USACM Chair Spafford Addresses Information Security Curricula

USACM Chair Eugene Spafford recently made predictions about information security curriculua in American higher education for CSO Magazine. You can read his comments online.

According to Spafford, information security is like most areas of information technology where there is often more demand than students available. In the areas of cyber forensics and information, the curriculum has shifted away from some of the lower-level (machine-specific) skills that are needed in those specialties. This can pose a challenge for some employers seeking students with the right combination of skills. Unfortunately, these skills are not well integrated into existing computer science curricula, and what courses exist are not universally available. Read more about Dr. Spafford’s thoughts on information security curricula, and other predictions made in this CSO magazine series, online.

Final E-Verify Rule Announced for Contractors

Under a final rule published November 14, certain federal contractors and subcontractors will be required to use e-Verify, an electronic employment verification system, starting early next year. The regulation applies to certain contractors and subcontractors of the Defense Department, the National Aeronautics and Space Administration and the General Services Administration. It will take effect January 15.

The major changes since the initial rule was announced in June amount to changes in deadlines and thresholds that determine how relevant federal contracts must address the program. Any contracts worth $100,000 or more must use e-Verify (increased from $3,000). Many deadlines in the initial rule have been extended. For instance, contractors enrolling for the first time will have 90 days instead of 30 to start using the system.

While the changes will make the program less onerous for many, particularly small businesses, there are still many issues with a large database such as the ones e-Verify will use. USACM has provided testimony on this issue, and our concerns have not changed. E-Verify will be a continued concern going into the new year and new administration, and we will continue to watch developments.

Election 2008: E-Voting Poses Problems, But No Meltdown

While some federal races remain too close to call, or are headed to runoffs, the 2008 election is notable for the lack of a dispute over election machines that may affect the outcome of an election. USACM members and ACM staff were observing activity throughout the country and noted the problems and issues with electronic voting in several media articles and interviews. We outlined these issues in a press release, which you can read online. It emphasizes voter registration database concerns.

USACM Barbara Simons was interviewed by O’Reilly Media about the election. They have a podcast and transcript of the interview available online. Some excerpts from other press reports involving USACM members:

From the Associated Press and the Welland Tribune (Ontario, Canada):

Some New Jersey voters were forced to cast paper ballots because of troublesome touch-screen machines. Similar problems popped up elsewhere, but were more sporadic than widespread.

“The majority of them seem to be functioning OK, but there are trouble spots, not unexpected,” said Purdue University computer science professor Eugene Spafford, who was watching machine voting issues for the Association of Computing Machinery.
Continue reading “Election 2008: E-Voting Poses Problems, But No Meltdown”

ACM Washington Update, Vol. 12.10 (November 6, 2008)

CONTENTS

[1] Newsletter Highlights
[2] Washington Post Notes Key Voter Database Issues
[3] A Framework for Addressing Surveillance
[4] EDUCAUSE on IT Workforce in Higher Education
[5] Google Books’ Copyright Settlement
[6] Federal Trade Commission Chairman Speaks on Internet Privacy
[7] GAO Reports that Social Security Numbers are Widely Available
[8] About USACM

[An archive of all previous editions of Washington Update is available at
http://www.acm.org/usacm/update/]
Continue reading “ACM Washington Update, Vol. 12.10 (November 6, 2008)”

Computers, Freedom and Privacy Conference 2009

The Computers, Freedom and Privacy (CFP) Conference recently issued the call for proposals for its 19th conference, slated for June 1-4, 2009 in the Washington, D.C. area. Proposals are due December 19, 2008.

The conference organizers intend to take advantage of the new administration and conference location to shape their agenda. From the conference web page:
Continue reading “Computers, Freedom and Privacy Conference 2009”

George Mason University’s E-mail System Compromised: Sends Students Fraudulent Election Information

Early on Election Day morning (at 1:16 AM) George Mason University’s e-mail system sent out a message to students under the Provost’s name stating that the Election Day had been moved to November 5. Here is the text of the message:

To the Mason Community:

Please note that election day has been moved to November 5th. We apologize for any inconvenience this may cause you.

Peter N. Stearns
Provost

At 8:08 AM the Provost’s Office sent out a correction message titled “Urgent Voting Information”:

Dear Colleagues,

It has come to my attention early this morning that a message was hacked into the system fraudulently stating that election day has been moved.  I am sure everybody realizes this is a hoax, it is also a serious offense and we are looking into it.  Please be reminded that election day is today, November 4th.

Peter N. Stearns
Provost

As of Fall 2007 (latest available data on GMU’s website), total enrollment at GMU was 30,332. It is not clear how many students received this message.

Based on a very, very preliminary analysis by some of USACM’s members, it appears that the original e-mail was forged. E-mails can be forged if the SMTP (Simple Mail Transfer Protocol) mail server does not require adequate authentication. See CERT’s website on e-mail forging for more information.

Obviously this is a very serious issue and likely violates several federal and state laws. The Electronic Privacy Information Center just released a report on deceptive electronic campaign practices. This incident seems to fit squarely into the issues raised by that report.

Just to be clear, today, November 4, is Election Day for the United States. We encourage all eligible voters to get out and vote.

George Mason University's E-mail System Compromised: Sends Students Fraudulent Election Information

Early on Election Day morning (at 1:16 AM) George Mason University’s e-mail system sent out a message to students under the Provost’s name stating that the Election Day had been moved to November 5. Here is the text of the message:

To the Mason Community:

Please note that election day has been moved to November 5th. We apologize for any inconvenience this may cause you.

Peter N. Stearns
Provost

At 8:08 AM the Provost’s Office sent out a correction message titled “Urgent Voting Information”:

Dear Colleagues,

It has come to my attention early this morning that a message was hacked into the system fraudulently stating that election day has been moved.  I am sure everybody realizes this is a hoax, it is also a serious offense and we are looking into it.  Please be reminded that election day is today, November 4th.

Peter N. Stearns
Provost

As of Fall 2007 (latest available data on GMU’s website), total enrollment at GMU was 30,332. It is not clear how many students received this message.

Based on a very, very preliminary analysis by some of USACM’s members, it appears that the original e-mail was forged. E-mails can be forged if the SMTP (Simple Mail Transfer Protocol) mail server does not require adequate authentication. See CERT’s website on e-mail forging for more information.

Obviously this is a very serious issue and likely violates several federal and state laws. The Electronic Privacy Information Center just released a report on deceptive electronic campaign practices. This incident seems to fit squarely into the issues raised by that report.

Just to be clear, today, November 4, is Election Day for the United States. We encourage all eligible voters to get out and vote.