OPEC still on course for output hike-delegate. OPEC remains on course to relax supply curbs when it meets in September as oil market fundamentals outweigh concerns over the global economic slowdown, a senior OPEC delegate said on 15 August. Petroleum demand typically accelerates during that six month stretch which covers the northern hemisphere's winter. A series of OPEC supply curbs up to January 2002 has put five million barrels per day (bpd) in reserves and left most producers longing to turn up the taps. The US, the world's biggest oil consumer, has urged OPEC -- which controls two-thirds of world exports -- to boost production by one million bpd to prevent a price spike this winter. (Reuters, 15 Aug) Yukos, Lukoil may build oil terminal in Murmansk. Russia's largest oil companies, OAO Yukos and OAO Lukoil, are in talks over the construction of an oil terminal in the Barents Sea Port of Murmansk, Russia. The new terminal, designed for oil exports to the US, would provide an alternative to the Black Sea Port of Novorossisk. Lukoil, the country's largest oil company, says the underwater oil terminal would fill tankers with a capacity of up to 2 million barrels for shipments to the US. (Yahoo.com, 15 Aug) $50 million drinking water reservoir closer to reality. The US Environmental Protection Agency signed off 12 August on the Army Corps of Engineers' notice of intent to issue a permit to build a reservoir that will help the Atlanta, GA region's drinking water supply. Barring unforeseen legal challenges, construction of the Tussahaw Creek Reservoir could begin later this year. The 1,477-acre reservoir will straddle two counties and cost upward of $50 million, not including land acquisition. The reservoir is needed in the region to meet its future drinking water demands. (Waternet.com, 14 Aug) Utilities seek to overcome problems related to aging energy. The aging US energy infrastructure -- generating plants, thousands of miles of high-voltage transmission lines, transmission towers, and distribution facilities -- is starting to raise concern among utility and transmission companies who are straining to find an inexpensive solution to ensure its capabilities. The grid, originally built to interconnect neighboring utilities, is now being used as a 'superhighway' for electric companies. The number of transactions on the grid has increased significantly because of competition. As a result, the transmission system is facing dramatic increases in congestion, which threatens system reliability and increases costs to consumers. Upgraded transmission lines may be needed soon to meet the demands of a competitive market. (Business Wire, 14 Aug) Survey: City/county e-gov growing. The International City/County Management Association (www.icma.org) conducted a recent survey of 4,123 cities and counties on various technology practices used in government operations. Operations include e-government, online procurement, geographic information systems, communication, financing, and Intranets. The survey indicates the continuing use of technology to transform the way local governments communicate with their constituents and operate internally. Survey results include; 63 percent of local governments use geographic information systems, 65 percent outsource hosting of their Web sites, and more than 70 percent of cities and counties report that their citizens communicate online with elected officials. (Federal Computer Week, 15 Aug) Wearable encryption system 'will safeguard laptop data'. Engineers may have developed a way to stop information on laptops from falling into the wrong hands. The University of Michigan's Zero-Interaction Authentication system automatically encrypts information when owners stray from their machines. Most data encryption systems require users to actively encrypt or decrypt their documents. The new system automates this process via a wearable device that remains in wireless contact with the laptop. When the wearer moves away, the radio connection is broken and all data is automatically encrypted. Inventor Brian Noble says the technology could be embedded into any kind of portable device. The technology, backed by Intel and Novell, will be showcased at a computing conference in Atlanta, GA in September. (Ananova.com, 14 Aug) WWU Comment. This new encryption system could prove to be a valuable tool in the protection of confidential data. This tool could mitigate the failure to encrypt data through oversight, and could provide additional security, by having the private key stored in an external device, versus on the local machine. Hackers tool up for Unix attack. Security watchers have warned of a major vulnerability affecting multiple flavors of the Unix operating system. On 12 August security firm Entercept, in conjunction with CERT/CC, released details of a remotely exploitable vulnerability in the Common Desktop Environment (CDE) ToolTalk database server, which is part of the standard graphical interface on all commercial Unix platforms. According to the warning an attacker could use a specially crafted argument in a Remote Procedure Call (RPC) to exploit a vulnerability in the ToolTalk server. The exploit could be used to remotely execute arbitrary code on the target machine or cause a denial of service. The severity of the threat is compounded by the fact that the ToolTalk database server typically runs with root privileges, meaning that malicious code would be executed at the highest level. Entercept advises enterprises to deploy vendor patches as soon as possible. A number of major Unix distributors, such as Caldera, IBM and Sun, are planning to release patches in the very near future. (VNUnet, 13 Aug) DoS risk from Oracle9i debugging bug. A flaw in the debugging mechanism of Oracle9i supplies a mechanism for crackers to crash vulnerable servers. All Oracle9i installations are vulnerable to this attack, according to security tools firm ISS, which discovered the problem. The flaw could be used to launch denial of service attacks, it warns. Oracle9i has a debugging facility (enabled by default) which lets database administrator's collect additional information about the operation of the server. But the Oracle9i SQL*NET listener does not correctly handle certain types of debug requests that are submitted over the network. If Oracle9i encounters such a request, it will crash and no longer field SQL requests from authorized servers or clients. Functionality can only be restored after a manual restart, according to an alert on the problem by ISS. Oracle has issued a patch to address the issue, which can be obtained through its Worldwide Support Services Web site. Administrators are also advised to consider filtering SQL*NET port TCP/1521 at all border gateways to limit access to the Oracle listener and mitigate the risk of the vulnerability. (The Register, 14 Aug) _______________________________________________ Infragard_unsecured mailing list Infragard_unsecured@private http://listserv.leo.gov/mailman/listinfo/infragard_unsecured
This archive was generated by hypermail 2b30 : Mon Aug 19 2002 - 07:42:57 PDT