At issue is the FISA Amendments Act, expiring legislation authorizing the government to electronically eavesdrop on Americans’ phone calls and e-mails without a probable-cause warrant so long as one of the parties to the communication is outside the United States. The communications may be intercepted “to acquire foreign intelligence information.”
Much more:
http://www.wired.com/threatlevel/2012/05/congress-mulls-spy-powers/
According to the report, “Flame” – dubbed “the most sophisticated cyber-weapon ever” – was written in LUA computer language, which the incredibly popular game was written in.
More:
http://www.ynetnews.com/articles/0,7340,L-4236514,00.html
The Ethiopian Telecommunication Corporation, which happens to be the sole telecommunication service provider in Ethiopia, has deployed or begun testing Deep Packet Inspection (DPI) of all Internet traffic. We have previously analyzed the same kind of censorship in China, Iran, and Kazakhstan.
Reports show that Tor stopped working a week ago — even with bridges configured. Websites such as https://gmail.com/, https://facebook.com/, https://twitter.com/, and even https://torproject.org/ continue to work. The graphs below show the effects of this deployment of censorship based on Deep Packet Inspection:
An analysis of data collected by a volunteer shows that they are doing some sort of TLS fingerprinting. The TLS server hello, which is sent by the Tor bridge after the TLS client hello, never reaches the client. We don’t know exactly what they are fingerprinting on, but our guess is that it is either the client hello or the server hello. An illustration can be found in this network flow diagram.
https://blog.torproject.org/blog/ethiopia-introduces-deep-packet-inspection
“Without appropriate regulations, Google’s vehicles will be able to gather unprecedented amounts of information about the use of those vehicles. How will it be used? Just as Google tracks us around the Information Superhighway, it will now be looking over our shoulders on every highway and byway”
More:
http://www.latimes.com/business/money/la-fi-mo-google-car-protest-20120530,0,6380083.story
Minister wants to amend relevant laws to enable the MIVD to legally intercept internet related data. He confirms that there is tension between what is technically possible and what is legally allowed
Dutch language news article:
http://tweakers.net/nieuws/82243/kabinet-mivd-overtreedt-wet-bij-aftappen.html
Previously:
Experts Discover That Nobody Cares Whether International Cybercrime Enforcement Is Based On Any Legal Framework Or Not
http://vrritti.com/2012/04/06/experts-discover-that-nobody-cares-whether-international-cybercrime-enforcement-is-based-on-any-legal-framework-or-not/
Dutch Prosecutor Van Zwieten: Remote Investigations Are Illegal, But Inevitable. Laws Need To Be Modernized
http://vrritti.com/2012/03/10/dutch-prosecutor-van-zwieten-remote-investigations-are-illegal-but-inevitable-laws-need-to-be-modernized/
Dutch Public Prosecutor Lodewijk van Zwieten: Dutch police was allowed to hack systems of botnet victims. Says that police should also be allowed to hack straight into PCs of cybercriminals in foreign countries
http://vrritti.com/2011/11/16/dutch-public-prosecutor-lodewijk-van-zwieten-dutch-police-was-allowed-to-hack-systems-of-botnet-victims-says-that-police-should-also-be-allowed-to-hack-straight-into-pcs-of-cybercriminals-in-foreign/
There is a faint hint that a new investigation wouldn’t be worth the effort under current Australian privacy laws, with Pilgrim noting that the current agreement had to be agreed with Google, because his office can’t impose enforceable undertakings. That agreement includes Google’s apology to Australians for collecting WiFi payload data, conducting a privacy assessment for future changes to StreetView data collection, and consulting with the commissioner about all data collection activities in Australia
http://www.theregister.co.uk/2012/05/30/no_new_privacy_investigation_into_google_oz/
Neelie Kroes, the EU’s Digital Agenda Commissioner, will present by the beginning of June a new legislative proposal which aims “to facilitate cross-border electronic transactions” through the adoption of harmonised e-signatures, e-identities and electronic authentication services (eIAS) across EU member states, according to an internal document seen by EurActiv.
“A clear regulatory environment for eIAS would boost user convenience, trust and confidence in the digital world,” reads the paper. “This will increase the availability of cross-border and cross-sector eIAS and stimulate the take up of cross-border electronic transactions in all sectors.”
Brussels has long been trying to facilitate the emergence of a parallel system of electronic identification, on top of the the real-world existing documents. This has mainly been linked to the struggle for establishing a truly functioning single market, rather than on security grounds.
More:
http://www.euractiv.com/infosociety/brussels-wants-identities-eu-citizens-news-512833
The other countries are Belgium, Poland and Slovenia, the official said, declining to be identified because of the sensitivity of the matter. The Commission is due to announce its decision to take legal action on Thursday.
More:
http://www.reuters.com/article/2012/05/29/net-us-eu-telecoms-rules-idUSBRE84S0YO20120529
The White House is planning to convene a cybersecurity summit Wednesday morning to discuss ways to counter botnets, which have emerged as the leading Internet security threat.
Industry representatives are planning to announce a nine-point plan that includes sharing more information about identifying botnets — and how to help their customers remove the malware from their computers.
Much more:
http://news.cnet.com/8301-1009_3-57443380-83/white-house-prepares-to-convene-anti-botnet-summit/
The implementation of the judgement will be deferred for two weeks
Research firm Gartner said by 2015, around 60 percent of corporations will have programs in place to monitor social media accounts — including Facebook, Twitter, YouTube, and LinkedIn — for security breaches and data leaks.
Traditionally, companies have taken the ‘internal’ approach to monitor activities within the corporate domain. Gartner suggests looking at both inside and outside the enterprise zone would lead to a more effective solution.
In 2007, Philippe Vannier, former head of Amesys and current chief executive of Bull, reportedly met with Abdullah Senussi, Libya’s head of intelligence, in Tripoli. A deal was signed that year, and beginning in 2008 Amesys engineers and technicians, many of them former French military personnel, traveled to Libya to set up several data and monitoring centers for the country’s Internal Security service. According to engineers at Libyan Internet provider LTT, two high-bandwidth “mirrors” were installed—one on the country’s main fiber-optic trunk and one inside the DSL switchboard—to copy all Internet traffic and feed it into the Eagle system, which became operational in 2009.
One of the monitoring centers, known as HQ 2, was located on the ground floor of a tan six-story Internal Security building on Sikka Street in Tripoli. The dreaded structure was sometimes called the Heretics House, after the Counter-Heresy Office—Gadhafi’s squad charged with combating Islamists—which was based there. Inside, a sign on an interior door bore the logos of both Amesys and the Libyan government and warned: help keep our classified business secret. don’t discuss classified information out of the hq. Behind it, analysts sat at their terminals and used a web browser to log on to the Eagle system, where they would peruse their latest intercepts or search for new targets to monitor using keywords, phone numbers, or email and IP addresses. The system was capable of collecting email, chat and voice-over-IP conversations, file transfers, and even browsing histories from anyone who used broadband or dialup Internet in Libya. The analysts could call up social-network diagrams for the targets they were hunting, with the links between each suspect showing the frequency and type of communication. Emails of interest were labeled “follow-up” for the security services.
A filing room with shelves of pink folders held thousands of printed-out emails and chat logs, case files with fingerprints and photographs of the targets, and transcripts of phone intercepts faxed to the center. The email intercepts (which are marked “https://eagle/interceptions” at the top, indicating they were printed from the Eagle system) typically contain the IP addresses and port numbers, and sometimes even usernames and passwords. They list everything from mundane conversations about building maintenance to business deals to political discussions among dissidents—a vast catalog of private lives.
In one intercept, a dissident’s search history is described as being “sexual in nature.” In another, dated December 2010, a well-known dissident living in Tripoli, Jamal al-Hajji, writes to a central figure in the then-ongoing Tunisian revolution, Munsif al-Marzouqi, advising him on resistance tactics: “Demonstrations in front of the UN’s offices in French, British, German, and American capitals, in conjunction with hunger strikes, will strengthen the Tunisian street, scare the regime, and limit its assaults.” Later, on January 19, an unnamed woman writes to Hajji, saying, “The revolution will be here very soon, by the will of the people.” At the outbreak of demonstrations in Libya, Hajji would be arrested, tortured, and imprisoned in a tiny cell for seven months.
Amesys, with its Eagle system, was just one of Libya’s partners in repression. A South African firm called VASTech had set up a sophisticated monitoring center in Tripoli that snooped on all inbound and outbound international phone calls, gathering and storing 30 million to 40 million minutes of mobile and landline conversations each month. ZTE Corporation, a Chinese firm whose gear powered much of Libya’s cell phone infrastructure, is believed to have set up a parallel Internet monitoring system for External Security: Photos from the basement of a makeshift surveillance site, obtained from Human Rights Watch, show components of its ZXMT system, comparable to Eagle. American firms likely bear some blame, as well. On February 15, just prior to the revolution, regime officials reportedly met in Barcelona with officials from Narus, a Boeing subsidiary, to discuss Internet-filtering software. And the Human Rights Watch photos also clearly show a manual for a satellite phone monitoring system sold by a subsidiary of L-3 Communications, a defense conglomerate based in New York. (Amesys, VASTech, ZTE and Narus did not respond to multiple interview requests; L-3 declined to comment.)
Much more:
http://www.wired.com/threatlevel/2012/05/ff_libya/all/1
Five years on, John McClane’s security nightmare is not so sci-fi.
Diligence and gritty determination may have helped Eugene Kaspersky become one of the software world’s most successful entrepreneurs, but there’s one thing the antivirus king can’t bear: Die Hard 4.0.
“I watched the movie for 20 minutes, then pressed pause, got a cigarette and a glass of Scotch. To me it was really scary: they were talking about real scenarios. It was like a user guide for cyber terrorists. I hated that movie,” the flamboyant Russian entrepreneur says.
See also:
http://www.youtube.com/watch?v=IVJ8VeTk9Ps
And
We developed breakthrough silicon chip scanning technology to investigate these claims. We chose an American military chip that is highly secure with sophisticated encryption standard, manufactured in China. Our aim was to perform advanced code breaking and to see if there were any unexpected features on the chip. We scanned the silicon chip in an affordable time and found a previously unknown backdoor inserted by the manufacturer.
This backdoor has a key, which we were able to extract. If you use this key you can disable the chip or reprogram it at will, even if locked by the user with their own key. This particular chip is prevalent in many systems from weapons, nuclear power plants to public transport. In other words, this backdoor access could be turned into an advanced Stuxnet weapon to attack potentially millions of systems. The scale and range of possible attacks has huge implications for National Security and public infrastructure.
More:
http://www.cl.cam.ac.uk/~sps32/sec_news.html#Assurance
Google is facing an inquiry into claims that it deliberately harvested information from millions of UK home computers.
The Information Commissioner data protection watchdog is expected to examine the work of the internet giant’s Street View cars.
They downloaded emails, text messages, photographs and documents from wi-fi networks as they photographed virtually every British road.
It is two years since Google first admitted stealing fragments of personal data, but claimed it was a ‘mistake’.
Now the full scale of its activities has emerged amid accusations of a cover-up after US regulators found a senior manager was warned as early as 2007 that the information was being captured as its cars trawled the country but did nothing.
Close links between Google and the Conservative Party were on display this weekend at the society wedding of senior Google executive Naomi Gummer. Miss Gummer, a former political secretary to Jeremy Hunt, married Henry Allsopp, 38, in an Oxfordshire ceremony attended by Prime Minister David Cameron and his wife Samantha, as well as the embattled Culture Secretary, who came with his wife and their two young children.
More:
See also:
Google engineer in Street View probe identifies as a Palo Alto hacker Marius Milner
http://vrritti.com/2012/05/02/google-engineer-in-street-view-probe-identifies-as-a-palo-alto-hacker-marius-milner/
Russian security firm Kaspersky Labs told the BBC they believed the malware, known as Flame, had been operating since August 2010. The company said it believed the attack was state-sponsored, but could not be sure of its exact origins.
They described Flame as “one of the most complex threats ever discovered”. Research into the attack was carried out in conjunction with the UN’s International Telecommunication Union.
“Once a system is infected, Flame begins a complex set of operations, including sniffing the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and so on,” he said.
More than 600 specific targets were hit, Mr Kamluk said, ranging from individuals, businesses, academic institutions and government systems.
Iran’s National Computer Emergency Response Team posted a security alert stating that it believed Flame was responsible for “recent incidents of mass data loss” in the country.
The malware code itself is 20MB in size – making it some 20 times larger than the Stuxnet virus. The researchers said it could take several years to analyse.
Dutch Vice-prime Minister Maxime Verhagen:
“Since 2008, the Dutch Ministry of Economic Affairs, Agriculture and Innovation and the EU have been supporting the Turkish Ministry of Justice with the harmonisation of Turkish law with the European E-commerce Directive and the European rules for privacy and data protection. This exchange of knowledge and experience contributed to a sound legal framework for e-commerce in Turkey (…) E-commerce in Turkey has great potential. To exploit the full potential of the Turkish online market, it is important to create a level playing field with the EU. Also, companies need to invest in creating trust in e-commerce by complying with the rules, respecting privacy of consumers and using adequate security measures. In our experience, sectors that invest in trust marks and dispute resolution mechanisms benefit most in the long run.”
Cybercriminals often take advantage of visual social engineering elements, by embedding logos of reputable and trusted brands in order to improve of authenticity of their bogus content.
Users are advised to keep in mind the fact that these security and privacy seals often have limited applicability in real-life situations, in particular in the process of ensuring a web site’s CIA (Confidentiality, Integrity and Availability).
More:
http://www.zdnet.com/blog/security/comcast-phishing-site-contains-valid-truste-seal/12292
The Government’s lawyers have been ordered to explain how the FBI left the country with evidence in the Kim Dotcom case meant to be kept in “secure custody” by New Zealand police.
High Court chief judge Helen Winkelmann has told the Attorney-General’s lawyer, Mike Ruffin, he has until Monday to explain why FBI agents were allowed to take 135 cloned computer and data storage devices to the United States.
At a legal challenge at the High Court in Auckland yesterday, Dotcom’s lawyer Paul Davison, QC, called the revelation “high-handed” at best and “at the worst misleading”.
Mr Davison and lawyers for Dotcom’s three co-accused want a judicial review into search warrants used during FBI-inspired raids on January 20. Dotcom, Finn Batato, Mathias Ortman and Bram van der Kolk were arrested over allegations of criminal copyright violation through their file-sharing website Megaupload.
Mr Davison said he asked for assurances in correspondence with Mr Ruffin’s predecessor, Anne Toohey, that no evidence would leave New Zealand shores unless on the back of a court decision.
More:
http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10808032
In point of fact, IBM’s concerns are not unfounded; Apple’s iPhone Software License Agreement states that the things you say, both to Siri and to Dictation, are recorded and sent to Apple in order to be converted into text—along with certain other information: names of people from your address book and other unspecified user data, all to help Siri do a better job.
http://gizmodo.com/5912554/at-ibm-headquarters-siri-is-persona-non-grata
Try “w0rldd0m1n4t10n”
And so it winds on further: in the latest installment to the Aotearoan legal battle, Kim Dotcom’s lawyer that he will only hand over his passwords as part of a “proper judicial process”.
Dotcom, head of Megaupload and accused by the FBI of racketeering and copyright infringement, is resisting extradition to the USA and seeking the return of computers and other property seized when his rented mansion in New Zealand was raided by the Feds and New Zealand police.
More:
http://www.theregister.co.uk/2012/05/22/dotcom_password_court_fight/
An explosion in biological understanding and medical engineering makes it extremely easy to obtain genetic profiles, and old codgers in the law haven’t paid attention.
