- Email: [email protected]
Government site hacked
Computers & Security, Vol. 18, No. 4
two pieces of software. Users require a dialler program which is specific to their service provider, and IT managers need to install and configure aVPN client program. The use of these two programs results in higher operational costs. AVPN client with an integrated dialler functionality is required to reduce these operational costs by using one integrated program and by simplifying client software distribution, installation and configuration. Not only has Microsoft provided support for the Point-to-Point tunnelling Protocol and encryption within Windows, it has madeVPN just another dial-up feature by simplifying the VPN configuration. However, it does not support IP Security (IPSec) and other operating systems such as Mac OS and Linux. What is really needed is for the VPN providers and the industry’s major companies to combine expertise to develop an integrated dialler/VPN client which qupports IPSec. O~terrzctWeek, A4mc-h 22, 1999, p. 34. Novell wages war on Israeli software piracy, h’icky Bluckbuw. Novell has set up a $250 000 canpaign against software piracy in Israel. Businesses across Israel will be asked to supply serial numbers of their systems, enabling Novell to identi@ and punish those customers who are selling illegal copies. Although Novell sells software worth about $12 million in Israel annually, it loses $10 million annually through software piracy. Israel is one of the worst offenders, and is facing the threat of trade sanctions from the US as a result of the piracy. It is estimated that international businesses lose $170 million as a result of Israeli counterfeiting. TIze _Ienrsa/enr Pusf, Xk~YCh 1 Y, 1999. Net surfers: Beware of hole,&et Kovn6lum.A technically complex security hole has been found in Java, but has not caused any damage yet. Sun Microsystems, which developed Java, has fixed the flaw but it may take months for all affected programs to be fixed.The tlaw enables the Java security guard, which blocks malicious programs, to be bypassed.This would allow a thief total access. A less-damaging hole has also been found which could enable people using Microsoft’s Internet Explorer browser in conjunction with Qualcomm’s Eudora E-mail program to trick a user into allowing a Web programmer to see the con-
tents of any file to which the programmer knows the location. Changing the storage location of attachments in Eudora will render the bug void. Users should be wary of unsolicited E-mail with attachments and avoid Web sites that sound suspicious. Experts advise to keep sensitive data off computers that have Internet access. liSA ‘Gda)), Apvil 6, 1999. Government site hacked, A~ranu’aJhukki. The Internet address site for Quebec’s rental board has been replaced with a hacker’s Web site. The Web site showed a picture of a blue Dutch IO-guilder bill with the hacker’s signature on the bottom of it. The government’s Web site was not destroyed, but the hacker did leave a message that the government’s Internet security systems were far from safe. The hacker also included his E-mail address and a variety of addresses for Internet security sites to improve the security of the page. This has alerted the Quebec government, which is now going to enlist the service of hackers to test and improve the security systems of its information networks. T/K Morrtrrwl Gazrttc, ,Zlm-/~ 1.5, /Y 99. Software maker gets OK to ship abroad.The US Department of Commerce’s Bureau of Export Administration will allow Internet security software maker, VeriSign Inc. (Mountain View, CA, USA) to expand the sale of its high security products.The software is used to authenticate the identity of individual computer users and uses 12X-bit encryption, which is considered a virtually unbreakable code against hacker attacks. Weaker JO-bit encryption was all that was previously available owing to the US Government export limitations. T/~e_lolrmal o/‘ Cc~r~~r~rc~-r~, :l’klvrll 17, 1999. Internet security, Ridmd .l!hoc/~ow. Intel’s Pentium III is the first step to make the Internet safe for business. It will initially be available in 430 and 500 MHz versions, and it is expected that a 550 MHz will be available in June and a 600 MHz chip will be available by the end of the year. Intel expects one billion conputer$ to be connected to the Internet by the year 2005, and the Pentium III will cnsurc secure virtual enterprises that can trust the Internet for business use. E-commerce is rapidly becoming more important and thus it i5 an increasingly attractive target for hackers.
339
two pieces of software. Users require a dialler program which is specific to their service provider, and IT managers need to install and configure aVPN client program. The use of these two programs results in higher operational costs. AVPN client with an integrated dialler functionality is required to reduce these operational costs by using one integrated program and by simplifying client software distribution, installation and configuration. Not only has Microsoft provided support for the Point-to-Point tunnelling Protocol and encryption within Windows, it has madeVPN just another dial-up feature by simplifying the VPN configuration. However, it does not support IP Security (IPSec) and other operating systems such as Mac OS and Linux. What is really needed is for the VPN providers and the industry’s major companies to combine expertise to develop an integrated dialler/VPN client which qupports IPSec. O~terrzctWeek, A4mc-h 22, 1999, p. 34. Novell wages war on Israeli software piracy, h’icky Bluckbuw. Novell has set up a $250 000 canpaign against software piracy in Israel. Businesses across Israel will be asked to supply serial numbers of their systems, enabling Novell to identi@ and punish those customers who are selling illegal copies. Although Novell sells software worth about $12 million in Israel annually, it loses $10 million annually through software piracy. Israel is one of the worst offenders, and is facing the threat of trade sanctions from the US as a result of the piracy. It is estimated that international businesses lose $170 million as a result of Israeli counterfeiting. TIze _Ienrsa/enr Pusf, Xk~YCh 1 Y, 1999. Net surfers: Beware of hole,&et Kovn6lum.A technically complex security hole has been found in Java, but has not caused any damage yet. Sun Microsystems, which developed Java, has fixed the flaw but it may take months for all affected programs to be fixed.The tlaw enables the Java security guard, which blocks malicious programs, to be bypassed.This would allow a thief total access. A less-damaging hole has also been found which could enable people using Microsoft’s Internet Explorer browser in conjunction with Qualcomm’s Eudora E-mail program to trick a user into allowing a Web programmer to see the con-
tents of any file to which the programmer knows the location. Changing the storage location of attachments in Eudora will render the bug void. Users should be wary of unsolicited E-mail with attachments and avoid Web sites that sound suspicious. Experts advise to keep sensitive data off computers that have Internet access. liSA ‘Gda)), Apvil 6, 1999. Government site hacked, A~ranu’aJhukki. The Internet address site for Quebec’s rental board has been replaced with a hacker’s Web site. The Web site showed a picture of a blue Dutch IO-guilder bill with the hacker’s signature on the bottom of it. The government’s Web site was not destroyed, but the hacker did leave a message that the government’s Internet security systems were far from safe. The hacker also included his E-mail address and a variety of addresses for Internet security sites to improve the security of the page. This has alerted the Quebec government, which is now going to enlist the service of hackers to test and improve the security systems of its information networks. T/K Morrtrrwl Gazrttc, ,Zlm-/~ 1.5, /Y 99. Software maker gets OK to ship abroad.The US Department of Commerce’s Bureau of Export Administration will allow Internet security software maker, VeriSign Inc. (Mountain View, CA, USA) to expand the sale of its high security products.The software is used to authenticate the identity of individual computer users and uses 12X-bit encryption, which is considered a virtually unbreakable code against hacker attacks. Weaker JO-bit encryption was all that was previously available owing to the US Government export limitations. T/~e_lolrmal o/‘ Cc~r~~r~rc~-r~, :l’klvrll 17, 1999. Internet security, Ridmd .l!hoc/~ow. Intel’s Pentium III is the first step to make the Internet safe for business. It will initially be available in 430 and 500 MHz versions, and it is expected that a 550 MHz will be available in June and a 600 MHz chip will be available by the end of the year. Intel expects one billion conputer$ to be connected to the Internet by the year 2005, and the Pentium III will cnsurc secure virtual enterprises that can trust the Internet for business use. E-commerce is rapidly becoming more important and thus it i5 an increasingly attractive target for hackers.
339