Message-ID: <1846589.1075859390975.JavaMail.evans@thyme> Date: Tue, 4 Dec 2001 03:36:38 -0800 (PST) From: database.au@terrmail3.terrapinn.com To: mhaedic@ect.enron.com Subject: Privacy policies need dumbing down Mime-Version: 1.0 Content-Type: text/plain; charset=ANSI_X3.4-1968 Content-Transfer-Encoding: 7bit X-From: Information Security World X-To: Mr Mark E Haedicke X-cc: X-bcc: X-Folder: \Mark_Haedic_Jan2002\Haedicke, Mark E.\Inbox X-Origin: Haedicke-M X-FileName: mhaedic (Non-Privileged).pst Information Security World E-NEWS http://www.informationsecurityworld.com Tuesday 4th December 2001 Welcome to Information Security World e-news, delivering industry news and information to over 35,000 subscribers worldwide. Log on to view our latest exclusive streamed interview. Chris Poulos from Trend Micro discusses the arms race for computer virus protection. http://www.informationsecurityworld.com/Tmpl/ArchTV.asp?CID=16 Eva Iles, Editor Online Communications mailto:eva.iles@terrapinn.com ***SPOTLIGHT*** PRIVACY POLICIES NEED DUMBING DOWN Two separate surveys released in the US today have revealed that only a small fraction of people read privacy policies on Internet sites because the wording of the policies is too difficult. http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10501&TCode=NW ***INDUSTRY NEWS*** US SOCIAL SECURITY LAWS OPEN SLATHER FOR CRIMINALS Two congressional leaders in the US are pushing for tighter Social Security administration procedures to make it harder for criminals to exploit the identities of the deceased. http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10466&TCode=NW CISCO IOS FIREWALL VULNERABILITY JUST 'CUTE' Cisco's IOS Firewall Feature set has a vulnerability that permits traffic to flow when it should be blocked by dynamic access control lists. http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10470&TCode=NW UK CAMPAIGN TO HIGHLIGHT ONLINE PERVERT DANGER A UK government initiative to prevent children being exploited by paedophiles in Internet chatrooms will begin by educating parents. http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10471&TCode=NW AUSTRALIA WARNED ABOUT UNIX BASED ATTACKS Internet security experts are warning users of Unix-based servers to prepare for attacks similar to Code Red. http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10474&TCode=NW SUBCOMMITTEE TO DEBATE US SECURITY EFFORTS A bill to examine and debate the privacy and security of information collected by the Bush administration's new anti-terrorism agency has been introduced. http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10465&TCode=NW AUSTRALIAN COMPANIES CAN'T IGNORE PRIVACY LAWS Australian companies are making last-minute preparations for privacy act compliance, which comes into effect on December 21. http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10423&TCode=NW BLACK HATS SHOWN HOW TO CRASH NOKIA MOBILES A new tool used to freeze mobile phones by SMS has been demonstrated to delegates at the UK Black Hat conference. http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10425&TCode=NW FLUFFI BUNNI HACKS BANNER ADS ON SECURITY WEBSITE Banner ads promoting a notorious group of hackers known as Fluffi Bunni have appeared on the SecurityFocus.com website after the group compromised a server operated by the leading security firm's advertising partner. http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10440&TCode=NW 'SATAN' HACKS 25 CHURCH WEB SITES A cracking group claiming to be working for Satan has been hacking into a number of Church web sites around the world. http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10389&TCode=NW EMS SECURITY NEWSLETTER LEAVES USERS WITH NIMDA Software security vendor EMS has sent out a newsletter containing a link that could leave users infected by the Nimda worm. http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10391&TCode=NW ***VIRUS ALERTS*** TODAY'S TOP FIVE THREATS Details on the most prominent viruses worldwide over the past 24 hours. http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10508&TCode=NW CHRISTMAS IS A TIME FOR GIVING? VIRUSES A renewed warning is being made about viruses spreading by socially engineered emails this Christmas. http://www.informationsecurityworld.com/Tmpl/article.asp?CID=16&AID=10477&TCode=NW For daily updates, visit the Information Security World virus, trojan and worm updates channel: http://www.isecworldwide.com/Tmpl/Channel.asp?SCID=138&CID=16 -------------------------------------------------------------------------------------------------------------- ***POLL*** THIS WEEK'S POLL: Does your company have a customer privacy policy? Let us know! http://www.informationsecurityworld.com/Tmpl/Archpolls.asp?CID=16 RESULTS OF LAST WEEK'S POLL: Would you lend your biometric info to a friend? 51.4% Yes 48.6% No ***PORTAL DISCUSSION*** A recent survey has found that 56% percent of people would be willing to share their fingerprint or eyeball identification to enter public or corporate buildings, while 35% are concerned about sacrificing their privacy for better security. Why is this? Here's what you're saying: "Passwords are readily transferable. You introduce biometrics to eliminate "sharing". This can be made impossible by storing biometrics on a secure token and implementing a token match process. No database storage required!! Then only you can access your entitlement. Simple!" "I think somehow that you have missed the point. Using biometrics to limit administrative access on your network would work using your "simple" proposition but the question refers more to the problem of physical access. Maybe you can explain how creating a cookie will help if someone decides to let someone else into their office block by putting their finger in the biometric device and holding the door open for the other person to come in as well." Have your say: http://www.informationsecurityworld.com/Tmpl/discussion.asp?CID=16&DID=67 ------------------------------------------------------------------------------------------------------------ UPCOMING INFORMATION SECURITY WORLD EVENTS: ASIA 2002: 16-18 April 2002, Singapore International Convention & Exhibition Centre http://www.informationsecurityworld.com/isec_asia2002/ BUSINESS CONTINUITY AND DISASTER SUMMIT JOHANNESBURG: 7-9 May 2002, Midrand Gallagher Estate http://www.terrapinn.com/simpleEvent/index.asp?EID=1065 SYDNEY: 19-21ST August 2002, Darling Harbour, Sydney Sydney Convention & Exhibition Centre http://www.isec-worldwide.com/isw_aus_2002. AFRICA 2002: 1-3 October, The Dome at Northgate, Johannesburg http://www.terrapinn.co.za/event/E1056/ ------------------------------------------------------------------------------------------------------------ Please forward any comments, queries or submissions to mailto:informationsecurityworld@terrapinn.com -------------------------------------------------------------------------------------------------------------- SPONSOR THIS E-NEWSLETTER and ensure that your message gets into your target market's email box. Contact mailto:informationsecurityworld@terrapinn.com --------------------------------------------------------------------------------------------------------------------------- Terrapinn publish a series of highly targeted b2b e-newsletters. They provide breaking news, in-depth features, and streamed industry interviews. Mobile Commerce http://www.mobilecommerceworld.com CRM http://www.ccworldnet.com Digital Media http://www.digitalmediaweb.com Bandwidth Carriers http://www.carriersworld.com Utilities http://www.utilicon.com.au Smart Cards http://www.cards-worldwide.com Hedge Funds http://www.hedgefundsworld.com Financial Modelling http://www.financialmodellingworld.com Pharmaceutical R&D http://www.pharma-rd.net Leisure World http://www.leisureworldasia.com ----------------------------------------------------------------------------------------------------------------- We adhere to a 'no spam' policy. If you wish to be deleted from this mailing list, go to http://www.terrapinn.com/unsubscribe.asp?ECode=3 ----------------------------------------------------------------------- ? 2001 Terrapinn Pty Ltd.