U.S. Govt. Offers Computer Security Alerts By E-mail

SilentSage writes "The U.S. Dept. of Homeland Security is offering e-mail alerts on major virus outbreaks and other Internet attacks. The article found here says 'Anyone who signs up with the new National Cyber Alert System will receive e-mails about major virus outbreaks and other Internet attacks as they occur, along with detailed instructions to help computer users protect themselves.'"

The site

[macx666]

None of those seem to provide a link to the US-Cert site that has the link, so here:

US Cert

Re:The site

[Asprin]

Thank you for posting that, but Ugh! How can Yahoo!/AP run a news article about a web site that links everything **EXCEPT** the web site?! These bozos just don't understand "teh intarnet"!

Re:The site

Additionally, once you get to the site, it's a little tricky to figure out how to sign up and which one to sign up for.

Let me clarify, it's not that bad and it can be figured out. Howewever, it's going to be beyond the people who still don't comprehend 'don't open attachments you don't trust'.

Re:The site

[isaac]

Thank you for posting that, but Ugh! How can Yahoo!/AP run a news article about a web site that links everything **EXCEPT** the web site?! These bozos just don't understand "teh intarnet"!

Because you might click the link and leave their site. Then they can't rack up more ad impressions from your visit.

They understand teh intarnet quite well; certainly well enough to understand how little most of their readers understand it. Why would they provide a link when at the very least they could show a few more ads on their search pages should the reader decide to search for the site. I've met plenty of people who didn't know you could type an address directly into the URL bar before I told them.

-Isaac

I wonder what's worse?

[HawkPilot]

I wonder what's worse, The internet traffic that the virus or worm generates or the email advisories.

I still get emails saying that if I get a message with such-and-such in the subject to delete the email immeadiatly. And I get these from well meaning friends and family. Imagine how many of these alerts will be forwarded on because they have the authority of the Homeland Security Department behind it.

Re:I wonder what's worse?

And I wouldn't worry about the traffic aspect of it, I heard that they will cut down on it by merging the virus and the advisories into one the email ... "It doesn't matter that we might impact the lives of innocent civilians, as long as we get the evil doers", they said ...

Re:I wonder what's worse?

[jhoffoss]

So send an email to all your family members now, tell them to sign up, and both ignore fowarded and stop forwarding "virus" warnings. And turn off HTML reading in Outlook/Express at the same time.

I'm annoyed to no end when I get emails like those you mention, but at least my parents are [somewhat] aware of the risks present. I'd rather have these warnings than copies of the latest and greatest virus sent to me because I'm in their address book.

Dont' do it!

[SpaceLifeForm]

Eventually, you will just get more spam.

Re:Dont' do it!

Exactly. Once you "opt-in" to this, you are now "doing business with" the government. Which means they can use your adress with any other part of government to spam the hell out of you. And, since the government "does business with" every company and corporation and individual (everyone has to pay taxes), then they could give this info out to everyone in the world under the guise of "business relations".

Not to mention, there will probably be a webbug in the alert emails, so that they can periodically track a user's email address to an IP on a regular basis and - probably - use that to subvert your machine (remember, Symantec refusing to catch and remove the government's "green lantern" trojan?).

This is a great way to get your machine pwned by the us government.

Re:Dont' do it!

[bobv-pillars-net]

Hello.

I'm from the government, and I'm here to help you...

.

..

...

BWAAAAHAAAAHAAHAHAHAHhahahahhahaaaahooo!

(sorry; just couldn't hold it any longer.)

Feh

[the+Man+in+Black]

I give it a week before someone spoofs one of these e-mails and uses it to propagate a tasty new kind of e-mail virus.

But then, I'm a cynic.

Re:Feh

[McAddress]

forget propagating an email virus.

Dear Stupid computer user:

There is a new email virus going around named kernel32.dll . Having this infected file on your harddrive will allow anyone on the internet ot see your data. In order to protect yourself, delete this file immidiately. if you computer does not allow you to delete this file directly, oyu must logout of windows in MS-DOS and type the followiing: format C: . Thank you for helping stamp out this virus.

Tom Ridge

Or if they want to get access to your files, they can instruct people to open ports, and everyone would do it.

this is such a damn stupid idea.

This will go south quickly....

[AtariAmarok]

How long before there are spams that LOOK like these official notices, with "click here to get rid of virus" links that go to those Norton Antivirus sales scams?

How long before the first one with a return address of "Tom Rigde" arrives in your inbox.

Re:This will go south quickly....

[dcocos]

or worse yet Tom Ridge

Um...

Considering the US government probably outsources most of this type of work - and the government is.. well.. slow as it is... wouldn't it make more sense to get your security alerts from Symantec, bugtraq, etc etc?

You really want to trust a govt employee for this?

I've been on a govt IT contract for a couple years now and have yet to find 10 people who care about or know what they are doing. The people in charge have no clue and just happen to be the ones who have been there the longest. Its a wonder anything gets done. Another contractor and I have been talking about putting one of those wildlife transponders on one govt employee just to see where he spends his entire day. I see him in the morning for 30 secs when he hangs up his coat then you'll find him in the break room with the coffee pot, or standing at another guys desk talking, or just sitting outside smoking a cigarette. Or there is the guy who sits across from me and openly looks at the "Adult" personals I asked him if he was afraid of being fired the other day and he said the union wouldnt let it happen a manager tried a while ago.
Lets just say I'm not to happen about how my tax money is being spent.
Security is a joke in the govt. There are still groups who are installing that secret squirrel sendmail patch the govt supposedly installed before releasing it to the world.

Outsourced?

[AtariAmarok]

Considering the US government probably outsources most of this type of work

Now, if only it were outsourced to Finland:

"SECURITY ALERT - Your computer is running Windows. You are advised to upgrade to a version of Linux immediately. Sincerely, Linus."

CERT Advisory List

[daeley]

There was a notice sent out today on the CERT Advisories list that talks about a new cooperative effort between them and the DHS. Excerpt:

As many of you are aware, a few months ago the CERT Coordination Center
(CERT/CC) announced a new partnership with the Department of Homeland
Security's National Cyber Security Division (NCSD) to form a response
system for our nation and the Internet infrastructure. While this new
partnership, known as US-CERT, has been low key, we have been working
aggressively to upgrade our capabilities.

We are pleased to announce significant changes to CERT Advisories that
will not only maintain the accuracy and fairness that are the hallmarks of
CERT Advisories, but will also provide more information about more topics
than before. Beginning January 28, 2004, CERT Advisories will become a
core component of US-CERT's Technical Cyber Security Alerts. Significant
changes behind the scenes will allow us to provide additional content, in
a more timely fashion, to a larger audience.

My understanding based on the email is that there will be three lists: two for non-technical users (alerts and tips), and one for tech/security professionals. If you are already subscribed to the CERT Advisories list, apparently you will be automatically added to that last one, which is called "Cyber Security Bulletins" and will be biweekly.

Re:CERT Advisory List

[SpaceLifeForm]

Biweekly? What's the point of that?

Watch for the bulletin about MyDoom next week.

Re:CERT Advisory List

[daeley]

I could be wrong, but my impression is that it's biweekly + bulletins-as-necessary. I could be wrong, but I think that's what's up.

Re:CERT Advisory List

[Michael+Duggan]

Looking at the US-CERT website, it looks like there are actually four lists on their National Cyber Advisory System page. Two are technical, and two are not.

One of the technical lists appears to be trying to disseminate timely information, and the other has bi-weekly summaries. The non-technical lists look like they mirror the above, approximately.

Who Are These People

[DynaSoar]

... and why should I trust what they say? My prior experience with the NIPC was that they were way behind the learning curve as well as any useful time frame? Can someone point out some independent evidence saying it's worth my time to listen to these people? I'm sure their own site says so, but if I read that there I'd probably just laugh.

Cynical? If that's what you want to call it. I call it ex-federal employee.

What's wrong with the existing sources?

[xheliox]

I think I'd much rather get my security alerts from SecurityFocus, BugTraq, and other more independent sources. I suspect the US government doesn't have a worthy full disclosure policy. ;) ... but call me paranoid.

Re:You really want to trust a govt employee for th

1. Or there is the guy who sits across from me and openly looks at the "Adult" personals I asked him if he was afraid of being fired the other day and he said the union wouldnt let it happen a manager tried a while ago.

You _can_ fire someone with a government job...it's just damn difficult. If the person is not a young to middle-aged white male with no physical ailments, the job is harder.

To fire someone, you have to document months and months of abuse by the employee. After that point, you still have to deal with an arbitration board.

The smart managers -- in governement or not -- will brag about how great and critical the lazy SOB is to a sniping manager...and the other manager will "steal" the bad employee away! YAAAAH! This keeps the other manager from sniping as many people and has the bonus of getting rid of someone that wasn't wanted anyway!

You Have New Mail

[Flwyd]

5 New Messages:
{Virus} Hello
{Virus} TEST
{Virus} hi
{Virus} Hello
Homeland Security Warning: New Virus Spreading

Re:You really want to trust a govt employee for th

SSShhh! If Federal employees did work there would be no contractors -- and you would be in the unemployment office standing in the "IT Jobs That Didn't Go To India Yet" line.

National Cyber Alert System?

[girth]

Leave it to our goverment to use dated terminology.

What we need now are new duck and cover drills.

Just what we need

[Strange+Ranger]

SECURITY ALERT:We have been receiving unspecified reports of increased virus activity on the Internet. We are advising that all recipients maintain a Mauve state of alert.

Please stay alert for updates as more detailed information becomes available. Be aware that we may decide to raise the alert level to Chartreuse.

Please enable Active X, Java scripting, non-encrypted forms, and form redirection and click here for detailed information on the Mauve and Chartreuse Alert Levels.

In compliance with Act S.877 please click here to remove yourself from our mailing list.

This email best viewed in Microsoft Outlook or Outlook Express.

Re:You really want to trust a govt employee for th

[Scaba]

So you're saying you work with George Bush and sit across from John Ashcroft (who swears it's only research)?

Dumbasses

[b00m3rang]

I can't believe their site uses the term "cyber security". Can't we finally let the prefix "cyber" die, along with eAnything, iAnything, and anything EXTREME? That'd be great.

ummm... three things

[imsmith]

First, why can't they just set up an RSS or ATOM feed so that the news can be syndicated? And toss in the current threat condition while they're at it.

Second, why is the DHS better than CERT? Anything the US gov is going to know first isn't likely to be released to the masses.

Third, why do I need to give you my e-mail address, can't you just use Echelon and the various IE vulns to insert a message onto my desktop?

Bah, I already get

tons of security warnings from the Microsoft Security Dept and Paypal!

New Virus Alert from your friendly Homeland Sec.

[loadedgeek]

A new virus has been discovered. To prevent the evil virus from getting in your system download this application.

Click here for "carnivore junior.exe"
oops I mean "patch.exe"

So...

[kommakazi]

...now just watch as the next big virus will attempt to emulate an e-mail from this gov't project, easily suckering in more people...

Will somebody pleaseee subscribe?

[wilec]

Will somebody pleaseee subscribe to the Homeland Security CyberAlert service? Just in case these people ever get anything right you can post it here for the rest of us. Plus I expect the typical "duct tape" fare would be entertaining as well. I would do it myself but I'm probably already on one of thier lists anyway (see hypersynergy.com). Matt

timeliness

[martin]

I hope their alerts are better than their mojordomo subscription requests.

It took 15 hours to get back the initial confirmation email after sending a subsciption request.

Goodness knows allow long the confirmation will take to process.

Don't click this link on IE!

As with any link, a security concious IE user must manually type it on the address bar.