Monday 26 August 2013

Next Microsoft CEO faces rocky road in easing NSA-fueled privacy worries

When Microsoft Chief Executive Steve Ballmer steps down in the next 12 months, his successor will be left with the task of easing rising privacy concerns fueled by reports of massive Internet snooping by the U.S. National Security Agency.
Ballmer announced his plans for retirement on Friday, saying the company needed someone who would be with Microsoft long enough to see through its transition from a software maker to a "devices and services" business.
The next CEO will have to provide a much better strategy than Ballmer on moving Microsoft into the fast-growing tech markets Ballmer missed early on, including the shift in Internet advertising to search and the movement from PCs to tablets and smartphones.
On top of all that, the new top executive will have to guide the company in mistrustful overseas markets shaken by the steady stream of media reports of NSA Internet data gathering.
In the latest fallout from the NSA's terrorist-hunting, the German national weekly newspaper Die Zeit reported that experts are warning the government not to use Windows 8 or its successor because they contain a backdoor that could be exploited by the U.S. agency.
Ironically, the offending technology, called Trusted Computing, is the foundation for a much higher level of security than what has existed in Windows PCs in the past.
What Microsoft has done is link the operating system to a special chip called a Trusted Platform Module. Working together, the technologies provide Microsoft a protected channel for automatic updating and monitoring for software piracy.
Specifications for the architecture come from the Trusted Computing Group, a non-profit organization whose members include the biggest names in the U.S. tech industry, including Microsoft, IBM, Cisco, Hewlett-Packard and Intel.

Report: NSA broke into UN video teleconferencing system

IDG News Service — The U.S. National Security Agency reportedly cracked the encryption used by the video teleconferencing system at the United Nations headquarters in New York City.
In June 2012 the NSA department responsible for collecting intelligence about the U.N. gained "new access to internal United Nations communication," German magazine Der Spiegel reported Monday based on information from secret NSA documents provided by former NSA contractor Edward Snowden.
The NSA technicians were able to crack the encryption used by the U.N.'s internal video teleconferencing (VTC) system allowing VTC traffic to be decrypted. "This traffic is getting us internal UN VTCs (yay!)," one of the internal NSA documents said, according to Der Spiegel.
In less than three weeks, the number of U.N. communications that the NSA managed to intercept and decrypt rose from 12 to over 450.
According to another NSA internal report from 2011, the agency caught the Chinese spying on the U.N. and managed to tap into their signals intelligence (SIGINT) collection to gain insight into high interest and high profile events at the time.
Media reports in June based on documents leaked by Snowden claimed that the European Union mission to the U.N. in New York and its delegation in Washington, D.C. have also been bugged by the NSA, prompting E.U. officials to demand answers from the U.S. government.
The NSA was able to maintain persistent access to computer networks at E.U. delegations in New York and Washington by taking advantage of the Virtual Private Network (VPN) linking them, Der Spiegel also reported Monday.
"If we lose access to one site, we can immediately regain it by riding the VPN to the other side and punching a whole [sic] out," an internal NSA presentation said, according to the German magazine. "We have done this several times when we got locked out of Magothy."
"Magothy" is the internal code name used by the NSA for the E.U. delegation in Washington, D.C. The code name used for the E.U. mission in New York is "Apalachee."
New security systems were installed to protect the restricted area hosting the server room at the offices of the E.U. delegation to the U.N. in New York a few weeks ago, following the June reports about the NSA targeting the E.U.'s diplomatic missions in the U.S., Der Spiegel said. An investigation was launched and technicians have searched for bugs and checked the computer network.

Google Owned hacked Redirected to Morocco

Hackers have subverted the domain name system (DNS) records that link site names with Internet Protocol (IP) addresses for Google's Palestine domain, and put up a defaced home page with an anti-Israel message.
The attack took place earlier this morning, but it's not known how it happened. An Arab-language forum, hackteach.org is linked to from the defaced Google.ps home page, and describes itself as the "Network wrath of Palestine 2013-2014".
The hackteach site also contains discussions threads on DNS hijacking and google.ps being breached and is currently being served up for Australian users from Cloudflare's network in Sydney.
As of writing, Google.ps was being served up from a network operated by Genious Communications in Marrakesh, Morocco.
However, a DNS trace by iTnews showed that the registered name servers for the domain as per whois data still return an answer with an Internet Protocol address on Google's network for google.ps.
Google has not provided any official comment on the hack.

Anonymous leaks thousands of records days after FBI claims it dismantled the hacktivist group

After the FBI said their investigations into, and subsequent arrests of, several Anonymous supports led to the dismantling of the loosely associative group and a decline in their activities, Anonymous responds by leaking thousands of compromised records.
Austin Berglas, the assistant special agent in charge of the FBI's cyber division in New York, told Huffington Post last week that the agency dismantled Anonymous' leadership, leading to a drop in action from the multi-faceted collective.
"The movement is still there, and they're still [yakking] on Twitter and posting things, but you don't hear about these guys coming forward with those large breaches. It's just not happening, and that's because of the dismantlement of the largest players...," Berglas said.
As recorded on Twitter, the public voice for many Anons, the initial reaction was laughter. One commenter compared the claim to President George W. Bush's "Mission Accomplished" moment. Another shared his thoughts with an image that resonated with dozens of Anons and supporters a picture of Tom Cruise laughing.
But for those who watch Anonymous and their interactions with law enforcement, including Gabriella Coleman, an anthropologist whose work focuses on hackers and activism, the FBI's statements came as no surprise.
"The FBI and transgressive hackers have long been locked in a battle of taunts although hackers have a lot more leeway in expressing their true feelings when they want and how they want to. The FBI has been awfully careful and restrained in their statements about LulzSec and Anonymous and it seems like someone finally just broke down and spoke their mind," Coleman explained to CSO, when asked for her thoughts on the incident.
At the same time, she added, it was a big deal to nab many of the LulzSec and a few of the AntiSec hackers. In 2011, especially early on in the summer months, the two groups ran roughshod over the networks of law enforcement, government contractors, and private business. It was only a matter of time before someone was arrested for their actions, or relation to those committing them.
"Nevertheless, despite the mantra that LulzSec was composed of 6 individuals, there were more participants. My sense is that some have receded into the shadows to refuel and do work more discretely. The most recent hack was just a reminder that they are still around and can spring into action if need be," Coleman said.
With the FBI's apparent challenge issued, Anonymous responded by releasing several documents, with thousands of lines of personal information. Adding insult to injury, the collective used a restaurant's compromised website, Texas' The Federal Grill, to host them.
The restaurant was unknowingly mirroring the leaked data for days before someone took action and removed the files. Calls to the restaurant itself confirmed that most of the staff were unaware of the incident.
Still, the fact that the Federal Grill's website was selected to host the documents wasn't an accident. There was lulz, or amusement, to be gained by hosting the stolen data on server with that specific domain name.
"...where better to grill the fedz than at the federal grill (sic)," commented one Anonymous Twitter account, OpLastResort, when asked about the choice to use a compromised domain to host the documents.
While lulzy, Coleman said, hosting the data on a compromised domain also makes the point that there are "many places [Anonymous] can enter and take a seat at the counter, if need be."
When it comes to the files, the source of the records appears to be the FBIs Regional Forensics Computer Laboratory (RFCL). One document contains a list of first and last names, email addresses, location (state), InfraGard status, Operating system type, browser type, and IP address. The document appears to be a registration list taken from a website's database for a law enforcement webinar. A majority of those listed are active law enforcement.
Moreover, there's a sorted list of 19,329 law enforcement email addresses. This list spans several states and agencies, and many of the email addresses are formatted with the person's name, but others use what seems to be a badge number. An extracted SQL file, taken from the RFCL database, contains additional addresses. After that, a list of names, agency assignment, and cell phone numbers (claimed to be BlackBerry), were also published.
In addition to personal and sensitive information, Anonymous also published a copy of a field guide on forensics, focused on live capture (Live Capture Field Guide: What every law enforcement officer must know), and a computer system seizure worksheet.
Outside of law enforcement, the leaked data also included what was claimed to be the full details of every single employee at Federal Reserve Bank of America.
The file, a spreadsheet titled SWAG, contains email addresses, phone numbers, and full names for Federal Reserve employees, as well as other information such as employment assignments. In a statement the Fed said that the leaked data was likely stolen during a breach earlier this year, details of which were made public in February.
Before the Fed issued a statement noting that the data wasn't from a recent breach, others who viewed the leaked law enforcement information questioned its age, speculating that it was taken some time ago and only recently released.
Even if the data is old, it was still compromised. The lesson for business leaders and administrators is clear, it is entirely possible for an organization to be breached and not know about it until long after the fact, if at all.
For their part, most Anons have moved on from the FBI's victory dance. As usual, different groups of people in various parts of the world, from all walks of life, are turning their attentions to things that drive their passions. These days, human rights causes and privacy protections are taking priority over network security.
But if the past teaches anything, those who support Anonymous can and will shift their focus on a dime, so from a risk perspective it isn't wise to assume that a few arrests have ended their existence.

Secure online banking

There’s no doubt that online banking is a convenient method of managing your finances and although banks are making the services more secure every year there are still some precautions you need to take to keep your accounts secure.  
Unfortunately, hackers are still targeting banks as a way of accessing people’s identities – not just their cash. Staying secure is simple enough though if you use your common sense.

Passwords and sealed lips
It seems obvious, of course, but never writing down your passwords or revealing them to others is the first step in making online banking more secure. The structure of the password is also important. Including lower case and upper case letters and one or two numbers will make it more difficult for hackers to decode your password. The longer your password is the more secure it is as well, so use more than the minimum number of characters required.
Regularly changing passwords can be inconvenient, but it also makes it more difficult for anyone to steal them and access your identity. Identity theft is no joke. According to the Australian Competition and Consumer Commission, identity theft in Australia costs consumers more than $1billion annually.
One of the most obvious traps to watch for is bogus emails – these are emails asking for confirmation of your bank account details. It’s common for older people to be caught out in this way – the 50 plus age group are victims of this type of theft more often than any other. 

Online banking: there are spies and thieves among us
Although many banks do provide very secure online environments, consumers also have to take precautionary action in order to protect their identities. Bharosa, a global provider of fraud detection and multifactor online authentication solutions, works with many banks around the world. Bharosa use a tracker behind the scenes to verify not only that passwords and user names are correct, but also that the user’s computer, location and online behaviour match up. According to the company, trackers offer strong asset and transaction authentication.
The biggest threat to would-be online banking consumers are phishing and trojans. Phishing is the art of tricking someone into providing their personal information – a bogus email may be enough to do it. Trojans are software programs designed by professional hackers that detect online activity on a PC, allowing the hacker to assume the user’s identity.

Steps to protect your online identity
Installing up-to-date anti-virus software is essential, as well as ensuring that updates are downloaded regularly. Virus programs are constantly being re-written, so anti-virus software also needs to be constantly re-written and updated.
Spyware, is easy to install on any computer. It will regularly scan the computer for trojans and other programs which can potentially steal information, including your online banking passwords. In addition, some programs track key strokes – using a browser such as Firefox or API such as Robo Form that remember your passwords can help you to minimise your key strokes.
Also ensure that your wireless Internet connection is password protected. Your Internet service provider (ISP) can help. It pays to never assume a bank is doing all the work. By regularly changing passwords, keeping your anti-virus and spyware up-to-date, minimizing keystrokes and reporting dubious emails (don’t click on the links!) more people will be able to safely enjoy the convenience of online banking.

Choose a Unique Login

Most online bank accounts allow you to create your own login information, whether it is a password or user ID. When creating your account login, it is important to choose something that is unique and not easy to guess by anyone you know. Also, make sure your online bank account login is different than your other online logins.

Don’t Share Account Information – Be Cautious of Emails

A common method used by hackers to gain access to your online bank account is through deceptive emails disguised to look like it is from your bank. These emails normally contain a link to login to your online bank account. The way the scam works is by redirecting you to a phony web page that resembles your bank when you click the link. To protect your online account, always check the senders address on emails claiming to be from your bank. Most online banks will not ask you for your account number or other information via email or SMS. When in doubt contact your bank directly instead of clicking on an email link.

Keep your Login Private

In addition to creating a unique account login, you should also keep your login private. Your login information is important to the protection of your account; memorize it and avoid writing it down. Keep your login to yourself and don’t share it with anyone. If for any reason you do share your login with another person, understand that you are allowing that person to access your account and by doing do you take on responsibility for anything that person does with your login, including sharing it without your permission.

Surf the Internet Safely

When you are banking online, pay attention to your surroundings and make sure you are protecting your privacy. Never leave your computer unattended when doing your online banking, regardless of what computer you are using. Also, you should always make sure you are completely logged out of your account when you are finished with your online banking.

Check your balance often

You should check the balance of your online bank account on a regular basis. By doing so, you can ensure that your account is safe and protected against unauthorized use. You don’t even need to be logged into your banks website to check your account balance, as most online banks allow you to get your balance through the phone, text messages, or email. Some online banks even offer emails or text message alerts to notify you of certain changes in your account, such as deposits or withdrawals. These alerts can be used as added protection to make sure you are aware of your account activity.

Millions of Android users open to attacks due to old versions of OS, FBI warns

Android has become a “primary” target for malware, and nearly half its users are open to attacks due to running old versions of the OS, according to an internal bulletin reportedly from the Department of Homeland Security and the FBI.
The report, found by the website Public Intelligence, highlights an industry figure stating that 44% of Android users still run versions 2.3.3 through 2.3.7 of Android, known as “Gingerbread”. These versions have known security vulnerabilities, and the bulletin warns that federal, state and local authority workers need to ensure that devices are patched.
“Android is the world’s most widely used mobile operating system (OS) and continues to be a primary target for malware attacks due to its market share and open source architecture,” the report says. “Industry reporting indicates 44 percent of Android users are still using versions 2.3.3 through 2.3.7-known as Gingerbread-which were released in 2011 and have a number of security vulnerabilities that were fixed in later versions.”
“The growing use of mobile devices by federal, state, and local authorities makes it more important than ever to keep mobile OS patched and up-to-date. The following are some known security threats to mobile OS and mitigation steps.”
ESET Senior Research Fellow Righard J. Zwienenberg wrote in a blog post earlier this year, “The biggest problem for consumers is the enormous number of old phones running Android that are still in use, for which the operators will not release a new version. Many phones still run the very popular, but outdated, Gingerbread Android platform. Regardless of whether Google releases patches for these  versions, the phones will remain vulnerable.”
Worldwide, the number of vulnerable devices could be hundreds of millions, as Android has an 80% market share in mobile devices, according to Business Insider.
The security of Android has been highlighted this year after vulnerabilities such as the “master key” uncovered by Bluebox Labs, which the researchers claimed could affect up to 900 million devices running Android and be used by cybercriminals to “fool” devices into accepting malicious apps.

One in five adults have fallen victim to hackers – and one in 50 has lost more than $15,000, says British survey

One in five adults has fallen victim to hacks targeting their email accounts, social networking accounts or online bank accounts, according to a British survey conducted by the University of Kent. Around 16% had lost money to cybercrime, and one in 50 had lost more than £10,000 ($15,000).
On average, cybercrime has cost every British citizen £1.50 ($2.30), according to the researchers, Dr. Julio Hernandez-Castro & Dr. Eerke Boiten of the University of Kent, who used Google Customer Surveys in their research, polling groups of 1,500 people around Britain.
The figures on how many users had fallen victims to hacks were similar to those found by U.S. Google researcher Elie Burzstein, and highlight the global scope of cybercrime.
“When asked the question “Has anyone ever broken into any of your online accounts including email, social network, banking, and online gaming ones?” a surprising 18.3% (or approximately 1 in 5, virtually identical to the 18.4% found by Bursztein) answered positively. Even more worrying is possibly the fact that 6% of those surveyed said this had happened more than once (for 6.4% for USA-Bursztein).”
The researchers also attempted to quantify the financial losses involved in security compromises. Surveying 1,500 people using Google Customer Surveys, the researchers found that 11.6% of those surveyed had lost more than £65 ($100) in the past two years to online computer-based fraud.
“A very significant percentage of the population (2.3%) claimed to be quite badly hit – with losses over £10,000 ($15,000),” say the researchers, adding that further research is needed to understand these severe losses.
“Online crime has a clear impact on the lives of average UK citizens, with their accounts and credentials being compromised significantly and in some cases multiple times,” the researchers say. “This and other incidents online translate into financial losses that, despite not affecting large numbers of people, have quite a large impact on the few (around 3% of the population) that are very badly hit.”
The number of people falling victim varies widely by age, the researchers say, “Those aged in the range 55-64 answered “No” to this question rather more often than the rest- this result was consistent across areas and particularly acute in England (with 91.3% compared to an average of 70.4%),” the researchers write. “ Of course, this can be interpreted in various ways: either they are more cautious online, or spend less time, have fewer activities and accounts, or perhaps keep an overall better security.”

Iranian programmer, Gets Life Sentence For building Porn Site

Iranian computer programmer Saeed Malekpour was arrested in 2008 and confessed on Iranian TV that he developed and promoted pornographic websites. He was found guilty in 2012 of spreading corruption and sentenced to death.
The lawyer of Malekpoor told to Mehr News Agency that death sentence against his client has been converted to life imprisonment.
Last year Anti-government blogger Sattar Beheshti died in custody, other prisoners signed letter saying he had been tortured.
Internet censorship in Iran has been increasing. In the first few years of the 21st century, Iran experienced a great surge in Internet usage, and, with 20 million people on the Internet, currently has the second highest percentage of its population online in the Middle East, after Israel

China suffers major DDoS attack on .cn domain

China's Internet on early Sunday morning suffered a major distributed denial of service (DDoS) attack that briefly disrupted and slowed access to sites in the .cn domain.
The DDoS attack was the largest in history against the domain servers for China's .cn ccTLD (country code top level domain), according to the China Internet Network Information Center (CNNIC), which administers the domain.
The first attack started Sunday around midnight Beijing time, and was then succeeded by a larger attack at 4 a.m, the CNNIC said in an Internet posting. A number of sites were affected, but Internet service to the sites had been gradually restored by 10 a.m. Sunday
It's unclear where the attack originated from or if it was still continuing. A CNNIC spokeswoman said on Monday it would update the public once more information was gathered. Chinese regulators have already launched unspecified measures to protect the domain system, while CNNIC has apologized for the disruption.
China has often been accused of launching DDoS attacks. In this year's first quarter, it was the top source country for DDoS attacks, according to security vendor Prolexic. The U.S. was ranked second.
DDoS attacks can commonly work by deploying armies of hacked computers to send traffic to a website, saturating it with data so that it becomes inaccessible to normal users.
China, however, has said its facing a surge of Trojan and botnet attacks against the country. Many of those attacks are coming from the U.S., South Korea and Germany. China has also denied the country sponsors hacking, despite claims brought by U.S. officials and security vendor Mandiant that its government actively conducts cyber-espionage.