Info Warthogs

[Anonymous]

Future Information Warfare Study Available


San Francisco, Sept. 6, 1995 -- Computer Security
Institute's "Special Report on Information Warfare"
describes how war might be fought in the 21st century.
The report will appear in the fall issue of the Computer
Security Journal, but is available now on request.


Patrice Rapalus, director of Computer Security Institute
(CSI), told Newsbytes, "In recent weeks, mass media
organizations such as Time Magazine, the Washington Post,
and National Public Radio have done stories on
information warfare. This report is a timely,
comprehensive and practical study on information warfare
and its impact on our future."


The report defines information warfare in contrast to
simple computer crime, "A computer crime is an act that
violates a law. It could be specifically targeted. It
could be isolated, or it could be one element of an
overall plan of attack. The conduct of information
warfare, in contrast, is never random or isolated (and
may not even violate a law). The term implies a concerted
effort to utilize information as a weapon with which to
wage war, whether on an actual battlefield or in
economic, political, or social arenas."


Four aspects of information warfare are listed in the
report: the electronic battlefield; infrastructure
attacks; industrial espionage; and personal privacy
attacks.


"It is important to understand that the term 'information
warfare' originated in the military and in its purest
sense refers to the grim and dangerous business of
real...country shattering war,"  says the report.


Computer Security Institute is located in San Francisco,
California, and is a wholly owned subsidiary of Miller
Freeman Publishing. Miller Freeman publishes over fifty
trade magazines including Dr. Dobbs Journal, Unix Review,
and LAN Magazine.


Computer Security Institute publishes, along with random
studies like the "Special Report on Information Warfare,"
a monthly newsletter, a semi-annual Journal, an annual
Buyers Guide, and a on-line bulletin board.


To obtain an advance copy of "Special Report on
Information Warfare," call 415-905-2310.

------


"Snooper" Software Digs Into Computers


San Francisco, Sept. 6, 1995 -- Vias & Associates Inc.
said it has introduced a new version of its "Snooper"
system information utility. The author of the software
said it is called Snooper because the program "snoops"
around the computer to report its configuration and
operating characteristics.


John Vias of Vias & Associates said his
company's program goes farther than other system
information programs, including Microsoft's MSD
(Microsoft System Detection), which is included in higher
versions of the company's DOS operating systems. "I think
Snooper is about the most accurate system information
utility you can get," he said. "People say it's easy to
use. It takes just one keystroke to go from the main
screen to any other screen. It also has a built-in editor
for 'autoexec' and 'config' files."


In all, Snooper can detect more than 150 details about a
person's computer, including CMOS settings, hard drive
type and capacity, any installed Micro Channel cards,
fax-modems, memory types and amount available to the
user, and video memory and type.


Snooper is targeted to all markets, Vias officials said,
including the average user, network administrators,
consultants, and technicians.


In the provided documentation is a wish list regarding
new features for future versions of Snooper, including
brand detection of additional non-Intel central
processing units (CPUs), detection of local bus cards and
tapes, and the ability to differentiate among different
types of hard drives.


Although Snooper can run in either DOS or Windows, Vias
said the program works best in the DOS environment. In
Windows, some of the software's reports must be disabled.
In addition, some of the test results may be in error or
unpredictable. Snooper requires an IBM PC or 100%
compatible machine, with at least 256 kilobytes (KB) of
RAM, a DOS with version 3.1 or higher, and some kind of
video card. Snooper retails for around $39, and is
available as both a full version and as shareware.


Vias also said he is working hard on a Windows 95 version
of Snooper. When tested the software on a Windows 95
machine running in DOS mode, no problems were
experienced. But running it in Windows mode made the
program very unpredictable.


-------


UK - PCMCIA Encryption Card Introduced


London, Sept. 5, 1995 -- PPCP, a PCMCIA (Personal
Computer Memory Card International Association)
specialist, has begun shipping the Session Key, a PCMCIA
Type II card from SCI Canada.


According to John Nolan, the company's managing director,
the card allows users to encrypt data on their PC hard
disk, as well as across serial port linked devices, such
as modems, using the DES algorithm. DES stands for Data
Encryption Standard, a US-originated high security
encryption system that is virtually unbreakable.


According to Nolan, the Session Key allows users to
protect their data on a selective basis. "Many of the
competing systems out there are only capable of
encrypting the user's entire hard disk. That obviously
protects the user's data, but if you forget your
password, you have serious problems," he explained.


"With the Session Key card, you create a new drive, the
'D' drive, to store the encrypted data. The card also
allows data to be transmitted by modem in DES format.
That allows a user maximum flexibility," he said.


When used to encrypt data on a user's hard disk, once the
Session Key is removed from the PCMCIA slot, all data on
the disk that is encrypted is protected against
unauthorized access. The encrypted data cannot be read or
used without reinserting the UKP349 card.


Nolan said that SCI has developed a second-generation
version of the Session Key, which will be available later
this year. "That version will use RSA encryption
techniques, as well Triple DES and a whole host of other
encryption systems," he said.


One of the problems with encryption devices like the
Session Key is the fact that the US Government currently
bans the export of certain types of encryption
technologies, as well as restricts the sale of many
technologies to "known parties."


According to Nolan, this approval system can cause the
company a few administrative problems. "We need to find
out who is the actual end-user and pass their details
back to SCI. My understanding is that the vetting is then
carried out at a government level in Canada or the US,"
he said. He added that, apart from a short delay,
typically a week or so before the card can be shipped to
the customer, there is usually no problem.


Reader Contact: PPCP, tel +44-181-893-2277, fax
+44-181-893-1182, Internet e-mail
100302.1470 at compuserve.com/PPCP950905/PHOTO)

------