Lab helps Seattle pilot federal-local security project. The Lawrence Livermore National Laboratory and Public Technology Inc. are partnering in a project to enhance local governments' ability to monitor, detect and report chemical and biological releases in the atmosphere. The project, called the "Local Integration of National Atmospheric Release Advisory Center" (LINC), intends to help local agencies prepare for and respond to urban chemical and biological attack, and will eventually provide continuous operation of an integrated nationwide system for all levels of government. Currently, the laboratory is assessing the capabilities of Seattle's fire department, emergency operations center, hazardous material units and mobile command centers. Based on that assessment, the laboratory will provide the city with Web-based tools and databases that map and predict the probable spread of hazardous material at multiple sites. Although Seattle currently uses tools developed in an earlier federal-local partnership, this program will give the Seattle Fire Department, Emergency Response Center, HazMat Mobile Command Center and others access to advanced federal resources in an attempt to leverage federal coordination, communication and research for local jurisdictions. (Federal Computer Week; Government Technology, 16 Apr) SSL keys coming up short. More than 15 percent of the Secure Sockets Layer (SSL) servers in the US are using short RSA keys that are in danger of being compromised with off-the-shelf products and computing resources available to individuals in most medium-size businesses. SSL is the de facto standard protocol used to encrypt data going to and from Web sites, typically for financial transactions on e-commerce sites. If the RSA key is compromised, an attacker is able to impersonate the Web site and decrypt traffic intercepted to or from the site. (Eweek, 15 Apr) WWU Comment: The significance of this issue lies in the potential for individuals with semi-sophisticated capabilities who have access to readily-available resources to take advantage of lesser security key implementations of widely used security products. The stature of SSL as the de facto standard offers a false sense of security when using the lesser security key implementation in the same manner that fire walls and intrusion detection systems that are poorly configured fail to provide adequate protection. Argentine judge rules in favor of hackers. Arguing that the law only covers physical things and not digital attacks, an Argentine federal judge acquitted several Argentines known as "X-Team" of charges that they broke into the high court's Web page. The judge so ruled because "hacking does not harm things, people, or animals (so) it was not covered by the law." It should be noted that in Argentina court rulings do not set legal precedent, meaning that, in a new case, another judge could rule differently on hacking's legality. (Reuters, 15 Apr) WWU Comment: This case is but one example of how the complex interconnectivity of the Internet and the ability of hackers to disguise their location facilitates hackers with malicious intent. Certainly an attack could be routed through Argentina to avoid prosecution. New Klez.E computer virus detected in Japan. A Japanese software maker has detected a new computer virus that can overwrite text and data files and disable antivirus software every sixth day of an odd-number month. Klez.E propagates itself by sending virus copies to e-mail addresses from a computer's address book. But unlike other computer bugs, Klez.E hides the sender's address, making it hard for users to know if they are infected. 712 cases of the virus had in been reported in Japan this month alone. (Associated Press, 16 Apr) Industry's resistance stalls bill to protect food. Legislation to improve food safety has stalled on Capitol Hill because of strong opposition from the food industry. The National Food Processors Association believes the proposal reaches beyond what is needed to deal with bioterrorism. The bill follows suggestions from the White House and the Food and Drug Administration, and was written by senior members of both parties. The legislation would increase inspections of imported foods and would allow federal agents to inspect company records that might disclose the source of tainted foods. It would also require importers to give notice of shipments, require food manufacturers and processors to register with the government, and authorize the FDA to detain food products without a court order. (New York Times, 16 Apr) WWU Comment: Millions of illnesses and thousands of deaths are attributed each year to food borne diseases in the US, and the threat of contamination by terrorists is a viable possibility. Because of this, the food sector and government realize the importance of a successful working partnership and the need to continue discussions aimed at protecting the food infrastructure. Reagan National Airport given green light to restore flights to pre-11 September levels. With new security measures in place, the Department of Transportation has authorized Washington's Reagan National Airport to restore service levels to those in place before the September 11 terrorist attacks - about 800 flights to 69 cities. The new safety precautions include pre-flight screenings for aircraft crews, expanded police and canine patrols, and random passenger checks with hand-held metal detectors. Reagan had been the last commercial airport in the nation to face such restrictions. Other limitations remain in place. Planes with more than 155 seats are barred from Reagan because of the airport's proximity to the capital, and a curfew restricts flights between the hours of 10 p.m. and 7 a.m. (Associated Press, 16 Apr) Oil giants blamed for Lake Tahoe water pollution. On 15 April, a San Francisco jury found three oil companies - Tosco Corporation, Shell Oil, and Lyondell Chemical (formerly Arco) - responsible for polluting Lake Tahoe groundwater with the gasoline additive MTBE, an oxygenate used to help regions reach clean air standards. The South Tahoe Public Utility District sued the oil companies in 1998 after it had to close a third of its drinking water wells as a result of MTBE pollution. The cost to remove MTBE from the water supply will be about $45 million. Damages will be assessed in another phase of the trial. (East Bay Business Times, 16 Apr) Department of Environmental Protection cites new sewage plant. Less than a year and a half after building a new sewage-treatment plant to solve pollution problems, Kennett Square in Pennsylvania is again having trouble with the state Department of Environmental Protection over discharges. According to court documents, visitors to Delaware's Ashland Nature Center, about five miles downstream, have noticed odors which occasionally have made trails along the creek unusable. DEP biologists have also observed damage to the benthic community - small animals that live on the bottom of a stream. According to the DEP suit, there have been "numerous exceedances" of pollutants in discharges into the creek since June. Excessive amounts of ammonia have been released, as well as some "treatment plant solids" - not raw sewage, but material from the treatment process. (Philadelphia Inquirer, 16 Apr) US Customs has new tracking plan. Under a federal program announced 16 April, planes, trucks and ships that supply US corporations will be able to avoid routine US Customs inspections at border crossings. Homeland Security Director Tom Ridge, other federal officials and auto executives praised the program at the US-Canadian border in Detroit. "We will enhance security," Ridge said. "We will facilitate commerce. And in the end, we'll be a safer ... country." The partnership should result in quicker border crossings by US-bound shipments than before 11 September, said Kevin Smith, General Motors Corp. director of customs administration. Under the plan, importers agree to work with the government to boost security in their supply chains, including stiffer employee background checks and more scrutiny of goods being shipped across the border. (Associated Press, 16 Apr) ~WC
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:40:51 PDT