December 27, 1999 Online crooks beware: Lab's cyber-sleuths on your trail Investigative team is an arm of Utah attorney general The state has a new team of crime fighters that sifts though hard drives instead of crime scenes. The Utah Computer Forensics Laboratory was created in March when it was made an investigative arm of the state Attorney General's Office. About two years ago the state realized that the growing number of crimes being committed by computers was creating a challenge for law enforcement, said Utah Chief Deputy Reed Richards. "The police officers knew how to use WordPerfect all right," Richards said. "But they didn't know how to make sure they got all the data off a computer." http://www.deseretnews.com/dn/view/0,1249,145014619,00.html - - - - - - - - - - - - - - - - - Over A Third Of UK Businesses Are Unprotected Against Internet Crime Over a third of UK businesses on the Internet are unprotected against Internet crime, according to Novell. A survey conducted by Novell which questioned 150 UK-based IT managers and directors who use the Internet as a business tool, found that 37% of UK companies on the net have no firewall and 44% do not make use of authentication. http://www.info-sec.com/internet/99/internet_122799b_j.shtml - - - - - - - - - - - - - - - - - - Online fraud on increase Internet users were last week warned to be on their guard against online fraudsters. The Association of British Tour Operators (Abta) said some websites selling holiday accommodation could be run by unscrupulous agents. It predicted a flood of complaints from holidaymakers who pay over the net and have no redress when things go wrong. Booking travel online is not especially risky, provided the agent or tour operator is bonded with either Abta or Atol (Air Travel Organisers Licence). But anybody booking accommodation through a website may be vulnerable. http://www.sunday-times.co.uk/news/pages/sti/99/12/26/stitrldrc01001.html - - - - - - - - - - - - - - - - - - U.S. firms in trouble over Net betting Online ventures in Australia run afoul of Nevada regulators Two U.S. gambling companies that dared to dip a toe into the perilous waters of Internet wagering have been bitten. Both International Game Technology Inc and American Wagering Inc. face possible disciplinary action by regulators in Nevada — which could include loss of their valuable state gaming licenses — because of their involvement in online wagering-related enterprises in Australia. http://www.msnbc.com/news/350206.asp - - - - - - - - - - - - - - - - - - Info on AOL RIOT Hoax discovered 12-21-99 An email message is being distributed which suggests that the email message itself should be forwarded to 10 AOL members or risk losing account access. This message is considered a hoax by AVERT. Do not forward this message and if received directly, forward a copy to the proper group for handling. http://vil.nai.com/vil/ve10481.asp - - - - - - - - - - - - - - - - - - Viruses ranked year's top security issue CORPORATE security website SecurityPortal.com has ranked viruses as the major security issues to face businesses in 1999. The company has ranked the top 10 security stories for the year, leading the list by recognising the increasing public awareness of security issues the Melissa, ExploreZip and "a host of lesser known players" have generated. http://www.it.fairfax.com.au/breaking/19991227/A59636-1999Dec27.html - - - - - - - - - - - - - - - - - - Incoming Web Attack Warning Within days Web sites may come under attack by two powerful, elusive intruder programs that bombard sites and servers with denial-of-service messages, according to computer network security experts at Carnegie Mellon University's CERT Coordination Center. The Tribe Flood Network (TFN) and the new Trinoo are currently under development and are being deployed on the Internet, says CERT. "It's a bandwidth denial of service attack designed to consume available resources on the target's Internet connection," says Kevin Houle, CERT incident response team leader. http://www.currents.net/newstoday/99/12/27/news3.html - - - - - - - - - - - - - - - - - - Risks come with high-tech future President Clinton's Y2K czar, John Koskinen, has asked computer hackers to stand down around the first of the year because "we are going to have enough things going on that weekend" without their added input. But the FBI and the Defense Department doubt that determined intruders will honor Koskinen's request. Both agencies have warned of potential New Year's cyber-attacks. http://deseretnews.com:80/dn/view/0,1249,145013817,00.html - - - - - - - - - - - - - - - - - - New Crypto Regs Get Approval Computer privacy advocates are hailing the Clinton Administration's latest crack at encryption regulations as a major improvement over the draft regulations unveiled earlier this year. "There are a few flaws, but there are not the monumental deal killers" that were present in the first draft, Americans For Computer Privacy (ACP) spokesperson Sue Richard told Newsbytes today. "This draft comes a lot closer to addressing the promises made" by the Administration, she said, adding that the ACP is "very encouraged" by the progress that has been made. http://www.currents.net/newstoday/99/12/26/news7.html - - - - - - - - - - - - - - - - - - Online privacy a hot issue for the FTC Privacy on the Web has become a major issue as millions of consumers go online for the first time. The Federal Trade Commission, which enforces consumer protection laws, this fall issued rules for the Children's Online Privacy Protection Act, the first federal Internet privacy law, saying that Web site operators have to get the consent of parents before they collect, use or disclose personal information from young children. FTC Commissioner Orson Swindle recently met with Mercury News Staff Writer Deborah Kong and Editorial Writers Phil Yost and John Fensterwald. http://www.mercurycenter.com/svtech/news/indepth/docs/qa122799.htm - - - - - - - - - - - - - - - - - - Swedish military to prepare for high-tech warfare The Swedish government plans to train special information technology soldiers to protect the nation's military computer systems from hackers, a newspaper reported Monday. The government has issued a directive to the armed forces to train ``IT soldiers'' to be able to destroy hostile systems as well as protect Swedish computer systems, according to the daily Svenska Dagbladet. http://www.sjmercury.com/svtech/news/breaking/merc/docs/008563.htm - - - - - - - - - - - - - - - - - - Hackers Rule OK People may associate it with the US, but hacking - both legal and illegal - is an international phenomenon. And Britain has its own distinct history of computer exploits. Hackers are often thought of as sinister computer criminals or a grubby and degenerate social underclass. In reality the history of hacking includes some of the greatest technological and intellectual innovations in modern times alongside the better-publicised computer crimes. Many prefer to draw a line between experimentation and programming, on the one hand, and illegal or destructive computer activity (often referred to as "cracking") on the other. http://www.zdnet.co.uk/news/1999/51/ns-12334.html - - - - - - - - - - - - - - - - - - Chaos Reigns in Berlin Any time the inimitable Berlin hackers of the Chaos Computer Club convene, count on cutting-edge insights to emerge from the proceedings. That should be true at the 16th annual CCC congress opening Monday in Berlin, even though the vitality of the three-day event could be short-circuited by the surge of Y2K angst. After all, just the sort of gifted, seasoned hackers and computer visionaries the CCC attracts will in many cases be chained to their desks, stuck on the Y2K watch. http://www.wired.com/news/culture/0,1284,33263,00.html - - - - - - - - - - - - - - - - - - How to Get a Job in Computer Security ABC's report on hackers just encouraged illegal intrusions into computer networks. The two questions I'm asked most frequently by readers are "How do I hack computers?" and "How do I get a job in security?" About eighteen months ago, I started a series of columns on how to hack computers. Since real hackers want to learn about computers on their own, the columns were focused on providing assignments for readers to complete on their own. Each column outlined a computer principle, with little guidance. http://www.zdnet.com/zdtv/cybercrime/spyfiles/story/0,3700,2413045,00.html - - - - - - - - - - - - - - - - - - Zero Knowledge Protocols: Isomorphs, Proxies, and Agents Modern mathematics deals with abstractions or concepts not encountered in daily existence. But mathematical concepts that fall beyond the five senses are indeed real, and they whisper truths to us if we pay heed. Simon Singh, the author of The Code Book (Doubleday, 1999), argues that the First World War was a chemist's war, the Second World War a physicist's war, but future conflicts will be a mathematician's war. The math underpinning cryptography has a dramatic impact on computer security. Our information systems' robust survival rests upon this arcane knowledge. http://securityportal.com/direct.cgi?/cover/coverstory19991227.html