Security News and Issues

Each day owning a computer and maintaining it online becomes more of a challenge. Security is a major concern to computer users. SaferPC brings you Security News and Issues of interest to security conscious PC users.

 Title   Date   Author   Host 

Millions exposed to possible ID theft
by Rueters
April 18, 2005

IRS security flaws put taxpayers at risk, study finds. The IRS promised to fix any problems and find out if tax returns had been exposed to outsiders.

Computer-security flaws at the U.S. tax-collection agency expose millions of taxpayers to potential identity theft or illegal police snooping, according to a congressional report released Monday.

Police in Ariz. Seek Monkey for SWAT Team
April 18, 2005

The Mesa Police Department is looking to add some primal instinct to its SWAT team. And to do that, it's looking to a monkey.

"Everybody laughs about it until they really start thinking about it," said Mesa Officer Sean Truelove, who builds and operates tactical robots for the suburban Phoenix SWAT team. "It would change the way we do business." The department is seeking about $100,000 in federal grant money to put the idea to use in Mesa SWAT operations. The monkey, which costs $15,000, is what Truelove envisions as the ultimate SWAT reconnaissance tool.

Port 25 Blocking, or 'Fix SMTP and Leave Port 25 Alone for the Sake of Spam"'
Circle ID
by Suresh Ramasubramanian
April 17, 2005

Larry Seltzer wrote an interesting article for eWeek, on port 25 blocking, the reasons why it was being advocated, and how it would stop spam.

This quoted an excellent paper by Joe St.Sauver, that raised several technically valid and true corollaries that have to be kept in mind when blocking port 25 -- "cough syrup for lung cancer" would be a key phrase. Yes, port 25 blocking is a good thing, but virus infected PCs can be hijacked by net abusers, and used for anything from hosting childporn sites to participating in DDoS attacks.

Fix SMTP and leave port 25 alone for the sake of spam
ZD Net
by George Ou
April 11, 2005

Larry Seltzer of eWeek, whom I have great respect for and usually agree with, wrote this article on dealing with spam using the controversial tactic of blocking all outbound port 25 access.

The logic behind this is that the vast majority of spam in the world comes from "zombies" (millions of computers that have been hijacked by professional hackers and spammers and are used as attack or spam platforms) that spew out tons of spam directly over TCP port 25 (a standard communication channel used specifically for e-mail). I think this is a bad idea. Here's why:

Shutting Down The Highway To Internet Hell
by Larry Seltzer
April 8, 2005

The time has come for ISPs to block port 25 for consumer accounts. The rewards for this and other ISP management techniques could be large, but ISPs need to be careful about how they do it and tell users why.

Do you run a mail server on your home Internet account' If you do, it's probably without your knowledge, such as in a mail worm or a zombie spambot. Few if any people running these programs intend to do so, and it's time for ISPs to close the door through which they operate. I think there's a consensus developing among anti-spam researchers, many of them responsible for fighting spam on ISP networks, that unrestricted use of TCP port 25 must be shut down to the average Internet consumer. There are those who disagree, but their arguments sound obtuse and defeatist rather than actual justifications to not block port 25.

"I'd know a false confession if I saw one": A comparative study of college students and police investigators
by Saul M. Kassin, et al.
April 1, 2005

College students and police investigators watched or listened to ten prison inmates confessing to crimes. Half the confessions were true accounts; half were false-concocted for the study.

Consistent with much recent research, students were generally more accurate than police, and accuracy rates were higher among those presented with audiotaped than videotaped confessions. In addition, investigators were significantly more confident in their judgments and also prone to judge confessors guilty. To determine if police accuracy would increase if this guilty response bias were neutralized, participants in a second experiment were specifically informed that half the confessions were true and half were false. This manipulation eliminated the investigator response bias, but it did not increase accuracy or lower confidence. These findings are discussed for what they imply about the post-interrogation risks to innocent suspects who confess.

Web Browser Forensics, Part 1
Security Focus
by Keith J. Jones and Rohyt Belani
March 30, 2005

Introduction Electronic evidence has often shaped the outcome of high-profile civil law suits and criminal investigations ranging from theft of intellectual property and insider trading that violates SEC regulations to proving employee misconduct resultin

Critical electronic evidence is often found in the suspect's web browsing history in the form of received emails, sites visited and attempted Internet searches. This two-part article presents the techniques and tools commonly used by computer forensics experts to uncover such evidence, through a fictitious investigation that closely mimics real-world scenarios. While you read this article, you may follow along with the investigation and actually analyze case data...

The OS X Zombies
March 29, 2005

A certain institution of higher learning has discovered that fleets of their OS X boxes have been compromised. They do not yet know the vector of attack, meaning it is officially a 'zero day exploit'. They do however have several theories - all of which h

The OS X boxes, when compromised, end up running rogue IRC bot controllers and FTP servers. Naturally these rogue processes are capable of accessing sensitive data - which can be destroyed, modified, or stolen. Some of the victimised boxes were exploited through weak passwords for SSH-enabled accounts; still others through their Apache servers. Apache needs to be patched too and Apple have the patches out there for their contribution to the Apache community and they should be downloaded. Worse: if the holes in Apache are publicised and the sysadmins do not download them, the script kiddies will know how to attack.

Virus Prize 2005
March 26, 2005

Please... Infect Our Computers!

Contest goal: To lay to rest, once and for all, the myths surrounding the lack of spreading computer virii on the Macintosh OS X operating system. Please... Infect Our Computers!

Mac OS X CF_CHARSET_PATH Buffer Overflow Vulnerability
by Tyler Hawes
March 21, 2005

Local exploitation of a buffer overflow vulnerability within the Core Foundation Library included by default in Apple Computer Inc.'s Mac OS X could allow an attacker to gain root privileges.

The vulnerability specifically exists due to improper handling of the CF_CHARSET_PATH environment variable. When a string greater than 1,024 characters is passed via this variable, a stack-based overflow occurs, allowing the attacker to control program flow by overwriting the function's return address on the stack. Any application linked against the Core Foundation Library can be used as an exploit vector for this vulnerability. Some of the setuid root binaries that are vulnerable include su, pppd and login.


Help keep this page up-to-date. Submit a Virus Information News link for inclusion on this page.

Shawn K. Hall © 2003-2021 Powered by 12 Point Design
Professional Web Hosting and Design Services: 12 Point DesignAt Summit Chiropractic our mission is to improve your quality of life - We know that health is much more than just not feeling painReliable Answers - developer information, current news, human interest and legislative newsLocal Homeschool provides the most up-to-date support group listings in a geographical and searchable indexTwain Harte, CA - The closest you can get to Heaven on EarthSaferPC dispels security misunderstandings and provides you with a solid understanding of viruses and computer security

AddThis Social Bookmark Button