27 Years of the Digest ... founded August 21, 1981
Previous Issue (Only one)
Classified Ads
TD Extra News
Add this Digest to your personal
or 
Message Digest
Volume 28 : Issue 27 : "text" Format
Messages in this Issue:
Microsoft Windows Does Not Disable AutoRun Properly
Re: Staff Finds White House in the Technological Dark Ages
Re: Staff Finds White House in the Technological Dark Ages
Re: Staff Finds White House in the Technological Dark Ages
====== 27 years of TELECOM Digest -- Founded August 21, 1981 ======
Telecom and VOIP (Voice over Internet Protocol) Digest for the
Internet. All contents here are copyrighted by Patrick Townson and
the individual writers/correspondents. Articles may be used in other
journals or newsgroups, provided the writer's name and the Digest are
included in the fair use quote. By using -any name or email address-
included herein for -any- reason other than responding to an article
herein, you agree to pay a hundred dollars to the recipients of the
email.
===========================
Addresses herein are not to be added to any mailing list, nor to be
sold or given away without explicit written consent. Chain letters,
viruses, porn, spam, and miscellaneous junk are definitely unwelcome.
We must fight spam for the same reason we fight crime: not because we
are naive enough to believe that we will ever stamp it out, but because
we do not want the kind of world that results when no one stands
against crime. Geoffrey Welsh
===========================
See the bottom of this issue for subscription and archive details
and the name of our lawyer, and other stuff of interest.
----------------------------------------------------------------------
Date: Tue, 27 Jan 2009 07:56:06 -0500
From: Monty Solomon <monty@roscom.com>
To: redacted@invalid.telecom.csail.mit.edu
Subject: Microsoft Windows Does Not Disable AutoRun Properly
Message-ID: <p0624083ac5a46bc4af51@[10.0.1.6]>
National Cyber Alert System
Technical Cyber Security Alert TA09-020A
Microsoft Windows Does Not Disable AutoRun Properly
Original release date: January 20, 2009
Last revised: January 21, 2009
Source: US-CERT
Systems Affected
* Microsoft Windows
Overview
Disabling AutoRun on Microsoft Windows systems can help prevent the
spread of malicious code. However, Microsoft's guidelines for
disabling AutoRun are not fully effective, which could be considered
a vulnerability.
...
http://www.us-cert.gov/cas/techalerts/TA09-020A.html
------------------------------
Date: Tue, 27 Jan 2009 09:57:30 -0500
From: "MC" <for.address.look@www.ai.uga.edu.slash.mc>
To: redacted@invalid.telecom.csail.mit.edu
Subject: Re: Staff Finds White House in the Technological Dark Ages
Message-ID: <FaFfl.1539$pq.53@bignews1.bellsouth.net>
<hancock4@bbs.cpcn.com> wrote in message news:7238af15-c8ed-427f-929c-
> rest of us suffer for it. The Internet was allowed to grow without
> proper controls (controls that normal computer systems always have)
> because the early people believed in a utopian world. That utopia
> might have worked in a closed collegiate world (and actually it didn't
> work that well), but it was an utter failure in the wide open real
> world.
Tell me about it! In the 1990s I had the job of leading the team that
drafted and then promulgated the University of Georgia's computer
security policy. A *large* subset of the population assumed at the
outset that the Internet was a fantasy world or game in which people
ought not to have any real responsibilities. When we hammered home
the point that illegal activity (e.g., making threats of violence)
does not become legal just because it's on the Internet, they tried to
portray me as an oppressor.
(The point of law is what I call the Stealing Elephants Principle: In
the U.S. criminal code there is, as far as I know, no specific mention
of stealing elephants, but that does not mean it's legal to steal an
elephant. In the same way, the law does not have to specifically
mention computers in order for an illegal act that happens to involve
a computer to be illegal.)
------------------------------
Date: Tue, 27 Jan 2009 18:35:38 +0000 (UTC)
From: wollman@bimajority.org (Garrett Wollman)
To: redacted@invalid.telecom.csail.mit.edu
Subject: Re: Staff Finds White House in the Technological Dark Ages
Message-ID: <glnk5q$1hgb$1@grapevine.csail.mit.edu>
In article <7238af15-c8ed-427f-929c-33c8207f8519@r22g2000vbp.googlegroups.com>,
<hancock4@bbs.cpcn.com> wrote:
>The Internet was allowed to grow without proper controls [...]
>because the early people believed in a utopian world.
The "early people" knew very well that they had completely ignored
security: they did so intentionally, knowing that the network would
only ever be accessible to a few thousand DoD-approved contractors and
grantees. (Many of the "early people" had spent their prior careers
working on operating systems with significant security design
requirements, like Multics.) There was a fundamental principle that
hosts were responsible for their own security, which made[1] a great
deal of sense in a world where computers required large rooms and
skilled full-time staff to maintain (as opposed to today, where a
resource inversion has given the "bad guys" access to vastly more
computational power and network resources than the "good guys").
Nobody expected that their "walled garden" would be turned inside out.
-GAWollman
[1] Actually, it still makes a great deal of sense, and it's how I run
my network; what's changed is that it can no longer be the sole means
of defense.
--
Garrett A. Wollman | The real tragedy of human existence is not that we are
wollman@csail.mit.edu| nasty by nature, but that a cruel structural asymmetry
Opinions not those | grants to rare events of meanness such power to shape
of MIT or CSAIL. | our history. - S.J. Gould, Ten Thousand Acts of Kindness
------------------------------
Date: Tue, 27 Jan 2009 21:37:08 -0500
From: "MC" <for.address.look@www.ai.uga.edu.slash.mc>
To: redacted@invalid.telecom.csail.mit.edu
Subject: Re: Staff Finds White House in the Technological Dark Ages
Message-ID: <yqPfl.1757$pq.601@bignews1.bellsouth.net>
"Garrett Wollman" <wollman@bimajority.org> wrote in message news:glnk5q$1hgb$1@grapevine.csail.mit.edu...
> In article <7238af15-c8ed-427f-929c-33c8207f8519@r22g2000vbp.googlegroups.com>,
> <hancock4@bbs.cpcn.com> wrote:
>>The Internet was allowed to grow without proper controls [...]
>>because the early people believed in a utopian world.
> The "early people" knew very well that they had completely ignored
> security: they did so intentionally, knowing that the network would
> only ever be accessible to a few thousand DoD-approved contractors and
> grantees.
Right; the early Internet was designed for use by people who were held
accountable to their community by other means, and in fact mostly knew
each other or at least respected each other as valuable colleagues.
But there was a second wave of not-quite-so-early people who really
did believe they were creating an alternative utopian society by
networking their computers. It was very fuzzy thinking, but it was
common.
There was also a perpetual-adolescence mindset: commercialism is evil,
business is evil, somebody should pay for lots of big computers for
us.
------------------------------
TELECOM Digest is an electronic journal devoted mostly to telecom-
munications topics. It is circulated anywhere there is email, in
addition to Usenet, where it appears as the moderated newsgroup
'comp.dcom.telecom'.
TELECOM Digest is a not-for-profit, mostly non-commercial educational
service offered to the Internet by Patrick Townson. All the contents
of the Digest are compilation-copyrighted. You may reprint articles in
some other media on an occasional basis, but please attribute my work
and that of the original author.
The Telecom Digest is currently being moderated by Bill Horne while
Pat Townson recovers from a stroke.
Contact information: Bill Horne
Telecom Digest
43 Deerfield Road
Sharon MA 02067-2301
781-784-7287
bill at horne dot net
Subscribe: telecom-request@telecom-digest.org?body=subscribe telecom
Unsubscribe: mailto:telecom-request@telecom-digest.org?body=unsubscribe telecom
This Digest is the oldest continuing e-journal about telecomm-
unications on the Internet, having been founded in August, 1981 and
published continuously since then. Our archives are available for
your review/research. We believe we are the oldest e-zine/mailing list
on the internet in any category!
URL information: http://telecom-digest.org
Anonymous FTP: mirror.lcs.mit.edu/telecom-archives/archives/
(or use our mirror site: ftp.epix.net/pub/telecom-archives)
RSS Syndication of TELECOM Digest: http://telecom-digest.org/rss.html
For syndication examples see http://feeds.feedburner.com/telecomDigest
Copyright (C) 2008 TELECOM Digest. All rights reserved.
Our attorney is Bill Levant, of Blue Bell, PA.
************************
---------------------------------------------------------------
Finally, the Digest is funded by gifts from generous readers such as
yourself who provide funding in amounts deemed appropriate. Your help
is important and appreciated. A suggested donation of fifty dollars
per year per reader is considered appropriate. See our address above.
Please make at least a single donation to cover the cost of processing
your name to the mailing list.
All opinions expressed herein are deemed to be those of the
author. Any organizations listed are for identification purposes only
and messages should not be considered any official expression by the
organization.
End of The Telecom digest (4 messages)
******************************
| |