David Neal, V3.co.uk, Monday 18 October 2010 at 12:36:00
Average loss per person reaches £1,000
Identity fraud affects over 1.8 million people a year at a cost of £2.7bn,
according to new figures from the National Fraud Authority (NFA).
The a…
.::anti-abuse.com::.
Security Revealed
privacy-and-data's archive
Student faces jail after Palin email hack conviction
Posted in May 4th, 2010
Iain Thomson in San Francisco, V3.co.uk, Monday 3 May 2010 at 21:03:00
David Kernell looking at 20-year sentence
A college student is facing over 20 years in jail and huge fines after
guessing the password to the Yahoo email account of then vice-presidential
candidate Sarah Palin.
David Kernell was convicted of unauthorised access to obtain information from
a computer and obstruction of justice, which comes with a maximum term of 20
years in jail. He was found innocent of wire fraud, and a charge of identity
theft was dismissed after a retrial.
Kernell used publicly available information to
guess
the password to Palin’s Yahoo account, namely the location where she met her
husband.
At the time, Palin was reportedly
under
fire for using a private email account for
government
business and Kernell uploaded certain emails to Wikileaks showing this to be
the case.
The defence argued that the incident was little more than a student prank,
but the prosecutors said it was a deliberate attempt to sabotage the
presidential campaign. Palin and her daughter Bristol testified about the
disruption the incident caused to their lives.
“My family and I are thankful that the jury thoroughly and carefully weighed
the evidence and issued a just verdict,” said Palin in a Facebook posting.
“Violating the law, or simply invading someone’s privacy for political gain,
has long been repugnant to Americans’ sense of fair play.
“As Watergate taught us, we rightfully reject illegally breaking into
candidates’ private communications for political intrigue in an attempt to
derail an election.”
Kernell now faces 21 years in prison and fines of $100,000 (£66,000) for
computer fraud and $250,000 (£165,000) for obstruction of justice.
Comments Off
Stalker jailed for planting PC evidence
Posted in April 2nd, 2010
Iain Thomson in San Francisco, V3.co.uk, Friday 2 April 2010 at 20:09:00
Finnish man sought to break up target’s marriage
In a highly unusual case, a Finnish man has been jailed for trying to break
up a marriage by sneaking into the couple’s home and planting false evidence on
the husband’s computer.
Ilkka Karttunen was jailed for over four years by Basildon Crown Court after
being found guilty of harassment, perverting the course of justice and making
indecent images of children.
The court heard that he had become obsessed with a co-worker and sought to
end her marriage by breaking into their house, planting child pornography on the
husband’s hard drive, and then informing the police.
“This had a devastating effect on the family as he was given no access to his
young children or his home while he was under investigation, and he had to live
with the trauma of being accused of crimes against young children, of which he
is wholly innocent,” Suzanne Stringer said for the prosecution, according to
The Times.
Karttunen broke into the family’s home while they were asleep, used the
husband’s computer to download the images, then stole the hard drive and mailed
it to police with the address.
When police raided Karttunen’s home they found a complete copy of the
family’s computer files stored in his garden shed, as well as photos of his
target’s home, including the husband’s work calendar and their children’s room.
“He had been inside the home of his colleague at night whilst the family were
upstairs asleep and had downloaded the contents of their home computer. In doing
this Karttunnen had hoped to have an innocent man arrested and imprisoned so he
could take his place in the family,” Stringer said.
“The lengths this man went to in order to pursue a fantasy were incredible.
We only hope the family can now move forward positively with their lives.”
Comments Off
V3.co.uk debrief: Clause 18 amendment and Facebook privacy breach
Posted in April 1st, 2010
V3.co.uk, Thursday 1 April 2010 at 14:57:00
We round up the top stories of the week
Phil Muncaster takes a look at the week’s hottest tech stories, including
Digital Economy Bill amendments, another Facebook privacy breach, Google’s
censorship woes continue and Yahoo Mail accounts are hacked in China.
Comments Off
China cyber attack targets journalists
Posted in March 31st, 2010
David Neal, V3.co.uk, Wednesday 31 March 2010 at 12:49:00
Beijing-based press agency says eight journalists’ email accounts have been
hacked
The Foreign Correspondents’ Club of China (FCCC) today claimed that a number
of its members have had their Yahoo email accounts hacked and tampered with.
The Beijing-based press association said eight journalists have had their
email accounts hacked, including one that had a forwarding address added to his
account settings.
We approached Yahoo in the UK for a comment, but so far it has not responded.
Nor, it appears, has it responded to calls from the FCCC for clarification.
“Yahoo has not answered the FCCC’s questions about the attacks, nor has it
told individual email users how the accounts were accessed. Password security
and malware are ongoing concerns, but it’s unclear whether they are related to
this case,” the FCCC said in a statement on its web site.
Until more clarification is provided, the FCCC is recommending that its users
take care whenever they use email, particularly if the content is sensitive, and
particularly if they use Yahoo Mail.
It said users should check their account settings to make sure that no
forwarding addresses have been added, and change their passwords frequently.
The agency’s warning ends by reminding users that email “does not appear to
be secure in China, and that alternate means of arranging interviews and
conducting other sensitive business are often preferable”.
This is not the first time that email has been tampered with in China. Google
issued a similar warning to users after some of its mail accounts were hacked in
January.
Comments Off
Google blames China for search block
Posted in March 31st, 2010
Spencer Dalziel, V3.co.uk, Wednesday 31 March 2010 at 12:44:00
Relations deteriorate as Google identifies ‘change in the great firewall’
Google has backtracked on an initial statement that the blocking of some of
its services in China had been the result of its own technical error, leading to
renewed speculation that the Chinese authorities are interfering with its web
traffic.
It was originally claimed that Google’s search services were being
deliberately blocked after the firm moved its operation to Hong Kong to avoid
censorship in mainland China.
Reports first surfaced this week that China might be attempting to
cripple
Google’s Hong Kong service, but Google then responded by saying the problem
was likely to be a technical error.
“The ‘gs_rfai’ started appearing in the URLs of Google searches globally as
part of a search parameter, a string of characters that sends information about
the query to Google so we can return the best result,” said the firm at the
time.
“Because this parameter contained the letters ‘rfa’ the Great Firewall was
associating these searches with Radio Free Asia, a service that has been
inaccessible in China for a long time – hence the blockage. We are currently
looking at how to resolve this issue.”
However, in a new statement, Google said it is now holding China’s firewall
responsible for the block.
“Having looked into this issue in more detail, it’s clear we actually added
this parameter a week ago. So whatever happened to block google.com.hk must have
been as a result of a change in the great firewall,” Google said.
In a further twist, the web giant admitted that its Chinese search traffic
has now returned to normal “even though we have not made any changes at our end
“.
Google’s mobile services in China have been
partially
blocked for several days, according to the company’s
service
accessibility report.
Comments Off
GoDaddy to stop registering domains in China
Posted in March 25th, 2010
Dan Worth, V3.co.uk, Thursday 25 March 2010 at 12:13:00
Firm follows Google’s example and criticises Chinese authorities
Web registrar GoDaddy has said that it will stop registering domain names in
China in protest at the growing amount of information required by the Chinese
authorities.
Christine Jones, corporate secretary at GoDaddy, said at a congressional
commission on China that the firm is concerned by changes being made to the
information required from Chinese citizens when they sign up for a domain.
“A new policy effective 14 December required any registrants of .cn domain
names to provide a colour headshot photo identification, business identification
(including a Chinese business registration number) and signed registration
forms,” she said.
Jones explained that the Chinese authorities then asked GoDaddy to
retrospectively gather this information on pre-existing owners of domains, and
threatened those that did not comply with disconnection of their domains.
“For these reasons, we have decided to discontinue offering new .cn domain
names at this time,” she said.
Jones went on to criticise the Chinese authorities’ approach to the
management of the internet.
“We believe that many of the current abuses of the internet originating in
China are due to a lack of enforcement against criminal activities by the
Chinese government,” she said.
“Our experience has been that China is focused on using the internet to
monitor and control the legitimate activities of its citizens, rather than
penalising those who commit internet-related crimes.”
Jones claimed that, as a result, GoDaddy has had to repel a large number of
attacks on the systems that host its customer web sites, including distributed
denial-of-service attacks.
“We also combat many attacks that are more systematic, such as hackers
attempting to insert malicious code into the pages of our customers’ hosted web
sites,” she said.
Jones confirmed that existing .cn domains would not be affected by this
announcement, but urged the US government to pressure China to change its stance
on internet regulations.
“We hope that the US government can use its influence with the authorities in
China to increase Chinese enforcement activities relating to internet abuse,
while encouraging the free exchange of ideas, information and trade,” she said.
The move follows
confirmation
from Google that it will move its Chinese search operation to Hong Kong, and
speculation that Dell is considering
closing
its operations in China and relocating them to India.
Russia
recently
announced that it will tighten up its domain name registration policies to
take on DNS scammers and cyber criminals operating in the region.
Comments Off
US military plan to destroy Wikileaks leaked
Posted in March 16th, 2010
Iain Thomson in San Francisco, V3.co.uk, Monday 15 March 2010 at 23:02:00
Counterintelligence agency hatched strategy to discredit leak site
A US Army Counterintelligence Agency report into Wikileaks, which recommends
destroying the reputation of the whistleblower web site, has been published by,
appropriately enough, Wikileaks.
The
2008
plan [PDF], which is marked as classified, identifies Wikileaks as “a
potential force protection, counterintelligence, OPSEC, and INFOSEC threat to
the US Army” and details some of the documents that have appeared on the site,
including a manual for prisoner handling from Guantanamo Bay and a map of Abu
Ghraib prison.
“Wikileaks.org uses trust as a center of gravity by assuring insiders,
leakers, and whistleblowers who pass information to Wikileaks.org personnel or
who post information to the Web site that they will remain anonymous,” the
report’s executive summary concludes.
“The identification, exposure, or termination of employment of or legal
actions against current or former insiders, leakers, or whistleblowers could
damage or destroy this center of gravity and deter others from using
Wikileaks.org to make such information public.”
The report suggests that foreign governments could be using the site to learn
about US Army secrets and recommends training staff on more secure control of
secret information, as well as investigating if current staff members are
leaking to the site.
“As two years have passed since the date of the report, with no Wikileaks’
source exposed, it appears that this plan was ineffective,” said Wikileaks.
As an odd justificaton for the plan, the report claims that “several foreign
countries including China, Israel, North Korea, Russia, Vietnam, and Zimbabwe
have denounced or blocked access to the Wikileaks.org web site”. The report
provides further justification by enumerating embarrassing stories broken by
Wikileaks
Wikileaks has broken many important
stories
over the past few years, despite being beset with
legal
action and a
chronic
shortage of funds.
Comments Off
GCHQ lost track of 35 laptops in 2008
Posted in March 12th, 2010
Dan Worth, V3.co.uk, Friday 12 March 2010 at 16:33:00
Intelligence and Security Committee attacks ‘cavalier’ attitude to security
Government Communications Headquarters (GCHQ) lost track of 35 laptops in
2008, including three classified as ‘top secret’, the Intelligence and Security
Committee (ISC) has revealed.
GCHQ director Iain Lobban told the ISC, which was established in 1994 to
examine the policy, administration and expenditure of GCHQ, that historically
laptops were simply checked in and out and updated in the records.
The ISC criticised this “haphazard” approach to the allocation and location
tracking of devices, and has demanded tighter security practices.
“The ISC considers that this formerly cavalier attitude towards valuable and
sensitive assets was unacceptable. GCHQ must ensure that it controls, tracks and
monitors its equipment effectively,” it said.
Lobban claimed that the rapid deployment of personnel and assets to conflict
areas had exacerbated the problem.
“A lot of the laptops are shipped out to sites in the theatres of war for
communications means or to control equipment. Against an operational imperative,
people perhaps took slightly hasty decisions without due process,” he said.
However, Lobban admitted that its former control processes “were not
sufficiently robust”, and said that GCHQ had updated its procedures to check the
location of every single laptop more regularly.
The news will make embarrassing reading for Downing Street, which recently
gave the Information Commissioner’s Office the ability to
fine
companies found guilty of breaching the Data Protection Act up to £500,000
from April 2010.
Comments Off
Cyclist accused of hacking French laboratory
Posted in February 17th, 2010
Shaun Nichols in San Francisco, vnunet.com, Wednesday 17 February 2010 at 00:19:00
Court issues arrest warrant for 2006 attack on anti-doping lab
A French judge has issued an arrest warrant for a cyclist accused of hacking
into computer systems at an anti-doping lab.
According to a New York Times report, authorities believe that Floyd Landis,
a former Tour de France winner, used a Trojan program to install data-stealing
malware on a system at the Châtenay-Malabry drug-testing lab.
The accusations are in connection with Landis’ 2006 Tour de France
anti-doping case. As part of his defence in the case, the cyclist presented
computer data which claimed that the handling of samples was flawed and that the
laboratory erred in reporting that the cyclist had used performance-enhancing
drugs.
Authorities now believe that the data was gathered through the use of a
malware program which was traced back to the system of one of the cyclist’s
coaches. They allege that the stolen information was then altered and presented
in the defence.
A spokesperson for France’s anti-doping agency told reporters that Landis’
team used a “network of hackers” and made multiple attempts to infiltrate
systems.
Landis reportedly denied the accusations.
Comments Off
Iran blocks Gmail permanently for citizens
Posted in February 11th, 2010
Iain Thomson in San Francisco, V3.co.uk, Thursday 11 February 2010 at 05:53:00
Plans to launch approved national email service
Google has said it has seen a drop in traffic today after Iran announced it
was blocking its citizen’s access to Gmail.
Iran’s telecommunications provider announced today that Gmail would be
permanently blocked and a national email system would be rolled out shortly,
according to the Wall Street Journal. It quotes a local official as saying the
move was designed to boost local internet firms and build trust between the
government and the people.
A Google spokesman said in a statement, “We have heard from users in Iran
that they are having trouble accessing Gmail. We can confirm a sharp drop in
traffic, and we have looked at our own networks and found that they are working
properly.”
“Whenever we encounter blocks in our services we try to resolve them as
quickly as possibly because we strongly believe that people everywhere should
have the ability to communicate freely online.”
The Iranian government has been focusing more attention on the internet since
protests erupted last June over alleged vote tampering. Protesters
used
services like Twitter to coordinate and
share
information, and the pro-government forces responded with denial of service
attacks, including later
against
Twitter itself.
Twitter has been outspoken in its opposition to censorship Evan Williams used
the World Economic Forum in Davos to commit to making Twitter
difficult
to censor. The company also
delayed
a planned upgrade during the June protests to make sure the service stayed
up for the demonstrators.
Comments Off
OpenDNSSEC service goes live
Posted in February 10th, 2010
Shaun Nichols in San Francisco, V3.co.uk, Tuesday 9 February 2010 at 22:25:00
Security service encrypts site queries
A collection of security and infrastructure management groups have launched a
new project to help secure DNS queries.
Dubbed OpenDNSSEC, the new project will provide a way for service providers
and hosting vendors to encrypt DNS traffic.
A fundamental part of everyday internet use, DNS (or Domain Name System)
servers allow the text URL addresses to be linked with the machine address of a
site’s host server.
Though largely unnoticed in the past, security researchers have been paying
increased attention to the DNS service and its
fundamental
weaknesses. Many worry that by compromising DNS servers, attackers will be
able to redirect traffic without user knowledge.
The new service will allow hosts and service providers to securely transmit
DNS requests and prevent attackers from intercepting and redirecting
information.
“OpenDNSSEC ensures that the domain name system is not tampered with, and
that Internet users are directed to a preferred web site without intervention,”
said Lesley Cowley, chief executive of development group member Nominet.
“The collaboration in evidence, shows that the internet community is
committed to forging a safer, more trusted internet for all.”
Comments Off
Microsoft’s Mundie calls for ‘internet driving licence’
Posted in February 5th, 2010
Iain Thomson in San Francisco, V3.co.uk, Friday 5 February 2010 at 04:21:00
Mandatory test would apply to all citizens before using the internet
Microsoft’s chief strategy officer has suggested that people should undergo
mandatory training before being allowed online.
Craig Mundie, speaking at the World Economic Forum in Davos, proposed a
three-tier system of authentication for people, devices and applications.
Mundie acknowledged that this would mean some loss of anonymity, but said
that people are used to having to present identification in other areas of life
and that the internet should be no different.
“If you want to drive a car you have to have a licence to say that you are
capable of driving a car, the car has to pass a test to say it is fit to drive
and you have to have insurance,” he said.
“People don’t understand the scale of criminal activity on the internet.
Whether criminal, individual or nation states, the community is growing more
sophisticated.”
Mundie explained that it is perfectly reasonable to have anonymity when
simply walking down the street, but that if a citizen enters a bank to access
funds they will need an ID.
Hamadoun Touré, secretary general of the International Telecommunications
Union, used the meeting to suggest that nations should sign up to a cyber war
treaty guaranteeing that they would not launch an online “first strike”.
“A cyber war would be worse than a tsunami – a catastrophe,” he said, adding
that the
attacks
on Estonia in 2007 were just the beginning.
Countries should also guarantee not to harbour cyber terrorists, said Touré,
and to offer freedom of information to citizens.
A McAfee spokesman at the event warned that China, the US, Russia, Israel and
France are among 20 countries currently gearing up to take warfare online, and
that the world is facing an electronic arms race.
US senator Susan Collins, meanwhile, said in a
blog
post: “A former US director of national intelligence, John Negroponte, asked
me about the possibility of the Senate passing an international treaty on cyber
security, if one were to be drafted, or absent that, a cyber security bill for
the US.
“Our Homeland Security Committee is working on such legislation, but there
are many obstacles to overcome.”
Comments Off
Google turns over hack details to the NSA
Posted in February 5th, 2010
Shaun Nichols in San Francisco, V3.co.uk, Friday 5 February 2010 at 02:55:00
Company will let National Security Agency investigate intrusion
Google has handed over the investigation of the recent intrusion into its
systems to the National Security Agency (NSA).
The attacks took place in early January, reportedly in an attempt to
infiltrate several Gmail accounts.
Google accused the Chinese government of organising the attacks in an effort
to eavesdrop on human rights activists, and announced that it would
no
longer co-operate with the country’s web search censorship policies. China
has
denied
any involvement in the attacks.
Since Google disclosed the attacks, other companies,
including
Adobe, have come forward and admitted to being targeted in the attack, while
others,
including
Microsoft, have defended their decision to do business in China.
Reports suggest that Google and the NSA are still hammering out details on
the investigation, which will focus not on the attack itself but on ways to
prevent similar incidents in the future.
Online rights groups have already taken notice, however. The Electronic
Privacy Information Center has filed a
Freedom
of Information Act request seeking details of the agreement and how Google
plans to secure its web services.
Comments Off
Advertisments
Popular Tags
Recent Entries
- Introducing Comice OS 4: Mac-Looking Linux
- Over 3 Years Later, "Deleted" Facebook Photos Are Still Online
- Spamvertised ‘Tax Information Needed Urgently’ Emails Lead To Malware
- ManageEngine ADManager Plus 5.2 Cross Site Scripting
- Batavi 1.1.2 SQL Injection
- Cyberoam Central Console 2.00.2 Local File Inclusion
- Rice University And OpenStax Announce First Open-Source Textbooks
- Easily Create Impressive Presentations From PDF Files Or Images
- Infocon: green
- DIY Solid State Tesla Coil
Recent Comments
- Keine Kommentare vorhanden.
Social Network
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Jan | ||||||
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | ||||