[ISN] Pop-Ups Plague Philadelphia Police

From: InfoSec News (isn@private)
Date: Mon Dec 29 2003 - 02:08:53 PST

Next message: InfoSec News: "[ISN] Linux Security Week - December 29th 2003"

Previous message: InfoSec News: "[ISN] Romania tackles rise in cyber-crime"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.nbc10.com/news/2722957/detail.html

POSTED: 11:01 AM EST December 23, 2003
UPDATED: 12:27 PM EST December 23, 2003

PHILADELPHIA -- We have all been bothered by those pop-up 
advertisements while trying to search the Internet. Recently those 
annoying ads also plagued the Philadelphia Police Department.

There have been computers on board police patrol cars for a number of 
years. They are called MDTs or mobile data terminals. They are now as 
much of a part of police equipment as a gun or a radio. 

"The information gets updated in the MDT as you're in route to the 
scene," said Sgt. Thomas Macartney.

Information is what officers normally see and expect to see on their 
computer terminal screen. But a week ago Saturday, some of the cops 
using the 300 newest MDTs had quite a surprise.

They got a pop-up advertisement for a pill similar to Viagra on their 
screens.

"It was, to say the least, an inappropriate pop-up for a police 
department to see," said Deputy Commissioner Charles Brennan. "Most of 
the officers took it as fake and I think they actually got kind of a 
chuckle out of it."

Brennan is in charge of scientific and technical services for the 
Philadelphia Police Department. He says the department's computer 
provider, Verizon, accidentally left open a wireless connection to the 
Internet on some computers.

"We believe that an officer got out to the internet, got a pop-up ad 
and then drug that pop-up ad back into our infrastructure and the 
pop-up ad actually duplicated itself on several dozen computers," said 
Brennan.

The pop-ups didn't affect police response time and Brennan says this 
does not indicate that the system is vulnerable to hackers. "The most 
secure information that we have doesn't go over the wireless network. 
That goes over wired lines, which are linked through another encrypted 
network. Even if someone got in, they would have to know the 
encryption key we're using so they would just see a bunch of encrypted 
data. They wouldn't know what it meant."

Brennan says the pop-up ad was eliminated from the system and Verizon 
is in the process of checking the new MDTs to make sure that the 
wireless connection to the Internet is disconnected.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo@private with 'unsubscribe isn'
in the BODY of the mail.

Next message: InfoSec News: "[ISN] Linux Security Week - December 29th 2003"
Previous message: InfoSec News: "[ISN] Romania tackles rise in cyber-crime"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Dec 29 2003 - 05:08:40 PST