Try to Stay Ahead of Online Worms" New York Times (08/27/03) P. C2; Flynn, Laurie J. The extent of the damage caused by the SoBig.F computer worm was limited somewhat thanks to the efforts of security researchers such as F-Secure's Mikko Hypponen, who helped dissect the worm and warned authorities about network weaknesses that could aid its spread. Such experts notified the FBI about these vulnerabilities, and the bureau moved quickly to isolate them. Ilkka Starck of ==========> 03-08-28-WashPost-VirusProtectionMayMoveToServers.txt========== http://www.washingtonpost.com/wp-dyn/articles/A56103-2003Aug27.html Fight Against Viruses May Move to Servers By Charles Duhigg Washington Post Staff Writer Thursday, August 28, 2003; Page E01 Computer viruses are becoming so aggressive and sophisticated that they may soon be able to elude anti-virus programs installed on individual computers, according to many in the security industry. ==========> 03-08-29-SJMerc-BlasterWormWriterToBeArrested.txt========== http://www.siliconvalley.com/mld/siliconvalley/6647981.htm Posted on Fri, Aug. 29, 2003 story:PUB_DESC Authorities to arrest teen in Internet attack WASHINGTON (AP) - U.S. cyber investigators have identified a teenager as one author of a damaging virus-like infection unleashed weeks ago on the Internet and plan to arrest him early Friday, a U.S. official confirmed. The 18-year-old was accused of writing a version of the damaging ``Blaster'' ==========> 03-08-30-BosGlobe-FBIArrestsBlasterWormSuspect.txt========== http://www.boston.com/business/technology/articles/2003/08/30/man_18_arrested_in _blaster_probe/ Man, 18, arrested in Blaster probe But worm's creator remains a mystery By Hiawatha Bray, Globe Staff, 8/30/2003 An 18-year-old Minnesota man was arrested yesterday for allegedly creating a variant of the devastating Blaster computer worm that infected thousands of computers this month. ==========> 03-09-00-CACM-SecurityAndPrivacyIssuesInHandheldAndWearableDevices.txt========== Security and privacy issues of handheld and wearable wireless devices Roberto Di Pietro, Luigi V. Mancini September 2003 Communications of the ACM, Volume 46 Issue 9 The distinguished capabilities of these devices are also the very reasons they require security and privacy protections of an unprecedented scale. We are surrounded by a variety of appliances important for our daily lives and that require our constant attention, such as a wearable heart rate monitor, a ==========> 03-09-00-NAP-Neuman-ComputerSecurityIssues.txt========== http://www.nap.edu/issues/19.4/neumann.html PETER G. NEUMANN U.S. Computer Insecurity Redux The United States continues to face serious challenges in protecting computer systems and communications from unauthorized use and manipulation. In terms of computer security, the situation is worse than ever, because of the nation's dramatically increased dependence on computers, the widespread growth of the Internet, the steady creation of pervasively popular applications, and the ==========> 03-09-01-InfoWeek-Viruses-AWorldwideProblem.txt========== http://www.informationweek.com/story/showArticle.jhtml?articleID=14200065 Big Bad World Sept. 1, 2003 Actually, when it comes to computer security, it's a small--and threatening--world. A global reach calls for global security measures. By George V. Hulme No computer connected to a network is completely safe. Any computer that communicates with another, even occasionally, can fall victim to the threats that race around our interconnected world. Hackers live in any country. And the ==========> 03-09-01-NYT-FedsCallForCybersecurityOversight.txt========== # As Digital Vandals Disrupt the Internet, a Call for Oversight" New York Times (09/01/03) P. A1; Harmon, Amy The growing sophistication and frequency of computer virus attacks, such as those that afflicted systems in recent weeks, is making government oversight of cybersecurity a more palatable concept for many people. Michael A. Vatis, former head of the FBI's National Infrastructure Protection Center, says that voluntary, private-sector initiatives to produce more secure software and more robust systems are inadequate. An Aug. 31 survey from the Pew Internet and American Life Project estimates that almost 60% of Internet users want the ==========> 03-09-01-VNUNet-FBIArrestsStupidBlasterWormSuspect.txt========== http://www.vnunet.com/News/1143304 FBI arrests 'stupid' Blaster.B suspect By Iain Thomson [01-09-2003] Modification of Chinese code could mean 10 years in chokey for US hacker A US teenager has been arrested under suspicion of creating the Blaster or LoveSan.B virus, and court papers reveal intriguing details about the origin of the Blaster worm. ==========> 03-09-02-MSNBC-InterviewWithBlasterWormSuspect.txt========== http://www.msnbc.com/news/960377.asp?cp1=1 ‘I’m not the one they need to get’ Transcript of ‘Today’ show exclusive interview with worm suspect Image: Parson Jeffrey Lee Parson, 18, left, holds papers in front of his face to shield himself from the media as he and an unidentified person walk into his Hopkins, Minn., home on Friday. NBC NEWS Sept. 2 — Three weeks ago, a flurry of computer viruses caused headaches for ==========> 03-09-03-NewSci-AntiVirusSoftwareInadequate.txt========== http://www.newscientist.com/news/news.jsp?id=ns99994119 Computer antivirus strategies in crisis 19:00 03 September 03 Special Report from New Scientist Print Edition. Subscribe and get 4 free issues. The speed with which US law enforcers last week tracked down Jeffrey Lee Parson, one of the alleged culprits behind the destructive computer virus MSBlaster, was heralded as a great victory in the battle against computer ==========> 03-09-04-CompWorld-CongressProposesCybersecurityReportingLaw.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,84586,00.html Cybersecurity legislation may go to Congress One proposal would require public companies to report their cybersecurity efforts Story by Grant Gross SEPTEMBER 04, 2003 ( IDG NEWS SERVICE ) - WASHINGTON -- As the U.S. Congress reconvenes this week after a monthlong break, legislation imposing cybersecurity requirements on private industry, including a proposal that would ==========> 03-09-04-SFChron-MoreWormsAndVirusesComing.txt========== http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2003/09/04/BU3 07857.DTL&type=business Many more worms will wriggle into our future Security expert foresees no end to bugs hitting computer networks Carrie Kirby, Chronicle Staff Writer Thursday, September 4, 2003 Now that most businesses have recovered from the Blaster and SoBig worms, and the FBI has arrested one of the alleged virus writers, the computer world is settling back to normalcy. ==========> 03-09-04-SJMerc-FTCWarns-IdentityTheftGrowing.txt========== http://www.siliconvalley.com/mld/siliconvalley/6688751.htm Posted on Thu, Sep. 04, 2003 story:PUB_DESC Identity-theft problem growing, FTC warns CRIME COSTS VICTIMS BILLIONS OF DOLLARS By Michael Bazeley Mercury News Identity theft has affected more than 27 million Americans in the past five years and is getting worse, the Federal Trade Commission reported Wednesday in ==========> 03-09-04-SJMerc-SecondBlasterWormArrest.txt========== http://www.siliconvalley.com/mld/siliconvalley/6690273.htm Posted on Thu, Sep. 04, 2003 Second Suspect Arrested in Web Worm Case JIM KRANE Associated Press Police in Romania on Wednesday arrested a 24-year-old former student in connection with a computer-crippling Internet worm, according to a computer security company that aided police. ==========> 03-09-04-Wired-ReturningStudentComputersUnleashViruses.txt========== http://www.wired.com/news/technology/0,1282,60299,00.html Colleges Crack Down on Viruses Associated Press 02:06 PM Sep. 04, 2003 PT WASHINGTON -- Still recovering from a summer of Internet infections, colleges are taking unusually aggressive steps to protect campus computer networks from virus outbreaks. ==========> 03-09-06-NewSci-StudyIdentifiesImageAntiTamperingSteps.txt========== # A Picture Tells a Thousand Lies" New Scientist (09/06/03) Vol. 179, No. 2411, P. 38; Farid, Hany The alteration of digital images has become a common practice, which is why a method to determine the authenticity of images is critical. Hany Farid, assistant professor in computer science at Dartmouth College, believes digital watermarking, which some people tout as a solution, is ultimately ineffective; watermarking requires a specialized camera, while the watermarks must be impossible to remove. Farid and colleagues have come up with a holistic method to detect digitally tampered images using a technique employed by compression ==========> 03-09-08-BusWeek-VirusesReachEpidemicProportions.txt========== http://www.businessweek.com/magazine/content/03_36/b3848001_mz001.htm SEPTEMBER 8, 2003 How Do Virus Hunters Track Their Prey? Commentary: From Open Doors to Gated Communities Commentary: Technology: Just Make It Simpler Epidemic Crippling computer viruses and spam attacks threaten the information economy. ==========> 03-09-08-InfoWeek-HackerForHireAtWork.txt========== http://www.informationweek.com/story/showArticle.jhtml?articleID=14400070 Hack in Progress Sept. 8, 2003 Just how easy is it to break into your company's networks? Hire a hacker, then sit tight. By George V. Hulme The SetUp Ryan Breed is a hacker. He's honed his skills since his undergraduate days at ==========> 03-09-10-MSNBC-DieboldOpticalVotingResultsSentToWebsite.txt========== http://www.msnbc.com/news/964736.asp?cp1=1 E-voting critics point to security hole California primary results appeared online before polls closed By Rachel Konrad ASSOCIATED PRESS SAN JOSE, Calif., Sept. 10 — The strange case of an election tally that appears to have popped up on the Internet hours before polls closed is casting new doubts about the trustworthiness of electronic voting machines. During San Luis ==========> 03-09-11-PCWorld-HouseWitnessesSuggestSecurityApproaches.txt========== http://www.pcworld.com/news/article/0,aid,112419,00.asp Feds Search for Cybersecurity Solutions More money, not new laws, are the key to security, most experts agree. Grant Gross, IDG News Service Thursday, September 11, 2003 WASHINGTON -- When it comes to improving cybersecurity, new laws are not necessarily the answer. That was the message on Wednesday at a House subcommittee hearing, as IT vendors recommended a variety of ways for the U.S. ==========> 03-09-11-TechNewsWorld-IssuesWithBiometrics.txt========== http://www.technewsworld.com/perl/story/31547.html Beyond Biometrics: New Strategies for Security By Jack M. Germain TechNewsWorld September 11, 2003 Biometrics technology, despite its sluggish acceptance, might be on the edge of newfound popularity. Consumer fears for online identity theft and Internet merchants' demands for customer verification are starting to create a comfort ==========> 03-09-11-Wired-HouseWitnessesSuggestSecurityApproaches.txt========== http://www.wired.com/news/infostructure/0,1377,60391,00.html Just Say No to Viruses and Worms By Kim Zetter 02:00 AM Sep. 11, 2003 PT Members of the computing industry and law enforcement testified before the technology subcommittee of the House Committee on Government Reform Wednesday about how to protect the nation's computing systems from viruses and worms. ==========> 03-09-12-MSNBC-WirelessWebCouldAidInEmergencies.txt========== http://www.msnbc.com/news/965670.asp?cp1=1 Wireless webs to cope with a crisis Center develops tools to address emergencies in post-9/11 era Paul Kolodzy, director of the Wireless Network Security Center at the Stevens Institute of Technology, talks about the Canobeam optical transmission camera mounted atop the physics building on the campus. By Brian Bergstein ASSOCIATED PRESS ==========> 03-09-12-TorontoStar-CybersecurityThreats.txt========== http://www.thestar.com/NASApp/cs/ContentServer?pagename=thestar/Layout/Article_T ype1&c=Article&cid=1063318210756&call_pageid=970599109774 Hackers threaten power grid: Expert Utility computers called vulnerable `Fame is a driving factor' for attacks RACHEL ROSS TECHNOLOGY REPORTER Hackers didn't cause last month's blackout. But that doesn't mean they couldn't ==========> 03-09-14-SeattleTimes-MSIssuesNewPatchForFlawExploitedByBlaster.txt========== http://seattletimes.nwsource.com/html/businesstechnology/2001724145_microsoft11. html Microsoft issues patch for new Windows flaw By Dina Bass Bloomberg News Microsoft, whose software was hit by the Blaster computer virus last month, has found new security flaws in the same area of the Windows operating system that was exploited by Blaster. ==========> 03-09-15-CompWorld-SoftwareQualityMeasuresWillImproveSecuity.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,84731,00.html Software quality is still a work in progress, offshore and in the U.S. Story by Mark Willoughby SEPTEMBER 15, 2003 ( COMPUTERWORLD ) - The link between software quality and security could boost businesses' use of software developed offshore as they battle against the worms and viruses that exploit software defects and cause billions of dollars in damage. ==========> 03-09-16-BusWeek-NewApproachesNeededForNetSecurity.txt========== http://www.businessweek.com/technology/content/sep2003/tc20030916_6815_tc129.htm SEPTEMBER 16, 2003 SPECIAL REPORT: NETWORK SECURITY Needed: A Security Blanket for the Net Worms, viruses, bugs, spam, and hackers have spurred many experts to start pushing concrete reforms, some quite radical David Farber, a computer science professor at Carnegie Mellon University in ==========> 03-09-16-NewsFactor-InternetWorms-WorstIsYetToCome.txt========== http://www.newsfactor.com/perl/story/22298.html Internet Worms: Worst Is Yet To Come? By Vincent Ryan NewsFactor Network September 16, 2003 "We, as a people, have valued productivity and access over security," says Fred Felman, vice president of marketing for Zone Labs. Users have demanded greater access, collaboration, and ease of use from vendors, and "those things don't ==========> 03-09-17-SJMerc-BlasterWormAccusedPleadsNotGuilty.txt========== http://www.siliconvalley.com/mld/siliconvalley/6796336.htm Posted on Wed, Sep. 17, 2003 story:PUB_DESC Teen charged in Internet worm attack pleads innocent SEATTLE (AP) - A high school senior pleaded innocent Wednesday to a federal charge alleging he crippled more than 7,000 computers by modifying a version of the ``Blaster'' worm. Jeffrey Parson, 18, of Hopkins, Minn., was arrested Aug. 29 and faces one count ==========> 03-09-18-PCWorld-SwenWormPosesAsMSPatch.txt========== http://www.pcworld.com/news/article/0,aid,112552,00.asp New Worm Targets File-Sharing Nets Antivirus vendors post updates to stop W32.Swen, which masquerades as a Microsoft update. Paul Roberts, IDG News Service Thursday, September 18, 2003 Antivirus companies are warning Internet users about W32.Swen, a new worm that spreads using e-mail messages, vulnerable network connections, Internet Relay ==========> 03-09-18-SJMerc-MelissaVirusWriterCooperatedWithFBI.txt========== http://www.siliconvalley.com/mld/siliconvalley/6802074.htm Posted on Thu, Sep. 18, 2003 story:PUB_DESC Virus sender helped FBI bust hackers, court records say Associated Press Federal prosecutors credited the man responsible for transmitting the Melissa virus -- a computer bug that did more than $80 million in damage in 1999 -- with helping the FBI bring down several major international hackers. ==========> 03-09-18-Wired-MarylandSaysDieboldVotingSystemOK.txt========== http://www.wired.com/news/technology/0,1282,60486,00.html E-Voting Audit Ready for Public By Kim Zetter 02:00 AM Sep. 18, 2003 PT A security audit ordered by Maryland Gov. Robert Ehrlich on Diebold Election Systems' touch-screen voting machines is complete, and a version of it is ready for public consumption. ==========> 03-09-18-ZDNet-SwenWormPosesAsMSPatch.txt========== http://insight.zdnet.co.uk/0,39020415,39116512,00.htm Swen prevention and cure Robert Vamosi ZDNet.com September 19, 2003, 12:45 BST The Swen virus masquerades as a new Microsoft patch - find out how to avoid it, and what to do in the case of infection ==========> 03-09-23-ABCNews-SomeFearTerroristCyberAttacks.txt========== http://www.abcnews.go.com/sections/scitech/US/cyberattack030923.html Cyber Threat Some Fear Computer Attacks Could Cause or Intensify Physical Terror By Michael S. James ABCNEWS.com Sept. 23 — Evildoers commandeer thousands of home computers, creating a virtual army that knocks down chunks of the Internet. Computer infections hit a nuclear plant, crash a 911 system, snarl train service and shut down ATMs. A ==========> 03-09-23-RMSmith-IESupercookiesBypassP3PAndCookieControls.txt========== http://www.computerbytesman.com/privacy/supercookie.htm Internet Explorer SuperCookies bypass P3P and cookie controls Richard M. Smith (rms@computerbytesman.com) January 16, 2002 (Updated Sept. 23, 2003) Introduction There is a significant privacy problem with Internet Explorer because of a design flaw in the Windows Media Player (WMP). Using simple Javascript code on a Web page, a Web site can grab the unique ID number of the Windows Media ==========> 03-09-23-Salon-DieboldVotingSystemAnInvitationToFraud.txt========== http://www.salon.com/tech/feature/2003/09/23/bev_harris/index_np.html An open invitation to election fraud Not only is the country's leading touch-screen voting system so badly designed that votes can be easily changed, but its manufacturer is run by a die-hard GOP donor who vowed to deliver his state for Bush next year. By Farhad Manjoo Sept. 23, 2003 | As if the public image of punch-card voting machines had not already been bruised and battered enough, on Sept. 15, the 9th Circuit Court of ==========> 03-09-24-CNETNews-ReportBlamesMSForSecurityProblems.txt========== http://news.com.com/2100-1029_3-5081214.html Report: Microsoft dominance poses security risk Last modified: September 24, 2003, 4:36 AM PDT By Robert Lemos Staff Writer, CNET News.com A computer industry group critical of Microsoft plans to release a report Wednesday asserting that the software giant's dominance in key technologies threatens the national infrastructure. ==========> 03-09-24-InfoWorld-USImmigrationSystemHitByWelchiaWorm.txt========== http://www.infoworld.com/article/03/09/24/HNimmigration_1.html U.S. immigration system hit by virus Network links suspended between Washington, foreign embassies, and consular offices for nine hours By Paul Roberts, IDG News Service September 24, 2003 The U.S. Department of State struggled Tuesday to quell an outbreak of the W32.Welchia Internet worm on the department's computer systems. ==========> 03-09-24-WashPost-ReportBlamesMSForSecurityProblems.txt========== http://www.washingtonpost.com/ac2/wp-dyn?pagename=article&node=&contentId=A54872 -2003Sep23¬Found=true Security Report Puts Blame On Microsoft By Jonathan Krim Washington Post Staff Writer Wednesday, September 24, 2003; Page E01 Viruses, worms and other cyber-attacks that are crippling computers with increasing frequency cannot be stopped as long as the software of one company ==========> 03-09-25-Reuters-AntiSpamWebsitesShutDownByAttack.txt========== http://www.reuters.com/newsArticle.jhtml;jsessionid=20LSJQRTR5QLECRBAEZSFFA?type =technologyNews&storyID=3510971 Anti-Spam Web Pages Shut Down by Attacks Thu September 25, 2003 08:44 PM ET By Elinor Mills Abreu SAN FRANCISCO (Reuters) - Three Web sites that provide spam blocking lists have shut down as a result of crippling Internet attacks in what experts on Thursday said is an escalation in the war between spammers and opponents of unsolicited ==========> 03-09-25-TheReg-AntiSpamWebsitesShutDownByAttackLinedToSobig.txt========== http://www.theregister.co.uk/content/56/33059.html Sobig linked to DDoS attacks on anti-spam sites By John Leyden Posted: 25/09/2003 at 19:22 GMT A senior anti-spam activist is calling on law enforcement authorities to track down the perpetrators behind a widespread and sustained attack on anti-spam sites. The call, from Steve Linford of Spamhaus, comes along with fresh evidence that the assaults have been enabled by the infamous Sobig worm. ==========> 03-09-25-Wired-MarylandSaysDieboldVotingSystemOK.txt========== http://www.wired.com/news/business/0,1367,60583,00.html Maryland: E-Voting Passes Muster By Kim Zetter 02:00 AM Sep. 25, 2003 PT Maryland election officials released a highly anticipated report Wednesday that examines the security of Diebold Election Systems' touch-screen voting machines. Despite a summary in the report that states the Diebold system used in several ==========> 03-09-25-Wired-MSDominanceThreatensCyberSecurity.txt========== http://www.wired.com/news/infostructure/0,1377,60579,00.html Want PC Security? Diversify By Joanna Glasner 02:00 AM Sep. 25, 2003 PT Taking a page from agricultural history, a group of computer security experts this week blamed Microsoft for exacerbating network instability by fostering a monoculture in the PC world. ==========> 03-09-28-SJMerc-DG-InternetHasGoodGuysAndBadGuys.txt========== http://www.siliconvalley.com/mld/siliconvalley/business/columnists/6881523.htm Posted on Sun, Sep. 28, 2003 story:PUB_DESC In the Wild West of the Internet, there are good guys and bad guys By Dan Gillmor Mercury News Technology Columnist Several weeks ago, a friend, David Weinberger, and I launched a small, non-commercial Web site. We called it ``WordPirates'' (www.wordpirates.com), the purpose of which was to remind people how some good words in our language ==========> 03-10-00-CACM-RisksInTrustingSystemsThatMightNotBeTrustworthy.txt========== Inside risks: Information system security redux Peter G. Neumann October 2003 Communications of the ACM, Volume 46 Issue 10 Last month we discussed risks in trusting entities that might not actually be trustworthy. And yet, people use flawed systems that may cause more security and reliability problems than they solve. There are various reasons why untrustworthy mass-market software might be used so extensively, even if the source code is proprietary and the vendor can arbitrarily download questionable ==========> 03-10-00-FBI-RegionalComputerForensicLabs.txt========== http://www.nationalrcfl.org/ A Message from the RCFL Director Welcome to the National RCFL Program's web page. This site serves as a gateway to the growing number of RCFLs throughout the country. Our mission is to aid in the establishment and continued operations of RCFLs and to serve as a national clearinghouse for information about computer forensics - a field that has grown exponentially with no signs of abating. Because computers are involved in so many types of crimes, ranging from the mundane to the complex, the need for ==========> 03-10-02-Baseline-CalifEVotingCertificationIssues.txt========== http://www.baselinemag.com/article2/0,3959,1306643,00.asp October 2, 2003 Vote, with No Confidence By Edward Cone The absence of serious security for voting systems means the controversy surrounding California's recall election and other contests is far from over. The voting machines that almost derailed the Oct. 7 California recall election ==========> 03-10-03-EWeek-MSVulnerabilitiesBlamedForTheftOfSourceCode.txt========== http://www.eweek.com/article2/0,4149,1307532,00.asp IE Gets Blame for Theft of Half Life 2 Code By Chris Gonsalves October 3, 2003 Security experts are blaming known but unpatched vulnerabilities in Microsoft Corp.'s Internet Explorer for the theft and distribution of the source code for a much anticipated new video game. ==========> 03-10-04-ECommTimes-BecomingSecurityExpertMightBreakLaws.txt========== http://www.ecommercetimes.com/perl/story/31757.html Becoming a Security Guru Without Breaking the Law By Alison Diana E-Commerce Times October 4, 2003 Some universities require students to sign a contract stating they will not use anything learned in class for negative or disruptive functions -- but such precautions are not failsafe. ==========> 03-10-06-Wired-DieboldEVotingMachinesFlawed.txt========== http://www.wired.com/news/evote/0,2645,60713,00.html Time to Recall E-Vote Machines? By Kim Zetter 08:39 AM Oct. 06, 2003 PT As Californians head to the polls on Tuesday, voters in at least one county will cast their ballots electronically on machines that have been shown to be flawed. ==========> 03-10-08-CompWorld-ConsensusIdentifiesTop20NetVulnerabilities.txt========== http://www.computerworld.com/securitytopics/security/holes/story/0,10801,85848,0 0.html Multinational consensus pegs top 20 net vulnerabilities Experts from the U.S., Canada, the U.K., Singapore and Brazil name the top Windows, Unix and Linux flaws. Story by Dan Verton OCTOBER 08, 2003 ( COMPUTERWORLD ) - WASHINGTON -- The U.S. Department of Homeland Security, along with its Canadian and British counterparts and the ==========> 03-10-08-FBI-RegionalComputerForensicLabs-PressRelease.txt========== http://www.fbi.gov/pressrel/pressrel03/lab100803.htm For Immediate Release October 08, 2003 Washington D.C. FBI National Press Office FBI Director Mueller Announces Five New Computer Forensic Laboratories Washington D.C. -- FBI Director Robert S. Mueller III today announced ==========> 03-10-08-TechNewsWorld-SwenWormPosesAsMSPatch.txt========== http://www.technewsworld.com/perl/story/31627.html Oct. 8 2003 SECURITY SECTION New Swen Worm Poses as MS Patch, Spreads By Jay Lyman TechNewsWorld September 19, 2003 Swen, a "highly complex" worm, communicates with a remote Web site to track its ==========> 03-10-09-CNETNews-MSSaysSecurityImprovementsWillTakeTime.txt========== http://news.com.com/2100-7355-5088595.html Microsoft expects security effort to take time Last modified: October 9, 2003, 8:28 AM PDT By Ina Fried Staff Writer, CNET News.com update Microsoft announced Thursday a detailed plan to combat a recent wave of security threats, but one executive told CNET News.com that things won't change overnight. ==========> 03-10-09-MS-BlamerOnSecuityAndOtherIssues.txt========== http://www.microsoft.com/presspass/exec/steve/2003/10-09wwpc.asp Remarks by Steve Ballmer, CEO, Microsoft Corporation "Partnership, Innovation and Customer Focus" Microsoft Worldwide Partner Conference New Orleans, Louisiana October 9, 2003 STEVE BALLMER: It's a real privilege and pleasure for me to have the chance to be here with you. Last year when I spoke at the Fusion conference, I think I ==========> 03-10-10-DCMil-DDenningDiscussesCybersecurity.txt========== http://www.dcmilitary.com/navy/trident/8_36/features/25735-1.html October 10, 2003 Securing the portals of cyber space by Martha Thorn Trident Feature Editor Dr. Dorothy Denning, a professor in the department of defense analysis at the Naval Postgraduate School in Monterey, Calif., faced a diverse audience when she spoke at the academy Sept. 30. ==========> 03-10-10-SJMerc-MSSaysSecurityImprovementsWillTakeTime.txt========== http://www.siliconvalley.com/mld/siliconvalley/6980382.htm Posted on Fri, Oct. 10, 2003 story:PUB_DESC Microsoft promises security changes TECHNOLOGY TO SHIELD WINDOWS, BALLMER SAYS By Kristi Heim Mercury News Seattle Bureau SEATTLE - Faced with a mounting crisis over security flaws in Microsoft's software, Chief Executive Steve Ballmer acknowledged Thursday that the ==========> 03-10-10-TheReg-MSSaysSecurityImprovementsWillTakeTime.txt========== http://www.theregister.co.uk/content/4/33319.html Ballmer's new MS security fix - same patches, but 'nicer' By John Lettice Posted: 09/10/2003 at 17:16 GMT A few weeks ago Microsoft appeared to be tacitly conceding that, in the face of repeated and damaging attacks, the 'patch and patch again' approach to security was a busted flush, and that 'securing the perimeter' was the way to go. But how do you get there from here? It's hard, so it's not exactly surprising that ==========> 03-10-13-Wired-WorkerSaysDieboldInstalledUnauditedSWPatch.txt========== http://www.wired.com/news/evote/0,2645,60563,00.html Did E-Vote Firm Patch Election? By Kim Zetter 02:00 AM Oct. 13, 2003 PT Diebold Election Systems has had a tumultuous year, and it doesn't look like it's getting any better. Last January the electronic voting machine maker faced public embarrassment ==========> 03-10-15-CBR-DNSRootServerSecurityImprovementNeeded.txt========== http://www.cbronline.com/latestnews/165c8acb5f79bb5780256dc50018bddd Trouble Grows at the Internet's Root By Kevin Murphy There's a conflict brewing at the root of the internet, between those who are trying to make the network more resilient, and VeriSign Inc, which says this can best be achieved if we get rid of the non-profits and commercialize the infrastructure. ==========> 03-10-15-UPI-InternetIsIndispensableAndVulnerable.txt========== http://www.upi.com/view.cfm?StoryID=20031014-111239-5894r The Web: Indispensable but not impervious By Gene J. Koprowski UPI Technology News Published 10/15/2003 8:11 AM This is the first in a series of UPI articles examining the current state and future prospects of the global communications and data network known as the Internet. ==========> 03-10-16-PCMag-SecurityExpertDiscussessIssues.txt========== http://www.pcmag.com/article2/0,4149,1354271,00.asp A Tech Veteran's Security Warning By Sebastian Rupley October 16, 2003 Critical-infrastructure security was the main topic at the recent annual meeting of the International Information Systems Security Certification Consortium, known as (ISC)². The consortium is a nonprofit agency dedicated to training and certifying security professionals. At this year's meeting, Rep. ==========> 03-10-20-CNETNews-NewBillWOuldRequireDownloadWarnings.txt========== http://news.com.com/2010-1032-5093409.html A new tech battle brews in D.C. October 20, 2003, 4:00 AM PT By Declan McCullagh Print story E-mail story Even casual observers of the moral swamp called Washington, D.C., may remember the notorious Hollings bill, a mandatory copy protection proposal last year, which Hollywood's lobbyists loved and Silicon Valley hated. Because Sen. Ernest ==========> 03-10-20-INetWeek-MSBallmerDiscussesSecurityIssues.txt========== http://www.internetwk.com/breakingNews/showArticle.jhtml?articleID=15500449 Microsoft's Ballmer Sounds Off On Security spacer By Timothy Long, CRN Microsoft CEO Steve Ballmer is finding himself talking about security a lot these days. At the Gartner ITXpo in Orlando, Fla., on Tuesday, Ballmer again found himself fielding numerous questions from industry analysts and IT professionals about what his company is doing to address an issue that's ==========> 03-10-21-CNETNews-MSBallmerDiscussesSecurityIssues.txt========== http://zdnet.com.com/2100-1105_2-5094279.html Ballmer: Raising Microsoft's security game By Mike Ricciuti CNET News.com October 21, 2003, 9:56 AM PT ORLANDO, Fla.--Microsoft CEO Steve Ballmer on Tuesday defended his company's efforts to secure its software and fend off open-source rivals. ==========> 03-10-21-CRN-MSBallmerDiscussesSecurityIssues.txt========== http://www.crn.com/sections/BreakingNews/dailyarchives.asp?ArticleID=45366 Ballmer Sounds Off On Security Microsoft CEO says vendor is tackling industry concerns about its technology By Timothy Long, CRN 1:23 PM EST Tues., Oct. 21, 2003 Microsoft CEO Steve Ballmer is finding himself talking about security a lot these days. At the Gartner ITXpo in Orlando, Fla., on Tuesday, Ballmer again found himself fielding numerous questions from industry analysts and IT ==========> 03-10-22-CMU-NewCybersecurityCenterAnnounced.txt========== http://www.eurekalert.org/pub_releases/2003-10/cmu-cmt102203.php Public release date: 22-Oct-2003 Contact: Chriss Swaney swaney@andrew.cmu.edu 412-268-5776 Carnegie Mellon University Carnegie Mellon to launch new initiative to ensure cybersecurity Will aid domestic and commercial sectors ==========> 03-10-22-GrokLaw-MSExecSaysCommercialSoftwareIsMoreSecure.txt========== http://www.groklaw.net/article.php?story=20031022014413296 GROKLAW SCO Scoop. Ballmer Says Commercial Software is Better Because Someone's Rear End is on the Line Wednesday, October 22 2003 @ 06:44 AM EDT You know I couldn't resist covering this story. Microsoft's Steve Ballmer picked up his glove and slapped Linux across the face in a speech given at an ==========> 03-10-22-NewsFact-MSToutsNewWindowsSecurity.txt========== http://www.newsfactor.com/perl/story/22542.html Does Microsoft's Longhorn Mean Security Salvation? By Erika Morphy Enterprise Windows IT October 22, 2003 "Microsoft doesn't need more security -- it needs fewer security vulnerabilities," says Gartner's John Pescatore. "For Longhorn to be more secure than Windows XP, it needs to be a simpler operating system, and by ==========> 03-10-23-NYT-PlanetLabServersWatchNetForAttacks.txt========== Smart Servers as Watchdogs for Trouble on the Web" New York Times (10/23/03) P. E8; Eisenberg, Anne An upgraded Internet that can detect worms, traffic bottlenecks, and other network problems before they become serious may one day be within reach thanks to the efforts of PlanetLab, an academic-industrial consortium that has created a virtual testbed network built atop the Internet. PlanetLab employs PCs as smart routers at each network node, and these machines can run applications designed to detect whether data packets are benign or malign. "We are putting all the functionality and smarts into the PC at each node, without disturbing ==========> 03-10-27-NWFusion-DNSRootServersUseAnycastToStopDoSAttacks.txt========== http://www.nwfusion.com/news/2003/1027ddos.html Net security gets root-level boost By Carolyn Duffy Marsan and Cara Garretson Network World, 10/27/03 A year after surviving a massive distributed denial-of-service attack, the Internet's root servers are better fortified against hacker activity, thanks to behind-the-scenes deployment of a routing technique known as Anycast, experts say. ==========> 03-10-28-CalgaryHerald-GatesToutsNewWindowsSecurity.txt========== http://www.canada.com/calgary/calgaryherald/info/business/story.html?id=D4D179E8 -602A-4EDF-A03C-BB44691F829E Bill Gates touts Longhorn security Helen Jung The Associated Press Tuesday, October 28, 2003 CREDIT: Ric Francis, Associated Press Microsoft Corp. chairman Bill Gates addresses the Professional Developers ==========> 03-10-29-ACMUbiquity-FirewallSoftwareWillNeedAddOns.txt========== http://www.acm.org/ubiquity/views/v4i35_fiefer.html Port Wars In the not-too-distant-future, firewalls spark a battle over port regulation and ownership By William Paul Fiefer As operating system evolved, a large market emerged in add-ons. Little programs such as word processors, defragmenters, image viewers, and so forth appeared. You bought the OS, then you needed to keep on buying. ==========> 03-11-00-CACM-TheMythOfComputerSecurityByKeepingSoftwareSecret.txt========== Inside risks: Security by obscurity Rebecca T. Mercuri, Peter G. Neumann November 2003 Communications of the ACM, Volume 46 Issue 11 The belief that code secrecy can make a system more secure is commonly known as security by obscurity. Certainly, vendors have the right to use trade secret protection for their products in order to extend ownership beyond the terms afforded under copyright and patent law. But some software systems must satisfy critical requirements under intensive challenges, and thus must be trustworthy. ==========> 03-11-03-CalifHaltsAuditOfDieboldEVotingMachines.txt========== http://www.wired.com/news/evote/0,2645,61068,00.html Calif. Halts E-Vote Certification By Kim Zetter 05:49 PM Nov. 03, 2003 PT SACRAMENTO, California -- Uncertified software may have been installed on electronic voting machines used in one California county, according to the secretary of state's office. ==========> 03-11-03-MSNBC-EVotingIssues.txt========== http://www.msnbc.com/news/985033.asp?cp1=1 Black Box Voting Blues Electronic ballot technology makes things easy. But some computer-security experts warn of the possibility of stolen elections By Steven Levy NEWSWEEK Nov. 3 issue — After the traumas of butterfly ballots and hanging chad, election officials are embracing a brave new ballot: sleek, touch-screen ==========> 03-11-03-SFChron-UCN-USCResearchersToModelTheInternet.txt========== http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2003/11/03/BUG D42O8E41.DTL Building a crash-test Internet Researchers will assess vulnerability Carrie Kirby, Chronicle Staff Writer Monday, November 3, 2003 A team of UC Berkeley and University of Southern California professors has received a $5.46 million grant to build one of the most realistic models of the Internet ever created -- and then wreck it with debilitating hacker attacks. ==========> 03-11-04-CNETNews-MSOffersRewardsToStopViruses.txt========== http://news.com.com/2100-7355_3-5102110.html?tag=nefd_top Microsoft to offer bounty on hackers Last modified: November 4, 2003, 3:04 PM PST By Robert Lemos Staff Writer, CNET News.com Microsoft will announce on Wednesday that it will offer two $250,000 bounties for information that leads to the arrest of the people who released the MSBlast worm and the SoBig virus, CNET News.com has learned. ==========> 03-11-04-WashPost-DNSRootServersStillVulnerableToDDoSAttacks.txt========== http://www.washingtonpost.com/wp-dyn/articles/A61714-2003Nov4.html 'DDoS' Attacks Still Pose Threat to Internet By David McGuire washingtonpost.com Staff Writer Tuesday, November 4, 2003; 8:49 AM On October 21, 2002, people around the world cruised through cyberspace the way they do every day -- bidding on auctions, booking airline reservations, sending e-mail -- all the while unaware that someone was working overtime to try to ==========> 03-11-05-ITMgmt-ITManagersConcernedAboutWirelessSecurity.txt========== http://itmanagement.earthweb.com/secu/article.php/3104691 War Driving No Game to IT Managers November 5, 2003 By Sharon Gaudin A couple of buddies get in their car on a Saturday morning. They've got steaming coffees and a laptop. As the passenger boots up the computer, the driver pulls out and banks a left onto a busy downtown Boston street. But in this scenario, it doesn't have to be Boston. It could be Chicago, New York, ==========> 03-11-05-PRNewsWire-MSOffersRewardsToStopViruses.txt========== http://www.prnewswire.co.uk/cgi/news/release?id=111277 News Release Wednesday 5 November 2003, 15:00 GMT Microsoft Announces Anti-Virus Reward Program WASHINGTON, November 5 /PRNewswire/ -- Microsoft Teams with Worldwide Law Enforcement to Root Out Malicious Code Distributors with US$5 Million Reward Fund as a Part of Broader Security Initiative ==========> 03-11-05-SJMerc-MSOffersRewardsToStopViruses.txt========== http://www.siliconvalley.com/mld/siliconvalley/7189068.htm Posted on Wed, Nov. 05, 2003 Microsoft Offers Reward to Stop Viruses TED BRIDIS Associated Press WASHINGTON - Microsoft Corp. announced Wednesday it is creating a $5 million reward program to help law enforcement identify and convict those who illegally release worms, viruses and other types of malicious programs on the Internet. ==========> 03-11-06-PCWorld-LawmakerSuggestsRequiredAntivirusSoftware.txt========== http://www.pcworld.com/news/article/0,aid,113322,00.asp Could Antivirus Apps Become Law? Congress considers ways to make computers more secure. Grant Gross, IDG News Service Thursday, November 06, 2003 One lawmaker has a possible solution to the increasing problem of computer viruses: requiring all computer users in the United States to install antivirus software on their PCs. ==========> 03-11-06-TechNewsWorld-FlawFoundInWPAWirelessSecurity.txt========== http://www.technewsworld.com/perl/story/32070.html Passphrase Flaw Exposed in WPA Wireless Security By Jay Lyman TechNewsWorld November 6, 2003 Users of the WPA protocol might have a false sense of security because the wireless security standard is perceived as the latest proven defense. But the use of weak passphrases renders the protection inadequate. ==========> 03-11-07-PCWorld-MSOffersRewardsToStopViruses.txt========== http://www.pcworld.com/news/article/0,aid,113331,00.asp Virus Writers Dismiss Microsoft's Bounty $5 million reward fund is a marketing ploy, critics claim. Joris Evers, IDG News Service Friday, November 07, 2003 Cyberspace outlaws may look over their shoulder one extra time before launching a computer virus or worm, but they won't be deterred by the $5 million bounty fund established by Microsoft to help capture and convict them, two virus ==========> 03-11-10-FCW-EVotingMachinesQuestioned.txt========== http://www.fcw.com/fcw/articles/2003/1110/pol-evote-11-10-03.asp Jury still out on e-voting Touted as an antidote to the hanging chad, e-voting solution not proven, experts say BY MICHAEL HARDY Nov. 10, 2003 Risk assessment report from SAIC ==========> 03-11-10-NZZ-ETHOpensInfoSecurityCenter.txt========== http://nzz.ch/2003/11/10/english/page-synd4328710.html November 10, 2003, 23:45 Scientists seek to plug gaps in computer security Researchers at the Federal Institute of Technology in Zurich have declared war on computer viruses and their consorts. The new Zurich Information Security Centre (ZISC) aims to be a world leader in ==========> 03-11-11-SJMerc-20YearsOfViruses.txt========== http://www.silicon.com/software/security/0,39024655,39116851,00.htm The virus at 20: Two decades of malware November 11 2003 by Will Sturgeon Birthday 'best wishes' will be few and far between at this party... This week marks the 20th anniversary of the very first computer virus. To mark the occasion, Will Sturgeon spoke to some of the industry's leading crusaders in the battle against malware... ==========> 03-11-11-Wired-DieboldForcedToPayForEVotingMachineAudit.txt========== http://www.wired.com/news/print/0,1294,61172,00.html E-Vote Firm's Bill Comes Due By Kim Zetter 02:00 AM Nov. 11, 2003 PT SACRAMENTO -- Citing concerns that Diebold Election Systems installed uncertified software on some electronic voting systems in a California county without the state's knowledge, officials are forcing the company to pay for an audit of all the company's voting machines used in the state in order to win ==========> 03-11-12-WashU-DeviceTrapsMalware.txt========== http://www.innovations-report.com/html/reports/information_technology/report-232 76.html Washington University in St. Louis 12.11.2003 System halts computer viruses, worms, before end-user stage Scanning all of Shakespeare in 1/60th of a second A computer scientist at Washington University in St. Louis has developed technology to stop malicious software - malware - such as viruses and worms ==========> 03-11-13-INetWeek-NewDNSSecurityNearlyCompleteByIETF.txt========== http://www.internetweek.com/security02/showArticle.jhtml?articleID=16100056 Standard For Securing Domain Name System Nears Finalization By Antone Gonsalves An international standards body is close to releasing a security mechanism for authenticating data moving across the Internet, making it more difficult for people dispensing spam, viruses and worms to remain anonymous. DNS-Sec, which stands for domain name system-security, is under development by ==========> 03-11-17-NWFusion-ISPsTakeOnDDoSAttacks.txt========== http://www.nwfusion.com/news/2003/1117specialfocus.html ISPs take on DDoS attacks By Denise Pappalardo Network World, 11/17/03 Although the number and intensity of distributed denial-of-service attacks are on the rise, users are hard-pressed to find tangible new services to help thwart or defend against such assaults. ==========> 03-11-19-OaklandTrib-SandiaLabOpensHoneynet.txt========== http://www.oaklandtribune.com/Stories/0,1413,82~1865~1776530,00.html Wednesday, November 19, 2003 - 3:07:52 AM PST Sandia Labs studies phony computer network for hackers By Ian Hoffman, STAFF WRITER Instead of merely fending off thousands of daily computer attacks, federal researchers are trying a new tack: Create a meaningless digital universe to bog down hackers and study their tactics. ==========> 03-11-20-CompWorld-EUApprovesCyberSecurityAgency.txt========== http://www.computerworld.com/securitytopics/security/cybercrime/story/0,10801,87 394,00.html EU cybercrime agency gets the go-ahead The European Network and Information Security Agency begins work in January Story by Paul Meller NOVEMBER 20, 2003 ( IDG NEWS SERVICE ) - European telecommunications and communications ministers gave final approval to the creation of a European Network and Information Security Agency today. ==========> 03-11-20-NatlJour-ReviewOfACM-CRAPanelOnCybersecurity.txt========== Specialists See Need For New Ideas In Computer Protection by Ted Leventhal 11/20/03 National Journal's Tech Daily Without new concepts and applications for computer security, networking will fail to reach its full potential, and it may collapse under the strain of unsolicited commercial e-mail and computer viruses and worms, experts warned on Thursday. Computer scientists identified cyber-security problems and proposed solutions at an Association for Computing Machinery event this week and shared ==========> 03-11-20-USACM-ACMAndCRASponsorCyberSecurityPanel.txt========== PANEL TO PURSUE INNOVATIVE APPROACHES TO CYBER SECURITY WHAT Preeminent industry and academic leaders in computing confront=20 =93out-of-the-box=94 ideas from recent =93Grand Research Challenges= Conference=94=20 on cyber security WHEN Thursday, November 20, 8:30 am to 10:30 am (breakfast included) WHERE National Press Club (Holeman Lounge) 529 14th Street, NW, Washington, DC 20045 ==========> 03-11-21-ChronHigherEd-ReviewOfACM-CRAPanelOnCybersecurity.txt========== # "Computer-Security Experts Challenge Researchers to Focus on Long-Term Solutions" Chronicle of Higher Education (11/21/03); Carnevale, Dan Purdue University's Eugene Spafford was one of five speakers at a recent Virginia conference who suggested strategies computer scientists could follow to implement long-term cybersecurity solutions. Spafford declared at a news conference that computer networks should be rethought to include embedded, effective, and easy-to-use security. However, he remarked that "Near-term needs are so pressing that they have soaked up most of the resources and most of the ==========> 03-11-21-TheStandard-NCVIFormedToPromoteVerifiedEVoting.txt========== http://www.thestandard.com/article.php?story=20031121012728281 Group pushing e-voting security to launch Friday, November 21 2003 @ 01:27 AM GMT By Elizabeth Heichler, IDG News Service A new group that draws heavily from the ranks of computer scientists and technology policy specialists who are concerned about inattention to IT security issues in voting systems will announce its debut on Friday in Washington, D.C. ==========> 03-11-22-SJMerc-WellsFargoCustomerDataStolen.txt========== http://www.siliconvalley.com/mld/siliconvalley/7326113.htm Posted on Sat, Nov. 22, 2003 Theft puts Wells Fargo customer IDs at risk By Sue McAllister Mercury News A computer holding the names, addresses, Social Security numbers and account numbers of thousands of Wells Fargo customers was stolen from a consultant's office in Concord earlier this month, bank officials said Friday. ==========> 03-11-22-Stanford-CybersecurityResearchConference.txt========== http://cyberlaw.stanford.edu/security/ Cybersecurity, Research & Disclosure November 22, 2003 Stanford Law School EARLY REGISTRATION DISCOUNT ENDS NOVEMBER 1, 2003 Almost daily, newly discovered vulnerabilities are released on mailing lists like BugTraq and Full Disclosure. Harried security ==========> 03-11-24-CompWorld-DiversityNeededToFoilCyberAttacks.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,87470,00.html Improved Security Through IT Diversity By JAIKUMAR VIJAYAN NOVEMBER 24, 2003 In his recently released book, Beyond Fear: Thinking Sensibly About Security in an Uncertain World (Copernicus Books, 2003), security guru Bruce Schneier argues for a more common-sense and less technology-centric approach to both IT security and physical security. In this interview with ==========> 03-11-25-CNETNews-After20YearsVirusesDefyCure.txt========== http://news.com.com/2009-7349-5111410.html Decades after creation, viruses defy cure By Robert Lemos Staff Writer, CNET News.com November 25, 2003, 4:00AM PT Of all the accomplishments in the annals of technology, Fred Cohen's contribution is undeniably unique: He introduced the term "virus" to the lexicon of computers. ==========> 03-11-25-CNETNews-BlackoutsHighlightNetVulnerabilities.txt========== http://news.com.com/2100-7355_3-5111816.html Blackouts highlight network vulnerabilities Last modified: November 25, 2003, 11:48 AM PST By Robert Lemos and Matt Loney Staff Writer, CNET News.com The summer's blackouts weren't caused by a worm or virus, but the failures highlight infrastructure weak spots, a report concluded this week. ==========> 03-11-25-NewsWise-DiversityNeededToFoilCyberAttacks.txt========== http://www.newswise.com/articles/view/502136/ Taking Cues from Mother Nature to Foil Cyber Attacks Libraries Science News INTERNET COMPUTER SCIENCE SYSTEM SECURITY HACKERS Description Taking their cues from Mother Nature and biodiversity, computer scientists are collaborating on a project to study “cyber-diversity” for computer systems as a ==========> 03-11-27-Economist-FightingSpamAndWorms.txt========== http://www.economist.com/science/displayStory.cfm?story_id=2246018 Fighting the worms of mass destruction Nov 27th 2003 | SAN FRANCISCO From The Economist print edition Hooligans are trashing our online space. How can they be stopped? WHEN Microsoft released its latest monthly batch of software patches on November 11th, it included one designed to repair a previously unknown flaw in ==========> 03-11-28-LATimes-TechCompaniesTryToControlInfoAboutSecurityHoles.txt========== http://www.latimes.com/technology/la-fi-hackers28nov28,1,1845462.story Rules to Address Holes in Software Major tech companies work to formalize guidelines for steps to take when security flaws are detected. By Joseph Menn Times Staff Writer November 28, 2003 As the cost of securing data against malicious attacks continues to escalate, ==========> 03-11-28-NYT-WormsAndVirusesInCellPhoneInternetAccess.txt========== http://www.nytimes.com/2003/11/28/technology/28cell.html Beware the Worm in Your Handset By KEN BELSON Published: November 28, 2003 OKYO, Nov. 27 - As more consumers begin surfing the Web and sending e-mail messages on cellphone and hand-held devices, along comes a new worry: worms and viruses spread via Internet-enabled handsets. ==========> 03-11-30-ACMWashUpdate-ACM-CRASponsorCyberSecurityEvent.txt========== ACM Washington Update Vol 7.11 November 30, 2003 ACM and CRA Sponsor Cyber Security Policy Event Congress to Approve Funding for Computing Research and Education OMB Issues New Privacy Guidelines FBI Plans to Open Five New Computer Crime Labs NIST Seeks Comment on New Security Controls and Secure Hash Standard New Congressional Research Services Report on E-Voting Nanotechnology R&D Authorization Enacted into Law ******************************* ==========> 03-11-30-USACM-ACMWashingtonUpdate-7-11.txt========== ACM Washington Update Vol 7.11 November 30, 2003 ACM and CRA Sponsor Cyber Security Policy Event Congress to Approve Funding for Computing Research and Education OMB Issues New Privacy Guidelines FBI Plans to Open Five New Computer Crime Labs NIST Seeks Comment on New Security Controls and Secure Hash Standard New Congressional Research Services Report on E-Voting Nanotechnology R&D Authorization Enacted into Law ******************************* ==========> 03-12-00-CACM-KillersVirusesAffectMillionsOfInternetUsers.txt========== Attack of the killer virus! Dennis Fowler December 2003 netWorker, Volume 7 Issue 4 Though more than 600 million people worldwide use the Internet, it takes only one virus writer to make just about all of us miserable. Like a single stray neutron in a critical mass of plutonium, a lone virus can trigger a chain reaction that spews thousands of copies from desktop to desktop. Last summer's aptly named SoBig virus was an all-too-real example of this danger. "At ==========> 03-12-00-CACM-StandardsCanHelpInComputerSecurity.txt========== Security watch: Standards insecurity Rebecca T. Mercuri December 2003 Communications of the ACM, Volume 46 Issue 12 Standards can provide an important component in the computer security environment but they should not be relied on blindly. In the computer industry, standards play an important role by enforcing security baselines and enabling compatibilities among products. In the early ==========> 03-12-01-CNETNews-YoranNewTopUSCybersecurityDefender.txt========== http://news.com.com/2008-7355_3-5112350.html A two-pronged approach to cybersecurity Last modified:December 1, 2003, 1:30 PM PST By Robert Lemos Staff Writer, CNET News.com In September, Amit Yoran became the United States' top cybersecurity defender. Against a backdrop of new challenges from increasingly sophisticated hackers, ==========> 03-12-03-DCInternet-USCybersecurityStillStalled.txt========== http://dc.internet.com/news/article.php/3116061 December 3, 2003 National Cyber Security Initiative Still Stalling By Michael Singer SANTA CLARA, Calif. -- Eight months after forging a plan to secure cyberspace, a coalition of government and private corporations says it is close to unveiling real products and practices to bolster the nation's vulnerable networks. ==========> 03-12-03-SJMerc-CybersecuritySummitToRefocusAttention.txt========== http://www.siliconvalley.com/mld/siliconvalley/7402121.htm Posted on Wed, Dec. 03, 2003 Computer security in focus CYBERSUMMIT SET HERE TODAY By Elise Ackerman Mercury News As George Bush makes national security the watchword of his presidency, some Silicon Valley leaders worry cybersecurity seems to have slipped off the ==========> 03-12-03-SJMerc-RetailerHackerSentencedToPrison.txt========== http://www.siliconvalley.com/mld/siliconvalley/7405298.htm Posted on Wed, Dec. 03, 2003 Retail hacker sentenced to 1 1/2 years in prison PITTSBURGH (AP) - A former employee of American Eagle Outfitters has been sentenced to 1 1/2 years in federal prison for using the Internet to encourage break-ins at the retailer's Web site and launching an attack against it. Kenneth Patterson, 38, of Greensburg, was also ordered Tuesday to pay more than ==========> 03-12-03-SJMerc-SecRidgeTellsTechFirmsToCooperateOnCyberSecurity.txt========== http://www.siliconvalley.com/mld/siliconvalley/7405011.htm Posted on Wed, Dec. 03, 2003 Cooperate on security or face new rules, Ridge tells tech firms SANTA CLARA, Calif. (AP) - Technology companies must cooperate in the battle against cyberterrorism -- or submit to government-imposed security regulations -- Homeland Security Secretary Tom Ridge and other senior officials said Tuesday. ==========> 03-12-03-USDHS-RemarksBySecRidge.txt========== http://www.dhs.gov/dhspublic/display?content=2487 Remarks by Secretary Tom Ridge at the National Cyber Security Summit For Immediate Release Office of the Press Secretary December 3, 2003 Thank you for that introduction. It's an honor for me to be here this morning. I want to thank all of you for your willingness to be a part of this summit, ==========> 03-12-04-SJMerc-ChinaOrdersDomesticSecurityOnWirelessNets.txt========== http://www.siliconvalley.com/mld/siliconvalley/7412296.htm Posted on Thu, Dec. 04, 2003 China orders wireless local area networks to use domestic encryption standards SHANGHAI, China (AP) - China has ordered computer makers, both at home and overseas, to use its own encryption standard for wireless local area networks, ensuring stronger government control and giving domestic manufacturers a slight respite from some foreign competition. ==========> 03-12-04-SJMerc-DebianDefendedInLinuxSecurityIssue.txt========== http://siliconvalley.internet.com/news/article.php/3116231 December 4, 2003 Linux Security Expert Defends Debian By Jim Wagner A Linux expert is defending the way Debian Project leaders handled a recent security breach that took down the servers of the 10-year-old open source effort. ==========> 03-12-04-SJMerc-SecRidgeTellsTechFirmsToCooperateOnCyberSecurity.txt========== http://www.siliconvalley.com/mld/siliconvalley/7410944.htm Posted on Thu, Dec. 04, 2003 Tech firms urged: Secure cyberspace DO IT OR FACE REGULATIONS, SUMMIT TOLD By Elise Ackerman Mercury News As Homeland Security Secretary Tom Ridge warned Wednesday that terrorists ``know a few lines of code can wreak as much havoc as a handful of bombs,'' a ==========> 03-12-04-WashPost-USDHSTellsTechFirmsToCooperateOnCyberSecurity.txt========== http://www.washingtonpost.com/wp-dyn/articles/A33245-2003Dec3.html Help Fix Cyber-Security Or Else, U.S. Tells Industry 'We Want to See Results,' Official Says at Summit By Jonathan Krim Washington Post Staff Writer Thursday, December 4, 2003; Page E02 SANTA CLARA, Calif., Dec. 3 -- Top homeland security officials Wednesday challenged the technology industry to help improve the nation's ability to ==========> 03-12-06-ZDNet-Farber-CybersecurityRequiresSoftwareEngrReform.txt========== http://techupdate.zdnet.com/techupdate/stories/main/Massive_software_engineering _reform_is_a_must.html Massive software engineering reform is a must By Dan Farber, Tech Update December 6, 2003 The National Cyber Security Summit last week that brought the Department of Homeland Security to the table with the Business Software Alliance, the Information Technology Association of America, TechNet and the U.S. Chamber of ==========> 03-12-08-NYT-TrojanHorsePutsHijackedComputersOnP2PNet.txt========== http://www.nytimes.com/2003/12/08/technology/08trojan.html Hackers Steal From Pirates, to No Good End By JOHN SCHWARTZ Published: December 8, 2003 The people who design rogue programs that take over computers from afar are now applying the tactic that made music pirating programs so effective - and the Internet may never be the same. ==========> 03-12-09-CompWorld-SeveralUSAgenciesFailInCybersecurity.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,88030,00.html U.S. agencies earn overall grade of D for computer security By LINDA ROSENCRANCE DECEMBER 09, 2003 For the fourth year in a row, most federal agencies have received low grades for failing to protect their computer networks from hackers and other cyberterrorists, according to a computer security report card issued today by the House Government Reform Subcommittee on Technology. The ==========> 03-12-09-FCW-USAgenciesGetPoorCyberSecurityGrades.txt========== http://www.fcw.com/fcw/articles/2003/1208/web-grades-12-09-03.asp Government gets 'D' on security BY Diane Frank Dec. 9, 2003 "Agencies to get security scores" [FCW.com, Dec. 2, 2003] 2003 security report card Federal agencies are still far behind where they need to be on information security, scoring a governmentwide grade of D for 2003 based on grades released ==========> 03-12-09-GovExec-USAgenciesGetPoorCybersecurityGrades.txt========== http://www.govexec.com/dailyfed/1203/120903c1.htm December 9, 2003 Agencies get failing grades on cybersecurity # National 'cyber summit' planned to aid federal outreach (09/16/03) # Executive at Internet security firm likely nominee for cyber chief (09/11/03) # Democrats give administration 'D' on security efforts (07/23/03) # Former officials assess security needs on cyber front (06/11/03) ==========> 03-12-09-NWFusion-IEEESaysChinasWirelessSecurityUnderminesWiFi.txt========== http://www.nwfusion.com/news/2003/1209ieeechine.html IEEE: Chinese security standard could fracture Wi-Fi Breaking news Today's top news. By Sumner Lemon IDG News Service, 12/09/03 The implementation of a Chinese security standard for wireless networking could undermine efforts to develop a global standard for wireless LANs and drive up ==========> 03-12-09-USHouse-CybersecurityGrades-2000-2003.txt========== http://reform.house.gov/TIPRC/Hearings/EventSingle.aspx?EventID=652 Contact: 202-225-6751 2003 Federal Computer Security Report Card Tuesday, December 09, 2003 10:00 AM Opening Statement Hon. Putnam Federal Computer Report Card Press Statement Reports Computer Security Report Card 2003 Overall Federal Computer Grade and Bar Graph ==========> 03-12-11-ESecurityWeb-VerifiableEmailProposals.txt========== http://www.esecurityplanet.com/trends/article.php/3288271 Renovating E-Mail With Identity in Mind By Pamela Parker December 11, 2003 EarthWeb That e-mail message may appear to be from PayPal or EarthLink, but is it really? To know for sure, e-mail needs an identity verification system, and there's a growing consensus among e-mail senders and recipients that one should ==========> 03-12-12-CompWorld-CriticismOfEvotingMachinesSecurityMounting.txt========== http://www.computerworld.com/governmenttopics/government/policy/story/0,10801,88 178,00.html Criticism of electronic voting machines’ security is mounting By Elizabeth Heichler DECEMBER 12, 2003 As presidential primary season approaches, a debate is raging about electronic voting -- and IT professionals and computer scientists are among the loudest critics. ==========> 03-12-14-SJMerc-DG-ChinaOrdersDomesticSecurityOnWirelessNets.txt========== http://www.siliconvalley.com/mld/siliconvalley/7489042.htm Posted on Sun, Dec. 14, 2003 China tries to establish homegrown tech rules By Dan Gillmor Mercury News Technology Columnist HONG KONG - Early this month, China's government mandated an encryption standard for wireless data communications. It may force U.S. and other Western companies into unwanted joint ventures with Chinese companies if they want to ==========> 03-12-15-CompWorld-UsersPlanForCybersecurityAttacks.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,88201,00.html Users Worry About 'Zero-Day' Attacks, Try to Secure Systems System configuration rules, incident-response plans may reduce threat Story by Jaikumar Vijayan DECEMBER 15, 2003 ( COMPUTERWORLD ) - NEW YORK -- So-called zero-day attacks that take advantage of software vulnerabilities for which there are no available fixes are starting to be viewed as a major threat to data security, said IT managers at the InfoSec 2003 conference here last week. ==========> 03-12-17-EarthWeb-BlueprintForInternetSecurity.txt========== http://networking.earthweb.com/netsecur/article.php/3290411 Building a Blueprint for Network Security December 17, 2003 By Paul Rubens Ever gone out and then spent the evening wondering whether you remembered to lock all the doors back at home? If you’re responsible for a corporate network, you’ve probably had a similar ==========> 03-12-17-TechResNews-DeviceScansInternetPacketsForViruses.txt========== http://www.trnmag.com/Stories/2003/121703/Device_guards_Net_against_viruses_1217 03.html Device guards Net against viruses December 17/24, 2003 By Kimberly Patch, Technology Research News Keeping a computer safe from viruses usually means installing virus-catching software and keeping it running and updated. Not everyone takes the trouble to do this, and viruses spread because there are enough unprotected machines to ==========> 03-12-19-BBC-CybersecurityThreatsARiskToNetsFuture.txt========== http://news.bbc.co.uk/2/hi/technology/3322449.stm Cyber threats risk net's future By Clark Boyd Technology correspondent in Geneva The hunger in poor nations for going online is not without danger. With improved access, comes the threat of ever more internet security violations. Security was one of the many issues discussed in Geneva ==========> 03-12-19-WebHostIndRev-CERT-RacingToSecureTheInternet.txt========== http://www.thewhir.com/features/cert.cfm CERT/CC: Racing to Secure the Internet By Wayne Epperson From Web Hosting Monthly, December 2003 edition Web Host Industry Review December 19, 2003 -- (WEB HOST INDUSTRY REVIEW) -- Effective Internet security often comes down to a race between the bad guys and the good guys; those who try to exploit software vulnerabilities and those who work to keep systems and ==========> 03-12-22-CompWorld-NewAntiHackingToolsComing.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,88359,00.html Tools Coming for Digital Immunity Coming for information security: tools for adaptive and resilient computing. Future Watch by Gary H. Anthes DECEMBER 22, 2003 ( COMPUTERWORLD ) - The battle against computer viruses and system intruders is often described as an arms race, in which increasingly powerful weapons are countered by ever stronger defenses. But this particular arms race isn't in a dead heat; the mavens of malware are winning it. ==========> 03-12-23-BadYearForVirusAttacks.txt========== http://www.wired.com/news/infostructure/0,1377,61710,00.html The Internet Is a Very Sick Place By Michelle Delio 02:00 AM Dec. 23, 2003 PT The year 2003 has been deemed the worst in computer-virus history by security experts, despite the fact that worm and virus writers displayed no significant technological progress in the code of their newest nasty little creations. ==========> 03-12-28-WashPost-SpamSpywareVirusesAndWorms.txt========== http://www.washingtonpost.com/wp-dyn/articles/A33688-2003Dec27.html Big Intrusions, Tiny Pictures and Patented Problems By Rob Pegoraro Sunday, December 28, 2003; Page F07 This is the year the Internet officially stopped being fun. The festering problems of spam, spyware, viruses, worms and pop-ups boiled over, making the online experience merely annoying at best, financially and emotionally destructive at worst. ==========> 03-12-29-CompWorld-SecurityPredictionsFor2004.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,88113,00.html Security predictions for 2004 By Peter H. Gregory DECEMBER 29, 2003 In 2004, information security professionals will experience more of the darker side of human behavior, but organizations will also take more control over their network and computing infrastructures, particularly end-user systems. ==========> 03-12-29-NYT-SmartCarsAreCauseForConcern.txt========== http://www.nytimes.com/2003/12/29/technology/29car.html This Car Can Talk. What It Says May Cause Concern. By JOHN SCHWARTZ Published: December 29, 2003 Last year, Curt Dunnam bought a Chevrolet Blazer with one of the most popular new features in high-end cars: the OnStar personal security system. The heavily advertised communications and tracking feature is used nationwide ==========> 03-12-29-SJMerc-VoteHere-EvotingFirmsWebsiteHacked.txt========== http://www.siliconvalley.com/mld/siliconvalley/7592802.htm Posted on Mon, Dec. 29, 2003 Electronic Voting Firm Has Site Hacked TED BRIDIS Associated Press WASHINGTON - A company developing security technology for electronic voting suffered an embarrassing hacker break-in that executives think was tied to the rancorous debate over the safety of casting ballots online. ==========> 03-12-29-Wired-WishListsFor2004.txt========== http://www.wired.com/news/culture/0,1284,61726,00.html The Fantasy and Reality of 2004 By Michelle Delio 02:00 AM Dec. 29, 2003 PT Fling dishes or flaming furniture out the window, fire off celebratory gunfire, jump off chairs, ring bells, beat drums, clutch silver as the clock strikes midnight or sweep bad juju out of the house with a kitchen broom -- these are some of the ways people welcome in the New Year. ==========> 03-12-30-BusWeek-TopTechTrendsFor2004.txt========== http://www.businessweek.com/technology/content/dec2003/tc20031230_9935.htm DECEMBER 30, 2003 • Editions: Edition Preference NEW YEAR OUTLOOK Tech's Top Trends for 2004 Yes, it will be a better year, especially for consumers, overseas telecoms, and China -- which will become ever-more important In 2003, the tech industry hit bottom and bumped through yet another bad year. ==========> 04-01-04-ECommTimes-TheSecureEmailChallenge.txt========== http://www.ecommercetimes.com/perl/story/32756.html Tackling the Secure Web Mail Challenge By Keith Pasley E-Commerce Times February 4, 2004 There is a trend in the secure Web mail technology sector toward use of appliances that not only provide Web mail protection, but also serve other e-mail infrastructure security objectives. This approach simplifies management ==========> 04-01-05-InfoWeek-CybersecurityThreatsWontLetUp.txt========== http://www.informationweek.com/story/showArticle.jhtml?articleID=17100340 Security Threats Won't Let Up Attacks on business networks are expected to grow As use of spyware increases. The good news? As risk increases, companies are paying attention. By George V. Hulme, InformationWeek Jan. 5, 2004 Last year was a bad one for information-security professionals. This year is likely to be even worse. ==========> 04-01-07-TechRev-IPv6WillMakeNetSlowerAndLessSecure.txt========== http://www.technologyreview.com/articles/wo_garfinkel010704.asp Internet 6.0 The next version of the Internet Protocol, IPv6, will supply the world with addresses by the trillions. Too bad it will also make the Net slower and less secure. By Simson Garfinkel The Net Effect January 7, 2004 ==========> 04-01-08-SJMerc-NYTimesHackerPleadsGuilty.txt========== http://www.siliconvalley.com/mld/siliconvalley/7664210.htm Posted on Thu, Jan. 08, 2004 Hacker pleads guilty to entering N.Y. Times computers NEW YORK (AP) - A hacker admitted Thursday that he broke into The New York Times' computer system to illegally access contributors' personal details and LexisNexis information services. Adrian Lamo, 22, of Carmichael, Calif., pleaded guilty to a single count of ==========> 04-01-09-Wired-MuchOfKazaaCodeIsMalware.txt========== http://www.wired.com/news/business/0,1367,61852,00.html Kazaa Delivers More Than Tunes By Kim Zetter 07:00 AM Jan. 09, 2004 PT Forty-five percent of the executable files downloaded through Kazaa, the most popular file-sharing program, contain malicious code like viruses and Trojan horses, according to a new study. ==========> 04-01-11-SwissInfo-SwissExpertTalksAboutViruses.txt========== http://www.swissinfo.org/sen/swissinfo.html?siteSect=511&sid=4607572 Saturday 17.01.2004, CET 17:49 Swiss expert leads fights against computer viruses swissinfo January 11, 2004 12:02 PM Urs Gattiker has written a number of books on information security (swissinfo) ==========> 04-01-11-WashPost-HoneypotsCatchEvilDoers.txt========== http://www.washingtonpost.com/wp-dyn/articles/A5056-2004Jan9.html We Can Trap More Crooks With a Net Full of Honey By Michael Schrage Sunday, January 11, 2004; Page B01 The site looks temptingly authentic. Its pictures are graphic, the kind that would immediately appeal to a pedophile. A customer cruising the Net for kiddie porn would want to double-click to see more. But wait. Before he touches the mouse, he's compelled to ask himself: Is this online offer for real? Or is this ==========> 04-01-12-ITMgmt-IncreasingDamageFromHackersSlowing.txt========== http://itmanagement.earthweb.com/secu/article.php/3298191 Is the Tide Turning in Battle Against Hackers? January 12, 2004 By Drew Robb It's a quagmire. No, not Iraq. The Internet. The war against hackers has been going on for decades and we are no closer to pulling out than we were when Kevin Mitnick was ==========> 04-01-12-WSJ-TeachingCybersecurity.txt========== # "It Takes a Thief" Wall Street Journal (01/12/04) P. R5; Fong, Mei There has been an increase in the number of schools offering courses in hacking and network penetration techniques, so that companies can bolster their defenses against such intrusions. "If we want to improve computer security, we have to teach how attacks work, how viruses work," contends Counterpane Internet Security founder Bruce Schneier. Some courses cover hacking fundamentals, such as cracking passwords and spying on data as it passes through the Internet; others emphasize the exploitation of human weakness, such ==========> 04-01-15-CNETNews-LackOfDiversityIncreasesNetViruses.txt========== http://news.com.com/2009-7349-5140971.html Agriculture epidemics may hold clues to Net viruses By Robert Lemos Staff Writer, CNET News.com January 15, 4:00AM PT In studying the effects of last summer's MSBlast worm, some security experts turned to an unlikely source in search of clues to the prevention of computer epidemics: plants. ==========> 04-01-15-SJMerc-GAOSaysGovtSlowToMakeSecurityImprovements.txt========== http://www.siliconvalley.com/mld/siliconvalley/7719472.htm Posted on Thu, Jan. 15, 2004 Government slow to make Internet security improvements, GAO says WASHINGTON (AP) - The government must still develop policies, secure funding and train its employees before agencies can use a security system designed to protect online transactions, congressional investigators said Thursday. The General Accounting Office said the security system goes beyond simply ==========> 04-01-20-MSNBC-RootServerPhysicalSecurityLiesInObscurity.txt========== http://www.msnbc.msn.com/id/4009568/ Fort N.O.C.'s The heart of Internet security lies in obscurity Technicians monitor Internet traffic in a Verisign network operating center. A new center has recently gone operational and will replace the one seen here. By Brock N. Meeks Reporter MSNBC Updated: 8:52 p.m. ET Jan. 20, 2004 ==========> 04-01-20-ServeSec-JohsHopkinsReportCriticalOfDODOnlineEvoting.txt========== http://www.servesecurityreport.org/ A Security Analysis of the Secure Electronic Registration and Voting Experiment (SERVE) January 20, 2004 Authors Dr. David Jefferson Dr. Aviel D. Rubin Dr. Barbara Simons ==========> 04-01-20-WashPost-BagleBeagleWormSpreadsByEmail.txt========== http://www.washingtonpost.com/wp-dyn/articles/A30791-2004Jan20.html Internet Worm Lurks In E-Mail In-Boxes By Brian Krebs Special to The Washington Post Tuesday, January 20, 2004; Page E05 A new Internet worm that spread by e-mail through Asia, Australia and Europe began appearing in U.S. in-boxes yesterday, and experts warned it could spread as people go back to work after the Martin Luther King Jr. holiday. ==========> 04-01-21-NYT-JohsHopkinsReportCriticalOfDODOnlineEvoting.txt========== http://www.nytimes.com/2004/01/21/technology/23CND-INTE.html?ei=5062&en=2acd464e defb3c30&ex=1075352400&partner=GOOGLE&pagewanted=print&position= January 21, 2004 Report Says Internet Voting System Is Too Insecure to Use By JOHN SCHWARTZ new $22 million system to allow soldiers and other Americans overseas to vote via the Internet is inherently insecure and should be abandoned, according to members of a panel of computer security experts asked by the government to ==========> 04-01-21-UCBerkeley-ExpertsSayDODInternetVotingProgramNotSecure.txt========== http://www.berkeley.edu/news/media/releases/2004/01/21_vote.shtml Internet voting system set for upcoming elections not secure, computer experts say Jan. 21, 2004 By Sarah Yang, Media Relations, and Phil Sneiderman, The Johns Hopkins University | 21 January 2004 BERKELEY – A federally funded online absentee voting system scheduled to debut in less than two weeks has security vulnerabilities that could jeopardize voter ==========> 04-01-22-CNETNews-SecurityProsQuestionFlawFind.txt========== http://news.com.com/2100-7355_3-5145863.html Security pros question flaw find Last modified: January 22, 2004, 3:53 PM PST By Robert Lemos Staff Writer, CNET News.com Two Internet software developers who said they have uncovered a way to cause entire networks of computers to freeze or shut down may have simply rediscovered an old network issue. ==========> 04-01-22-SJMerc-JohsHopkinsReportBlastsDODOnlineEvoting.txt========== http://www.siliconvalley.com/mld/siliconvalley/7769017.htm Posted on Thu, Jan. 22, 2004 Pentagon online voting blasted SCIENTISTS SAY SYSTEM HAS SECURITY FLAWS AND SHOULD BE SHUT DOWN BEFORE DEBUT By Elise Ackerman Mercury News The Pentagon's new Internet-based voting system is vulnerable to tampering and should be shut down, computer scientists reviewing the program said Wednesday. ==========> 04-01-25-NewSci-MutatingSoftwareCouldPredictAttacks.txt========== http://www.newscientist.com/news/news.jsp?id=ns99994588 Mutating software could predict hacker attacks 10:00 25 January 04 Exclusive from New Scientist Print Edition Novel computer viruses and worms can sweep the world within hours, leaving a trail of devastation, because firewalls and antiviral software work by identifying the telltale signatures of known attacks. They are useless against anything completely new. ==========> 04-01-26-WSJ-SimpleCookieIDsPresentSecurityProblem.txt========== # "Biggest Web Problem Isn't About Privacy, It's Sloppy Security" Wall Street Journal (01/26/04) P. B1; Gomes, Lee Web security leaves a lot to be desired, as evidenced by embarrassing incidents at companies such as the online restaurant reservation service OpenTable.com; Web designers need constant reminding of the security issues they should be aware of as they create Web sites, a situation that MIT doctoral student and security consultant Kevin Fu calls "depressing." Upon signing up at OpenTable, new customers are given personal cookies that store specific customer numbers so that the site recognizes returning customers and sends their personal data ==========> 04-01-28-CompWorld-MyDoomTargetsMSWebsite.txt========== http://www.computerworld.com/securitytopics/security/virus/story/0,10801,89494,0 0.html?SKC=news89494 Update: New Mydoom worm discovered By LINDA ROSENCRANCE JANUARY 28, 2004 A new variant of the Mydoom.A (Novarg.A) worm, which has been spreading swiftly across the Internet since Monday, emerged today, according to London-based security vendor Mi2g Ltd. ==========> 04-01-28-SJMerc-DG-MyDoomEmailWorm.txt========== http://www.siliconvalley.com/mld/siliconvalley/7814718.htm Posted on Wed, Jan. 28, 2004 An e-mail worm's greatest ally is us By Dan Gillmor Mercury News Technology Columnist News and views, culled and edited from my online eJournal (www.dangillmor.com/blog): ==========> 04-01-28-Wired-MyDoomWormStillDangerous.txt========== http://www.wired.com/news/technology/0,1282,62073,00.html Worm Slowing, but Still Dangerous By Michelle Delio 02:00 AM Jan. 28, 2004 PT Now proclaimed the most virulent e-mail virus ever, MyDoom has slowed its pace since beginning its race across the Internet on Monday. But experts warn the worm most likely will cause trouble for a long time to ==========> 04-01-29-MSNBC-NationalCyberAlertSystem.txt========== http://www.msnbc.msn.com/id/4100822/ 'We’re Making Rapid Progress' Can the new National Cyber Alert System help stop the spread of future viruses? National Cyber Security Division director Amit Yoran explains the alert system and other efforts with the private sector that the government hopes will soon make cyberspace safer Paivi Vayrynen / AFP-Getty Images An employee at the Finnish security firm F-Secure studies a new variation of the fast-spreading MyDoom virus ==========> 04-01-29-PCWorld-FTCFinds1MServersOpenToSpammers.txt========== http://www.pcworld.com/news/article/0,aid,114528,00.asp Vulnerable Servers Warned FTC seeks to secure more than a million servers that can be spoofed by spammers. Grant Gross, IDG News Service Thursday, January 29, 2004 WASHINGTON, D.C. -- The Federal Trade Commission has identified more than 1 million IP addresses that provide open proxies or open relays, which spammers can tap to hide their identities, and is alerting server owners that they might ==========> 04-01-29-SJMerc-MSOffersRewardForMyDoomVirusWriter.txt========== http://www.siliconvalley.com/mld/siliconvalley/7828346.htm Posted on Thu, Jan. 29, 2004 Microsoft offers $250,000 reward for help catching virus author WASHINGTON (AP) - Microsoft Corp. promised Thursday to pay $250,000 to anyone who helps authorities find and prosecute the author of a fast-spreading computer virus. The cash reward is the third so far under a $5 million program Microsoft ==========> 04-01-29-SJMerc-MyDoomTargetsMSWebsite.txt========== http://www.siliconvalley.com/mld/siliconvalley/7825088.htm Posted on Thu, Jan. 29, 2004 Worm variant has new mark `MYDOOM' STRAIN SAID TO AIM FOR MICROSOFT SITE By Dan Lee Mercury News ``Mydoom'' is back -- with a new target. ==========> 04-01-29-WashPost-DHSComputerToTrackCyberAttacks.txt========== http://www.washingtonpost.com/wp-dyn/articles/A58255-2004Jan28.html U.S. Takes Anti-Virus Role Web Site to Track Cyber-Attacks, Advise Consumers Amit Yoran, the federal cybersecurity director, announced a Web site with information on computer viruses. By Jonathan Krim and Mike Musgrove Washington Post Staff Writers Thursday, January 29, 2004; Page E05 ==========> 04-01-30-SecFocus-DODLinuxSecurityProjectsLacksParticipants.txt========== http://www.securityfocus.com/news/7947 DARPA-funded Linux security hub withers By Kevin Poulsen, SecurityFocus Jan 30 2004 5:19PM Two years after its hopeful launch, a U.S.-backed research project aimed at drawing skilled eyeballs to the thankless task of open-source security auditing is prepared to throw in the towel. Initially funded by a research grant from the Pentagon's Defense Advanced ==========> 04-01-30-SJMerc-MSPlansDefensesAgainstMyDoomVirus.txt========== http://www.siliconvalley.com/mld/siliconvalley/7838408.htm Posted on Fri, Jan. 30, 2004 Microsoft prepares defenses against virus-generated attack SEATTLE (AP) - Microsoft Corp. said Friday it was working to ward off an Internet virus that was set to attack the software company's Web site on Tuesday. ``We're definitely doing everything we can to make sure that our customers who ==========> 04-01-30-SJMerc-StudyFindsMarylandSystemVulnerableToHackers.txt========== http://www.siliconvalley.com/mld/siliconvalley/7836994.htm Posted on Fri, Jan. 30, 2004 Maryland's e-voting system vulnerable to hackers, report finds ANNAPOLIS, Md. (AP) - Computers that Maryland voters will use in the March primary contain ``vulnerabilities that could be exploited by malicious individuals,'' according to programmers who tested the equipment. Hackers could easily compromise 16,000 touch-screen computers in precincts ==========> 04-01-30-TechNewsWorld-TerroristsNotLikelyToUseWorms.txt========== http://www.technewsworld.com/perl/story/32721.html Is the Superworm a Mere Myth? By Jack M. Germain TechNewsWorld January 30, 2004 "Terrorists are not using superworms and other network attacks because they don't reach their target that way," Mikko Hyppönen, director of antivirus research at Finland-based F-Secure, told TechNewsWorld. "Terrorists want to ==========> 04-01-31-USACMWashUpdate-SenateExpectedToApproveLegislationTargetingPeer-to-PeerSecurityRisks.txt========== Subject: ACM Washington Update Vol. 8.1 January 31, 2004 From: Lillie Coney Date: Fri, 30 Jan 2004 16:06:59 -0500 To: WASHINGTON-UPDATE@ACM.ORG ACM Washington Update Vol. 8.1 January 31, 2004 ==========> 04-02-00-ACMQueue-DesigningSensibleAuthentication.txt========== Features: Sensible Authentication Bruce Schneier February 2004 Queue, Volume 1 Issue 10 According to the author of Beyond Fear, it’s not enough to know who you are; you’ve got to prove it. The problem with securing assets and their functionality is that, by definition, you don’t want to protect them from everybody. It makes no sense to ==========> 04-02-00-ACMQueue-RequiringProofOfAuthentication.txt========== Features: Sensible Authentication Bruce Schneier February 2004 Queue, Volume 1 Issue 10 According to the author of Beyond Fear, it’s not enough to know who you are; you’ve got to prove it. The problem with securing assets and their functionality is that, by definition, you don’t want to protect them from everybody. It makes no sense to ==========> 04-02-00-BusCommRev-RethinkingNetworkSecurity.txt========== # "Rethinking Network Security" Business Communications Review (02/04) Vol. 34, No. 2, P. 16; Phifer, Lisa Overcoming the problems of network security and lowering the dangers presented by worms, trojans, and other kinds of malware that so plagued Internet users last year will require a coordinated multi-pronged approach that involves everyone. "Perimeter defense as the sole or primary means of protecting an organization is collapsing, especially as more and more organizations allow partners and customers to connect to them," notes Ian Poynter of Bit 9. Organizations stand a much better chance of recovering from network disruptions ==========> 04-02-00-CACM-SOAP-SimpleObjectAccessProtocolMayLooseAbilityToGetThruFirewalls.txt========== How clean is the future of SOAP? Conan C. Albrecht February 2004 Communications of the ACM, Volume 47 Issue 2 If developers are not wise with its application, SOAP may lose the ability to tunnel through firewalls—an ability that represents one of its primary advantages. Simple Object Access Protocol (SOAP) is the primary transport mechanism for the ==========> 04-02-01-CSOOnline-FourSecurityGrandChallenges.txt========== http://www.csoonline.com/read/020104/shop.html Unlocking Our Future A look at the challenges ahead for computer security BY SIMSON GARFINKEL Forty-two years ago, John F. Kennedy's commitment to landing a man on the moon and returning him safely to the Earth was the epitome of a "Grand Challenge"—the attempt to tackle a problem in science or engineering that is easy to describe but monumentally difficult to solve. More recently, the field ==========> 04-02-02-CompWorld-ITMgrsBiggestProblems-VirusesAndSpam.txt========== http://www.computerworld.com/softwaretopics/software/groupware/story/0,10801,896 37,00.html Dual Curses: Viruses and Spam By Jeff Ubois and Mitch Betts FEBRUARY 02, 2004 Slammer. Bugbear.B. Blaster. Sobig.F. 2003 was the worst year for virus outbreaks in the 20-year history of computer viruses, declares a report by F-Secure Corp. in San Jose. It was a growth year for spam, too, and by ==========> 04-02-02-WSJ-HighProfileWebSecurityFlawsSurface.txt========== # "More Scary Tales Involving Big Holes in Web-Site Security" Wall Street Journal (02/02/04) P. B1; Gomes, Lee The market for Web application security is heating up due to several high-profile security flaws that have been discovered in corporate Web sites. These flaws open the door to incidents of industrial espionage and identity theft, as hackers can use the flaws to gain access to customer databases and information about a company's daily operations. Now that most of the Internet's basic infrastructure has been secured, Web security specialists are trying to improve the security of the software programs that run many corporate Web ==========> 04-02-03-NatJourTechDaily-GAOOfficialUrgesStrengtheningStrategies.txt========== http://www.govexec.com/dailyfed/0204/020304tdpm1.htm February 3, 2004 Official urges strengthening of anti-terrorism strategies By Greta Wodele, National Journal's Technology Daily As the Bush administration implements strategies to fight terrorism, it must strengthen plans that address cybersecurity, data collection and other fields, a government official told lawmakers on Tuesday. ==========> 04-02-03-SFChron-MyDoomPropagatesAttacksAndSpam.txt========== http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2004/02/03/BUG OL4ND9D1.DTL&type=tech Why this one is scarier Mydoom brings computer viruses to new level of sophistication, damage Carrie Kirby, Chronicle Staff Writer Tuesday, February 3, 2004 After "zombie" computers infected with the Mydoom worm knocked a small Utah company's Web site off the Internet on Sunday, Microsoft Corp. is bracing for a ==========> 04-02-03-SJMerc-MyDoomPlaguesSCOAgain.txt========== http://www.siliconvalley.com/mld/siliconvalley/7863286.htm Posted on Tue, Feb. 03, 2004 Mydoom plagues SCO in 2nd day ANOTHER STRAIN PROGRAMMED TO HIT MICROSOFT SITE TODAY By Dan Lee Mercury News ``Mydoom,'' the fastest-spreading Internet virus ever, shut down software maker SCO Group's Web site for a second day Monday with a massive denial-of-service ==========> 04-02-04-GoVCompNews-SenSchumerCallsForMandatoryVirusReporting.txt========== http://www.gcn.com/vol1_no1/daily-updates/24843-1.html Senator calls for mandatory reporting of viruses 02/04/04 By William Jackson, GCN Staff Sen. Charles Schumer (D-N.Y.) said the Homeland Security Department’s virus alert system is flawed and called for a centralized plan for government response to cyberthreats. ==========> 04-02-04-NextGenss-RealReleasesSecurityUpdate.txt========== http://www.nextgenss.com/advisories/realone.txt NGSSoftware Insight Security Research Advisory Name: RealPlayer & RealOne Player Buffer Overruns Systems Affected: RealOne Player, RealOne Player v2, RealOne Enterprise Desktop / RealPlayer Enterprise (all language versions, all platforms) Severity: High Risk Vendor URL: http://www.real.com/ Author: Mark Litchfield [ mark@ngssoftware.com ] ==========> 04-02-04-RealNetworks-RealReleasesSecurityUpdate.txt========== http://www.service.real.com/help/faq/security/040123_player/EN/ RealNetworks, Inc. Releases Update to Address Security Vulnerabilities. Updated February 4, 2004 RealNetworks, Inc. has recently been made aware of security vulnerabilities that could potentially allow an attacker to run arbitrary code on a user's machine. The specific exploits were: ==========> 04-02-05-NYT-ExpertsBlameNaiveUsersForVirusesSpread.txt========== http://www.nytimes.com/2004/02/05/technology/05VIRU.html February 5, 2004 Geeks Put the Unsavvy on Alert: Learn or Log Off By AMY HARMON When Scott Granneman, a technology instructor, heard that one of his former students had clicked on a strange e-mail attachment and infected her computer with the MyDoom Internet virus last week, empathy did not figure anywhere in his immediate response. ==========> 04-02-05-SJMerc-FlawFoundInCheckPointFirewallSoftware.txt========== http://www.siliconvalley.com/mld/siliconvalley/7884681.htm Posted on Thu, Feb. 05, 2004 Security flaw found in common firewall software NEW YORK (Dow Jones/AP) -- Two dangerous software flaws that could become attractive targets for hackers have been discovered in widely used computer-security software made by Check Point Software Technologies Ltd. If hackers create programs to exploit the flaws, which security experts found ==========> 04-02-08-NYTMag-TheVirusUnderground.txt========== http://www.nytimes.com/2004/02/08/magazine/08WORMS.html?ex=1076821200&en=f03e835 0a90218d0&ei=5062&partner=GOOGLE February 8, 2004 The Virus Underground By CLIVE THOMPSON This is how easy it has become. Mario stubs out his cigarette and sits down at the desk in his bedroom. He pops ==========> 04-02-09-CNETNews-DoomjuiceVirusFeedsOnMyDoomInfections.txt========== http://news.com.com/2100-7349_3-5156105.html?tag=nefd_top New viruses feed on MyDoom infections By Robert Lemos Staff Writer, CNET News.com Story last modified February 9, 2004, 4:45 PM PST Two worms that take advantage of computers whose security has already been compromised started spreading on Monday, antivirus software companies warned. ==========> 04-02-09-NetCraft-MyDoomDDoSAttacksBeseigeMSServers.txt========== http://news.netcraft.com/archives/2004/02/09/wwwmicrosoftcom_probably_under_sieg e_from_ddos.html Posted by richm at February 9, 2004 05:20 PM www.microsoft.com probably under siege from DDoS Performance Microsoft's main web site at www.microsoft.com experienced performance problems this morning, probably due to a DDoS attack launched by a new version of the MyDoom virus. A dynamically updating graph is available here, with performance data for all ==========> 04-02-09-NewsFact-LinuxMayHaveSecurityVulnerabilities.txt========== http://www.newsfactor.com/story.xhtml?story_title=Linux_Security_on_the_Ropes&st ory_id=23156 Linux Security on the Ropes By James Maguire Enterprise Security Today February 9, 2004 7:58PM Veteran programmers have brought lifetimes of experience to Linux's development, including an awareness of the "gotchas" of OS security, says Paula ==========> 04-02-09-WSJ-InternetSafety.txt========== # "The Net: Safety, Blogs and Protocols" Wall Street Journal (02/09/04) P. R3; Wingfield, Nick; Mangalindan, Mylene; Swisher, Kara Uncertainty abounds when the topic is the immediate future of the Internet, and while the subject is debated regularly on email lists, Web sites, and discussion groups, corporations and individuals will have a hand in shaping the technology. Hackers have stepped up their attacks, prompting concerns from security experts that a major attack is on the horizon, but terrorism concerns have given government agencies and companies more of an incentive to shore up ==========> 04-02-09-ZDNet-NokiaAdmitsBluetoothSecurityHolesInCellPhones.txt========== http://news.zdnet.co.uk/0,39020330,39145886,00.htm Nokia admits multiple Bluetooth security holes Munir Kotadia ZDNet UK February 09, 2004, 17:50 GMT Nokia has admitted that a number of its Bluetooth handsets are vulnerable to bluesnarfing - in which data can be stolen from a phone without the owner's knowledge ==========> 04-02-10-CNETNews-DoomjuiceVirusFeedsOnMyDoomInfections.txt========== http://news.com.com/2100-7349_3-5156836.html MyDoom author may be covering tracks By Robert Lemos Staff Writer, CNET News.com Story last modified February 10, 2004, 4:05 PM PST A worm that started spreading on Sunday places the source code for the original MyDoom virus on victims' hard drives, an action equivalent to planting evidence, antivirus experts said Tuesday. ==========> 04-02-10-ElectricNews-ExpertDownplaysNokiaBluetoothSecurityProblems.txt========== http://www.electricnews.net/news.html?code=9390452 Expert plays down 'bluesnarfing' threat Tuesday, February 10 2004 by Matthew Clark Nokia has apparently admitted that certain Bluetooth-enabled devices are susceptible to 'bluesnarfing' attacks, but not everyone is convinced the threat is severe. ==========> 04-02-10-SJMerc-MSWarnsAboutCriticalWindowsSecurityFlaws.txt========== http://www.siliconvalley.com/mld/siliconvalley/7920476.htm Posted on Tue, Feb. 10, 2004 Microsoft warns consumers about major Windows security flaws WASHINGTON (AP) - Microsoft Corp. warned customers Tuesday about unusually serious security problems with its Windows software that could let hackers quietly break into their computers to steal files, delete data or eavesdrop on sensitive information. ==========> 04-02-10-TechWeb-DoomjuiceVirusFeedsOnMyDoomInfections.txt========== http://www.techweb.com/wire/story/TWB20040210S0015 Why Is MyDoom Author Spreading Source Code? February 10, 2004 (3:58 p.m. EST) By Gregg Keizer, TechWeb News The author of the MyDoom.c worm is a sneaky hacker who is spreading the original MyDoom's source code in an effort to throw authorities off his track, a security analyst said Tuesday. ==========> 04-02-11-PCWorld-DHSReleasesCybersecurityReportCard.txt========== http://www.pcworld.com/news/article/0,aid,114749,00.asp Is Cyberspace Getting Safer? Federal agency issues one-year cybersecurity report card and describes goals for security efforts. Adrienne Newell, Medill News Service Wednesday, February 11, 2004 WASHINGTON -- The cybersecurity branch of the federal Homeland Security Department is taking stock not quite a year after its inception, pointing to ==========> 04-02-11-SJMerc-MSWarnsAboutCriticalWindowsSecurityFlaws.txt========== http://www.siliconvalley.com/mld/siliconvalley/7926529.htm Posted on Wed, Feb. 11, 2004 `Critical' flaw in Windows found MICROSOFT OFFERS PATCH TO FIX ERROR By Dan Lee Mercury News Microsoft warned computer users Tuesday about a ``critical'' flaw in its Windows operating system that could give hackers control of computers. ==========> 04-02-11-TechWeb-DoomjuiceVirusToLaunchDDoSOnMSWebsite.txt========== http://news.netcraft.com/archives/2004/02/11/doomjuiceb_refines_ddos_attack_agai nst_microsoft.html Posted by richm at February 11, 2004 03:11 PM DoomJuice.B Refines DDoS Attack Against Microsoft Performance A new version of the DoomJuice worm seeks to launch a more effective denial of service attack on Microsoft's web site tomorrow, according to F-Secure. The new worm, DoomJuice.B, sets random HTTP headers to make it more difficult to filter the attack traffic, seeking to work around a defensive measure used ==========> 04-02-12-CompWorld-GAOWarnsCAPPSIIFacesDelays.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,90157,00.html Airline passenger screening system faces delays By DAN VERTON FEBRUARY 12, 2004 WASHINGTON -- The General Accounting Office warned today that the Transportation Security Administration's high-tech system to screen airline passengers for terrorist connections faces significant testing and deployment delays, which could affect the program's ultimate success. ==========> 04-02-12-WashPost-CongressAndCybersecurity.txt========== http://www.washingtonpost.com/wp-dyn/articles/A26684-2004Feb9.html Transcript Congress and Cybersecurity Government's Pressing Cybersecurity Issues Rep. Adam Putnam (R-Fla.) House Subcommittee Thursday, February 12, 2004; 10:30 AM ==========> 04-02-13-CNETNews-WindowsCodeUpForGrabs.txt========== http://news.com.com/2100-7349_3-5158905.html?tag=nefd_top Windows code up for grabs By Robert Lemos Staff Writer, CNET News.com Story last modified February 13, 2004, 9:15 AM PST Microsoft is investigating how a file containing some protected source code to Windows 2000 was posted to several underground sites and chat rooms. ==========> 04-02-13-InfoWorld-IBMAndCiscoSeekBetterSecurity.txt========== http://www.infoworld.com/article/04/02/13/HNibmciscosecurity_1.html IBM, Cisco team on network security Companies will integrate a number of products to address network security threats Tech giants IBM Corp. and Cisco Systems Inc. are collaborating to address network security threats such as hackers, worms, and viruses, the companies said on Friday. Under a new agreement, they are integrating a number of products, allowing ==========> 04-02-13-SJMerc-IBMAndCiscoSeekBetterSecurity.txt========== http://www.siliconvalley.com/mld/siliconvalley/7946744.htm Posted on Fri, Feb. 13, 2004 IBM, Cisco jointly seek better security By Dan Lee Mercury News Technology giants IBM and Cisco Systems today are announcing plans to link their products in an effort to better protect customers' computer networks from worms, viruses and other attacks. ==========> 04-02-13-TechNewsWorld-HackersForHire.txt========== http://www.technewsworld.com/perl/story/32847.html Hackers for Hire By Jack M. Germain TechNewsWorld February 13, 2004 Some security experts suggest the trend toward using hackers to test the security of computer systems is changing. Thomas Patterson, the former regional partner for Deloitte & Touche Security Services Group, likened the practice of ==========> 04-02-13-WashPost-WindowsSourceCodeIllegallyLeaked.txt========== http://www.washingtonpost.com/wp-dyn/articles/A38314-2004Feb12.html Windows Source Code Segments Were Leaked By Brian Krebs Special to The Washington Post Friday, February 13, 2004; Page E01 Microsoft Corp. last night confirmed that portions of the source code for two versions of its Windows operating system have leaked onto the Internet, a security breach that could give hackers important intelligence about how to ==========> 04-02-15-CIOMag-CIOsChooseIntegratedSecurityProducts.txt========== http://www.cio.com/archive/021504/et_article.html Feb. 15, 2004 Issue of CIO Magazine Thinking Inside the Box Buying one security product containing an arsenal of capabilities is convenient, cheap and potentially dangerous BY JOHN EDWARDS SECURITY | Like the mosquitoes that relentlessly swarm across the 49th state ==========> 04-02-16-BostonGLobe-ComputerMonocultureDebated.txt========== http://www.boston.com/business/technology/articles/2004/02/16/biology_stirs_soft ware_monoculture_debate/ Biology stirs software 'monoculture' debate By Justin Pope, Associated Press, 2/16/2004 CAMBRIDGE -- Dan Geer lost his job but gained his audience. The very idea that got the computer security specialist fired has sparked serious debate in information technology. The idea, borrowed from biology, is that Microsoft Corp. has nurtured a software "monoculture" that threatens global computer ==========> 04-02-16-EWeek-WindowsCodeLeakShowsIEVulnerability.txt========== http://www.eweek.com/article2/0,4149,1528040,00.asp First Fallout from Code Leak Hits the Web By David Morgenstern February 16, 2004 Updated: A security company on Monday alerted clients of a new vulnerability to Internet Explorer 5, one attributed to the recent leak of Microsoft Corp. Windows source code. Microsoft confirmed the problem late in the day. ==========> 04-02-16-SJMerc-SpammersExploitHighSpeedInternetConnections.txt========== http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7966797.htm Posted on Mon, Feb. 16, 2004 Spammers exploit high-speed connections ANICK JESDANUN Associated Press NEW YORK - Next time you're looking for a culprit for all that junk mail flooding your inbox, have a glance in the mirror. Spammers are increasingly exploiting home computers with high-speed Internet connections into which ==========> 04-02-16-StanfordU-PasswordsAreInsufficient.txt========== http://www.sciencedaily.com/releases/2004/02/040216084152.htm Source: Stanford University Date: 2004-02-16 Passwords To Guard Entry Aren't Enough To Protect Complex Data Passwords to guard entry aren't enough to protect complex data - security mechanisms also must protect what goes out. "Data can easily find itself in danger of being accessed by 'bad guys,'" says ==========> 04-02-17-ECommTimes-SecurityIsWirelessWeakestLink.txt========== http://www.ecommercetimes.com/perl/story/32874.html Security Still Reigns as Wireless 'Weakest Link' By Helen Gallagher E-Commerce Times February 17, 2004 The flexibility of being virtually anywhere is the draw of wireless networks, but the back end of that benefit is the need for security. ==========> 04-02-17-PCMag-CanEmailSurvive.txt========== http://www.pcmag.com/article2/0,4149,1464011,00.asp Can E-Mail Survive? February 17, 2004 By Cade Metz Last year was not a good year for e-mail. In spring 2003, the steady flow of unsolicited and unwanted messages reached a tipping point. According to Postini, a California company whose e-mail– filtering service processes 150 to 200 million messages a day, spam finally accounted for more than half of all ==========> 04-02-18-ITMgmt-SomeSmallWormsInCirculation.txt========== http://itmanagement.earthweb.com/secu/article.php/3314551 Flurry of Worms Hits Companies Already on Guard February 18, 2004 By Sharon Gaudin A handful of smaller worms are loose in the wild, and though they're not as wide-spread or as destructive as some of their malicious counterparts, they're causing a flurry of problems around the globe. ==========> 04-02-19-EWeek-LinuxSercurityHolesFoundAndFixed.txt========== http://www.eweek.com/article2/0,4149,1530811,00.asp Serious Linux Security Holes Uncovered and Patched February 19, 2004 By Steven J. Vaughan-Nichols Several security vulnerabilities in the Linux kernel were uncovered on Wednesday by a Polish security group. The problems were verified by Linux kernel developers and then fixed with a set of updates. ==========> 04-02-20-MIT-NSAWorkingOnInternetSecurity.txt========== http://www.mit-kmi.com/articles.cfm?DocID=384 Converging on Network Security NSA is taking on a host of new security challenges as wired, wireless and IP-based networks grow more interoperable. By Cheryl Gerber The National Security Agency (NSA) has spearheaded a number of initiatives to tackle the toughest network security problems ever, from Internet interoperability and network convergence to wireless vulnerabilities. ==========> 04-02-21-SJMerc-MainsoftInTroubleOverLeakedWindowsSource.txt========== http://www.siliconvalley.com/mld/siliconvalley/8008074.htm Posted on Sat, Feb. 21, 2004 Mainsoft put in spotlight over leaked source code By Dan Lee Mercury News Mainsoft used to be one of hundreds of small, private technology companies working in relative anonymity across Silicon Valley. ==========> 04-02-22-NewSci-NewAMDProcessorsStopBufferOverflowHoles.txt========== http://www.newscientist.com/news/news.jsp?id=ns99994696 Chips to ease Microsoft's big security nightmare 10:00 22 February 04 Exclusive from New Scientist Print Edition. Subscribe and get 4 free issues. Chip makers are planning a new generation of microprocessors that should plug the gaps that led Microsoft to issue a "critical security alert" last week. The alert was sparked by the discovery that a raft of Microsoft programs were ==========> 04-02-23-EWeek-CongressToReviewTechAgenda.txt========== http://www.eweek.com/article2/0,4149,1539542,00.asp Congress to Review Tech Agenda February 23, 2004 By Caron Carlson Congress faces a relatively brief session this year, with the autumn election portending a timely adjournment, but several IT issues will demand lawmakers' attention. The top contenders will be cyber-security, Internet taxes and spyware. ==========> 04-02-23-NWFusion-RSAShowHighlightsNewProducts.txt========== http://www.nwfusion.com/news/2004/0223rsashow.html RSA show to highlight new security approaches By Ellen Messmer Network World, 02/23/04 The 10,000 people expected to attend the RSA Conference 2004 this week in San Francisco will be treated to new approaches to the age-old security problems of fixing vulnerabilities and verifying user identities. ==========> 04-02-23-WSJ-ComputerSecurityEffortsIntensify.txt========== # "Computer-Security Efforts Intensify" Wall Street Journal (02/23/04) P. B4; Clark, Don; Wingfield, Nick; Hanrahan, Tim An annual conference hosted by RSA Security will be held this week, with email fraud, spam, and new ways to hinder such practices through the authentication of company and user IDs being major topics of discussion. Bolstering information has increased in importance because corporations may now be liable for lost or compromised data thanks to new legislation. One proposed solution is Sender Permitted From (SPF), in which senders' servers post their IP addresses so that email recipients can verify that incoming messages are from ==========> 04-02-25-CompWorld-LatestMydoomVariantCanDeleteFiles.txt========== http://www.computerworld.com/securitytopics/security/virus/story/0,10801,90468,0 0.html Latest Mydoom variant can delete files By Scarlet Pruitt FEBRUARY 25, 2004 The latest variant of the Mydoom virus, discovered Friday, is still spreading and actively deleting files from victims' computers, security researchers warned today. ==========> 04-02-25-LATimes-CyberSecurityWarningSounded.txt========== http://www.latimes.com/news/nationworld/nation/la-na-cyber24feb25,1,1813415.stor y?coll=la-headlines-nation Cyber-Terrorism Warning Sounded The U.S. is vulnerable to a one-two punch of violence and hacking, senators are told. By Jon Marino Times Staff Writer February 25, 2004 ==========> 04-02-25-SJMerc-MSUnveilsNewSecurityInitiatives.txt========== http://www.siliconvalley.com/mld/siliconvalley/8036835.htm Posted on Wed, Feb. 25, 2004 Microsoft unveils new security initiatives By Dan Lee Mercury News With his company under mounting criticism for security flaws and lapses, Microsoft Chairman Bill Gates on Tuesday showed off its latest steps to protect computer users from viruses, worms, spam and other Internet threats. ==========> 04-02-25-ZDNet-SenBennettSaysInfoSharingKeyToCybersecurity.txt========== http://techupdate.zdnet.com/techupdate/stories/main/Information_sharing_is_key_t o_thwarting_cyber_attacks.html Tech Update Senator: Information sharing is key to thwarting cyber attacks By Dan Farber February 25, 2004 At the RSA Conference this week, Senator Bob Bennett (R-Utah) was awarded the RSA Award for Excellence in the Field of Public Policy. Bennett, Chief Deputy ==========> 04-02-26-USC-ISI-NSFGrantFundsSelfDefenseForGridComputingNets.txt========== http://www.isi.edu/stories/79.html $2 Million NSF Grant Funds Grid Security Research and Builds Self-Defense Toolkits at USC February 23, 2004 Last Modified: February 26, 2004 Eric Mankin mankin@usc.edu (310) 448-9112 4676 Admiralty Way, Suite 1001 ==========> 04-02-26-WashPost-AntiVirusFirmsRaceToNameViruses.txt========== http://www.washingtonpost.com/wp-dyn/articles/A6924-2004Feb25.html Survival Of the Catchiest In Naming Computer Viruses, Speed and Confusion Rule By Mike Musgrove Washington Post Staff Writer Thursday, February 26, 2004; Page E01 Early one Monday afternoon, Craig Schmugar, virus research manager at computer security firm Network Associates Inc., was at his desk taking a quick look at ==========> 04-02-27-BBC-HackersReverseEngrMSPatchesToExploitHoles.txt========== http://news.bbc.co.uk/1/hi/technology/3485972.stm Hackers exploit Windows patches By Mark Ward BBC News Online technology correspondent Feb. 27, 2004 Malicious hackers and vandals are lazy and wait for Microsoft to issue patches before they produce tools to work out how to exploit loopholes in Windows, say experts. ==========> 04-02-27-BBC-MSAdmitsW95HadNoSecurityFeatures.txt========== http://news.bbc.co.uk/1/hi/technology/3492922.stm Trusting Microsoft over security Security is at the centre of what they do now, says Microsoft. But how can we be sure, asks technology analyst Bill Thompson. Feb. 27, 2004 David Aucsmith is Microsoft's security architect, and he came to London this week to ask forgiveness for his company's former sins. ==========> 04-02-27-FinTimes-InspirationFromNature.txt========== http://search.ft.com/search/article.html?id=040227001025 FEATURES: Inspiration from nature's grand designs By Fiona Harvey Financial Times; Feb 27, 2004 Once out of nature I shall never take My bodily form from any natural thing So wroteW.B. Yeats, imagining instead his future as a creature of pure ==========> 04-02-28-SJMerc-HackersAndSpammersWorkTogether.txt========== http://www.siliconvalley.com/mld/siliconvalley/8066749.htm Posted on Sat, Feb. 28, 2004 AFP/File/Joel Saget Hackers have developed a new version of powerful Mydoom Internet worm that attempts to use infected computers to launch attacks aimed at shutting down Microsoft's main website, experts said. On guard against hackers SECURITY CONFERENCE FOCUSES ON MISCREANTS AND THEIR MOTIVES By Dan Lee ==========> 04-02-29-USACM-HomelandSecurityEfforts.txt========== ACM Washington Update Vol 8.2 February 29, 2004 ******************************* [1] USACM Identifies Digital Rights Management Policy Issues [2] USACM Urges Federal Funding to Ensure Secure Elections [3] European Officials Working on Standards for Electronic Voting [4] California Appeals Court Rules in Support of Reverse Engineering [5] House Democrats Release Report on Homeland Security Efforts [6] New Free Trade Agreement Includes Provisions of the US DMCA ==========> 04-03-00-CACM-CreatingAnExperimentalInfrastructionForDevelopingSecurityTechnologies.txt========== Emerging technologies for homeland security: Cyber defense technology networking and evaluation R. Bajcsy, T. Benzel, M. Bishop, B. Braden, C. Brodley, S. Fahmy, S. Floyd, W. Hardaker, A. Joseph, G. Kesidis, K. Levitt, B. Lindell, P. Liu, D. Miller, R. Mundy, C. Neuman, R. Ostrenga, V. Paxson, P. Porras, C. Rosenberg, J. D. Tygar, S. Sastry, D. Sterne, S. F. Wu March 2004 Communications of the ACM, Volume 47 Issue 3 Creating an experimental infrastructure for developing next-generation ==========> 04-03-00-CACM-EmergingTechnologiesForCyberSecurity.txt========== Emerging technologies for homeland security: Cyber defense: art to science O. Sami Saydjari March 2004 Communications of the ACM, Volume 47 Issue 3 Seeking the knowledge and means to more methodically detect, defend against, and better understand attacks on networked computer resources. Imagine that you lead an organization under cyber attack on your critical information systems. What questions are you likely to ask? ==========> 04-03-00-CACM-IncreasedComputerPerformanceIncreasesSecurityDemands.txt========== Security watch: Superscaled security Rebecca T. Mercuri March 2004 Communications of the ACM, Volume 47 Issue 3 Exponential increases in computational speed, memory capacity, and bandwidth impose futuristic security demands and challenges. Advances in high-performance computing have found their counterpart in new security threats. Yet there is an interesting twist in that computational ==========> 04-03-00-SCMag-FBIProjectDevelopsInto10000MemberInfraGardOrganization.txt========== http://www.scmagazine.com/features/index.cfm?fuseaction=FeatureDetails&newsUID=2 3048cda-cc74-47ec-a13a-335d3a05f629&newsType=Features Defender of U.S. cyberspace by Marcia Savage SC Magazine March 2004 Marcia Savage asks Phyllis Schneck, InfraGard's national chair, how an FBI pilot project developed into a collaborative group of more than 10,000 ==========> 04-03-00-TechRev-ICANNIssues.txt========== # "Domain Master" Technology Review (03/04) Vol. 107, No. 2, P. 74; Frauenfelder, Mark Internet Corporation for Assigned Names and Numbers (ICANN) CEO Paul Twomey says that his organization must remained focused on maintaining a single interoperable Internet while meeting the needs of international constituents. ICANN is responsible to governments, businesses, academics, and Internet users for the maintenance and upgrade of core Internet identifiers such as IP addresses, protocol parameters, domain names, and the Internet root server system. Controversy about ICANN erupted at the United Nations' World Summit on ==========> 04-03-00-Wired-SchneierOnAntiTerrorismSecurity.txt========== http://www.wired.com/wired/archive/12.03/view.html?pg=2 America's Flimsy Fortress All the money spent on security since 9/11 has done little to make us safer. By Bruce Schneier Every day, some 82,000 foreign visitors set foot in the US with a visa, and since early this year, most of them have been fingerprinted and photographed in the name of security. But despite the money spent, the inconveniences suffered, and the international ill will caused, these new measures, like most instituted ==========> 04-03-01-CommSysDes-PacketInspectionSystemsAidSecurity.txt========== http://www.commsdesign.com/news/showArticle.jhtml?articleID=18201203 Comm Sys Design Passing packets under ever more scrutiny By Ron wilson and Loring Wirbel EE Times Mar 01, 2004 One of the design goals of the Internet Protocol was easy routing. The router only had to look at address information in the packet header to determine what ==========> 04-03-01-NWFusion-AntiSpamAppliancesBetterThanSoftware.txt========== http://www.nwfusion.com/columnists/2004/0301faceoffyes.html Anti-spam appliances are better than software By Tim Chiu Network World, 03/01/04 Appliances are a much better choice than software for spam protection because they address the broad range of security threats facing large companies, small businesses, service providers, and educational and government institutions. Deployed at the edge of a customer's network, gateway appliances provide the ==========> 04-03-03-NetMag-XMLsAVDLSchemaSimplifiesSecurityPatching.txt========== URL: http://www.networkmagazine.com/shared/article/showArticle.jhtml?articleId=182018 11 Security Patching: Easy As 1-2-3 By David Greenfield 03/03/2004 2:00 PM EST A new Extensible Markup Language (XML)-based specification released last week stands to revolutionize the way security devices communicate with one another, ==========> 04-03-03-SJMerc-NewSystemsAllowsOwnersToHoldCreditCards.txt========== http://www.siliconvalley.com/mld/siliconvalley/8093523.htm Posted on Wed, Mar. 03, 2004 Holding your credit cards close By Elise Ackerman Mercury News Police blotters do not usually inspire high-tech product pitches. But a report last month that the San Jose Police Department had busted two fraud rings for skimming credit card numbers seemed the perfect opportunity to highlight a new ==========> 04-03-04-ChamNewsGaz-NCSADevelopsSecurityVizTool.txt========== http://www.news-gazette.com/story.cfm?Number=15562 Tools let network operators see their way to security By GREG KLINE © 2004 THE CHAMPAIGN NEWS-GAZETTE Published Online March 4, 2004 Had it not taken place in East Central Illinois, it might have seemed like an odd conversation for two computer networking guys to be having. More than a year ago, Jim Barlow, chief security engineer at the National ==========> 04-03-04-SJMerc-VirusWritersDisableOtherViruses.txt========== http://www.siliconvalley.com/mld/siliconvalley/8104415.htm Posted on Thu, Mar. 04, 2004 Virus writers launch competing attacks CODES BEING TWEAKED TO DISABLE OTHER WORMS By Dan Lee Mercury News The already unsavory community of Internet virus writers is getting nastier. ==========> 04-03-04-WashPost-VirusWritersAttackOtherViruses.txt========== http://www.washingtonpost.com/wp-dyn/articles/A28548-2004Mar3.html Dueling Viruses Are Latest Computer Pest Consumers and Businesses Caught in the Crossfire as Hackers Take Aim at Each Other By Mike Musgrove Washington Post Staff Writer Thursday, March 4, 2004; Page E01 The programmers behind the ongoing wave of computer worms and viruses hitting ==========> 04-03-05-TechNewsWorld-SelfInnoculatingComputers.txt========== http://www.technewsworld.com/perl/story/33045.html What's Good About Computer Viruses By Diane Stresing TechNewsWorld March 5, 2004 "The Internet is a totally connected infrastructure," said Steve Trilling, senior director of research at Symantec. "That means we're only as strong as the weakest link." If every computer user simply protected his or her own ==========> 04-03-08-EWeek-IndustryReadiesCyberSecurityPlan.txt========== http://www.eweek.com/article2/0,1759,1542843,00.asp The Path to Safety? By Caron Carlson March 8, 2004 EWeek Industry readies plan for pre-emptive network defense. Later this month some of the largest companies in the United States, led by the ==========> 04-03-08-PCWorld-ApproachesToSecureAndSpamlessEmail.txt========== http://www.pcworld.com/news/article/0,aid,115100,00.asp Competing Technologies Shake Up E-Mail How will rival authentication schemes change the way we communicate online? Paul Roberts, IDG News Service Monday, March 08, 2004 Microsoft's recent announcement of a host of initiatives to stop unsolicited commercial e-mail, or spam, highlighted some tectonic shifts taking place in the once staid world of Internet messaging. The company's announcement was made ==========> 04-03-13-ECommTimes-ProblemsMayDoomPasswords.txt========== http://www.ecommercetimes.com/perl/story/33103.html The End of Passwords By Elizabeth Millard E-Commerce Times March 13, 2004 "The way passwords are used is dangerous right now," said Michael Wood, vice president of sales at Lavasoft, a firm that produces anti-spyware software. He told the E-Commerce Times that he often hears stories about individuals gaining ==========> 04-03-14-Oregonian-UCBResearchersFundedForVirusLab.txt========== http://www.oregonlive.com/search/index.ssf?/base/business/1079182548140830.xml California researchers' new center will study, test computer viruses Scientists will use a $5.5 million federal grant for a facility to combat serious threats in a systematic way 03/14/04 BOB KEEFE Oregonian BERKELEY, Calif. -- For every virus or disease known to humankind, legions of ==========> 04-03-14-SJMerc-PassMarkIconLetsUsersVerifySiteAuthenticity.txt========== http://www.siliconvalley.com/mld/siliconvalley/8184224.htm Posted on Sun, Mar. 14, 2004 INTERNET SECURITY: THREE START-UPS San Jose Mercury-News PassMark's icon lets users verify site's authenticity Start-up PassMark Security seeks to foil Internet ``phishing'' scams by using something as simple as a photo of a butterfly or the Eiffel Tower to let users ==========> 04-03-14-SJMerc-ReconnexHardwareHelpsTrackInfoLeaks.txt========== http://www.siliconvalley.com/mld/siliconvalley/8184219.htm Posted on Sun, Mar. 14, 2004 Reconnex hardware helps track info leaks Mountain View start-up Reconnex aims to build a better system for snooping -- or at least for helping companies track employees online. The company has created hardware that it says large corporations can use to stop employees who -- intentionally or accidentally -- leak confidential ==========> 04-03-14-SJMerc-Reconnex-PassMark-ServGate-NewInternetSecurityFirms.txt========== http://www.siliconvalley.com/mld/siliconvalley/8184225.htm Posted on Sun, Mar. 14, 2004 INTERNET SECURITY: THREE START-UPS Protect or perish FIRMS COMPETE IN MARKET TO SHORE UP WEB'S SAFETY By Dan Lee Mercury News Start-ups rushing to develop Internet security seem to be popping up almost as ==========> 04-03-14-SJMerc-ServGateHasMultiThreatSecurityServiceForFirms.txt========== http://www.siliconvalley.com/mld/siliconvalley/8184221.htm Posted on Sun, Mar. 14, 2004 ServGate has `multi-threat' security service for firms ServGate Technologies, a Milpitas start-up, has a broad approach to computer security but is going after a narrow set of customers. The company sells a ``blended, multi-threat device'' for small businesses and branch offices of large companies that want protection from Internet risks. ==========> 04-03-15-CompWorld-NewBookTellsHowToExploitSecurityHoles.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,91265,00.html Experts publish 'how to' book for software exploits It includes 'zero day' techniques for exploiting vulnerable computer systems News Story by Paul Roberts MARCH 15, 2004 (IDG NEWS SERVICE) - A new book by leading security researchers on writing code to exploit security flaws in software, including Microsoft Corp.'s Windows operating system, has raised some eyebrows in the technical community for its publishing of "zero day," or previously unknown, techniques ==========> 04-03-17-CompWorld-QualitySoftwareCanImproveSecurity.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,91316,00.html Q&A: Quality software means more secure software Author Gary McGraw discusses hacker exploits, the state of software quality Q&A by Mark Willoughby MARCH 17, 2004 (COMPUTERWORLD) - Gary McGraw, chief technology officer at Cigital Inc. in Dulles, Va., has become a leading voice in software quality and information security. His latest book, published in February, is Exploiting Software: How to Break Code, co-authored with Greg Hoglund. He has a bachelor's ==========> 04-03-17-UPI-WarringVirusWritersThreatenCybersecurity.txt========== http://www.upi.com/view.cfm?StoryID=20040316-074543-4996r The Web: Hacker turf war raging online By Gene J. Koprowski UPI Technology News Published 3/17/2004 9:16 AM CHICAGO, march 17 (UPI) -- A battle for the control of cyberspace by computer criminals -- similar in intensity to a turf war between rival mob families -- is underway on the Internet. ==========> 04-03-17-WashPost-PhatbotP2PTrojanHorseInfectsManyComputers.txt========== http://www.washingtonpost.com/wp-dyn/articles/A444-2004Mar17.html Hackers Embrace P2P Concept Experts Fear 'Phatbot' Trojan Could Lead to New Wave of Spam or Denial-of-Service Attacks By Brian Krebs washingtonpost.com Staff Writer Wednesday, March 17, 2004; 6:23 AM Computer security experts in the private sector and U.S. government are ==========> 04-03-18-Wired-AntiVirusSoftwareWontStopFastSpreadingViruses.txt========== http://www.wired.com/news/infostructure/0,1377,62558,00.html?tw=newsletter_topst ories_html Cashing In on Virus Infections By Michelle Delio 02:00 AM Mar. 18, 2004 PT After a recent epidemic of computer viruses that seemed much worse than usual, security experts are questioning whether the antivirus software industry is working hard enough -- or has enough incentive -- to develop new and better ==========> 04-03-18-WSJ-VirusesPossibleThreatToSmartCellphones.txt========== "Viruses Lurk as a Threat to 'Smart' Cellphones" Wall Street Journal (03/18/04) P. B4; Nasaw, David The growing power of "smart phones" is increasing their susceptibility to malware, which Network Associates predicts could cost North American wireless carriers as much as $2.5 billion in two years. As a result, the wireless industry is preparing itself for a major virus assault that targets intelligent cellular phones. Less advanced "dumb" phones may not be vulnerable to a virus infection, but an attack on smart phones could have an impact on voice traffic for all phones in a cell network, because voice and some data are piped along ==========> 04-03-19-TriValHerald-ResearchersVieForDHSFunding.txt========== http://www.trivalleyherald.com/Stories/0,1413,86%257E10669%257E2027912,00.html Article Last Updated: Friday, March 19, 2004 - 7:13:19 AM PST Scientists vying for special funds Berkeley researchers By Ian Hoffman, STAFF WRITER For his pitch at the fastest-growing research fund in the nation, David Culler upended a box of circuitry on his desk. ==========> 04-03-22-NatJourTechDaily-MarkleForumCallsForGovtSecurityNetwork.txt========== http://www.govexec.com/dailyfed/0304/032204tdpm2.htm March 22, 2004 Foundation showcases data-sharing network, urges action By Mathew Honan for National Journal's Technology Daily STANFORD, Calif. -- Panelists at a Stanford University law school forum on Friday called for the creation of a homeland security information network and demonstrated a prototype of how such a system would work. ==========> 04-03-23-CNETNews-VirusCausesRIAASiteToGoDown.txt========== http://news.com.com/2100-1025_3-5177914.html?tag=nefd_top Real's Glaser exhorts Apple to open iPod By Michael Kanellos Staff Writer, CNET News.com Story last modified March 23, 2004, 10:47 AM PST SCOTTSDALE, Ariz.--RealNetworks CEO Rob Glaser has a message for Apple Computer chief Steve Jobs: Open iPod or shrivel. ==========> 04-03-25-NYT-InstantMessagingUsedToSendSpamAndViruses.txt========== http://www.nytimes.com/2004/03/25/technology/circuits/25mess.html March 25, 2004 When Instant Messages Come Bearing Malice By SANDEEP JUNNARKAR New York Times ICK GROLEAU, a 40-year-old technical manager from Mountain View, Calif., received a message last month from a friend on his AOL Instant Messenger buddy list alerting him that Osama bin Laden had been captured. When he clicked on a ==========> 04-03-26-TechNewsWorld-SWConfigurationMgmtCouldImproveSecurity.txt========== http://www.technewsworld.com/perl/story/33203.html TECHNOLOGY SPECIAL REPORT: IT Security and Software Development By David Halperin TechNewsWorld March 26, 2004 "Configuration management is particularly important," D.K. Matai, executive chairman of mi2g, a UK-based security analyst and digital risk management ==========> 04-03-29-CNETNews-XMLSecurityIssues.txt========== http://news.com.com/2100-7345_3-5180510.html Extra headaches of securing XML By Martin LaMonica Staff Writer, CNET News.com Story last modified March 29, 2004, 4:00 AM PST Creating a popular new computing approach always seems to bring with it a familiar catch-22: security issues. And Web services is no exception. ==========> 04-03-29-CompWorld-InsideSymantecSecurityOpsCenter.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,91629,00.html ?SKC=home91629 Frontline Defenders An inside look at how one of Symantec's security operations centers protects clients from cyberattacks. News Story by Dan Verton MARCH 29, 2004 (COMPUTERWORLD) - It's three o'clock on a Friday afternoon, and Tim Hillyard is monitoring an ongoing cyberintrusion into the network of a ==========> 04-03-29-EWeek-RAINSGroupDevelopsSpecForSharingSensitiveData.txt========== http://www.eweek.com/article2/0,1759,1556003,00.asp National Security Spec Advances March 29, 2004 By Dennis Fisher EWeek A group of technology companies and government agencies this week will unveil an open specification for securely sharing sensitive information across heterogeneous networks in times of crisis. ==========> 04-03-29-NetWorld-InterviewWithMotorolaSecurityVPBoni.txt========== http://www.nwfusion.com/news/2004/0329yourtakeboni.html Talking security with Motorola's William Boni By Ellen Messmer Network World, 03/29/04 Being in IT security is more than a full-time job for William Boni. As Motorola's vice president and chief information security officer, Boni oversees security for a global network supporting some 100,000 end users. He also recently helped form an IT security consortium with counterparts from other ==========> 04-03-29-NetWorld-PatchMgmtBestDefenseAgainstVulnerabilities.txt========== # "Face-Off: Is Patch Management the Best Defense Against Vulnerabilities?" Network World (03/29/04) Vol. 21, No. 13, P. 44; Schultze, Eric; Hofmeyr, Steven Shavlik Technologies chief security architect Eric Schultze contends that intrusion-prevention systems (IPSes), anti-virus software, and firewalls alone cannot shield computers against known software flaws, and that patch management is the key ingredient for ensuring network security. Schultze likens a software patch to medicine in that it attacks the disease--the flaw itself--rather than the symptoms. He explains that it is not always known that a patch for one bug could also remedy another error elsewhere in the operating system, which is why ==========> 04-03-31-BosGlobe-TechGroupUrgesFedSecurityStandards.txt========== http://www.boston.com/business/technology/articles/2004/03/31/industry_urges_tec h_security_upgrades/ Industry urges tech security upgrades By Ted Bridis, AP Technology Writer, 3/31/2004 WASHINGTON -- In a surprise shift, leading software companies acknowledge in a report to the Bush administration that government might need to force the U.S. technology industry to improve the security of America's computer networks. ==========> 04-03-31-PennState-NewDigitalPostmarkingInvention.txt========== http://www.eurekalert.org/pub_releases/2004-03/ps-nmp033104.php Public release date: 31-Mar-2004 Contact: Barbara Hale bah@psu.edu 814-865-9481 Penn State New marking process traces spammers, pirates and hackers Penn State researchers have proposed a new marking process for Internet ==========> 04-04-00-ACMQueue-SecurityRisksOfInstantMessaging.txt========== Features: Instant Messaging or Instant Headache? John Stone, Sarah Merrion April 2004 Queue, Volume 2 Issue 2 IM has found a home within the enterprise, but it’s far from secure. It’s a reality. You have IM (instant messaging) clients in your environment. You have already recognized that it is eating up more and more of your network bandwidth—and with Microsoft building IM capability into its XP operating ==========> 04-04-00-CACM-TheRisksOfPasswordReuse.txt========== The domino effect of password reuse Blake Ives, Kenneth R. Walsh, Helmut Schneider April 2004 Communications of the ACM, Volume 47 Issue 4 One weak spot is all it takes to open secured digital doors and online accounts causing untold damage and consequences. Password security is an essential form of user authentication both on the Internet and for internal organizational computing systems. Password protection ==========> 04-04-00-UCB-CITRIS-UnivResearchersDevelopTestbedForNetAttackStudy.txt========== http://citris.berkeley.edu/newsletter/2004_newsletters/april_04/feature.htm In Defense of Cyberspace April 2004, Vol. 3, No. 2 Karl Levitt is preparing to unleash some of the most dastardly worms and viruses ever encountered on the Internet. Fortunately, the UC Davis professor of computer science is initiating the cyber-attacks in an effort to develop new defenses against the malicious computer code. Levitt is the co-principal investigator on a new CITRIS project called Evaluation Methods in Internet ==========> 04-04-01-CSOOnline-ChallengesImplemetingCybersecurity.txt========== http://www.csoonline.com/read/040104/nightmare.html The Interactive Nightmare The best thing about the modern computer network is also its chief liability: Everything's connected, with on-ramps conveniently located everywhere. BY TODD DATZ CONSIDER THE following scenario. Members of a terrorist organization announce one morning that they will shut down the Pacific Northwest electric power grid for six hours starting at 4 p.m.; they then do so. The same group then ==========> 04-04-01-EUOrders8NationsToAdoptSpamAndCookieLaws.txt========== http://www.siliconvalley.com/mld/siliconvalley/8330290.htm Posted on Thu, Apr. 01, 2004 EU orders eight nations to adopt laws on spam, cookies BRUSSELS, Belgium (AP) - The European Union ordered eight countries Thursday to enact privacy legislation governing ``spam'' e-mail and Internet ``cookies.'' It was the second warning sent to the countries, which have two months to comply or face lawsuits before the European Court of Justice. ==========> 04-04-03-TechNewsWorld-TheMythOfTheSecureOperatingSystem.txt========== http://www.technewsworld.com/perl/story/33293.html The Myth of the Secure Operating System By David Halperin TechNewsWorld April 3, 2004 "Forget about the OS," Laura DiDio, senior analyst at the Yankee Group, told TechNewsWorld. "Don't even argue those merits. Every piece of software that is connected is potentially vulnerable and at risk." ==========> 04-04-05-FinTimes-ExistingEffortsCannotStopRisingTideOfThreats.txt========== # "Poised to Strike: The Battle Waged by Computer Outlaws Enters a New and Deadly Phase of Sophistication" Financial Times (04/05/04) P. 13; Morrison, Scott; Waters, Richard Existing computer security efforts are not sufficient to stop the rising tide of threats, including the synergistic activities of hackers, virus writers, and spammers. The computer security industry is currently on par with medical practice in 1820s, according to Cryptography Research President Paul Kocher. Last year's Blaster and Slammer worms were able to spread worldwide in a matter of minutes thanks to a growing interconnectedness among systems, more ==========> 04-04-05-NetWorld-ShouldUsersOrSWSuppliersBeResponsibleForSecurity.txt========== http://www.nwfusion.com/news/2004/0405cybersecurity.html Who's responsible for cybersecurity? By Carolyn Duffy Marsan Network World, 04/05/04 WASHINGTON, D.C. - The debate over whether corporate network executives or their software suppliers should shoulder the burden for improving the nation's cybersecurity is shifting direction as pressure mounts for vendors to ship safer products. ==========> 04-04-06-GovCompNews-WorkingGroupSuggest25WaysToImproveITSecurity.txt========== http://gcn.com/vol1_no1/security/25514-1.html Group suggests 25 ways to improve IT security 04/06/04 By Jason Miller, Covernment Computer News Staff Working group offers 25 ways to improve IT security A combination of new legislation, public outreach and insurance changes would enhance government and corporate cybersecurity, according to an industry and academic workgroup. ==========> 04-04-06-NewSci-EmailAttackCouldKillEmailServers.txt========== http://www.newscientist.com/news/news.jsp?id=ns99994858 Email attack could kill servers 14:29 06 April 04 NewScientist.com news service A crafty way of knocking out any email server using a few carefully constructed emails has been identified by a team of computer security experts. The trick involves sending forged emails that contain thousands of incorrect ==========> 04-04-07-ECommTimes-Interview-AntiVirusExpertMikkoHypponen.txt========== http://www.ecommercetimes.com/perl/story/33338.html In the Trenches with Antivirus Guru Mikko Hypponen By Elizabeth Millard E-Commerce Times April 7, 2004 "All reverse engineers and virus crackers are here in my team, which works from our headquarters in Helsinki," F-Secure's Mikko Hypponen told the E-Commerce Times. "Right now we have people from Finland, Hungary, Spain, Bulgaria and ==========> 04-04-07-TechRev-PureSWActWouldMandateLabeling.txt========== http://www.technologyreview.com/articles/wo_garfinkel040704.asp The Pure Software Act of 2006 100 years ago, Congress passed a law requiring honest labeling of food and drugs. Now the time has come to do the same for software. By Simson Garfinkel The Net Effect April 7, 2004 Spyware is the scourge of desktop computing. Yes, computer worms and viruses ==========> 04-04-08-CNETNews-RealNetworksIssuesSecurityPatch.txt========== http://news.com.com/2100-1002_3-5187769.html?tag=nefd.top Plug-in flaw leaves RealPlayer users open to attack By Michael Kanellos Staff Writer, CNET News.com Story last modified April 8, 2004, 4:31 PM PDT RealNetworks has issued a patch for a security flaw in one of its plug-ins that could let an attacker gain control of computers running any of several versions of the company's popular media player software. ==========> 04-04-08-MacCentral-IntegoIssuesMacOSXTrojanHorseWarning.txt========== http://maccentral.macworld.com/news/2004/04/08/trojan/?lsrc=mcrss-0404 MacCentral Macworld's News Source Intego issues Mac OS X Trojan Horse warning By Jim Dalrymple jdalrymple@maccentral.com April 08, 2004 3:10 pm ET Macintosh security specialists, Intego on Thursday issued a security warning to its customers for the first Trojan horse to affect Mac OS X. Dubbed MP3Concept ==========> 04-04-08-USCERT-VulnerabilityInInternetExplorerITSProtocolHandler.txt========== http://www.us-cert.gov/cas/techalerts/TA04-099A.html National Cyber Alert System Technical Cyber Security Alert TA04-099A Vulnerability in Internet Explorer ITS Protocol Handler Original release date: April 8, 2004 Last revised: -- Source: US-CERT Systems Affected ==========> 04-04-09-FedReg-DHSDataIntegrityAndPrivacyAdvisoryCommitteeSeekingMembers.txt========== [Federal Register: April 9, 2004 (Volume 69, Number 69)] [Notices] [Page 18923] >From the Federal Register Online via GPO Access [wais.access.gpo.gov] [DOCID:fr09ap04-72] ============================================================------------ ----------------------------------------------------------- ==========> 04-04-09-Wired-SomeExpertsSayOSXTrojanHorseNotAPoroblem.txt========== http://www.wired.com/news/mac/0,2125,63000,00.html?tw=rss.TOP OS X Trojan Horse Is a Nag By Leander Kahney 12:44 PM Apr. 09, 2004 PT (Editor's note: This story corrects an earlier report that stated that the Macintosh operating system had become a target of a malicious Trojan Horse.) Security experts on Friday slammed security firm Intego for exaggerating the ==========> 04-04-10-ECommTimes-OpenessOfTCP-IPPosesSecurityProblems.txt========== http://www.ecommercetimes.com/perl/story/security/33344.html The Porous Internet and How To Defend It By Elizabeth Millard E-Commerce Times 04/10/04 1:30 AM PT "Because of the way TCP/IP works, it's an open network," Columbia University assistant professor Angelos Keromytis told the E-Commerce Times. "Other network technologies don't have that problem. They have other issues, but only IP is ==========> 04-04-12-CNETNews-RiskOfBrowserBasedMaliciousCodeAttacksOnRise.txt========== http://news.com.com/2100-7355_3-5190037.html Concern grows over browser security By Marguerite Reardon Staff Writer, CNET News.com Story last modified April 12, 2004, 11:14 AM PDT Browser-based security threats are on the rise and may pose the next significant risk to information technology operations, according to a technology trade association. ==========> 04-04-12-GovExec-HomelandSecurityAndITIndustryDevelopSecurityFramework.txt========== http://www.govexec.com/dailyfed/0404/041204tdpm2.htm April 12, 2004 Government, firms unveil cybersecurity framework By Ted Leventhal, National Journal's Technology Daily A partnership between the Homeland Security Department and the information technology industry unveiled a framework for security governance on Monday, calling computer and information security a new fiduciary responsibility of chief executives. ==========> 04-04-15-SJMerc-HackersAccessUnivResearchComputers.txt========== http://www.siliconvalley.com/mld/siliconvalley/8436302.htm Posted on Thu, Apr. 15, 2004 Hackers target college sites STANFORD COMPUTERS ARE AMONG THEM By Dan Lee Mercury News In an apparent coordinated attack, hackers recently broke into powerful computers at universities and research organizations, including Stanford ==========> 04-04-16-InfoWorld-HackersAccessUnivResearchComputers.txt========== http://www.infoworld.com/article/04/04/16/HNsuper_1.html Supercomputer hacks highlight ed security challenge Openness vs. protection issues arise By Paul Roberts, IDG News Service April 16, 2004 BOSTON - The recent intrusions on supercomputers at leading U.S. research universities highlight a growing problem: college campuses struggling to maintain academic openness while protecting staff and students from Internet-borne viruses and malicious hackers. ==========> 04-04-19-EETimes-NoGeneralUseOSsIsSecure.txt========== http://www.eetimes.com/sys/news/showArticle.jhtml?articleID=18901858 Linux: unfit for national security? By Charles J. Murray EE Times April 19, 2004 (11:29 AM EDT) CHICAGO — Days after an embedded-industry CEO stirred up a firestorm by charging that Linux poses a threat to U.S. security, two prominent computing-security experts said last week that some developers are already ==========> 04-04-19-NetWorld-SecurityHolesForcesRethinkingProgrammingProcesses.txt========== http://www.nwfusion.com/news/2004/0419codereview.html Security holes force firms to rethink coding processes By Ellen Messmer Network World, 04/19/04 Microsoft's issuance last week of 14 security patches raised fears that worm-based attacks would follow and sparked discussion on how to better build code. ==========> 04-04-19-ZDNet-ProfilesOfFamousHackers.txt========== http://www.zdnet.com.au/insight/0,39023731,39116620,00.htm Hackers: Under the hood Patrick Gray and Fran Foo, ZDNet Australia April 19, 2004 Adrenalin pumping through their veins as lines of code are crunched to perfection. Well, that's how it is in the movies anyway. Welcome to the real world of hackers. ==========> 04-04-20-CFP2004-WhoIsWatchingTheWatchers.txt========== http://campus.acm.org/public/membernet/storypage.March.2004.cfm?story=6 "Who's Watching the Watchers" Focus of 14th Computers, Freedom and Privacy Conference April 20-23, 2004 "The program lineup, with topics virtually grabbed from the headlines, is clear evidence that these security and privacy issues are central to the way we live and work." -- Deirdre Mulligan, Chair, CFP2004 ==========> 04-04-20-InetWeek-TCPFlawCouldAllowRemoteShutDown.txt========== http://internetweek.com/security02/showArticle.jhtml?articleID=18902471 TCP Vulnerable, But Net Won't Go Down By Gregg Keizer, TechWeb News, InternetWeek Apr 20, 2004 (9:00 PM) A flaw in the basic TCP protocol used to transmit data across the Internet quickly seized the attention of security professionals Tuesday as various government agencies and security firms posted alerts warning that an exploit could let attackers to shut down connections between servers and routers. ==========> 04-04-20-US-CERT-TCPFlawCouldAllowRemoteShutDown.txt========== http://www.us-cert.gov/cas/techalerts/TA04-111A.html National Cyber Alert System Technical Cyber Security Alert TA04-111A Vulnerabilities in TCP Original release date: April 20, 2004 Last revised: -- Source: US-CERT Systems Affected ==========> 04-04-20-WashPost-TCPFlawCouldAllowRemoteShutDown.txt========== http://www.washingtonpost.com/wp-dyn/articles/A27890-2004Apr20.html Experts Race to Fix Serious Internet Flaw By Brian Krebs washingtonpost.com Staff Writer Tuesday, April 20, 2004; 4:40 PM Computer security experts in the United States and Britain today confirmed that a new method has been identified that could make it easy for hackers to disrupt Internet communications worldwide, prompting a months-long, quiet effort to ==========> 04-04-21-CommutarianNet-GapingHolesInDriversLicenseSystems.txt========== Press Release -- NEW REPORT REVEALS GAPING SECURITY HOLES IN STATE DRIVER’S LICENCE SYSTEMS A "community briefing" entitled "Do We Need a National Identification Card?" will be held today in the Zenger Room of the National Press Club at 1:30 pm (529 14th St. NW, 13th Floor). The briefing will include the release of a new report on the holes in state licensing practices and their implications for national security(available at www.communitariannetwork.org). A panel of distinguished scholars will then discuss this controversial topic and answer questions from the audience. ==========> 04-04-21-CRN-CiscoReportsRouterSecurityFlaws.txt========== http://www.crn.com/sections/BreakingNews/dailyarchives.asp?ArticleID=49560 Cisco Reports Security Flaw In Routers, Switches By Jennifer Hagendorf Follett CRN 1:14 PM EST Wed., Apr. 21, 2004 Cisco Systems Tuesday warned of a new vulnerability that leaves its routers and switches open to denial-of-service (DoS) attacks. ==========> 04-04-21-SJMerc-TCPFlawCouldAllowRemoteShutDown.txt========== http://www.siliconvalley.com/mld/siliconvalley/8477867.htm Posted on Wed, Apr. 21, 2004 Internet Technology Vulnerable to Hackers TED BRIDIS Associated Press WASHINGTON - Researchers uncovered a serious flaw in the underlying technology for nearly all Internet traffic, a discovery that led to an urgent and secretive international effort to prevent global disruptions of Web surfing, ==========> 04-04-21-ZDNet-NewProductsCheckForSecurityProblemsFromTheInside.txt========== http://techupdate.zdnet.com/techupdate/stories/main/Security_from_the_inside_out .html Security from the inside out By Dan Farber, Tech Update April 21, 2004 Thousands of researchers and product developers are looking for silver bullets that will secure enterprises from malicious cyberattacks. Most security specialists agree that finding a cure for security ills is like trying to find ==========> 04-04-21-ZDNet-TCPFlawThreatOverstatedSaysDiscoverer.txt========== http://zdnet.com.com/2100-1105-5197184.html Net threat overstated, says security researcher By Robert Lemos CNET News.com April 21, 2004, 3:08 PM PT VANCOUVER, British Columbia--Widespread reports about a flawed communications protocol making the Internet vulnerable to collapse were overblown, according to the researcher credited with uncovering the security problem. ==========> 04-04-22-CNETNews-BluetoothStillHasSecurityIssues.txt========== http://news.com.com/2100-1009-5197200.html Expert: Gaps still pain Bluetooth security By Robert Lemos Staff Writer, CNET News.com Story last modified April 22, 2004, 4:34 PM PDT VANCOUVER, British Columbia--The latest specification of Bluetooth, a popular short-range wireless technology, has left serious security issues unfixed, according to a wireless researcher. ==========> 04-04-22-IntlHeraldTrib--CiscoReportsRouterSecurityFlaws.txt========== http://www.iht.com/articles/516357.html Copyright © 2003 The International Herald Tribune | www.iht.com Flaw leaves Cisco machines vulnerable Reuters Reuters Thursday, April 22, 2004 WASHINGTON A flaw in traffic-routing computers made by Cisco Systems could allow hackers to knock Web sites offline, snarl e-mail and disrupt other Internet activity, U.S. computer security officials warned Wednesday. ==========> 04-04-22-SJMerc-ChinaDownplaysDelayInWirlessSecurityStandard.txt========== http://www.siliconvalley.com/mld/siliconvalley/8495074.htm Posted on Thu, Apr. 22, 2004 China Downplays Wireless Security Delay ELAINE KURTENBACH Associated Press SHANGHAI, China - The Chinese government downplayed Thursday a decision to delay adoption of new security standards for wireless communications as part of a key trade deal. ==========> 04-04-22-WashPost-IndustryGroupReportSaysTechProvidersShouldMakeSaferProducts.txt========== http://www.washingtonpost.com/wp-dyn/articles/A32480-2004Apr21.html Who Should Keep Out The Hackers? By Jonathan Krim Washington Post Thursday, April 22, 2004; Page E01 The calm of a few months without a major attack of a computer worm, virus or other form of cyber-harassment was rattled hard this week. ==========> 04-04-23-WSJ-ChinaShelvesWirlessSecurityStandard.txt========== # "China Will Keep Pursuing Digital Standards" Wall Street Journal (04/23/04) P. B1; Chen, Kathy Despite its decision to shelve a wireless-encryption standard in response to international pressure, China is going ahead with other initiatives to set standards for global technologies such as radio-frequency identification (RFID) and digital compression. Not only would this approach better position China to negotiate royalties or technology transfers, but would give Chinese industries an edge over competitors by claiming early ownership of nascent technologies. U.S. companies have been rattled by China's standardization efforts, which, if ==========> 04-04-24-SJMerc-TCPFlawCouldAllowRemoteShutDown.txt========== http://www.siliconvalley.com/mld/siliconvalley/8510250.htm Posted on Sat, Apr. 24, 2004 Tech sleuth tracked down Net flaw just for the `thrill' By Dan Lee Mercury News Paul Watson is still digesting his flash of Internet fame this week, when he became the talk of the cybersecurity world. ==========> 04-04-26-EWeek-RecentUnixAttacksBasedOn1986HanoverHackersMethodology.txt========== http://www.eweek.com/article2/0%2C1759%2C1573024%2C00.asp Crackers Redux: New Attacks Ape Hannover Hackers' Tactics By Dennis Fisher April 26, 2004 If the recent compromises of Unix and Linux machines at supercomputing centers and research universities around the country do nothing else, they should prove once and for all that there is nothing new under the sun. ==========> 04-04-29-SJMerc-BarnesAndNobleFixesLeakThatExposedPersonalInfo.txt========== http://www.siliconvalley.com/mld/siliconvalley/8551804.htm Posted on Thu, Apr. 29, 2004 Barnes & Noble.com Fixes Security Breach Associated Press NEW YORK - Barnes & Noble.com has reached an agreement with New York state authorities concerning an Internet security breach that exposed the personal information of some of the online book seller's customers. ==========> 04-04-30-DetFreePress-CompanySecurityLapsesAllowedIllegalSpamToBeSent.txt========== http://www.siliconvalley.com/mld/siliconvalley/8556729.htm Posted on Fri, Apr. 30, 2004 Spam charges just raise more security questions BY MIKE WENDLAND FREE PRESS COLUMNIST Federal officials were jubilant Thursday about the criminal and civil charges they filed this week against four alleged spammers from Oakland County, Mich. But the spam war has only just begun. ==========> 04-04-30-SJMerc-CompanySecurityLapsesAllowedIllegalSpamToBeSent.txt========== http://www.siliconvalley.com/mld/siliconvalley/8556729.htm Posted on Fri, Apr. 30, 2004 Spam charges just raise more security questions BY MIKE WENDLAND FREE PRESS COLUMNIST Federal officials were jubilant Thursday about the criminal and civil charges they filed this week against four alleged spammers from Oakland County, Mich. But the spam war has only just begun. ==========> 04-05-00-CACM-FinancialOrganizationsMustMaintainSecurityAwareness.txt========== New architectures for financial services: Who will rob you on the digital highway? Ton Slewe, Mark Hoogenboom May 2004 Communications of the ACM, Volume 47 Issue 5 Traditionally at the forefront of security awareness, financial organizations must maintain this status as they move further into the Internet realm. In the not-so-distant past, bandits and highwaymen frequently roamed the major ==========> 04-05-00-Cisco-SelfDefendingNetwork.txt========== http://www.cisco.com/en/US/netsol/ns340/ns394/ns171/ns413/networking_solutions_p ackage.html CISCO SELF-DEFENDING NETWORK Introduction The Cisco Self-Defending Network strategy describes the Cisco vision for security systems. In the past, threats from both internal and external sources were relatively slow moving and easy to defend against. In today’s environment, ==========> 04-05-00-SWDevMag-GuideToHomelandSecurity.txt========== http://www.sdmagazine.com/documents/s=9145/sdm0405a/sdm0405a.html Software Development May 2004 Special Guide to Homeland Security Connecting the Dots In November 2002, Congress passed legislation to create the Department of Homeland Security, unifying 22 agencies under one umbrella in the largest government reorganization since the 1947 creation of the Department of Defense. ==========> 04-05-03-CNETNews-NetskyVirusAuthorsClaimAuthorshipOfSasserWorm.txt========== http://news.com.com/2100-7355_3-5204930.html?tag=nl Netsky authors possibly penned Sasser By Robert Lemos Staff Writer, CNET News.com Story last modified May 3, 2004, 3:25 PM PDT The unknown team of programmers who created the latest variant of the Netsky virus claim to be the authors of the Sasser worm--and researchers have found evidence that supports that assertion. ==========> 04-05-03-InfoWeek-ExposingCustomerDataAConstantThreat.txt========== http://www.informationweek.com/story/showArticle.jhtml?articleID=19400012 Breach Of Trust Data breaches are a constant threat and put companies in danger of losing their most valuable asset: customer trust By George V. Hulme, InformationWeek May 3, 2004 When Christina Guilbert got a call from her bank in March about an attempt to steal money from her account, she was alarmed--and suspicious. How could ==========> 04-05-03-ISTResults-OperatingComputerSecurityIncidentResponseTeams.txt========== http://istresults.cordis.lu/index.cfm?section=news&tpl=article&BrowsingType=Feat ures&ID=64880 Building a secure network to secure networks IST Results May 3, 2004 Computer security - or the apparent lack of it - is increasingly a worry for network administrators. But viruses and other such vulnerabilities are no mystery for Europe's Computer Security Incident Response Teams, now also ==========> 04-05-03-SJMerc-SasserWormSpreadsRapidly.txt========== http://www.siliconvalley.com/mld/siliconvalley/8579000.htm Posted on Mon, May. 03, 2004 New worm races around the world NEW YORK (AP) - A pesky computer worm snarled hundreds of thousands of machines worldwide Monday in the latest virus-like outbreak to take advantage of a known flaw with the Windows operating system. Because the new worm, dubbed ``Sasser,'' does not require users to click on an ==========> 04-05-05-CompResNews-MSShelvesNextGenerationSecureComputingBase-NGSCB.txt========== http://www.crn.com/sections/BreakingNews/dailyarchives.asp?ArticleID=49936 Microsoft Shelves NGSCB Project As NX Moves To Center Stage Windows XP SP2 hooks into No Execute technology in newer AMD, Intel processors By Paula Rooney CRN 9:32 AM EST Wed., May 05, 2004 After a year of tackling the Windows security nightmare, Microsoft has killed its Next-Generation Secure Computing Base (NGSCB) project and later this year ==========> 04-05-05-TechWeb-SecurityProblemsIncreaseTotalCostOfWindows.txt========== http://www.techweb.com/wire/story/TWB20040505S0008 Gartner: Worms Jack Up the Total Cost of Windows May 5, 2004 (2:58 p.m. EST) By Gregg Keizer, TechWeb News Dealing with widespread worms like Sasser raises the cost of using Windows, a research analyst said Wednesday. Mark Nicolett, research director at Gartner, recommended that enterprises boost ==========> 04-05-07-TechNewsWorld-WirelessPDAsAndSmartphonesAreHackersHeaven.txt========== http://www.technewsworld.com/story/33681.html TECHNOLOGY SPECIAL REPORT: Wireless PDAs and Smartphones: A Hacker's Heaven By Jack M. Germain TechNewsWorld 05/07/04 5:30 AM PT "On the enterprise level, PDAs and smartphones are used for mission-critical applications and data storage. We can address those security concerns with ==========> 04-05-08-SJMerc-InformersIdentifySasserWormCreatorForMSReward.txt========== http://www.siliconvalley.com/mld/siliconvalley/8620097.htm Posted on Sat, May. 08, 2004 Teen Confesses to Creating 'Sasser' Worm CLAUS-PETER TIEMANN Associated Press HANOVER, Germany - A German high-school student has confessed to creating the "Sasser" worm that generated chaos across the globe by infecting hundreds of thousands of computers, authorities said Saturday. ==========> 04-05-10-CompWorld-BluetoothSecurityConcerns.txt========== http://www.computerworld.com/mobiletopics/mobile/story/0,10801,93031,00.html Security threats raise concerns about Bluetooth Some IT managers take steps to limit wireless use; vendors claim risks aren't widespread News Story by Bob Brewin MAY 10, 2004 (COMPUTERWORLD) - Potential security risks posed by the Bluetooth wireless technology are prompting some IT managers to rein in use of Bluetooth-equipped mobile phones and PCs on their networks. ==========> 04-05-10-EWeek-EUCybercrimeLawsTooRestrictive.txt========== http://www.eweek.com/article2/0,1759,1584278,00.asp Cyber-Crime Laws Hurt More Than They Help May 10, 2004 The Council of Europe's Convention on Cybercrime is too far-reaching. A developer arrested for writing software to read electronic books; third-party product vendors hauled into court for providing product interoperability; a popular and highly effective security product for stopping worms pulled from the Internet due to fear that the developer is breaking a state law; users ==========> 04-05-10-EWeek-TrustedComputingGroupsWorkingOnWirelessSecuritySpec.txt========== http://www.eweek.com/article2/0,1759,1590243,00.asp Spec in Works to Secure Wireless Networks By Mark Hachman May 10, 2004 The Trusted Computing Group said Monday that it is working on a specification to ensure that wireless clients connecting to a network won't serve as a back door to worms and crackers. ==========> 04-05-10-Guardian-SasserWormAuthorClaimsHeWasHelpingHisMother.txt========== http://www.guardian.co.uk/germany/article/0%2c2763%2c1213053%2c00.html Sasser boy wonder was helping mum Ben Aris in Berlin Monday May 10, 2004 The Guardian To those who knew him in the sleepy German village, he was a nice, shy young fellow who spent too long on his computer in his bedroom at home. ==========> 04-05-10-IDG-InformersIdentifySasserWormCreatorForMSReward.txt========== http://www.idg.com.sg/idgwww.nsf/0/CBE0B78C8E655AA448256E90000D29A7?OpenDocument Microsoft virus bounty leads to Sasser arrest By Martyn Williams IDG News Service, Tokyo Bureau 10-05-2004 A multi-million dollar Microsoft Corp. reward program to encourage people to identify computer virus writers has led to the arrest of a teenager in Germany on suspicion of writing the Sasser computer worm. ==========> 04-05-11-IOL-SasserWormAuthorClaimsHeWasHelpingHisMother.txt========== http://www.iol.co.za/index.php?click_id=115&art_id=vn20040511083801234C753822&se t_id=1 'Papa, I've put out a computer worm' May 11 2004 at 08:38AM Berlin - A German whiz kid who has confessed to writing a crippling computer worm that has caused chaos around the world may have been trying to help his mother's small "PC Help" business, state prosecutors have said. ==========> 04-05-15-ArsTechnica-BreakinCompromisesCiscoSourceCode.txt========== http://arstechnica.com/news/posts/1084683212.html Cisco Source Code Stolen Posted 05/15/2004 @ 11:53 PM by Eric Bangeman A Russian security site is reporting that the source code for the Cisco IOS 12.3 Operating System was stolen. According to the report, some hackers compromised Cisco's corporate network and stole at least 800MB of source code. One of those who allegedly gained access boasted about the break-in and made a ==========> 04-05-15-SecurityLab-BreakinCompromisesCiscoSourceCode.txt========== http://www.merit.edu/mail.archives/nanog/msg04266.html North American Network Operators Group Re: CiSCO IOS 12.* source code stolen * From: Alexei Roudnev * Date: Sun May 16 00:58:43 2004 Cisco source codes never were a top secret, many people around the world had access to them (and I believe, it explains Cisco's stability and success). ==========> 04-05-19-CNETNews-SecurityFlawsInOpenSourceRepositorySystems.txt========== http://news.com.com/Flaws+drill+holes+in+open-source+repository/2100-1002_3-5216 353.html Flaws drill holes in open-source repository By Robert Lemos Staff Writer, CNET News.com Story last modified May 19, 2004, 1:42 PM PDT Flaws in two popular source code repository applications could allow attackers to access and corrupt open-source software projects, a security researcher said ==========> 04-05-19-MacNewsWorld-MacOSXSecurityFlawPlaguesWebBrowsers.txt========== http://www.macnewsworld.com/story/33887.html OS X Security Flaw Plagues Web Browsers By Blane Warrene MacNewsWorld 05/19/04 2:24 PM PT In an exclusive interview Wednesday, "lixlpixel," the person who discovered the flaw, told MacNewsWorld that, after waiting on Apple's reply, he finally posted the advisory to a Swiss Macintosh Web site. "This is how Secunia picked up on ==========> 04-05-19-NewsFact-NonProgrammersCanNowCreateViruses.txt========== http://www.newsfactor.com/story.xhtml?story_title=How-Are-Script-Kiddies-Outwitt ing-I-T--Security-Experts-&story_id=24111&category=netsecurity How Are Script Kiddies Outwitting I.T. Security Experts? By Lisa Valentine Enterprise Security Today May 19, 2004 1:33PM "Ten years ago, you needed good programming skills to write a virus, but today there are ready made virus-writing programs on the market so you can write a ==========> 04-05-24-InfoWorld-AppleSecurityPatchStillLeavesUsersVulnerable.txt========== http://www.infoworld.com/article/04/05/24/HNappledismay_1.html Apple fig-leaf security patch causes dismay Security experts say fix leaves Mac users vulnerable By Matthew Broersma, Techworld May 24, 2004 A critical patch for Mac OS X issued on Friday leaves Mac users as vulnerable to attacks as they were before the fix, according to a security company. Last week researchers warned of two serious vulnerabilities in Apple Computer ==========> 04-05-25-InfoWorld-RussiaBecomingMajorSourceOfVirusWriters.txt========== http://www.infoworld.com/article/04/05/25/HNrussianviruses_1.html Viruses nip Russia after the Cold War Situation likely to worsen as virus writing becomes a lucrative occupation in former Soviet Union By John Blau, IDG News Service May 25, 2004 For all its disadvantages, the former Soviet Union had one hugely overlooked advantage: it kept hackers, crackers and virus writers confined inside the country by restricting their access to the Internet. ==========> 04-05-25-USAToday-CIAInfoTechInPoorState.txt========== http://www.usatoday.com/tech/columnist/kevinmaney/2004-05-25-smart_x.htm Posted 5/25/2004 10:13 PM Updated 5/26/2004 4:13 AM CIA's spy tools make Maxwell Smart's look like toys The CIA these days seems about as technologically adept as Maxwell Smart. USA Today Scene from one Get Smart show. Max and the Chief are in a lab. A phone disguised as a test tube rings. ==========> 04-05-26-CNETNews-SourceCoderCheckingProgramsMightFindVulnerabilities.txt========== http://news.com.com/2100-1002_3-5220488.html Will code check tools yield worm-proof software? By Robert Lemos Staff Writer, CNET News.com Story last modified May 26, 2004, 4:00 AM PDT When Microsoft needed help in taming the large number of flaws that had crept into its Windows operating system, it looked to technology known as "static ==========> 04-05-27-EWeek-First64BitMalwareAppears.txt========== http://www.eweek.com/article2/0,1759,1602191,00.asp First 64-Bit Malware for Windows Appears May 27, 2004 By Larry Seltzer Symantec Security Response has revealed that it has analyzed the first 64-bit Windows attack code. The attack is a proof of concept with no payload. Named W64.Rugrat.3344 by ==========> 04-05-30-SJMerc-ManyWiFiSystemsNotSecure.txt========== http://www.siliconvalley.com/mld/siliconvalley/8800147.htm Posted on Sun, May. 30, 2004 Many Wireless Networks Lack Security MATTHEW FORDAHL Associated Press SAN JOSE, Calif. - With a laptop perched in the passenger seat of his Toyota 4Runner and a special antenna on the roof, Mike Outmesguine ventured off to sniff out wireless networks between Los Angeles and San Francisco. He got a big ==========> 04-06-00-ACMQueue-AnotherLookAtTheCostOfTheBlasterWorm.txt========== Queue Focus: Blaster Revisited Jim Morrison June 2004 Queue, Volume 2 Issue 4 A second look at the cost of Blaster sheds new light on today's blended threats. The following tale is based upon actual circumstances from corporate enterprises that were faced with confronting and eradicating the Blaster worm, which hit in August 2003. The story provides views from many perspectives, ==========> 04-06-00-ACMQueue-BuildingSecureVirtualMachineSystems.txt========== Queue Focus: Building Systems to Be Shared, Securely Poul-Henning Kamp, Robert Watson July 2004 Queue, Volume 2 Issue 5 Want to securely partition VMs? One option is to put 'em in Jail. The history of computing has been characterized by continuous transformation resulting from the dramatic increases in performance and drops in price described by Moore’s law. Computing “power” has migrated from centralized ==========> 04-06-00-ACMQueue-FewTechnologiesForGuardingAgainstInsiderSecurityRisks.txt========== Queue Focus: Perfect Storm: The Insider, Naivety, and Hostility Herbert H Thompson, Richard Ford June 2004 Queue, Volume 2 Issue 4 Keeping nasties out if only half the battle. Every year corporations and government installations spend millions of dollars fortifying their network infrastructures. Firewalls, intrusion detection systems, and antivirus products stand guard at network boundaries, and ==========> 04-06-00-ACMQueue-IsSecurityAProblemThatCantBeSolved.txt========== Departments: From the Editors: The New Screen of Death Edward Grossman June 2004 Queue, Volume 2 Issue 4 Is securitya problem that just can’t be solved? In the olden days (say, all the way back in 1995), the popular complaint about computers was that they crashed too often. And while stability remains a problem in which perhaps there’s still progress to be made, the blue screen of ==========> 04-06-00-ACMQueue-WhyCantWeProduceHighQualitySecureSoftware.txt========== Queue Focus: Security: The root of the Problem Marcus J Ranum June 2004 Queue, Volume 2 Issue 4 Why is it we can't seem to produce secure, high-quality code? It doesn’t seem that a day goes by without someone announcing a critical flaw in some crucial piece of software or other. Is software that bad? Are programmers so inept? What the heck is going on, and why is the problem getting ==========> 04-06-00-ACMUbiquity-SoftwareBasedComputingSecurityAndFaultTolerance.txt========== Software-based computing security and fault tolerance Goutam Kumar Saha June 2004 Ubiquity, Volume 5 Issue 15 This article delineates a software approach to establish computing security and fault tolerance in various computing systems. This low-cost approach is useful to tolerate malicious code modifications and transient faults without additional costs for hardware and extra software versions. ==========> 04-06-00-CACM-AlmostEveryComputerOnTheInternetIsConstantlyScreenedForVulnerabilities.txt========== Viewpoint: The Spinning Cube of Potential Doom Stephen Lau June 2004 Communications of the ACM, Volume 47 Issue 6 Practically every computer linked to the Internet is constantly being scanned for security vulnerabilities and targeted for attack by viruses, worms, and worse. Code Red, Nimda, Blaster, Slammer, Netsky, Bagle. Who hasn't heard these names? ==========> 04-06-00-GovTech-BetterSolutionsNeededForCybersecurity.txt========== http://www.govtech.net/magazine/story.php?id=90471 Government Technology Internet Takedown The Web has increased efficiency and convenience, but its openness leaves us vulnerable. By Jim McKay June 2004 As the nation relies more on the Internet to conduct vital business and ==========> 04-06-00-IEEEComputer-RichardClarkeDiscussesCybersecurity.txt========== http://www.computer.org/security/v2n3/clarke.htm Richard Clarke Talks Cybersecurity and JELL-O Greg Goth When former White House counterterrorism and cybersecurity czar Richard Clarke testified before the independent commission investigating the 9/11 attacks that the US government could and should have done a better job preventing the attacks, he became a lightning rod for both praise and criticism. In the days following his testimony, Clarke's book Against All Enemies, quickly jumped to ==========> 04-06-01-SJMerc-TwoFactorAuthenticationSystemsNeeded-SuperPasswordSystems.txt========== http://www.siliconvalley.com/mld/siliconvalley/8809153.htm Posted on Tue, Jun. 01, 2004 Hacking Sparks Need for Complex Passwords ANICK JESDANUN Associated Press As more Web sites demand passwords, scammers are getting more clever about stealing them. Hence the need for such "passwords-plus" systems. ==========> 04-06-02-NationalJ-FedSecurityOfficialsFaceScrutiny.txt========== http://www.govexec.com/dailyfed/0604/060204tdpm1.htm DAILY BRIEFING June 2, 2004 Top administration cybersecurity officials face scrutiny By William New, National Journal's Technology Daily The Bush administration's top cybersecurity officials on Wednesday faced scrutiny from a House subcommittee on the continued lag in protecting the federal computer networks. ==========> 04-06-03-CERT-MSIEDoesNotProperlyValidateSourceOfRedirectedFrame.txt========== http://www.kb.cert.org/vuls/id/713878 Vulnerability Note VU#713878 Microsoft Internet Explorer does not properly validate source of redirected frame Overview Microsoft Internet Explorer (IE) does not adequately validate the security context of a frame that has been redirected by a web server. An attacker could exploit this vulnerability to evaluate script in different security domains. By ==========> 04-06-03-CNETNews-AppleNeedsToImproveCommunicationAboutSecurity.txt========== http://news.com.com/2100-1002_3-5225115.html For Mac security, communication is key By Ina Fried and Robert Lemos Staff Writer, CNET News.com Story last modified June 3, 2004, 4:00 AM PDT When it comes to security, Apple Computer's report card reads like that of a gifted child: high marks for achievement, but needs to communicate better with others. ==========> 04-06-04-INetWeek-WorstCaseWormCouldCost50BInUSDamages.txt========== http://internetweek.com/security02/showArticle.jhtml?articleID=21401723 Updated Friday, June 4, 2004, 7:00 PM EDT Worst-Case Worm Could Rack Up $50 Billion In U.S. Damages By Gregg Keizer, TechWeb News A worst-case worm attack on the U.S. could easily cost the country $50 billion in direct damages, a pair of security experts said Friday. Nicholas Weaver and Vern Paxson, two security researchers who work with the ==========> 04-06-04-NewSci-PasswordsCanStayOnHardDrivesEvenIfUserDoesNotSaveThem.txt========== http://www.newscientist.com/news/news.jsp?id=ns99995064 Passwords can sit on hard disks for years 10:15 05 June 04 Exclusive from New Scientist Print Edition. Subscribe and get 4 free issues. Typing your password or credit card number into a computer is a moment's work. But if you think your personal details disappear as soon as you hit the Return key, think again: they can sit on the computer's hard disk for years waiting for a hacker to rip them off. ==========> 04-06-07-PCWorld-PolicyVSMarketplaceSolutionsToCybersecurity.txt========== http://pcworld.com/news/article/0,aid,116416,00.asp Cybersecurity: A Job for the Feds? Cyberterror threats are too critical for the industry to handle on its own schedule, experts argue. Grant Gross, IDG News Service Monday, June 07, 2004 WASHINGTON -- The nation's cybersecurity is too important to leave to the free market, gambling that competition and demand will produce secure software, both ==========> 04-06-09-ACMUbiquity-SWApproachToComputerSecurity.txt========== http://www.acm.org/ubiquity/views/v5i15_saha.html Software-Based Computing Security and Fault Tolerance This article delineates a software approach to establish computing security and fault tolerance in various computing systems. This low-cost approach is useful to tolerate malicious code modifications and transient faults without additional costs for hardware and extra software versions. By Goutam Kumar Saha Any computer based system has both real and theoretical weaknesses. Computing ==========> 04-06-09-PCWorld-ExpertsWarmOfVoIPSecurityProblems.txt========== http://www.pcworld.com/news/article/0,aid,116453,00.asp Experts Warn of VOIP Security Flaws Internet phones may be susceptible to worms, viruses, and spam, some say. Matthew Broersma, Techworld.com Wednesday, June 09, 2004 Internet Protocol-based voice networks may be the wave of the future, but they will require a whole new approach to security, warned telecoms experts at the VON Europe Voice over IP conference in London this week. ==========> 04-06-10-GovExec-DHSDecidesNotToUpdateCybersecurityStrategy.txt========== http://www.govexec.com/dailyfed/0604/061004tdpm1.htm June 10, 2004 Homeland Security has no plans to update cybersecurity strategy By William New, National Journal's Technology Daily The time for reviewing the federal cybersecurity strategy has not come yet despite flaws that need to be addressed, a top official said Thursday. "There is no effort to update" the strategy issued by the White House early in ==========> 04-06-15-NetCraft-AkamaiOutageCausedByDoSAttacks.txt========== http://news.netcraft.com/archives/2004/06/15/ddos_attack_cited_in_akamai_outage. html DDoS Attack Cited in Akamai Outage Performance Akamai is confirming that network outages this morning were caused by a distributed denial of service (DDoS) attack that affected its DNS management system. The performance problems affected Microsoft, Google, Yahoo and antivirus update services from Symantec and TrendMicro, which are among Akamai's 1,100 ==========> 04-06-15-Reuters-MSPlanningAntiVirusSWSeparateFromWindows.txt========== http://www.reuters.com/newsArticle.jhtml?type=internetNews&storyID=5429089 Microsoft on Track to Offer Anti-Virus Software Tue Jun 15, 2004 01:46 PM ET SEATTLE (Reuters) - Microsoft Corp. (MSFT.O: Quote, Profile, Research) is still on track to offer an anti-virus product that will compete against similar software offered by Symantec Corp. (SYMC.O: Quote, Profile, Research) and Network Associates Inc. (NET.N: Quote, Profile, Research) , the world's largest software maker said late on Monday. ==========> 04-06-15-SJMerc-AkamaiServedSitesAttacked.txt========== http://www.siliconvalley.com/mld/siliconvalley/8928839.htm Posted on Tue, Jun. 15, 2004 Akamai blames Web slowdown on attack SAN JOSE, Calif. (AP) - Several major Web sites -- including Yahoo!, Microsoft and Google -- were inaccessible at times early Tuesday due to what the company that distributes them online called an attack. The problem began about 9 a.m. EDT and lasted less than two hours, said Jeff ==========> 04-06-16-Bloomberg-MSPlanningAntiVirusSWSeparateFromWindows.txt========== http://www.pittsburghlive.com/x/tribune-review/business/s_199000.html Microsoft worming its way into anti-virus market By Bloomberg News Wednesday, June 16, 2004 Microsoft Corp., whose desktop software was hobbled by the "Blaster" and "Beagle" computer worms, will sell its own anti-virus software, putting it in competition with Symantec Corp. in a $2.8 billion market. ==========> 04-06-16-ZDNet-AkamaiOutageCausedByDoSAttacks.txt========== http://news.zdnet.co.uk/business/0,39020645,39157748,00.htm This story was printed from ZDNet UK, located at http://news.zdnet.co.uk/ Attack downs Yahoo, Google and Microsoft Jim Hu CNET News.com June 16, 2004, 08:35 BST A domain name outage on Tuesday morning that left many popular Web sites, including those of Yahoo, Google, Microsoft and Apple, temporarily inaccessible ==========> 04-06-18-SJMerc0SymbiotProductAttacksHackers.txt========== http://www.siliconvalley.com/mld/siliconvalley/8957335.htm Posted on Fri, Jun. 18, 2004 The network strikes back: Experts worry about tech retaliation MATTHEW FORDAHL Associated Press SAN JOSE, Calif. - In war, politics and sports, it's often said that the best defense is a strong offense. But the foot soldiers of computer security work differently: They scramble to build virtual walls that can blunt the impact of ==========> 04-06-24-EWeek-CompromisedWebsitesInfectVisitorsComputers.txt========== http://www.eweek.com/article2/0,1759,1617046,00.asp DoS Attack May Tap Web Graphics Flaw By Dennis Fisher June 24, 2004 eWeek Security experts are tracking a new piece of malware that appears to be compromising large numbers of Windows PCs and may be laying the groundwork for the creation of a large spamming network or a major attack in the future. ==========> 04-06-25-SansInst-CompromisedWebsitesInfectVisitorsComputers.txt========== http://isc.sans.org/diary.php?date=2004-06-25&isc=f1d0986c128fa2b5e046d8ef8fb666 cd Handler's Diary June 25th 2004 Updated June 25th 2004 19:19 UTC Compromised Web Sites Infect Web Surfers (for more details, also see yesterday's diary: http://isc.sans.org/diary.php?date=2004-06-24 ) Updates will be posted here. ==========> 04-06-25-SJMerc-ScobVirusSpreadsThroughInfectedWebsites.txt========== http://www.siliconvalley.com/mld/siliconvalley/9012987.htm Posted on Fri, Jun. 25, 2004 Web infection may be aimed at stealing financial data San Jose Mercury News NEW YORK (AP) - A computer virus designed to steal valuable information like passwords spread Friday through a new technique that converted popular Web sites into virus transmitters. ==========> 04-06-30-SearchWebSvcs-McNealyFlamesMSandOthersOverSecurityAndJava.txt========== http://searchwebservices.techtarget.com/originalContent/0,289142,sid26_gci990993 ,00.html Sun CEO lashes out at Microsoft, IBM, Red Hat By Benjamin Vigil, Technical Editor 30 Jun 2004 SAN FRANCISCO -- During an otherwise sedate keynote address Tuesday at Sun Microsystems Inc.'s JavaOne conference, Sun chairman and CEO Scott McNealy openly criticized the security of Microsoft's products, IBM's insistence that ==========> 04-06-30-USACMWashUpdate-EUCybercrimeTreatyMovesTowarSenateRatification.txt========== ================================================ ACM Washington Update Vol. 8.6 (June 30, 2004) ================================================ [7] CYBERCRIME TREATY MOVES TOWARD RATIFICATION On June 17th, the Senate Foreign Relations Committee heard testimony regarding the Council of Europe Cybercrime Treaty, which continues to make progress toward ratification in the U.S. Senate. Among other things, the treaty obliges participants to include computer crimes ==========> 04-06-30-USACMWashUpdate-USACMRecommendsChangesToDMCA.txt========== ================================================ ACM Washington Update Vol. 8.6 (June 30, 2004) ================================================ [1] USACM RECOMMENDS CHANGES TO THE DMCA TO PERMIT RESEARCH AND DISCUSSION In a submission to the Congressional Internet Caucus, USACM raised concerns about the chilling effect the DMCA is having on cybersecurity research and the ability of technologists to discover and fix dangerous bugs in code, to analyze and stop malicious code and ==========> 04-07-00-ACMQueue-SecurityIsHarderThanYouThink.txt========== Features: Security is Harder than You Think John Viega, Matt Messier July 2004 Queue, Volume 2 Issue 5 It's not just about the buffer overflow. Many developers see buffer overflows as the biggest security threat to software and believe that there is a simple two-step process to secure software: switch from C or C++ to Java, then start using SSL (Secure Sockets Layer) to protect ==========> 04-07-00-CACM-HIPAACreatesNewSecurityRisksInHealthCareData.txt========== Security watch: The HIPAA-potamus in health care data security Rebecca T. Mercuri July 2004 Communications of the ACM, Volume 47 Issue 7 Regulations intended to improve health care data access have created new security risks along with headaches for patients and practitioners. Deadlines for compliance with the Health Insurance Portability and Accountability Act (HIPAA) have caused a major crunch for the computer security ==========> 04-07-00-CyberDefMag-ExpertsCommentOnCybersecurityStatus.txt========== http://cyberdefensemag.com/july2004/cicover.php Talking Computer Security With Howard Schmidt, Sean Moshir and Stuart McClure CyberDefense Magazine (CDM) gathered the brightest minds in the computer security industry to talk about the latest issues affecting network and IT professionals. Howard Schmidt joined eBay as Vice President and Chief Information Security ==========> 04-07-00-GovTech-Book-TheTransparentSociety-PrivacySecurityTradeoffs.txt========== http://www.govtech.net/magazine/story.php?id=90772 Transparent Privacy Who should be watching the watchers? By Shane Peterson July 2004 Futurist, scientist and author David Brin has long studied what tomorrow could hold for humanity. Several of his novels have been New York Times best sellers, winning multiple Hugo, Nebula and other awards. A 1989 ecological thriller, ==========> 04-07-00-GovTech-SAMLToKeepTrackOfOnlineIdentities.txt========== http://www.govtech.net/magazine/story.php?id=90776 Government Technology Electronic Government Show Us Your ID By Tod Newcombe July 2004 The proliferation of distributed Web-based applications complicates the task of identifying online users. SAML might be the answer. ==========> 04-07-00-IST-SECRETSProjectEvaluatesCybesecurityProtocols.txt========== http://istresults.cordis.lu/index.cfm/section/news/tpl/article/BrowsingType/Feat ures/ID/69166 An eye opener on open source Internet security Opening the eyes of the private and public sectors to the pros and cons of using open source software for Internet security is the SECRETS project, which evaluated two protocols in a series of trials covering e-commerce, mobile communications, network monitoring and intelligent networks. ==========> 04-07-06-EWeek-EnterprisesSlowToDumpInternetExplorer.txt========== http://www.eweek.com/article2/0,1759,1620426,00.asp Enterprises Slow to Dump IE July 6, 2004 By Matt Hicks EWeek The calls to dump Internet Explorer may be getting louder, but they are falling largely on deaf ears among enterprise users. ==========> 04-07-06-NewsFact-ExpertsDebateMSSecurityEfforts.txt========== http://www.newsfactor.com/perl/story/25734.html Microsoft Security Efforts Blasted By Erika Morphy Enterprise Security Today July 6, 2004 12:56PM Security experts are debating Microsoft's efforts to patch vulnerabilities in Internet Explorer that have allowed recent worm attacks. Some say the tech giant is unfairly criticized, since the ubiquity of its software makes it the ==========> 04-07-07-CNETNews-YetAnotherInternetExplorerSecurityFlawFound.txt========== http://news.com.com/Another+Internet+Explorer+flaw+found/2100-7349_3-5259374.htm l?tag=nefd.top Another Internet Explorer flaw found By Robert Lemos Staff Writer, CNET News.com Story last modified July 7, 2004, 5:32 AM PDT A computer science researcher has highlighted the shortcomings of Microsoft's latest patch for its Internet Explorer browser by identifying another way that ==========> 04-07-08-EWeek-PatchReleasedForShellProtocolSecurityProblem.txt========== http://www.eweek.com/article2/0,1759,1621463,00.asp Mozilla Flaw Lets Links Run Arbitrary Programs July 8, 2004 By Larry Seltzer Security researchers are reporting another security issue in Web browsing under Windows, but this time Internet Explorer is not the culprit. The Mozilla Foundation's Mozilla and Firefox are reported as vulnerable. ==========> 04-07-08-GovtCompNews-MoreFundingNeededForCybersecurityResearch.txt========== http://www.gcn.com/vol1_no1/daily-updates/26526-1.html Cybsecurity research underfunded, executives say 07/08/04 By Joab Jackson, GCN Staff The National Science Foundation can only fund a subset of the research proposals it receives on ways to better IT system security, an NSF official said at a House technology subcommittee hearing. ==========> 04-07-08-PCWorld-NoFedResponseToCybercrimeTaskForceRecommendations.txt========== http://www.pcworld.com/news/article/0,aid,116818,00.asp Feds Drag Feet on Cybersecurity Task force ideas on implementing cybersecurity strategy go without a response. Mark S. Sullivan, Medill News Service Thursday, July 08, 2004 WASHINGTON -- Business and government representatives teamed up in March to recommend steps to reduce the nation's vulnerability to cyberattacks. But they say they have yet to receive a response from the Department of Homeland ==========> 04-07-09-Mozilla-PatchReleasedForShellProtocolSecurityProblem.txt========== http://www.mozilla.org/security/shell.html What Mozilla users should know about the shell: protocol security issue Last modified July 9, 2004 On July 7 a security vulnerability affecting browsers for the Windows operating system was reported to mozilla.org by Keith McCanless, and was subsequently posted to Full Disclosure, a public security mailing list. On the same day, the Mozilla security team confirmed the report of this security issue affecting the Mozilla Application Suite, Firefox, and Thunderbird and discussed and developed ==========> 04-07-09-SJMerc-MSEmployeeArrestedForHackingIntoAltaVistaComputer.txt========== http://www.siliconvalley.com/mld/siliconvalley/9119225.htm Posted on Fri, Jul. 09, 2004 Alleged hacker is Microsoft employee ALLISON LINN Associated Press SEATTLE - A man accused of hacking into search engine company Alta Vista's computer systems about two years ago now works at Microsoft Corp., the company said Friday. ==========> 04-07-12-NYT-WozniakDefendsHackersAtHOPEConference.txt========== http://www.nytimes.com/2004/07/12/technology/12hack.html July 12, 2004 For Hackers, Shop Talk, a Warning and Advice By NICHOLAS THOMPSON Stephen Wozniak, a founder of Apple Computer, was speaking to the choir Saturday at a conference in Midtown Manhattan, recalling an era when the word "hackers" referred to technological wizards, not rogue computer users. ==========> 04-07-13-Secunia-MultipleIESecurityVulnerabilities.txt========== http://secunia.com/advisories/12048/ Microsoft Internet Explorer Multiple Vulnerabilities Secunia Advisory: SA12048 Release Date: 2004-07-13 Critical: Extremely critical Impact: Security Bypass ==========> 04-07-13-TechNewsWorld-IEMarketShareDropsTo94Percent.txt========== http://www.technewsworld.com/story/35079.html IE Market Share Tumbles for First Time in Six Years By John P. Mello Jr. TechNewsWorld 07/13/04 7:40 AM PT While the one percent drop of Internet Explorer's Web share might not appear like much of a loss when you still have 94 percent of the market, it was a major boost for the small players such as Opera and Mozilla, who saw their ==========> 04-07-23-InfoWorld-SurveyShowsEnterpriseSecurityIsShaky.txt========== http://www.infoworld.com/article/04/07/23/30FEsecurityreportmain_1.html The shaky state of enterprise security The 2004 InfoWorld Security Survey shows IT managers are worried about the effectiveness of their security systems, with good reason By Paul F. Roberts, IDG News Service July 23, 2004 InfoWorld Faced with a seemingly endless onslaught of virulent Internet worms, spam, and e-mail scams, less than half of IT professionals report strong confidence in ==========> 04-07-27-SansOrg-NewMyDoomUsesSearchEnginesToFindRecipients.txt========== http://isc.sans.org/diary.php?isc=d46940064182f61f40ca333bc3c2f439 Handler's Diary July 26th 2004 Updated July 27th 2004 15:11 UTC MyDoom-O hits search engines hard. MyDoom-O hits search engines hard Update (July 27th 2004) ==========> 04-07-27-SecResponse-NewMydoomVirusDiscovered.txt========== http://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.m@mm.html W32.Mydoom.M@mm Discovered on: July 26, 2004 Last Updated on: July 27, 2004 10:40:41 AM W32.Mydoom.M@mm is a mass-mailing worm that drops and executes a backdoor, detected as Backdoor.Zincite.A, that listens on TCP port 1034. The worm uses its own SMTP engine to send itself to email addresses it finds on the infected computer. ==========> 04-07-27-SJMerc-MyDoomWormVersionDisruptsSearchEngines.txt========== http://www.siliconvalley.com/mld/siliconvalley/9252165.htm Posted on Tue, Jul. 27, 2004 Worm disrupts search engines MYDOOM SLOWS MUCH TRAFFIC By Chris O'Brien Mercury News The latest version of a troublesome computer worm emerged Monday with a new twist that played havoc with several major search engines. ==========> 04-07-28-Sophos-RankingsOfVirusAndWormThreats.txt========== http://www.sophos.com/pressoffice/pressrel/uk/20040728topten.html 28 July 2004 Virus writing on the increase - Sasser worm the major irritant of 2004, but Netsky worms dominate reports Sophos charts virus activity for first six months of 2004 A report published by Sophos, a world leader in protecting businesses against viruses and spam, reveals that the number of new viruses being written is increasing. In total, Sophos has detected and protected against 4,677 new ==========> 04-07-29-CompWorld-SearchEnginesUsedToFindSourceCodeAndVulnerabilities.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,94880,00.html Search engines expose vulnerabilities Malicious hackers use search engines to parse through a Web site's source code News Story by Mark Willoughby JULY 29, 2004 (COMPUTERWORLD) - Internet search engines have long been used in uncovering vulnerabilities for launching attacks, and security experts expect malicious hackers to increase their use of the technology to find exploitable information. ==========> 04-07-30-CNETNews-GhettoHackersAnnounceGlobalHackingContest.txt========== http://news.com.com/2100-7349_3-5291107.html Hackers plan global game of 'capture the flag' By Robert Lemos Staff Writer, CNET News.com Story last modified July 30, 2004, 2:03 PM PDT LAS VEGAS--If everything goes as planned, for 72 hours next February hackers from all over the United States will hit targets across the Internet in the largest mass attack to date. ==========> 04-08-00-CACM-CertifiedEmailToGuaranteeDelivery.txt========== Certified mail: the next challenge for secure messaging Rolf Oppliger August 2004 Communications of the ACM, Volume 47 Issue 8 The lack of evidence for message receipt is a missing piece of the infrastructure required for the more professional use of email. The term "secure messaging" refers to the ability to provide data confidentiality, data integrity, data origin authentication, and ==========> 04-08-00-CACM-HierarchicalAuthenticationStructuresMayNotBeSufficientlySecure.txt========== Is hierarchical public-key certification the next target for hackers? Mike Burmester, Yvo G. Desmedt August 2004 Communications of the ACM, Volume 47 Issue 8 Considering alternatives to hierarchical authentication structures that are not sufficiently secure for communication on open networks such as the Internet. The past few years have seen a remarkable growth of computer networks, with many new groundbreaking applications such as e-commerce, e-government, and ==========> 04-08-02-NYT-HackersDiscoveringVoIP.txt========== http://www.nytimes.com/2004/08/02/technology/02virus.html August 2, 2004 Hackers Are Discovering a New Frontier: Internet Telephone Service By KEN BELSON The New York Times Most new technology comes with risks, no matter how great the advantages. Computers, for instance, can store huge amounts of information, but they can also freeze, crash and melt down. ==========> 04-08-02-USAToday-ExpertsWarnCyberattackCouldBeHighlyDisruptive.txt========== http://www.usatoday.com/tech/news/2004-08-02-cyber-terror_x.htm Posted 8/2/2004 10:18 PM Updated 8/3/2004 5:15 AM Cyberterror impact, defense under scrutiny By Jon Swartz, USA TODAY SAN FRANCISCO — A terrorist threat is out there — and not just against physical structures. A coordinated cyberattack against the USA could topple parts of the Internet, ==========> 04-08-03-PCWorld-USCybersecurityUnitsRecruitingHackers.txt========== http://www.pcworld.com/news/article/0,aid,117226,00.asp Feds Seek a Few Good Hackers War on terrorism distracts cybercops from routine hacking, and even encourages alliances. Andrew Brandt, PC World Tuesday, August 03, 2004 Attention, hackers: Uncle Sam wants you. ==========> 04-08-03-ZDNet-OracleRefusesToConfirmSecurityFlaws.txt========== http://news.zdnet.co.uk/internet/security/0,39020375,39162536,00.htm Oracle database flaws affect virtually all financial transactions Munir Kotadia ZDNet UK August 03, 2004, 17:25 BST Oracle is keeping quiet about allegations that its ubiquitous database has at least 30 security vulnerabilities that could allow hackers to compromise the confidentiality of virtually all financial transactions. ==========> 04-08-03-ZDNet-UKFirmDiscoversManySecurityFlawsInOracleSoftware.txt========== http://news.zdnet.co.uk/software/applications/0,39020384,39162426,00.htm Oracle software 'riddled with security holes' Graeme Wearden ZDNet UK August 03, 2004, 11:35 BST A UK company has reportedly discovered over 30 vulnerabilities in current and previous versions of Oracle's database applications. ==========> 04-08-04-NetWorld-ExpertSaysVirusWritersAreWinning.txt========== http://nwfusion.com/news/2004/0804fsecure.html Security expert Q&A: The virus writers are winning By Bob Brown and Neal Weinberg Network World Fusion, 08/04/04 Mikko Hyppönen has made a name for himself as a computer security expert in directing anti-virus research at Finland's F-Secure, a $45 million company that regularly issues alerts warning of network threats. He spoke recently with Network World News Editor Bob Brown and Features Editor Neal Weinberg about the ==========> 04-08-07-WIred-HackerGetsCopiesOfInternalDataFromDieboldComputer.txt========== http://www.wired.com/news/privacy/0,1848,59925,00.html New Security Woes for E-Vote Firm By Brian McWilliams 02:00 AM Aug. 07, 2003 PT Following an embarrassing leak of its proprietary software over a file transfer protocol site last January, the inner workings of Diebold Election Systems have again been laid bare. ==========> 04-08-09-PhysOrg-StevensInstProfDiscoversWeaknessesInWiFiSecurity.txt========== http://www.physorg.com/news739.html CompSci expert Wetzel spots weaknesses in Wi-Fi security August 09, 2004 Researcher and colleagues warn of battery-draining, node-killing strategies A research team led by Dr. Susanne Wetzel, an Assistant Professor of Computer Science at Stevens Institute of Technology, has produced a study of the weaknesses of Wi-Fi networks. Specifically, Wetzel’s team has discovered "stealth attack" methods of disrupting and draining power from individual nodes ==========> 04-08-12-SeattlePI-BlasterWormVariantPerpetratorHeadedForPrison.txt========== http://seattlepi.nwsource.com/business/185885_blaster12.html Thursday, August 12, 2004 Blaster worm sender bound for prison After plea deal, man can't explain why he did it By JOHN COOK SEATTLE POST-INTELLIGENCER REPORTER The Minnesota man who unleashed a malicious variant of the MS Blaster computer worm last summer will likely spend 18 to 37 months in prison as part of a plea ==========> 04-08-12-TheReg-BlasterWormVariantPerpetratorHeadedForPrison.txt========== http://www.theregister.co.uk/2004/08/12/blaster_kiddie_pleads_guilty/ Blaster teen pleads guilty By John Leyden (john.leyden at theregister.co.uk) Published Thursday 12th August 2004 09:38 GMT A Minnesota teenager pleaded guilty yesterday to unleashing a variant of the Blaster worm last August. Jeffrey Lee Parson, 19, of Hopkins, Minnesota, admitted "intentionally causing ==========> 04-08-16-SJMerc-DG-ServicePack2MakesComputerSaferButNotSafe.txt========== http://www.siliconvalley.com/mld/siliconvalley/9415518.htm Posted on Mon, Aug. 16, 2004 Windows update makes data safer, but not safe By Dan Gillmor Mercury News Technology Columnist In the insular world of technology, the release of a new Microsoft operating system or major update is always a big event. But the arrival of Windows XP ``Service Pack 2'' has more meaning than usual. ==========> 04-08-18-TechNewsWorld-SpamAndVirusesBeingCombined.txt========== http://www.technewsworld.com/story/35925.html Convergence Quagmire: Viruses with Spam By Jay Lyman TechNewsWorld 08/18/04 10:52 AM PT MessageLabs said that while the motivations of virus writers and spammers have historically been very different, the two have come together with one purpose: profit. "Virus writers and spammers are combining their skill sets to produce a ==========> 04-08-18-VNUNet-SymantecCTOTalksAboutFutureOfITSecurity.txt========== http://www.vnunet.com/analysis/1157431 A proactive approach to security Symantec chief technical officer Robert Clyde talks to vnunet.com about the future of IT security Iain Thomson, vnunet.com 18 Aug 2004 With over 25 years' experience in the security business, almost exclusively in Fortune 500 companies, Symantec's chief technology officer Robert Clyde currently serves as treasurer on the executive committee of the IT industry's ==========> 04-08-23-CompWorld-802dot11iWirelessSecurity.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,95411,00.html Wi-Fi Plays Defense The new 802.11i wireless LAN security standard is a step forward, but Wi-Fi LANs still aren't impervious to attacks. AUGUST 23, 2004 (COMPUTERWORLD) - Unbounded by the physical constraints of cabling and walls, wireless LANs have proved tricky to secure. Now that the long-awaited 802.11i standard for enhanced WLAN security has been ratified, can IT assume that WLANs have grown as secure as their cabled counterparts? ==========> 04-08-24-EWeek-ConcernsMountOverTerroristAttackOnInternet.txt========== http://www.eweek.com/article2/0,1759,1639246,00.asp Concerns Mount over Major Web Strike August 24, 2004 By David Morgenstern A coordinated online strike against Internet servers by terrorists, dubbed "electronic jihad," may or may not strike this week, security experts said. One security researcher in Moscow warned that Thursday would be the day in question. ==========> 04-08-27-TheReg-USIndictsInstigatorOfDDoSAttackForHire.txt========== http://www.theregister.co.uk/2004/08/27/ddos_mafia_busted/ Feds bust DDoS 'Mafia' By Kevin Poulsen, SecurityFocus Published Friday 27th August 2004 11:02 GMT A Massachusetts businessman allegedly paid members of the computer underground to launch organized, crippling distributed denial of service (DDoS) attacks against three of his competitors, in what federal officials are calling the first criminal case to arise from a DDoS-for-hire scheme. ==========> 04-08-27-Wired-ArtExhibitFeaturesComputerVisusesAsArt.txt========== http://www.wired.com/news/culture/0,1284,64724,00.html Exhibit Features Viruses as Art By Michelle Delio 02:00 AM Aug. 27, 2004 PT A major art exhibit exploring the beauty of programming code and the ugly ways in which some people use it will begin its world tour in September. Curator Franziska Nori says the primary focus of the show, which features the ==========> 04-08-30-EETimes-TestRevealEPassportSecurityAndPrivacyFlaws.txt========== http://www.eetimes.com/sys/news/showArticle.jhtml?articleID=45400010 Tests reveal e-passport security flaw By Junko Yoshida EE Times August 30, 2004 (9:00 AM EDT) PARIS — The Department of Homeland Security's first tests of electronic-passport interoperability exposed technology flaws, including myopic ==========> 04-09-00-ACMCrossroads-ComputerSecurityAndIntrusionDetection.txt========== Computer security and intrusion detection Khaled Labib September 2004 Crossroads, Volume 11 Issue 1 Introduction Computer attacks are now commonplace. By connecting your computer to the Internet, you increase the risk of having someone break in, install malicious programs and tools on it, and possibly use it to attack other machines on the ==========> 04-09-00-ACMCrossroads-DistributedSecurityForAdHocNetworks.txt========== A distributed security scheme for ad hoc networks Dhaval Gada, Rajat Gogri, Punit Rathod, Zalak Dedhia, Nirali Mody, Sugata Sanyal, Ajith Abraham September 2004 Crossroads, Volume 11 Issue 1 Introduction In an ad hoc wireless network where wired infrastructures are not feasible, energy and bandwidth conservation are the two key elements presenting ==========> 04-09-00-ACMNetWorker-TheStateOfSecurityAndSpywareOnTheInternet.txt========== Putting it together: The state of security on the internet Win Treese September 2004 netWorker, Volume 8 Issue 3 How bad is security on the Internet? It seems that almost every day we see reports about new malicious software, and that's just in the popular media. In the specialized news of the computer security world, it's nearly impossible to keep up with the flood of detail about new viruses, worms, spam, spyware, or other attacks against computers on the network. ==========> 04-09-00-ACMQueue-VoIPSecurityShouldNotBeAnAfterthought.txt========== Queue Focus: Voice Over IP: VoIP Security: Not an Afterthought Douglas C. Sicker, Tom Lookabaugh September 2004 Queue, Volume 2 Issue 6 Voice over IP (VoIP) promises to up-end a century-old model of voice telephony by breaking the traditional monolithic service model of the public switched telephone network (PSTN) and changing the point of control and provision from the central office switch to the end user’s device. Placing intelligence at the edge, in the Internet tradition, has a number of consequences: a wider ==========> 04-09-00-CACM-ManagingP2PSecurity.txt========== Technical opinion: Managing P2P security Jason E. Bailes, Gary F. Templeton September 2004 Communications of the ACM, Volume 47 Issue 9 Considering the potential benefits and trade-offs of file-sharing systems. Since its inception, the Internet has thrived on a myriad of innovative concepts and technologies [4]. Recently, the peer-to-peer (P2P) architecture has evolved to empower masses of users to share a variety of file types, ==========> 04-09-00-InfoSecMag-USCriticalInfrastructureRemainsVulnerable.txt========== http://infosecuritymag.techtarget.com/ss/0,295796,sid6_iss467_art974,00.html September 2004 Mission: Critical Despite heightened post-9/11 security awareness, the U.S. critical infrastructure remains vulnerable to attack. BY STEPHEN BARLAS, ALAN EARLS, MICHAEL FITZGERALD, JERRI LEDFORD AND DENNIS MCCAFFERTY Info Security Magazine ==========> 04-09-13-UToronto-ProfsResearchComputerHackingAndDataRecovery.txt========== http://www.news.utoronto.ca/bin6/040913-452.asp Profs patrol cyberspace Electrical and computer engineering professors research computer hacking and data recovery September 13, 2004 by Karen Kelly (about) Somewhere between crime fighter and computer techie, you’ll find electrical and computer engineering professors David Lie and Ashvin Goel. But these two aren’t ==========> 04-09-21-NSF-CyberTrustProgramFundsCMUandUCSDCenters.txt========== http://www.nsf.gov/od/lpa/newsroom/pr.cfm?ni=15000000000118 NSF Press Release NSF PR 04-124 - September 21, 2004 Media contact: David Hart, NSF (703) 292-7737 dhart@nsf.gov Program contact: Carl Landwehr, NSF (703) 292-8950 clandweh@nsf.gov NSF Announces Two Cybersecurity Centers to Study Internet Epidemiology and "Ecology" ==========> 04-09-24-ChronHigherEd-Spafford-NoSoftwareIsSecure.txt========== # "Whether Linux or Windows, No Software Is Secure" Chronicle of Higher Education (09/24/04) Vol. 51, No. 5, P. B21; Spafford, Eugene H.; Wilson, David L. The debate about whether the Windows or Linux operating system is more secure obscures the more important issue of generally shoddy software development, argue Purdue University researchers Eugene Spafford and David Wilson: Although different arguments and figures can be used to support either open-source or proprietary software, the fact is that software of both types can either be secure or insecure. The OpenBSD operating system is a good example of a secure ==========> 04-09-28-GermanSecurityFirmHiresWriterOfNetskyAndSasserVirusVariants.txt========== http://www.siliconvalley.com/mld/siliconvalley/9780350.htm Posted on Tue, Sep. 28, 2004 Security firm hires writer of worms TEENAGER LANDS JOB WITH GERMAN SOFTWARE MAKER By Dan Lee San Jose Mercury News Here's one way for a company to get noticed in the crowded world of Internet security: Hire someone whose résumé is topped off with a job title ``virus ==========> 04-09-29-SJMerc-CyberGateKeeperKeepsOutOfDateComputersOffLocalNetwork.txt========== http://www.siliconvalley.com/mld/siliconvalley/9787870.htm Posted on Wed, Sep. 29, 2004 Keeping out the bugs SYSTEM ACTS AS `SCREENER' FOR REMOTE COMPUTER USERS By Michael Bazeley San Jose Mercury News Want to make life miserable for your company's network support staff? Just plug your virus-infected laptop into the corporate network and let the digital bug ==========> 04-09-30-EWeek-ApplicationDevelopersNeedToIncreaseSecurityEfforts.txt========== http://www.eweek.com/article2/0,1759,1663671,00.asp App Developers Need to Redouble Security Efforts September 30, 2004 By Esther Schindler EWeek PHOENIX—Most enterprise developers can recite various software architecture layers as though it's the easy question on the computer science final exam: operating system, application server, Web server, database server, application, ==========> 04-09-30-HarvardU-ProfDevelopingSWToolsToCheckProgramsForSecurityProblems.txt========== http://www.news.harvard.edu/gazette/2004/09.30/03-morrisett.html The search for computer security Morrisett says safety these days is (unfortunately) a matter of trust By Alvin Powell Harvard News Office September 30, 2004 It's a computerized jungle out there, with viruses, worms, Trojan horses, and other electronic predators waiting to wreak havoc on an unprotected computer. ==========> 04-09-30-USACM-CouncilOfEuropeAcceleratesActionOnCybercrimeConvention.txt========== =================================================== ACM Washington Update Vol. 8.9 (September 30, 2004) =================================================== The Council of Europe held a meeting in Strasbourg, France, recently to get governments worldwide to accelerate ratification of the 2001 Cybercrime Convention, the first international treaty to combat Internet crimes. For more information about the conference, see . In June, the U.S. Senate Foreign Relations Committee heard testimony regarding ==========> 04-09-30-WashPost-FlawsInMSAppsAllowVirusesPlantedInJPEGImages.txt========== http://www.washingtonpost.com/wp-dyn/articles/A45126-2004Sep23.html Danger of Image-Borne Viruses Looms By Brian Krebs washingtonpost.com Staff Writer Thursday, September 30, 2004; 2:36 PM Hackers are close to finding a way to spread harmful computer viruses just by getting people to open an e-mail message or visiting an infected Web site, computer security experts warned yesterday. ==========> 04-10-00-CACM-SecrecyDoesNotProvideSecurity.txt========== Inside risks: The nonsecurity of secrecy Bruce Schneier October 2004 Communications of the ACM, Volume 47 Issue 10 Considerable confusion exists between the different concepts of secrecy and security, which often causes bad security and surprising political arguments. Secrecy usually contributes only to a false sense of security. In June 2004, the U.S. Department of Homeland Security urged regulators to keep ==========> 04-10-00-NewSci-IMProgramCouldBreakIntoComputers.txt========== http://www.newscientist.com/news/news.jsp?id=ns99996529 Instant messenger could control hacked computers 17:16 13 October 04 NewScientist.com news service A US computer programmer has created a software robot that uses instant messenger – a program that allows people to exchange messages over the internet in real time - to control a computer remotely. ==========> 04-10-01-SJMerc-DHSCybersecurityChiefCifesFrustrationInResigning.txt========== http://www.siliconvalley.com/mld/siliconvalley/9811404.htm Posted on Fri, Oct. 01, 2004 U.S. cybersecurity chief abruptly resigns, cites frustration San Jose Mercury News WASHINGTON (AP) - The government's cybersecurity chief has abruptly resigned from the Homeland Security Department amid a concerted campaign by the technology industry and some lawmakers to persuade the Bush administration to give him more authority and money for protection programs. ==========> 04-10-04-InfoWorld-SuperConnectedIMUsersAidSpreadOfWorms.txt========== http://www.infoworld.com/article/04/10/04/HNimworms_1.html Super-connected users could aid IM worms Traditional antivirus technology too slow against worms spread by highly connected users Info World By Paul Roberts, IDG News Service October 04, 2004 Just a few users connected to popular instant messaging (IM) networks can cause the spread of worms, while choking off communications from "highly connected" ==========> 04-10-05-SciTech-NSFCenterForInternetDefensesTargetsCyberPlagues.txt========== http://www.sci-tech-today.com/story.xhtml?story_title=Cyber-Center-Targets-Inter net-Plagues&story_id=27387&category=innv Cyber Center Targets Internet Plagues By Mike Martin Sci-Tech Today October 5, 2004 7:30PM The new Center for Internet Epidemiology and Defenses (CIED) will tackle "a grand-challenge problem for computer security researchers: defending against ==========> 04-10-05-SJMerc-HackersAttackDutchGovtWebSites.txt========== http://www.siliconvalley.com/mld/siliconvalley/9842193.htm Posted on Tue, Oct. 05, 2004 Hackers Attack Dutch Government Web Sites Associated Press AMSTERDAM, Netherlands - Several Dutch government Web sites remained offline Tuesday after an attack by hackers protesting unpopular policies of the right-wing Cabinet, the government said. ==========> 04-10-05-SJMerc-T-MobileUpgradesSecurityAtWiFiLocations.txt========== http://www.siliconvalley.com/mld/siliconvalley/9839257.htm Posted on Tue, Oct. 05, 2004 Security upgrade at WiFi locations NEW SYSTEM ADDS LEVEL OF PRIVACY By Sam Diaz Mercury News Starting today, users of wireless broadband should find it safer to surf the Web from a T-Mobile HotSpot. ==========> 04-10-08-CNETNews-ApplicationsSecurityConsortiumDefinesFirewallBenchmark.txt========== http://news.com.com/Group+aims+to+create+hallmark+of+security/2100-1029_3-544315 4.html Group aims to create hallmark of security By Dawn Kawamoto and Matt Hines CNET News Story last modified November 8, 2004, 4:54 PM PST A small group of security companies has set a baseline standard for application firewalls and has challenged the industry's biggest players to put their goods ==========> 04-10-12-GlobeMail-TheQuestForSecureComputerPrograms.txt========== http://www.globetechnology.com/servlet/story/RTGAM.20041001.gtkirwanoct1/BNStory /Technology/ The quest for secure code By Mary Kirwan Special to Globe and Mail Update Tuesday, Oct 12, 2004 Mary Kirwan is a lawyer on three continents, a writer and IT security expert. She is currently completing a book on IT security for industry, for broad ==========> 04-10-13-InfoSocTech-VocalidCardsUseCryptoAcousticTechnologyForSecureTransactions.txt========== http://istresults.cordis.lu/index.cfm/section/news/tpl/article/BrowsingType/Feat ures/ID/70301 Secure online transactions worth talking about 13 Oct 2004 Info Societies Tech Trials of European IST Prize-winning Vocalid® technology, based on crypto-acoustic smart cards that ensure secure, online transactions over any phone or computer, have shown strong support. ==========> 04-10-13-SJMerc-USAndIndiaAgreeToCooperateOnTechSecurity.txt========== http://www.siliconvalley.com/mld/siliconvalley/9909428.htm Posted on Wed, Oct. 13, 2004 U.S., India to cooperate on tech security San Jose Mercury News NEW DELHI (AP) - India and the United States agreed Wednesday to develop new ways of securing data and to expand cooperation to protect networks from destructive viruses and computer hackers. ==========> 04-10-15-InformIT-FightingVirusesWithGoodViruses.txt========== http://www.informit.com/articles/article.asp?p=337309 Fighting Fire with Fire: Designing a "Good" Computer Virus Date: Oct 15, 2004 By Cyrus Peikari. Cyrus Peikari demonstrates methods to design and test a live, attenuated computer virus vaccine using real-world simulation. InformIT Introduction ==========> 04-10-18-CNETNews-ThrowingMoneyAtCyberSecurity.txt========== http://news.com.com/2009-1009_3-5395361.html Throwing money at technology By Robert Lemos and Mike Yamamoto Staff Writers, CNET News.com October 18, 2004, 4:00 AM PDT As part of California's effort in the war on terror, state legislators this year proposed that trucks hauling hazardous materials be fitted with technologies that would allow authorities to seize control of hijacked ==========> 04-10-18-SJMerc-CiscoAndMSToWorkTogetherToFightViruses.txt========== http://www.siliconvalley.com/mld/siliconvalley/9948262.htm Posted on Mon, Oct. 18, 2004 Cisco, Microsoft join forces in fighting viruses San Jose Mercury News Cisco Systems and Microsoft today will announce they are cooperating to help customers ward off Internet viruses and worms. The agreement marks the first time the two tech titans have worked together to ==========> 04-10-19-SecFocus-UCBHackingAllowedAccessToDataOn600KPeople.txt========== http://www.securityfocus.com/news/9758 California reports massive data breach By Kevin Poulsen SecurityFocus Oct 19 2004 5:02PM The FBI is investigating the penetration of a university research system that housed sensitive personal data on a staggering 1.4 million Californians who participated in a state social program, officials said Tuesday. ==========> 04-10-19-TechWeb-AntiVirusSoftwareCanBeFooledByHackers.txt========== http://www.techweb.com/wire/networking/50500804 Anti-Virus Can Be Tricked By Hackers By TechWeb.com October 19, 2004 (1:52 PM EDT) The anti-virus detection engines of several big-name vendors, including McAfee and Computer Associates, can be fooled by hackers, a U.S.-based security intelligence firm warned Tuesday. ==========> 04-10-20-TheReg-RegisterSuffersDDOSAttack.txt========== http://www.theregister.co.uk/2004/10/20/register_ddos/ Register suffers DDOS attack By Drew Cullen (drew.cullen at theregister.co.uk) Published Wednesday 20th October 2004 12:21 GMT Update Around 7am BST this morning, The Register came under DDOS attack. The attack continues — and is increasing in severity — but our hosting provider is doing what it can to mitigate its effects. ® Update 14:30 BST ==========> 04-10-21-CNETNews-Lofgren-BillIntroducedToPromoteCybersecurity.txt========== http://news.com.com/Thumb+twiddling+on+cybersecurity/2010-7348_3-5420059.html Thumb twiddling on cybersecurity By Zoe Lofgren Story last modified October 21, 2004, 4:00 AM PDT CNET News Threats and vulnerabilities to our global computer networks and systems are growing faster than we can address them. ==========> 04-10-21-SJMerc-UCBHackingAllowedAccessToDataOn600KPeople.txt========== http://www.siliconvalley.com/mld/siliconvalley/9975199.htm Posted on Thu, Oct. 21, 2004 UC hacking may have gotten data on 600,000 SECURITY BREACH NOT REPORTED FOR WEEKS By Dan Lee and Andrew LaMar Mercury News A hacker who broke into the computer system of the University of California-Berkeley may have gained access to names, Social Security numbers ==========> 04-10-25-EntSec-ResearchersStudyWiFiSecurityWeaknesses.txt========== http://enterprise-security-today.newsfactor.com/story.xhtml?story_id=27842 Mobile Security Researchers Study Wi-Fi Weaknesses By Mike Martin Enterprise Security Today October 25, 2004 1:30PM "Most of today's communication infrastructure is based on trustworthy collaboration among information routers," says Professor Suzanne Wetzel. ==========> 04-10-25-GovtCompNews-CybersecurityIsIndustryBurden.txt========== http://gcn.com/23_31/interview/27654-1.html 10/25/04; Vol. 23 No. 31 IT security is the industry’s burden By William Jackson GCN Staff Paul Kurtz heads the Cyber Security Industry Alliance of Washington. But he spent most of his career at the State Department, where he began as an intern in 1986. ==========> 04-10-25-SJMerc-SecurityForHomeInternetUsersWeak.txt========== http://www.siliconvalley.com/mld/siliconvalley/10007411.htm Posted on Mon, Oct. 25, 2004 Security for Internet Users Deemed Weak TED BRIDIS Associated Press WASHINGTON - Internet users at home are not nearly as safe online as they believe, according to a nationwide inspection by researchers. They found most consumers have no firewall protection, outdated antivirus software and dozens ==========> 04-10-27-InfoSocTech-JavaSmartCardsPromiseSecurityAndReliability.txt========== http://istresults.cordis.lu/index.cfm/section/news/tpl/article/BrowsingType/Feat ures/ID/70511 Adding reliability and trust to smartcards Information Society Technologies 27 Oct 2004 Enabling the widespread adoption of the latest generation of Java Card smartcards is VerifiCard, an IST project that developed models and tools to verify the cards, helping to guarantee reliability and trust in the technology. ==========> 04-10-27-VNUNet-CybersecurityRequiresIndustryAndGovernmentToShareInfo.txt========== http://www.vnunet.com/news/1159016 Information sharing crucial for IT security Cabinet Office issues review looking at UK public and private sector initiatives Daniel Thomas, Computing 27 Oct 2004 Government departments and businesses must share information and provide better staff training if IT security is to improve in the UK, says the government's chief security and intelligence co-ordinator, Sir David Omand. ==========> 04-10-28-CNETNews-HackersNowEarningMoneyFromTheirExploits.txt========== http://news.com.com/Hacking--do+the+pros+now+rule/2008-1082_3-5429687.html Hacking--do the pros now rule? By Ong Boon Kiat Story last modified October 28, 2004, 4:00 AM PDT CNET News The chief scientist of security company Internet Security Systems believes 2004 could prove to be a watershed year for hacking. ==========> 04-10-31-USACM-InfoTechIndustrySeeksElevationOfCybersecurityAtDHS.txt========== =================================================== ACM Washington Update Vol. 8.9 (October 31, 2004) =================================================== [2] IT INDUSTRY SEEKS ELEVATION OF CYBERSECURITY AT DHS The Director of the Department of Homeland Security's (DHS's) National Cyber Security Division, Amit Yoran, submitted his resignation in October. The abrupt move followed recent calls to incorporate the director's position and the Cyber Security Division into the White ==========> 04-11-00-ACMQueue-BookReview-WiFoo-SecretsOfWirelessHacking.txt========== REVIEWS: Review of "Wi-Foo: The Secrets of Wireless Hacking by Andrew Vladimirov, Konstantin V. Gravrilenko, and Andrei A. Mikhailovsky". Pearson Education, 2004, ISBN 0-321-20217-1. Rita Puzmanova November 2004 Queue, Volume 2 Issue 8 Anyone who is interested and involved in wireless networking will be nicely surprised by a book that explains and supports WLAN (wireless local area network) security implementers, security managers, and (last but not least) ==========> 04-11-00-GovtSecNews-DHSCreatesDETERCybersecurityTestbed.txt========== http://www.gsnmagazine.com/nov_04/deter_program.html "DETER" fills IT security testing void Government Security News November 2004 By Barbara DePompa One of the biggest challenges to creating security technologies that effectively protect against worms, viruses and other malicious code attacks is inadequate independent testing and evaluation, a shortcoming which prompted the ==========> 04-11-04-Yahoo-USAndEuropeUnpreparedForCyberAttack.txt========== http://uk.news.yahoo.com/041104/80/f5z2i.html Thursday November 4, 03:05 PM U.S. and Europe unprepared for cyber attack By Bernhard Warner, European Internet Correspondent BARCELONA, Spain (Reuters) - Future widescale terror attacks will be executed by a person sitting behind a computer, not necessarily by a suicide truck bomber or plane hijacker, a United States lawmaker predicted on Thursday. ==========> 04-11-05-ChronHigherEd-UniversitiesDealWithHackerAttacks.txt========== # "When Hackers Attack" Chronicle of Higher Education (11/05/04) Vol. 51, No. 11, P. A29; Read, Brock College and university IT administrators are learning to deal with hacker intrusions aggressively, implementing tough password-change policies and stepping up efforts to educate users. When Purdue University IT officials discovered their network had been hacked by someone using about 100 stolen passwords, they sent email messages about the attack to 60,000 users at the school's main campus; within 24 hours, about 15,000 students, faculty, and employees had changed their passwords at a Web site especially created for that ==========> 04-11-10-WSJ-ComputerSecurityIsAGrowingBusiness.txt========== # "Battling Hackers Is a Growth Industry" Wall Street Journal (11/10/04) P. B3B; Richmond, Riva Job opportunities and salaries for technology professionals have lessened in recent years, due to competition and lower technology spending, but a new study from IDC reports that security specialists are operating in an expanding market thanks to an increase in malicious attacks on computer systems, new regulations, and the risks posed by new communications technologies. IDC analyst Allan Carey says organizations are looking particularly for security specialists with business expertise, and forecasts that the number of full-time ==========> 04-11-11-WSJ-MydoomWormRenewsDebateOnNotification.txt========== "Mydoom Worm Renews Debate on Cyber-Ethics" Wall Street Journal (11/11/04) P. B1; Bank, David The new Mydoom worm variant takes advantage of a security vulnerability that does not yet have a patch. Many programmers hunt for bugs in software, with most of them trying to help users by disclosing the flaws so they can be fixed. But the disclosures can help malicious hackers as well and cyberethics experts say the issue needs to be addressed. The new Mydoom variant arrives in an email message that seems to come from PayPal, and clicking on the link within releases the worm into the computer. The worm then sends out more email and ==========> 04-11-12-CNETNews-SupercomputerClustersNeedToAddressCybersecurity.txt========== http://news.com.com/Study+Supercomputer+clusters+shortchange+security/2100-7337_ 3-5449344.html Study: Supercomputer clusters shortchange security By Stephen Shankland CNET News Story last modified November 12, 2004, 8:58 AM PST The popular "clustering" approach to supercomputing is indeed useful, but U.S. researchers need to explore different directions in the field to ensure the ==========> 04-11-12-CornellSun-PanelDiscussesCyberterrorism.txt========== http://www.cornellsun.com/vnews/display.v/ART/2004/11/12/419446620aff2 Panel Discusses Threat of Cyberterrorism at Workshop November 12, 2004 by Casey Holmes Cornell Daily Sun Staff Writer Discussing cyberterrorism. Seymour Goodman, professor at the Sam Nunn School of International Affairs, speaks about cyberterrorism yesterday. Michael Belkin / Sun Staff ==========> 04-11-12-PennStateU-QFilterProvidesIncreasedDatabaseSecurity.txt========== http://live.psu.edu/story/8954 New software developed by Penn State improves database security Friday, November 12, 2004 Penn State Univ. University Park, Pa.-- Penn State researchers have developed software that more quickly and efficiently ensures that databases don't release unauthorized information. ==========> 04-11-13-NewSci-CheritonProposesRadicalExtensionAsAlternativeToIPv6.txt========== # "How to Mend a Broken Internet" New Scientist (11/13/04) Vol. 184, No. 2473, P. 46; O'Brien, Danny Stanford University computer science professor David Cheriton warns that the Internet will soon play a crucial role in the operation of virtually every critical communication network, and give enemies the opportunity to inflict potentially catastrophic economic damage through cyberattacks. In addition to inadequate security, the Internet is suffering from a shortage of IP address space, a problem that the Internet Engineering Task Force (IETF) has been trying to rectify with the development and deployment of IP version 6 (IPv6); ==========> 04-11-15-CompWorld-SecurityProsBemoanLackOfStrategicFocus.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,97494,00.html Security Pros Bemoan Need for Tactical Focus More proactive initiatives fall by the wayside, conference attendees say News Story by Jaikumar Vijayan NOVEMBER 15, 2004 (COMPUTERWORLD) - WASHINGTON -- Operational and tactical considerations continue to dominate the IT security agenda, despite a growing need for more strategic approaches to data protection, said attendees at the Computer Security Institute's annual conference here last week. ==========> 04-11-15-InfoWeek-RFIDSecurityAndPrivacyIssues.txt========== http://www.informationweek.com/story/showArticle.jhtml?articleID=52601030 RFID's Security Challenge Security -- and its high cost -- appears to be the next hurdle in the widespread adoption of RFID. By Thomas Claburn, George V. Hulme, InformationWeek Nov. 15, 2004 No one has complained of a security breach related to an RFID deployment--yet. Businesses and vendors alike acknowledge that security remains a question mark ==========> 04-11-15-SciAm-SomeBluetoothDevicesVulnerableToHacking.txt========== http://www.sciam.com/article.cfm?chanID=sa004&articleID=0003B6DC-3503-1179-B5038 3414B7FFE9F November 15, 2004 Connection Blues A hole for external control of Bluetooth devices By Wendy M. Grossman Scientific American My mobile phone, lying on the table in front of me, flashes "Connecting" a ==========> 04-11-17-CNETNews-ExUSCybersecurityCzarCitesProblems.txt========== http://news.com.com/Straight+talking+on+terrorism/2008-1082-5455084.html Straight talking on terrorism By Dan Ilett Story last modified November 17, 2004, 4:00 AM PST CNET News When the second plane hit the World Trade Center on Sept. 11, 2001, Richard Clarke didn't wait around for President Bush to react. ==========> 04-11-17-DenPost-HackersBreakIntoColoradoUComputerSystem.txt========== http://www.denverpost.com/Stories/0,1413,36~53~2539839,00.html Article Published: Wednesday, November 17, 2004 Colleges easy prey to hackers Online security targeted By George Merritt Denver Post Staff Writer Post / Helen H. Richardson Dennis Maloney is executive director of Information Technology Services at the ==========> 04-11-18-CNETNews-CybersecurityNeedsLeadership.txt========== http://news.com.com/Cybersecurity+and+the+question+of+leadership/2010-7348_3-545 8093.html Cybersecurity and the question of leadership By Roger Cochetti Story last modified Thu Nov 18 10:13:00 PST 2004 CNET News The word "czar" sounds so anachronistic. It conjures up images of leaders in some long-ago hinterland, living behind moats and writing decrees on parchment. ==========> 04-11-18-UFlorida-UFResearcherDevelopsComputerIntruderDetectionSystem.txt========== http://www.newswise.com/articles/view/508343/ Intruder Alert: Method Provides Double Computer Crime-Solving Evidence Univ of Florida Nov. 18 2004 Description Like an episode of "CSI: Computers," a UF researcher has developed a technique that gives digital detectives twice the forensic evidence they now have to catch all kinds of hackers, from curious teenagers to disgruntled employees to ==========> 04-11-19-GovtCompNews-CommitteeSaysMoreFundingNeededForCybersecurityRandD.txt========== http://www.gcn.com/vol1_no1/daily-updates/27979-1.html 11/19/04 More funding needed for security R&D, IT committee says By William Jackson Government Computer News Staff The government has shortchanged basic research into cybersecurity and should at least quadruple the money available for civilian research, the President’s IT Advisory Committee says. ==========> 04-11-22-CompWorld-CMUsCyLabToStudycomputerSecurity.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,97629,00.html Pointillist Protection A Georges Seurat approach to vulnerabilities. Future Watch by Matt Hamblen NOVEMBER 22, 2004 (COMPUTERWORLD) - Carnegie Mellon University is researching some of the biggest challenges in computer security, data availability and systems reliability through a year-old interdisciplinary program known as CyLab. ==========> 04-11-22-GovtCompNews-SomeProgressInCybersecurityAtUSFederalLevel.txt========== http://gcn.com/23_33/security/27966-1.html 11/22/04; Vol. 23 No. 33 A few steps forward, a few back By William Jackson GCN Staff Former cyberczar sees progress in securing cyberspace, but says government ‘really doesn’t know what its IT assets are’ ==========> 04-11-29-USAToday-TestShowsUnprotectedPCsLikelyToBeCompromised.txt========== http://www.usatoday.com/money/industries/technology/2004-11-29-honeypot_x.htm Posted 11/29/2004 11:21 PM Updated 11/30/2004 4:02 AM Unprotected PCs can be hijacked in minutes By Byron Acohido and Jon Swartz, USA TODAY SAN FRANCISCO — Surfing the Web has never been more risky. Simply connecting to the Internet — and doing nothing else — exposes your PC to non-stop, automated break-in attempts by intruders looking to take control of your machine surreptitiously. ==========> 04-11-30-AvantGarde-TestShowsUnprotectedPCsLikelyToBeCompromised.txt========== http://www.avantgarde.com/ttln113004.html Automated “Bots” Overtake PCs Without Firewalls Within 4 Minutes AvantGarde Experiment Reveals How Different Platforms Protect Against Internet Attacks SAN FRANCISCO, Calif., November 30, 2004 – Avantgarde today released a study that showed that automated “bots,” worms and other threats pummeled six computer platforms over a two-week period with 305,955 total attacks. Results also revealed that an inadequately protected computer fell victim to an actual ==========> 04-11-30-SeattlePI-HPToIncludeAntiVirusSoftwareWithServers.txt========== http://seattlepi.nwsource.com/business/aptech_story.asp?category=1700&slug=Virus %20Throttling%20Software Tuesday, November 30, 2004 · Last updated 6:48 p.m. PT HP touts software to slow computer worms Seattle Post-Intelligencer By RACHEL KONRAD AP TECHNOLOGY WRITER SAN FRANCISCO -- Engineers at Hewlett-Packard Co. are working on ==========> 04-11-30-TchWeb-TestShowsUnprotectedPCsLikelyToBeCompromised.txt========== http://www.techweb.com/wire/security/54201306 Unprotected PCs Fall To Hacker Bots In Just Four Minutes By Gregg Keizer, TechWeb.com November 30, 2004 (2:40 PM EST TechWeb The lifespan of a poorly protected PC connected to the Internet is a mere four minutes, research released Tuesday claimed. After that, it's owned by a hacker. ==========> 04-12-00-ACMNetWorker-PackagedSolutionsToNetworkSecurity.txt========== The last word: Network security, off the racks Aaron Weiss December 2004 netWorker, Volume 8 Issue 4 Quite a few years ago I wrote a book about protecting yourself on the Internet. The book was aimed at the first wave of mainstream users to hit the global network, as traffic spread beyond the scientific and academic communities. In it, I argued a "reasonable precautions" thesis of home—in essence, the Internet was like a house, and so long as you locked your windows and doors, you'd ==========> 04-12-00-BusCommRev-TheEvolutionOfNetworkSecurity.txt========== http://www.bcr.com/bcrmag/2004/12/p14.php Enemy At The Gates: The Evolution Of Network Security from the December 2004 issue of Business Communications Review, pp. 14–18 by Jeff Wilson, principal analyst, VPNs and security, with Infonetics Research, specializing in firewalls, IDS/IPS, VPNs, integrated security appliances, and application security. In the beginning there were good guys and bad guys. The bad guys, the Hackers, hid out in a secret fortress called “the cloud,” launching attacks on the good ==========> 04-12-00-CACM-AssessingExtentOfSecurityRislsInWirelessNetworking.txt========== Digital village: Wireless infidelity II: airjacking Hal Berghel, Jacob Uecker December 2004 Communications of the ACM, Volume 47 Issue 12 Assessing the extent of the security risks involved in wireless networking technology by considering three possible scenarios demonstrating vulnerabilities. In the previous column (September 2004), I discussed the history and practice ==========> 04-12-00-CACM-ProtectionOfArtisticContentFromIllegalDistribution.txt========== Security watch: The many colors of multimedia security Rebecca T. Mercuri December 2004 Communications of the ACM, Volume 47 Issue 12 Protection of artistic content from illegal distribution involves significant gray areas in terms of methods and laws. Digital multimedia (whether it be audio, video, or still photography and art) is exposed to a broad spectrum of security problems. From the standpoint of the ==========> 04-12-00-CACM-SecurityInDistributionOfDigitalMedia.txt========== The many colors of multimedia security Communications of the ACM archive Volume 47 , Issue 12 (December 2004) table of contents Rebecca T. Mercuri Harvard University ABSTRACT Protection of artistic content from illegal distribution involves significant gray areas in terms of methods and laws. ==========> 04-12-00-CommACM-ProtectingArtisticContentFromIllegalDistribution.txt========== Security watch: The many colors of multimedia security Rebecca T. Mercuri December 2004 Communications of the ACM, Volume 47 Issue 12 Protection of artistic content from illegal distribution involves significant gray areas in terms of methods and laws. Digital multimedia (whether it be audio, video, or still photography and art) is exposed to a broad spectrum of security problems. From the standpoint of the ==========> 04-12-01-SJMerc-HPToIncludeAntiVirusSoftwareWithServers.txt========== http://www.siliconvalley.com/mld/siliconvalley/10312217.htm Posted on Wed, Dec. 01, 2004 HP to include anti-virus software with servers `THROTTLER' CHOKES OFF ABNORMAL PROGRAMS By Therese Poletti Mercury News Hewlett-Packard said Tuesday that it will begin selling corporate computers installed with ``Virus Throttler'' software next year to stop the spread of ==========> 04-12-02-CompWorld-CodeCheckingToolsNeededToFindSecurityBugs.txt========== http://www.computerworld.com/securitytopics/security/story/0,10801,97988,00.html Former cybersecurity czar: Code-checking tools needed Computer World News Story by Grant Gross DECEMBER 02, 2004 (IDG NEWS SERVICE) - WASHINGTON -- Software vendors need automated tools that look for bugs in their code, but it may be a decade before many of those tools are mature and widely used, said the former director of cybersecurity for the U.S. Department of Homeland Security. ==========> 04-12-03-SJMerc-MailingAboutUCBSecurityBreach.txt========== http://www.siliconvalley.com/mld/siliconvalley/10333652.htm Posted on Fri, Dec. 03, 2004 California to notify 1.4 million of hacking risk MAILING ABOUT UC-BERKELEY SECURITY BREACH WILL COST $691,000 By Andrew LaMar Knight Ridder Sacramento Bureau SACRAMENTO - The state will spend $691,000 to mail notices to 1.4 million Californians next week alerting them that their personal information might have ==========> 04-12-05-SeattlePI-FormerCIAChiefWarnsOnCyberterror.txt========== http://seattlepi.nwsource.com/business/aptech_story.asp?category=1700&slug=Gates %20Terrorism Sunday, December 5, 2004 · Last updated 9:54 a.m. PT Seattle Post-Intelligencer Ex-CIA chief Gates warns on cyberterror By PAM EASTON ASSOCIATED PRESS WRITER HOUSTON -- Cyberterrorism could be the most devastating weapon of mass ==========> 04-12-06-SJMerc-FormerCIAChiefWarnsOnCyberterror.txt========== http://www.siliconvalley.com/mld/siliconvalley/10346318.htm Ex-CIA Chief Gates Warns on Cyberterror PAM EASTON Associated Press San Jose Mercury HOUSTON - Cyberterrorism could be the most devastating weapon of mass destruction yet and could cripple the U.S. economy, former CIA Director Robert Gates said at a terrorism conference Saturday. ==========> 04-12-07-WSJ-ComputerSecurityIndustryRecommendations.txt========== # "Tighter Cyber Protection Is Urged by Computer-Security Industry" Wall Street Journal (12/07/04) P. A3; Bank, David Computer-security industry executives today intend to release a series of recommendations to the Bush administration for addressing cybersecurity issues, which many feel the White House has given short shrift to. "We believed [cybersecurity] would be an agenda item visible at the highest levels of government," notes Symantec CEO John Thompson. "That has certainly not been the case." Actions that the Cyber Security Industry Alliance wants the White House to take include pressuring the Senate to sanction Europe's cybercrime treaty, ==========> 04-12-09-InvestBusDaily-TimeToExploitVulnerabilitiesDecreasing.txt========== # "In Network Security, 'To Beat the Clock' Is No Longer a Game" Investor's Business Daily (12/09/04) P. A4; Howell, Donna The window between the discovery of software vulnerabilities and their exploitation by hackers is shrinking, so companies have less time to come up with patches. Gartner predicts that 30 percent of all online exploits in 2006 will occur within a month of patch availability, and Gartner analyst John Pescatore says such developments are forcing companies to explore and implement different security measures, such as intrusion prevention and network access control. Examples of host-based intrusion prevention include software from MIT ==========> 04-12-10-EWeek-USCyberSecurityOfficePlansToMoveAhead.txt========== http://www.eweek.com/article2/0,1759,1739061,00.asp Cyber-Security Office Calls for More Clout By Wayne Rash December 10, 2004 EWeek The office in charge of cyber-security in the Department of Homeland Security is planning to continue moving ahead on the agenda the agency has already set. ==========> 04-12-12-Wired-CellPhoneSecurityIssues.txt========== http://www.wired.com/wired/archive/12.12/phreakers.html They've Got Your Number … … your text messages and address book, and a way to bug your calls. Why spam, scams, and viruses are coming soon to a phone near you. By Annalee Newitz It's a beautiful afternoon in Shepherd's Bush, a bustling neighborhood on the outskirts of London, and Adam Laurie is feeling peckish. Heading out of the office, he's about to pick up more than a sandwich. As he walks, he'll be ==========> 04-12-13-CNETNews-CodeAnalysisProjectSuggestsLinuxHasFewerFlawsThanWindows.txt========== # "Looking to Wireless for Growth, Tech Giants Seek More Spectrum" Wall Street Journal (12/15/04) P. A1; Squeo, Anne Marie Technology firms have stepped up lobbying efforts aimed at freeing more wireless spectrum, and the Bush administration and Congress are responding. Wireless technology is seen as a foundation for a new round of technology growth and innovation, but the old way of allocating spectrum has left much of that valuable commodity unused; broadcasters are unwilling to give up their spectrum rights as they move to digital transmissions, which would require less radio space than old analog technology. The Dec. 31, 2006 date for spectrum ==========> 04-12-13-EWeek-ApplicationsNeedToBeSecureToo.txt========== http://www.eweek.com/article2/0,1759,1738991,00.asp An Applications View on Security December 13, 2004 By Peter Coffee E Week When information warfare experts want to set the proper base line for what's "secure," they point out that the only completely protected machine is one that's disconnected from the network and preferably turned off. Application ==========> 04-12-14-ACMUbq-Burke-TheNeedForCybersecurityCivilDefense.txt========== http://www.acm.org/ubiquity/interviews/v5i40_burke.html Pete Burke on Cybersecurity and the Law Source: Ubiquity, Volume 5, Issue 40, December 14 - December 23, 2004 Why the People Need WWII-Type Cybersecurity Drills Edmund B. (Pete) Burke is an attorney whose special experience is in the areas of software and technology law and e-commerce. UBIQUITY: How did you first get interested in cybersecurity? ==========> 04-12-14-InfoWeek-CybersecuritySlipsAsHomelandSecurityPriority.txt========== http://www.informationweek.com/story/showArticle.jhtml?articleID=55301866 Cybersecurity Slips As A Homeland Security Priority The Bush administration has been slow to act on cybersecurity measures at a time when the need is increasing, an industry exec says. By Larry Greenemeier, InformationWeek Dec. 14, 2004 Attention to cybersecurity is threatening to slip even further down the Bush administration's priorities list as the White House resumes its search for a ==========> 04-12-17-ChronHighEd-ColleagesFaceRisingCostsForComputerSecurity.txt========== # "Colleges Face Rising Costs for Computer Security" Chronicle of Higher Education (12/17/04) Vol. 51, No. 17, P. A1; Foster, Andrea L. A Chronicle of Higher Education survey indicates an increase in information security spending levels over the last two years for more than 50 percent of U.S. colleges and universities that responded to the poll. Almost all respondents reported that their institutions were targeted by worms and viruses in the past year: 73 percent reported an acceleration in cyberattacks; 53 percent said attempts were made in the past year to cripple their campus ==========> 04-12-20-NetWorld-NetAppsConsortiumNearsReleaseOfSecurityArchitecture.txt========== http://www.nwfusion.com/news/2004/122004-nac-security.html User group to reveal model for IS security future By John Fontana Network World, 12/20/04 An influential user group is nearing release of a blueprint for a policy-based security architecture it hopes will become an industry model for securing corporate information systems. ==========> 04-12-20-NYT-Markoff-SecurityFlawFoundInGoogleDesktopSearch.txt========== http://www.nytimes.com/2004/12/20/technology/20flaw.html December 20, 2004 Rice University Computer Scientists Find a Flaw in Google's New Desktop Search Program By JOHN MARKOFF NT Times SAN FRANCISCO, Dec. 19 - A Rice University computer scientist and two of his students have discovered a potentially serious security flaw in the desktop ==========> 04-12-20-NYT-TrackingTerroristInternetUseDifficult.txt========== http://www.nytimes.com/2004/12/20/technology/20covert.html?oref=login December 20, 2004 On the Open Internet, a Web of Dark Alleys By TOM ZELLER Jr. NY Times The indictment early this month of Mark Robert Walker by a federal grand jury in Texas might have seemed a coup for the government in its efforts to police terrorist communications online. Mr. Walker, a 19-year-old student, is accused, ==========> 04-12-21-SJMerc-GoogleQuicklyFixesDesktopSearchFlaw.txt========== http://www.siliconvalley.com/mld/siliconvalley/10466038.htm Posted on Tue, Dec. 21, 2004 Google quickly fixes desktop-search flaw BUG COULD'VE ALLOWED HACKERS ACCESS TO FILES ON A USER'S PC By Dan Lee Mercury News Google said Monday that it has fixed a security flaw in its new desktop computer search tool that could have allowed attackers to read parts of files ==========> 04-12-27-PCWorld-2004WasGoodAndBadForSecurity.txt========== http://www.pcworld.com/news/article/0,aid,119031,00.asp 2004: Good and Bad for Security From a sharp increase in phishing scams to high-profile arrests, here's what made news this year. Paul Roberts, IDG News Service Monday, December 27, 2004 PC World Experts agree: 2004 was the best of times and the worst of times for those ==========> 04-12-27-TechRep-ITProfesionalsAnIntgralPartOfCybersecurity.txt========== http://techrepublic.com.com/5100-22_11-5494201.html IT professionals are an integral part of the national security strategy Tech Republic December 27, 2004 Mark Kaelin Takeaway: IT professionals are first responders when it comes to potential cyberattacks. This chapter from Implementing Homeland Security for Enterprise IT, by Michael ==========> 04-12-28-InfoWeek-BushUrgedToRampUpCybersecurityEfforts.txt========== http://www.informationweek.com/story/showArticle.jhtml?articleID=56200702 Bush Urged To Ramp Up Cybersecurity In New Year Top E-government official envisions IT security as part of every project, but critics still want a top cybersecurity official. By Larry Greenemeier, InformationWeek Dec. 28, 2004 The Bush administration plans to address the demands to advance its cybersecurity policies in the new year, but some critics question whether the ==========> 05-01-00-ACMUbiquity-UsersDislikeSlowingSoftwareForSecurity.txt========== What makes users unhappy: share-point team services web server security Avi Rushinek, Sara Rushinek January 2005 Ubiquity, Volume 6 Issue 2 Computer & Internet Security is very important but sometimes it is so confusing and frustrating that it makes users very unhappy— to a point where the system is so secure that it cannot be used by its most legitimate users, like system administrators ==========> 05-01-00-CACM-VirusesAndWormsGetLittleAttentionInCSEducation.txt========== Inside risks: Not teaching viruses and worms is harmful George Ledin Jr. January 2005 Communications of the ACM, Volume 48 Issue 1 Computer security courses are typically of two kinds. Most are of the first kind: guided tours to concepts and terminology, descriptive courses that inform and acquaint. These courses have few or no prerequisites and little technical content. The second kind of computer security courses is taken primarily by computer science majors. Usually elective courses, they offer a technical menu, ==========> 05-01-03-CNETNews-DoomsdayCyberAttackPossible.txt========== http://news.com.com/Preparing+for+a+doomsday+attack/2008-7348_3-5503100.html Preparing for a doomsday attack By Charles Cooper CNET News Story last modified Mon Jan 03 04:00:00 PST 2005 The Internet has withstood major assaults to bring the system crashing down, but each new cyberattack raises the specter of a doomsday scenario. ==========> 05-01-03-InvestBusDaily-SecurityRemainsInternetTroubleSpot.txt========== # "Security Issues Linger as Net's Trouble Spot" Investor's Business Daily (01/03/05) P. A9; Howell, Donna IT security teams employ stronger defenses against threats, but viruses, spam, phishing schemes, and other Internet-borne attacks are growing more dangerous. Spam now makes up nine out of 10 email messages compared to just seven out of 10 messages one year ago, according to FrontBridge Technologies. Firms have begun using spam-filtering services instead of spam-filtering software hosted on their own servers because such services are updated to new threats faster; outsourced spam filtering providers are able to view all their customers' email ==========> 05-01-05-Waynesville-56PercentOfWirelessNetworksUnprotected.txt========== http://waynesvilledailyguide.com/articles/2005/01/05/news/local_news/news05.txt Is your wireless network secure? Waynesville Daily Guide Jan. 5, 2005 UMR security interest group says most are not ROLLA--Wireless networks are spreading into many homes in America; however, many of these networks are insecure. A group of students from the University of Missouri-Rolla recently conducted an audit of the area's wireless networks to ==========> 05-01-06-MS-MSOffersFreeVirusAndAntiSpywarePrograms.txt========== http://www.microsoft.com/athome/security/spyware/software/default.mspx Microsoft Windows AntiSpyware (Beta): Overview Published: January 6, 2005 Microsoft Windows AntiSpyware (Beta) is a security technology that helps protect Windows users from spyware and other potentially unwanted software. Known spyware on your PC can be detected and removed. This helps reduce negative effects caused by spyware, including slow PC performance, annoying pop-up ads, unwanted changes to Internet settings, and unauthorized use of your ==========> 05-01-06-SJMerc-MSOffersFreeVirusAndAntiSpywarePrograms.txt========== http://www.siliconvalley.com/mld/siliconvalley/10580406.htm Posted on Thu, Jan. 06, 2005 Microsoft offers free virus-removal, anti-spyware programs WASHINGTON (AP) - Microsoft Corp., whose popular Windows software is a frequent target for Internet viruses, is offering a free security program to remove the most dangerous infections from computers. The program, with monthly updates, is a step toward plans by Microsoft to sell ==========> 05-01-09-Clickz-DevastingCyberAttackLikelyWithin10Years.txt========== http://www.clickz.com/stats/sectors/security/article.php/3456471 Experts: Devastating U.S. Cyber-Attack Within 10 Years By Rob McGann January 9, 2005 Clickz The U.S. will suffer at least one devastating attack to its national information network or power grid in the next 10 years. That's what two-thirds of expert respondents to a survey conducted by Pew Internet & American Life and ==========> 05-01-11-NatJTechDaily-ExCybersecurityChiefToFocusOnInternationalEfforts.txt========== http://www.govexec.com/dailyfed/0105/011105tdpm1.htm January 11, 2005 Ex-cybersecurity czar focuses on global coordination By William New, National Journal's Technology Daily A former White House cybersecurity adviser is working to build an international cybersecurity partnership program under contract to the Homeland Security Department. ==========> 05-01-11-SecFocus-HackerBreaksIntoT-MobileNetwork.txt========== http://www.securityfocus.com/news/10271 Hacker penetrates T-Mobile systems By Kevin Poulsen, SecurityFocus Jan 11 2005 7:43PM A sophisticated computer hacker had access to servers at wireless giant T-Mobile for at least a year, which he used to monitor U.S. Secret Service e-mail, obtain customers' passwords and Social Security numbers, and download candid photos taken by Sidekick users, including Hollywood celebrities, SecurityFocus has learned. ==========> 05-01-12-SJMerc-HackerBreaksIntoT-MobileNetwork.txt========== http://www.siliconvalley.com/mld/siliconvalley/10633193.htm Posted on Wed, Jan. 12, 2005 Hacker breaks into T-Mobile network WASHINGTON (AP) - A hacker broke into a wireless carrier's network over at least seven months and read e-mails and personal computer files of hundreds of customers, including the Secret Service agent investigating the hacker, the government said Wednesday. ==========> 05-01-12-WashPost-AnotherComputerSecurityOfficialQuitsDHS.txt========== http://www.washingtonpost.com/wp-dyn/articles/A2265-2005Jan11.html Another Computer Security Official Quits Critics Say Division Lacks Aggressiveness By Brian Krebs and Jonathan Krim Washington Post Staff Writers Wednesday, January 12, 2005; Page E01 The Homeland Security Department official in charge of protecting the nation's physical and computer infrastructure is stepping down at the end of the month ==========> 05-01-13-InetNews-TorvaldsCriticizesSecurityProblemNotification.txt========== http://www.internetnews.com/dev-news/article.php/3458961 January 13, 2005 Torvalds Criticizes Security Approaches By Sean Michael Kerner Internet News Linux creator Linus Torvalds had a few things to say this week about the way potential security issues are disclosed to fellow open sourcers. And it wasn't all good. ==========> 05-01-13-LATimes-HackerBreaksIntoT-MobileNetwork.txt========== http://www.latimes.com/business/la-fi-hacker13jan13,0,2281077.story?coll=la-home -headlines Hacker May Have Infiltrated Cellphone Data T-Mobile says hundreds of users had voice mail and other personal information exposed. By Joseph Menn Los Angeles Times Staff Writer January 13, 2005 ==========> 05-01-17-InfoWeek-CyberAttackIncreasinglyUseAutomatedTools.txt========== http://www.informationweek.com/story/showArticle.jhtml?articleID=57701362 Machine Wars The battle between good and evil in cyberspace is increasingly fought with automated tools By Thomas Claburn, InformationWeek Jan. 17, 2005 Last year, a computer worm that conducts automated reconnaissance appeared; it uses the Google Inc. search engine to automatically find Web sites running ==========> 05-01-24-InfoWeek-WhatIsUSFederalRoleInCybersecurity.txt========== http://www.informationweek.com/story/showArticle.jhtml?articleID=57702607&tid=13 692 Federal Role In Ensuring Cybersecurity Isn't Clear By Larry Greenemeier, InformationWeek Jan. 24, 2005 Over the next four years, much work needs to be done to shore up cybersecurity for the nation's energy utilities, manufacturing and transportation facilities, telecommunication and data networks, and financial-services firms. Together, ==========> 05-01-26-CNETNews-USBattleToSecureCyberspace.txt========== http://news.com.com/The+United+States+battle+to+secure+cyberspace/2008-1082_3-55 50064.html The United States' battle to secure cyberspace By Robert Lemos CNET News Story last modified Wed Jan 26 04:00:00 PST 2005 Robert Liscouski doesn't hesitate to explain why he's leaving the Department of Homeland Security: He pledged two years, and time's up. ==========> 05-01-26-SecPipe-FormerDHSCybersecurityChiefInterview.txt========== http://www.securitypipeline.com/57702552 January 26, 2005 Q&A with Amit Yoran A Secure Enterprise Interview By David Joachim Secure Enterprise SE: Why did you leave the Department of Homeland Security? AY: The agreement I had was to come on board at this early stage to create the ==========> 05-01-27-BetaNews-BagleWormAnniversaryBringsNewVariants.txt========== http://www.betanews.com/article/Bagle_Worm_Returns_for_Anniversary/1106865364 Bagle Worm Returns for Anniversary By David Worthington, BetaNews January 27, 2005, 5:36 PM Virus writers have marked the one-year anniversary of the Bagle mass-mailing worm with an unwelcome surprise: new variants. Bagle's return has prompted leading antivirus vendors to issue advisories warning of the worm's spread classifying the worm as a "medium" risk. ==========> 05-01-27-CompResNews-WindowsMySQLWormExploitsPoorPasswords.txt========== http://www.crn.com/sections/breakingnews/dailyarchives.jhtml?articleId=59100379 MySQL Malware Just Wants To Chat By Linux Pipeline Staff 4:40 PM EST Thu. Jan. 27, 2005 Security experts are tracking a new malware variant, targeting the MySQL open-source database, which has likely infected thousands of Windows systems. According to a report posted on the SANS Institute's Internet Storm Center site ==========> 05-01-27-InetNews-MoreFlawsDiscoveredInCiscoIOS.txt========== http://www.internetnews.com/security/article.php/3465131 January 27, 2005 Multiple Flaws Hound Cisco By Sean Michael Kerner Internet News A week after Cisco reported a vulnerability in its Internetwork Operating System (IOS) Software Embedded Call Processing Solutions, the company has, thrice again, been hit. ==========> 05-01-27-NetWorld-MoreFlawsDiscoveredInCiscoIOS.txt========== http://www.nwfusion.com/news/2005/0127ios.html?fsrc=netflash-rss Three more flaws discovered in Cisco IOS By Phil Hochmuth Network World Fusion, 01/27/05 Cisco this week warned of several vulnerabilities in its IOS software that could be used by attackers to bring down routers in enterprise and service provider networks. ==========> 05-01-28-NewsFact-BagleWormAnniversaryBringsNewVariants.txt========== http://www.newsfactor.com/perl/story/30066.html New Bagle Worms Reported By Elizabeth Millard NewsFactor Network January 28, 2005 10:55AM Two new variants of the Bagle worm are spreading through e-mail and peer-to-peer networks, according to security experts. Bagle.AX and Bagle.AY are the 50th and 51st variants of the worm that first appeared just one year ago. ==========> 05-01-28-NewsFact-WindowsMySQLWormExploitsPoorPasswords.txt========== http://www.newsfactor.com/entsec/story.xhtml?story_title=Poor-Passwords-Exploite d-by-MySQL-Bot&story_id=30078&category=entsec Poor Passwords Exploited by MySQL Bot By Erika Morphy Enterprise Security Today January 28, 2005 1:01PM Poorly chosen, weak passwords leave systems vulnerable to a new worm called "MySQL bot." The malware targets Windows systems running the MySQL open-source ==========> 05-01-30-NYT-JohnsHokinsResearchersCrackTICarKeyCode.txt========== http://www.nytimes.com/aponline/science/AP-Car-Security-Cracked.html?oref=login January 30, 2005 Researchers Claim to Crack Car Key Code By THE ASSOCIATED PRESS New York Times Filed at 7:28 p.m. ET BALTIMORE (AP) -- Researchers said they have found a way to crack the code used in millions of car keys, a development they said could allow thieves to bypass ==========> 05-01-31-USACM-PITACApprovesReportOnFederalCybersecurityRandD.txt========== =================================================== ACM Washington Update, Vol. 9.1 (January 31, 2005) =================================================== [4] PITAC APPROVES REPORT ON FEDERAL CYBERSECURITY R&D The President's Information Technology Advisory Committee (PITAC) -- whose membership includes USACM Chair Eugene Spafford and ACM President David Patterson -- held a meeting in January during which committee members approved a report by their Subcommittee on Cyber Security. ==========> 05-01-31-USACM-WhiteHouseNamesNewHomelandSecurityDirector.txt========== =================================================== ACM Washington Update, Vol. 9.1 (January 31, 2005) =================================================== [5] WHITE HOUSE NAMES NEW HOMELAND SECURITY DIRECTOR The White House has chosen Michael Chertoff, a Federal appeals court judge, to be secretary of the Department of Homeland Security. Chertoff was a key figure in the United States' legal response to the terrorist attacks of September 11, 2001, in the Justice Department's criminal ==========> 05-02-00-TechRev-TerroristsCouldUseCyberAttacks.txt========== http://www.technologyreview.com/articles/05/02/issue/feature_terror.asp Terror’s Server By David Talbot Febuary 2005 Technology Review Richard A. Clarke spent 11 years in senior policymaking positions at the White House, advising presidents on matters of counterterrorism and cyber security. When the Sept. 11 attacks took place he was the counterterrorism adviser to the National Security Council. He now heads Good Harbor Consulting. Clarke recently ==========> 05-02-01-EWeek-PHPConsortiumTacklesApplicationSecurity.txt========== http://www.eweek.com/article2/0,1759,1758408,00.asp PHP Consortium Tackles Third-Party Application Security February 1, 2005 By Ryan Naraine eWeek Worried that the credibility of the PHP scripting language is being hurt by high-profile security flaws in third-party applications, an international group of coding experts is taking matters into their own hands. ==========> 05-02-07-WashTimes-NewDHSChiefFacesDilemma.txt========== http://www.washtimes.com/upi-breaking/20050206-080323-6669r.htm Analysis: New DHS pick faces cyber dilemma By Shaun Waterman Washington Times UPI Homeland and National Security Editor Washington, DC, Feb. 7 (UPI) -- It looks almost certain that former federal prosecutor Michael Chertoff will be confirmed as Homeland Security secretary, and one of the first items in his in-tray will be how to deal with the question ==========> 05-02-07-Wired-SecurityRisksFoundInVoIPProtocols.txt========== http://wired.com/news/technology/0,1282,66512,00.html Hold the Phone, VOIP Isn't Safe By Elizabeth Biddlecombe Wired 02:00 AM Feb. 07, 2005 PT In recognition of the fact that new technologies are just as valuable to wrongdoers as to those in the right, a new industry group has formed to look at the security threats inherent in voice over internet protocol. ==========> 05-02-09-SecFocus-AntiVirusSoftwareDoesNotCheckAllFileTypes.txt========== http://www.securityfocus.com/columnists/298 Unexpected Attack Vectors Security Focus By Scott Granneman Feb 09 2005 02:33PM PT Back in 1882, Los Angeles was a rough, dry town of 12,000 people that had been an incorporated municipality for a little over 3 decades. 1882 also saw the introduction of telephone service and electric streetlights. At the time there were several newspapers in town, including the Los Angeles Tribune and the Los ==========> 05-02-10-eWeek-VirusAttacksMSAntiSpywareSystem.txt========== http://www.eweek.com/article2/0,1759,1763560,00.asp Trojan Targets Microsoft's AntiSpyware Beta By Matthew Broersma February 10, 2005 eWeek Malicious programmers are already sharpening their claws on Microsoft Corp.'s anti-spyware software, even before the application's official release. ADVERTISEMENT ==========> 05-02-10-InfoWeek-MSSaysItsMakingProgressOnSecurity.txt========== http://www.informationweek.com/story/showArticle.jhtml?articleID=60300220 Microsoft's Security Chief Says Windows Safer Than Linux Microsoft's top security honcho insists that Microsoft "is making progress on security using any reasonable metric." By Gregg Keizer, TechWeb News Feb. 10, 2005 Microsoft's top security honcho insisted Thursday that Microsoft "is making progress on security using any reasonable metric." ==========> 05-02-10-Newsweek-RadicalIslamicWebsiteCallForCyberTerror.txt========== http://www.msnbc