* Forwarded (from: netmail) by Roy J. Tellason using timEd 1.10.y2k.

Date: Mon, 25 Aug 2003 16:52:57 -0700 (PDT)
From: 
Subject: California accepts completely unverified updates

I own a tiny California corporation for consulting purposes.  Each year, I
am required to file a "statement by domestic stock corporation" with
information such as my address and the names of corporate officers.

This year, it is possible file electronically (a necessity for me because
the state reverted to a 5-year-old address, which is another story of
incompetence).  The Web form tends to crash browsers, but I eventually
succeeded with Mozilla.  You type in the name of the corporation, fill out
the forms, and pay your $25 via credit card.

All of this is done with NO VERIFICATION WHATSOEVER.  If I had a stolen
credit card, I could change the addresses and officers of Microsoft, Bank of
America, and a zillion other corporations.  Straightening out the mess would
probably cost the state far more than the $25 per instance that they
wouldn't be able to collect from the credit card company anyway.

Geoff Kuenning   geoff{at}cs.hmc.edu   http://www.cs.hmc.edu/~geoff/



Date: Mon, 25 Aug 2003 09:48:11 -0400
From: Monty Solomon 
Subject: 'Entrepreneur' a trademarked word, court rules

Be careful if you use the word "entrepreneur." You might get sued.
Christine Van Dusen, *The Atlanta Journal-Constitution*, 25 Aug 2003

A federal judge recently ruled that the owner of Entrepreneur Magazine, a
small-business publication with about 2 million readers nationwide, has dibs
on the term.  Entrepreneur Media, based in California, trademarked the word
after starting its magazine in 1978. And that, according to the court's
decision, means the firm has "exclusive right to use the mark in commerce."
  http://www.ajc.com/business/content/business/0803/20entrepreneur.html

--

(RJT:  WTF is such a system doing "connected" in the first place?
 WTF is it doing running windoze?)

Date: Fri, 22 Aug 2003 17:53:25 -0400
From: "Fuzzy Gorilla" 
Subject: Slammer worm hits system within Davis-Besse nuclear power plant

*The Register* (and other sites) are reporting that a PC associated with the
safety monitoring system at Davis-Besse nuclear power plant in Ohio.

This happened in January 2003, and there was no safety hazard because the
plant was offline and "the monitoring system, called a Safety
Parameter Display System, had a redundant analog backup that was unaffected
by the worm" but helps to illustrate the risks of having "a
crunchy shell around a soft, chewy center."

The plant had a firewall but...

"The Slammer worm entered the Davis-Besse plant through a circuitous
route. It began by penetrating the unsecured network of an unnamed
Davis-Besse contractor, then squirmed through a T1 line bridging that
network and Davis-Besse's corporate network.  The T1 line, investigators
later found, was one of multiple ingresses into Davis-Besse's business
network that completely bypassed the plant's firewall, which was programmed
to block the port Slammer used to spread."

http://www.theregister.co.uk/content/56/32425.html

  [H. Ludwig Hausen noted this as well:
    http://www.securityfocus.com/news/6767]

--

(RJT: WTF...?)

Date: Sat, 23 Aug 2003 13:36:34 -0400
From: Marty Leisner 
Subject: Sobig affects Amtrak trains, Air Canada

Read about the impacts of Sobig on Amtrak and Air Canada!!

In the *Wall Street Journal*, 21 Aug 2003, there was an article
"Computer Viruses Disrupt Railroad and Air Traffic"

It said: "A variant of the Blaster virus on Tuesday affected about
half of Air Canada's phone-reservation capacity and some of its airport
check-in operations, said spokesman John Rebel. In general, the virus
simply slowed the process of taking reservations, but in a small number of
cases, the problems caused flights to be delayed or canceled altogether, he
said. Service was returned to normal by Wednesday."

It also said: "Dan Murphy, a spokesman for CSX, said the company
noticed Wednesday at about 1:15 a.m. that a variant of the Blaster virus
was interfering with its train operations and dispatching system. The
company curtailed rail service throughout the CSX network while its
technicians tried to fix the problem. CSX operates about 1,600 freight,
Amtrak and commuter trains a day on its 23,000-mile route network east of
the Mississippi River."

The first case I just consider business stupidity -- the second case I
consider much more serious -- it affected the signaling on rails.  I find
it
hard to understand why general purpose computers are used in such
specialized applications -- and ones that are easily compromised.  I have
to wonder what the requirements for these systems are (assuming they have
requirements!!)

(RJT: They use that hardware because it's *CHEAP*!  No excuses for them
running windoze,  though...)

  [Air Canada case also noted by Amos Shapir and Fuzzy Gorilla.  PGN]



Buried in the investigations into Sobig.F, you will find reference to the
fact that it stops reproducing after September 10th.  I'm afraid it took my
wife pointing it out to make me realize that this is one day before
September 11th.  Sobig.G, anyone?

rslade{at}vcn.bc.ca      slade{at}victoria.tc.ca      rslade{at}sun.soci.niu.edu
http://victoria.tc.ca/techrev    or    http://sun.soci.niu.edu/~rslade

(RJT: Hmm...)

--

Date: Tue, 26 Aug 2003 08:28:20 -0700
From: "NewsScan" 
Subject: Organized crime behind Sobig mess?

Antivirus specialist Peter Simpson warns that the Sobig.F virus is the
latest in a series of attempts on the part of organized crime to shift some
of their illicit activities online. "Sobig smashed all the records in
terms of pure numbers, but that's not nearly the whole story. This is the
sixth in a series of controlled experiments. This isn't about some kiddy
writing viruses in his bedroom -- this is really a very sophisticated
example of organized crime," says Simpson, a manager at Clearswift's
ThreatLab. Simpson explained that the purpose of a virus such as Sobig
isn't to cause damage, but to gain control of the machine in order to
access information such as financial details for the purpose of fraud. It
also comes in handy for disguising the source of spam by hijacking the
victim's machine and identity. "The real question here has to be about
the motives of the virus writer. This isn't just about writing a virus that
will spread rapidly and break records; the motives here are very different
and are clearly criminal. It's all about the hidden agenda." 
[ZDNet/Silicon.com 25 Aug 2003; NewsScan Daily, 26 August 2003]
  http://zdnet.com.com/2100-1105_2-5067494.html



---