Wednesday, August 22, 2007

Daily Highlights

The FBI released a bulletin late Monday, August 20, that includes photographs of two men who have recently been seen acting suspiciously aboard Washington State ferries, taking photos of parts of the boats among other activities. (See item 12)
The Department of Homeland Security has agreed to launch a project with Vermont that will enhance the security of state driver's licenses, which could potentially serve as an acceptable alternative document for crossing the United States' land and sea borders. (See item 15)
Information Technology and Telecommunications Sector

32. August 21, IDG News Service — Gunplay blamed for Internet slowdown. Internet service providers in the U.S. experienced a service slowdown Monday, August 20, after fiber optic cables near Cleveland were apparently sabotaged by gunfire. TeliaSonera AB, which lost the northern leg of its U.S. network to the cut, said that the outage began around 4 p.m. EDT Sunday night. When technicians pulled up the affected cable, it appeared to have been shot. "Somebody had been shooting with a gun or a shotgun into the cable," said Anders Olausson, a TeliaSonera spokesperson. The damage affected a large span of cable, more than two−thirds of a mile long, near Cleveland, TeliaSonera said. The company declined to name the service provider whose lines had been cut.

33. August 20, eWeek — Skype blackout fixed, caused by massive PC restart. The blackout that left millions of Skype users without the ability to make Internet phone calls from their PCs for two days was, ironically, triggered by the service's users. Skype spokesperson Villu Arak wrote in a blog post Monday, August 20, that the outage, which was resolved August 18, happened after a massive restart of its users' computers across the globe as they "re−booted after receiving a routine set of patches through Windows Update." Arak said the high number of restarts in a short time period clogged Skype's network, causing a flood of log−in requests. These, combined with the lack of peer−to−peer (P2P) network resources, "prompted a chain reaction that had a critical impact." While Skype's P2P network does have the ability to fix itself for just such problems, Arak said the outage revealed a software bug within the network resource allocation algorithm that prevented the self−healing function from properly working. This bug was not, he said, created via malicious activity.

34. August 20, ComputerWorld — First exploit appears for Patch Tuesday vulnerability. A security researcher has published the first exploit against one of the 14 vulnerabilities patched last week by Microsoft Corp., security company Symantec Corp. has warned customers. In a posting to the Full Disclosures security mailing list, Alla Bezroutchko, a senior security engineer at Brussels−based Scanit NV/SA, spelled out JavaScript code that crashes Internet Explorer 6.0 on Windows 2000 and Windows XP Service Pack 2. Bezroutchko's proof of concept exploits the critical bug in XML Core Services that was patched by MS07−042. That update, one of six rated "critical" by Microsoft, affected every currently supported version of Windows, including the new Vista operating system. Symantec warned users of its DeepSight threat−alert network to expect Bezroutchko's crude exploit to be polished soon. "The current proof of concept will crash Internet Explorer; however, it is likely that this code will be modified to produce a code−execution exploit in the near future," read the Symantec warning.

No comments: