Computers and Security, Vol. 7, No. 1

Analysis of the Encryption Algorithm Used in the WordPerfect Word Processing Program, John Bennett

WordPerfect v4.2, produced by WordPerfect Corporation, is a po- pular word processing program for the mM PC series of microcom- puters. The program includes an encryption option and, in their handbook, the manufacturers claim that "if you forget the password, there is absolutely no way to retrieve the document." The encryption is shown to be a simple aff, ne Vigeniere cipher with a significant weakness. Cryptologia, October 1987, pp. 206-210.

os~ Security System Revealed, Elisabeth Horwitt

NSA, NBS and a consortium of 12 communications and computer ven- dors unveiled the framework for an Open Systems Interconnect (os0 networking security system. The Secure Data Network System project was initiated to develop specifications for cost-effective, transparent, computer-independent communications within osl. Altho- ugh the government plans to reserve some elements of the project's work, such as cryptographic algo- rithms, approximately 80% of the specification will be publicly avail- able. The security system will incorporate encryption, access con- trol and device authentication. Computerworld, October 5, i987, pp. 53,58.

Computer Trouble Makes British Skies Unfriendly, Philip Hunter

In September 1987, the Flight Data Processing System at Prest- wick Airport in Scotland crashed for several hours--on two separate occasions--triggering chaos. With the system down, controllers had to track aircraft with flight movement information on paper strips generated from a Telex machine. The computer failure lasted six hours and delayed flights between North America and Several major European cities. Information WEEK. October 5, 1987, p. 17.

LA Sites rocked, Stephen Jones and Senior Editors

The earthquake that jolted South- ern California disrupted com- munications and electrical power but caused relatively few incidents of extensive damage at computer centers in the Los Angeles area. The greatest damage reported was at a bank where the data processing center suffered extensive structural damage. The bank is located within two miles of thc earthquake's epicenter. Other problems were disks rolling around the floor, computers and peripherals shifting position, disrupted leased lines, and loosened ceiling tiles. Computer- world, October 5, 1987, p. 2.

IBM Users Told Data Files Could Have Legal Pitfalls, Leslie Goff

A leading law expert is recom- mending that information systems directors consider the implications of handling the mountains of personal data that their systems

generate. Although the Constitution protects some of our privacies, we lack guarantees of informational privacy. He recommends that those who manage data should: (1) have a "duty of care"; (2) execute restraint in what kind of information they request; (3) make the information system secure; (4) allow access by people to their own data; (5) destroy data that is no longer relevant. Management lt~ormation Systems Week, October 5, 1987.

New Risk Management Lab Will Tackle Security Needs, Neil Munro

The National Computer Security Center (NCSC) and the National Bureau of Standards (NBS) have agreed to set up a joint computer risk management laboratory to help government agencies determine their computer security require- ments. The laboratory will review the capabilities of commercial com- puter security packages and advise vendors and government and com- mercial organizations of the "stren- gths and weaknesses" of the avail- able commercial packages. An in- terdisciplinary team will be set up to develop security risk-management ideas and the laboratory will also research computer security tools and techniques. ~qcsc and NBS would jointly develop standards for com- puter security risk-management packages and will provide risk management guidance to users. Government Computer News, October 9, 1987, p. 6.

Data Errors Hurt State Department System, Vanessa Jo Grimm

Extensive erroneous data entries have rendered the State

* 1 0 5