Tuesday, May 1, 2007

Daily Highlights

The Los Angeles Times reports a gasoline tanker truck crashed and exploded Sunday, April 29, causing a 170−foot stretch of a major Bay Area freeway interchange to warp and collapse on the freeway below, forcing the closure of two damaged sections of the heavily traveled system which carries 270,000 vehicles to and from San Francisco each day. (See item 9)
·
The Associated Press reports public health experts are concerned that a shortage of farm animal veterinarians could lead to disease outbreaks, potentially endangering human health and risking the nation's food supply, with concerns centered on more than 800 diseases that can spread from animals to humans. (See item 16)
·
USA TODAY reports a deadly hemorrhagic septicemia virus is killing fish of all types in the Great Lakes, which some scientists fear could trigger a disaster for the nation's freshwater fish. (See item 18)

Information Technology and Telecommunications Sector

36. April 30, SC Magazine — Second Adobe Photoshop flaw disclosed in a week. The hacker who last week disclosed a vulnerability in Adobe Photoshop posted exploit code for a fresh vulnerability in the product Monday, April 30. The most recently discovered vulnerability exists in Photoshop versions CS2 and CS3 and Photoshop Elements version 5. The flaw is caused by a boundary error within the PNG.8BI Photoshop Format Plugin when handling PNG files, according to a Secunia advisory. The flaw was ranked "highly critical" by Secunia. The vulnerability can be exploited to cause a stack−based buffer overflow via a malicious PNG file. Secunia recommended users avoid untrusted PNG files, adding that the flaw can be exploited to run arbitrary code.
Secunia advisory: http://secunia.com/advisories/25044/
Source: http://scmagazine.com/us/news/article/653839/second−adobe−photoshop−flaw−disclosed−week/

37. April 27, Nature — Quantum cryptography is hacked. A team of researchers has, for the first time, hacked into a network protected by quantum encryption. Quantum cryptography uses the laws of quantum mechanics to encode data securely. Most researchers consider such quantum networks to be nearly 100% uncrackable. But a group from the Massachusetts Institute of Technology (MIT) in Cambridge, MA, was able to 'listen in' using a sort of quantum−mechanical wiretap. The trick allowed them to tease out about half of the data, in a way that couldn't be detected by those transmitting or receiving the message. The group admits that their hack isn't yet capable of eavesdropping on a real network. "It is not something that currently could attack a commercial system," says Jeffrey Shapiro, a physicist at MIT and one of the authors on the study. But they expect that one day it will be able to do so, if quantum encryption isn't adequately adapted to stop such hackers from succeeding. The idea for this cunning trick has been around since 1998, but nobody had put it into practice until now. The team's experimental proof−of−concept is published in the 25 April issue of the journal Physical Review A.
Abstract: http://scitation.aip.org/getabs/servlet/GetabsServlet?prog=normal&id=PLRAAN000075000004042327000001&idtype=cvips&gifs=Yes
Source: http://www.nature.com/news/2007/070423/full/070423−10.html