mirror of
https://github.com/fdiskyou/Zines.git
synced 2025-03-09 00:00:00 +01:00
587 lines
32 KiB
Text
587 lines
32 KiB
Text
==Phrack Inc.==
|
|
|
|
Volume Four, Issue Thirty-Eight, File 15 of 15
|
|
|
|
PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
|
|
PWN PWN
|
|
PWN Phrack World News PWN
|
|
PWN PWN
|
|
PWN Issue XXXVIII / Part Three of Three PWN
|
|
PWN PWN
|
|
PWN Compiled by Dispater & Friends PWN
|
|
PWN PWN
|
|
PWN Special Thanks to Datastream Cowboy PWN
|
|
PWN PWN
|
|
PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
|
|
|
|
|
|
CFP-2: Sterling Speaks For "The Unspeakable" March 25, 1992
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
By Barbara E. McMullen & John F. McMullen (Newsbytes)
|
|
|
|
WASHINGTON, D.C. -- Bruce Sterling, the prime luncheon speaker at the 2nd
|
|
Annual Conference On Computers Freedom & Privacy (CFP-2), fulfilled his program
|
|
billing as "Speaking for the Unspeakable" by taking on three separate persona
|
|
and delivering what might have been their messages.
|
|
|
|
Sterling, best known as a science fiction writer, spoke for three characters, a
|
|
"a malicious hacker," a Latin American police official, and a Hong Kong
|
|
businessman, who were, in his words, "too venal, violent, treacherous, power-
|
|
mad, suspicious, or meanspirited to receive (or accept) an invitation to
|
|
attend."
|
|
|
|
Sterling began his speech by introducing himself and then saying, "When the CFP
|
|
committee asked me if I might recommend someone to speak here at CFP-2, I had
|
|
an immediate candidate. I thought it would be great if we could all hear from
|
|
a guy who's been known as Sergei. Sergei was the KGB agent runner for the
|
|
Chaos Computer Club group who broke into Cliff Stoll's computer in the famous
|
|
Cuckoo's Egg case. Now Sergei is described as a stocky bearded Russian
|
|
espionage professional in his mid-40s. He's married, has kids and his hobby
|
|
is fishing, in more senses than one, apparently. Sergei used to operate out of
|
|
East Berlin, and, as far as I personally know, Sergei's operation was the
|
|
world's first and only actual no-kidding, real-life case of international
|
|
computer espionage. So I figured -- why not send Yelsin a fax and offer Sergei
|
|
some hard currency; things are pretty lean over at KGB First Directorate these
|
|
days. CFP could have flown this guy in from Moscow on a travel scholarship and
|
|
I'm sure that a speech from Sergei would be far more interesting than anything
|
|
I'm likely to offer here. My proposal wasn't taken up and instead I was asked
|
|
to speak here myself. Too bad!
|
|
|
|
"This struck me as rather a bad precedent for CFP which has struggled hard to
|
|
maintain a broad universality of taste. Whereas you're apparently willing to
|
|
tolerate science fiction writers, but already certain members of the computer
|
|
community, KGB agents, are being quietly placed beyond the pale. But you know,
|
|
ladies and gentlemen, just because you ignore someone doesn't mean that person
|
|
ceases to exist -- and you've not converted someone's beliefs merely because
|
|
you won't listen. But instead of Comrade Sergei, here I am -- and I am a
|
|
science fiction writer and, because of that, I rejoice in a complete lack of
|
|
any kind of creditability!
|
|
|
|
"Today I hope to make the best of that anomalous position. Like other kinds of
|
|
court jesters, science fiction writers are sometimes allowed to speak certain
|
|
kinds of unspeakable truth, if only an apparent parody or metaphor. So today,
|
|
ladies and gentlemen, I will exercise my inalienable civil rights as a science
|
|
fiction writer to speak up on behalf of the excluded and the incredible. In
|
|
fact, I plan to abuse my talents as a writer of fiction to actually recreate
|
|
some of these excluded, incredible unspeakable people for you and to have them
|
|
address you today. I want these people, three of them, to each briefly address
|
|
this group just as if they were legitimately invited here and just as if they
|
|
could truly speak their mind right here in public without being arrested."
|
|
|
|
Sterling then went on to assure the crowd that he was not speaking his personal
|
|
conviction, only those of his characters, and warned the group that some of the
|
|
material might be offensive. He then launched into the delivery of his
|
|
characters' speeches -- speeches which had the hacker talking about real damage
|
|
-- "the derailing of trains"; the Latin police official, a friend and admirer
|
|
of Noriega, discussing the proper way of dealing with hackers; and the
|
|
businessman explaining way, in the age of high speed copiers, laser printers
|
|
and diskette copying devices, the US copyright laws are irrelevant.
|
|
|
|
Often intercepted by laughter and applause, Sterling received a standing
|
|
ovation at the conclusion of the speech. Computer Press Association newsletter
|
|
editor Barbara McMullen was overhead telling Sterling that he had replaced
|
|
"Alan Kay as her favorite luncheon speaker," while conference chair Lance
|
|
Hoffman, who had received an advance copy of the speech a few weeks before,
|
|
described the speech as "incredible and tremendous".
|
|
|
|
Sterling, relaxing after the talk with a glass of Jack Daniels, told Newsbytes
|
|
that the speech had been fun but a strain, adding, "Next time they'll really
|
|
have to get Sergei. I'm going back to fiction."
|
|
|
|
Sterling's non-fiction work on computer crime, "The Hacker Crackdown" is due
|
|
out from Bantam in the fall and an audio tape of the CFP-2 speech is available
|
|
>from Audio Archives. He is the author of "Islands In The Net" and is the co-
|
|
author, with William Gibson, of the presently best-selling "The Difference
|
|
Engine."
|
|
|
|
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
|
|
The Bruce Sterling luncheon video tape is now available, sizzling, and
|
|
affordable to the Phrack readers.
|
|
|
|
$19.95 + $4 (shipping and handling)
|
|
|
|
Call now: (800)235-4922
|
|
or
|
|
CFP Video Library Project
|
|
P.O. Box 912
|
|
Topanga, CA 90290
|
|
|
|
Tell them you heard about it from The WELL and you'll get the above price.
|
|
_______________________________________________________________________________
|
|
|
|
CFP-2 Features Role-Playing FBI Scenario March 25, 1992
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
By Barbara E. McMullen (Newsbytes)
|
|
|
|
WASHINGTON, D.C.-- As part of the "Birds-of-a-Feather" (BOF) sessions featured
|
|
at the 2nd Conference on Computers, Freedom & Privacy (CFP-2), FBI Agent J.
|
|
Michael Gibbons, acting as a live gamemaster, orchestrated the play-acting of
|
|
an investigation by federal agents into allegations of computer intrusion and
|
|
criminal activity.
|
|
|
|
The scenario, set up by Gibbons to show the difficulties faced by investigators
|
|
in balancing the conducting of an investigation with a protection of the rights
|
|
of the individual under investigation, was acted out with non-law enforcement
|
|
officials cast in the role of investigators; New York State Police Senior
|
|
Investigator Donald Delaney as "Doctor Doom," the suspected ringleader of the
|
|
computer criminals; Newsbytes New York Bureau Chief John McMullen as a
|
|
magistrate responsible for considering the investigators' request for a search
|
|
warrant; and author Bruce Sterling as a neighbor and possible cohort of Doctor
|
|
Doom.
|
|
|
|
Gibbons, in his role of Gamemaster, regularly intercepted the action to involve
|
|
the audience in a discussion of what the appropriate next step in the scenario
|
|
would be -- "Do you visit the suspect or get a search warrant or visit his
|
|
school or employer to obtain more information? Do you take books in the search
|
|
and seizure? Printers? Monitors? etc." During the discussion with the
|
|
audience, points of law were clarified by Mike Godwin, Electronic Frontier
|
|
Foundation in-house counsel, and Alameda County Assistant District Attorney
|
|
Donald Ingraham.
|
|
|
|
The role-playing session immediately followed a BOF panel, "Hackers: Why Don't
|
|
They Understand" which attempted to present a hacker view of on-line ethics.
|
|
The panel, moderated by McMullen, was composed of Steven Levy, MacWorld
|
|
columnist and author of "Hackers"; Dorothy Denning, Chair of Computer Science
|
|
at Georgetown University; Glenn Tenney, California Congressional candidate and
|
|
chair of the annual "Hacker's Conference"; Craig Neidorf, defendant in a
|
|
controversial case involving the electronic publishing of a stolen document;
|
|
"Dispater," the publisher of the electronic publication "Phrack"; Emmanuel
|
|
Goldstein, editor and publisher of "2600: The Hacker Quarterly," and hacker
|
|
"Phiber Optik."
|
|
|
|
During the panel discussion, Levy, Denning and Tenney discussed the roots of
|
|
the activities that we now refer to as hacking, Goldstein and Dispater
|
|
described what they understood as hacking and asked for an end to what they see
|
|
as overreaction by the law enforcement community, Neidorf discussed the case
|
|
which, although dropped by the government, has left him over $50,000 in debt;
|
|
and Phiber Optik described the details of two searches and seizures of his
|
|
computer equipment and his 1991 arrest by Delaney.
|
|
|
|
In Neidorf's talk, he called attention to the methods used in valuing the
|
|
stolen document that he published as $78,000. He said that it came out after
|
|
the trial that the $78,000 included the full value of the laser printer on
|
|
which it was printed, the cost of the word processing system used in its
|
|
production and the cost of the workstation on which it was entered. Neidorf's
|
|
claims were substantiated by EFF counsel Godwin, whose filing of a motion in
|
|
the Steve Jackson cases caused the release of papers including the one referred
|
|
to by Neidorf. Godwin also pointed out that it was the disclosure by
|
|
interested party John Nagle that the document, valued at $78,000, was
|
|
obtainable in a book priced at under $20.00 that led to the dropping of the
|
|
charges by the US Attorney's office.
|
|
|
|
SRI security consultant Donn Parker, one of the many in the audience to
|
|
participate, admonished Phiber and other hackers to use their demonstrated
|
|
talents constructively and to complete an education that will prepare them for
|
|
employment in the computer industry. Another audience member, Charles Conn,
|
|
described his feeling of exhilaration when, as a 12-year old, he "hacked" into
|
|
a computer at a local Kentucky Fried Chicken. Conn said "It was wonderful. It
|
|
was like a drug. I just wanted to explore more and more."
|
|
|
|
Parker later told Newsbytes that he thought that it was a mistake to put
|
|
hackers such as Phiber Optik and those like Craig Neidorf who glorify hackers
|
|
on a panel. Parker said, "Putting them on a panel glorifies them to other
|
|
hackers and makes the problem worse."
|
|
|
|
The Birds-of-a-Feather sessions were designed to provide an opportunity for
|
|
discussions of topics that were not a part of the formal CFP-2 program.
|
|
_______________________________________________________________________________
|
|
|
|
Computer Revenge A Growing Threat March 9, 1992
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
By Tom Steinert-Threlkeld (Dallas Morning News)
|
|
Article in the Chicago Tribune, Page C3
|
|
|
|
The "downsizing" of corporate America is not only making companies lean and
|
|
mean.
|
|
|
|
It's doing the same thing to employees losing their jobs, said Thomas F. Ellis,
|
|
a partner in Arthur Andersen & Co.'s Computer Risk Management Services.
|
|
|
|
He looks at the latest form of revenge by employee against former employer.
|
|
Fraud, embezzlement and theft of secrets are no longer the only forms of
|
|
frustrated payback. The calling card in the digital age is computer sabotage.
|
|
|
|
It's an invisible epidemic that corporations don't like to talk about while
|
|
they're trying to convince banks and creditors they are becoming more efficient
|
|
by downsizing, said Ellis and William Hugh Murray, information systems security
|
|
consultant to Deloitte & Touche, another of the Big Six accounting firms.
|
|
|
|
"A lot of the business trends in the U.S. are really threatening data
|
|
security," said Sanford M. Sherizen, a Natick, Massachusetts computer security
|
|
consultant. "Corporations are paying a huge price for it," without disclosing
|
|
it.
|
|
|
|
The downsizing has led to inadequate attention to security precautions, argues
|
|
Sherizen. The underlying trend: Fewer and fewer people are being given more
|
|
and more responsibility for information systems.
|
|
|
|
That breeds opportunity for revenge, said Sherizen. No longer does only the
|
|
supposedly misfit hacker, gulping down Cokes and Fritos in the middle of the
|
|
night, merit watching. Sherizen's worldwide set of clients have found that the
|
|
middle manager wearing the white shirt and tie in the middle of the day also
|
|
deserves scrutiny, he says.
|
|
|
|
Those managers, if mistreated, find it inviting to strike back creatively. The
|
|
VTOC, for example.
|
|
|
|
This is jargon for the Volume Table of Contents. This is a directory a
|
|
computer compiles to keep track of where programs and data are stored. A large
|
|
Andersen client was paralyzed recently when a VTOC in its information system
|
|
was scrambled by a downsizing victim, Ellis said.
|
|
|
|
"If you destroy the VTOC in a mainframe system, then you destroy the computer's
|
|
ability to go out and find programs and data, so you can pretty effectively
|
|
devastate a computer installation by destroying the VTOC, without ever touching
|
|
the programs and data," he said.
|
|
|
|
But those bent on revenge are not above leaving time bombs in computer systems
|
|
that will go off after their departure, destroying programs and data.
|
|
|
|
They also are appropriating information from magnetic memories and selling it
|
|
at hefty prices in the burgeoning field known euphemistically as "commercial
|
|
business intelligence," said Sherizen.
|
|
|
|
Most companies hush up these cases, because they fear copycat avengers will
|
|
strike when their vulnerability is exposed. They also don't like to be
|
|
publicly embarrassed, the security experts say.
|
|
|
|
Technical safeguards don't hold a candle to human safeguards, said Murray.
|
|
|
|
The best way to protect against sabotage is to prevent disaffection in the
|
|
first place. Treat as well as possible those who are being fired. Compensate
|
|
fairly those who are staying.
|
|
|
|
Show appreciation, day in and day out. Most revenge is slow to boil and comes
|
|
>from employees who finally conclude that their contributions are going
|
|
unrecognized, said Murray.
|
|
|
|
"Saying 'please' and 'thank you' are an incredibly important control" against
|
|
sabotage, he said.
|
|
_______________________________________________________________________________
|
|
|
|
Computer Crime Problem Highlighted March 9, 1992
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
By Oscar Rojo (Toronto Star)(Page B3)
|
|
|
|
With the growing corporate dependence on computers, "information crimes" have
|
|
become easier to commit but harder to detect, says a Toronto-based security
|
|
company.
|
|
|
|
"Electronic intrusion is probably the most serious threat to companies that
|
|
rely on computerized information systems," Intercon Security Ltd. says in its
|
|
Allpoints publication.
|
|
|
|
Allpoints cited a study of 900 businesses and law enforcement agencies in
|
|
Florida showing that one of four businesses had been the victim of some form of
|
|
computer crime.
|
|
|
|
"While most of the media attention has focused on "hackers," individuals who
|
|
deliberately and maliciously try to disrupt business and government systems,
|
|
one estimate indicates that 75 per cent plus of electronic intrusion crimes may
|
|
be "insider attacks" by disgruntled employees," the publication said.
|
|
|
|
In Intercon's experience, vice-president Richard Chenoweth said the company is
|
|
as likely to find a corporate crime committed by a disgruntled employee as one
|
|
perpetrated by an outsider.
|
|
|
|
Intercon said the technology exists to guard against most electronic
|
|
intrusions. "The problem is that many information managers still don't believe
|
|
there is a risk, so they are not making the best possible use of what is
|
|
available."
|
|
_______________________________________________________________________________
|
|
|
|
Criminals Move Into Cyberspace April 3, 1992
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
By Mick Hurrell (The Times)(Features Section)
|
|
|
|
The hacker and the virus programmer embodied the popular notion of computer
|
|
crime in the 1980s, and they are still the most widely known criminal acts in
|
|
computer technology.
|
|
|
|
The advent of new technologies over the past decade has created a whole new
|
|
casebook of serious crimes, but they have yet to gain the notoriety of computer
|
|
viruses such as Friday 13th or Michelangelo.
|
|
|
|
More then 3,000 computer crimes around the world in the past 20 years have now
|
|
been documented by SRI International (SRII), a Californian information security
|
|
consultancy. They include attempted murder, fraud, theft, sabotage, espionage,
|
|
extortion, conspiracy and ransom collection.
|
|
|
|
Against this disturbing background, Donn Parker, SRII's senior international
|
|
security consultant, is telling businesses they will be under increasing attack
|
|
>from sophisticated criminals using computer technology and from others intent
|
|
on causing disruption.
|
|
|
|
"New technology brings new opportunities for crime," he says. "We must
|
|
anticipate future types of crime in our security efforts before they become
|
|
serious problems."
|
|
|
|
His prospective list ranges from the annoying to the fraudulent, and includes
|
|
small computer theft, desktop forgery, digital imaging piracy, voice and
|
|
electronic mail terrorism, fax graffiti attacks, electronic data interchange
|
|
fraud, and placement of unauthorized equipment in networks.
|
|
|
|
Some of these crimes are more obvious than others. The advanced digital
|
|
imaging systems now being used in the television and film industry to create
|
|
spectacular special effects, for example, could become a new target for crime.
|
|
As digital imaging can alter video images seamlessly, the possibilities for
|
|
sophisticated fraud are numerous.
|
|
|
|
The theft of small computers and components has already increased. "I think
|
|
it will be worse than the typewriter theft problem of the 1970s and 1980s," Mr.
|
|
Parker says. "We are now teaching information-security people that they have
|
|
to learn how to protect small objects of high value. The content of the
|
|
computers could be more valuable than the hardware itself.
|
|
|
|
"I do not think the criminal community is yet aware of a computer's value other
|
|
than on the used equipment market, but ultimately some are going to figure out
|
|
that the contents the data are more valuable, which could lead to information
|
|
being used for extortion."
|
|
|
|
Desktop forgery is another crime that looks certain to boom and plague
|
|
businesses of all types. Desktop publishing software, combined with the latest
|
|
color laser printers and photocopiers, is proving an ideal forger's tool. Gone
|
|
is the dingy cellar with printing plates and press: Forgers can work from
|
|
comfortable offices or their own homes and produce more accurate fakes than
|
|
ever before.
|
|
|
|
Original documents can be fed into a computer using a scanner, then subtly
|
|
altered before being printed out. Business documents such as purchase orders
|
|
and invoices are obvious targets for the forgers, as are checks. The quality
|
|
of a forgery is now limited only by the paper on which it is printed.
|
|
|
|
Mr. Parker says: "As the technology gets cheaper and more available, this is
|
|
something that could flourish."
|
|
|
|
But although many of these new forms of computer crime bring with them the
|
|
possibility of increased business losses, one threat overshadows them all. "The
|
|
big security issues are going to involve networks and the connection of
|
|
computers to many others outside an organization," says Rod Perry, a partner
|
|
with Coopers & Lybrand Deloitte, the consultants.
|
|
|
|
The fear is that sophisticated criminals will take advantage of a clash between
|
|
the desire for system flexibility and the constraint necessarily imposed by
|
|
security. Mr. Perry adds: "The business need is paramount, and people will
|
|
accept the risk up to a point."
|
|
|
|
Networks are attractive because they allow information to be easily transferred
|
|
between users, and give free and easy access to data bases from many locations
|
|
within an organization that can extend across countries and continents. Making
|
|
them secure against interference from both outside and within is difficult.
|
|
|
|
Mr. Parker says: "Today's microcomputers and local and global networks have
|
|
left information security far behind. We are dealing with what we call
|
|
cyberspace. We are connecting our networks so that we now have a single
|
|
worldwide network of data communications.
|
|
|
|
"We have inadvertently freed the criminal from proximity to the crime. A
|
|
criminal can be anywhere in the world, enter cyberspace by computer, and commit
|
|
a crime anywhere else. The criminal is free to choose the jurisdiction area
|
|
>from which he works, to minimize the punishment if he gets caught."
|
|
|
|
The great concern, he says, is if technological advances result in an "anarchy
|
|
of conflicting security efforts. Consistent security practices should be
|
|
applied uniformly as well as globally.
|
|
|
|
"When organizations in different countries with different national laws,
|
|
different ways of valuing information assets, and different national ethical
|
|
customs, use equipment from different manufacturers in their networks, they
|
|
face the problem of matching their levels of security. They use the lowest
|
|
common denominator, which in some instances may be practically non-existent."
|
|
|
|
Some computer security consultants believe that network security headaches will
|
|
involve some restriction in how they are used. All agree that passwords no
|
|
longer offer appropriate forms of security.
|
|
|
|
Professor Roger Needham, of the University of Cambridge computing laboratory,
|
|
says: "At the moment, there is a lot of shoddy computer use, but it will
|
|
become more usual to take security seriously. In the world of doing business
|
|
with paper, there are a tremendous number of rules of practice and conduct that
|
|
are second nature; security procedures in the electronic medium will also have
|
|
to become second nature."
|
|
|
|
SRII is developing software for what it says will be the world's most
|
|
sophisticated detection system, designed to identify criminal users as they
|
|
commit their crime.
|
|
|
|
Called IDES (Intruder Detection using Expert Systems), it works on the basis
|
|
that a system intruder is likely to show a different behavior pattern from that
|
|
of a legitimate user. IDES is programmed with a set of algorithms that build
|
|
up profiles of how particular employees typically use the system. It can then
|
|
inform the company's security division if it identifies any significant
|
|
deviation.
|
|
|
|
IDES also monitors the whole system for failed log-in attempts and the amount
|
|
of processor time being used, and compares this with historical averages.
|
|
|
|
A future refinement will allow the system to profile groups of subjects so that
|
|
it can tell, for example, when a secretary is not behaving like a "typical"
|
|
secretary.
|
|
|
|
Business crime and computer crime will increasingly become one and the same,
|
|
Mr. Parker says. Security will be increasingly built in to systems and
|
|
"transparent" to the user.
|
|
|
|
"I think the overall loss to business from computer crime will decrease," he
|
|
says. "But the loss per incident will increase because the risks and the
|
|
potential gains will be greater."
|
|
_______________________________________________________________________________
|
|
|
|
PWN QuickNotes
|
|
~~~~~~~~~~~~~~
|
|
1. New Law Enforcement Bulletin Board (Government Technology, January 1992,
|
|
Page 17) -- St. Paul, Minnesota -- The International Association of Chiefs
|
|
of Police (IACP) and LOGIN Information Services has announced IACP NET, a
|
|
new computer network that will link law enforcement professionals
|
|
nationwide. The network uses advanced computer capabilities to foster and
|
|
empower IACP's belief that strength through cooperation is the key to the
|
|
success of law enforcement endeavors.
|
|
|
|
Communications services will be the interaction focus. An electronic mail
|
|
feature allows private messaging among IACP NET members. Exchange of ideas
|
|
will be encouraged and facilitated through electronic bulletin boards on
|
|
general subject areas and computer conferencing on specific topics.
|
|
Anchoring the communications service is the Quest-Response Service, a
|
|
service created and proven successful by LOGIN that allows members to post
|
|
and respond to requests for information in a formatted and accessible
|
|
manner.
|
|
_______________________________________________________________________________
|
|
|
|
2. ATMs Gobble Bankcards In Colorado (Denver Post, February 19, 1992) -- About
|
|
1,000 Colorado ATM users had their Visas and Mastercards abruptly terminated
|
|
in February by an out-of-control computer system.
|
|
|
|
For 90 minutes during the President's Day weekend, the Rocky Mountain
|
|
Bankcard System software told ATMS around the state to eat the cards instead
|
|
of dishing out cash or taking deposits. The "once-in-a-decade" glitch went
|
|
unnoticed because it occurred as programmers were patching in a correction
|
|
to a different problem.
|
|
|
|
The company is rushing new plastic and letters of apology to customers who
|
|
got terminated.
|
|
_______________________________________________________________________________
|
|
|
|
3. Minister Denies Hackers Tampered With Licence Records (Chris Moncrieff,
|
|
Press Association, January 27, 1992) -- Allegations that computer experts
|
|
hacked into the records of the Driver and Vehicle Licensing Agency in
|
|
Swansea are without substance and are to be retracted, Roads and Traffic
|
|
Minister Christopher Chope said.
|
|
|
|
He was responding in a Commons-written reply to Donald Anderson (Lab Swansea
|
|
East), who had asked what investigations had been made following a report
|
|
that hackers had been able to erase driving convictions from DVLA computer
|
|
files. Mr. Chope said, "The Agency has discussed the recent allegations
|
|
about unauthorized access to its computer records with the author of the
|
|
original Police Review article, who has confirmed that there is no substance
|
|
to them. "The author has agreed to retract the allegations in his next
|
|
article." Mr. Anderson commented, "The importance of this reply is that it
|
|
underlines the integrity of the system of driver-licence records held in
|
|
Swansea in spite of the allegations."
|
|
_______________________________________________________________________________
|
|
|
|
4. Software Virus Found At INTEL (New York Times News Service, March 3, 1992)
|
|
-- Intel Corporation said it had stopped shipping a computer network
|
|
software program because some units were found to be infected with the
|
|
"Michelangelo" virus, a program that infects IBM and compatible personal
|
|
computers and can potentially destroy data.
|
|
|
|
A division of Intel in Hillsboro, Oregon, said it had shipped more than 800
|
|
copies of the program, called LANSpool 3.01, which inadvertently contained
|
|
the virus. The virus is designed to activate on March 6, Michelangelo's
|
|
birthday, and can erase data and programs if it is not detected with
|
|
antiviral software.
|
|
|
|
The company said it had checked its software with a virus-scanning program
|
|
before shipping it, but that it had failed to detect the virus.
|
|
|
|
A number of computer makers and software publishers have issued similar
|
|
alerts about the Michelangelo program and a variety of companies are now
|
|
offering free software to check for the virus.
|
|
|
|
There are more than 1,000 known software viruses that can copy themselves
|
|
from computer to computer by attaching to programs and files.
|
|
_______________________________________________________________________________
|
|
|
|
5. Army Wants Virii (Bulletin of the Atomic Scientists, December 1991, Page 5)
|
|
|
|
"Attention Hackers, Uncle Sam Wants You!"
|
|
|
|
The U.S. Army has caught the computer virus bug and is now expanding its
|
|
interest in germ warfare to include electronic germs.
|
|
|
|
The Army Center for Signal Warfare is soliciting proposals for the
|
|
development of a "weaponized virus" or a piece of "malicious software" that
|
|
could destroy an enemy's computers or software (_Technology Review_, October
|
|
1991). As project engineer Bob Hein explained, "This is the army. We're in
|
|
the weapons business."
|
|
|
|
Hein said the army first became interested in the potential of computer
|
|
viruses as offensive weapons after Myron Cramer's 1989 article in _Defense
|
|
Electronics_ suggested that computer viruses offered "a new class of
|
|
electronic warfare." But Gary Chapman, director of Computer Professionals
|
|
for Social Responsibility, thinks it is more likely that the army's interest
|
|
was piqued by a French science fiction novel, _Soft War_, describing army
|
|
infiltration of Soviet computers.
|
|
|
|
Chapman, who called that army's plan to design killer computer viruses a
|
|
"stupid policy," said that any viruses the army comes up with are more
|
|
likely to paralyze the heavily networked U.S. computer system than to
|
|
infiltrate enemy computers.
|
|
|
|
Hein insisted that the army will develop only controllable and predictable
|
|
bugs that will not threaten U.S. computer users. Chapman pointed out that,
|
|
like the biological agents they are named for, computer viruses are, by
|
|
their very nature, uncontrollable.
|
|
_______________________________________________________________________________
|
|
|
|
6. BellSouth's MobilComm and Swiss watchmaker Swatch said they will form joint
|
|
venture to market wristwatch pager. The watch will cost about $200 and will
|
|
be sold in department stores. It will bear name of "Piepser," the German
|
|
word for "beeper," using 4 tones to signal the wearer. Each signal is
|
|
activated by a telephone number that owner assigns. In the 4th quarter of
|
|
year, Swatch said it plans to introduce a model that can display telephone
|
|
numbers. (Source: Communications Daily, March 5, 1992, Page 4)
|
|
_______________________________________________________________________________
|
|
|
|
7. U.S. District Judge Harold Greene denied several new motions by Nynex in a
|
|
criminal case being brought by the Justice Department, charging the phone
|
|
company with violating MFJ (Modified Final Judgment) through subsidiary
|
|
Telco Research. The government also filed a new motion of its own, later
|
|
denied, requesting Greene to hold a pretrial hearing to look into "actual or
|
|
potential conflicts of interest" resulting from individuals to be called as
|
|
witnesses for prosecution being represented by Nynex's law firm, Davis, Polk
|
|
& Wardwell. DoJ said: "It appears that Davis, Polk represents present and
|
|
former employes of Nynex in addition to the corporation." Nynex issued a
|
|
statement saying it's "confident" that the trial would "confirm to our
|
|
customers," shareholders, and the public that it has fully met its
|
|
responsibilities under MFJ. Greene, having dismissed Nynex motions, set
|
|
an April 6 trial date. (Communications Daily, March 24, 1992, Page 5)
|
|
_______________________________________________________________________________
|
|
|
|
8. US West has formed a subsidiary, US West Enhanced Services, that launched
|
|
its first product, Fax Mail. The subsidiary will develop other products for
|
|
the enhanced-services market, including voice, fax and data applications,
|
|
the company said. Test marketing of Fax Mail was conducted in Boise and was
|
|
product-introduced in Denver. US West described its new product as "voice
|
|
mail for faxes," in that it stores incoming faxes until the subscriber calls
|
|
in and instructs the service to print the waiting fax. Each fax mail
|
|
subscriber is supplied with a personal fax telephone number. When a fax is
|
|
received, Fax Mail can notify the subscriber automatically by depositing a
|
|
message in voice mail or beeping a pager. The service costs $19.95 per
|
|
month, US West said. (Communications Daily, March 24, 1992, Page 6)
|
|
_______________________________________________________________________________
|
|
|
|
9. Hacker Insurance -- Worried about the integrity of your bank's data network?
|
|
Relax. Commercial banks and other depository institutions can now obtain up
|
|
to $50 million in coverage for losses due to computer-related crime. A new
|
|
policy from Aetna Casualty and Surety Co. offers insurance against computer
|
|
viruses, software piracy, and toll-call fraud, among other high-tech rip-
|
|
offs. The Hartford, Connecticut insurer will also cover liabilities due to
|
|
service bureau and communications failures with Aetna Coverage for Computer
|
|
and Electronic Network Technology. Paul A. Healy, VP of Aetna's fidelity
|
|
bond unit, says "the policy will help institutions manage the risk
|
|
associated with the changing technology." (Information Week, March 30,
|
|
1992, Page 16)
|
|
_______________________________________________________________________________
|
|
|