“ISPs will hold this information, as they do today. Please also note that no personal information about subscribers will be shared with rights holders without the required legal process being completed”
Archive for 2011/09/06
Database Of U.S. Internet Pirates Will Be Decentralized – We wanted to know what will happen with the IP-addresses that are collected, for how long will they be stored, and will there be a central organization that’s responsible for this process like there is in France. The CCI spokesperson informed us that the data will be exclusively kept by the ISPsPosted: 2011/09/06 in Education / Awareness, Enforcement, Illegal File Sharing, New Business Models
At the moment, there seems to be a general consensus that the CA system is not long for this world, and that’s a major step forward. But while almost everyone seems to agree that we should develop something else, the exact problem with what we have is not entirely well defined. Let’s look at what people have suggested the problem might be.
E-books are an upcoming phenomenon at the moment. Many people see e-books as the future. However, some authors find it hard to believe the emergence of e-books will benefit their businessPosted: 2011/09/06 in Education / Awareness, New Business Models
Russia’s Deputy Minister of Economic Development said that not only do U.S. sites continue to offer pirated Russian movies, but that YouTube and Google should be shut down for not respecting local laws
Attorneys for the movie studio asked Judge Walter to consider publishing his injunction order in the Federal Register so that other judges around the nation currently overseeing Internet copyright cases would have the benefit of seeing what they believe to be an astute analysis of the “transmit” clause in the Copyright Act and what it means for Internet streaming transmissions to be “to the public” under the clausePosted: 2011/09/06 in Copyright, Education / Awareness, Jurisprudence, Litigation
The plaintiffs also say they would be more than happy to submit the judge’s opinion on his behalf to the Westlaw database
Australian bookseller Dymocks, practically the “last man standing” as the combination of online competition, inept management and a rising currency decimates the local publishing industry, is firing back with what it calls an “end to end” online service for local authorsPosted: 2011/09/06 in Education / Awareness, New Business Models, Tech Evolution
Dozens of new television channels are coming to Freeview this month, thanks to clever use of the MHEG standard and the connectivity already built into every Freeview HD boxPosted: 2011/09/06 in Education / Awareness, New Business Models
Larry Ellison and Larry Page could be forced into mediation to negotiate a settlement in Oracle’s multi-billion-dollar claim that Google’s Android tramples Java patents it ownsPosted: 2011/09/06 in Education / Awareness, Litigation
James Murdoch was made aware in 2008 that alleged phone-hacking practices at the News of the World went beyond “one rogue reporter”, the former legal manager of News Group Newspapers claimed to MPsPosted: 2011/09/06 in Cybercrime, Education / Awareness
Dutch language news article:
Claimed DigiNotar hacker: I have access to four more CAs – Iranian ‘Comodohacker’ says he can still issue bogus certsPosted: 2011/09/06 in Cybercrime, Education / Awareness, Network Security, Privacy / Data Protection
In a letter to Dutch Prime Minister, Mark Rutte, Green Armor Solutions’ CEO and renowned cybersecurity expert, Joseph Steinberg, offered to provide both cybersecurity technology and consulting services to the Dutch government, and noted that governments, like businesses, should implement site authentication technology so that they can ensure security without relying on outdated and ineffective technologies such as SSL Certificates that have already been repetitively proven unsuccessful at curtailing phishingPosted: 2011/09/06 in Education / Awareness, Network Security, Privacy / Data Protection, Public Policy
Almost from the beginning of the DigiNotar CA Disaster, we had a reason to believe the case was connected to “ComodoGate” — the hacking of another Certificate Authority earlier this year, by an Iranian attacker. This connection has now been confirmed.Posted: 2011/09/06 in Cybercrime, Education / Awareness, Network Security, Privacy / Data Protection
After ComodoGate, the hacker — who called himself ComodoHacker — sent a series of messages via his Pastebin account. Then at the end of March 2011, it went silent. We’ve been keeping an eye on it, just in case the attacker will post something related to the Diginotar case.
And he just did.
Screenshots and more information at F-Secure:
Dutch language government website:
Fox-IT technical report (ENGLISH LANGUAGE):
Letter to Members of Parliament in The Netherlands (Dutch):
All the latest DigiNotar news from The Netherlands – Fox-IT report about DigiNotar slowly but surely being distributed to several organizationsPosted: 2011/09/06 in Cybercrime, Education / Awareness, Network Security, Privacy / Data Protection, Public Policy
After the Dutch government is said to have shared the list of compromised SSL certificates with TOR/WikiLeaks hacker Jacob Appelbaum, it now leaks a report from security firm Fox-IT about DigiNotar to reporters of Dutch news sites Nu.nl and Webwereld.nl. Mozilla also received it. Main findings:
- DigiNotar knew on 28th July that Iranian internet users were being misled; Dutch authorities were only informed last week;
- DigiNotar knew that its own security had been breached in June of this year already; It started an investigation one month later and only filed for a criminal complaint on Monday 5th September;
- DigiNotar had not implemented basic security measures: the technical environment used to create certificates could be accessed from networked desktop environments, including the environment related to government certificates. The latter system environment officially needs to be kept in a vault, totally inaccessible from any networked environment. The Windows system used to access the environment for the production of digital certificates was not running any anti-virus software;
- Intrusion detection systems did not function; Intrusions were not being registered or logged;
- Production of certificates was not being registered or logged;
- Passwords of system administrators were hacked, probably as a result of the fact that they were badly chosen and extremely simple to guess, even in an automated fashion; The passwords were used to access the certification systems;
-Former DigiNotar employee Remko de Graaf appeared on an RTL News Broadcast explaining that his former employer was keeping copies of certificates in a “loose” database. This could have enabled both employees and hackers to misuse certain network connections and go and sign certificates;
The report paints a picture of a company that was removing all possible technical (security) obstacles in order to smoothen and simplify the workflow to a maximum extent. The researchers of Fox-IT do not accuse the government of Iran of eavesdropping. They do argue that the attacks have been aimed at eavesdropping on Iranian internet users. (Meanwhile, DigiNotar itself claims that this has been a politically motivated hack directed against Iranian internet users. Dutch language news article: http://www.security.nl/artikel/38370/1/DigiNotar%3A_Aanval_was_politieke_hack.html )
Fox-IT has produced an animated video, visualizing the OCSP requests for one of the rogue certificates, namely the *.google.com certificate.
This is a message left by one of the hackers on the compromised systems of DigiNotar:
I know you are shocked of my skills, how i got access to your network to your internal network from outside how I got full control on your domain controller how I got logged in into this computer HoW I LEARNED XUDA PROGRAMMING HOW I got this IDEA to write such XUDA code How I was sure it’s going to work? How i bypassed your expensive firewall, routers, NetHSM, unbreakable hardware keys How I did all xUDA programming without 1 line of resource, got this idea, owned your network accesses your domain controlled, got all your passwords, signed my certificates and received them shortly THERE IS NO ANY HARDWARE OR SOFTWARE IN THIS WORLD EXISTS WHICH COULD STOP MY HEAVY ATTACKS MY BRAIN OR MY SKILLS OR MY WILL OR MY EXPERTISE That’s all ok! EVerything I do is out of imagination of people in world I know you’ll see this message when it is too late, sorry for that I know it’s not something you or any one in this world have thought about But everything is not what you see in material world, when God wants something to happen.
And finally, the government has stated that Microsoft will delay the Windows Update functionality for The Netherlands until required certificate updates have been implemented.
Dutch language news articles:
In other news:
More than 40 networks of ISPs and universities in Iran have been compromised using forged SSL-certificates by DigiNotar. Trend Micro calls it “a massive man-in-the-middle attack”. Says it has evidence to show this was a massive campaign
Dutch language news article:
Dutch parlementarian: “Make sure that covering up hacking incidents will become an illegal act”
Dutch language news article:
Microsoft: Stolen SSL certs can’t be used to install malware via Windows Update
Why Diginotar may turn out more important than Stuxnet
DigiNotar fallout could leave OSes vulnerable
What exactly happened in The Netherlands – Situation Report by The New York Times
Recap in Dutch:
Message by Mozilla:
I have just read part of the unreleased Fox-IT report on DigiNotar, which should be published in full soon. This should already have been obvious from what is publicly known, but if you are in Iran, you should:
- Update your browser and/or Windows (in Firefox: go to Firefox menu | Help | About Firefox)
- log out of and back into every email and social media service you have (to invalidate any captured cookies) – particularly ones on this list
- change your password for each of those sites
A diplomatic cable leaked by Wikileaks reveals that entertainment industry groups and law enforcement combined their efforts to infiltrate Warez Scene topsites. One of the strategies they discuss during a 2009 meeting is to have an informant leak music before the official release date, to gain trust of the site’s operator and gain access to the highly secured Scene serversPosted: 2011/09/06 in Education / Awareness, Enforcement, Illegal File Sharing
Although many have expected that infiltration of topsites was a common investigative tactic, this is the first time that we have it in writing.
Interviewed: the Turkish hackers whose DNS attack hit the Telegraph – Group has carried out hacks in Far East but says its motive is ‘fun’Posted: 2011/09/06 in Cybercrime, Education / Awareness
Copyright, U.S. lobbying, and the stunning backroom Canadian response gets front page news treatment today as the Toronto Star runs my story on new revelations on copyright from the U.S. cables released by Wikileaks. The cables reveal that former Industry Minister Maxime Bernier raised the possibility of leaking the copyright bill to U.S. officials before it was to be tabled it in the House of Commons, former Industry Minister Tony Clement’s director of policy Zoe Addington encouraged the U.S. to pressure Canada by elevating it on a piracy watch list, Privy Council Office official Ailish Johnson disclosed the content of ministerial mandate letters, and former RCMP national coordinator for intellectual property crime Andris Zarins advised the U.S. that the government was working on a separate intellectual property enforcement bill.