Home Page
Search
Site Contents


Name:Independence Day
Alias:Independence
Description:

This was a joke, which was distributed as an official-looking CERT alert and was based on the movie 'Independence Day'. Here is the original message:

****
  Independence Day - CERT alert
  --------------------------------------------------------------------------
  From: CERT Bulletin 
  Newsgroups: comp.security.announce,rec.humor
  Subject: CERT Advisory CA-96.13 - Alien/OS Vulnerability
  Date: 4 July 1996 20:52:15 GMT
  Organization: CERT(sm) Coordination Center -  +1 412-268-7090
  ==========================================================================
  CERT(sm) Advisory CA-96.13
  July 4, 1996
  Topic: ID4 virus, Alien/OS Vulnerability
  --------------------------------------------------------------------------
  The CERT Coordination Center has received reports of weaknesses in
  Alien/OS that can allow species with primitive information sciences
  technology to initiate denial-of-service attacks against MotherShip(tm)
  hosts.  One report of exploitation of this bug has been received.
  When attempting takeover of planets inhabited by such races, a trojan
  horse attack is possible that permits local access to the MotherShip
  host, enabling the implantation of executable code with full root access
  to mission-critical security features of the operating system.
  The vulnerability exists in versions of EvilAliens' Alien/OS 34762.12.1
  or later, and all versions of Microsoft's Windows/95.  CERT advises
  against initiating further planet takeover actions until patches
  are available from these vendors.  If planet takeover is absolutely
  necessary, CERT advises that affected sites apply the workarounds as
  specified below.
  As we receive additional information relating to this advisory, we will
  place it in
          ftp://info.cert.org/pub/cert_advisories/CA-96.13.README
  We encourage you to check our README files regularly for updates on
  advisories that relate to your site.
  --------------------------------------------------------------------------
  I.    Description
        Alien/OS contains a security vulnerability, which strangely enough
        can be exploited by a primitive race running Windows/95.  Although
        Alien/OS has been extensively field tested over millions of years by
        EvilAliens, Inc., the bug was only recently discovered during a
        routine invasion of a backwater planet.  EvilAliens notes that
        the operating system had never before been tested against a race
        with "such a kick-ass president."
        The vulnerability allows the insertion of executable code with
        root access to key security features of the operating system.  In
        particular, such code can disable the NiftyGreenShield (tm)
        subsystem, allowing child processes to be terminated by unauthorized
        users.
        Additionally, Alien/OS networking protocols can provide a
        low-bandwidth covert timing channel to a determined attacker.
  II.   Impact
        Non-privileged primitive users can cause the total destruction of
        your entire invasion fleet and gain unauthorized access to
        files.
  III.  Solution
        EvilAliens has supplied a workaround and a patch, as follows:
        A. Workaround
           To prevent unauthorized insertion of executables, install a
           firewall to selectively vaporize incoming packets that do not
           contain valid aliens.  Also, disable the "Java" option in
           Netscape.
           To eliminate the covert timing channel, remove untrusted
           hosts from routing tables.  As tempting as it is, do not use
           target species' own satellites against them.
        B. Patch
           As root, install the "evil" package from the distribution tape.
           (Optionally) save a copy of the existing /usr/bin/sendmail and
           modify its permission to prevent misuse.
  --------------------------------------------------------------------------
  The CERT Coordination Center thanks Jeff Goldblum and Fjkxdtssss for
  providing information for this advisory.
  --------------------------------------------------------------------------
  If you believe that your system has been compromised, contact the CERT
  Coordination Center or your representative in the Forum of Incident
  Response and Security Teams (FIRST).
  We strongly urge you to encrypt any sensitive information you send by
  email. The CERT Coordination Center can support a shared DES key and
  PGP. Contact the CERT staff for more information.
  Location of CERT PGP key
           ftp://info.cert.org/pub/CERT_PGP.key
  CERT Contact Information
  ------------------------
  Email    [email protected]
  Phone    +1 412-268-7090 (24-hour hotline)
                  CERT personnel answer 8:30-5:00 p.m. EST
                  (GMT-5)/EDT(GMT-4), and are on call for
                  emergencies during other hours.
  Fax      +1 412-268-6989
  Postal address
          CERT Coordination Center
          Software Engineering Institute
          Carnegie Mellon University
          Pittsburgh PA 15213-3890
          USA
  CERT publications, information about FIRST representatives, and other
  security-related information are available for anonymous FTP from
          http://www.cert.org/
          ftp://info.cert.org/pub/
  CERT advisories and bulletins are also posted on the USENET newsgroup
          comp.security.announce
  To be added to our mailing list for CERT advisories and bulletins,
  send your email address to
          [email protected]
  Copyright 1996 Carnegie Mellon University
  This material may be reproduced and distributed without permission
  provided it is used for noncommercial purposes and the copyright
  statement is included.
  CERT is a service mark of Carnegie Mellon University.
**** 
Again, ignore this message and do no pass it on.