Articles
Writers

Computer Security Weekly, May 17, 1999


© Robert Slade

May 17, 1999


And, in the ongoing saga of the attempt to make absolutely every computer object infective, the world now has a Corel Draw macro virus. This probably will not have any major impact, but you can check out one dissection of it here.
The European Parliament has passed a new law which requires Internet service providers and telephone companies to provide law-enforcement agencies with full-time, real-time access to Internet transmissions, even those traversing along multiple networks. The requirement will be essentially impossible to implement with dynamic re-routing, one of the concepts at the heart of the Internet Protocols, and the one that gives the Internet its strength and reliability.
A report suggests that the recent legislation regarding wiretaps and encryption key provision in the US, Australia, and the EU, is attributable to lobbying by a little known law enforcement group called ILETS.
For those wanting more information on TWINKLE, mentioned briefly here last week, there is another article here and you can get a copy of the paper from RSA or at http://jya.com/twinkle.eps and http://jya.com/twinkle.zip
A bug in the version of Outlook Express delivered with Windows 98 will essentially hang the program. When the program is dealing with mail from a POP server (the most common situation), and on the occurrence of certain text in the body of the message, Outlook thinks it is back in command mode, and tries to interpret the remaining text as commands, generally failing. Since this happens while the mail is being downloaded, the offending message never does get removed from the server, and the problem continues. The only way to deal with the issue is to read and remove the mail with another mailer, such as Eudora or Pegasus. While you're at it, this might be a good time to simply switch to Pegasus ...)
Even though this doesn't seem to be a serious problem, you are probably going to hear a lot about it. Therefore, I guess I should deal with it.

First, the background. Something called "Russian New Year" uses an interesting mechanism. It is being referred to as an HTML virus. The description is rather misleading: the mechanism is more of a trojan than a virus, and it has little to do with HTML.

What Russian New Year does is to attempt to load, from a Web page (hence the reference to HTML), a Microsoft Excel file. The Excel file contains a CALL function. The CALL function, as has been described here earlier, can basically call any function on your computer. If your browser accepts Excel as a "helper" program, the file may load, and the CALL function may execute, without any further action on your part.

Go To Page: 1 2


The copyright of the article Computer Security Weekly, May 17, 1999 in Computer Security is owned by . Permission to republish Computer Security Weekly, May 17, 1999 in print or online must be granted by the author in writing.

Post this Article to facebook Add this Article to del.icio.us! Digg this Article furl this Article Add this Article to Reddit Add this Article to Technorati Add this Article to Newsvine Add this Article to Windows Live Add this Article to Yahoo Add this Article to StumbleUpon Add this Article to BlinkLists Add this Article to Spurl Add this Article to Google Add this Article to Ask Add this Article to Squidoo




about us Limelight Blog freelance writing jobs careers press room Site Map Terms & Conditions Privacy Policy