The DMZ, Issue 1
This is the first of many Demilitarized Zone newsletters you can expect that will enlighten you in many areas of security, from personal security and privacy concerns to commercial information security issues, and the legal issues surrounding them. You can expect in each issue the latest industry news, a Food for Thought article, and Product News section that details developments and change at stevengould.org.

Demilitarized Zone Newsletter

Issue date October 2007


Note to readers: This is the first of many Demilitarized Zone newsletters you can expect that will enlighten you in many areas of security, from personal security and privacy concerns to commercial information security issues, and the legal issues surrounding them. You can expect in each issue the latest industry news, a Food for Thought article, and Product News section that details developments and change at stevengould.org.

Your input and feedback is welcomed. So, please take our new poll to cast your vote for the next Food for Thought topic. 

This newsletter is available directly through the stevengould.org Web site, via e-mail subscription and soon via Really Simple Syndication (i.e. an RSS feed), which automatically updates content for you through your Web browser.


In this issue:



News and Updates

Web site 

You may have noticed that the stevengould.org web site has undergone some major changes over the past few months. This is part of our overall effort to bring you, our loyal fans and customers, better products and services. These improvements will continue over the coming months.

Discussion forums 

Our discussion forums have been hit by spammers - an on-going problem - and we've done our best to quickly remove any such spam postings. To this end, we've implemented various anti-spam measures designed to keep the "bad guys" out and let genuine users in. The good news is that these anti-spam measures seem to be working pretty well and the administration of the forums is taking up less of our time - allowing us to focus on bringing your more of what you want from this site.

E-mail 

We've also installed and configured SpamAssassin to help filter out spam from our e-mail servers. This too is helping us better serve you.


Food for Thought

Information Warfare:

What is it and why should you care?


By Shari L. Gould

Some in the information security field say you should keep your friends close and your enemies closer. You also need to know your enemy better than you know yourself. Information warfare is a phrase you may not be familiar with if you aren’t a security expert, but the threat is real to everyone, personally and commercially.

Information warfare can be defined as the battle over the protection of and/or retrieval of information that is secret, critical and private in nature, requiring a high level of security.  Information can be critical and highly sensitive in many different environments and affect a variety of groups of people, some on a larger scale than others. Everyone should care about this type of information warfare, because any one of us could fall victim to this type of attack.  You need to know how to protect yourself.

At a national level a person can work on behalf of the United States government retrieving information from the enemy in another country.  That person is responsible for filtering information back to the U.S. government for intelligence, but what if that person sympathizes with the enemy and feeds inaccurate information back to the U.S.?  Great care must be taken to ensure information is entrusted to people of integrity, as there always is some level of human interaction involved with information retrieval and preservation.  While this type of attack on information security is not readily known to the general public, it affects everyone in the grand scheme of things.

On a smaller scale, but no less significant, personal information like social security numbers and credit card numbers that reside on computer systems in numerous environments often are not protected securely enough against hackers.  Identity theft has become a very real issue to everyone, yet private information such as this can easily fall into the wrong hands. 

When information being retrieved comes from, or information being protected resides on computer systems, defending against information warfare takes on a new level of mystery and significance.  People may never know who their attackers are, or the kind of attack being waged against them until it’s too late, in some situations. 

Investigators that track cybercriminals also must be trained to follow the electronic trail that they inevitably leave behind.  So, in some ways, they are easier to trace than traditional types of crimes.  Other issues arise, however, such as jurisdiction.  If a criminal is stealing account numbers from U.S. citizens, yet lives in Russia, how is that person to be tracked down, arrested and prosecuted?  Many other legal issues come into play in cybercrimes that authorities and security professionals at all levels must face.

As such, information warfare is an issue that we all must combat at some level, whether the sought-after information is on a PC at home or in the White House. We all must educate ourselves as to how to protect our computer systems and the confidential data therein.


Latest Security and Privacy News

It doesn't matter what your level of technical expertise is. Maybe you just started using computers a few years ago and simply don't trust them. Maybe you've been using them for years and you're a closet tech geek. Maybe your really are a tech geek. Doesn't matter. Choose our category. We've accommodated all users to make sure you and your assets are protected, either private or commercial. We've done the work for you, so each issue, look for the subhead that calls your name and find out ways to protect yourself, and all that you've worked hard for, against those that want to take you for all you've got.

 Note: If any of the links below do not take you directly to the article, you may need to copy and paste the URL into your Web Browser. Alternatively, you may need to register at PC Magazine and DevX Web sites to access the full articles. Register at http://www.pcmag.com and http://www.devx.com. Then, copy and paste the links into your Web browser. 

For Novice Geeks

We've got your back. Every holiday warrants a greeting card to someone, or so the card companies have convinced us. Online is easier, cheaper, more dangerous.  Recently, those folks that want to know more about you than you're willing to share have posed as greeting card companies to infiltrate your PC with Trojan Horse viruses. Trojan Horses are named as such based on the legendary story. Hackers hide their malware/spyware within an email attachment, quite often. Unsuspecting people click the attachment and your computer is not longer secure. This article tells you about the latest scams you should be aware of: http://blogs.pcmag.com/securitywatch/2007/06/happy_trojan_horse_to_you.php

For Closet Tech Geeks

As staunch Mac supporters, because it's based on the more secure UNIX operating system, we hesitate to bring a potential problem to the forefront. However, the source is credible and requires some acknowledgment for you new iPhone users. PCMag.com's Security Watch gives you the details. Check it out: http://www.pcmag.com/article2/0,1759,2084091,00.asp

For Tech Geeks

Even if you're a Microsoft app developer, it's no secret that you have challenges when developing secure apps for the Microsoft operating system. Add databases to the mix and you have a security challenge that requires a security analyst to remedy, or so it seems. If Microsoft SQL is your database, listen up. DevX.com has a solution for you. Check it out: http://www.devx.com/dotnet/Article/34653

What do you think? 

Now that you've experienced the first issue of The Demilitarized Zone, we want to know what you think. Tell us: newsletters@stevengould.org