|         
 |  News for 
	052299 
         
|  
contributed by Whoever 
A new article in the Buffer Overflow section wonders what the
net would be like if security vulnerabilities where not
released to the public? If secrets where kept and exchanged
only among those who found them what sort of internet would we
have?
 
Buffer Overflow
 
 |  
 
|  
contributed by McIntyre 
The General Accounting Office released a report yesterday
(Thursday) that labels 135 of 155 of NASAs mission-critical
systems as not meeting the agency's own requirements for
security. The GAO enlisted the help of the NSA to simulate an
attack on NASA using publicly available tools such as war
dialers. Although NASA performed an internal review of its
information security policies last May that found many of the
same problems identified by the GAO, few of the recommended
fixes had been implemented. Satellite command and control
systems as well as launch controls are not linked to the
internet and where not at risk during these simulated attacks.
 
MSNBCFederal
Computer Week
 
 
Late Update
This report is now available online.
 
GAO Report
 
 |  
 
|  
contributed by McIntyre 
Yet another Cold Fusion hole is responsible for the security
breeches of the web site of the state of Vermont. Bob West, the
state's deputy chief information officer, claimed the state's
computers that contain the home page and other public documents
are not considered secure against computer attack.  (There are
a lot of pretty funny, or pretty sad, quotes in this article.)
 
HNN Cracked Pages
ArchiveThe
Boston Globe
 
 
 |  
 
|  
contributed by erewhon 
The House Science Committee will soon push to update the 1989
Computer Security Act. The new bill will closely resemble the
Computer Security Enhancement Act of 1997 which never made it
out of the Senate. This new legislation would tap the National
Institute of Standards and Technology (NIST) as the lead agency
for information security. (What about NIPC, CERT, and
the FBI? How many agencies do we need?) The new bill also
push for increased federal use of commercial off-the-shelf
products for security needs.
 
Federal
Computer Week
 
 |  
 
|  
contributed by wdef-A 
Symantec and Network Associates have posted new definitions to
eradicate the 097M.Tristate macro virus. This new virus also
known as Triplicate and Crown cross-infects Microsoft Word
documents, Excel spreadsheets, and PowerPoint presentations.
The virus has the ability to destroy data and removes
virus-warning protection from both Excel and Word.
 
PC
World
 
 |  
 
|  
contributed by The Silicon
Sorceror 
According to the Toronto Star, "online hackers" used ballot
stuffing to spoil an online poll to find the popular winner of
Ontario's political candidate debate.  The poll was designed so
that each person could vote only once, but apparently it wasn't
designed well enough and "some political junkies with computer
skills had the time to write programs defeating the
precautions" (Translation: Somebody clicked their mouse button
about 5 times and banged out a script).
 
The
Toronto Star
 
 |  
 
|  
contributed by Code Kid
The San Francisco Housing and Social Policy Committee will soon
classify laser pointers in the same category as spray paint,
making it illegal for those under 18 to purchase or posses
them.  Since limiting the sale of spray paint cans has worked
exceedingly well in preventing graffiti in major cities it is
thought that a similar ban on laser pointers would be equally
effective.
 
San
Francisco Examiner
 
 |  
 
|  
contributed by {b|4iz3}
DSC v1.01 has been released.  DSC is a new e-zine for those who
are learning the "first steps" into learning computer security. 
A Good setup and easy read ablility are among the best parts of
this new e-zine. Get yours today.
 
DSC
v1.01 Released (bl4iz3.faithweb.com/hacking/)
 
 |  
 
|  
contributed by Space Rogue 
The HNN Search engine has _finally_ been fixed. It is a much
better than the previous one, it now returns content as opposed
to titles and does result ranking. Thanks to Weld Pond for
helping out with that. Also the HNN Store has been updated with
a few new products, so check them out.
 
HNN Search PageHNN Store
 
 
 |  
   
| 
contributed by Anonymous 
Cracked
 The following have been reported to HNN as Cracked
 http://uc.uww.edu
 http://www.assassination.org
 http://www.compdisk.com
 http://askiris.toshiba.com
 http://actinic.com
 
 |  
 
         |    
 |