WHAT'S IMPORTANT FOR INFORMATION SECURITY
The basic reasons we care about information systems security are that some of our information needs to be protected against unauthorized disclosure for legal and competitive reasons; all of the information we store and refer to must be protected against accidental or deliberate modification and must be available in a timely fashion. We must also establish and maintain the authenticity (correct attribution) of documents we create, send and receive. Finally, if poor security practices allow damage to our systems, we may be subject to criminal or civil legal proceedings; if our negligence allows third parties to be harmed via our compromised systems, there may be even more severe legal problems.
EGGHEAD: NO EVIDENCE HACKER STOLE CREDIT CARD INFO
Egghead.com Inc. said that no customer credit card numbers appear to have been stolen from its Web site, two and half weeks after the online retailer announced it had detected an intruder in its computer systems. Only about
7,500 of the more than three million credit card accounts in Egghead's database showed evidence of "suspected fraudulent activity", the company said, saying those transactions may have been the result of unrelated thefts.
NT STILL MOST HACKED WEB SERVER PLATFORM
The year 2000 saw Windows NT steaming ahead yet again as the most hacked web server operating system, after a majority of defaced pages were found to be sitting on compromised NT boxes. As NT is one of the most popular options for web servers, it appears that it is attacked most, however a number of companies running web sites on variations of Linux also suffered the embarrassment of defacement.
TOP LEVEL DOMAINS: WINNERS AND LOSERS, 2000
"Over year 2000, Attrition.org recorded over 5800 defacements, over 2000 more defacements over 1999. Where did all of these defacements come from? Did any Top Level Domains manage to reduce their share of defacements over the last year in what can only be described as a harsh environment? The answers surprised me. I didn't expect to see Brazil leading those countries with gains, or the U.S. military heading the list of those TLDs to reduce their absolute share of defacements."
ATTACKER BOMBS CHAT NETWORK
A Romanian attacker has launched a major distributed denial of service forcing one of the largest IRC networks, Undernet, to shut down much of its service. A number of Internet Service Providers hosting Undernet servers including some in the US, the Netherlands and France - have been hit with DdoS attacks.
HISTORY LOOKS AT THE NSA
As anyone who watched Enemy of the State knows, the National Security Agency is a rapacious beast with an appetite for data surpassed only by its disregard for Americans' privacy. Or is the opposite true, and the ex-No Such Agency staffed by ardent civil libertarians? To the NSA, of course, its devilish reputation is merely an unfortunate Hollywood fiction. Its director, Lt.Gen. Michael Hayden, has taken every opportunity to say so, most recently on a History Channel documentary that aired for the first time Monday evening. "It's absolutely critical that (Americans) don't fear the power that we have," Hayden said on the show.
WEAK SECURITY IN NUKE PLANT
A security guard is believed to have hacked his way into computer networks at the Bradwell nuclear reactor in Essex near London and to have altered and deleted information.
LINUX.CONF.AU - THE HACKER'S CONFERENCE
The talk of Linux Australia at the moment is about Linux.conf.au. This four-day gathering of some of the world's most influential Linux developers is being held at the University of New South Wales, Sydney from 17 to 20 January.
BIOMETRICS - WHAT YOU NEED TO KNOW
Biometrics have garnered increasing attention and backing in the last few years. We are promised a utopian existence: never again will you forget your password or need to remember your access card to get into the building. Unfortunately, it isn't quite this simple. While biometrics will be a significant portion of any authentication or identification in the future, they cannot replace many existing security systems without significant disadvantages. Using biometrics in conjunction with other proven security methods can result in a stronger solution; but using biometrics on their own is a very bad idea, for numerous reasons.
Britain's biggest chemist had its corporate Web site attacked this morning by a poet. Instead of the usual corporate nonsense, the 534-word poem left behind by 'Mentor' tells of the angst of a teenage hacker - but also the personal discovery of computer crime. Called The Conscience of a Hacker, there is a deliciously dark undercurrent that shines a light on teenage angst in a digital generation.
U.S. TURNS ITS TECH EFFORTS TO PREVENTION
In a recent study about new national security threats, CSIS warned that it is growing increasingly difficult to distinguish between threats from foreign militaries or spies, terrorists, or run-of-the mill hackers. Plus, the interconnectedness of America's many computer networks creates tasty new targets; for example, taking down a large bank's computer system could do more damage than attacking a bank building. The study also noted that 95 percent of U.S. military traffic moves over civilian telecommunications and computer networks.
CLINTON: RELAX CRYPTO EXPORT CONTROLS
In a move that could be its final action regarding encryption, the Clinton administration acknowledged that it can't control security using hardware-based measures, because even the most innocuous home PCs can be strung together to form a powerful computing system. The Department of Defense, which has been working with the White House on the issue, agreed.
PERSONAL SIDE OF BEING A SYSADMIN
Have you got what it takes to be a sysadmin? Can you deal with an annoying user without telling them off? How about that dreaded boss with an idea? In this article, the Personal Side of being a Sysadmin, we will look at methods of dealing with the day to day aspects of keeping all the kids happy in the sandbox.