× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



# 1 ... this discussion belongs on MIDRANGE NON TECH not MIDRANGE L
Let's move it over there.

MIDRANGE-L is for AS/400 & IBM eServer iSeries & the various non-IBM stuff
that gets connected to it
MIDRANGE NON TECH is for what the heck we midrange people going to do about
the problems of the computer world that get foisted on us by the Microsoft
mentality & other stuff that would not be a problem if the IBM philosophy was
the computer world philosophy

# 2 ... you might be interested in a letter I am working on to send to my
local newspaper ... I append it at the bottom of this post, after what you
said.

We have similar ideas about what should be done.

I want to enlist the non technical end users in this war against computer
criminals ... terrorist is a bit strong of a word to use for them, in the
light of current events ... e-mafia is better ... people who have zero
morality, but know how to do technological trouble.

What is needed is something like the Internet Storm Watch for Virus Creator
Identification & I think law enforcement already has that, except they are
totally overwhelmed.  It is reminiscent of when my employer's union was on
strike, in a community with perhaps 25 cops & 2,500 demonstrators throwing
molotov cocktails, shooting out street lights, planting booby traps on public
highways - except law enforcement is perpetually orewhelmed by volume of
damage done by virus creators.

> From: LKeel@UNARCORACK.com (Lurton Keel)
>  Reply-to:    <A HREF="mailto:midrange-l@midrange.com">
midrange-l@midrange.com</A>
>
>  I think it is time we waged our own war against these programmer
> terrorists.
>  They caused untold costs with their malicious wares.
>
>  We can fight them on 3 fronts.
>
>  1) As conscientious managers, we should ferret out any of our staff that
may
>  be involved in this type of terrorism.  We need to monitor the work of our
>  programmers and look for signs of physiological imbalance.  If we see any
>  signs, we should take immediate action.  Any software development area that
>  helps perpetuate viruses should be held accountable.

>  2) We need to work with the software suppliers such as Microsoft, to let
>  them know when we uncover possible security breaches.  I know it is great
to
>  discover a hole and spread the word to the outside world but that fame is
>  not worth the costs to others.  I hate to read email about how
such-and-such
>  discovered a way to breach security.  I would much rather get a security
>  patch from the vendor that just says "Apply this immediately."

>  3) I know this one is pretty far out, but considering the costs it is
>  probably time to look, again, at network stations for the masses of our
>  users.  I know in a couple of situations where Nimda was brought in from
>  outside the office.  If our mass of users didn't have access to floppy
>  drives, cd roms and even hard drives, the proliferation and cleaning of
>  these viruses would be minimized.

Background
Local newspaper has regular Sunday SoapBoxes where they announce a bit in
advance what the topic will be & invite people on that topic.
When there is heavy interest, the overflow shows up in Letters page in the
days that follow.
Oct 7 will print a selection sent by Oct 2 on the topic of
What is in airline industry's future?
250 words or less preferred, unless we REALLY GOOD
Well I will write my BS first, then see what the word count comes to
& in all probability there will be something here that I should not be saying
which will lead to how much needs to come out

There are 3 questions they invite us to answer - any or all
Do we support government bailout of airline industry?
What type of improvements do we support for Airport Security?
During the Gulf War, the airline industry was hit by a fear of flying.
(no kidding? I not remember that.)
Did these hijackings change your plans to fly again?

So here goes

As an occasional air traveler, I witness glaring holes in airline security,
big enough to deliver weapons of mass destruction anywhere in North America.
Bin Lade's network already has WMD according to the article
http://www.newsoftheworld.co.uk/news/4321337

We have learned from very recent history that it does not pay to publicly
share news of holes in US security.  The 1993 car bombing of WTC did not do
much damage & the news media explained to all of us why, and what it takes to
seriously damage WTC.  Sep 11, the Hijackers followed the news media
blueprint to WTC destruction, reminding us all of the World War Two Rule of
Thumb "Loose Lips Sink Ships."

The hacker community follows this dictum religiously.
Some computer professional finds a flaw in some software product.
Proper authorities are notified.
Proper authorities appear to ignore the warning.
Some weeks later, a security alert is sent to everyone.
Most corporations are overwhelmed in alerts - which of these apply to us? -
so there is a general failure to take proper precautions.
A lot of what the software vendors send out are flawed, not properly tested,
so each company has to spend a large chunk of time figuring out what works &
what does not - cannot just load every patch send by software vendors.
Also end users continually open attachments, without thinking, or operate
home computers without firewalls, or even without current anti-virus
protection.
Juvenile Delinquents use the publicized information to write a computer
virus, worm, or whatever.
250,000 computers get damaged.
The hacker community has the temerity to tell us they doing us a favor, by
publicizing this security flaw that the proper authorities had not been
paying proper attention to getting fixed.

By that reasoning, the hijackers did us all a favor by publicizing some holes
in national security, and the news media did us a favor by telling the
terrorists how to do it.

Well, I reject that philosophy.
When we see a security hole, our duty is to notify the proper authorities,
then stop, do not practice LOOSE LIPS SINK AMERICA.  If the proper
authorities fail to act on our warnings, that is their responsibility, we
have done our duty.  We do not need to help the terrorists to make some point.

I have figured out inexpensive solutions to a multitude of security holes.
I have sent them in to the FBI, along with 100,000 other tipsters.
I also sent them in to the Gore Commission on Terrorism at the time of the
TWA 800 disaster, the Olympic Bombing, and various other national crises.

My solutions include:
inexpensive ways to improve airport security without being disruptive to our
economy or the constitution;
a huge dent in the national epidemic of kidnapped children and missing adults;
significantly less luggage lost or misplaced by the airlines;
rapid identification of individuals traveling on stolen documentation;
close those holes that are now wide open for WMD;
and other stuff.

I would be happy to share a copy of what I sent the FBI & Commission on
Terrorism with any law enforcement people ... given the huge number of people
sending in tips, I would not be surprised if mine gets ignored.  I just do
not want my blueprints to be in the news paper being used by the next wave of
terrorists.

Now for other readers who are frustrated about all this.
What can we do?

Well get on the internet & visit
http://www.skirsch.com/politics/plane/disable.htm

This is a compendium of thousands of suggestions that people have made, that
would have frustrated the methods used in the 9/11 attacks.
The essays here allege that current security still is not doing that.
In addition these suggestions achieve good security without inconveniencing
passengers, free trade, or damage our economy, and can be implemented right
now at very low cost.  But it is not going to happen until enough airline
passengers demand that something like this be done.

Read the suggestions & contribute ideas how to improve them even more.

Also visit
http://www.radium.ncsc.mil/tpep/epl/epl-by-vendor.html

This is a compendium of computer systems that meet the highest security
standards of the US Department of Defense & the military of many other
nations.
Many of them are quite affordable to ordinary businesses.
The site has instructions how to harden your computer system, if it is on
this list, so that you do not have to put up with the kind of nonsense that
the news media & computer trade press is filled with, like risk of viruses &
worms.
Now ask your business, or employer, or school ... do we have a system that is
on this list & have we protected ourselves the way they advise, and if not,
why not?

If you have a firewall on your computer, you know that the world is full of
hackers & victims of hackers.  There must be a few thousand of them in
Evansville Indiana alone.  Visit the Internet Storm Watch Project
http://www.incidents.org/isw/iswp.php

Arrangements have been made so that your firewall can send its logs here.
They can handle logs from hundreds of thousands of different people
firewalls.  Their software analyses the logs to identify where the hackers
are coming from, and take appropriate action to put them out of business.
This only works if a lot of people know about this sort of thing and
participate..

After all these more critical problems have been solved, we can then turn our
attention to the smaller nuisances & put the spammers in the slammers,
especially those who think children are good customers for pornography, and
also perhaps do something about these hoaxters.

MacWheel99@aol.com (Alister Wm Macintyre) (Al Mac)



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.