Have you heard about the Anti-Terrorism Act (ATA) of 2001, which is before the US House Judiciary Committee? If the present form of the proposed bill becomes law, hacking a computer system becomes a terrorist act punishable by up to life in prison. You can read about the ATA in our related news story on our Security Administrator Web site.
After hearing arguments on the ATA last week, Congressman F. James Sensenbrenner (Wisconsin) and Representative John Conyers, Jr., (Michigan) introduced a draft of a compromise bill, called the Patriot Act, which they want to substitute for the ATA 2001. The proposed Patriot Act addresses concerns about classifying hacking as a terrorism act. As you'll learn by reading the proposed Patriot Act, Section 309 makes it clear that computer-related crimes would only become an act of terrorism if those crimes "\[are\] calculated to influence or affect the conduct of government by intimidation or coercion; or to retaliate against government conduct."
The House Judiciary Committee staff has prepared an interpretation of the Patriot Act that further clarifies the lawmakers' intent to reclassify computer crimes. In the document, the staff interprets Section 309 of the Patriot Act to mean, "a crime is only considered to be \[a\] Federal terrorism offense if it can be proven to be calculated to influence or affect the conduct of government by intimidation or coercion; or to retaliate against government conduct."
Even with such clarifications, however, many privacy groups are raising concerns about what they interpret to be considerable privacy and civil liberties issues that the Patriot Act presents. For viewpoints about these concerns, visit the Electronic Privacy Foundation Center (EPIC) Web site.
On another note, I want to tell you about two security tools that you might find useful in your daily routines. The first tool is a freeware package called Eraser. The tool helps remove disk data when you delete files from your system. Eraser deletes the files by overwriting the disk data numerous times. Such a process helps ensure that any residual magnetic flux on the disk won't be sufficient for any non-authorized data-recovery operation attempts.
Eraser runs on all Windows platforms from Windows 95 through Windows 2000. Eraser installs as a Windows Explorer shell extension, which adds a new menu item to Explorer-related popup menus. For example, if you right-click the Recycle Bin, in addition to the standard menu selection "Empty Recycle Bin," you'll find a new menu selection called "Erase Recycle Bin." The same holds true for the Explorer shell itself: When you right-click any file or folder within Explorer, you'll find a new menu item entitled "Erase" in addition to the standard "Delete" menu selection.
Sami Tolvanen, a computer science major in Finland, developed Eraser. You can download a copy at Tolvanen's Web site. You can also obtain the source code for Eraser at the site—it's freely available under the GNU's Not UNIX (GNU) General Public License (GPL).
The other tools I want to remind you about are our online Web-based security forums. On our Security Administrator Web site you'll find four Web forums that cover security problems with Win2K, Windows NT, Microsoft IIS, and Microsoft Proxy Server. These forums are a great resource—a way to get help from or offer help to people who prefer not to use mailing list-based discussion forums. Several of our forum pros moderate the forums and also help answer questions. Be sure to stop by the forums.
And if you haven't heard the news, the Gartner Group recommends that Windows users not run IIS—that they immediately switch to another Web server platform. Read Gartner's comments and what prompted such advice in Paul Thurrott's related news story on our Web site.