Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

U.S. Govt. Offers Computer Security Alerts By E-mail

timothy posted more than 10 years ago | from the public-sector-v.-public-menace dept.

Security 38

SilentSage writes "The U.S. Dept. of Homeland Security is offering e-mail alerts on major virus outbreaks and other Internet attacks. The article found here says 'Anyone who signs up with the new National Cyber Alert System will receive e-mails about major virus outbreaks and other Internet attacks as they occur, along with detailed instructions to help computer users protect themselves.'"

cancel ×

38 comments

The site (3, Informative)

macx666 (194150) | more than 10 years ago | (#8113643)

None of those seem to provide a link to the US-Cert site that has the link, so here:

US Cert [uscert.gov]

Re:The site (1)

Asprin (545477) | more than 10 years ago | (#8114446)


Thank you for posting that, but Ugh! How can Yahoo!/AP run a news article about a web site that links everything **EXCEPT** the web site?! These bozos just don't understand "teh intarnet"!

Re:The site (0)

Anonymous Coward | more than 10 years ago | (#8114825)

Additionally, once you get to the site, it's a little tricky to figure out how to sign up and which one to sign up for.

Let me clarify, it's not that bad and it can be figured out. Howewever, it's going to be beyond the people who still don't comprehend 'don't open attachments you don't trust'.

Re:The site (1)

isaac (2852) | more than 10 years ago | (#8115683)

Thank you for posting that, but Ugh! How can Yahoo!/AP run a news article about a web site that links everything **EXCEPT** the web site?! These bozos just don't understand "teh intarnet"!

Because you might click the link and leave their site. Then they can't rack up more ad impressions from your visit.

They understand teh intarnet quite well; certainly well enough to understand how little most of their readers understand it. Why would they provide a link when at the very least they could show a few more ads on their search pages should the reader decide to search for the site. I've met plenty of people who didn't know you could type an address directly into the URL bar before I told them.

-Isaac

Don't click this link on IE! (0)

Anonymous Coward | more than 10 years ago | (#8168150)

As with any link, a security concious IE user must manually type it on the address bar.

I wonder what's worse? (4, Insightful)

HawkPilot (730860) | more than 10 years ago | (#8113645)

I wonder what's worse, The internet traffic that the virus or worm generates or the email advisories.

I still get emails saying that if I get a message with such-and-such in the subject to delete the email immeadiatly. And I get these from well meaning friends and family. Imagine how many of these alerts will be forwarded on because they have the authority of the Homeland Security Department behind it.

Re:I wonder what's worse? (0)

Anonymous Coward | more than 10 years ago | (#8113774)

And I wouldn't worry about the traffic aspect of it, I heard that they will cut down on it by merging the virus and the advisories into one the email ... "It doesn't matter that we might impact the lives of innocent civilians, as long as we get the evil doers", they said ...

Re:I wonder what's worse? (1)

jhoffoss (73895) | more than 10 years ago | (#8117296)

So send an email to all your family members now, tell them to sign up, and both ignore fowarded and stop forwarding "virus" warnings. And turn off HTML reading in Outlook/Express at the same time.

I'm annoyed to no end when I get emails like those you mention, but at least my parents are [somewhat] aware of the risks present. I'd rather have these warnings than copies of the latest and greatest virus sent to me because I'm in their address book.

Dont' do it! (3, Insightful)

SpaceLifeForm (228190) | more than 10 years ago | (#8113666)

Eventually, you will just get more spam.

Re:Dont' do it! (1, Insightful)

Anonymous Coward | more than 10 years ago | (#8113772)

Exactly. Once you "opt-in" to this, you are now "doing business with" the government. Which means they can use your adress with any other part of government to spam the hell out of you. And, since the government "does business with" every company and corporation and individual (everyone has to pay taxes), then they could give this info out to everyone in the world under the guise of "business relations".

Not to mention, there will probably be a webbug in the alert emails, so that they can periodically track a user's email address to an IP on a regular basis and - probably - use that to subvert your machine (remember, Symantec refusing to catch and remove the government's "green lantern" trojan?).

This is a great way to get your machine pwned by the us government.

Re:Dont' do it! (1)

bobv-pillars-net (97943) | more than 10 years ago | (#8115894)

Hello.

I'm from the government, and I'm here to help you...

.

..

...

BWAAAAHAAAAHAAHAHAHAHhahahahhahaaaahooo!

(sorry; just couldn't hold it any longer.)

Feh (5, Insightful)

the Man in Black (102634) | more than 10 years ago | (#8113667)

I give it a week before someone spoofs one of these e-mails and uses it to propagate a tasty new kind of e-mail virus.

But then, I'm a cynic.

Re:Feh (1)

McAddress (673660) | more than 10 years ago | (#8116328)

forget propagating an email virus.

Dear Stupid computer user:

There is a new email virus going around named kernel32.dll . Having this infected file on your harddrive will allow anyone on the internet ot see your data. In order to protect yourself, delete this file immidiately. if you computer does not allow you to delete this file directly, oyu must logout of windows in MS-DOS and type the followiing: format C: . Thank you for helping stamp out this virus.

Tom Ridge

Or if they want to get access to your files, they can instruct people to open ports, and everyone would do it.

this is such a damn stupid idea.

This will go south quickly.... (2, Interesting)

AtariAmarok (451306) | more than 10 years ago | (#8113697)

How long before there are spams that LOOK like these official notices, with "click here to get rid of virus" links that go to those Norton Antivirus sales scams?

How long before the first one with a return address of "Tom Rigde" arrives in your inbox.

Re:This will go south quickly.... (1)

dcocos (128532) | more than 10 years ago | (#8113733)

or worse yet Tom Ridge

Um... (0)

Anonymous Coward | more than 10 years ago | (#8113727)

Considering the US government probably outsources most of this type of work - and the government is.. well.. slow as it is... wouldn't it make more sense to get your security alerts from Symantec, bugtraq, etc etc?

Outsourced? (2, Funny)

AtariAmarok (451306) | more than 10 years ago | (#8113808)

Considering the US government probably outsources most of this type of work

Now, if only it were outsourced to Finland:

"SECURITY ALERT - Your computer is running Windows. You are advised to upgrade to a version of Linux immediately. Sincerely, Linus."

You really want to trust a govt employee for this? (1, Insightful)

Anonymous Coward | more than 10 years ago | (#8113773)

I've been on a govt IT contract for a couple years now and have yet to find 10 people who care about or know what they are doing. The people in charge have no clue and just happen to be the ones who have been there the longest. Its a wonder anything gets done. Another contractor and I have been talking about putting one of those wildlife transponders on one govt employee just to see where he spends his entire day. I see him in the morning for 30 secs when he hangs up his coat then you'll find him in the break room with the coffee pot, or standing at another guys desk talking, or just sitting outside smoking a cigarette. Or there is the guy who sits across from me and openly looks at the "Adult" personals I asked him if he was afraid of being fired the other day and he said the union wouldnt let it happen a manager tried a while ago.
Lets just say I'm not to happen about how my tax money is being spent.
Security is a joke in the govt. There are still groups who are installing that secret squirrel sendmail patch the govt supposedly installed before releasing it to the world.

Re:You really want to trust a govt employee for th (0)

Anonymous Coward | more than 10 years ago | (#8114266)

  1. Or there is the guy who sits across from me and openly looks at the "Adult" personals I asked him if he was afraid of being fired the other day and he said the union wouldnt let it happen a manager tried a while ago.

You _can_ fire someone with a government job...it's just damn difficult. If the person is not a young to middle-aged white male with no physical ailments, the job is harder.

To fire someone, you have to document months and months of abuse by the employee. After that point, you still have to deal with an arbitration board.

The smart managers -- in governement or not -- will brag about how great and critical the lazy SOB is to a sniping manager...and the other manager will "steal" the bad employee away! YAAAAH! This keeps the other manager from sniping as many people and has the bonus of getting rid of someone that wasn't wanted anyway!

Re:You really want to trust a govt employee for th (0)

Anonymous Coward | more than 10 years ago | (#8114451)

SSShhh! If Federal employees did work there would be no contractors -- and you would be in the unemployment office standing in the "IT Jobs That Didn't Go To India Yet" line.

Re:You really want to trust a govt employee for th (1)

Scaba (183684) | more than 10 years ago | (#8115159)

So you're saying you work with George Bush [yahoo.com] and sit across from John Ashcroft [washingtontimes.com] (who swears it's only research)?

I'd like to broaden the topic a little... (-1)

johnny_4_president (635478) | more than 10 years ago | (#8113780)

I'd like to broaden the topic a little...

where do the netadmins that troll, pardon me, read, this site get their security alert emails from anyways? are their people doing a great job of this, that we can benchmark homeland security against?

or is the whole concept of having an outside entity alert you worthless, are you better off just checking your servers your darn self, investigating any problems that may arrive?

CERT Advisory List (3, Informative)

daeley (126313) | more than 10 years ago | (#8113811)

There was a notice sent out today on the CERT Advisories list that talks about a new cooperative effort between them and the DHS. Excerpt:

As many of you are aware, a few months ago the CERT Coordination Center
(CERT/CC) announced a new partnership with the Department of Homeland
Security's National Cyber Security Division (NCSD) to form a response
system for our nation and the Internet infrastructure. While this new
partnership, known as US-CERT, has been low key, we have been working
aggressively to upgrade our capabilities.

We are pleased to announce significant changes to CERT Advisories that
will not only maintain the accuracy and fairness that are the hallmarks of
CERT Advisories, but will also provide more information about more topics
than before. Beginning January 28, 2004, CERT Advisories will become a
core component of US-CERT's Technical Cyber Security Alerts. Significant
changes behind the scenes will allow us to provide additional content, in
a more timely fashion, to a larger audience.

My understanding based on the email is that there will be three lists: two for non-technical users (alerts and tips), and one for tech/security professionals. If you are already subscribed to the CERT Advisories list, apparently you will be automatically added to that last one, which is called "Cyber Security Bulletins" and will be biweekly.

Re:CERT Advisory List (1)

SpaceLifeForm (228190) | more than 10 years ago | (#8114261)

Biweekly? What's the point of that?

Watch for the bulletin about MyDoom next week.

Re:CERT Advisory List (1)

daeley (126313) | more than 10 years ago | (#8114742)

I could be wrong, but my impression is that it's biweekly + bulletins-as-necessary. I could be wrong, but I think that's what's up.

Re:CERT Advisory List (1)

Michael Duggan (124223) | more than 10 years ago | (#8116559)

Looking at the US-CERT website [us-cert.gov] , it looks like there are actually four lists on their National Cyber Advisory System [us-cert.gov] page. Two are technical, and two are not.

One of the technical lists appears to be trying to disseminate timely information, and the other has bi-weekly summaries. The non-technical lists look like they mirror the above, approximately.

Who Are These People (2, Interesting)

DynaSoar (714234) | more than 10 years ago | (#8113813)

... and why should I trust what they say? My prior experience with the NIPC was that they were way behind the learning curve as well as any useful time frame? Can someone point out some independent evidence saying it's worth my time to listen to these people? I'm sure their own site says so, but if I read that there I'd probably just laugh.

Cynical? If that's what you want to call it. I call it ex-federal employee.

What's wrong with the existing sources? (1)

xheliox (199548) | more than 10 years ago | (#8113869)

I think I'd much rather get my security alerts from SecurityFocus, BugTraq, and other more independent sources. I suspect the US government doesn't have a worthy full disclosure policy. ;) ... but call me paranoid.

You Have New Mail (2, Insightful)

Flwyd (607088) | more than 10 years ago | (#8114277)

5 New Messages:
{Virus} Hello
{Virus} TEST
{Virus} hi
{Virus} Hello
Homeland Security Warning: New Virus Spreading

National Cyber Alert System? (1)

girth (40643) | more than 10 years ago | (#8114717)

Leave it to our goverment to use dated terminology.

What we need now are new duck and cover drills.

Just what we need (2, Funny)

Strange Ranger (454494) | more than 10 years ago | (#8114889)


SECURITY ALERT:We have been receiving unspecified reports of increased virus activity on the Internet. We are advising that all recipients maintain a Mauve state of alert.

Please stay alert for updates as more detailed information becomes available. Be aware that we may decide to raise the alert level to Chartreuse.

Please enable Active X, Java scripting, non-encrypted forms, and form redirection and click here [whitehouse.gov] for detailed information on the Mauve and Chartreuse Alert Levels.

In compliance with Act S.877 please click here [whitehouse.gov] to remove yourself from our mailing list.

This email best viewed in Microsoft Outlook or Outlook Express.

Dumbasses (1)

b00m3rang (682108) | more than 10 years ago | (#8116654)

I can't believe their site uses the term "cyber security". Can't we finally let the prefix "cyber" die, along with eAnything, iAnything, and anything EXTREME? That'd be great.

ummm... three things (1)

imsmith (239784) | more than 10 years ago | (#8118005)

First, why can't they just set up an RSS or ATOM feed so that the news can be syndicated? And toss in the current threat condition while they're at it.

Second, why is the DHS better than CERT? Anything the US gov is going to know first isn't likely to be released to the masses.

Third, why do I need to give you my e-mail address, can't you just use Echelon and the various IE vulns to insert a message onto my desktop?

Bah, I already get (0)

Anonymous Coward | more than 10 years ago | (#8118633)

tons of security warnings from the Microsoft Security Dept and Paypal!

New Virus Alert from your friendly Homeland Sec. (1)

loadedgeek (344328) | more than 10 years ago | (#8119731)

A new virus has been discovered. To prevent the evil virus from getting in your system download this application.

Click here for "carnivore junior.exe"
oops I mean "patch.exe"

So... (1)

kommakazi (610098) | more than 10 years ago | (#8120579)

...now just watch as the next big virus will attempt to emulate an e-mail from this gov't project, easily suckering in more people...

Will somebody pleaseee subscribe? (1)

wilec (606904) | more than 10 years ago | (#8121144)

Will somebody pleaseee subscribe to the Homeland Security CyberAlert service? Just in case these people ever get anything right you can post it here for the rest of us. Plus I expect the typical "duct tape" fare would be entertaining as well. I would do it myself but I'm probably already on one of thier lists anyway (see hypersynergy.com). Matt

timeliness (1)

martin (1336) | more than 10 years ago | (#8121782)

I hope their alerts are better than their mojordomo subscription requests.

It took 15 hours to get back the initial confirmation email after sending a subsciption request.

Goodness knows allow long the confirmation will take to process.
Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...