Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Strategies & Market Trends : Graham and Doddsville -- Value Investing In The New Era -- Ignore unavailable to you. Want to Upgrade?

To: porcupine --''''> who wrote (656)	8/25/1998 7:08:00 AM
From: porcupine --''''>	Respond to of 1722

IBM solves key Internet security hitch By Eric Auchard NEW YORK, Aug 23 (Reuters) - Mathematicians at IBM and a Swiss university say they have developed a new system of securing information against the most aggressive type of attack by computer hackers -- a step seen as resolving concerns about privacy and the integrity of electronic transactions on the Internet. But rather than take what IBM considers to be a fundamental breakthrough and exploit it commercially, the researchers plan to give away their findings for free -- in the hopes of bolstering public confidence in the security of the Internet. The two Zurich-based mathematicians -- Victor Shoup, of IBM Research, and Ronald Cramer, of the Swiss Federal Institute of Technology (ETH) -- plan to unveil on Monday their new security scheme at Crypto '98, the main annual U.S. academic conference devoted to computer security issues, in Santa Barbara, Calif. The team has designed a practical and mathematically proven method for effectively closing off back-door attempts to thwart computer security systems using so-called "active" attacks, according to IBM and other top computer security researchers. All current commercially available cryptography, or secret coding, systems are potentially vulnerable to active attacks, which are considered to be the most aggressive and dangerous hacking attempts any encryption system might face, they said. "Businesses and consumers can have greater confidence in Internet transactions, because we've effectively closed down the only way around a cryptosystem's main line of defense," Jeff Jaffe, general manager for IBM's security products and services, said in a statement announcing the development. Strong modern cryptography systems are based upon really difficult mathematical problems that are thought to be unsolvable. If the underlying problem of such a security can be solved, then the cryptosystem's security could be violated. One means for cracking computer security systems is through "brute force" attacks that throw massive computer resources into attempts to calculate every possible answer to complex math problems. Another method hackers use is what security experts call "social engineering," when, simply put, a hacker manages to trick someone inside an organization into revealing secret codes that allow outsiders to break into a computer system. But "active" attacks are considered to be the most difficult to prevent because they bypass the difficulty of solving the underlying mathematical problem by sending a series of cleverly constructed messages to Web site computers. By analyzing the electronic responses to the messages from the web sites, an attacker could get information that could be used to decode an intercepted session. The Cramer-Shoup method thwarts active attacks by offering the first cryptosystem that prevents eavesdropping while also being efficient enough for commercial use, IBM said. The new system would eliminate a security flaw that allowed a Bell Labs researcher earlier this year to demonstrate how a well-equipped computer hacker could break the encryption software code used for electronic commerce. That discovery had set off a flurry of activity by Netscape Communications Corp. , Microsoft Corp. , and Security Dynamics Technologies Inc.'s RSA Data unit that led to a software patch that fixed the immediate problem. But the Bell Labs development left lingering doubts among security experts about the fundamental integrity of computer networks and suggested future attacks were possible. However, in a phone interview on Friday, Bell Labs researcher Daniel Bleichenbacher said the Cramer-Shoup system had demonstrated a method that was impervious to the sort of attack he had developed and graciously accepted defeat. These theorists are part of a chummy world elite of computer scientists engaged in a collegial competition to discover cracks in networks before criminal hackers do, thus keeping Internet security several steps ahead of the bad guys. Bleichenbacher said his research was complementary to that of the IBM-Swiss university team. "My paper suggested the problem," the Bell Labs researcher said. "I have an attack and they present a solution." For its own part, IBM said it plans to incorporate the new system into a future version of its Vault Registry software, designed to allow electronic commerce transactions to travel across organizational boundaries in a private, secure manner. "The game is over as far as cryptography systems being subject to these nasty kinds of attacks," Charles Campbell Palmer, the manager of network security and cryptography at IBM Research, said in a phone interview. Palmer leads a team of "ethical hackers" who practice breaking into computer systems, with permission, to detect potential security holes. He said IBM plans to freely disseminate its findings to other researchers with the goal of ensuring the success of electronic commerce by making it easier to use and more secure. "This is not the sort of stuff you hold tight and patent," Palmer said. "This is the sort of stuff you publish ... and hope everyone adopts it quickly." The improvement comes at a time when consumers are still concerned about security and the safety of sending personal information, or their credit card numbers, over the Internet. Having secure transactions is crucial for persuading more consumers to buy products on the Internet and keep the burgeoning industry growing. ((-- Eric Auchard, New York newsdesk, 212-859-1840))

To: porcupine --''''> who wrote (656)	8/25/1998 7:16:00 AM
From: porcupine --''''>	Read Replies (1) \| Respond to of 1722

GM's Cadillac DeVille to have night vision WASHINGTON, Aug 20 (Reuters) - General Motors Corp.'s Cadillac division on Thursday unveiled a new night vision system with the same technology the U.S. military used in the Gulf War to improve vision in the dark three to five times. The system creates infrared pictures from the heat energy of objects in view. "It's a tragic fact that the risk of dying in a traffic accident almost doubles during nighttime hours, even though only about one-quarter of driving occurs after dark," said Cadillac general manager John Smith at a special briefing. The night vision system, developed in partnership with Raytheon , is expected to cost about as much as a high-end car stereo system, Smith said. He added that it will first be available in the fall of 1999 in the year 2000 model DeVille. Smith said the company plans to put the system into other vehicles but he declined to give specifics, predicting only that the technology would be placed in 20-25 percent of new vehicles within the next decade. The night vision system is not meant to replace a driver's view out of the windshield but to give additional visual information at night. The images are projected low onto the windshield from a device near the front edge of the car's hood, allowing drivers, at a glance, to see three to five times farther ahead of their low-beam headlamps, even in bad weather. The system is designed to last the lifetime of the vehicle. ((Joanne Morrison, Washington newsroom, +1 202 898-8315, fax +1 202 898-8383, washington.newsroom@reuters.com))