Computer Security

Dramatically illustrating the security problems posed by the rapid growth of the Internet computer network, one of the nation's three nuclear weapons labs confirmed yesterday that computer hackers were using its computers to store and distribute hard-core pornography.Embarrassed officials at Lawrence Livermore National Laboratory in Livermore, Calif., which conducts a great deal of classified research and has highly sophisticated security procedures, said the incident was among the most serious breaches of computer security ever at the lab east of San Francisco.

Computer security experts on the alertOn Nov. 2, 1988, Robert Morris, a Cornell University graduate student from Arnold, set loose a "worm" that soon disabled thousands of computers on the Internet, an enormous but loose conglomeration of computers nationwide.Not long afterward, a group of computer security experts meeting at the National Security Agency headquarters at Fort Meade to discuss the disaster laid the groundwork for FIRST, the Forum of Incident Response and Security Teams.FIRST, coordinated out of the National Institute of Standards and Technology offices in Gaithersburg, is a coalition of computer security response teams from both the public and private sectors.

New 'V-Card' attacks computer virusesRemember Michelangelo?Not the painter, the computer virus. It struck personal computers worldwide on March 6, the birthday of the great Renaissance artist, wiping out memory banks from Baltimore to Beijing.Now there's a new type of virus making the rounds.Known as "polymorphics," these pesky viruses inflict varying degrees of damage on computer files. Depending on the version, polymorphic programs can trash files or obliterate them completely.Polymorphics can randomly change their electronic "fingerprints."

As the FBI focuses its vast resources on ferreting out who is behind an unprecedented wave of attacks on high-profile Web sites this week, Internet security experts warn that the incidents may be just the beginning of a cascade of similar or worse attacks aimed at crippling the booming e-commerce industry. The reason, say experts: The tools for invading and disrupting Web sites are growing cunningly sophisticated at an alarming rate. Meanwhile, business executives have -- at least until this week's attacks -- placed spending on network security low on priority lists.

Despite recent alarms about a lack of security on the Internet, computer security experts meeting in Baltimore this week agreed that safe commerce over the worldwide network will be able to go forward in short order with no fundamental changes in its structure.Participants interviewed at the National Information Systems Security Conference yesterday said that strong programs for scrambling messages will make the Internet reasonably -- though not perfectly -- safe for financial transactions despite the fact the system was not built with security in mind.

The Veterans Affairs data analyst responsible for the largest computer breach in government history earned a little bit of redemption yesterday -- but two experts said it may not be enough to prevent his termination. The government-issued laptop and external hard drive stolen from the analyst's Aspen Hill home May 3 were recovered, and the data appeared to be untouched, according to the FBI. In addition, the Associated Press reported that the 34-year veteran of the agency had permission to access and work with large amounts of sensitive data from home -- although not on the machine that was stolen, Tim S. McClain, the VA's general counsel, told a congressional committee.

SAN FRANCISCO -- Aviation officials have quietly notified airports in the United States and Britain that a design flaw in a widely used security system could enable terrorists to gain control of the electronic badges that allow employees with security clearance to enter and leave restricted areas.The computer security experts who discovered the flaw say that the same system, which is made by a small company in Southern California, is frequently used in state prisons, county jails, financial institutions, technology companies, drug companies, county and federal government buildings -- including the CIA -- and by military contractors.

Call it the Son of Netscape.A huge boom following Friday's initial public offering by a Minneapolis computer security firm has resulted in an $80 million paper gain for Grotech Capital Group, as the Timonium venture capital firm surfed the wave of Internet investing and rode Secured Computing Inc. shares from a $16 offering to yesterday's closing price of $55.50.For Grotech, which funded the company when it was spun off by Honeywell Inc. in 1989 and paid a total of $4 million for its 2 million shares, it was a big score even by the standards of the boom-and-bust venture capital business.

OVER THE LAST 20 years, I've spent enough time with computers to conclude that (a) they are really cool and (b) you can't always trust 'em. I'm particularly leery of asking computers to do anything really important, such as running elections, without adult supervision. So I was delighted this week when critics of electronic voting systems won a convincing victory in the continuing battle to keep our elections honest and accurate. The vehicle was a $7.5 million National Science Foundation grant to a group led by Johns Hopkins University researchers who will study electronic voting systems and suggest improvements to make them safer and more reliable.

SANTA ANA, Calif. - Many people who know Nicolas Jacobsen said last week that they were surprised the young man had been accused of hacking into a huge cell phone network that guards millions of private messages. Former neighbors, including some who witnessed his arrest last fall after federal agents arrived at their aging Santa Ana apartment complex, said he was just too bright to do such a thing. "He could talk about politics. He knows about the law," said Victor Gonzalez, 60, a retired construction worker.