Monday 10 June 2013

New 'KeyBoy' malware targets users from India, Vietnam

Security researchers have discovered a new piece of malware that targets users from India, Vietnam.  The backdoor is designed to steal information from the victim.

The malware campaign uses well-crafted Microsoft word document that exploits patched vulnerability in Microsoft office to drop a new malware referred as 'KeyBoy', according to Rapid7.

The first document found by the researchers targeting users from Vietnam is written in Vietnamese and is about reviewing and discussing best practices for teaching scientific topics.

The second document found by the researchers is written in English with title "All INDIA Bharat Sanchar Nigam Limited Executives' Association".  The title suggests the document is designed to target Indians.  The report says the document pretends to be authored by someone called Amir Kumar Gupta.  



Once the crafted-documents opened, it attempts to exploit known remote code execution vulnerabilities in Microsoft office.  If successful, the documents installs a backdoor malware dubbed as 'KeyBoy'.

After analyzing the malware, researchers identified a code that is designed to steal the login credentials stored in the Firefox and Internet explorer browsers.

New backdoor abuses Encrypting File System to Prevent Forensic Analysis


A new malware spotted by Symantec is said to have a new technique that abuses the Encrypting File System (EFS) to prevent security researchers from accessing the contents of malicious files.

EFS is a feature provided by windows that let any files or folders be stored in encrypted format. The encryption is specially designed to protect confidential data from attackers but it appears cybercriminals find it as best feature to protect their data.

According to Symantec's Malware report, the malware creates a folder in temp folder and then calls the EncryptFileW API to encrypt all its folders and files. Then it copies itself as wow.dll in the folder.

Since the files are encrypted with EFS, it is not possible for a security researcher to access the wow.dll with the help of another OS such as Linux loaded in removable drive.

However, researcher manually executed the threat on a test computer and gathered the contents of the malicious files.

The malware currently detected as Backdoor.Tranwos by Symantec antivirus is capable of downloading more malware onto the victim's system.

Handheld Malware Scanner made with Raspberry Pi


We learned earlier this year that U.S based power plant systems were infected with a malware after an employee used his infected USB drive to update software. Last year, the notorious Stuxnet worm was delivered to Iranian nuclear plant on USB stick.

We also learned last year that cybercriminals attempt to infiltrate the multinational chemicals firm DSM by leaving the malware loaded USB sticks in company car park.

The notorious targeted malware such as Stuxnet, Flame and more contained code to propagate via USB flash drives.One employee inadvertently using the infected usb drive puts the entire system at risk.

To bring end to this and boosts the security, Icarus Labs , a private research labs under the Cyber Security & Foundation, have created a program that would turn the Raspberry Pi, a small computer running Linux into a handheld malware scanner.

Users can plug their USB drive that is to be scanned.  It is said that the Pi will scan all the files in the drive and "check the signatures of 44 different antivirus providers to see if the file is malicious or not".


"This device can be deployed at entry points where it will be used to scan the USBs that are allowed in. This will prevent malicious software from getting in. "

It is also said that once the program is started, no further maintenance is required.  The device is designed in a such way that can be used by even non-technical person like security guards.

U.S. Defends Data-Collection as Legal Anti-Terror Tool

The Obama administration confirmed the existence of a classified U.S. government program that gathers data on foreign nationals from Internet companies, defending the effort as legally authorized and essential to thwarting terrorist attacks.
The disclosure last night came a day after reports emerged of a secret court order compelling Verizon Communications Inc. (VZ) to provide the National Security Agency with data on all its customers’ calls. While the revelations stirred outrage among privacy-rights advocates, U.S. lawmakers from both parties acknowledged earlier yesterday that they were aware of the Verizon order and backed the collection of telephone records as necessary to combating terrorism.
“Everybody should just calm down,” Senate Majority Leader Harry Reid, a Nevada Democrat, said at a news conference in Washington. “It’s a program that’s worked to prevent not all terrorism but certainly a vast majority of it.”
Reports in the Guardian and Washington Post newspapers on telephone and Internet surveillance revived a debate that has repeatedly flared since the Sept. 11 attacks about the proper balance between American civil liberties and protection against terrorist threats. The news came as President Barack Obama is being challenged over his regard for individual privacy and constitutionally guaranteed freedom of the press.
U.S. Director of National Intelligence James Clapper acknowledged the Internet and telephone data-collection efforts in two statements circulated by the White House late last night. Responding to the Post and the U.K.-based Guardian reports, he called the surveillance a vital tool in fighting terrorism.

Protect Nation

“Information collected under this program is among the most important and valuable foreign intelligence information we collect, and is used to protect our nation from a wide variety of threats,” Clapper said of the Internet effort.
The Post and the Guardian reported yesterday, citing classified documents, that the FBI and NSA had accessed the central servers of nine U.S. Internet companies, extracting audio and video chats, photographs, e-mails, documents and connection logs. Code-named PRISM, the program traces its roots to warrantless domestic surveillance efforts under former President George W. Bush.
Microsoft Corp. (MSFT), Yahoo! Inc. (YHOO), Google Inc. (GOOG), Facebook Inc (FB)., and Apple Inc. (AAPL) were among the technology providers involved, the newspapers reported. The companies issued statements last night either denying that they had granted the government access to their servers or saying that they were unaware of the program.

Court Restrictions

The Post said the operation, which began in 2007, has grown exponentially and become the most prolific contributor to the president’s daily intelligence briefing, providing raw material for almost one in seven reports. Part of the Defense Department, the NSA runs computer centers analyzing huge databases.
Clapper said the program to tap Internet companies’ servers of “cannot be used to intentionally target any U.S. citizen” or anyone located within the U.S.
Both programs are authorized under the Foreign Intelligence Surveillance Act, Clapper said, and subject to supervision by members of Congress. Data collected are subject to limits by the Foreign Intelligence Surveillance Court, he said.
On the telephone program, he said, “the court only allows the data to be queried when there is a reasonable suspicion, based on specific facts, that the particular basis for the query is associated with a foreign terrorist organization.”
The telephone surveillance, sought by the Federal Bureau of Investigation and approved by the court on April 25, requires Verizon to provide the NSA with information for three months on calls inside the U.S. and between the U.S. and other countries on a daily and “ongoing” basis, the Guardian reported.

Broad Support

The American Civil Liberties Union last night condemned the data collection described by the Post and Guardian as an abuse of power and called on U.S. lawmakers to investigate.
“Unchecked government surveillance presents a grave threat to democratic freedoms,” ACLU Deputy Legal Director Jameel Jaffer said in an e-mailed statement. “These revelations are a reminder that Congress has given the executive branch far too much power to invade individual privacy.”
The Justice Department, as part of its inquiries into leaks of national-security information, has also obtained secret search warrants for telephone records of journalists from the Associated Press and Fox News, prompting protests from U.S. lawmakers and media-advocacy groups.
Some lawmakers yesterday blasted the breadth of the surveillance. Senator Charles Schumer, a New York Democrat, demanded an explanation for a program he called “invasive.”
“One thing I have not heard is what the explanation is for needing to do this,” Schumer told reporters.

‘Broad Support’

House Speaker John Boehner, an Ohio Republican, said Obama should explain to the American people what he’s doing. The president has the “responsibility to outline what these tools are and how they are being used,” Boehner told reporters.
Still, any effort to limit government surveillance authority “seems unlikely given the broad support counter-terrorism programs have had from congressional leadership,” said Matt Miller, former public affairs director for the Justice Department under Obama and previously a staff member for House and Senate Democrats’ campaign organizations.
“Some of the criticism today is of the brand ‘I can’t believe you’re doing this thing I authorized you today do,’ which is just a little disingenuous,” said Miller, now a partner in the policy and crisis management firm Vianovo LP.
Senate Intelligence Committee Chairman Dianne Feinstein, a California Democrat, and Saxby Chambliss of Georgia, the panel’s top-ranking Republican, said that the telephone surveillance is legal and that they have been kept informed under the law.

‘Good Intelligence’

“Terrorists will come after us if they can, and the only thing we have to protect us is good intelligence,” Feinstein told reporters. She said the telephone data had stopped multiple plots, though she would not provide any details.
The Bush administration started the so-called Terrorist Surveillance Program in the aftermath of the Sept. 11 attacks, when agencies began secretly conducting electronic surveillance on U.S. phone calls and e-mails without court warrants.
Congress passed a law in 2008 codifying parts of the program and authorizing intelligence agencies to get broad electronic surveillance orders from the Foreign Intelligence Surveillance Court. In 2012, there were 212 such FISA orders, known as “business records requests,” according to a letter from the Justice Department to Reid. The letter doesn’t specify the targets or scope of the requests.

‘Real Debate’

That 2008 law updated the more than three-decade-old Foreign Intelligence Surveillance Act. It lets intelligence agencies monitor the e-mail, Internet activity and phone calls of non-U.S. citizens reasonably believed to be located outside the U.S. and involved in terrorist activities or other crimes. Congress voted last year to extend it until the end of 2017.
Senator Ron Wyden, an Oregon Democrat who tried and failed to include stronger civil liberties protections the last time the law authorizing counter-terrorism surveillance was renewed, said he hoped disclosure of the monitoring would provoke “a real debate in the Congress and the country.”
Senator Bob Corker of Tennessee, the top Republican on the Senate Foreign Relations Committee said there could be a “very simple solution” to address concerns Americans have about their data “being stored, and potentially looked at, without them necessarily being singled out as someone who might be causing harm for our nation.” He declined to elaborate.

Little Outrage

Still, there were few signs of outrage as senators filed out of a closed meeting held by the Senate Intelligence Committee on the program. Senators Marco Rubio, a Florida Republican, Tom Coburn, an Oklahoma Republican, and Al Franken, a Minnesota Democrat, told reporters that the surveillance program is operating under sufficient legal controls.
Feinstein and Chambliss, briefing reporters, said the telephone information collected is dumped into a government database and then used to respond to specific threats.
The surveillance program creates “a telephone book” of data and cannot be accessed without “reasonable, articulable suspicion that the records are relevant and related to terrorist activity,” Feinstein said.
The court order covers telephone numbers as well as the location and duration of calls, but not the content of users’ conversations, according to a copy of the order published by the Guardian and posted on its website.

Supreme Court

The Supreme Court has never ruled on the constitutionality of such a sweeping surveillance program. In February, the court voted 5-4 to bar a challenge by lawyers and civil-rights activists to a federal law that allows government wiretapping of international phone calls and e-mails.
The majority didn’t rule on the surveillance program itself, instead saying the opponents lacked “standing” to sue because they hadn’t shown they were being harmed.
“The stories published over the last two days make clear that the NSA -- part of the military -- now has direct access to every corner of Americans’ digital lives,” said the ACLU’s Jaffer, who argued the case before the Supreme Court. “Powers exercised entirely in secret, without public accountability of any kind, will certainly be abused.”
Clapper last night criticized the release of previously classified information about surveillance efforts and said the Post and Guardian articles had left out important context about the usefulness of the programs and their privacy safeguards.
“The unauthorized disclosure of information about this important and entirely legal program is reprehensible and risks important protections for the security of Americans,” Clapper said of the report on the Internet data.

Google-Led Denials Leave Room for U.S. Web Surveillance

Minutes after the Washington Post published a report detailing how the U.S. government tapped into the servers of nine companies to spy on communications, the denials began.
Apple Inc. (AAPL), Google Inc. (GOOG) and Microsoft Corp. (MSFT) led the charge, saying they don’t give the government access to servers where the data is kept. Some said yesterday they don’t hand over user information without a court order. Others said that they hadn’t even heard of the U.S. program, code-named PRISM.

Even without companies’ consent, academics and computer-security specialists say, there’s a broad range of ways the government can harness the systems of the largest technology providers to snoop on e-mail, photos and video chats coursing through the Web.
“It’s likely that the denials from these companies are literally true, but they don’t tell the whole story,” said Matthew Blaze, associate professor of computer and information science at the University of Pennsylvania.
The administration of President Barack Obama confirmed the existence of classified programs to collect data on U.S. residents’ telephone calls and foreign nationals’ Internet activity on June 6, a day after the U.K.’s Guardian newspaper reported on a secret court order compelling Verizon Communications Inc. (VZ) to provide the National Security Agency with data on customers’ phone use. The Washington Post article was also published on June 6.
Obama has defended the practice, saying the government’s efforts are “modest encroachments” on privacy legally authorized by Congress and important to thwarting terrorist attacks.

‘Direct Access’

AOL Inc., Apple and Paltalk.com all released statements saying they’ve never heard of the PRISM program and don’t give the government direct access to servers without a court order.
“We have not joined any program that would give the U.S. government -- or any other government -- direct access to our servers,” Mountain View, California-based Google said in a blog posting. “Indeed, the U.S. government does not have direct access or a ‘back door’ to the information stored in our data centers.”
Facebook Inc (FB)., Yahoo! Inc. and Microsoft said they only hand over data to the government when required by law to do so.
“When companies like Yahoo or Apple say they do not provide ‘direct access,’ it is hard to know what they mean by ‘direct,’” said David Wagner, a computer-science professor at the University of California, Berkeley. “Maybe they just mean that they believe there are protocols to limit access, but who knows how effective or stringent those protocols are, or who administers those protocols -- is the NSA overseeing themselves?”

Big Database

Even without companies knowingly participating, there are a number of ways the government could gather data.
Some scenarios are straightforward, including the NSA assembling a massive database that cross-references public information on social media accounts with government records from tax filings and driver’s licenses, according to Avi Rubin, professor of computer science at Johns Hopkins University.
“A lot of the pages on Facebook and LinkedIn and Google Plus are open and public,” he explained. “A likely theory is that the NSA is just comparing that data to other open data like people’s driver’s licenses -- that would actually be a difficult undertaking requiring a lot of computing power, which the NSA would be completely capable of doing.”
The NSA could also use readily available computer software and hardware to intercept electronic communications without the knowledge of Internet companies, Carl Herberger, a vice president for the network-security company Radware Ltd. (RDWR), said in an interview.

Without Notification

The technology can be installed at communication centers operated by Internet-service providers, said Herberger, whose company is based in Tel Aviv, Israel, and has offices in New Jersey.
The technology, which Radware sells, can intercept communications or make copies of communications, as well as break encrypted messages, Herberger said.
“There’s no need to necessarily notify any of these Internet companies,” Herberger said. “Today, almost everything that’s being done on the Internet has the capacity to be archived and reviewed.”
Herberger said he had no direct knowledge of the PRISM program and that his company doesn’t sell the intercept technology to the U.S. government.
Mining data associated with people’s communications is hardly new for the government, said Michael Reiter, a professor of computer science at the University of North Carolina at Chapel Hill. The Patriot Act, which was passed in response to the terrorist acts of Sept. 11, 2001, authorized secret U.S. surveillance of phone calls and e-mails.

Courts, Hacks

Still, a government hack of corporate servers to obtain that type of information is unlikely, Reiter said.
“It’s certainly more difficult to do that and far riskier to do that than it is to just go get the court order,” he said. “It doesn’t make sense to me that the government would try to do it.”
Direct NSA access to the servers of Google, Facebook or other companies would likely require a secured space in their data centers known as a SCIF, for Sensitive Compartmented Information Facility. When AT&T Inc. provided the NSA access to customer phone calls as part of a secret Bush administration phone-tapping program, technicians reported seeing a secure room being constructed to protect the NSA’s equipment, according to court documents.
At Facebook, owner of the largest social-networking service, no such SCIF exists, according to a person familiar with the company’s data centers who asked not to be identified because the person wasn’t authorized to speak on the matter.

Hardware, Cables

Another point of entry for the government might be working with Internet-service providers that manage hardware and cables over which data flows, according to Aaron Massey, associate director of ThePrivacyPlace.org.
The NSA or another government agency could tap into the raw data feed running through these networks, with the cooperation of telecommunications providers.
In this way, it’s “possible for the companies not to be involved at all,” he explained. At the same time, this method makes it dramatically harder since the government “would have to decipher their data format,” he said.

Billions of Phone Calls Mined by U.S. Seeking Terrorists

 Collect telephone numbers for billions of U.S. calls, load the information into super-fast computers and you can start building a map of connections revealing patterns or oddities to help spot a terrorist.

The U.S. government’s primary electronic surveillance arm, the National Security Agency, is doing just that -- vacuuming up U.S. phone records and, at least in certain circumstances, analyzing them to develop leads that authorities can pursue to identify and stop terror plots.
Members of Congress confirmed yesterday that they knew about a top-secret court order compelling Verizon Communications Inc. (VZ) to turn over data about its customers’ calls, continuing an intelligence-gathering effort that started under President George W. Bush.
The NSA receives only numerical information, known as metadata, about phone calls: the originating and receiving phone numbers, calling-card numbers, the duration of a call and identifying information about mobile phones, according to a copy of the court order that the U.K.’s Guardian newspaper published on its website.
The program gathering phone-call data “does not allow the government to listen in on anyone’s telephone calls,” White House spokesman Josh Earnest told reporters yesterday. “The information acquired does not include the content of any communications or the name of any subscriber. It relates exclusively to call details, such as a telephone number or the length of a telephone call.”

Reasonable Suspicion

The government is barred “from indiscriminately sifting through the telephony metadata acquired under the program,” Director of National Intelligence James Clapper said in an e-mailed statement late last night.
The special court provided under the Foreign Intelligence Surveillance Act “only allows the data to be queried when there is a reasonable suspicion, based on specific facts, that the particular basis for the query is associated with a foreign terrorist organization,” Clapper said.
Telephone calling data isn’t the only information pouring into the NSA’s computers: The Washington Post and the Guardian reported late yesterday that the government has access to internal data at nine Internet companies and is culling photographs, e-mails, audio and videos. The program, initiated in 2007, is code-named PRISM, the newspaper said.

Clapper said in a second statement that the Internet surveillance involves “extensive procedures, specifically approved by the court, to ensure that only non-U.S. persons outside the U.S. are targeted, and that minimize the acquisition, retention and dissemination of incidentally acquired information about U.S. persons.”

Mapping Conversations

The metadata on phone calls enables the U.S. spy agency to map networks of conversations around the world and to study patterns, said one former NSA official, who asked not to be identified describing intelligence practices. He declined to discuss specifics of NSA programs.
The operation is the national security version of Big Data, the mining of massive pools of information. Companies such as Amazon.com Inc., Google Inc. (GOOG), General Electric Co. and International Business Machines Corp. (IBM) are using such data analytics for insight into areas including consumer behavior, manufacturing, dairy farming and genetics.
Telephone records collected through the NSA surveillance program were used to thwart a “significant” terrorist plot within the “the last few years,” House Intelligence Committee Chairman Mike Rogers, a Michigan Republican, said yesterday. He declined to provide details of the incident.

Years Ahead

The NSA boasts of its computer intelligence capabilities.
“NSA’s systems environment is a haven for computer scientists, with vast networks able to manipulate and analyze huge volumes of data at mind-boggling speeds,” the agency said in a help-wanted posting on its website. “Computer scientists at NSA have access to acres of hardware” and “software years ahead of current commercial technology,” according to the ad.
Officials didn’t give a clear picture yesterday of precisely what the NSA does with the telephone metadata, citing the classified nature of the program.
Senate Intelligence Committee Chairman Dianne Feinstein, a California Democrat, likened the information to “a telephone book of the numbers” and said that “if, through another way, information comes to the FBI that there is reasonable suspicion that a terrorist act -- conspiracy, planning, carrying out -- is going on, they can access those records.”

Ferreted by Computer

Senator Saxby Chambliss of Georgia, the top Republican on the intelligence committee, said the program is seeking “somebody in contact with somebody that we know to be a known terrorist.”
“All these numbers are basically ferreted out by computer,” Chambliss told reporters. “If there’s a number that matches a terrorist number that has been dialed by a U.S. number, or dialed from a terrorist to a U.S. number, then that may be flagged.”
The Guardian reported that the Foreign Intelligence Surveillance Court on April 25 had approved an FBI request to obtain information from Verizon about phone calls inside the U.S. and between the U.S. and other countries on a daily and “ongoing” basis.
The spy agency has been collecting phone records of U.S. citizens from all phone companies and not just Verizon, William Binney, a former NSA analyst turned critic, told the news program “Democracy Now” in an interview yesterday.

Collected Daily

“When you add the rest of the companies in, my estimate was that there were probably three billion phone records collected every day on U.S. citizens,” Binney said. “That doesn’t count the e-mails. And they’re avoiding talking about e-mails there, because that’s also collecting content of what people are saying. And that’s in the databases that NSA has and that the FBI taps into.”
Feinstein and Chambliss said the program had been going on for seven years, and that Congress was informed about the data-collection effort.
If the data-gathering is as benign as the lawmakers said, “what’s the secrecy all about?” said James Bamford, author of “The Shadow Factory,” a 2008 book about the NSA.
“The real story is this is a complete, outrageous expansion of the surveillance state,” Bamford said in a phone interview. “The fact that we are talking is now sitting in some NSA vault even if what we are saying is private. Why should people in a democracy pay taxes to have their privacy violated like that? This isn’t East Berlin during Cold War.”
The spy agency’s use of the information is strictly monitored under the law, former Director of National Intelligence Dennis Blair, a retired Navy admiral, said in a phone interview. “The NSA stores and uses the information from U.S. communication in strict accordance” with procedures “that are very carefully laid out and monitored.”

Mapping Hierarchy

Computer analysis of the telephone data is similar to techniques used before the electronic era to develop intelligence about adversaries, mapping the hierarchy of an enemy’s military units, learning who reported to whom and who commanded which units, the former NSA official said.
Analyzing telephone data to develop potential leads for further investigation also lowers operational costs because deploying human spies is both expensive and dangerous, the former official said.
The U.S. had about 326 million mobile phones at the end of 2012 and generates about 2.3 trillion minutes of voice calls and 2.19 trillion text messages a year, according to CTIA-The Wireless Association, an industry group based in Washington.
The government collects vast amounts of data that become valuable “when you can connect it with something else that arrives at a future point in time,” CIA Chief Technology Officer Ira “Gus” Hunt said at a technology conference in March.
“Since you can’t connect dots you don’t have, it drives us into a mode of we fundamentally try to collect everything and hang onto it forever -- forever being in quotes, of course,” Hunt said.

Facebook outraged at PRISM, Google, Microsoft and AOL deny all knowledge

Faecbook website frontpage
Facebook, Google, Microsoft and AOL have quickly moved to deny all knowledge of the PRISM surveillance programme, and express their distaste for such a monitoring system.

According to reports leaked last week, both the US and UK governments have been tapping into personal data held by nine technology firms including Google, Facebook, Apple and Microsoft for surveillance purposes.

However, the technology firms accused of enabling collection directly from their servers have denied they are part of the PRISM programme.

Facebook chief executive Mark Zuckerberg has posted a message on the social network about “the outrageous press reports” about the surveillance project.

“Facebook is not and has never been part of any programme to give the US or any other government direct access to our servers,” he maintained. “We have never received a blanket request or court order from any government agency asking for information or metadata in bulk, like the one Verizon reportedly received. And if we did, we would fight it aggressively. We hadn't even heard of PRISM before yesterday.”

Zuckerberg also used his response to call on governments to become more transparent over data-sharing and monitoring initiavites. “It's the only way to protect everyone's civil liberties and create the safe and free society we all want over the long term,” he added.

Google expressed similar innocence to the PRISM allegations as Zuckerberg, posting a blog titled 'What the ...?' in response.
“First, we have not joined any program that would give the US government - or any other government - direct access to our servers. Indeed, the US government does not have direct access or a 'back door' to the information stored in our data centres,” Google chief executive Larry Page and legal head David Drummond noted. “We had not heard of a programme called PRISM until yesterday.”
Page and Drummond went on to explain that though the company does get requests for user data occasionally, it has never received the sort of sweeping, large-scale request said to have been made to US telco Verizon and would be shocked had the company been put in such a position.

Microsoft and AOL were also quick to squash rumours of their PRISM involvement, although with less outrage and in a much more concise fashion than Facebook and Google.

Microsoft’s statement reads: “We provide customer data only when we receive a legally binding order or subpoena to do so, and never on a voluntary basis. In addition we only ever comply with orders for requests about specific accounts or identifiers. If the government has a broader voluntary national security program to gather customer data we don’t participate in it.”

AOL has posted its own similar statement: "We do not have any knowledge of the Prism programme. We do not disclose user information to government agencies without a court order, subpoena or formal legal process, nor do we provide any government agency with access to our servers."
The other firms named by the Washington Post as having their customer data collected by the NSA - Yahoo, Apple and PalTalk - have yet to release official statements on PRISM. Skype is owned by Microsoft, while YouTube is owned by Google.

Google denies all knoweldge of PRISM fiasco

Google logo (Robert Scoble Flickr)
As expected, the recent revelation of the US PRISM surveillance programme has sent technology firms and rights groups scrambling to their public relations podiums to get their sides of the story and opinions on the matter heard.
The fallout continued on Friday, when Google moved to clarify its stance on the matter. The company had been named as one of the prime surveillance targets of PRISM, but according to chief executive Larry Page and legal head David Drummond, the company has hardly been a willing contributor to the surveillance archive.
“First, we have not joined any program that would give the US government - or any other government - direct access to our servers. Indeed, the US government does not have direct access or a 'back door' to the information stored in our data centres,” they said.
“We had not heard of a programme called PRISM until yesterday.”
Page and Drummond go on to explain that though the company does get requests for user data occasionally, it has never received the sort of sweeping, large-scale request said to have been made to US telco Verizon and would be shocked had the company been put in such a position.
The Google honchos ended their letter to users with a hope that the entire government data collection process can become more transparent, a sentiment echoed by the Electronic Frontier Foundation. EFF attorneys Cindy Cohn and Trevor Timm called on congress to resurrect the 'Church Committee', a congressional group formed in the mid-70s to overhaul intelligence-gathering policies and grant stricter privacy protections for users.
“Congress now has a responsibility to the American people to conduct a full, public investigation into the domestic surveillance of Americans by the intelligence communities, whether done directly or in concert with the FBI,” the duo said.
“And it then has a duty to make changes in the law to stop the spying and ensure that it does not happen again.

PRISM whistleblower revealed as former CIA IT contractor

eye-spy-snoop-numbers
The whisteblower who revealed details of mass internet surveillance by the US government has stepped out of the shadows.
Edward Snowden, a 29-year-old contractor for government services firm Booz Allen Hamilton who worked at the CIA, said he felt compelled to leak top secret documents about the PRISM programme, having become appalled at the levels of intrusion.
"The NSA targets the communications of everyone," he said. "It ingests them by default. Any analyst at any time can target anyone."
Snowden conducted the interview with Guardian reporters from a Hong Kong hotel room, shown in full in the video below, where he has fled ostensibly over fears that the US government will come after him for the leaks.
The UK's GCHQ is said to be among the agencies benefitting from a massive US online monitoring operation.
The Guardian claims that the security agency is among those subscribing to PRISM, a data collection project which harvests data from the likes of Apple, Google and Facebook. The report cites documents which suggest that since 2010 GCHQ has used records harvested by PRISM in some 197 intelligence reports.
The documents make GCHQ the first known organisation tied to PRISM outside the US. Reports last week outing the program had listed the US FBI and other state agencies as the primary beneficiaries of the covert intelligence programme.

UK privacy watchdog the Information Commissioner’s Office (ICO) said on Friday that it is investigating the PRISM reports along with other European data bodies.

“There are real issues about the extent to which US law enforcement agencies can access personal data of UK and other European citizens. Aspects of US law under which companies can be compelled to provide information to US agencies potentially conflict with European data protection law, including the UK’s own Data Protection Act,” the body said in a statement issued late Friday. "The ICO has raised this with its European counterparts, and the issue is being considered by the European Commission, who are in discussions with the US government.”
For UK Pirate Party leader Loz Kaye, the news only furthers the need for concern over government surveillance.
"If GCHQ has access to this programme, then the government has some serious questions to answer. Like many, I was already concerned about the parallels between this US programme and the Snoopers' Charter," Kaye said.
"Now it seems the Communications Data Bill is the least of our worries - some of its desired, but denied, capabilities are already in place and have been since the coalition came to power."
The operation involves collecting data travelling through the US as part of a larger campaign to gather intelligence of international communications. The project was first reported by The Washington Post citing leaked government documents.
According to the reports, the PRISM archive collects and stores data from multiple US service providers including Apple, Microsoft, Google, Skype and Facebook. The collected information is then made available to US agencies for use in domestic and international investigations.
In the leaked documents, the agency notes that the archive is especially useful for overseas investigations as users will commonly rely on free or low-cost services which run through US companies.
According to the report, the PRISM programme goes back a number of years to programmes set up by the Bush administration to collect intelligence. The Washington Post alleges that members of congress have known about the archive for years but were prevented from disclosing the information.
Several of the companies named in the report have already been providing regular public reports on their government dealings. Google has long maintained a series of reports on government requests for data on users. The company reports that it declines most of those requests, and Google has denied all knowledge of PRISM.
Twitter, likewise, has begun disclosing its dealings with the US government. The company said that is has seen requests for customer information booming in recent years.

Wearable Technologies & Security


Many high-tech companies are researching wearable technologies, i.e. things that you can wear and help to make your life easier. Probably causing the biggest stir in the technology community recently are smart glasses, with Google Glass being the primary example.
Giving you visual aid with augmented reality is a fascinating thought for me. But it also sparked the discussion on what should be allowed regarding the respect of privacy. Do you need to inform your friends whenever you are filming them?
Maybe a red LED in your glasses should turn on whenever you are recording, taking the term “evil eye” to a whole new level. If you search the Web for people who are planning on extending the built-in functionality of the Google Glass, you will come across all kinds of interesting integration ideas, including the controversial face-recognition feature.
But there are quite a few other wearable devices worth discussing. From smart bracelets and intelligent shoes to watches that can interact with other objects all devices that are available to purchase. Recently at the D: All things Digital conference (D11), a few more prototypes were revealed to the public.
For example, Motorola demonstrated an electronic circuit tattoo that could be used to authenticate a person, acting as a key. They even went one step further and introduced a pill that would be able to transmit a signal from within your body once swallowed. Both ideas would render your body into something like a password token – something you are  that could be used for authentication purposes.
Of course, we already have similar technologies my car opens magically at the touch of my finger. Or RFID cards that you can wear in your pocket. Not forgetting biometric factors. After all, your fingerprint is something you always have with you. Unfortunately, fingerprint readers are not contactless, so it might not be as convenient as the wireless technology.
Conversely, broadcasting signals always raises concerns about privacy and tracking. We have seen this concern in most countries where RFID passports were introduced. Even if you can’t extract the secret key from the chip to impersonate someone, you might still be able to generate a digital fingerprint response that allows you to start creating a tracking profile.
This is one of the reasons that many people are using faraday-cadging wallets that block any unwanted RFID reading. I don’t think that we will have to wear faraday shield T-shirts anytime soon, but those are some of the challenges that we need to solve with regards to wearable authentication tokens when we want to have a broad acceptance rate.
Still, it is an interesting field and would definitely help some people who always forget their passwords – unless, of course, they forget to take their pill. It could also solve the problem of weak passwords as they would be strong by default and could act as a master password for a password safe.
But we will have to wait and see how these concepts get implemented and if people are willing to wear such devices. Depending on this, it might still be possible to attack these systems, or just steal an authenticated session by ignoring the password completely.
In any case, we at Symantec are curious about what the future holds and are closely monitoring scam emails to see if they begin asking you to send your pill to them instead of offering cheap pills for you.

Iran ups cyber attacks on Israel


Israeli Prime Minister Benjamin Netanyahu accused Iran and its Palestinian and Lebanese allies on Sunday of carrying out "non-stop" cyber attacks on major computer systems in his country.
He gave no details on the number of attacks but said "vital national systems" had been targeted. Water, power and banking sites were also under threat, he added.
"In the past few months, we have identified a significant increase in the scope of cyber attacks on Israel by Iran. These attacks are carried out directly by Iran and through its proxies, Hamas and Hezbollah," he told a conference on cyber warfare in his country's commercial hub Tel Aviv.
"Despite the non-stop attacks on us, you hear only about a few of them because we thwart most of them," he added.
Netanyahu established a national cyber directorate in 2011 charged with protecting Israel's computer systems from disruption.
Israel and the United States are widely believed to be behind a series of cyber attacks in recent years against an Iranian nuclear program they say is aimed at developing atomic weapons. Iran says its nuclear activities are peaceful.
Two months ago, Israel said it weathered a pro-Palestinian cyber attack campaign against government websites. Israeli officials said those attacks briefly disrupted several sites and security protocols were updated in response.

6.5 Million LinkedIn Passwords Leaked Online

A Russian web user claimes to have hacked LinkedIn, uploading 6,458,020 encrypted passwords (without user names) as proof.
The slight glimmer of hope, is that the passwords are encrypted with the SHA-1 cryptographic hash function, used in SSL and TLS and generally considered to be relatively secure, but not foolproof.
Unfortunately though, it seems that the passwords are stored as "unsalted hashes" which makes it easier to decipher them using pre-computed data. Simply put, this means that a web hacker with malicious intent might be able to crack the majority of  passwords in a relatively short period of time.
A few news outlets have highlighted the possibility that the password collection is not genuine, however some credible sources on Twitter and from across the web only add credibility to the story (one article I read, the user had found his password on the list).
A Finnish Security Firm (Cert-Fi) has posted a warning about the incident, stating that it is "likely" that whoever hacked linkedIN possesses the accompanying user names as well.
We searched the released passwords to look for our password (having hashed it), and thankfully we are not on there! The release of passwords only accounts for about 5% of users - so chances are you are not affected, but if you want to be sure, and you are a Linked In user, we strongly recommend you change your password right now.
Furthermore, if you used that password on any other online service, we recommend you change those passwords as well!

Syrian hackers say attack on Haifa facilities was successful

A Syrian hackers' group paraded the secret information it has allegedly obtained from Israeli websites by means of a cyber attack, transferring it to Israel's regional foe Iran.
Two weeks after Yitzhak Ben-Yisrael, chairman of the National Council for Research and Development, said Syrian Electronic Army’s hackers attempted two weeks ago to launch a cyber attack against Haifa's water system, failing, the semi-official Iranian news agency FARS published the documents, complete with writings in Hebrew, allegedly obtained in the course of the attack against the websites of Haifa's municipal services.
The Syrian Electronic Army said the attack was carried out in response to the alleged Israeli strike on Damascus weaponries last month. They claimed they managed to seriously disrupt a number of municipal services. Haifa Mayor Yona Yahav denied any knowledge of such attack, saying "We are not aware of any such attempt by Syria, but we do know that Haifa, as the north's symbol, is a strategic target for our enemies."
In response to the Israeli denials, the group issued a statement saying they are transferring some of the documents they obtained to Fars, the first outlet to report the attack. "This is just one example of the information and documents we obtained in the course of many cyber attacks. For obvious reasons, we cannot allow the public to access the classified information we have obtained," the statement read.
The Syrian group added they could have detonated a blast at the Israeli city, yet decided against it to prevent civilian casualties