Linda, remember your headache with the new list . . . well, you are NOT the only one. I'd HATE to be the person in charge of THIS one State Dept. virus exposes system flaw Anyone could have sent messages to U.S. travel warning list http://www.msnbc.com/news/754879.asp?0na=x2101330- May 21 ? When the State Department sent out a computer virus to an e-mail list devoted to travel warnings last weekend, the incident exposed a larger shortcoming in the agency?s security. According to the company that manages the mailing list, the State Department list had been set up to allow anyone to send a message to all recipients ? including journalists, foreign diplomats, overseas nationals. The virus proved it would have been easy for someone to send out a fake global travel warning in the name of the State Department. THE LIST WAS ORIGINALLY set up correctly, said Gabriella Linares, spokesperson for L-Soft International. L-Soft provides the hosting space for the DOSTravel list where several copies of the Klez worm were distributed over the weekend. Before any message was sent to the group, it was to be reviewed by a State Department official ? the normal procedure for ?monitored? mailing lists. But at some point, the list operator ?got lazy or whatever,? and just set the list to pass along any message, without review, Linares said. The only trick ? the ?from? e-mail address had to be spoofed to appear as if it were sent by the State Department, which is routine for most computer hackers and virus writers. The State Department did not immediately return calls asking about L-Soft?s comments. Someone noticed the list?s security flaw over the weekend, and took advantage of it, repeatedly sending out computer viruses over the government list. ?There is a setting that the list owner has to check and verify a message before it goes to the list,? Linares said. ?The list owner deactivated that feature. They were not reviewing messages before they were sent to the list.? The DOSTravel list provides notification when the State Department recommends that Americans avoid travel to a certain country. Only about 10-15 email messages are sent across the list per month. The list is popular overseas; hundreds of Web sites in multiple languages link to the list?s sign-up page. But it is not the only means the State Department has to issuing such warnings. Had someone sent out a fake warning over the list, there would be many ways for the department to retract it ? including a follow-up e-mail to the list. Still, the incident demonstrates a lapse of security during a particularly sensitive time for the U.S. government and for international travel. On Monday, a State Department spokesperson blamed L-Soft for the incident, saying the third-party vendor didn?t provide appropriate security. But on Tuesday L-Soft shot back, saying it was the State Department that failed to manage the list?s security settings. It was not immediately clear how many people subscribe to the list. It?s open to the public; some journalists subscribe to stay abreast of potential travel threats overseas. MSNBC.com is a subscriber and received several of the infected e-mails. An apology e-mail arrived Monday morning. ?If you ever have any doubts about any e-mails arriving from our listserver, you should delete them, and not risk getting a computer virus,? the apology read in part. The virus came in the form of an attachment named doc.bat, which was infected with the pesky Klez worm . The worm can be destructive ? some versions disable anti-virus products. Other versions can copy private documents and spreadsheets and mass mail them around the Internet. ?On Saturday, Washington D.C. time, there were several messages sent to the DOSTRAVEL mailing list with viruses, despite our safeguards,? the apology e-mail read. ?We have taken additional steps to prevent this from happening in the future.? The State Department is hardly alone in dealing with Klez. The worm and its many variants has been the world?s most reported virus for several months now; with infections rates slowly on the rise. UK e-mailing filtering firm MessageLabs Inc. says it has stopped about 650,000 copies of the bug. The DOSTravel list software has now been reconfigured to never pass along attachments, according to the agency. [end] ///JSH ... ************************************************************* PLEASE READ!!!! You are receiving this mail because you subscribed to mso@xxxxxxxxxxxxx or MicrosoftOffice@xxxxxxxxxxxxxxxx To Unsubscribe from this group, send an email to mso-request@xxxxxxxxxxxxx with a subject line that says "unsubscribe" (without the quotes). Do not put unsubscribe IN CAPS. Screaming doesn't get you out any faster and the caps prevent the function from working. To change your email settings to digest or vacation (no mail), visit the group's homepage for full instructions. //www.freelists.org/webpage/mso To be able to use the files section for sharing files with the group, send a request to mso-moderators@xxxxxxxxxxxxx and you will be sent an invitation with instructions. *************************************************************