[1149] in Security FYI
[IS&T Security-FYI] Newsletter, August 29, 2008
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Fri Aug 29 11:08:01 2008
Message-Id: <7EFA401C-C39C-4896-AB27-EF2A8E30B99D@mit.edu>
From: Monique Yeaton <myeaton@MIT.EDU>
To: ist-security-fyi@MIT.EDU
Mime-Version: 1.0 (Apple Message framework v926)
Date: Fri, 29 Aug 2008 10:58:34 -0400
Cc: itss@MIT.EDU
Content-Type: multipart/mixed; boundary="===============2116070684=="
Errors-To: ist-security-fyi-bounces@MIT.EDU
--===============2116070684==
Content-Type: multipart/alternative; boundary=Apple-Mail-10--950937564
--Apple-Mail-10--950937564
Content-Type: text/plain;
charset=US-ASCII;
format=flowed;
delsp=yes
Content-Transfer-Encoding: 7bit
In this issue:
1. Lessons from MBTA System Flaws Discovery
2. Apple to Fix iPhone Security Flaw
3. Microsoft Re-Issues Update
4. Data Breaches in 2008 Outpace 2007
-------------------------------------------------------------
1. Lessons from MBTA System Flaws Discovery
-------------------------------------------------------------
Earlier this week, a federal judge in Boston lifted a gag order that
had blocked three MIT students from publicly discussing security flaws
they discovered in the fare-payment system used by the city's mass-
transit agency.
The temporary restraining order was issued Aug. 9, one day before the
MIT students were scheduled to present a research paper detailing the
flaws during a session at the Defcon hacker convention in Las Vegas.
In asking for the gag order to be imposed, the Massachusetts Bay
Transportation Authority (MBTA) claimed that it hadn't been given
enough time or sufficient information prior to Defcon to assess the
flaws and figure out a plan for fixing them.
The case reignited the debate over responsible disclosure of
vulnerabilities, sparking outrage within some parts of the security
community that saw the gag order as a violation of the students' First
Amendment rights, while other people said they thought the students
should have given the MBTA more time to address the flaws before going
public with them.
Network World lists some takeaways for IT and security managers from
the entire episode in the full story below:
<http://www.networkworld.com/news/2008/082208-3-takeaways-from-mbta-mit.html?fsrc=rss-security
>
----------------------------------------------
2. Apple to Fix iPhone Security Flaw
----------------------------------------------
Unauthorized users may be able to exploit a security flaw in the Apple
iPhone to gain access to iPhone users' private correspondence and
contact information, even if those iPhones are locked. Reuters
reported that iPhones running the latest iPhone 2.02 software could be
hacked with only three taps.
An Apple spokewoman stated that Apple was aware of the iPhone security
flaw and that Apple was preparing a software update to fix the flaw.
Apple hasn't said specifically when the iPhone update would be
available.
Until the software update is available, iPhone users can use a
workaround -- instead of accessing the iPhone's iPod music collection
through the "Favorites" menu, iPhone users should use the iPhone
"Home" button to access their music.
Full story:
<http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9113753
>
--------------------------------------
3. Microsoft Re-Issues Update
--------------------------------------
Microsoft has released a new version of one of its August 11 security
bulletins because the original version was incomplete. The affected
bulletin is MS08-051, which addresses three flaws in Microsoft Office,
PowerPoint and PowerPoint Viewer.
<http://www.microsoft.com/technet/security/bulletin/MS08-051.mspx>
Users who downloaded the fix manually should apply the new version as
soon as possible. The incomplete version was only posted to the
Microsoft Download Center.
**Users whose systems were updated through Windows Update, Windows
Server Update Services, or MIT WAUS are NOT affected.**
Download Center: <http://office.microsoft.com/en-us/downloads/default.aspx
>
---------------------------------------------------
4. Data Breaches in 2008 Outpace 2007
---------------------------------------------------
The number of data breaches reported in 2008 has already surpassed
those reported in 2007, according to the Identity Theft Resource
Center (ITRC), a non-profit organization tracking the statistics.
ITRC, an organization that tracks data breaches and educates consumers
about identity protection, said its 2008 breach list of 449 incidents
surpassed the total of 446 reported in 2007. The number of compromised
records is estimated at 22 million, according to the organization.
Full story:
<http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1327048,00.html
>
=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security
---------------------------------------
Important: DO NOT GIVE OUT YOUR PASSWORDS!
Ignore emails asking you to provide yours. IS&T IT staff will *NEVER*
ask you for your password.
--Apple-Mail-10--950937564
Content-Type: text/html;
charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
<html><body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; =
-webkit-line-break: after-white-space; "><div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Helvetica; min-height: 17px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; ">In this issue:</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Helvetica; min-height: 17px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; ">1. Lessons from MBTA System Flaws =
Discovery</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; ">2. Apple to Fix iPhone Security Flaw</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; ">3. =
Microsoft Re-Issues Update</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">4. Data Breaches in 2008 Outpace =
2007</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">-------------------------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; ">1. =
Lessons from MBTA System Flaws Discovery</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Helvetica; =
">-------------------------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">Earlier this week, a federal =
judge in Boston lifted a gag order that had blocked three MIT students =
from publicly discussing security flaws they discovered in the =
fare-payment system used by the city's mass-transit agency.</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">The temporary restraining order =
was issued Aug. 9, one day before the MIT students were scheduled to =
present a research paper detailing the flaws during a session at the =
Defcon hacker convention in Las Vegas. In asking for the gag order to be =
imposed, the Massachusetts Bay Transportation Authority (MBTA) claimed =
that it hadn't been given enough time or sufficient information prior to =
Defcon to assess the flaws and figure out a plan for fixing =
them.</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">The case reignited the debate over responsible disclosure of =
vulnerabilities, sparking outrage within some parts of the security =
community that saw the gag order as a violation of the students' First =
Amendment rights, while other people said they thought the students =
should have given the MBTA more time to address the flaws before going =
public with them.</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">Network World lists some takeaways for IT and security managers from =
the entire episode in the full story below: </div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; "><<a =
href=3D"http://www.networkworld.com/news/2008/082208-3-takeaways-from-mbta=
-mit.html?fsrc=3Drss-security">http://www.networkworld.com/news/2008/08220=
8-3-takeaways-from-mbta-mit.html?fsrc=3Drss-security</a>></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">----------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; ">2. =
Apple to Fix iPhone Security Flaw</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; =
">----------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">Unauthorized users may be able to =
exploit a security flaw in the Apple iPhone to gain access to iPhone =
users' private correspondence and contact information, even if those =
iPhones are locked. Reuters reported that iPhones running the latest =
iPhone 2.02 software could be hacked with only three taps.</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">An Apple spokewoman stated that =
Apple was aware of the iPhone security flaw and that Apple was preparing =
a software update to fix the flaw. Apple hasn't said specifically when =
the iPhone update would be available.</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Helvetica; min-height: 17px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; ">Until the software update is available, iPhone =
users can use a workaround -- instead of accessing the iPhone's iPod =
music collection through the "Favorites" menu, iPhone users should use =
the iPhone "Home" button to access their music.</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">Full story:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
"><<a =
href=3D"http://www.computerworld.com/action/article.do?command=3DviewArtic=
leBasic&articleId=3D9113753">http://www.computerworld.com/action/artic=
le.do?command=3DviewArticleBasic&articleId=3D9113753</a>></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">--------------------------------------</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Helvetica; ">3. Microsoft Re-Issues =
Update</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; =
">--------------------------------------</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Helvetica; min-height: 17px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; ">Microsoft has released a new version of one of =
its August 11 security bulletins because the original version was =
incomplete. The affected bulletin is MS08-051, which addresses =
three flaws in Microsoft Office, PowerPoint and PowerPoint Viewer. =
</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; "><<a =
href=3D"http://www.microsoft.com/technet/security/bulletin/MS08-051.mspx">=
http://www.microsoft.com/technet/security/bulletin/MS08-051.mspx</a>></div=
><div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">Users who downloaded the fix =
manually should apply the new version as soon as possible. The =
incomplete version was only posted to the Microsoft Download =
Center.</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">**Users whose systems were updated through Windows Update, Windows =
Server Update Services, or MIT WAUS are NOT affected.**</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">Download Center: <<a =
href=3D"http://office.microsoft.com/en-us/downloads/default.aspx">http://o=
ffice.microsoft.com/en-us/downloads/default.aspx</a>></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">---------------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; ">4. =
Data Breaches in 2008 Outpace 2007</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; =
">---------------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">The number of data breaches =
reported in 2008 has already surpassed those reported in 2007, according =
to the Identity Theft Resource Center (ITRC), a non-profit organization =
tracking the statistics. ITRC, an organization that tracks data breaches =
and educates consumers about identity protection, said its 2008 breach =
list of 449 incidents surpassed the total of 446 reported in 2007. The =
number of compromised records is estimated at 22 million, according to =
the organization.</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">Full story:</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; "><<a =
href=3D"http://searchsecurity.techtarget.com/news/article/0,289142,sid14_g=
ci1327048,00.html">http://searchsecurity.techtarget.com/news/article/0,289=
142,sid14_gci1327048,00.html</a>></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; min-height: 17px; =
"><br></div></div><div apple-content-edited=3D"true"><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; color: =
rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: =
normal; font-variant: normal; font-weight: normal; letter-spacing: =
normal; line-height: normal; orphans: 2; text-align: auto; text-indent: =
0px; text-transform: none; white-space: normal; widows: 2; word-spacing: =
0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><div><span class=3D"Apple-style-span" =
style=3D"font-size: 12px; "><div style=3D"font-size: 12px; "><br =
class=3D"khtml-block-placeholder"></div><div style=3D"font-size: 12px; =
">=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D</div><div style=3D"font-size: 12px; ">Monique Yeaton</div><div =
style=3D"font-size: 12px; ">IT Security Awareness Consultant</div><div =
style=3D"font-size: 12px; ">MIT Information Services & Technology =
(IS&T)</div><div style=3D"font-size: 12px; ">(617) =
253-2715</div><div style=3D"font-size: 12px; "><a =
href=3D"http://web.mit.edu/ist/security">http://web.mit.edu/ist/security</=
a></div></span></div><div><br></div><div><span class=3D"Apple-style-span" =
style=3D"color: rgb(192, 0, 0); font-family: Arial; font-size: 12px; =
font-weight: bold; =
">---------------------------------------</span></div><div><font =
class=3D"Apple-style-span" color=3D"#C00000" face=3D"Arial" =
size=3D"3"><span class=3D"Apple-style-span" style=3D"font-size: 12px; =
"><b><span class=3D"Apple-style-span" style=3D"color: rgb(0, 0, 0); =
font-family: Helvetica; font-size: 14px; font-weight: normal; =
"><div><font class=3D"Apple-style-span" color=3D"#C00000" face=3D"Arial" =
size=3D"3"><span class=3D"Apple-style-span" style=3D"font-size: 12px; =
"><b>Important: DO NOT GIVE OUT YOUR =
PASSWORDS! </b></span></font></div><div><font =
class=3D"Apple-style-span" color=3D"#C00000" face=3D"Arial" =
size=3D"3"><span class=3D"Apple-style-span" style=3D"font-size: 12px; =
"><b>Ignore emails asking you to provide yours. IS&T IT staff will =
*NEVER* ask you for your =
password. </b></span></font></div></span></b></span></font></div></di=
v></span></div></span></div></span></div></span></div></span></div></span>=
</div></span></div></span> </div><br></body></html>=
--Apple-Mail-10--950937564--
--===============2116070684==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============2116070684==--
