On Sat, Jun 15, 2002 at 02:15:47AM -0400, Sean Donelan wrote:
On Fri, 14 Jun 2002, Robert Mathews wrote:
The National Infrastructure Protection Board's Debbie Weierman notes that her agency has been collaborating with experts from the NSA, the Federal Computer Incident Response Center, CERT, private groups, and others since March to see how widespread the ASN.1 flaw is.
I'm certain the best people are working on this, but once again Steve Bellovin scooped them all nearly a decade ago.
"So severe are the potential ramifications of widespread ASN.1 security holes, that President Bush was personally briefed on the matter..." -- http://online.securityfocus.com/news/474 can you say "War on Open Standards?" yikes! same article: "Howard Schmidt, former Microsoft security chief and newly-appointed vice chairman of the President's Critical Infrastructure Protection Board..." yep, the Critical Infrastructure needs to be overseen by the same people who brought us the Outlook Virus Launch Platform, and the Internet Information Server/Virus Incubator. -- [ Jim Mercer jim@reptiles.org +1 416 410-5633 ] [ I want to live forever, or die trying. ]