Information Security World E-NEWS
http://www.informationsecurityworld.com

Tuesday 4th December 2001

Welcome to Information Security World e-news, delivering industry news and information to over 35,000 subscribers worldwide.

Log on to view our latest exclusive streamed interview. Chris Poulos from Trend Micro discusses the arms race for computer virus protection. 
http://www.informationsecurityworld.com/Tmpl/ArchTV.asp?CID=16

Eva Iles, Editor Online Communications
mailto:eva.iles@terrapinn.com
 
***SPOTLIGHT***
PRIVACY POLICIES NEED DUMBING DOWN
Two separate surveys released in the US today have revealed that only a small fraction of people read privacy policies on Internet sites because the wording of the policies is too difficult.
http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10501&TCode=NW

***INDUSTRY NEWS***
US SOCIAL SECURITY LAWS OPEN SLATHER FOR CRIMINALS
Two congressional leaders in the US are pushing for tighter Social Security administration procedures to make it harder for criminals to exploit the identities of the deceased.
http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10466&TCode=NW

CISCO IOS FIREWALL VULNERABILITY JUST 'CUTE'
Cisco's IOS Firewall Feature set has a vulnerability that permits traffic to flow when it should be blocked by dynamic access control lists.
http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10470&TCode=NW

UK CAMPAIGN TO HIGHLIGHT ONLINE PERVERT DANGER
A UK government initiative to prevent children being exploited by paedophiles in Internet chatrooms will begin by educating parents.
http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10471&TCode=NW

AUSTRALIA WARNED ABOUT UNIX BASED ATTACKS
Internet security experts are warning users of Unix-based servers to prepare for attacks similar to Code Red. 
http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10474&TCode=NW

SUBCOMMITTEE TO DEBATE US SECURITY EFFORTS
A bill to examine and debate the privacy and security of information collected by the Bush administration's new anti-terrorism agency has been introduced.
http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10465&TCode=NW

AUSTRALIAN COMPANIES CAN'T IGNORE PRIVACY LAWS
Australian companies are making last-minute preparations for privacy act compliance, which comes into effect on December 21.
http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10423&TCode=NW

BLACK HATS SHOWN HOW TO CRASH NOKIA MOBILES
A new tool used to freeze mobile phones by SMS has been demonstrated to delegates at the UK Black Hat conference.
http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10425&TCode=NW

FLUFFI BUNNI HACKS BANNER ADS ON SECURITY WEBSITE
Banner ads promoting a notorious group of hackers known as Fluffi Bunni have appeared on the SecurityFocus.com website after the group compromised a server operated by the leading security firm's advertising partner. 
http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10440&TCode=NW

'SATAN' HACKS 25 CHURCH WEB SITES
A cracking group claiming to be working for Satan has been hacking into a number of Church web sites around the world.
http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10389&TCode=NW

EMS SECURITY NEWSLETTER LEAVES USERS WITH NIMDA
Software security vendor EMS has sent out a newsletter containing a link that could leave users infected by the Nimda worm.
http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10391&TCode=NW

***VIRUS ALERTS***
TODAY'S TOP FIVE THREATS
Details on the most prominent viruses worldwide over the past 24 hours.
http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10508&TCode=NW

CHRISTMAS IS A TIME FOR GIVING? VIRUSES
A renewed warning is being made about viruses spreading by socially engineered emails this Christmas.
http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10477&TCode=NW

For daily updates, visit the Information Security World virus, trojan and worm updates channel:
http://www.isecworldwide.com/Tmpl/Channel.asp?SCID=138&CID=16

--------------------------------------------------------------------------------------------------------------
***POLL***
THIS WEEK'S POLL:
Does your company have a customer privacy policy?
Let us know!
http://www.informationsecurityworld.com/Tmpl/Archpolls.asp?CID=16

RESULTS OF LAST WEEK'S POLL:
Would you lend your biometric info to a friend?
51.4% Yes
48.6% No

***PORTAL DISCUSSION***
A recent survey has found that 56% percent of people would be willing to share their fingerprint or eyeball identification to enter public or corporate buildings, while 35% are concerned about sacrificing their privacy for better security. Why is this? 

Here's what you're saying:
"Passwords are readily transferable. You introduce biometrics to eliminate "sharing". This can be made impossible by storing biometrics on a secure token and implementing a token match process. No database storage required!! Then only you can access your entitlement. Simple!"

"I think somehow that you have missed the point. Using biometrics to limit administrative access on your network would work using your "simple" proposition but the question refers more to the problem of physical access. Maybe you can explain how creating a cookie will help if someone decides to let someone else into their office block by putting their finger in the biometric device and holding the door open for the other person to come in as well."

Have your say:
http://www.informationsecurityworld.com/Tmpl/discussion.asp?CID=16&DID=67

------------------------------------------------------------------------------------------------------------

UPCOMING INFORMATION SECURITY WORLD EVENTS:
ASIA 2002: 16-18 April 2002, Singapore International Convention & Exhibition Centre
http://www.informationsecurityworld.com/isec_asia2002/

BUSINESS CONTINUITY AND DISASTER SUMMIT
JOHANNESBURG: 7-9 May 2002, Midrand Gallagher Estate
http://www.terrapinn.com/simpleEvent/index.asp?EID=1065

SYDNEY: 19-21ST August 2002, Darling Harbour, Sydney 
Sydney Convention & Exhibition Centre
http://www.isec-worldwide.com/isw_aus_2002.

AFRICA 2002: 1-3 October, The Dome at Northgate, Johannesburg
http://www.terrapinn.co.za/event/E1056/

------------------------------------------------------------------------------------------------------------

Please forward any comments, queries or submissions to
mailto:informationsecurityworld@terrapinn.com

--------------------------------------------------------------------------------------------------------------

SPONSOR THIS E-NEWSLETTER and ensure that your message gets into your target market's email box. Contact mailto:informationsecurityworld@terrapinn.com

---------------------------------------------------------------------------------------------------------------------------

Terrapinn publish a series of highly targeted b2b e-newsletters. They 
provide breaking news, in-depth features, and streamed industry interviews.

Mobile Commerce		http://www.mobilecommerceworld.com
CRM				http://www.ccworldnet.com
Digital Media			http://www.digitalmediaweb.com
Bandwidth Carriers		http://www.carriersworld.com
Utilities				http://www.utilicon.com.au
Smart Cards			http://www.cards-worldwide.com
Hedge Funds			http://www.hedgefundsworld.com
Financial Modelling		http://www.financialmodellingworld.com
Pharmaceutical R&D		http://www.pharma-rd.net
Leisure World			http://www.leisureworldasia.com
-----------------------------------------------------------------------------------------------------------------

We adhere to a 'no spam' policy. If you wish to be deleted from this mailing
list, go to http://www.terrapinn.com/unsubscribe.asp?ECode=3

-----------------------------------------------------------------------

? 2001 Terrapinn Pty Ltd.