Upload
philip-hill
View
212
Download
0
Embed Size (px)
Citation preview
Vol. 11, No. 7, Page 2
NEWS
UNIX SECRET AT GCHQ
Two months ago we carried news of Hackman: an encyclopedic catalogue of Unix
operating systems weaknesses that hackers
could exploit. In the same issue we reported on the Arpanet virus attack which exploited
three security flaws on a Unix network and resulted in widespread infection. Now comes
the report that the UK Government Communications Headquarters is to become the largest Unix mainframe installation
nationally and will use an Amdahl5990 1400
machine.
It is the security of Unix which has been in
doubt. But there are secure versions of Unix available corresponding to various levels of
security defined by the US Department of
Defence’s Orange Book. Amdahl is purported
to be the supplier of Unix for the project and it
has a version, UTS, which combined with
Boks, software devised by the Swedish
company Dynasoft, is mandatory for Unix
systems used by the Swedish government. Amdahl Europe claims it is equivalent to most
of the C2 requirements in the Orange Book.
This is not to say that a more secure
system could not be devised for special
customers. IBM has for example devised a Bl
level system of its version, Xenix.
Of course Unix is not new to government
systems. In fact these are probably already
the largest market due to the portability of applications running under it and the fact that
users can combine equipment from many
different manufacturers. It is a major player in
the open systems dream.
Nevertheless Unix has been tainted with the label of being insecure especially in academica where administrators are for ever coping with students eager to discover how to
hack.
If there was truth in this accusation it
would be surprising to see the operating
system used for some of the most sensitive of
government work. But this begs the question
of whetfier the repot-l itself is true.
According to the report GCHQ made its first step towards Unix by using Uniplex office automation software which can run on IBM
6150 machines. It is however likely such an
organization would have developed expertise in the operating system before the 6150 came
out in 1985 if only to keep open the options
available to it.
Since that time the question of which
fourth generation language and relational
database system should be used has haunted
the more progressive members of the user community.
GCHQ took more than a passing interest in the Oracle database in attending the Oracle. European User Conference in April 1986. Incidentally it was at this event that the company’s founder and president Larry Ellison announced that its largest user was the US Central Intelligence Agency. So one product has already openly proved itself in the intelligence community. Significantly there is a Unix version of Oracle but whether it is now in use at GCHQ is mere speculation.
What remains most astounding is not so much the choice of Unix in the light of criticism of the operating system by uninformed sources but more that the report has been published at all.
FRENCH ROUNDUP
The two bankers’ card organizations in
France, GIE Cartes Bancaires and GIE Carte Bleue, have announced significant reductions
in fraud from a level of 0.21% to 0.16% last year. This is due to better prevention, detection and repression of fraud, according to the companies. In December 1988, two important fraud networks were dismantled. The first was the arrest in Amiens of six people
COMPUTER FRAUD & 01989 Elsevier Science Publkbers Ltd., England./89&0.00 + 2.20 No part of this publication ma be re roduced, stored in a retrieval s stem, or transmitted by any form or
SECURITY BULLETIN bi any means, electronic, mecianic$ photocopying, recording or o x. envrsc, wthout the pnor permission o the publishers. (Readers in the U.S.A.- plea% see special regulations listed on back cover.)
Vol. 11, No. 7, Page 3
including a computer programmer working for Bull. At his home, police discovered about 5000 cards together with an ATM manufactured by Bull. The second involving the arrest of eight people uncovered a clandestine workshop including a gilding machine, stamping machine, encoding machine and dozens of authentic Cartes Bleues.
French company Hexale has developed new security software called Chargeur. It is claimed to protect any software working on PC or compatibles executed by the Microphar key and Cryptage. Many government and scientific establishments have opted for the system which will verify the existence of other
programmes in memory; reinitiate all vectors of interruption; verify the conformity of ROM BIOS and the conformity of the operating system being executed; verify the conformity
of the software being executed; protect pass words, and protect against the introduction of software generating erroneous results. Its price is Ffr 7500 without tax.
A new security processor Scytale will be launched on the French market in May.
Developed by Logical Assistance and Copemique, it intergrates the functions of the Scytale software to the Diram disk-drive
processors produced by Copernique. Security is through coding of confidential information stored on the disks. Copemique is working on making the unit portable. For the moment, it will only work with Bull DPS6 computers.
Price will be Ffr 150 000 before tax.
A survey of over 200 French companies
has shown a high level of computer crime not hitherto imagined.
The Centre d’Etudes Socio-Economiques asked 210 companies to answer a questionnaire which indicated that 15% of the companies had been victims of criminal
actions linked to computers in the last three years.
For half of the companies, the danger came from inside the firm.
Two out of three companies having suffered an attack took no action subsequently.
Seven out of ten companies reported that they knew of the January 1988 law (Law Number 88-19, see CF.93 Vol. 10, No. 6,
Page 3) relating to the suppression of computer fraud and half of these claimed they knew it in detail.
The companies questioned listed problems in the fight against computer crime in the following order: organizational problems, human problems and finally technical problems.
Philip Hill
ANTI-VIRUS PRODUCTS
Dr Fred Cohen, the computer virus expert, has developed a set of tools called ASP (Advanced System Protection) to prevent the effects of viruses. ASP protects the PC boot block, interrupt table, system files, program
files and data files. It uses a cryptographic checksum to ensure integrity. Any attempts to modify the protected system are quickly recognized and dealt with.
ASP operates at three levels. It can be implemented by the user to check specified
areas and files to ensure they have not been altered since the last check was made. It can be integrated into a normal working environment to ensure that system and
program checks are made before and after program execution. It can be implemented as a DOS shell to ensure all programs are executed from within the shell environment
and are automatically checked. Data files are also checked.
The set of tools will run on PCs, minis, mainframes and local area networks.
COMPUTER FRAUD & SECURITY BULLETIN
01989 Elsevier Science Pubkhers Ltd., Engiaod./89/$0.00 + 2.20 be re No part of this publicat+ ma educed, stored in a retrieval s stem, or transmiti by any form or
bp my ~~s,~l=~~lc, mpciaic$ photocopying, recording or o x . envtsc, without the pnor permission o the pubhshrs. (Readers m the U.S.A.- please see special regulations listed on back cover.)