Year 2013 will be year of cyber security. CNN expects more cyber wars this year. Cybercrime is on the rise, and last year we saw more and more computer virus attacks. Security company Kaspersky Lab warns of more new cyber-threats against enterprises and mobile devices. Cyber security also relates to mobile.
Security becomes an increasingly important issue. Year 2013 is the year of cyber security. Security company Stonesoft predicts we will face a more targeted launch cyber-attacks, cyber espionage and hactivism. Cyber security is the fastest growing trend in information security and its importance will increase in the future. According to Stonesoft the current security systems are unable to provide adequate protection against targeted attacks: we require proactive cyber protection and willingness to face the unknown threats.
Hacktivism will continue. According to article Anonymous: ‘Expect us 2013′ the hacking group boasted its cyberattacks against the U.S., Syrian, and Israeli governments in 2012. They are also warning people to continue to expect this type of activity.
SCADA security was hit hard in 2012. Some of the big manufacturers hit hard have learned their lessons and test their devices more now. But how are some smaller manufacturers security testing? Metasploit has special category for SCADA
devices. Good idea to test your devices against it.
There is still work to do on Cyber security standards and SCADA standards. For example in very widely used automation security standard IEC 61508 security is addresses only in informative way (NOT MANDATORY. IEC 62443-2-4: A Baseline Security Standard for Industrial Automation Control Systems is a good starting point when thinking on SCADA systems security.
Nowadays you need to think about SCADA system security more then some years ago. Previously, it was thought that it is sufficient to isolate factory process automation system from the office networks and the Internet. This is no longer enough. Nowadays you need to think about information security of production of automation systems. You can’t keep the automation systems isolated from Internet. Accidental connections to Internet from isolated networks happen. Malware can spread through USB memory sticks (Stuxnet did that). And nowadays there are more and more business reasons to connect process automation systems to other networks. So automations system do not anymore live in complete isolation from rest of the world.
Systems with SCADA vulnerabilities have become easier to find. Hackers tap SCADA vuln search engine article tells a search engine that indexes servers and other internet devices is helping hackers to find industrial control systems that are vulnerable to tampering. Search engine Shodan easily pinpoints shoddy industrial controls. Shodan makes it easy to locate internet-facing SCADA, or supervisory control and data acquisition, systems used to control equipment at gasoline refineries, power plants and other industrial facilities. The search engine can also be used to identify systems with known vulnerabilities. Shodan makes networks more vulnerable to brute-force attacks on passwords, many of which may still use factory defaults.
Thousands of SCADA Devices Discovered On the Open Internet article tells that there are all the time news of the continuing poor state of security for industrial control systems. The pair of researchers with found found not only devices used for critical infrastructure such as energy, water and other utilities, but also SCADA devices for HVAC systems, building automation control systems, large mining trucks, traffic control systems, red-light cameras and even crematoriums. Never underestimate what you can do with a healthy list of advanced operator search terms and a beer budget.
Researchers have also found crippling flaws in GPS receivers. Global Positioning System infrastructure critical to the navigation of a host of military and civilian technologies including planes, ships and unmanned drones. GPS system is also used to generate accurate clocks in SCADA system and smart grid devices. Researchers showed that they could permanently de-synchronise the date of Phasor Measurement Units used in smart grid and cause UNIX epoch rollover in a few minutes. The overall landscape of GPS vulnerabilities is startling.
Happy now? Mobiles, cloud, big data now ‘a growing security risk’ article tells that innovations in mobile and cloud computing, social technology and the use of “big data” present an emerging risk to organisations’ IT security, experts have warned. The European Network and Information Security Agency (ENISA), which is an EU advisory body, said that those technologies would increasingly provide the platform for “most of the innovation expected in the area of IT” and warned that with their emergence would come an associated increased cyber threat. ENISA warned that the threat stemming from mobile computing comes from the fact that mobile communications take place over “poorly secured … or unsecured channels”. The most significant threat stems from hackers inserting malicious software in website browser and other software available on mobile devices. Cyber criminals could also use the capabilities of cloud computing for their own gains, such as by storing malware in those systems and using the technology as a platform to launch attacks.
Drive-by downloads attacks against web browsers have become the top web threat. More specifically, attackers are moving into targeting browser plugins such as Java (Java exploits are the major cross-platform threat), Adobe Reader and Adobe Flash. The drive-by download attacks are almost exclusively launched through compromised legitimate websites which are used by attackers to host malicious links and actual malicious code. Exploits are sold for considerable amount of money and quickly included into exploit kits.
Africa’s Coming Cyber-Crime Epidemic article tells that last decade may have just been the first step in a looming African cyber-crime wave. Africa has the world’s fastest-growing middle class, whose members are increasingly tech-savvy and Internet connected and lax law enforcement is a perfect petri dish for increased cybercrime.
European wide cyber police started. EU’s new European Cybercrime Centre (EC3) was just opened few days ago. The facility will act as the “focal point” in the EU’s fight against cybercrime, against both businesses and private citizens. EC3 will act as a hub where crime-fighters can pool expertise and information, support criminal investigations and help develop and spread best practice. It will work with industry to develop threat assessments. It will work closely with the FBI and the US Secret service, in addition to other foreign agencies.
1,930 Comments
Tomi says:
DARPA enlists hacker talent for $2m security bug-swatting challenge
Big money prizes for Capture the Flag code competition
http://www.theregister.co.uk/2013/12/06/darpa_enlists_def_con_talent_for_2m_security_bugswatting_challenge/
The US Defense Advanced Research Projects Agency (DARPA) is recruiting members of the hacking community to join its latest Grand Challenge competition: a big-money contest to build software capable of finding and fixing security holes in new code.
“We’ve looked to the expert community, the computer security community, and the contest that they used to compete and measure skills among themselves – the Capture the Flag circuit,” said Mike Walker, DARPA program manager, at a press conference on Friday.
Tomi says:
DARPA makes finding software vulnerabilities fun
DARPA creates a set of games that covertly search for software vulnerabilities
http://www.networkworld.com/news/2013/120613-darpa-makes-finding-software-vulnerabilities-276712.html
The U.S. Department of Defense may have found a new way to scan millions of lines of software code for vulnerabilities, by turning the practice into a set of video games and puzzles and having volunteers do the work.
Having gamers identify potentially problematic chunks of code could help lower the work load of trained vulnerability analysts by “an order of magnitude or more,” said John Murray, a program director in SRI International’s computer science laboratory who helped create one of the games, called Xylem.
Tomi says:
NSA morale down after Edward Snowden revelations, former U.S. officials say
http://www.washingtonpost.com/world/national-security/nsa-morale-down-after-edward-snowden-revelations-former-us-officials-say/2013/12/07/24975c14-5c65-11e3-95c2-13623eb2b0e1_story.html
Morale has taken a hit at the National Security Agency in the wake of controversy over the agency’s surveillance activities, according to former officials who say they are dismayed that President Obama has not visited the agency to show his support.
A White House spokeswoman, Caitlin Hayden, noted that top White House officials have been to the agency to “express the president’s support and appreciation for all that NSA does to keep us safe.”
Obama in June defended the NSA’s surveillance as lawful and said he welcomed the public debate prompted by revelations from former contractor Edward Snowden beginning that month.
Though Obama has asserted, for instance, that the NSA’s collection of virtually all Americans’ phone records is lawful and has saved lives, the administration has not endorsed legislation that would codify it. And his recent statements suggest he thinks some of the NSA’s activities should be constrained.
“The agency, from top to bottom, leadership to rank and file, feels that it is had no support from the White House even though it’s been carrying out publicly approved intelligence missions,” said Joel Brenner, NSA inspector general from 2002 to 2006. “They feel they’ve been hung out to dry, and they’re right.”
The NSA’s director, Gen. Keith Alexander, who is retiring in the spring after 81 / 2 years, has been the most vocal defender of the agency’s 35,000 employees.
On Thursday, Obama said on MSNBC that he would be proposing “some self-restraint on the NSA” and “some reforms that can give people more confidence.”
Morale is “bad overall,” a third former official said. “The news — the Snowden disclosures — it questions the integrity of the NSA workforce,” he said. “It’s become very public and very personal. Literally, neighbors are asking people, ‘Why are you spying on Grandma?’ And we aren’t. People are feeling bad, beaten down.”
Tomi says:
FBI’s search for ‘Mo,’ suspect in bomb threats, highlights use of malware for surveillance
http://www.washingtonpost.com/business/technology/fbis-search-for-mo-suspect-in-bomb-threats-highlights-use-of-malware-for-surveillance/2013/12/06/352ba174-5397-11e3-9e2c-e1d01116fd98_story.html
The man who called himself “Mo” had dark hair, a foreign accent and — if the pictures he e-mailed to federal investigators could be believed — an Iranian military uniform. When he made a series of threats to detonate bombs at universities and airports across a wide swath of the United States last year, police had to scramble every time.
Mo remained elusive for months, communicating via e-mail, video chat and an Internet-based phone service without revealing his true identity or location, court documents show. So with no house to search or telephone to tap, investigators turned to a new kind of surveillance tool delivered over the Internet.
The FBI’s elite hacker team designed a piece of malicious software that was to be delivered secretly when Mo signed on to his Yahoo e-mail account, from any computer anywhere in the world, according to the documents. The goal of the software was to gather a range of information — Web sites he had visited and indicators of the location of the computer — that would allow investigators to find Mo and tie him to the bomb threats.
Such high-tech search tools, which the FBI calls “network investigative techniques,” have been used when authorities struggle to track suspects who are adept at covering their tracks online. The most powerful FBI surveillance software can covertly download files, photographs and stored e-mails, or even gather real-time images by activating cameras connected to computers, say court documents and people familiar with this technology.
Tomi Engdahl says:
Tech Giants Issue Call for Limits on Government Surveillance of Users
http://www.nytimes.com/2013/12/09/technology/tech-giants-issue-call-for-limits-on-government-surveillance-of-users.html?pagewanted=all&_r=0
Eight prominent technology companies, bruised by revelations of government spying on their customers’ data and scrambling to repair the damage to their reputations, are mounting a public campaign to urge President Obama and Congress to set new limits on government surveillance.
On Monday the companies, led by Google and Microsoft, presented a plan to regulate online spying and urged the United States to lead a worldwide effort to restrict it. They accompanied it with an open letter, in the form of full-page ads in national newspapers, including The New York Times, and a website detailing their concerns.
It is the broadest and strongest effort by the companies, often archrivals, to speak with one voice to pressure the government. The tech industry, whose billionaire founders and executives are highly sought as political donors, forms a powerful interest group that is increasingly flexing its muscle in Washington.
“It’s now in their business and economic interest to protect their users’ privacy and to aggressively push for changes,” said Trevor Timm, an activist at the Electronic Frontier Foundation. “The N.S.A. mass-surveillance programs exist for a simple reason: cooperation with the tech and telecom companies. If the tech companies no longer want to cooperate, they have a lot of leverage to force significant reform.”
Tomi Engdahl says:
Facebook, Google, Twitter, and more create the Reform Government Surveillance coalition
http://venturebeat.com/2013/12/08/tech-wants-reform/
Google, Microsoft, Facebook, Twitter, AOL, LinkedIn, Yahoo have banded together to created the Reform Government Surveillance coalition saying spy tactics around the world need to change now.
“The undersigned companies believe that it is time for the world’s governments to address the practices and laws regulating government surveillance of individuals and access to their information,” the coalition website reads, “We strongly believe that current laws and practices need to be reformed.”
The NSA, the U.K.’s GCHQ, and others including Australia’s government have come under attack for their surveillance practices since former NSA-contractor Edward Snowden released many leaked documents about their spy techniques.
Tomi Engdahl says:
Global Government Surveillance Reform
http://reformgovernmentsurveillance.com/
The undersigned companies believe that it is time for the world’s governments to address the practices and laws regulating government surveillance of individuals and access to their information.
Tomi Engdahl says:
Agencies collected data on Americans’ cellphone use in thousands of ‘tower dumps’
http://www.washingtonpost.com/world/national-security/agencies-collected-data-on-americans-cellphone-use-in-thousands-of-tower-dumps/2013/12/08/20549190-5e80-11e3-be07-006c776266ed_story.html
Federal, state and local law enforcement agencies conducting criminal investigations collected data on cellphone activity thousands of times last year, with each request to a phone company yielding hundreds or thousands of phone numbers of innocent Americans along with those of potential suspects.
Law enforcement made more than 9,000 requests last year for what are called “tower dumps,” information on all the calls that bounced off a cellphone tower within a certain period of time, usually two or more hours, a congressional inquiry has revealed.
Tomi Engdahl says:
NSA morale down after Edward Snowden revelations, former U.S. officials say
http://www.washingtonpost.com/world/national-security/nsa-morale-down-after-edward-snowden-revelations-former-us-officials-say/2013/12/07/24975c14-5c65-11e3-95c2-13623eb2b0e1_story.html
Morale has taken a hit at the National Security Agency in the wake of controversy over the agency’s surveillance activities, according to former officials who say they are dismayed that President Obama has not visited the agency to show his support.
Tomi Engdahl says:
Cellphone data spying: It’s not just the NSA
http://www.usatoday.com/story/news/nation/2013/12/08/cellphone-data-spying-nsa-police/3902809/
Armed with new technologies, including mobile devices that tap into cellphone data in real time, dozens of local and state police agencies are capturing information about thousands of cellphone users at a time, whether they are targets of an investigation or not, according to public records obtained by USA TODAY and Gannett newspapers and TV stations.
The records, from more than 125 police agencies in 33 states, reveal:
• About one in four law-enforcement agencies have used a tactic known as a “tower dump,” which gives police data about the identity, activity and location of any phone that connects to the targeted cellphone towers over a set span of time, usually an hour or two. A typical dump covers multiple towers, and wireless providers, and can net information from thousands of phones.
• At least 25 police departments own a Stingray, a suitcase-size device that costs as much as $400,000 and acts as a fake cell tower. The system, typically installed in a vehicle so it can be moved into any neighborhood, tricks all nearby phones into connecting to it and feeding data to police.
• Thirty-six more police agencies refused to say whether they’ve used either tactic.
Tomi Engdahl says:
White House promises more transparency in second Open Government plan
http://www.theverge.com/2013/12/7/5185856/white-house-releases-second-open-government-plan
Earlier this week, the Obama administration released its second Open Government National Action Plan, building on an earlier initiative to make government more transparent. Both documents were published to help meet the standards of the Open Government Project, an international agreement founded by the US and seven other countries in 2011, and they’re behind much of the administration’s “big data” push, which strives to put government records in the public eye.
Tomi Engdahl says:
Clarifying Cloud Identity
http://community.centrify.com/t5/Clarifying-Cloud-Identity/What-is-SAML/ba-p/13485?ls=304-013-techmemeSaaS
Easy things first – SAML stands for Security Assertion Markup Language. It’s a standard.
So what’s it for; what problems does it solve. It’s all about providing convenience, security and scale for access to the services that business users need to do their job. These services are typically web sites although SAML can be used for any service. Note the business focus for SAML; there are other standards that solve similar problems in the consumer world.
I want to use a service; the service asks me for a user and password; it looks it up in its database. This is the classic authentication case.
The SAML world looks quite different.
I connect to a system called the IDP (Identity Provider). This system is managed by my admin ; this is the only place I need to log in. Now when I want to use a service the IDP issues a token to me, and I present this token to the service. Note I don’t see any of this; it all happens ‘by magic’.
The SAML specification describes the content of the token as well as the ‘by magic’ flow under the hood that enables it to be passed from the IDP to the service.
One of the most common issues is that services still needs to maintain a user database of some kind even though it’s not used for authentication. A service may need to make decisions based on what type of user is connecting to it; for example only some users are allowed to cancel orders in an order processing system.
Tomi Engdahl says:
Android Flashlight App Developer Settles FTC Charges It Deceived Consumers
‘Brightest Flashlight’ App Shared Users’ Location, Device ID Without Consumers’ Knowledge
http://www.ftc.gov/news-events/press-releases/2013/12/android-flashlight-app-developer-settles-ftc-charges-it-deceived
The creator of one of the most popular apps for Android mobile devices has agreed to settle Federal Trade Commission charges that the free app, which allows a device to be used as a flashlight, deceived consumers about how their geolocation information would be shared with advertising networks and other third parties.
Goldenshores Technologies, LLC, managed by Erik M. Geidl, is the company behind the “Brightest Flashlight Free” app, which has been downloaded tens of millions of times by users of the Android operating system. The FTC’s complaint alleges that the company’s privacy policy deceptively failed to disclose that the app transmitted users’ precise location and unique device identifier to third parties, including advertising networks. In addition, the complaint alleges that the company deceived consumers by presenting them with an option to not share their information, even though it was shared automatically rendering the option meaningless.
Tomi Engdahl says:
Telepathwords
Preventing weak passwords by reading your mind
https://telepathwords.research.microsoft.com/
Is your password weaker than you thought?
To help you find out, the Telepathwords weak-password prevention system will try to guess each character of your password before you type it.
Tomi Engdahl says:
Meet Paunch: The Accused Author of the BlackHole Exploit Kit
http://krebsonsecurity.com/2013/12/meet-paunch-the-accused-author-of-the-blackhole-exploit-kit/
In early October, news leaked out of Russia that authorities there had arrested and charged the malware kingpin known as “Paunch,” the alleged creator and distributor of the Blackhole exploit kit. Today, Russian police and computer security experts released additional details about this individual, revealing a much more vivid picture of the cybercrime underworld today.
First spotted in 2010, BlackHole is commercial crimeware designed to be stitched into hacked or malicious sites and exploit a variety of Web-browser vulnerabilities for the purposes of installing malware of the customer’s choosing. The price of renting the kit ran from $500 to $700 each month. For an extra $50 a month, Paunch also rented customers “crypting” services; cryptors are designed to obfuscate malicious software so that it remains undetectable by antivirus software.
Paunch worked with several other cybercriminals to purchase new exploits and security vulnerabilities that could be rolled into Blackhole and help increase the success of the software. Paunch bought the exploits to fund a pricier ($10,000/month) and more exclusive exploit pack called “Cool Exploit Kit.”
In October, shortly after news of Paunch’s arrest leaked to the media, J.P. Morgan posted to Darkode again, this time more than doubling his previous budget — to $450,000.
“Dear ladies and gentlemen! In light of recent events, we look to build a new exploit kit framework. We have budgeted $450,000 to buy vulnerabilities of a browser and its plugins, which will be used only by us afterwards! ”
The MVD estimates that Paunch and his gang earned more than 70 million rubles, or roughly USD $2.3 million. But this estimate is misleading because Blackhole was used as a means to perpetrate a vast array of cybercrimes. I would argue that Blackhole was perhaps the most important driving force behind an explosion of cyber fraud over the past three years.
Tomi Engdahl says:
Popular applications are leaking like a sieve
All of the most popular applications in a number of security holes for which data are sold to customers, as well as research and criminals on the black market.
This conclusion was made by NSS Labs, which showed that the legitimate research organizations, was known and for sale in dozens of places still non-security vulnerabilities on a daily basis. Holes found in both Apple, Microsoft, Oracle particular, the Adobe products.
Patch holes took NSS Labs, an average of 155 days after the information had been sold to research the vulnerability of the company’s customers.
Survey data are based on data that is current owned by HP TippingPoint and VeriSign iDefense owned have collected over 10 years. Both companies are buying research institutions vulnerabilities, tell them to their customers and will work in partnership with manufacturers to correct them.
In addition, the available vulnerabilities, the actual number is actually much higher, as some of the vulnerabilities are offered only to criminals or governments, both of which are willing to pay significant amounts of information.
“If your organization has reason to believe that the information of interest to extensive resources with hackers, it is necessary to start from the idea that the system has already been compromised,” Stefan Frei NSS states.
Information on the sale of the legitimate buyers is a big business.
Netragard company named according to the individual vulnerabilities, the price ranging from 35 000 to 160 000 dollars.
Source: http://www.tietoviikko.fi/kaikki_uutiset/suositut+ohjelmat+vuotavat+kuin+seula/a952666
Tomi Engdahl says:
EU legal eagle Legal: Data protection reforms ‘very bad outcome’ for citizens
One-stop shop for biz rule faces human rights challenge from EU Council
http://www.theregister.co.uk/2013/12/09/eu_data_protection_reforms_hits_legal_roadblock/
Attempts by Brussels’ Justice Commissioner Viviane Reding to rewrite Europe’s 18-year-old data protection law ahead of 2014′s EU elections took a significant knock on Friday, after a key tenet of the proposed rules faced surprise objections on human rights grounds.
The European Commission’s vice president, who first tabled the plans in January 2011, had been hoping to see her draft bill – which has already undergone around 4,000 amendments – passed before May next year.
But her proposals were stung by a major setback late last week, after the European Council’s legal service chief questioned whether its “one-stop shop” measure was lawful, opining that it might breach European citizens’ human rights. The measure is supposed to cut red tape for businesses operating across EU countries, giving them one port of call for data-protection issues.
“The problem is the results you get in terms of respecting the functioning of justice and people’s rights is actually a very bad outcome, a very bad result and as your legal adviser I have to tell you it’s a bad outcome,”
Tomi Engdahl says:
U.S. Federal Bureau of Investigation to pursue regulatory control of the hacker way. One of the control associated with the gimmick of webcams, writes The Washington Post.
FBI Quantico operating divisions former deputy director Marcus Thomas revealed to the magazine that the FBI is easily accessible to computers connected to the webcams.
In practice, the home computer user will not notice espionage at all. Most Webcams is equipped with a warning light that lights up the recording starts.
The FBI is able to hack the cameras in such a way that the sign does not light up during recording.
Thomas, according to the FBI has been engaged in the control of webcams through for several years.
Mainly to hack webcams terrorist suspects, but the authority is authorized to spy on other “serious suspects” people.
Source: http://www.iltalehti.fi/ulkomaat/2013120917811694_ul.shtml
Tomi Engdahl says:
FBI’s search for ‘Mo,’ suspect in bomb threats, highlights use of malware for surveillance
http://www.washingtonpost.com/business/technology/fbis-search-for-mo-suspect-in-bomb-threats-highlights-use-of-malware-for-surveillance/2013/12/06/352ba174-5397-11e3-9e2c-e1d01116fd98_story_1.html
“The suspect could be down the street or on the other side of the planet,” said Jason M. Weinstein, a former deputy assistant attorney general in the Justice Department’s criminal division who is now a partner at Steptoe & Johnson. He said he had no direct knowledge of the investigation of Mo. The case, however, “raises the broader question of whether the rules that exist now are adequate to address the problem.”
Mo and a deputy sheriff ended up speaking by phone for three hours while also communicating for much of that time through e-mail. That left investigators with several leads, including a phone number and a working address on Gmail, the Web-based e-mail service from Google.
Yet Mo’s true identity remained a mystery.
When authorities made an emergency request to Google for information from his account with the company, they learned that Mo had used an online tool called a “virtual proxy” to mask identifying information about the computer he was using.
Phishing for a suspect
The FBI team works much like other hackers, using security weaknesses in computer programs to gain control of users’ machines. The most common delivery mechanism, say people familiar with the technology, is a simple phishing attack — a link slipped into an e-mail, typically labeled in a misleading way.
When the user hits the link, it connects to a computer at FBI offices in Quantico, Va., and downloads the malicious software, often called “malware” because it operates covertly, typically to spy on or otherwise exploit the owner of a computer. As in some traditional searches, subjects typically are notified only after evidence is gathered from their property.
“We have transitioned into a world where law enforcement is hacking into people’s computers, and we have never had public debate,” said Christopher Soghoian, principal technologist for the American Civil Liberties Union. “Judges are having to make up these powers as they go along.”
Former U.S. officials say the FBI uses the technique sparingly, in part to keep public references to its online surveillance tools to a minimum.
The FBI has been able to covertly activate a computer’s camera — without triggering the light that lets users know it is recording — for several years, and has used that technique mainly in terrorism cases or the most serious criminal investigations, said Marcus Thomas, former assistant director of the FBI’s Operational Technology Division in Quantico
The FBI’s technology continues to advance as users move away from traditional computers and become more savvy about disguising their locations and identities. “Because of encryption and because targets are increasingly using mobile devices, law enforcement is realizing that more and more they’re going to have to be on the device — or in the cloud,” Thomas said, referring to remote storage services. “There’s the realization out there that they’re going to have to use these types of tools more and more.”
“Technology is evolving and law enforcement is struggling to keep up,” said Brian L. Owsley, a retired federal magistrate judge from Texas who was not involved in either case. “It’s a cat-and-mouse game.”
The warrant authorizes an “Internet web link” that would download the surveillance software to Mo’s computer when he signed on to his Yahoo account. (Yahoo, when questioned by The Washington Post, issued a statement saying it had no knowledge of the case and did not assist in any way.)
Mo’s computer did send a request for information to the FBI computer, revealing two new IP addresses in the process.
Tomi Engdahl says:
CxO Beware: Hacker-Snipers Aiming At You Right Now
http://www.forbes.com/sites/netapp/2013/08/08/cxo-beware-hacker-snipers/
If you’re a CEO or other executive, hackers really are out to get you. You’re a juicy target. An attack could expose your company’s most sensitive secrets, without you suspecting a thing.
Here are my top tips to help you protect yourself…
Internet security is a top concern for executives, who pour major resources into creating top-notch IT departments and frequent employee training sessions to prevent data theft.
But if you really want to solve the problem, you also need to take a hard look in the mirror.
A 2013 Verizon data breach study shows that executives are far more likely than staffers to be targeted by hackers. To make matters worse, they have a better chance of being successfully hacked. Other studies—including simulations by cyber security firm PhishMe—confirm the problem.
Why is that? Here’s a brief rundown of why executives are at greater risk, and a few simple steps you can take to prevent serious, embarrassing data breaches at your company.
How To Prevent An Attack
What can you do to prevent the next targeted executive from being you? Here are three simple but important steps:
Be more wary of email links. Even if it looks like it’s coming from the VP of finance, don’t assume it is. Give yourself 3 seconds to think about it. Were you expecting this document? If not, call and check. Do you really know that person from the conference?
Look at the Web address you’re being sent to. If you work at ABC Bank, which has a corporate IT security department, the address may read, http://www.abcbank.com.example.com. It may look like a legitimate department in your company. But you need to read email addresses from right to left. The one on the right is the true address. If it’s not your company’s name, it’s not legit.
Attend that company security training. I know, you don’t think you’ve time. But the truth is, you can’t afford not to go. Simulated attack training has taken susceptibility levels from over 50% to under 10%, Belani said.
The Bottom Line
Executives are bullseye targets for hackers.
Tomi says:
NSA Collect Gamers’ Chats and Deploy Real-Life Agents Into WoW and Second Life
http://games.slashdot.org/story/13/12/09/1632242/nsa-collect-gamers-chats-and-deploy-real-life-agents-into-wow-and-second-life
“The agency’s impressive arsenal of cable taps and sophisticated hacking attacks was not enough. What it really needed was a horde of undercover Orcs. That vision of spycraft sparked a concerted drive by the NSA and its UK sister agency GCHQ to infiltrate the massive communities playing online games”
Tomi says:
iSPY: Apple Stores switch on iBeacon phone sniff spy system
Hey BOB, you sure you don’t wanna iThing? Look, there they are! Huh? Huh?
http://www.theregister.co.uk/2013/12/09/ispy_on_your_little_buys_apples/
Apple has switched on its controversial iBeacon snooping system across 254 US stores.
The fruity firm’s iSpy network allows Apple to watch fanbois as they walk around an Apple store and then send them various messages depending on where they are in the shop.
This might come in handy when visiting an Apple store, for instance, which is offering the latest iStuff.
Apple’s iBeacon transmitters use Bluetooth to work out customers’ location, because GPS doesn’t work as well indoors. This functionality was quietly snuck into iOS 7.
Tomi Engdahl says:
Chinese hackers spied on Europeans before G20 meeting: researcher
http://www.reuters.com/article/2013/12/09/us-china-hacking-g-idUSBRE9B817C20131209
Chinese hackers eavesdropped on the computers of five European foreign ministries before last September’s G20 Summit, which was dominated by the Syrian crisis, according to research by computer security firm FireEye Inc
The hackers infiltrated the ministries’ computer networks by sending emails to staff containing tainted files with titles such as “US_military_options_in_Syria,” said FireEye, which sells virus fighting technology to companies. When recipients opened these documents, they loaded malicious code onto their personal computers.
FireEye lost access to the hackers after they moved to another server shortly before the G20 Summit in St. Petersburg, Russia.
“The theme of the attacks was U.S. military intervention in Syria,”
Western cybersecurity firms monitor several dozen hacking groups operating in China, most of which they suspect of having ties to the government. The firms also suspect the hacking groups of stealing intellectual property for commercial gain.
China has long denied those allegations, saying it is the victim of spying by the United States. Those claims gained some credibility after former National Security Agency contractor Edward Snowden began leaking documents about U.S. surveillance of foreign countries, including China.
Tomi Engdahl says:
Hackers Love Windows XP
http://www.designnews.com/author.asp?section_id=1386&doc_id=270150&cid=nl.dn14&dfpPParams=ind_182,industry_auto,industry_consumer,industry_machinery,aid_270150&dfpLayout=blog
Cyber security is going to be a big issue for plants using Windows XP once Microsoft quits offering extended support and security updates. MS quits in Windows XP beginning April 8, 2014. While this event means little to the average PC owner — years ago we moved on to Windows 7 or 8 — for many manufacturing and process plants, April will be the cruelest month. Plants often keep the same automation technology for 10 or 20 years.
Problem is, hackers have also marked that date. In a recent blog, Microsoft’s director of trustworthy computing (honest, that’s his title), Tim Rains, noted that “attackers will have the advantage over defenders who choose to run Windows XP because attackers will likely have more information about vulnerabilities in Windows XP than defenders.”
According to Microsoft, when it releases a security update, security researchers and criminals will often reverse engineer the security update quickly in an effort to identify the specific section of code that contains the vulnerability addressed by the update. Once they identify this vulnerability, they attempt to develop code that will let them exploit it on systems that do not have the security update installed.
Hackers also try to identify whether the vulnerability exists in other products with the same or similar functionality. If a vulnerability is addressed in one version of Windows, these hackers will check other versions of Windows to see if they have the same vulnerability.
To make sure its customers are not at a disadvantage to attackers, the Microsoft Security Response Center releases security updates for all affected products simultaneously.
But after April 8, 2014, organizations that continue to run Windows XP won’t have this advantage over attackers any longer. The very first month that Microsoft releases security updates for supported versions of Windows, attackers will reverse engineer those updates, find the vulnerabilities, and test Windows XP to see if it shares those vulnerabilities. If it does, attackers will attempt to develop code that can take advantage of those vulnerabilities.
While the obvious solution for plants would be to upgrade to a newer Windows operating system, this could involve significant cost and interruptions. Software upgrades in an operating production network commonly encounter unintended and unanticipated consequences.
Automation vendors and security firms are offering solutions. These companies have a track record of managing antiquated automation systems.
For many plants, this could be a more feasible solution than shutting down the plant and installing Windows 7 or 8. While that approach is a no-brainer for an office network, it becomes a bit complicated when a number of legacy automation and control systems are tied into Windows XP.
Tomi Engdahl says:
The Political Scene
State of Deception
Why won’t the President rein in the intelligence community?
by Ryan Lizza December 16, 2013
http://www.newyorker.com/reporting/2013/12/16/131216fa_fact_lizza?currentPage=all
Wyden leaned forward and read Alexander’s comment. Then he asked, “What I wanted to see is if you could give me a yes or no answer to the question ‘Does the N.S.A. collect any type of data at all on millions or hundreds of millions of Americans?’ ”
Clapper slouched in his chair. He touched the fingertips of his right hand to his forehead and made a fist with his left hand.
“No, sir,” he said. He gave a quick shake of his head and looked down at the table.
“It does not?” Wyden asked, with exaggerated surprise.
“Not wittingly,” Clapper replied. He started scratching his forehead and looked away from Wyden. “There are cases where they could inadvertently perhaps collect, but not wittingly.”
Wyden told me, “The answer was obviously misleading, false.” Feinstein said, “I was startled by the answer.” In Washington, Snowden’s subsequent leaks created the most intense debate about the tradeoffs between national security and individual liberty since the attacks of September 11th. The debate will likely continue. According to Feinstein, Snowden took “millions of pages” of documents. Only a small fraction have become public.
The N.S.A. is generally authorized to collect any foreign intelligence it wants—including conversations from the cell phone of Germany’s Chancellor, Angela Merkel—but domestic surveillance is governed by strict laws. Since 2001, the N.S.A. has run four surveillance programs that, in an effort to detect terrorist plots, have swept up the contents of the phone and Internet communications of hundreds of thousands of Americans, and collected the telephone and Internet metadata of many more Americans.
Tomi Engdahl says:
Google Security Certificates Forged
http://hackaday.com/2013/12/09/google-security-certificates-forged/
Recently, Google discovered that a certificate authority (CA) issued forged certificates for Google domains. This compromises the trust provided by Transport Layer Security (TLS) and Secure HTTP (HTTPS), allowing the holder of the forged certificates to perform a man-in-the-middle attack.
To validate that the website you’re visiting is actually who they claim to be, your browser ensures that the certificate presented by the server you’re accessing was signed by a trusted CA. When someone requests a certificate from a CA, they should verify the identity of the person making the request. Your browser, and operating system, have a set of ultimately trusted CAs (called root CAs). If the certificate was issued by one of them, or a intermediate CA that they trust, you will trust the connection. This whole structure of trust is called a Chain of Trust.
With a forged certificate, you can convince a client that your server is actually http://www.google.com. You can use this to sit between a client’s connection and the actual Google server, eavesdropping their session.
Tomi Engdahl says:
CyanogenMod to have built in text message encryption system
http://www.muktware.com/2013/12/cyanogenmod-built-text-message-encryption-system/17305
People are now more concerned regarding their privacy after discovering about efforts made by governments to spy on their communications. The most practical solution to keep messages, emails and calls secure is to use a cryptographic encryption mechanism. However, just like the name of the method, the installation process is complex for most users. To solve this, CyanogenMod will come equipped with built in encryption system for text messages.
Cyanogen Inc, the company behind the very popular custom Android ROM CyanogenMod, announced that its users will soon be able to communicate securely with the integrated encryption system for messages.
This is a joint effort from Open Whisper System and Cyanogen team. Open Whisper System makes open source apps for secure texting and phone calls.
Tomi Engdahl says:
Download a copy of your Gmail and Google Calendar data
http://gmailblog.blogspot.fi/2013/12/download-copy-of-your-gmail-and-google.html
Having access to your data and being able to take it with you is important, especially if that data contains precious memories like old love letters, your first job offer, or that 100-message thread discussing the merits of various cat videos. Starting today we’re rolling out the ability to export a copy of your Gmail and Google Calendar data, making it easy to back up your data or move to another service.
You can download all of your mail and calendars or choose a subset of labels and calendars. You can also download a single archive file for multiple products with a copy of your Gmail, Calendar, Google+, YouTube, Drive, and other Google data.
Tomi Engdahl says:
Evil Dexter lurks in card reader, ready to SLASH UP your credit score
Modified malware grabs credit card details of 20,000
http://www.theregister.co.uk/2013/12/10/dexter_pos_malware/
Cybercrooks have created an improved version of the Dexter point-of-sale malware that’s being blamed for slurping the credit and debit card details of holiday shoppers.
A new version of Dexter, first discovered by security researchers Seculert about a year ago, has been planted on 31 infected point-of-sale terminals, located in restaurants and famous shops in various major cities of the US, according to infosec start-up IntelCrawler.
The criminals behind the attack are using StarDust, a modified version of the earlier Dexter malware that takes features from other malware strains including BlackPOS and VSkimmer. StarDust (aka Dexter v.2) has been offered for sale on underground hacking forums since August. The new variant is capable of extracting credit card data from the RAM of compromised devices or by key-logging, as well as by capturing and exfiltrating internal network traffic, according to IntelCrawler. Data is sent via FTP to hosts based in Russia.
“Approximately 20,000 credit cards may have been compromised”
It’s unclear how the Dexter malware gets itself onto infected systems.
Tomi Engdahl says:
FreeBSD abandoning hardware randomness
‘Cannot trust them any more’
http://www.theregister.co.uk/2013/12/09/freebsd_abandoning_hardware_randomness/
In yet another washup from the Snowden revelations, the developers of FreeBSD have decided to take several steps backwards in their crypto work, to stop using hardware random number generators (RNGs).
The two hardware RNGs singled out by the FreeBSD developers in this post are Intel’s RDRAND (in Ivy Bridge processors), and VIA’s Padlock.
“For [FreeBSD] 10, we are going to backtrack and remove RDRAND and Padlock backends and feed them into Yarrow instead of delivering their output directly to /dev/random. It will still be possible to access hardware random number generators, that is, RDRAND, Padlock etc., directly by inline assembly or by using OpenSSL from userland, if required, but we cannot trust them any more”, the post states.
Among the many things Edward Snowden’s documents have suggested is that the NIST’s crypto standardisation efforts were nobbled by the NSA. This confirmed long-standing knowledge that the Dual Elliptic Curve Deterministic Random Bit Generator is weak, leading to RSA abandoning it in September.
Not everybody believes that RDRAND falls into the same category.
Linus Torvalds, for example, dismissed concerns about the instruction
Torvalds pointed out that RDRAND isn’t the only source of entropy for values streamed into /dev/random in a Linux implementation.
Tomi Engdahl says:
Snowden document shows Canada set up spy posts for NSA
CSEC conducted espionage activities for U.S. in 20 countries, according to top-secret briefing note
http://www.cbc.ca/news/politics/snowden-document-shows-canada-set-up-spy-posts-for-nsa-1.2456886
A top secret document retrieved by American whistleblower Edward Snowden reveals Canada has set up covert spying posts around the world and conducted espionage against trading partners at the request of the U.S. National Security Agency.
surveillance activities in “approximately 20 high-priority countries.”
The briefing paper describes a “close co-operative relationship” between the NSA and its Canadian counterpart, the Communications Security Establishment Canada, or CSEC — a relationship “both sides would like to see expanded and strengthened.
“The intelligence exchange with CSEC covers worldwide national and transnational targets.”
The intimate Canada-U.S. electronic intelligence relationship dates back more than 60 years. Most recently, another Snowden document reported by CBC News showed the two agencies co-operated to allow the NSA to spy on the G20 summit of international leaders in Toronto in 2010.
“Just think of certain foreign agreements or relationships that Canada actually enjoys that the United States doesn’t, and under the cover of those relationships, guess what you can conduct? These kinds of secret surveillance or collection efforts.”
Aside from compromising the actual intelligence operation, Wark says, an exposed spy mission can imperil Canada’s other diplomatic operations — “the political contacts, the trade contacts, the generation of goodwill between the countries and any sense of co-operation.”
It notes the NSA also supplies much of the computer hardware and software CSEC uses for encryption, decoding and other
In return, the NSA acknowledges that its Canadian counterpart provides the partnership with its own “cryptographic products, cryptanalysis, technology and software.”
CSEC employs about 2,000 people, has an annual budget of roughly $450 million
By comparison, the NSA employs an estimated 40,000 people plus thousands of private contractors, and spends over $40 billion a year
NSA whistleblower Drake says the problem is that both CSEC and the NSA lack proper oversight, and without it, they have morphed into runaway surveillance.
“There is a clear and compelling danger to democracy in Canada by virtue of how far these secret surveillance operations have gone.”
Tomi Engdahl says:
Edward Snowden voted Guardian person of the year 2013
http://www.theguardian.com/world/2013/dec/09/edward-snowden-voted-guardian-person-of-year-2013
NSA whistleblower’s victory, for exposing the scale of internet surveillance, follows that of Chelsea Manning last year
Tomi Engdahl says:
Ultrasonic Data Transmission With GNU Radio
http://hackaday.com/2013/12/10/ultrasonic-data-transmission-with-gnu-radio/
[Chris] shows us with his ultrasound data transmission between two laptops. He’s transmitting audio from the speakers of one laptop at 23 kHz. It’s outside the range of human hearing, but surprisingly able to be picked up by a cheap desktop mic connected to another laptop
His GNU Radio setup first converts a string of text to a 5-bit packet, modulates it with FSK, and bumps up the signal to 23 kHz. On the other end, the data is decoded by doing the same thing in reverse.
Tomi Engdahl says:
New documents show how the NSA infers relationships based on mobile location data
http://www.washingtonpost.com/blogs/the-switch/wp/2013/12/10/new-documents-show-how-the-nsa-infers-relationships-based-on-mobile-location-data/
Everyone who carries a cellphone generates a trail of electronic breadcrumbs that records everywhere they go. Those breadcrumbs reveal a wealth of information about who we are, where we live, who our friends are and much more. And as we reported last week, the National Security Agency is collecting location information in bulk — 5 billion records per day worldwide — and using sophisticated algorithms to assist with U.S. intelligence-gathering operations.
How do they do it? And what can they learn from location data? The latest documents show the extent of the location-tracking program we first reported last week.
The NSA doesn’t just have the technical capabilities to collect location-based data in bulk. A 24-page NSA white paper shows that the agency has a powerful suite of algorithms, or data sorting tools, that allow it to learn a great deal about how people live their lives.
Those tools allow the agency to perform analytics on a global scale, examining data collected about potentially everyone’s movements in order to flag new surveillance targets.
For example, one NSA program, code-named Fast Follower, was developed to allow the NSA to identify who might have been assigned to tail American case officers at stations overseas. By correlating an officer’s cellphone signals to those of foreign nationals in the same city, the NSA is able to figure out whether anyone is moving in tandem with the U.S. officer.
Tomi Engdahl says:
NSA uses Google cookies to pinpoint targets for hacking
http://www.washingtonpost.com/blogs/the-switch/wp/2013/12/10/nsa-uses-google-cookies-to-pinpoint-targets-for-hacking/
The National Security Agency is secretly piggybacking on the tools that enable Internet advertisers to track consumers, using “cookies” and location data to pinpoint targets for government hacking and to bolster surveillance.
The agency’s internal presentation slides, provided by former NSA contractor Edward Snowden, show that when companies follow consumers on the Internet to better serve them advertising, the technique opens the door for similar tracking by the government. The slides also suggest that the agency is using these tracking techniques to help identify targets for offensive hacking operations.
For years, privacy advocates have raised concerns about the use of commercial tracking tools to identify and target consumers with advertisements. The online ad industry has said its practices are innocuous and benefit consumers by serving them ads that are more likely to be of interest to them.
The revelation that the NSA is piggybacking on these commercial technologies could shift that debate, handing privacy advocates a new argument for reining in commercial surveillance.
Tomi Engdahl says:
“We cannot trust” Intel and Via’s chip-based crypto, FreeBSD developers say
Following NSA leaks from Snowden, engineers lose faith in hardware randomness.
http://arstechnica.com/security/2013/12/we-cannot-trust-intel-and-vias-chip-based-crypto-freebsd-developers-say/
Developers of the FreeBSD operating system will no longer allow users to trust processors manufactured by Intel and Via Technologies as the sole source of random numbers needed to generate cryptographic keys that can’t easily be cracked by government spies and other adversaries.
The change, which will be effective in the upcoming FreeBSD version 10.0, comes three months after secret documents leaked by former National Security Agency (NSA) subcontractor Edward Snowden said the US spy agency was able to decode vast swaths of the Internet’s encrypted traffic. Among other ways, The New York Times, Pro Publica, and The Guardian reported in September, the NSA and its British counterpart defeat encryption technologies by working with chipmakers to insert backdoors, or cryptographic weaknesses, in their products.
The revelations are having a direct effect on the way FreeBSD will use hardware-based random number generators to seed the data used to ensure cryptographic systems can’t be easily broken by adversaries. Specifically, “RDRAND” and “Padlock”—RNGs provided by Intel and Via respectively—will no longer be the sources FreeBSD uses to directly feed random numbers into the /dev/random engine used to generate random data in Unix-based operating systems.
“Edward Snowdon [sic] — v. high probability of backdoors in some (HW) RNGs,” the notes read, referring to hardware RNGs. Then, alluding to the Dual EC_DRBG RNG forged by the National Institute of Standards and Technology and said to contain an NSA-engineered backdoor, the notes read: “Including elliptic curve generator included in NIST. rdrand in ivbridge not implemented by Intel… Cannot trust HW RNGs to provide good entropy directly. (rdrand implemented in microcode. Intel will add opcode to go directly to HW.) This means partial revert of some work on rdrand and padlock.”
Tomi Engdahl says:
Poker ace’s vanishing hotel laptop WAS infected by card-shark – F-Secure
Trojan on ‘swiped’ laptop could peek at player’s hand, we’re told
http://www.theregister.co.uk/2013/12/11/poker_pros_call_shenanigans_over_hotel_malware_infections/
A laptop apparently stolen from a top-flight poker pro’s hotel room and mysteriously returned while he played in a card tournament was infected by spyware.
That’s according to security firm F-Secure, which today said it had analyzed the computer, owned by ace player Jens Kyllönen. The Java-written malware on the machine could allow a attacker, perhaps a card-shark, to remotely view screenshots and log activity on the PC.
While such spyware is hardly uncommon, the F-Secure researchers were intrigued by the way in which the software nasty was apparently installed.
According to F-Secure, the notebook was in fact infected with a remote monitoring tool that activated upon system startup. Researchers believe that the malware was installed via a USB device and that a similar infection was introduced to the computer of another player staying in the same room.
Tomi Engdahl says:
Oi, Obama. Rein your spooks in, demands web giants’ alliance
Where the US leads, the world follows – or so tech’s big dogs hope
http://www.theregister.co.uk/2013/12/09/reform_gov_surveillance_tech_alliance/
Eight web heavyweights have banded together to call on the US and other governments to rein in indiscriminate surveillance by state security agencies.
AOL, Apple, Facebook, Google, LinkedIn, Microsoft, Twitter and Yahoo are asking for a general reform of government surveillance laws and practices because the “balance in many countries has tipped too far in favour of the state and away from the rights of the individual”.
Tomi Engdahl says:
Exploits no more! Firefox 26 blocks all Java plugins by default
Click-to-run activated even for latest version
http://www.theregister.co.uk/2013/12/10/firefox_26_blocks_java/
The latest release of the Firefox web browser, version 26, now blocks Java software on all websites by default unless the user specifically authorizes the Java plugin to run.
The change has been a long time coming. The Mozilla Foundation had originally planned to make click-to-run the default for all versions of the Java plugin beginning with Firefox 24, but decided to delay the change after dismayed users raised a stink.
Beginning with the version of Firefox that shipped on Tuesday, whenever the browser encounters a Java applet or a Java Web Start launcher, it first displays a dialog box asking for authorization before allowing the plugin to launch.
Users can also opt to click “Allow and Remember,” which adds the current webpage to an internal whitelist so that Java code on it will run automatically in the future, without further human intervention.
Mozilla’s move comes after a series of exploits made the Java plugin one of the most popular vectors for web-based malware attacks over the past few years. So many zero-day exploits targeting the plugin have been discovered, in fact, that the Firefox devs have opted to give all versions of Java the cold shoulder, including the most recent one.
Tomi Engdahl says:
China hackers ‘target EU foreign ministries’
http://www.bbc.co.uk/news/technology-25316228
Chinese hackers spied on the computers of five European foreign ministries over the summer, according to research from US security company FireEye.
The hackers sent emails with malware-ridden attachments purporting to detail a possible US intervention in Syria.
The company has not revealed which ministries were targeted but said the malware samples were meant for individuals involved in the G20 talks.
In total nine computers had been compromised, the company told the BBC.
Tomi Engdahl says:
New US spy satellite features world-devouring octopus
“Nothing is beyond our reach,” new logo tells the world.
http://arstechnica.com/tech-policy/2013/12/new-us-spy-satellite-features-world-devouring-octopus/
Over the weekend, the ODNI was pumping up the launch of a new surveillance satellite launched by the National Reconnaissance Office. The satellite was launched late Thursday night, and ODNI’s Twitter feed posted photos and video of the launch over the following days.
Unmistakable was the new NRO logo that goes with this satellite: “Nothing is Beyond Our Reach,” it says, featuring an octopus with its arms wrapped around the globe.
While the NRO might be thinking that the octopus represents versatility and intelligence, the mysterious creature has often been used as a symbol for a scary, evil kind of intelligence in popular culture
Tomi Engdahl says:
Snowden documentary reveals the web of espionage illegal in Sweden
Swedish Armed Forces radio intelligence center FRA to engage in illegal, active online espionage, says the Swedish television SVT. Case reveals tietovuotaja Edward Snowden revealed by the document.
SVT, the FRA has the legal right to engage in intelligence gathering only the passive telecom and data information.
SVT Uppdrag Granskining program says that the FRA has an active online intelligence cooperation with the U.S. and British intelligence agencies. FRA therefore penetrates the target of people to computers and directs them to the British intelligence service GHCQ’s servers.
Operations began Snowden flow with a document that, after the FRA’s management met with April, the U.S. National Security Agency NSA Director Keith Alexander. The meeting agreed the top secret operation, which was code-named “Winter Light”.
The Swedish Parliament on SVT’s revelation raises eyebrows.
From the FRA was asked to comment on a new revelation. Agency spokesman did not comment on whether the FRA did active signal intelligence or not. He emphasized that in all the Agency’s acquisition of information has the legal support.
Source: http://yle.fi/uutiset/svt_snowdenin_dokumentti_paljastaa_ruotsin_laittoman_nettivakoilun/6979018
Tomi Engdahl says:
We’ll predict your EVERY MOVE! Facebook’s new AI brain talks to El Reg
Social panopticon to foresee ‘what a user is going to do next’
http://www.theregister.co.uk/2013/12/10/facebook_artificial_intelligence_hire/
Facebook wants to know what you’re going to do before you do it, and has hired a big-brained boffin to give it the AI chops to do this.
Machine-learning luminary Yann Lecun announced on Monday that he had been tapped to run the social network’s nascent Artificial Intelligence laboratory.
“Facebook has created a new research laboratory with the ambitious, long-term goal of bringing about major advances in artificial intelligence,” Lecun wrote
“Full prediction… for Facebook is very important,” he said, adding he wanted to model how the actions of individual residents of Zuck’s data farm “evolve over time.”
“Being able to predict what a user is going to do next is a key feature,” he said.
Tomi Engdahl says:
Thought your Android phone was locked? THINK AGAIN
Another day, another vulnerability
http://www.theregister.co.uk/2013/12/10/android_has_lockbypass_bug/
Android has taken another step to cement its place behind Java in the world of repeatedly-vulnerable software, with German group Curesec discovering that an attacker can get past users’ PINs to unlock the phone.
In fact, the Curesec post states, the bug – present in Android 4.0 to 4.3 but not 4.4 – exposes any locking technique: PINs, passwords, gestures or facial recognition.
“The bug exists on the ‘com.android.settings. ChooseLockGeneric class’. This class is used to allow the user to modify the type of lock mechanism the device should have,” Curesec writes.
The problem is that the program flow in the ChooseLockGeneric class lets an attacker bypass the confirmation
“As a result, any rogue app can at any time remove all existing locks.”
Tomi Engdahl says:
Exploits no more! Firefox 26 blocks all Java plugins by default
Click-to-run activated even for latest version
http://www.theregister.co.uk/2013/12/10/firefox_26_blocks_java/
The latest release of the Firefox web browser, version 26, now blocks Java software on all websites by default unless the user specifically authorizes the Java plugin to run.
Tomi Engdahl says:
NSA Uses Google Cookies To Pinpoint Targets For Hacking
http://yro.slashdot.org/story/13/12/11/0515247/nsa-uses-google-cookies-to-pinpoint-targets-for-hacking
“For years, privacy advocates have raised concerns about the use of commercial tracking tools to identify and target consumers with advertisements. The online ad industry has said its practices are innocuous and benefit consumers by serving them ads that are more likely to be of interest to them. Now the Washington Post reports that the NSA secretly piggybacks on the tools that enable Internet advertisers to track consumers, using ‘cookies’ and location data to pinpoint targets for government hacking and to bolster surveillance.”
Tomi Engdahl says:
Panic as Thousands Receive ‘Fines’ For Streaming RedTube Videos
http://torrentfreak.com/panic-as-thousands-receive-fines-for-streaming-redtube-videos-131210/
In recent days thousands of Internet users have received letters demanding 250 euros to settle online copyright infringement allegations. What is particularly strange about this case, however, is that the targets are all said to be users of RedTube, a site that streams video in a way not dissimilar to YouTube. But as panicking users unintentionally DDoS a lawfirm’s website while looking for advice, the mysterious plot continues to thicken.
In countries across Europe and in the United States, copyright holders have targeted hundreds of thousands of Internet users said to have shared their content online without permission.
Often referred to as copyright trolls, these companies place themselves in file-sharing networks and masquerade as regular users, but instead they’re collecting evidence of infringement.
However, the real shocker becomes apparent when one discovers where the alleged infringements are said to have taken place. Not a torrent site or other venue where user IP addresses are publicly available but on streaming video site RedTube, the 105th most popular site in the world.
So how did the lawfirm acquire the identities of so many individuals? That question has become the subject of many theories, from IP address-grabbing adverts to malware, to a huge lawsuit forcing RedTube to comply.
Tomi Engdahl says:
AT&T accused of violating privacy law with sale of phone records to CIA
Consumer advocates want FCC to declare sale of phone records illegal.
http://arstechnica.com/tech-policy/2013/12/att-accused-of-violating-privacy-law-with-sale-of-phone-records-to-cia/
Consumer advocates have asked the Federal Communications Commission (FCC) to declare that AT&T violated a privacy rule in the Communications Act by selling phone records to the Central Intelligence Agency (CIA).
A report last month said that “AT&T has turned over international calling records to the CIA. The telecom charges the CIA more than $10 million per year in exchange for access to metadata about calls by suspected terrorists overseas.”
Tomi Engdahl says:
Show us a better way than collecting metadata, NSA director says to critics
http://news.idg.no/cw/art.cfm?id=E4F01CF5-BBC3-64A0-7C9F57681BA78414
Critics of the U.S. National Security Agency’s bulk collection of U.S. residents’ telephone records should offer a better way to track terrorists and protect the country against attacks, the agency’s director said Wednesday.
Alexander defended the phone records program, saying that while the NSA collects huge numbers of records, it only queries a few hundred each year, based on a reasonable suspicion that the callers are connected to a terrorist organization. Proposals to end the phone records program would lead to a more unsafe country, he said.
“Given that the threat is growing, I believe that is an unacceptable risk to our country,” he said. “Taking these programs off the table, from my perspective, is absolutely not the thing to do.”
Tomi Engdahl says:
Your cloud provider may be lost
Up to a quarter of all cloud services for enterprises that will disappear in a few years. Research firm Gartner forecasts that up to one in four of the operator either stops or is acquired, the latter being the more general situation.
Cloud services providers are currently faced with the pressure to reduce prices, but the buyers should not be too hard to tighten the service providers, advises Gartner Data Center Conference in spoken analyst William Maurer.
“Buyers need to ensure that the service is successful. Also, they need to be given the opportunity to get the benefit of their investments. If the money is not available, soon there will be no service at all, “Maurer warns.
Cloud buyers seem to be well aware of the potential risks, as many as half of the Data Center Conference event participants saw the cloud services outsourcing “significant risks”.
Nevertheless, Gartner predicts that up to 80 percent of all organizations to use cloud services for end of this year.
Source: http://www.tietoviikko.fi/kaikki_uutiset/pilvitoimittajasi+voi+kadota/a953372