Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!zaphod.mps.ohio-state.edu!unix.cis.pitt.edu!dsinc!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw From: dittrich@milton.u.washington.edu (Dave Dittrich) Newsgroups: comp.virus Subject: Re: Report calls for National Conputer Security Standards Message-ID: <0008.9012141904.AA27940@ubu.cert.sei.cmu.edu> Date: 13 Dec 90 17:39:14 GMT Sender: Virus Discussion List Lines: 95 Approved: krvw@sei.cmu.edu DAVID@SIMSC.BITNET (David Bridge, MSC VAX System Manager) writes: >Front page story, Washington Post, December 6, 1990 (cont. on page 11). > >"Computers Vulnerable, Panel Warns >Networks Susceptible to hackers, accidents. > > (stuff about the article and quotes from report deleted) > >Does anyone have the full title of the report and length ? >Where can a copy of the report be obtained ? > (address, cost, etc.) The Government Accounting Office (the investigative arm of the Congress) recently released a report on computer security. It was made available on the Internet, although for the life of me I cannot remember where I found it. I could not find the quotes that were mentioned in Davids post, but have included the contents page from the report to describe what it contains. It may be of interest anyway to those that have not already seen it. The report is 112962 bytes in length, so I will only post it if there is sufficent interest. (I'll let the moderator be the judge of "sufficent interest"). - ------------------ Excerpt from report follows ----------------- United States General Accounting Office GAO Report to the Chairman, Subcommittee on Telecommunications and Finance, Committee on Energy and Commerce House of Representatives June 1989 COMPUTER SECURITY Virus Highlights Need for improved Internet Management GAO/IMTEC-89-57 Contents Page EXECUTIVE SUMMARY 2 CHAPTER 1 INTRODUCTION 10 Internet Evolves From 10 an Experimental Network Rapid Growth of the Internet 12 Management in a Decentralized 12 Environment Future of the Internet 14 Internet Virus Spread Over 15 Networks to Vulnerable Computers Objectives, Scope, and 17 Methodology 2 VIRUS FOCUSES ATTENTION ON 19 INTERNET VULNERABILITIES Impact of Virus 19 Vulnerabilities Highlighted 20 by Virus Actions Taken in Response 26 to Virus Conclusions 28 Recommendation 30 3 FACTORS HINDERING PROSECUTION 32 OF COMPUTER VIRUS CASES No Statute Specifically 32 Directed at Viruses Technical Nature of Virus- 34 Type Incidents May Hinder Prosecution Proposed Legislation on 35 Computer Viruses and Related Offenses Conclusions 36 APPENDIXES APPENDIX I History of Computer Viruses 37 APPENDIX II Research Aimed at Improving 43 Computer and Open Network Security APPENDIX III Major Contributors to This Report 49 - ------------------------ End of excerpt ------------------------ - -- Dave Dittrich Dept. of Chemistry BG-10, University of Washington, Seattle, WA 98195 dittrich@u.washington.edu ...!uw-beaver!u.washington.edu!dittrich "Teachers are the only profession that teach our children." Dan Quayle