|
News for
120799
|
contributed by Evil Wench and
KnobDicker
Windows NT has been certified as compliant with Federal Information
Processing Standard 140-1 (FIPS 140-1) and the C2 level of the Trusted
Computer System Evaluation Criteria (TCSEC). Windows 95, 98 and 2000
have
also received FIPS 140-1 certification. The C2 certification only
applies to stand-alone, non-networked machines. Operating systems used
by the Department of Defense are supposed to carry a security rating of
C2 or higher, despite the fact that DoD has used NT since 1996. This
ends a long battle for Microsoft to achieve this security
certification. (We still say "C2 my ass.")
Government
Executive Magazine
ZD
Net
HNN Archive for January 13, 1999
NW Fusion
-
NT Failed FIPS a Year Ago
L0pht Heavy Industries
-
More Info Regarding Government Certifications
|
|
contributed by Ryan
Lewis DePayne has been sentenced by US District Judge Mariana Pfaelzer
to six months of home detention with five years of probation, 225
hours of community service and a fine of $2,500. DePayne pleaded guilty
earlier this year to a single count of wire fraud for his involvement
in a scheme with Kevin Mitnick to defraud Nokia of proprietary software
for mobile phones.
ZD
Net
|
|
contributed by r@ven
Videon Internet, based in Winnipeg Canada, has suffered its second
major intrusion in one week. Sensitive account information, including
e-mail passwords, evidently were compromised. A complaint has been
filed with the Winnipeg Police Service's commercial crimes unit. The
company has has shut down their email server "for the security of
Videon customers".
Winnipeg
Free Press
|
|
contributed by C0nd0r
Alex Biryukov and Adi Shamir two Israeli researchers have discovered
design flaws in the algorithm A5/1 which is present in digital GSM
phones. This algorithm is used in phones made by Motorola, Ericsson,
and Siemens. Over 330 million GSM phones are in use around the world.
While this research does indicate how the encryption may be broken,
actually intercepting that signal is not explained.
Wired
|
|
contributed by Weld Pond
Face recognition technology has been around for a while. Cameras
mounted on street lamps in a few British cities have been picking faces
out of the crowd for over a year. Now DARPA is interested in using
this technology in conjunction with other biometric technology such as
thermal signature of the blood vessels in the head and the shape of a
person's ear to create a more accurate and complete system.
Scientific
American
HNN Archive for October 20, 1998
|
|
contributed by Maggie
They were arrested almost five years ago but the massive inroads made
into the nations telecommunications systems is only now becoming fully
clear. The Phonemasters coordinated what is being called one of the
largest computer intrusion schemes in U.S. history. As the case
finnally draws to a close and the various members of the group receive
their sentences a few new tidbits of information are coming out. (We
are still amazed at how little press coverage this case has
gotten.)
Union
Tribune
HNN Archive for October 4, 1999
|
|
contributed by Weld Pond
Finjan Software has introduced a proactive first-strike security
solution, SurfinShield Corporate, claims to block worms and other
malicious code by monitoring the behavior of programs rather than
relying on a known virus signature. By using a proactive monitoring
technique to 'sandbox' programs and monitor their behavior SurfinShield
can instantly block programs that violate a security policy, such as
attempting to delete a user's files.
PR
Newswire
Finjan Software
|
|
contributed by Zilly
The website of the SA Police Service (SAPS) along with a dozen other
local sites was defaced last Sunday. The SAPS said it believed
security
measures were sufficient to prevent access to confidential information.
The South African Law Commission is working on a new computer crimes
act
which is expected to have proposals for this sort of crime.
Business Day
|
|
contributed by Space Rogue
The list of defaced pages will return shortly. Attrition.org is
currently experiencing what we have been told are minor connectivity
issues.
|
|
|
