~e; EM security issues
From
human being <human@electronetwork.org>
Date
Wed, 31 Jul 2002 13:39:58 -0500
[this story is quoted in full as it demonstrates the
range of issues with everyday electronics, such as PDAs
and cellphones and their potential security issues...]
Agency to Impose Limits on Devices
Wed Jul 31, 5:44 AM ET
By TED BRIDIS, Associated Press Writer
(please see original url for links and more information. ~e.org)
http://story.news.yahoo.com/news?tmpl=story2&cid=528&ncid=528&e=5&u=/ap/20020731/ap_on_go_ca_st_pe/pentagon_hackers_3
WASHINGTON (AP) - The wireless soldier may be getting some new
strings attached.
The Defense Department, concerned that hackers or spies might
eavesdrop on classified meetings or secretly track the locations of
top U.S. officials, is imposing new limits on its workers' use of the
latest generation of wireless devices inside military buildings.
The new rules will outline new restrictions on civilian and military
employees carrying cellular telephones, pagers and handheld computers
while working, even devices that employees bought themselves and
carry for their personal convenience at work, said John P. Stenbit,
the assistant defense secretary for command, control, communications
and intelligence.
Stenbit, who also is the Pentagon ( news - web sites)'s chief
information officer, disclosed the upcoming rules Tuesday after a
technology conference in Washington focusing on security problems of
wireless devices. Stenbit said the new rules would be announced
within a month.
In an earlier speech at the same conference, President Bush ( news -
web sites)'s top cyber-security adviser, Richard Clarke, said the
technology industry was acting irresponsibly by selling wireless
tools such as computer network devices that remain remarkably easy
for hackers to attack.
The industry's most common data-scrambling technique designed to keep
out eavesdroppers, called the wireless encryption protocol, can be
broken - usually in less than five minutes - with software available
on the Internet.
"It is irresponsible to sell a product in a way that can be so easily
misused by a customer in a way that jeopardizes their confidential
and proprietary and sensitive information," Clarke said.
Clarke said government and companies need to explain to consumers
ways to keep their information secure over wireless networks. Some
recommendations will be included in a forthcoming report from the
administration on cyber-security, which currently runs more than
2,800 pages.
Stenbit said the new rules would explain which equipment, such as
handheld Blackberry e-mail devices, may be used in different areas of
military buildings, including the Pentagon. Stenbit has complained to
colleagues about classified meetings being interrupted when
electronic bug-sweepers in specially designed conference rooms detect
the presence of cell phones and handheld computers.
Stenbit exhorts visitors, "Let's lose the devices," said one frequent
meeting participant, speaking on condition of anonymity.
Robert Gorrie, deputy director of the Pentagon's Defense-wide
Information Assurance Program Office, called it "a thorn in my side"
when military officers try to carry handheld wireless devices inside
such classified conference rooms.
Gorrie said the military won't ban wireless gadgets outright because
of their convenience but also won't let workers use them without
clear rules. "That would be a stupid thing to do," he said.
The new policy reflects increasing concerns among security experts
about the latest breed of devices, such as two-way pagers and
wireless network cards for handheld computers. Officials have
previously worried that cell phones, programmed to answer
automatically and with ringers set to silent, could be hidden inside
a conference room and dialed to function as low-tech listening
devices.
The newest wireless devices, which can send and receive e-mails and
even voice messages, also could be misused as eavesdropping devices,
even without the user's knowledge. And since the devices usually
transmit continuously, experts worry they could be used to trace a
particular user's location. They fear, for example, that a two-way
pager assigned to a top Defense Department official could reveal
whenever that person rushes to the Pentagon in the middle of the
night.
"They're recognizing the kinds of threats that are out there," said
Art Matin, president of McAfee Security, a software company. "That
kind of spark will accelerate people's focus on that risk."
Other U.S. agencies already impose some restrictions on wireless
technology. Visitors to the CIA ( news - web sites)'s headquarters
must leave cell phones in the parking lot, and signs warn visitors to
some offices at the National Security Council not to bring cell
phones inside.
Workers at the Defense Intelligence Agency must walk outside the
headquarters building to place a call on a cell phone.
--
copyright 2oo2 AP/Yahoo. fair-use, em educational usage, ~e.org 2oo2.
the electromagnetic internetwork-list
electromagnetism / infrastructure / civilization
archives.openflows.org/electronetwork-l
http://www.electronetwork.org/