|
News for
092800
|
contributed by andrew jaquith
Yesterday the US General Accounting Office, the investigative arm of
Congress, released its findings on computer security at the FAA. Due to the
GAO's posting cycle, the document is only now publicly available. We thought
our readers would like to see the raw unfiltered stuff. It makes for
regrettable reading, describing breaches to physical security, background
checks for contractors and foreign nationals, and security managent.
US General Accounting
Office
|
|
contributed by andrew jaquith
Based on negative feedback from customers and end-users, Microsoft has
agreed to slightly modify a new "feature" in Preview 2 of its MSN Explorer
web mail service that would have automatically notified your "friends" of a
change in email address. It imports entries from the user's Outlook address
book, and adds a not-so-subtle shill to the notification e.g.,: "...MSN
Explorer even offers an exciting new look for using the Web and makes it
easy to find and play music online. Want to try it out? It's FREE! Just
click on the link below..." Details of the revised text were not available.
Slashdot
CNET
CNET
|
|
contributed by webmonki
Thanks to a moronic maneuver by the DoJ, classified information about the
selected Carnivor review team has been trivially exposed. The government
posted the winning technical proposal as a PDF on their site, "securing" it
by overwriting confidential text with black lines at the PDF level. Anyone
who views the PDF can recover hidden information by simply selecting the
hidden text out of the page. This begs the question of how many other (more
important) government documents have been "encrypted" in this manner…
Wired
News
original
proposal
unaltered version
|
|
contributed by rob cheyne
The dean of the Chicago-Kent College of Law, Henry Perritt Jr., says he and
the rest of the for-hire evaluation team won't hesitate to tell the
Department of Justice if the FBI's proposed data devourer violates privacy
rights. Perritt also dismisses claims that the DOJ will be allowed to edit
or modify the evaluation team's findings. Perritt's claims of independence
appears to fly in face of his documented close ties to the Clinton
administration. But all this misses the larger point -- while we're pleased
that sharp legal minds are having a go at it, who will do the technical
review?
CNN
Wired News
(same story as above)
|
|
contributed by webmonki
Making his first public appearance since being released from jail, Kevin
Mitnick gave the keynote at Giga Research's Infrastructures for E-Business
Conference yesterday. His advice to the group of mostly corporate security
managers was to implement good security practices for their employees. He
stressed that the prevention of social engineering can do more for securing
a company's infrastructure than most technologies can.
The
Industry Standard
|
|
|
