Thursday, August 2, 2007

Daily Highlights

The Associated Press reports a tanker truck loaded with flammable liquid exploded in Sioux Center, Iowa, forcing about 2,000 people −− nearly a third of the population −− to evacuate for several hours. (See item 5)
·
CNN reports at least three people were killed when an interstate bridge in Minneapolis, Minnesota, collapsed Wednesday evening, August 1, plunging cars and chunks of concrete into the Mississippi River below. (See item 16)
·
The U.S. Department of Transportation Maritime Administration announced an agreement that could lead to the first LNG ships registered in the United States in almost ten years, potentially creating almost 200 jobs for U.S. mariners. (See item 20)
·
Information Technology and Telecommunications Sector

32. August 01, IDG News Service — Security update seeks out, erases modifications to iPhone. A security update for Apple's iPhone does more than just fix critical flaws in the handset. It also looks for and wipes out any modifications that users make to the firmware on their phones, according to hackers looking to unlock the phone. But the security update does not break any of the tools that hackers have so far developed to modify the iPhone's firmware, they said. The iPhone v1.0.1 update primarily addresses a security flaw uncovered in the handset's Safari browser that was to be detailed Thursday, August 2, at the Black Hat 2007 conference in Las Vegas. That vulnerability, uncovered by researchers at Independent Security Evaluators, allows an attacker to access data and applications on the phone from a Wi−Fi access point or a malicious Website.
iPhone v1.0.1 Update: http://docs.info.apple.com/article.html?artnum=306173
Source: http://www.infoworld.com/article/07/08/01/Security−update−to −iPhone_1.html

33. August 01, Sophos — Sophos announces top ten Web and e−mail−borne threats for July 2007. Sophos has revealed the most prevalent malware threats causing problems for computer users around the world during July 2007. The figures, compiled by Sophos' global network of monitoring stations, show a significant rise in the prevalence of the Mal/ObfJS family of Web threats −− up from just 1.8 percent last month to 17.3 percent this month. Despite this growth, Mal/ObjJS has not been able to dislodge Mal/Iframe from its number one position, accounting for more than half of all Web threats seen by Sophos. The top ten list of Web−based malware threats in July 2007 are as follows: 1) Mal/Iframe; 2) Mal/ObfJS; 3) Troj/Psyme; 4) Troj/Decdec; 5) Troj/Fujif; 6) Mal/Zlob; 7) VBS/Edibara; 8) Mal/Packer; 9) Mal/Behav; 9) VBS/Redlof. Experts at Sophos note that the prominence of both threats in the top ten emphasizes the popularity of the drive−by download technique with cybercriminals, as well as continued growth in the use of obfuscated Javascripts in compromising sites.
Source: http://www.sophos.com/pressoffice/news/articles/2007/08/topt enjul07.html

34. July 31, Reuters — FCC sets airwaves auction rule. The winner of valuable wireless airwaves the U.S. government plans to sell by early next year would have to permit consumers to connect using any device or software, U.S. regulators decided on Tuesday, July 31. The Federal Communications Commission (FCC) voted to shake up the wireless market by approving a set of ground−rules for the upcoming auction that would require the winner to make them accessible to any phone, other device or application. The requirement will apply to the 22 megahertz to be sold to a commercial provider, however FCC commissioners noted it would not apply to existing airwaves held by carriers. The airwaves to be sold in the 700−megahertz band can travel long distances and penetrate thick walls. The auction, which will be done with anonymous bidding, is seen as a last chance for a major new player to enter the wireless market
Source: http://www.eweek.com/article2/0,1895,2164621,00.asp

35. July 31, Reuters — Notebook makers face parts shortage. Makers of laptop computers are facing a shortage of components that could get worse this quarter, semiconductor price tracker and electronics market researcher DRAMeXchange said on Tuesday, July 31. DRAMeXchange said notebook makers began to experience tight supply of LCD panels, batteries, hard disc drives, casings and optical disc drives last quarter. "The situation could grow more serious in 3Q07, as quarterly shipments are expected to exceed 25.6 million, a quarter−on−quarter increase of 14.4 percent," it said.
Source: http://www.eweek.com/article2/0,1895,2164635,00.asp

36. July 31, ComputerWorld — Researcher blasts Zango for violating deal with FTC over adware. A noted spyware researcher on Tuesday, July 31, charged adware distributor Zango Inc. with numerous violations of a settlement struck last year with the U.S. Federal Trade Commission (FTC) that forbids the company from installing its pop−up and banner−serving software on a computer without getting a user's clear approval. In several descriptions illustrated with screenshots, Ben Edelman of Harvard University laid out evidence of what he said are widespread Zango practices that the company was barred from using in the November 2006 deal with the FTC. Tuesday, Edelman said the company has been ignoring the settlement. "Zango continues numerous practices likely to confuse, deceive or otherwise harm typical users" and also engages in "practices specifically contrary to Zango's obligations." In a long post on his Website, Edelman showed examples of recent online encounters with Zango adware installations that, he said, do not meet the criteria set by the FTC to inform a potential user of what he is about to download.
Edelman's Website: http://www.benedelman.org/spyware/zango−violations/
Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9028558&intsrc=hm_list

37. July 31, Federal Computer Week — DoD mandates data encryption for mobile devices. Pentagon officials must ensure certain data stored on mobile devices is encrypted in compliance with the National Institute of Standards and Technology's Federal Information Processing Standard 140−2, according to a new Department of Defense (DoD) policy. The policy, signed on July 3 by Pentagon Chief Information Officer John Grimes, mandates that all unclassified data not approved for public release should be treated as sensitive and must be encrypted. The policy does not apply to information cleared for public release. The term mobile devices describes laptop PCs and personal digital assistants, as well as removable storage media, like thumb drives and compact discs, Grimes wrote in a memo. The policy instructs Pentagon officials to pay particular attention to the encryption of mobile devices used by senior DoD officials, like flag officers and senior executives, who travel frequently outside the continental United States. According to Grimes, the loss or theft of mobile devices storing U.S. defense information abroad is especially severe.
Source: http://www.fcw.com/article103374−07−31−07−Web