Category Archives: Network Security

May 9 2012

Queens Speech Confirms Expansion of UK CCDP Internet Snooping Law

As expected the UK government has used today’s Queens Speech (State Opening of Parliament) to outline the revival of a £2bn plan to expand the reach of existing ISP based internet snooping laws (data retention) to log a much bigger slice of your online activity (e.g. Skype and Facebook access); regardless of whether or not you ever committed a crime.

It’s critical to point out that the current Regulation of Investigatory Powers Act 2000 (RIPA) and EU Data Retention Directive already requires ISPs to maintain a log of your internet website and email accesses (times, dates and IP addresses [sender / recipient]) for 12 months, which is only accessible via an interception warrant. But this does NOT include the actual content of your communication.

The Queen Said:

My government intends to bring forward measures to maintain the ability of the law enforcement and intelligence agencies to access vital communications data under strict safeguards to protect the public, subject to scrutiny of draft clauses.”

More:
http://www.ispreview.co.uk/index.php/2012/05/queens-speech-confirms-expansion-of-uk-ccdp-internet-snooping-law.html

May 9 2012

The Pirate Bay has issued a statement condemning the attack on Virgin Media’s website

The Pirate Bay Statement

Seems like some random Anonymous groups have run a DDOS campaign against Virgin media and some other sites. We’d like to be clear about our view on this.

We do NOT encourage these actions. We believe in the open and free internets, where anyone can express their views. Even if we strongly disagree with them and even if they hate us. So don’t fight them using their ugly methods. DDOS and blocks are both forms of censorship.”

More:
http://www.ispreview.co.uk/index.php/2012/05/anonymous-ddos-attack-knocks-the-virgin-media-uk-site-offline.html

Blast From The Past:
http://web.archive.org/web/20040201224502/www.anakata.hack.se/coding/

May 7 2012

DocTrackr: file tracking “for paranoid people by paranoid people”

The process works something like this: your boss has an important document he or she wants to share with you and the rest of your team. Your boss uploads the document to DocTrackr, and sends each of you an invite over e-mail to view the file. Using what Cazalot calls “cryptography applied to document management,” Microsoft Word or Adobe Reader checks with DocTrackr’s authentication server to confirm whether access is allowed.

And the type of access can vary too. Your boss might decide that no one should be able to print the file, or that the file should be read-only, and inaccessible offline. These permissions can be applied to everyone on your team, or just certain people. Or, if your boss has a new version of the document to distribute, access to the old file can be revoked. Meanwhile, the number of users who access the file, and for how long, are tracked and measured using a series of graphs online.

The genius here is that authentication is handled by security mechanisms already built into Microsoft Office and Adobe Reader, saving Cazalot from having to “reinvent the wheel.” Instead, DocTrackr provides a simple, unified front-end interface to manage these permissions online—something a business would have previously had to handle itself.

More:
http://arstechnica.com/getting-it-done/2012/05/doctrackr-file-tracking-for-paranoid-people-by-paranoid-people.ars

May 7 2012

Please hack us, says Facebook, but follow the rules

Hackers and rules…

As well as money, Facebook promises not to land them in trouble with the police, if they have complied with the program’s golden rules.

“If you give us reasonable time to respond to your report before making any information public, and make a good faith effort to avoid privacy violations, destruction of data and interruption or degradation of our service during your research, we will not bring any lawsuit against you or ask law enforcement to investigate you.”

One British hacker has earned more than $2400 from Facebook, and the most prolific White Hat contributors are now given their own Facebook “bug bounty” credit cards.

Facebook’s chief security officer, Joe Sullivan, says he would much rather the hackers worked with the company, rather than against it. In time, he hopes the hackers will be able to find legitimate ways of expressing themselves within schools and universities.

“There is a real lack of practical academic programs for cyber-security not only in the US but also internationally,” he said. “Cyber-security is a skill best learned by doing, and unfortunately many of the current academic programs place little emphasis on real-world practical experience such as that gained in competition or via bug-bounty programs.

“This dearth of the right educational opportunities has a real impact on companies like ours who are searching far and wide for cyber-security experts to protect the networks and sites that people rely on and use every day.

Much more:
http://www.smh.com.au/technology/technology-news/please-hack-us-says-facebook-20120504-1y41a.html

May 6 2012

Major cyber attack aimed at natural gas pipeline companies

A major cyber attack is currently underway aimed squarely at computer networks belonging to US natural gas pipeline companies, according to alerts issued by the US Department of Homeland Security.

http://www.csmonitor.com/USA/2012/0505/Alert-Major-cyber-attack-aimed-at-natural-gas-pipeline-companies

May 6 2012

The global hacktivst group known as Anonymous claims to have brought down the CIA and Interpol websites on Sunday

­The attack is attributed to @AnonsTurkey, with the group using the twitter handle to say they are “hacking the world to save the planet”.

Earlier this year, Anomymous launched an offensive against government and private sites in protest against the content industry.

Just last month, Brazilian hacktivist Havittaja claimed responsibility for a DDoS attack on the websites of the US Department of Justice and the CIA. Other Anonymous hacktivists later joined their “Brazilian brother” and brought down two MI6 websites.

The CIA website was also downed by Anonymous on two occasions before that, in February 2012 and back in June 2011.

More:
http://rt.com/news/anonymous-cia-interpol-down-702/

May 1 2012

The Disadvantages Of Using Virtual Private Networks (VPNs) For Illegal Purposes

TorrentFreak published an article about how youngsters go and buy a VPN as a response to tough legislation and increasing levels of online spying. Although the blog is welcoming people to the encrypted internet, VPNs may not always provide a perfect solution for those who would like to escape eyes, ears and the sometimes long arm of the law:

1. TorrentFreak itself pointed readers to the fact that some VPN providers actually log data correlating IP addresses used and IP addresses or financial information of their customers;

2. Some VPN providers already have general provisions indicating that they will act against illegal activities and take action against their subscribers if needed;

3. Most VPN providers make clear that they will abide to the laws of the country where they’re residing;

4. Several VPN providers provide services of low quality (low traffic speed) and have started working with bandwidth caps;

5. As VPN subscriptions tend to cost money, it becomes more and more relevant to know just who is operating your VPN service. Most VPN providers do not have a meaningful ‘About Us‘ section on their website and sometimes it turns out that the operators of the service may not be the most reliable of people who – for example – could run off with your financial details or use the information about your potentially illegal internet use against you.

It remains to be seen whether VPNs offer a solid, scalable, cost-effective and reliable alternative for internet users on the long run. It is highly likely that increasing numbers of VPN users will either result in more rules, regulations and restrictions for VPN providers, or – if VPN providers choose to operate from “rogue” territories – blocking of the VPN providers’ IP ranges by governments and perhaps even by regular internet service providers, whenever they’re suffering from the consequences of the lack of accountability which sometimes is a consequence of anonymity.

It will all depend on the scale and seriousness of any illegal acts undertaken by VPN users and the extent to which governments and internet service providers are willing to put up with these “safe havens”.

Just look at how many online services are currently prohibiting the use of disposable e-mail addresses or transactions from “rogue” territories, something even VPN providers have started to do:

http://www.purevpn.com/term.php

See also:
http://torrentfreak.com/young-file-sharers-respond-to-tough-laws-by-buying-a-vpn-120501/

Apr 20 2012

Dutch Researchers Were Able To Access 90,000 Social Networks And Take Over Identity Of Their 100 Million Users

They discovered a serious security flaw in social network platform NING. Government agencies and enforcement authorities worldwide make use of this platform

Dutch language video:
http://vimeo.com/40708237

Dutch language news articles:
http://webwereld.nl/nieuws/110261/ning-lekt-accounts-100-miljoen-gebruikers.html
http://www.nu.nl/internet/2792000/identiteitsdiefstal-100-miljoen-gebruikers-mogelijk-via-platform.html

Apr 17 2012

Red-faced ICANN has delayed its new generic top-level domains programme again as it struggles to deal with the fallout of a security bug that exposed confidential data about applicants

The internet overseer also confirmed it was first warned of a data leak vulnerability in mid-March, weeks before it eventually pulled the plug on the new TLD registration website.

http://www.theregister.co.uk/2012/04/17/icann_tas_still_offline/

Apr 17 2012

Google treats its infrastructure like a state secret, so Hölzle rarely speaks about it in public. Today is one of those rare days

Google essentially has remade a major part of its massive internal network, providing the company a bonanza in savings and efficiency. Google has done this by brashly adopting a new and radical open-source technology called OpenFlow.

http://www.wired.com/wiredenterprise/2012/04/going-with-the-flow-google/

Apr 17 2012

XS4ALL Network And Hosting Services Disrupted Due To DDOS Attack

XS4ALL‘s mailserver and all the websites operated and hosted by the Dutch ISP are rendered inaccessible for now. It is currently unknown why XS4ALL has been targeted or by whom

Dutch language news article:
http://www.nu.nl/internet/2789186/xs4all-kampt-met-storing-ddos-aanval.html

Apr 17 2012

Jacob Appelbaum (TOR) vs. UltraReach (Ultrasurf). Trust me! No trust me! (Trust No One??)

Jacob Appelbaum: Ultrasurf is software produced by the UltraReach company for censorship circumvention, privacy, security and anonymity. Unfortunately for them, I found their claims to be overstated and I found a number of serious problems with Ultrasurf.
https://blog.torproject.org/blog/ultrasurf-definitive-review

UltraReach: Tor repeatedly and knowingly makes false and outdated statements about Ultrasurf, which are detailed in our full response
http://ultrasurf.us/Ultrasurf-response-to-Tor-definitive-review.html

See also:
http://vrritti.com/?s=appelbaum

Apr 11 2012

A new privacy-protecting Internet service and telephone provider still in the planning stages could become the ACLU’s dream and the FBI’s worst nightmare

The official beginning of the end for ‘mere conduits‘? At least you’ll be able to submit your data to Facebook via an encrypted tunnel

Nicholas Merrill is planning to revolutionize online privacy with a concept as simple as it is ingenious: a telecommunications provider designed from its inception to shield its customers from surveillance.

Merrill, 39, who previously ran a New York-based Internet provider, told CNET that he’s raising funds to launch a national “non-profit telecommunications provider dedicated to privacy, using ubiquitous encryption” that will sell mobile phone service, for as little as $20 a month, and Internet connectivity.

The ISP would not merely employ every technological means at its disposal, including encryption and limited logging, to protect its customers. It would also — and in practice this is likely more important — challenge government surveillance demands of dubious legality or constitutionality.

Merrill has formed an advisory board with members including Sascha Meinrath from the New America Foundation; former NSA technical director Brian Snow; and Jacob Appelbaum from the Tor Project.

More:

http://news.cnet.com/8301-31921_3-57412225-281/this-internet-provider-pledges-to-put-your-privacy-first-always/

Apr 10 2012

Iran plans to unplug the Internet, launch its own “clean” alternative

Ya Haq instead of Google. Iranian Apple, Facebook, Amazon, Twitter and Skype equivalents to follow?

http://arstechnica.com/tech-policy/news/2012/04/iran-plans-to-unplug-the-internet-launch-its-own-clean-alternative.ars

Apr 9 2012

Siemens In No Hurry To Patch Stuxnet Vulnerability? Waits 571 days after a vivid example of the impact of this vulnerability that has been known for 10+ years

Dutch language news article:
http://www.security.nl/artikel/41053/1/Siemens_laat_Stuxnet-lek_al_571_dagen_ongemoeid.html

See also:

Every owner/operator should be asking their vendors how ladder logic upload/download is secured, as well as firmware upload/download and commands that could be used maliciously to affect the availability or integrity of the process. Vendors, you should be able to tell your customers what you are doing to address this, when it will be ready, and what the upgrade process is.

http://www.digitalbond.com/2012/04/06/stuxnet-type-attacks-are-easy/

Apr 9 2012

“Anonymous” says plans more attacks against China sites, because the world is black and white, just like their masks

Anonymous, a loosely knit group that has attacked financial and government websites around the world, hacked into Chinese government websites last week, defacing several, media reports said.

The group used the Twitter account “Anonymous China” to publicize the attacks, posting links to data files that contained passwords and other personal information from the hacked websites. (twitter.com/#!/AnonymousChina)

“First we want to alert the Chinese government that we aren’t afraid, and we are going to show the truth and fight for justice,” Anonymous hacker “f0ws3r” told Reuters.

The hacker, who declined to provide any personal details, was contacted through Anonymous China’s Twitter page. F0ws3r said the group planned more serious attacks against Chinese websites.

“Yes, we are planning more attacks, a few at a time,” f0ws3r said, adding that the plan was to take down the “Great Firewall of China”.

More:

http://www.reuters.com/article/2012/04/09/net-us-china-hackers-idUSBRE83808H20120409

Apr 9 2012

A cyber attack on a Utah Department of Technology Services computer server that stores Medicaid claims data now appears to have affected far more recipients

In addition to Medicaid clients, the breach also involved information from Children’s Health Insurance Plan (CHIP) recipients.
As part of its on-going investigation into the attack, DTS today reported to the Utah Department of Health (UDOH) that approximately 181,604 Medicaid and CHIP recipients had their personal information removed from the server. Of those individuals, 25,096 appear to have had their Social Security numbers compromised.
Apr 9 2012

Corporate executives and other high value employees could even have their mobile phone compromised before they even disembark the plane

A thirst for intellectual property and trade secrets, and a bugeoning market of sophisticated mobile surveillance tools means that executives need to begin thinking and acting like spies in order to avoid being spied upon themselves, according to a presentation at the OWASP AppSec DC 2012 conference in Washington DC on Thursday.

Among the common attacks used against high value targets are SMS messages sent to the phones that contain links to Web pages that compromise the mobile device, Morehouse said. It’s not uncommon for these attack messages to imitate the standard “welcome” text message that arriving visitors get from the local mobile carrier that informs them of the local mobile and data rates. The messages are highly effective because mobile users are familiar with them and, in fact, expecting them as soon as they activate their phone.

The likelihood of having your mobile device hacked overseas varies based on the country you are visiting, who you are, and how interested state- and non-state actors are in your work or your employer. And, while China and Russia are the two countries that are most-often mentioned, Morehouse said surveillance of executives and other VIPs isn’t limited to those two destinations.

Morehouse said countries in the Asia-Pacific region, in general, as well as countries in Africa should have executives on guard.

While a few governments – notably China – are known to work with the cooperation of local carriers, Morehouse said that the rapid growth of the spy tools industry has democratized wireless surveillance, and given state and non-state actors plenty of tools to work with to compromise mobile devices.

Morehouse said firms like the Israeli firm ABILITY have tools that can detect the location of a mobile device to within 30 meters. Others allow sophisticated nation and non-nation state backed attackers to target phones by the phone number, IMEI (International Mobile Equipment Identity) number and intercept all inbound and outbound communications from the device and, in some cases, even decrypt encrypted communications on the fly. ELTA Systems, another Israeli firm, even markets a miniature blimp that can fly over targets of interest and suck up mobile signals, he said.

Morehouse said his interest in mobile defense was borne of his own travels around the Globe.

More:

http://threatpost.com/en_us/blogs/executives-abroad-may-get-owned-they-re-tarmac-040812

Apr 8 2012

Vodafone NL Disruption Allows Subscribers To Eavesdrop On One Another (Video)

Dutch man calls girlfriend. Having listened to a Vodafone notification arguing that he hasn’t got sufficient credit to make the phone call, he’s able to listen in to bits and pieces of other conversations

Dutch language news article:
http://www.joop.nl/show/detail/artikel/hallo_vodofone_doet_het_weerbijna/

Previously:
http://vrritti.com/?s=vodafone