Netscape Navigator, once the king of the web-browsing world, rendered its last song with the recent release of version 9.0.0.6 . According to AOL the current owner of the Netscape project, Netscape will no longer be supported from March 1, 2008.  While the eventual demise of the Netscape browser was innevatibale after the brand and the IP were purchased by AOL in 1999 and the spin-off of the Mozillaproject in 2003 which has seen the development of an insurgent, lightweight browser; firefox, the continued relevance of Netscape has been widely debated and the recent new confirms what many have considered inevitable for a while.With the latest release, Netscape users have an opportunity to upgrade to a new version that offers some incremental bug fixes but no guarantee of future support.  Netscape users at Morgan are encouraged to migrate their browsing needs to one of the brands with current vendor support include Internet Explorer, Opera, Firefox and Safari. 

Several US Government agencies have identity theft in their focus mostly because of its impact on consumer confidence as well as the implications to citizen tax payers and businesses across the nation. Some of these agencies and their Id Theft campaigns are:

1. The US Department of Justics (DoJ)
2. The Federal Trade Commission (FTC)
3. The Social Security Administration (SSA)
4. The Whitehouse
5. The Department of Education
6. Federal Deposit Insurance Corporation (FDOC)

The following are also news sources on various senate, house of rep and Maryland id theft related news.

1. US Senate       US House of Rep  
2. State of Maryland

If you know of any other government program on id theft, let us know in your comments.

October is National Cyber Secuurity Awareness Month(NCSAM), and yes, October is here again. In 2006, We at the MSU Security Awareness Center joined the rest of the nation in observing the NCSAM with distribution of posters, dissemination of information through this blog and several presentations on campus.

This year, we are upping the ante by not only doing the things we already started last year, but also engaging students across MSU in our campaign.

During the month of October we have a challenge to all MSU students to create the most engaging Cyber Security Awareness content. Content could can be posters, fliers, video, website, blogs, news article (technical or non-technical), class room or on campus events or any other material that can later be made available on this blog.

The rules are simple:

• Student have to be currently enrolled at Morgan State University
• Content must be original
  • If content is modified, proper attribution to original owner must be included as well as obtaining proper permission when necessary (for all copyrighted materials)
• Content must be web-ready : can be presented on the website
• Content must be appropriate for world-wide dissemination
• Submitter provide contact information include full name, a Morgan email address (mymail) as well as a phone number if available.

The first five entries will be showcased on this blog through out the semester. The overall three best contributors will get a yet to be disclosed freebie from the MSUSAC.

Please submit your content to Ms. Carla Johnson at the University Digital Media Center by doing one of the following:

1. Send Content as an email attachment (less than 10MB) to secure@mymail.morgan.edu with subject : NCSAM 2007 Submittion

2. Hand Content in CD to Ms. Johnson in the DMC located in Room 209 at the Communication Center.

All Submission must be received by October 30, 2007.

We will acknowledge all submissions and post all qualified entries on November 15. We will also contact all those getting freebies by email no later than November 15.

The Morgan State University Security Awareness Center (MSUSAC) , a program under the division of planning and information technology is once again coordinating a campus-wide security awareness program in observance of the annual Cyber Security Awareness month in October.

Program History
In 2004, the National Cyber Security Alliance (NCSA), an information technology trade group, launched the inaugural National Cyber Security Awareness Month (NCSAM). The aim of the program was to raise the awareness of computer users in the United States; to better alert them to potential threats and improve their preparedness for cyber security incidents. In 2006, the department of Homeland Security adopted the program and the US House of Representatives also adopted a resolution in support for the program. So far more than 30 states have either adopted some resolution in support of the program or currently observe the program. The Multi State Information Sharing and Analysis Center (MS-ISAC) a national collaborative organization for state’s information security emergency response help coordinate the NCSAM across the US.
Today all major software and internet vendors have signed on to the program under the aegis of the NCSA, whose website in www.staysafeonline.info. Public and private sector enterprise now observe the program by organizing and supporting events as well as providing resources that help raise the national awareness.

NCSAM at Morgan
In 2006, Morgan State University observed its first month-long event by launching the MSUSAC website (http:msusac.morgan.edu) and blog (http://msusac.morgan.edu/blogs) as well as providing various awareness resources across to the university. This year, the university is moving forward and plans to organize events around a central theme of identity-theft-awareness. This is recognition of the growing importance of notoriety of identity theft as the number cyber related crime today.
The MSUSAC website and blog are being updated to support this year’s theme, and additional content will be provided throughout the month of October and after in observance of the NCSAM as well as to keep you informed about the dangers as well as what you can do to mitigate or in response to a breach.
As part of the programs for the NCSAM, students are encouraged to participate by entering our first create some content challenge. Students are encouraged to write articles, develop video blobs, create blogs or website or even write for the MSUSAC blog to showcase their innovation as well as understanding of the challenges of identity theft. More information about the challenge will be made available at the MSUSAC website and blog.
We invite you all to take note of the posters, fliers and handouts that will be available throughout the month of October in observance of the NCSAM, as well as visit the MSUSAC website located at http://msusac.morgan.edu now and in the future to learn more about information security and related issues.

1. Install and Update Anti-Virus Software
   MSU offers free anti-virus to students in Residence Life
   

2. Update Your operating system on a regular basis
   Take advantage of the software updates in Windows Vista, Windows XP,  Windows 2000, Mac and Linux

3. Don’t share illegal files
   Uploading and downloading music and movie files is illegal.  You can lose your internet connection if you get caught by the University, and you are subject to fines of up to $100,000 per song if the music industry catches you. If that’s not enough, Peer 2 Peer networks used to trade music files are fast becoming the preferred method to spread viruses.

4. Use Strong Passwords
   See post of how to create one

5. Know the source
   Whether you’re surfing the Internet, checking your email, responding to IM or sharing your research via Direct Connect – Don’t click on anything unless you asked someone to send it to you. Links, attachments, and files of any type can contain malicious code, and clicking on them gives permission for that code to execute. When in doubt, ask the sender to resend it.

Security Scrabble is a game to be played by teams or individuals or it may be placed in newsletters as a contest. Simply take a phrase such as “SECURITY AWARENESS INCORPORATED” And try to get as many words of four or more letters from the letters in the phrase.

For example, the word R E S C U E is formed using letters in our sample phrase. Determine a time span for creating words (ie: 10 minutes). The team with the most points wins. Words from the original phrase cannot be used in their entirety (ie: SECURITY can not be used but SECURE can be used).

Scoring*

4 letter words - 1 point

5 letter words - 2 points

6 letter words - 3 points

7 letter words - 4 points

8 letter words - 5 points

9 letter words - 6 points

etc

* Security related words score double points!!!

— courtesy of SecurityAwareness.com : http://www.securityawareness.com/

- Good luck -

www.securityawareness.com

A 10-minute educational video that provides an overview of identity theft and outlines the steps consumers can take

The University recently completed a comprehensive upgrade of the entire network infrastructure including hardware, software, and configuration changes. The entire array of network switches, routers and multi-layered switches have been updated to more current versions of the hardware to ensure continued availability of these resources for optimum network performance. Network operating systems have also been upgraded to current versions across the board to support the new hardware as well as provide the University with access to modern network technology features and controls. In many instances, new capabilities have been added to the network, many of which are aimed at improving availability of the network as well as improving the security of information systems across the campus.

As part of the series of technology upgrades, the University now has a new Active Directory implementation as the center of its identity management framework. The University also has a new email infrastructure to support enhanced electronic communication across the University. Also the University recently completed an upgrade to its voice-mail system and a recent emergency alert system adds to the University’s capability to communicate with its constituents.

One important component of the many technology upgrades is the implementation of a role based access control framework founded on identity-aware infrastructure that helps to ensure maximum mobility for all constituents across the University while maintaining robust security protection for all network assets, University-wide.

While these technologies have been completely implemented, their roll-out to you the end users is currently underway and is expected to be complete during the Falls semester. New Single-Sign on network identity have been provisioned for all users and various resources are scheduled to be single-sign-on enabled in the coming weeks.

Also, wireless coverage enhancement is planned for the entire campus and phased roll-out is expected to start during the Fall Semester as well. All these technology solutions are being implemented with conscious attention to the security of the information system.

Please stay tuned as we provide more information about the various capabilities and upgrades to the network.

The recording industry’s trade group said Wednesday it will give hundreds of college students suspected of illegally sharing music online a chance to reach settlements before being sued for copyright infringement.

The move comes as the industry seeks to stamp out what it is says is rampant music piracy on campuses.

The Recording Industry Association of America said it was sending letters offering discounted settlements to 400 computer users at 13 universities. The group intends to send hundreds of such pre-litigation letters to university computer users every month.

“The theft of music remains unacceptably high and undermines the industry’s ability to invest in new music,” said Mitch Bainwol, chairman and CEO of the association. “This is especially the case on college campuses.”

The letters targeted students at Arizona State University, Marshall University, North Carolina State University, North Dakota State University, Northern Illinois University, Ohio University, Syracuse University, University of Massachusetts, Amherst, University of Nebraska, Lincoln, University of South Florida, University of Southern California, University of Tennessee, Knoxville, and University of Texas, Austin.

Copyright © 2007 Associated Press

Article Culled from Washington Post:

Microsoft pulls the plug on Windows 98, 98 Second Edition and Millennium Edition today: no more bug fixes, no more technical support, no more nothing.Before people start revolting in protest, consider this: It’s Microsoft’s business decision to make, and it makes sense.

Windows 98 and other older programs began to die as soon as Microsoft issued Windows XP in 2001. From Security Fix Still using WIndows 98 or ME? Staff writer Brian Krebs tells you which free and free-trial security tools are compatible with older Microsoft-based systems. Security Tools for an Older OS

It shouldn’t even surprise anybody.

These products have shown remarkable longevity compared with other Windows releases — think of how few people persisted with the eight-year-old Windows 3.0 when Windows 98 shipped eight years ago. But that hasn’t stopped these old versions from hitting the inevitable end of a road they pulled onto when Windows XP arrived in 2001.

Win 98, 98 SE and ME all began to die when XP shipped, with a foundation so different from its predecessors that many new programs would run on only XP (and its older, corporate-oriented cousin, Windows 2000).

These older releases officially moved into the software hospice when Microsoft made a batch of critical security fixes a Windows XP-only proposition — if you wanted a version of Internet Explorer that blocked pop-up ads and unwanted ActiveX software downloads, you could get it in Service Pack 2 for Windows XP only.

And today, these flavors of Windows are officially dead. A note on Microsoft’s Web site ( http://www.microsoft.com/windows/support/endofsupport.mspx ) should end any denial: “Microsoft will retire public and technical support, including security updates, by this date.” In other words: You’re on your own, kid!

Don’t blame Microsoft for that. This is a profit-driven company with a legal obligation to make money for its shareholders, not a public utility. It has no duty to keep supporting products that it hasn’t sold in the past six years, and especially not when it could instead focus its attention on software far more people use — say, Windows Vista, which is itself needed to fix some deep-seated security flaws in Windows XP. (My Sunday column will preview Vista.)

The same things happen with other operating-system developers — Apple has essentially held a pillow over the face of its pre-Mac OS X releases. Its last major update to Mac OS 9 came in the summer of 2001.

Any company that develops software and hardware must make the same basic decision, and in most cases it comes down against supporting operating systems released in a prior decade. Why put in the non-trivial work needed to make a product function in an eight-year-old copy of Windows when the people who might benefit from it have shown so little interest in computer upgrades in the first place?

If your computing needs don’t exceed the reach of a Win 98 (or a Mac OS 9), that’s fine. Your computer won’t shut down at midnight tonight — although any computer that old carries a substantial risk of a hard-drive crash that would yield the same effect. (The one machine at The Post that I could find with Win 98 onboard has suffered just that fate.)

But it does mean that you now have sole responsibility for keeping the computer safe. Thanks to the wonderful world of viruses and worms, your infected machine can become everybody else’s problem in a hurry — a large proportion of the “malware” in circulation today was released to help spread spam and spyware to other computers.

Here, we have the one potentially valid argument against Microsoft euthanizing its old releases — that the company is ducking its responsibility to fix problems it helped create.

But in any practical sense, it doesn’t matter: The quickest, easiest security fix for pre-2000 Windows isn’t anything that Microsoft could produce even if it wanted to — it’s switching to safer, non-Microsoft programs for the Web and e-mail. Use the free Mozilla Firefox instead of Internet Explorer; use any other e-mail program instead of Outlook Express. Most important, use your own common sense not to download or open files that look sketchy.

It’s no different from driving a vintage car on the Beltway: You don’t have seat belts, so you’d better be that much more careful. (On the other hand, a ‘57 Chevy is cool; ‘98 Windows is not.)

Look, it would be terrific if computers and electronic gadgets would keep working forever. Nobody likes having to replace functioning products on somebody else’s schedule, whether it’s an operating system or a television. But if you want to see these industries keep coming up with new and useful ideas (in addition to the occasional clunker), that’s the tax we all have to pay.

Living with technology, or trying to? E-mail Rob Pegoraro atrob@twp.com.