[ISN] Who wants to be a hacker millionaire?

From: InfoSec News (isnat_private)
Date: Sun Apr 29 2001 - 19:16:28 PDT

  • Next message: InfoSec News: "[ISN] Silver Lords lead record anti-India hacking spree"

    The Globe and Mail
    Sunday, April 29
    A Canadian startup is so convinced its network security device is
    bulletproof from cyberattacks that it's willing to pay $1-million
    (U.S.) to anyone who can break through.
    Saafnet International Inc. of Burnaby, B.C., said that with the
    adoption of high-speed Internet access, such as cable modems and
    digital subscriber lines (DSL), home computer users are increasingly
    vulnerable to cyberburglaries and cybervandalism if the connection is
    always on.
    So the one-year-old company has developed hardware called AlphaShield,
    which fits between a computer and a modem. Users can surf the Web as
    usual, but the device intermittently disconnects the computer.
    That prevents virtual thieves from having enough time to enter and
    tamper "The gate never opens unless the user actively clicks on the
    [mouse] button or activates the command to go and get the
    information," said Vikash Sami, Saafnet's 24-year-old founder and
    chief executive officer.
    "From a user's side, it's seamless. It doesn't affect your surfing at
    all," spokesman David Henderson said. "From the outside, hackers are
    basically locked out of your system because they effectively only have
    seconds to try to hack into your system before the connection is cut."
    The company is so confident that it plans to stage a contest over five
    days in July or August, inviting people to try to break into a Saafnet
    computer system that has had the device installed.
    Participants will be invited to go to Saafnet's Web site and get an
    Internet protocol address of the computer. Anyone who brings back a
    piece of code or password that Saafnet preregistered will be the
    winner of the grand prize.
    Saafnet said it is still working out the legalities and contest
    regulations and is negotiating with a U.S. broadcasting company to air
    the contest on television.
    When asked if it was just a marketing gimmick to get some media
    exposure for Saafnet, Mr. Sami said: "No. We're in final negotiations
    with a few of the big broadcasting companies that will be holding this
    contest for us and also some security companies that will help us with
    the technical side of it. So we're quite serious." Hacking contests
    are not new. Last September, the Secure Digital Music Initiative
    (SDMI), an industry group, invited hackers to crack into several
    encryption methods that protect the copying of digital music files.
    Several people claimed to have successfully hacked into four methods,
    but the group disputes the claim. And earlier this month, security
    firm Argus Systems Group called on people to try to penetrate software
    that secures a Web server.
    But industry observers say these contests don't necessarily mean that
    a company's product is secure.
    "Just because a technology survives a contest doesn't mean it's
    secure," Bruce Schneier wrote in InternetWeek magazine. Mr. Schneier
    is chief technology officer of Counterpane Internet Security Inc., a
    managed-security monitoring firm in California. "There's no way of
    knowing whether anyone really tried to compromise the security of
    either a system or some form of content." The idea for Saafnet's
    device came after a friend's computer was ransacked by cyberintruders
    who stole personal files and left viruses that crashed his system, Mr.
    Sami said. That friend asked him if there was any existing security
    technology that was 100 per cent effective.
    "There's lots of sophisticated software out there but nothing will
    guarantee 100-per-cent protection," Mr. Sami recalled. "The only way
    you can protect your self is by unplugging the data line from the
    computer." Mr. Sami, who has a computer sciences degree and was a
    freelance contractor specializing in networking, bought some parts
    from a Radio Shack store and eventually invented a prototype. Since
    then, he has worked with engineers to perfect the technology at
    Saafnet, a company he founded in March, 2000.
    The company, which employs 12 people and has raised $2-million from a
    group of private investors, plans to make the device commercially
    available in the summer for consumers and small businesses for $149.
    It has also received a letter of intent from a Virginia-based venture
    capital firm for $100-million, the company said.
    Saafnet competes with other companies such as Whale Communications
    Ltd. of New Jersey.
    ISN is hosted by SecurityFocus.com
    To unsubscribe email LISTSERVat_private with a message body of

    This archive was generated by hypermail 2b30 : Mon Apr 30 2001 - 00:48:25 PDT