JEFFREY BROWN (Newshour): Alright.
Markham Erickson, first, do you acknowledge piracy is a problem? I mean, all over the Internet, one can get copyright -- there are copyright violations.
MARKHAM ERICKSON, Open Internet Coalition: Well, sure. People are doing bad things on the Internet. And we agree that there are ways to try to deal with the very real problem of sites that are located outside of the jurisdiction of our court system and our legal system that are engaging in theft and illegal activity.
JEFFREY BROWN: What's the problem with the way they are proposing?
MARKHAM ERICKSON: The problem is, the proposals in Congress right now are not targeted to the problem of dealing with offshore illegal piracy.
We think there is a way to deal with that. And we've proposed a solution, which is to follow the money. The offshore sites are there to make money. They're there to profit from illegal activity. The companies I represent -- represent are some of the biggest ad networks and payment processors in the Internet ecosystem.
And they want to work with the rights-holders that, when an offshore site is engaged in illegal activity, they will shut off the economic lifeblood to those sites. And, if they do that, those sites will disappear.
----
JEFFREY BROWN: And what -- Mr. O'Leary, what about the proposed other -- the alternative route for dealing with this that he raised?
MICHAEL O'LEARY, Motion Picture Association of America: Well, I think that it's the -- to look at it from a positive perspective, it's encouraging to see a recognition that something has to be done about this problem.
I think that what we have concerns with the alternative proposal is that it sets up a separate court in the ITC. And that is not something which is necessarily used to deal with copyright. It's slow. It's bureaucratic. And, frankly, when someone is stealing from you, you don't have 12 to 18 months to work -- to let the bureaucratic court process work.
What we're proposing, what has bipartisan support, we have a broad support from not just the political spectrum, but across all types of American businesses is something which is a tool which will allow law enforcement to go after bad actors that are hiding overseas. We think it's more effective and more efficient.
The Pentagon agency that invented the Internet is asking the hacker community for help in eliminating Defense Department computer vulnerabilities.
The Defense Advanced Research Projects Agency, or DARPA, hosted a meeting this week for defense stakeholders and civilian computer experts, acknowledging that it has to start thinking differently about cyber security, Wired.com reported.
And the computer networks that run U.S. infrastructure are so vulnerable to cyber attack that the White House should think twice before even attacking emerging adversaries, a national security expert said.
Richard Clarke, who advised ex-Presidents Bill Clinton and George W. Bush, added that U.S. defense networks are "as porous as a colander."
Their Goliath scale leaves them especially vulnerable to tiny attacks, the Associated Press and Wired reported.
Clarke, who claims his early 2001 warnings to the Bush administration about the emerging threat of Al Qaeda went unheeded, issued the new warnings as tensions escalate between the U.S., Israel and their shared adversary Iran.
Last month Wired reported that a mundane virus called a key logger - one that surreptitiously records keyboard typing - was found on the computers used to remotely pilot Air Force drones targeting terrorists overseas.
In 2009 national security officials disclosed that Russian and Chinese agents had penetrated the U.S. electric grid and left behind software to help map the systems.
Dear Senator Leahy;
I am very concerned about the over-reaching authority which appears to be in the Protect IP Act and the Stop Online Piracy Act.
References:
Protect_IP_Act
Stop_Online_Piracy_Act
I am a software developer on the Internet. My main site is nodes.net which I have owned since 1998. I am working on a "quality discernment system" to advance the concept of an "intelligent web."
An integral part of the vision I hold is for individuals to "endorse" specific URL's on the web. These URL's could be something I call "metalinks" which are basically re-programmable re-directs to other web sites. These MetaLinks allow people to make a short, easy-to-
remember link for a web search or a web page.
For example, http://oil.nodes.net will redirect you to Energy Prices at Bloomburg. http://occupy.news.nodes.net will produce a search of news for "occupy" at Google news. There are many other search engines which are being included in this syntax at nodes.net
For example, http://vermont.wiki.nodes.net will take people to Wikipedia's entry for Vermont. I didn't program this metalink specifically. It is automatic. You can search for any word or phrase by substituting your word(s) for "vermont" in this URL.
In similar fashion http://05401.weather.nodes.net will take people to the weather for Burlington, VT and http://paris.time.nodes.net will take people to the current time in Paris. There are several dozen of these interfaces to other web sites and there will be hundreds, even thousands more in the near future.
I am concerned that the legislation currently being considered will limit the development of new technology to create an "intelligent web."
While the Metalinks currently in use have all been defined by someone I plan to allow intelligent software to create metalinks in the future.
It would be unwise to restrict the use of intelligent software to define links in my opinion. It's wrong to assume that all links are created by individuals operating independent of each other. Links could be a result of composite or collaborative intelligence.
In the future, metalinks will represent our "collective intelligence" or "community wisdom." That's what I'm working on now. I'm working to
create an "intelligent web." The concept I am working with is "augmented human intelligence" rather than "artificial intelligence."
I am asking you to put this legislation on the shelf for a minimum of 30 days, until 2012, so that there can be more input by the public and
a more careful analysis of what it means for all of us.
Consideration is a virtue. Please consider the effects this legislation would have on me and others who are working to advance the evolution of human intelligence on the Internet.
Sincerely,
Steve Moyer
Internet Developer
Founder, NODES Network
http://steve.nodes.net ( see what can be done with my technology )
P.S. You can see a link of all the Metalinks currently in existence, not including automatic search interfaces, at http://metalinks.nodes.net
GWEN IFILL (Newshour): We look now at the government crackdown on the online sale of counterfeit goods. The Justice Department used Cyber Monday, the biggest online shopping day of the year, to shut down 150 websites that were allegedly peddling fake shoes, sporting goods and handbags. But was this the right approach?
Joining us to discuss that are Steve Tepp, chief intellectual property counsel at the U.S. Chamber of Commerce, and Larry Downes, author of "The Laws of Disruption," a book about law and innovation in the digital age.
STEVE TEPP, U.S. Chamber of Commerce: It's a massive problem that's growing every day, because many of these sites are located outside the United States, where there is no remedy.
For the sites located in the U.S., or at least where their domain name is registered in the U.S., dot-com, dot-net, then our enforcement agencies, like the Immigration and Customs Enforcement and the Department of Justice, who are both doing fantastic work on this, protecting the American people, can go to court and seize those domains with a court order.
That's what happened yesterday, and that's 150 domain names that will not be used to steal American jobs, to harm American consumers today.
----
LARRY DOWNES, "The Laws of Disruption": Well, first, it should be noted that, you know, what we're seizing here is not the website itself, just the domain name. It's a largely symbolic act.
What happens is, the site is still there. It can be accessed directly from the I.P. address. Or what often happens is the site comes back a little bit later under another domain name. So whether that is effective or not, it doesn't matter.
MARGARET WARNER (Newshour): In November 2008, computer security experts began detecting a new, highly sophisticated computer worm. They called it Conficker. Ultimately, it invaded at least 12 million computers worldwide.
The story of the campaign to defeat it is chronicled in a new book, "Worm: The First Digital World War." The author is journalist Mark Bowden.
The Easiest Way to Move to Windows 7!
PCmover is the ONLY software that moves programs, files and settings from your old PC to your new PC – even restore from an image (or old hard drive) or perform an in-place upgrade.
The easy-to-use wizard will guide you in selecting which programs, files and settings you want on your PC. When complete, your new computer will have the personality and functionality of your old PC. And, PCmover is safe – it removes nothing from your old PC, won’t overwrite anything on your new PC, and includes an easy "Undo" feature.
Firefox Win Error Fix
Registry Editor (regedit)
CAUTION: Editing the registry incorrectly can damage your system. Do not attempt these steps if you are inexperienced or uncomfortable using the Registry Editor.
BEFORE making changes, from the tree hierarchy on left of REGEDIT, backup the "open" folder for EACH entry listed below by righ-clicking the folder and using [Export]. Save the result as the branch-name but change "\" to dashes.
NOTE: Make the changes in the order they appear on the tree. (order shown here)
Use the directory tree hierarchy to navigate to the following and DELETE the "ddeexec" registry key:
- HKEY_CLASSES_ROOT\FirefoxHTML\shell\open\ddeexec
- HKEY_CLASSES_ROOT\FirefoxURL\shell\open\ddeexec
- HKEY_CLASSES_ROOT\HTTP\shell\open\ddeexec
- HKEY_CLASSES_ROOT\HTTPS\shell\open\ddeexec
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"NoNetCrawling"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer]
"Max Cached Icons"="12000"
He claims to be 21 years old, a student of software engineering in Tehran who reveres Ayatollah Ali Khamenei and despises dissidents in his country.
He sneaked into the computer systems of a security firm on the outskirts of Amsterdam. He created fake credentials that could allow someone to snoop on Internet connections that appeared to be secure. He then shared that bounty with people he declines to name.
The fruits of his labor are believed to have been used to tap into the online communications of as many as 300,000 unsuspecting Iranians this summer. What’s more, he punched a hole in an online security mechanism that is trusted by millions of Internet users all over the world.
Comodohacker, as he calls himself, insists he acted on his own and is unperturbed by the notion that his work may have been used to spy on antigovernment compatriots.
“I’m totally independent,” he said in an e-mail exchange with The New York Times. “I just share my findings with some people in Iran. They are free to do anything they want with my findings and things I share with them, but I’m not responsible.”
In the annals of Internet attacks, this is likely to go down as a moment of reckoning. For activists, it shows the downside of using online tools to organize: an opponent with enough determination and resources just might find a way to track their every move.
It also calls into question the reliability of a basic system of trust that global Internet brands like Google and Facebook, along with their users, rely upon. The system is intended to verify the authenticity of a particular Web site — to ensure, in effect, that Gmail is Gmail, and that the connection to the site is encrypted and difficult for an outsider to monitor.
Hundreds of companies and government authorities around the world, including in the United States and China, have the power to issue the digital certificates that the system relies upon to verify a site’s identity. The same hacker is believed to be responsible for attacks on three such companies.
In March, he claimed credit for a breach of Comodo, in Italy. In late August came the attack on the Dutch company DigiNotar. On Friday evening, a company called GlobalSign said it had detected an intrusion into its Web site, but not into more confidential systems.
Armed with certificates stolen from companies like these, someone with control over an Internet service provider, like the Iranian authorities, could trick Internet users into thinking they were safely connected to a familiar site, while eavesdropping on their online activity.
Fearing the prospect of other breaches similar to those carried out by this hacker, Mozilla, the maker of the Firefox Web browser, last week issued a warning to certificate authority companies to audit their security systems or risk being booted off Firefox.
“It is a real example of a weakness in security infrastructure that many people assumed was trustworthy,” said Richard Bejtlich, the chief security officer of Mandiant Security in Alexandria, Va. “It’s a reminder that it is only as trustworthy as the companies that make up the system. There are bound to be some that can’t protect their infrastructure, and you have results like this.”
When you think of “Ubuntu Linux,” you probably think of the community Linux distribution and the Linux desktop. That’s great, but Canonical, Ubuntu’s parent company, also wants you to think of Ubuntu as a server and cloud operating system platform. To that end, Canonical has been working with IBM to get Ubuntu certified on IBM’s high-end System P Power hardware line and System z mainframes.
Yes, that’s right little Ubuntu Linux may soon be certified and running on top-of-the-line IBM enterprise hardware. Before this, Canonical worked successfully with IBM on bringing Ubuntu certifications for IBM’s x86-powered System x and BladeCenter lines.
Officially, all Canonical has to say is “Our company policy is that we don’t comment on any rumors that might be circulating. We’ll of course keep you well informed of any news that comes out of Canonical.” Away from public relations though I’m hearing that Canonical and IBM have working hard on expanding Ubuntu’s reach on IBM hardware.
If all goes well, Ubuntu will be officially supported on System p within the month and it will be certified on the Z mainframes by year’s end. This is happening because Canonical is working hard on increasing its business market share. While Ubuntu is arguably the single most popular Linux distribution with individuals, it’s always lagged behind most Red Hat and SUSE, formerly Novell, in business. Canonical wants to change that.
In order to do that, Canonical has been improving its partnerships with Original Equipment Manufacturers (OEMs); major server companies such as Dell, and its enterprise customers. This next step into high-end business computing with IBM makes perfect sense in pursuing this strategy.
As for IBM? Linux has been very, very good for IBM over the last decade and they’re getting to like Ubuntu. Historically, IBM has allied with Red Hat and Novell/SUSE. But, as IBM’s VP of Open Systems Development, Dan Frye told me recently, IBM is operating system and Linux agnostic. IBM will support what its customers want, and so, it appears to me, that IBM’s customers must now be asking for Ubuntu. Sometime soon it looks like they’ll be getting it.
A fraudulent SSL certificate for "*.google.com" issued by Dutch certificate authority (CA) DigiNotar, possibly to the Iranian government or its agents, has triggered a wave of updates from software makers to stop applications trusting the CA. The certificate was issued on 10 July to unknown persons in Iran.
Several security experts, such as Moxie Marlinspoke, confirmed that the SSL certificate came from DigiNotar; one pastebin entry detailed the contents of the suspicious certificate, while another called for the "internet death sentence" because the company's "carelessness may have resulted in deaths in Iran". The Electronic Frontier Foundation said in a blog posting that it believes the attacks have been used to intercept searches and private email. It is unknown who the certificate was actually issued to and whether or not any other bogus certificates were issued.
The attack was initially noticed by Google Chrome users because Chrome 13 and later implements certificate pinning which ensures that the browser will only accept certificates for Google from a whitelist of certificate authorities; DigiNotar was not a CA on the whitelist and users of Chrome were alerted that something was amiss with the certificate they were being presented. The certificate was revoked yesterday, 29 August, at 16:59 GMT, but because many browsers do not check for revoked certificates by default, software vendors have had to take action to prevent the continued exploitation of the bogus certificate. It is also currently unknown if any other bogus certificates were issued by DigiNotar, therefore the vendors are opting to block all certificates signed by the CA.
Microsoft has released a security advisory and updates for all supported Windows operating systems – including Vista SP3, Server 2008 SP2 and Windows 7 SP1 – which revoke trust in the CA's root certificate. Windows XP SP3 and Server 2003 SP2 will receive separate updates as these systems do not use the centrally managed Microsoft Certificate Trust List.
Mozilla has announced that it is releasing updates for Firefox (3.6.21, 6.0.1, 7, 8 and 9) and Firefox Mobile (6.0.1, 7, 8 and 9), Thunderbird (3.1.13 and 6.0.1) and SeaMonkey (2.3.2), which will also revoke trust in DigiNotar's root certificate. Mozilla has also released instructions on how to delete the DigiNotar Root CA certificate from Firefox manually.
Google is also disabling DigiNotar's certificate in Chrome "while investigations continue" even though Chrome detected the fraudulent certificate. The Chrome browser was only able to do that for google.com subdomains and if there are other fraudulent certificates for other domains Chrome would be unable to detect the deceit.
This is the second fraudulent certificate incident this year: in March, SSL certificates for addons.mozilla.org, Yahoo, Skype, Microsoft Live and Google were created by an intruder into a Comodo reseller.
RAY SUAREZ (Newshour): It was all a far cry from the days when Steve Jobs and co-founder Steve Wozniak began building their now ubiquitous brand, from scratch, in a California garage. They scored an early hit with the Apple II, the first consumer-grade computer to catch on. By the mid-1980s, the company was in a slump, and Jobs was forced out.
But he returned in 1996, and Apple began a turnaround. Still, in a rare interview in 2007, he said his work was never about creating the next big thing.
STEVE JOBS: We don't worry about stuff like that. We just try to build products that we think are really wonderful and that people might want. And sometimes we're right, and sometimes we're wrong.
----
RAY SUAREZ: Walt Mossberg, whether it's consumer electronics, entertainment, even computing, which is where it all started, this has been a big impact player, hasn't it?
WALTER MOSSBERG, The Wall Street Journal: Well, you know, Ray, I think Steve Jobs is a historic figure.
He's not only a historic figure in business, but really in America. He has not only disrupted and innovated in computers and consumer electronics for all those products we saw just now listed, but he has, in the process, shaken up and revolutionized the music industry, the movie industry, publishing industry. Even the retail industry, the Apple store chain that he built, is widely admired.
And on the side, while he was doing all that, he bought a little company called Pixar and turned it into the most successful studio in Hollywood and revolutionized animation.
----
WALTER MOSSBERG: But the devotion to product is -- goes beyond just those words. It's really a devotion to designing products for actual users. You know, a lot of computer companies -- Hewlett-Packard is a good example in what they are doing in spinning off P.C.s -- are really much more interested in selling to businesses, selling to intermediaries, like I.T. departments.
Steve Jobs calls those orifices. He's much more interested in designing something for the actual consumer, whether they're in a big company or just a family. And that -- and he's a perfectionist about it. And he's surrounded himself with other people who are just laser-focused on that.
The other thing, Ray, I think is incredibly important is, they don't just make little innovations based on market research. They take big risks and make big bets on what they think the next thing that people will want is, even if the people don't know it themselves at the time.
Updated, Cryptographers have discovered a way to break the Advanced Encryption Standard used to protect everything from top-secret government documents to online banking transactions.
The technique, which was published in a paper (PDF) presented Wednesday as part of the Crypto 2011 cryptology conference in Santa Barbara, California, allows attackers to recover AES secret keys up to five times faster than previously possible. It introduces a technique known as biclique cryptanalysis to remove about two bits from 128-, 192-, and 256-bit keys.
“This research is groundbreaking because it is the first method of breaking single-key AES that is (slightly) faster than brute force,” Nate Lawson, a cryptographer and the principal of security consultancy Root Labs, wrote in an email. “However, it doesn't compromise AES in any practical way.”
He said it would still take trillions of years to recover strong AES keys using the biclique technique, which is a variant of what's known as a meet-in-the-middle cryptographic attack. This method works both from the inputs and outputs of AES towards the middle, reusing partial computation results to speed up the brute-force key search. The technique is designed to reduce the time it takes an attacker to recover the key.
Lawson continued:
This technique is a divide-and-conquer attack. To find an unknown key, they partition all the possible keys into a set of groups. This is possible because AES subkeys only have small differences between rounds. They can then perform a smaller search for the full key because they can reuse partial bits of the key in later phases of the computation.
It's impressive work but there's no better cipher to use than AES for now.
AES remains the favored cryptographic scheme of the US government. The National Institute of Standards and Technology commissioned AES in 2001 as a replacement for the DES, or Digital Encryption Standard, which was showing signs of its age.
The research is the work of Andrey Bogdanov of Katholieke Universiteit Leuven; Microsoft Research's Dmitry Khovratovich; and Christian Rechberger of Ecole Normale Superieure in Paris. Bogdanov and Rechberger took leave from their positions to work on the project for Microsoft Research. ®
Update
Vulture Central has been deluged with missives from outraged readers complaining about the use of the word “broken” in the headline. "Broken" in cryptography is the result of any attack that is faster than brute force. The biclique technique described here allows attackers to recover keys up to five times faster than brute-force. AES may not be completely broken, but it's broken nonetheless.
What's more, theoretical attacks against widely used crypto algorithms often get better over time. As Root Labs' Lawson has noted, MD5 wasn't compromised in a single 2004 paper. Rather, people successively found better and better attacks against it, starting in the mid 1990's.
The master file table (MFT) is a database in which information about every file and directory on an NT File System (NTFS) volume is stored. There is at least one record for every file and directory on the NTFS logical volume. Each record contains attributes that tell the operating system (OS) how to deal with the file or directory associated with the record.
Detailed information about a file or directory such as the type, size, date/time of creation, date/time of most recent modification and author identity is either stored in MFT entries or in space external to the MFT but described by the MFT entries. For a complete list of MFT attributes, click on "View" (in Explorer aka My Computer) in an open folder containing at least one file or subfolder and then click on "Choose Details." You can select which attributes you want made visible by checking or unchecking the boxes in the left-hand column of the resulting pop-up window.
As more files and directories are added to the file system, it becomes necessary for NTFS to add more records to the MFT. Since keeping the MFT contiguous on the disk improves performance, when an NTFS volume is first set up, the operating system reserves about 12.5% of the disk space immediately following the MFT; this is sometimes called the "MFT Zone". This is a substantial chunk of real estate to reserve, but bear in mind that it is still usable. Regular files and directories will not use this space until and unless the rest of the disk volume space is consumed, but if that occurs, the "MFT Zone" will be used. Eventually, if there are enough entries placed in the MFT, as it expands it will use up the "MFT Zone". When this happens, the operating system will automatically allocate more space elsewhere on the disk for the MFT. This allows the MFT to grow to a size limited only by the size of the volume, but this fragmentation of the MFT may reduce performance by increasing the number of reads required for some files, and the MFT cannot generally be defragmented.
Facial recognition tech makes it easier to combine offline, online identities
Imagine walking down a street and having a total stranger being able to instantly pull up your name, date of birth, Social Security number, your last blog item and other data on their smart phone.
That could soon happen, said Alessandro Acquisti, associate professor of IT and public policy at Carnegie Mellon University's Heinz College.
In a presentation at the Black Hat conference here this week, Acquisti demonstrated how it's becoming easier for strangers to identify people and infer detailed information about them from their publicly available images on sites such as Facebook and LinkedIn.
The trend has "ominous implications for privacy," Acquisti said. "I'm here to raise awareness of what I feel is going to happen."
Acquisti detailed the results of a series of experiments he conducted in which he applied off-the-shelf facial recognition tools to publicly available Facebook profile images to uniquely identify individuals. In one of the experiments, Acquisti and his team of researchers attempted to glean the true identities of individuals who had posted their images under assumed names on an online dating site
First, they used a search engine and an API they developed to automatically extract about 275,000 publicly available profile images of Facebook members in a particular city.
They then did the same with publicly available images of individuals in the same city who had posted on the dating site. Acquisti used a facial recognition tool called Pittsburgh Pattern Recognition (PittPatt) developed at CMU to see whether he could find matches between the dating site images and the Facebook profile pictures.
In all, about 5,800 dating site members also had Facebook profiles. Of these, more than 4,900 were uniquely identified. The numbers are significant because a previous CMU survey showed that about 90% of Facebook members use their real name on their profiles, Acquisiti said. Though the dating site members had used assumed names to remain anonymous, their real identities were revealed just by matching them with their Facebook profiles.
In another experiment, Acquisti's team took webcam photos of nearly 100 students and tried to match those images with the pictures on each student's Facebook profile.
Students were asked to pose for three photos and then fill out a short survey. While the surveys were being filled out, the webcam images were run against PittPatt to see whether a match could be found on Facebook.
In that experiment, about 31% of the students were correctly matched with their Facebook profiles -- in about 3 seconds.
MARGARET WARNER (Newshour): For at least five years, a high-level hacking campaign infiltrated the computer systems of more than 70 governments, corporations and public and private organizations in 14 countries. So says the Internet security firm McAfee, which uncovered the massive campaign and dubbed it Operation Shady RAT.
A summary released by McAfee yesterday identified -- identified the perpetrator only as one specific state actor.
----
MICHAEL JOSEPH GROSS, Vanity Fair: This is an unprecedented campaign of cyber-espionage, demonstrates with absolute clarity now that there are just two kinds of organizations, those that have been compromised and those that haven't, as Dmitri Alperovitch, the guy who discovered this campaign, has often said.
What happened is, they went into more than 70 organizations, everything from the International Olympic Committee to giant corporations, to tiny nonprofits, in 30 different organizational categories in 14 countries. They took out government secrets, design schematics, legal contracts, negotiation plans for business deals, every kind of sensitive information you can think of.
In many cases, these organizations were compromised for at least a year, in some cases, more than two years. And there's a really interesting pattern to the evolution of the attacks that suggest where they may have come from.
MARGARET WARNER: And that is?
MICHAEL JOSEPH GROSS: That is China.
For the last few years, especially since the public revelation of Operation Aurora, the targeted successful intrusion into Google and two dozen other companies, I have often been asked by our worldwide customers if they should worry about such sophisticated penetrations themselves or if that is a concern only for government agencies, defense contractors, and perhaps Google. My answer in almost all cases has been unequivocal: absolutely.
Having investigated intrusions such as Operation Aurora and Night Dragon (systemic long-term compromise of Western oil and gas industry), as well as numerous others that have not been disclosed publicly, I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact. In fact, I divide the entire set of Fortune Global 2000 firms into two categories: those that know they’ve been compromised and those that don’t yet know.
The British police announced the arrest on Wednesday of a 19-year-old man who they said was the spokesman of the online vigilante group Lulz Security, which has claimed responsibility for a string of attacks on the Web sites of government agencies and private corporations.
In a statement, the police said the man used the online alias Topiary and had been picked up during a raid on a residence in the Shetland Islands, the rugged archipelago off the northeastern coast of Scotland. The police said they were also questioning a 17-year-old but had not arrested him.
On Twitter, Topiary described himself as a “simple prankster turned swank garden hedge.” His missives were often facetious, suggesting the handiwork of someone who relished playful language.
Lulz Security, the offshoot of a larger and more amorphous hacker group called Anonymous, has said it was responsible for attacks on the sites of PBS, the Senate, the Arizona Department of Public Safety and a company associated with the F.B.I.
Could the rapidly growing, user-friendly Linux distro attract converts away from the mighty Ubuntu?
For many advanced Linux enthusiasts reading this, I doubt that any recent changes to the Ubuntu desktop swayed you very much. Most of you already have had plenty of time to select alternative distros -- from Fedora to Arch Linux -- should you decide you want to.
Each distribution has its own set of advantages and differences. But for those people who cannot bear to part with some features that are considered to be unique to Ubuntu, Linux Mint might be a viable option to look into.
Linux Mint is perfect for new users
I've used Linux Mint GNOME edition off and on for a few years now. I have mostly used it in testing, as I'm really not the target audience for this distribution. Yet I continue to be impressed with how simple and user-friendly this desktop is. In addition, there are other factors that I think give Linux Mint a huge edge over Ubuntu for the casual user.
When running the Linux Mint software updating tool, you'll find things are numbered from 1 to 5. Packages numbered with a 1 are from Linux Mint developers while those packages with a "2" or higher come from Ubuntu or a third-party.
This numbering system all but guarantees that you won't hose a system with a bad set of updates from a rogue repository you added and forgotten about.
The next big thing with Linux Mint is how concisely the menu layout is presented. Unlike the old Gnome menus or even Unity, everything in Linux Mint is tightly laid out to make the entire experience as logical as possible. This menu setup makes migrating from another operating system much less overwhelming for newer users. For "old hat users" such as myself, I enjoy finding everything within reach. And if it's not visible, the provided search box takes care of anything that's missing.
Another huge push in the right direction for newcomers would have to be the introduction screen that appears on the first boot. Documentation, support, and so forth is presented right away. From there, items that I think should have been provided by Ubuntu out of the box are a given with Linux Mint.
Gufw (Easy to use Ubuntu Firewall) is installed and ready to go. There is a Mintbackup utility that not only offers the same functionality as SimpleBackup on Ubuntu, but it even backs up your application titles. This means you can take this list to another PC, run the program and install the same software list as before. That’s always been possible via the command line, and now it's nice to see this functionality provided for newer users with a friendly GUI.
Without any doubt, the biggest reason for me to love Linux Mint is that I can install software by name from the control panel -- with greater speed than I could have with apt-get.
Plus I can avoid all the package managers and directly type in the application's name, which presents me with the option to install it. Best of all, it's done very quickly and without the bloat of the software center. It's almost like being able to run the terminal without needing to know how. I love it!
It feels like Ubuntu
One of the biggest reasons I still rely on Ubuntu is because of the huge number of software packages available for it. If there's software for Linux, then there's an Ubuntu package somewhere for that application title.
Luckily, these same applications also work well for Linux Mint as it offers a release based on Ubuntu. This means that should Ubuntu's direction force me to drop it completely I can stick with the same applications.
Security researchers from Kaspersky Lab have identified a new piece of malware which writes malicious code to the NTFS boot loader.
The threat which Kaspersky detects as Cidox, features two rootkit drivers, one for 32-bit versions of Windows and one for 64-bit ones.
As part of its infection routine Cidox determines the version of the operating system and copies the relevant driver to the empty sectors at the beginning of the drive.
It only infects NTFS partitions and determines the active one by looking at the MBR code. It then proceeds to replace the Extended NTFS IPL (Initial Program Loader) code. The original one is encrypted and saved at the end.
This is part of a special technique that leverages Windows kernel features to load the malicious driver into the system.
The driver has the purpose of hooking into several processes including svchost.exe, iexplore.exe, firefox.exe, opera.exe and chrome.exe via a special DLL.
"This library modifies any browser output, substituting it with its own. As a result, the user sees a browser window displaying an offer to renew the browser due to some malicious programs allegedly detected on the system," Kaspersky's Vyacheslav Zakorzhevsky explains.
This threat is effectively a form of scareware, as the user is asked to pay for the browser renewal by sending an SMS message to a premium rate number.
In order to appear more convincing, there are custom pages for each browser borrowing design elements from other official ones displayed by their developers.
This is one of the most sophisticated scareware threats currently in the wild, but at the moment it only appears to target Russian-speaking users.
It seems that malware authors are increasingly using advanced techniques. One of the most dangerous threats at the moment, the TDL4 rootkit, infects the MBR (master boot record) in order to hide itself.
RAY SUAREZ (Newshour): If I put my stored and accumulated content on the cloud, is it private?
CECILIA KANG, The Washington Post: Well, that's a good question.
The -- the devices will be encrypted. And that's what Apple said in passing. But there's a lot of questions as to your privacy and the security of cloud-based applications, Internet-based services. We have seen a lot of attacks on information, hacking attacks into Sony, Nintendo, PBS. You have seen a lot of these -- this -- the vulnerability of information that resides on the Internet.
And when I say it resides on the Internet, I mean that it resides on servers. You don't know where they are, but there are large data farms all over the country around the world, where bits -- your bits and pieces, the bits, I should say, of the music that you have, the videos that you have, the bits, the actual digital packets, they reside in these places that you don't really as much control of.
So, when you make this decision to switch to cloud-based applications, it's much easier, more convenient and often much cheaper. But there often is the -- there is the consideration of a tradeoff, perhaps, in that there may be less security involved. It's much safer when you have your information on your own computer that only you can access than on the Internet.
And your privacy is also perhaps in -- in question, in that more people, more companies have access to what you're doing. And they can see what you're doing online.
Google said Wednesday that hundreds of users of Gmail, its e-mail service, had been the targets of clandestine attacks apparently originating in China that were aimed at stealing their passwords and monitoring their e-mail.
In a blog post, the company said the victims included senior government officials in the United States, Chinese political activists, officials in several Asian countries, military personnel and journalists.
It is the second time Google has pointed to an area of China as the source of an Internet intrusion. Its latest announcement is likely to further ratchet up the tension between the company and Chinese authorities.
The Obama administration on Monday proposed creating international computer security standards with penalties for countries and organizations that fell short.
While administration officials did not single out any countries in announcing the strategy, several officials said privately that the hope was that the initiative would prod China and Russia into allowing more Internet freedom, cracking down on intellectual property theft and enacting stricter laws to protect computer users’ privacy.
“The effort to build trust in the cyberspace realm is one which should be pushed in capitals around the world,” said Commerce Secretary Gary Locke, who will soon be taking over as President Obama’s ambassador to China.
The strategy calls for officials from the State Department, the Pentagon, the Justice Department, the Commerce Department and the Department of Homeland Security to work with their counterparts around the world to come up with standards aimed at preventing theft of private information and ensuring Internet freedom. A fact sheet released by the White House also promised that the United States would respond to attempted hacking “as we would to any other threat to our country.”
Attorney General Eric H. Holder Jr. called it a “historic strategy,” adding that “the 21st-century threats that we now face to both our national and international security really have no borders.”
Last week the administration released the domestic component of its new computer security strategy, increasing and clarifying the penalties for computer crimes, and giving the domestic security agency a clear mandate for the protection of the government’s own networks. That effort was intended to reverse a growing perception that penalties for attacks on government, corporate and personal computers had been relatively small.
In addition to giving the Homeland Security Department new authority over federal computer systems, the legislation calls for the agency to work with energy companies, water suppliers and financial institutions to rank the most serious threats and find ways to counter them. The law would also require each business to have an independent commercial auditor assess its plans and, in the case of financial firms, report those plans to the Security and Exchange Commission.
RAY SUAREZ (Newshour): The latest episode involved millions of people around the world who use Sony's PlayStation video game system and who may have had their credit card information stolen in a hacking incident.
The intrusion caused the company to shut down PlayStation's Internet network a week ago. It provides access to online gaming, music, movies, sports and TV shows. Seventy-seven million user accounts were disconnected worldwide. But it wasn't until yesterday that Sony disclosed a hacker obtained information, including players' names, addresses, birth dates, email addresses, passwords and log-in names.
And on the company's blog, Sony spokesman Patrick Seybold said, "While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility."
Near Sony headquarters in Tokyo, some said the breach may stop them from using PlayStation.
KAZUNORI SANO, resident of Tokyo (through translator): I will be afraid of playing with the game machine after hearing of this. I don't want my credit card information to be leaked out somewhere else in the world.
RAY SUAREZ: And in Australia, police urged PlayStation users to be vigilant.
DETECTIVE SUPERINTENDENT COL DYSON, New South Wales State Police Force: It would appear that the risk in relation to credit cards may be low. But if people have concerns, they should be talking to their banks and watching for unauthorized usage of the cards.
RAY SUAREZ: Some industry experts say the scale of the breach could cost the company billions of dollars.
THOMAS PUHA, "Pelaaja": This is going to have a very negative impact on a business that they have built up, because I think a lot of -- obviously, a lot of consumers will really be very wary of putting their credit card information back online or even buying anything.
RAY SUAREZ: Sony said it expects the PlayStation Network to be restored in a week. In the meantime, an outside security firm has been hired to investigate what Sony deems the malicious intrusion.
For a closer look at all this, we turn to Kevin Poulsen, senior editor at Wired.com. A former hacker himself, he's also author of a new book, "Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground."
And, Kevin, for those people who aren't gamers, why would you have to load personal information into a game console in the first place?
KEVIN POULSEN, Wired.com: Well, a lot of gaming takes place now online. You have multiplayer games where you could play with or against opponents live in real time.
And, of course, a game console isn't just a game console anymore. You want to be able to download movies and other content. And all -- you pay for all of that, which means you have to give up this information.
RAY SUAREZ: Sony says it has no direct evidence that credit card numbers were taken, but it says -- quote -- "We cannot rule out the possibility."
When you have had a breach, when someone has been rifling around in your files electronically, can you tell what they have seen and what they haven't?
KEVIN POULSEN: There are usually -- there's usually some kind of trail left, yes. But if the hacker is good and took steps to cover his or her tracks, then it could -- it could take a while to extract that.
I imagine that's why Sony took so long to announce this. They were probably hoping to find better news. They were probably hoping to find evidence that the -- that information wasn't accessed. Now that they have brought in an outside company, I expect they will know a lot more than they do now, eventually. Of course, they -- they may know more than they're telling us now.
RAY SUAREZ: The PlayStation system has been down for over week, disappointing a lot of people who are frequent users.
Does that long-term shutdown tell you something about the seriousness of the breach, that they're not patching it, but rebuilding the whole network?
KEVIN POULSEN: Absolutely.
It's a really radical measure to take. And it's surely going to cost them a lot of money and a lot of fan loyalty. There are people that aren't even going care about the breach itself who are just going to be extremely angry that they were denied access to the PlayStation Network for so long. So, it's bad news all around.
If this had just been a casual intruder, a recreational intruder, some kid working from his bedroom, I doubt they would have taken this measure. So, they probably have some indication that this was a serious, focused attack.
RAY SUAREZ: Well, as we reported earlier, they got user names, passwords, various other kinds of personal information. What's the risk to account holders at this point?
KEVIN POULSEN: You know, the biggest risk is probably with the personal information, especially the passwords, because a lot of people use the same passwords everywhere.
So, that, coupled with your email address and your real name and your date of birth, the hackers will, if this was done for profit, then, all of that could wind up being sold on the black market, probably for a nice sum of money.
And then, whoever buys it, other computer intruders could use the information to try and hack into other accounts held by these PlayStation Network users. It could be anything from Facebook to online banking. You could use it to stage scams targeting the users in other ways.
So, it could be -- it could wind up that this becomes the first stage in a lingering problem that haunts users for a long time, if, in fact, that that was the nature of the breach.
The Comodo Group, an Internet security company, has been attacked in the last month by a talkative and professed patriotic Iranian hacker who infiltrated several of the company’s partners and used them to threaten the security of myriad big-name Web sites.
But the case is a problem for not only Comodo, which initially believed the attack was the work of the Iranian government. It has also cast a spotlight on the global system that supposedly secures communications and commerce on the Web.
The encryption used by many Web sites to prevent eavesdropping on their interactions with visitors is not very secure. This technology is in use when Web addresses start with “https” (in which “s” stands for secure) and a closed lock icon appears on Web browsers. These sites rely on third-party organizations, like Comodo, to provide “certificates” that guarantee sites’ authenticity to Web browsers.
But many security experts say the problems start with the proliferation of organizations permitted to issue certificates. Browser makers like Microsoft, Mozilla, Google and Apple have authorized a large and growing number of entities around the world — both private companies and government bodies — to create them. Many private “certificate authorities” have, in turn, worked with resellers and deputized other unknown companies to issue certificates in a “chain of trust” that now involves many hundreds of players, any of which may in fact be a weak link.
The Electronic Frontier Foundation, an online civil liberties group, has explored the Internet in an attempt to map this nebulous system. As of December, 676 organizations were signing certificates, it found. Other security experts suspect that the scan missed many and that the number is much higher.
Making matters worse, entities that issue certificates, though required to seek authorization from site owners, can technically issue certificates for any Web site. This means that governments that control certificate authorities and hackers who break into their systems can issue certificates for any site at will.
Experts say that both the certificate system and the technology it employs have long been in need of an overhaul, but that the technology industry has not been able to muster the will to do it. “It hasn’t been perceived to be a big enough problem that needs to be fixed,” said Stephen Schultze, associate director of the Center for Information Technology Policy at Princeton. “This is a wake-up call. This is a small leak that is evidence of a much more fundamental structural problem.”
In the Comodo case, the hacker infiltrated an Italian computer reseller and used its access to Comodo’s systems to automatically create certificates for Web sites operated by Google, Yahoo, Microsoft, Skype and Mozilla. With the certificates, the hacker could set up servers that appear to work for those sites and try to view the unscrambled e-mail of millions of people, experts say.
I make no guarantee that any advice given on these pages will work as expected. There are just too many variables depending on Operator Systems and hardware configurations to give any advice that will always work.
Where possible, I will provide links to my source.
