Saturday, August 25, 2007

Amtrak Suffers Major Ticketing Meltdown

Rafi Guroian writes on The Atlanta Jounral-Constitution's "Window on Washington":

Amtrak riders have been having a heck of a time making reservations and picking up tickets today, as the nation’s passenger rail carrier’s ARROW ticketing system came to a halt at about 1:30 EDT (Saturday, August 25, 2007).

When calling Amtrak’s reservation number, customers are greeted with the following recording:

"At the present time, we are experiencing technical problems with our computer systems. We are unable to make or modify reservations. If you are not traveling today, please call us back tomorrow."

Live agents answering callers who wait on hold are beginning each call with a prepared statement informing customers that they have no computer access, can’t access reservations, and can’t look up fares. Oddly, the Amtrak website makes no mention of the technical problems.

More here.

U.S. Toll in Iraq, Afghanistan

Iraq and Afghanistan statistics via The Boston Globe (AP).

As of Saturday, Aug. 25, 2007, at least 3,728 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 3,047 died as a result of hostile action, according to the military's numbers.

The AP count is six higher than the Defense Department's tally, last updated Friday at 10 a.m. EDT.

As of Saturday, Aug. 25, 2007, at least 361 members of the U.S. military had died in Afghanistan, Pakistan and Uzbekistan as a result of the U.S. invasion of Afghanistan in late 2001, according to the Defense Department. The department last updated its figures Aug. 18, 2007.

Of those, the military reports 239 were killed by hostile action.

More here and here.

And as always, keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Massive Microsoft WGA Meltdown

Gregg Keizer writes on ComputerWorld:

An unknown problem in a controversial Microsoft Corp. anti-counterfeit process has been fingering genuine versions of Windows Vista and Windows XP as fakes since Friday night, disabling features on potentially millions of machines.

Beginning Friday around 8 p.m. Eastern, users started posting messages on Microsoft's support forums, including Vista Validation Issues, saying that their PCs had been tagged as running non-genuine Windows. Overnight, the number of users adding their accounts to the tale spiked significantly, and the frustration index jumped dramatically.

More here.

AOL Phisher Enters Guilty Plea

Via Technology News Daily.

Michael Dolan, age 23, formerly of West Haven, Connecticut and North Miami Beach, Florida, pleaded guilty today to federal charges related to his participation in an elaborate internet “phishing” scheme that targeted and victimized America Online subscribers. Dolan pleaded guilty to one count of conspiracy to commit fraud in connection with access devices, and one count of aggravated identity theft.

According to documents filed with the Court and statements made in court, from approximately 2002 through 2006, Dolan conspired with others to obtain names, credit card numbers, bank account numbers, Social Security account numbers, and other private personal and financial information through an internet “spamming” and “phishing” scheme that targeted AOL subscribers.

More here.

L.A. Unified Payroll System a Lesson in Agony

Joel Rubin write in The Los Angeles Times:

Since launching a $95-million computer system six months ago, the Los Angeles Unified School District has been beset by programming glitches, hardware crashes and mistakes by hurriedly trained clerical staff. The result: tens of thousands of teachers, cafeteria workers, classroom aides and others have been underpaid, overpaid or not paid at all.

The hardest hit have been the roughly 48,000 certificated employees -- teachers and others who require a credential to perform their jobs. Their complicated, varied job assignments and pay scales have perplexed computer programmers and, this month, an additional 3,900 people received incorrect paychecks.

More here.

U.S. Terror Suspect List Yields Few Arrests

Ellen Nakashima writes in The Washington Post:

The government's terrorist screening database flagged Americans and foreigners as suspected terrorists almost 20,000 times last year. But only a small fraction of those questioned were arrested or denied entry into the United States, raising concerns among critics about privacy and the list's effectiveness.

A range of state, local and federal agencies as well as U.S. embassies overseas rely on the database to pinpoint terrorism suspects, who can be identified at borders or even during routine traffic stops. The database consolidates a dozen government watch lists, as well as a growing amount of information from various sources, including airline passenger data. The government said it was planning to expand the data-sharing to private-sector groups with a "substantial bearing on homeland security," though officials would not be more specific.

More here.

Friday, August 24, 2007

Toon of the Day: Too Much Information

Click for larger image.

Consumer Innovations to Inform Website for Spies

Sam Diaz writes in The Washington Post:

Government agents may soon find valuable information through an online-recommendation system like the one on Spies who read this report, it might say, also found these reports useful.

That is one of several features the Office of the Director of National Intelligence might borrow from mainstream technology as it designs its new Web-based information-sharing system.

The DNI is working on a new system intended to "tunnel through" the 16 different intelligence-gathering agencies in hopes of streamlining data sharing, said Michael Wertheimer, DNI's assistant deputy director for analytic transformation and technology.

More here.

U.S. Government Concerned Over Chinese Desire to Acquire Seagate

John Markoff writes in The New York Times:

A Chinese technology company has expressed interest in buying a maker of computer disk drives in the United States, raising concerns among American government officials about the risks to national security in transferring high technology to China.

The overture, which was disclosed by the chief executive of one of the two remaining drive makers in the United States, William D. Watkins of Seagate Technology, has resurrected the issues of economic competitiveness and national security raised three years ago when Lenovo, a Chinese computer maker, bought I.B.M.’s personal computer business.

Tensions have been increasing lately between the countries over China’s ambitions in developing its military abilities and advanced technologies for industrial and consumer uses.

More here.

Gapingvoid: Escaping The Obscurity Complex

Via Enjoy!

U.S. Toll in Iraq, Afghanistan

Iraq and Afghanistan statistics via The Boston Globe (AP).

As of Friday, Aug. 24, 2007, at least 3,725 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 3,047 died as a result of hostile action, according to the military's numbers.

The AP count is three higher than the Defense Department's tally, last updated Friday at 10 a.m. EDT.

As of Friday, Aug. 24, 2007, at least 361 members of the U.S. military had died in Afghanistan, Pakistan and Uzbekistan as a result of the U.S. invasion of Afghanistan in late 2001, according to the Defense Department. The department last updated its figures Aug. 18, 2007.

Of those, the military reports 239 were killed by hostile action.

More here and here.

And as always, keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Sony Up To It's Old Tricks: BioShock Installs Rootkit, Including Demo

Via Gaming Bob.

2K Games recently issued at statement addressing the DRM protection and widescreen problems for the BioShock PC game. In the statement 2K reveals a change in number of activations available with each copy of BioShock. Consumers are now allowed to activate their copy of BioShock a total of five times via the SecuROM network. Problems have already surfaced on the third-party severs preventing users from activating their copy of the game.

What 2K has failed to address is the the SecuROM rootkit installed on your computer when installing BioShock, which is also included in the demo. The term rootkit is used to describe the mechanisms and techniques whereby malware, including viruses, spyware, and trojans, attempt to hide their presence from spyware blockers, antivirus, and system management utilities.

More here.

(Props, /.)

Australian Teen Cracks Government's Porn Filter


A 16-year-old schoolboy has cracked the federal government's $A84 million ($NZ93 million) internet porn filter.

Tom Wood, a Year 10 student, told News Ltd newspapers it took him about 30 minutes to break through the government's new filter, released on Tuesday.

Tom, who attends a Melbourne private school, can deactivate the filter after several clicks.

His method ensures the software's toolbar icon is not deleted.

He can leave his parents believing the filter is still working.

More here.

Pentagon Setting Up War Information Room

An AP newswire article by Lolita C. Baldor, via The Boston Globe, reports that:

Shaping the Bush administration's message on the Iraq war has taken on new fervor, just as anticipation is building for the September progress report from top military advisers.

For the Pentagon, getting out Iraq information will now include a 24-hour-a-day, seven-day-a-week Iraq Communications Desk that will pump out data from Baghdad -- serving as what could be considered a campaign war room.

According to a memo circulated Thursday and obtained by The Associated Press, Dorrance Smith, assistant defense secretary for public affairs, is looking for personnel for what he called the high-priority effort to distribute Defense Department information on Iraq.

More here.

Networx Vendors Vie for OneNet Spots

Jason Miller writes on Washington Technology:

The Homeland Security Department has issued the first large-scale task order under the $48 billion Networx Universal governmentwide acquisition contract.

Through the General Services Administration’s telecommunications vehicle, DHS wants two of the three Networx vendors — Verizon Business Services, Qwest Government Services and AT&T — to establish its OneNet intranet for sensitive but unclassified information.

DHS said it will designate one winning vendor as a primary service provider and one as a secondary provider, but only one vendor will perform services in support of incident response and the network operations and security centers.

More here.

Domain Name Parking Service Suffers Denial of Service

John Leyden writes on The Register:

Domain name parking service NameDrive restored its services on Friday after coming under a concerted and ferocious denial of service attack from unidentified hackers.

The motives for the attack remain unclear but NameDrive reckons crackers expanded vast resources to flood its website with spurious traffic.

NameDrive offers a service that allows domain owners to "park" inactive domains. Targeted ads are placed on these parked domains, enabling owners to rake in a percentage whenever visitors to the domains click on the ads. These services have now been restored while the firm works on restoring its home page.

More here.

Oklahoma: Law Enforcement System Breached

Josh Rabe writes on

Private information may have been leaked inadvertently from a statewide law enforcement computer system at three Oklahoma law enforcement agencies.

The Department of Public Safety announced Friday it discovered the first-ever security breach in the Oklahoma Law Enforcement Telecommunication System, which could put some Oklahomans at risk for identity theft.

The breach affected only the Elk City and Eufaula Police Departments and Kiowa County Sheriff's Office, Capt. Chris West said. The agency is urging anyone who has had contact with those agencies to check their credit report as soon as possible to see whether their information has been compromised.

West initially would not say in what timeframe the breach occurred or how long security had been compromised at those locations.

The system allows communication between 911 operators and law enforcement officers. It displays the call for service on a computer screen and instant access to all types of local, state, and federal law enforcement databases.

More here.

(Props, Pogo Was Right.)

FAQ: The Mess

Gregg Keizer writes on ComputerWorld:

The last thing you need when you're unemployed is a bank account that's suddenly emptied. But that's exactly what some unwary users of employment search site faced after identity thieves made off with the personal information of more than a million people looking for jobs.

This still-developing story has enough nooks and crannies to confuse a gumshoe, but some facts are clear: Monster's resume database was looted, and the personal information taken was used to forge convincing messages that deposited password-stealing Trojans and ransomware on users' PCs.

Calculated and ambitious, the attack is striking for how it blended several elements -- stolen credentials of legitimate users, phishing e-mails, Trojan horses, money mules and more -- into a slick assault. Here's what we know so far.

More here.

Yahoo! and MSN Agree to Censor China Blogs

Richard Spencer writes on The

Yahoo and MSN, the internet giants, have confirmed they had signed up to new attempts by the Chinese government to censor and control blogs behind the country’s “Great Firewall”.

The companies both keep internet servers inside the country in an attempt to capitalise on the fast-growing Chinese market.

The country now has the second highest number of internet users, behind the United States.

But to do so they have to conform to strict Chinese laws controlling freedom of speech, which include employing their own “monitors” to carry out government censorship orders and committing to remove any web pages that are considered politically sensitive.

In addition, along with domestic firms they have now both had to sign up to a new government code on blogging, which both companies admitted in statements without giving further details.

More here.

Off Beat: Cyber Criminal Mastermind of the Week

Tillie Fong writes in the Rocky Mountain News:

Carl Andrew Dubois, who was arrested last week for manufacturing Ecstasy at his south Boulder home, apparently didn't cover his tracks very well, according to a search warrant.

Dubois, 29, allegedly obtained all of the ingredients and supplies to make the club drug on eBay. And he paid for all the purchases through Pay-Pal, using a MasterCard credit card.

Morever, he used the address for his eBay and PayPal accounts. As noted in the search warrant, "freebasing" is a method of producing salts for the manufacture of MDMA, commonly known as Ecstasy.

More here.

AT&T Confirms Second VRAD Fire

Phil Harvey writes on Light Reading:

The AT&T Inc. investigation into an exploding VRAD cabinet may be over, but (sadly for my editors) the story lives on.

The carrier this morning has provided details of a second incident involving Avestor's batteries, the ones that were said to be the cause of an October 2006 broadband equipment cabinet explosion in suburban Houston.

The initial VRAD (video-ready access device) explosion occurred in the 8200 block of Clover Gardens Drive. This second incident, a VRAD that caught fire but didn't explode, happened in January 2007 -- "20 miles away" from the first mishap, according to AT&T. Light Reading hasn't been able to determine the exact address. Yet.

More here.

Microsoft Endorses Product That Turns Off Vista UAC Nags

Scott M. Fulton, III writes on BetaNews:

The latest version of a well-reviewed third-party security policy enhancement system for Windows Vista claims to solve what its manufacturer characterizes as "not a secure solution" to a critical problem Windows historically had with administrator privileges on programs. But in the announcement of the upgrade earlier this week, a key Microsoft product manager is quoted as having acknowledged Vista's own take on the solution was not quite enough, effectively reversing his company's stand on User Account Control.

The product is BeyondTrust Privilege Manager 3.5, and its key new feature is the ability to run Vista's UAC transparently without prompting the user for privilege elevation. In Monday's press release, Microsoft director of client security product management Austin Wilson is quoted as not only endorsing the product, but appearing to agree with BeyondTrust's key contention: that the UAC prompts were not only a nag but an insecure solution in itself.

More here.

SCADA Watch: America's Hackable Backbone

Andy Greenberg writes on

The first time Scott Lunsford offered to hack into a nuclear power station, he was told it would be impossible. There was no way, the plant's owners claimed, that their critical components could be accessed from the Internet. Lunsford, a researcher for IBM's Internet Security Systems, found otherwise.

"It turned out to be one of the easiest penetration tests I'd ever done," he says. "By the first day, we had penetrated the network. Within a week, we were controlling a nuclear power plant. I thought, 'Gosh. This is a big problem.'"

In retrospect, Lunsford says--and the Nuclear Regulatory Commission agrees--that government-mandated safeguards would have prevented him from triggering a nuclear meltdown. But he's fairly certain that by accessing controls through the company's network, he could have sabotaged the power supply to a large portion of the state. "It would have been as simple as closing a valve," he says.

More here.

(Hat-tip: zone-h News.)

Thursday, August 23, 2007

Toon of the Day: Medal vs. Mettle

Click for larger image.

Monster Waited 5 Days to Disclose Data Loss

A Reuters newswire article, via MSNBC, reports that: waited five days to tell users its system had been hacked, in a security breach that resulted in the theft of confidential information for more than a million users, a company executive told Reuters Thursday.

By the time the U.S. job-matching Web site shut down the illegal operation, run from two server computers at a Web-hosting company in Ukraine, the names and confidential contact information of some 1.3 million job seekers had been stolen, Patrick Manzo, vice president of compliance and fraud prevention for Monster Worldwide Inc, said in a phone interview.

Monster first learned of the problem on Aug. 17, when investigators with Internet security company Symantec Corp. told Monster that it was under attack, Manzo said.

More here.

Quote of the Day: Ryan Singel

"That's a lot of warrant-writing cube monkeys."

- Ryan Singel, writing on the Threat Level Blog, regarding the number of hours government employees spent writing writing FISA warrants in 2006.

Online Rogue Pharmacies Still Booming

An AP newswire article, via MSNBC, reports that:

Drug shipments from illegal online pharmacies were once so frequent in Appalachia that delivery companies had to add trucks to their routes.

Police have cracked down on such deliveries, but are still confronted by a booming global network of so-called rogue pharmacies operating online.

For people addicted to prescription medications like the painkiller hydrocodone — sold mostly as Vicodin — the days of “doctor shopping” are over, as long as they have Internet access. With the help of unscrupulous doctors and pharmacists, hundreds of Web sites dispense prescription narcotics to customers in exchange for nothing more than a credit card number.

More here.

Gapingvoid: It Ain't Simple

Via Enjoy!

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Thursday, Aug. 23, 2007, at least 3,724 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 3,047 died as a result of hostile action, according to the military's numbers.

The AP count is 18 higher than the Defense Department's tally, last updated Thursday at 10 a.m. EDT.

More here.

And as always, keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Minneapolis-St. Paul Star Tribune Suffers 'Denial of Service' Attack

Steve Alexander writes in The Minneapolis-St. Paul Star Tribune:

The Star Tribune was hit with a “denial-of-service” computer attack early Thursday that cut employees off from Web browsing and e-mail for about 10 hours. It also delayed updates to

The attack against the Star Tribune began at 3 a.m. Thursday, and service was restored about 1:30 p.m. when incoming network traffic was blocked by Onvoy Inc., the Star Tribune’s Internet service provider.

More here.

DHS at Bottom, NSA Top of Terror Rankings

Via UPI.

The Department of Homeland Security got the second-lowest ratings of any U.S. agency engaged against terrorism in a new survey of more than 100 top experts.

The liberal-leaning Center for American Progress and Foreign Policy magazine polled the views of U.S. terrorism and national security experts in a survey published this week.

More here.

Federal Court Slaps Data Theft Victims

David Kravets writes on Threat Level:

Tens of thousands of Old National Bancorp customers whose personal and financial information was hijacked by a computer hacker cannot recover damages from the Indiana banking institution who lost the data in 2005, a federal appeals court ruled Thursday.

In dismissing a proposed class action against Old National Bancorp, the 7th U.S. Circuit Court of Appeals said damages were unavailable to victims of data theft if those victims did not suffer economically.

More here.

DHS Info-Sharing Failures Concealed

Sara A. Carter writes in The Washington Times:

Department of Homeland Security administrators — fearing additional scrutiny — concealed from federal investigators information-sharing breakdowns that left the U.S. vulnerable to terrorists, internal DHS memos and e-mails show.

The documents obtained by The Washington Times lay out how officials at U.S. Citizenship and Immigration Services deliberated telling the Inspector General"s Office that DHS agencies had failed to share data before opting to withhold their concerns.

More here.

TRUSTe Suspends comScore Software Over Rogue Distributor

An AP newswire article by Anick Jesdanun, via Tech News World, reports that:

An organization that certifies computer software as consumer-friendly and noninvasive has suspended comScore and one of its programs used to track Internet usage.

TRUSTe, whose Trusted Download Program is designed to help potential advertisers and partners steer clear of unwanted spyware and adware, said an outside distributor had failed to obtain the proper consent for installing comScore's RelevantKnowledge software.

Under the program's rules, certified adware and other software must obtain consent before downloading, be easy to uninstall and cannot modify computer settings to cause damage or harm.

More here.

SQL Injection Toy


No, this title is not about to the United Nations web site.

Their hole is still gaped by the way, no matter what the U.N. staffers said so far.
As you may recall, I did offer a little free help to fix their bugs (13 AUG), but I’ve not been contacted back, notwithstanding some public flattery.

At any rate, since the 5 days “grace time” granted them under the RFPolicy is more than expired (10 days now), you may want to stay tuned for a report about their vulnerabilities — and, more interesting, about the worrying ways they pretend (or, worse, believe?) to have fixed them — as soon as I find a few minutes for this.

In the meanwhile, the real reason behind this post: I’m releasing a free web-based tool to help those experimenting and studying SQL injections, called SQL Injection Toy (or just SQL IT).

More here.

Australia: Phishers Exploit Westpac 'Hardware Problems'

Munir Kotadia writes on ZDNet Australia:

Phishers keen on relieving Westpac customers of their online banking details are exploiting the "hardware problems" which have been cited by Australia's fourth largest bank to explain outages.

On its Web site, Westpac today posted an alert, warning customers to beware of a hoax e-mail that asks recipients to "review" their account details because the bank has experienced hardware problems.

Westpac has previously blamed "hardware problems" after experiencing an outage in its online banking services.

Last October, Westpac's customers experienced severe disruption when "multiple hardware failures" hit the bank's IT systems over a four-day period.

More here.

Wired: When Bots Attack

John Robb writes on Wired News:

If you want to bring down a country's information infrastructure and you don't want anyone to know who did it, the weapon of choice is a distributed denial of service attack. Using rented botnets, you can launch hundreds of thousands — even millions — of infobombs at a target, all while maintaining total deniability.

In this hypothetical scenario, a single attack launched by China against the US lasts only a few hours, but a full-scale assault lasting days or weeks could bring an entire modern information economy to its knees.

More here.

Image source: Wired / Catalogtree and Systemantics

Wednesday, August 22, 2007

Internet Security Operations and Intelligence III

Time for our "super sekrit" meeting again.

- ferg

Trend Micro Customers: Patch Now - UPDATE

If you've been living under a rock the past couple of days and haven't seen the public disclosure(s) that there have been several vulnerabilities exposed with a couple of Trend Micro products, then please pay attention.

This first came to our attention over the course of the past two days, via the folks at iDefense:

Trend Micro SSAPI Long Path Buffer Overflow Vulnerability

Trend Micro ServerProtect RPCFN_SYNC_TASK Integer Overflow Vulnerability

Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities

In each case, Trend Micro has provided hotfixes for these vulnerabilities, but it appears that this information is not being propagated quickly enough to our customers.

Please follow the links above to find the appropriate hotfix for each of these vulnerabilities.

THIS IS IMPORTANT: It appears that there is increased activity in The Internet by hackers looking for ways to exploit at least one of these vulnerabilities. Details here & here.


When more information becomes available, I will post it here or provide a link to the appropriate information.

- ferg

ObDisclosure: I work for Trend Micro, if you haven't figured that out by now. And we believe in appropriate responsibility and full disclosure.

UPDATE: 20:26 PDT: Trend Micro has posted additional technical details in obvious places. Start here.

UPDATE: 10:21 PDT, 23 August 2007: Yes, we are aware of this and we are investigating.

U.S. Toll in Iraq, Afghanistan

Iraq and Afghanistan figures via The Boston Globe (AP).

As of Wednesday, Aug. 22, 2007, at least 3,722 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 3,046 died as a result of hostile action, according to the military's numbers.

The AP count is 17 higher than the Defense Department's tally, last updated Wednesday at 10 a.m. EDT.

As of Wednesday, Aug. 22, 2007, at least 361 members of the U.S. military had died in Afghanistan, Pakistan and Uzbekistan as a result of the U.S. invasion of Afghanistan in late 2001, according to the Defense Department. The department last updated its figures Aug. 18, 2007.

Of those, the military reports 239 were killed by hostile action.

More here and here.

And as always, keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Photonics News: Pinging Photons Without Destroying Them

JR Minkel writes on Scientific American:

It sounds like a simple task: Count the number of photons or particles of light in a light beam without destroying them in the process. But in fact, it took 17 years to accomplish the feat, researchers report this week in Nature.

A team at the École Normale Superiéure in Paris fired specially primed atoms through a pair of the most reflective mirrors ever built, gradually revealing the number of photons bouncing between their reflective surfaces. Their method provides a high-resolution glimpse of the eerie "collapse" of a quantum system and may be useful in developing future quantum-based technologies.

More here.

Embarq Puts Bounty on Copper Thieves

Via Australian IT.

US rural telco Embarq is offering a $US5,000 reward for information leading to the arrest of anyone stealing its copper cables in Las Vegas, amid a global crime spree targeting increasingly valuable metals.

Embarq said copper cable theft had become a growing problem, particularly in Las Vegas, its largest market, where thieves had snipped away its lines.

"Copper theft is going on in any town across the nation. But we thought we'd start here because of the high number of incidents," Embarq spokesman Charles Fleckenstein said.

The company, a spin-off from Sprint Nextel, had already spent $US400,000 so far this year to repair severed cable lines in Las Vegas, he said.

More here.

U.S. Spy Chief Gives Ex-Classified Details About Foreign Surveillance

An AP newswire article, via News8Austin, reports that:

National Intelligence Director Mike McConnell has pulled back the curtain on some previously classified details of government surveillance.

McConnell's comments were in an interview with the El Paso Times last week and posted as a transcript on the newspaper's web site today. At the end of the interview, McConnell cautioned reporter Chris Roberts to consider whether enemies of the U.S. could gain from the information he shared. McConnell left it to the paper to decide what to publish.

The remarks involve previously classified eavesdropping work conducted under the Foreign Intelligence Surveillance Act, known as FISA. McConnell said fewer than 100 people inside the United States are monitored under FISA warrants. But he says thousands of people overseas are monitored.

A Justice Department spokesman referred questions to McConnell's office, where his spokesman Ross Feinstein declined comment.

More here.

FBI Expanding Access to Fingerprint Database

Jason Miller writes on

The FBI is ready to move out of the test stage in sharing fingerprint data with other agencies.

Tom Bush, assistant director at the bureau’s Criminal Justice Information Service (CJIS) office, today said the FBI is going forward on all fronts to extend access to its Integrated Automated Fingerprint Identification System (IAFIS) database to the Defense, Homeland Security and State departments.

Bush, who spoke at a lunch in Washington sponsored by the Industry Advisory Council, said civilian agencies account for about 54 percent of the checks against IAFIS. He also said with the interoperability success, CJIS hopes to expand the intelligence community’s use of the databases.

More here.

'Cyberwar' and Estonia's Panic Attack

Kevin Poulsen writes a very thoughtful, and insightful, article on Threat Level:

If you flip towards the back of this month's Wired magazine (15.09) you'll find an earnest two-page graphic depicting IP packets blasting off like ICBMs from Asia, arcing in a polar trajectory and slamming into six defenseless U.S. cities.

Yes, our friends across the hall from Wired News have succumbed to the sweet siren call of the cyberwar story. And they want us to know that It Could Happen Here.

Writer Joshua Davis was dispatched to the smoking ruins of Estonia to assess the damage wrought by last spring's DDoS attacks against the country's web, e-mail and DNS servers. Josh is a talented writer, and he returned with a story that offers some genuine insights -- a few, though, are likely unintentional.

Much more here.

Alaskan Court Ruling Could Echo Across Wireless Tower Industry

Jeffrey Silva writes on RCR Wireless News:

The Alaska Supreme Court affirmed a state ruling awarding an AT&T Inc. equipment installer total disability and medical benefits as a result of health problems tied to exposure to radio frequency radiation levels deemed to be slightly above those set by the Federal Communications Commission.

The state high court’s decision to uphold Alaska’s Workers’ Compensation Board has potentially major implications for the mobile phone industry, the tower business and other wireless sectors, according to a consumer advocacy group specializing in wireless health issues.

More here.

UK: VoIP Glitch Leaves Users Cut Off

John Leyden writes on The Register:

Users of IP telephony service were unable to place calls outside the company's network on Monday due to a technical glitch.

A technical representative of the firm confirmed there was an issue with passing traffic to the PSTN but said the firm was able to resolve the glitch "within the working day". He declined to specify the cause of the problem.'s issues follow hot on the heels of high profile problems with larger rival Skype, which was out of action for most users on both Thursday and Friday last week.

More here.

China Charges Four in 'Panda Worm' Outbreak

Gregg Keizer writes on ComputerWorld:

Four men were charged yesterday in a Chinese court for creating and selling the worm that went by names such as "Fujacks" and "Panda Burning Joss Sticks," according to the Changjiang Times.

The quartet, which included Li Jun, the 25-year-old most frequently pegged as Fujack's maker, faces prison terms of at least five years if convicted, the southern Chinese newspaper said. The other defendants listed were Wang Lei, Zhang Shun and Lei Lei. Last February, in the first arrests in China for writing malware, six were taken into custody by Hubei provincial police. It's unclear whether the charges against the remaining two have been dropped.

More here.

Photo of the Day: TSA Luggage Tags

Via justinph. Props, Boing Boing.

WHOIS Privacy Stalemate... Again

Milton Mueller writes on The Internet Governance Project Blog:

The ICANN Working Group that was trying to reconcile data protection and privacy principles with the domain name system’s legacy Whois directory, which publishes the name and full contact details of all domain name registrants, was finished today.

“Finished off” might be a better term. Despite flirting with the kind of compromises and reforms that might actually reconcile privacy rights with identification needs, in the final weeks of the process trust and agreement among the parties broke down completely. The WG report [.pdf] has zero chance of gaining the 2/3 majority required to become an approved policy of the GNSO Council in its current form. It is unclear what the Board will make of it.

The battle between human rights advocates, who want to shield certain kinds of data from indiscriminate public access, and corporate and law enforcement interests, who want to use the Whois service as a free, open-access method for identification and surveillance of Internet users, has been going on for seven years now.

More here.

Also: A comprehensive timeline of the WHOIS service and the controversy over WHOIS and privacy, with links to relevant documents.

China Arrests or Warns 60 for Spreading Rumors

Via Reuters.

Police in east China have arrested or warned 60 people for spreading rumors by SMS or on the Internet so far this year and specified the threat of modern communications to society, state media said on Tuesday.

China has an army of cyber-police who patrol the Internet for unfavorable content, but their targets are more often politically sensitive subjects than pornography.

Xia Cunxi, a public security spokesman in the eastern province of Jiangsu, said 60 were accused of spreading rumors, lies or offensive messages, the official China Daily said in its online edition.

More here.

UK: C&W Employee Stole 100,000 Users' Details

Via Contractor UK.

A Cable & Wireless employee was yesterday identified to Contractor UK as having stolen the personal details of 100,000 broadband customers who used the popular Bulldog service.

Having teamed up with Bulldog’s owner, Pipex, C&W said it is pursuing the worker with an injunction to stop “any further use” of the data, which includes users’ credit card details.

But in a statement, C&W said there is currently “no evidence” that the worker, who has now been sacked by the company, has used any of the credit card numbers for identity fraud.

The employee has been identified as Seemab Zafar, The Mail on Sunday reported. Her ex-employer is chasing her through the High Court for more than £300,000 in damages, after she stole a laptop loaded with the customer data.

More here.

(Props, Pogo Was Right.)

Tuesday, August 21, 2007

Off Beat: Teaspoon of Urine Can Drug Test an Entire City

An AP newswire article, via MSNBC, reports that:

Researchers have figured out how to give an entire community a drug test using just a teaspoon of wastewater from a city’s sewer plant.

The test wouldn’t be used to finger any single person as a drug user. But it would help federal law enforcement and other agencies track the spread of dangerous drugs, like methamphetamines, across the country.

More here.

Image of the Day: The Awesome Nomad

Hat-tip: Scott Beale, over at Laughing Squid.

Oh, Great: Now Its 'Recycled' Chopsticks...

Via Reuters AlertNet.

A Beijing factory recycled used chopsticks and sold up to 100,000 pairs a day without any form of disinfection, a newspaper said on Wednesday, the latest is a string of food and product safety scares.

Counterfeit, shoddy and dangerous products are widespread in China, whose exports have been rocked in recent months by a spate of safety scandals, ranging from pet food to medicine, tyres, toothpaste and toys.

Officials raided the factory and seized about half a million pairs of recycled disposable bamboo chopsticks and a packaging machine, the Beijing News said.

More here.

Website of the Day: A Soviet Poster A Day

All cred goes to John Murrell & Good Morning, Silicon Valley.

Nice find. - ferg

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Tuesday, Aug. 21, 2007, at least 3,707 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 3,046 died as a result of hostile action, according to the military's numbers.

The AP count is two higher than the Defense Department's tally, last updated Tuesday at 10 a.m. EDT.

More here.

And as always, keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Wells Fargo's ATM, Other Glitches Larger Than First Reported

Victoria Colliver, Sabine Muscat, and other San Francisco Chronicle Staff Writers:

Wells Fargo & Co. said Tuesday that it fixed a computer problem that impacted its services Sunday afternoon, but problems affecting ATMs, online banking and other functions appeared to have lasted longer than the two hours initially reported by the bank.

"The system problem has been addressed and we are fully operational," said Wells Fargo spokesman Chris Hammond.

The bank admitted, however, that while Internet banking services were restored Sunday, minor hiccups continued to be reported Monday.

"Most transactions could occur at our 800 Bay Area ATMs yesterday," Hammond said Tuesday.

According to the bank, it took longer to fix problems occurring at non-Wells Fargo ATMs. And while withdrawals were working at the company's own machines Tuesday, some customers early in the day saw no balance information on the screen or Friday's balance, according to Hammond.

More here.

New Zealand: Customers Fume as Xtra Glitch Continues

Ben Fawkes writes on

Telecom customers could face a further day of computer headaches as a botched attempt to upgrade e-mail services has left some fuming users considering changing providers.

The company has moved 800,000 Internet mail boxes from its Xtra service to Bubble, a new Yahoo-hosted platform.

Telecom advised customers that e-mail would be down for 24 hours, on Sunday, while technicians performed the transfer.

But thousands of Xtra users were still unable to access their accounts for a third day yesterday, creating havoc for business customers.

More here.

Report: CIA Blew Chances to Spot 9/11 Threat

Ed Pilkington writes in The Guardian:

As many as 60 people within the CIA read a cable referring to two of the 19 hijackers involved in the attacks on America on September 11 2001 before the event, yet the information was not shared with the parts of the organisation able to do anything about it, according to the agency's own internal investigation.

The revelation is one of several damning findings from the CIA's own watchdog, the inspector general, drawn up in June 2005. He accuses the CIA's top officials in the run-up to 9/11, including the then director, George Tenet, of failure to devise a strategic plan to counter Osama bin Laden in advance of the attacks.

A 19-page summary of the inspector's report was published yesterday under a new congressional law passed earlier this month, having been kept secret since it was written. It underlines the depth of infighting between the CIA and the National Security Agency which prevented clear lines of responsibility in the fight against al-Qaida.

More here.

Russian Narcotics Officer Accused of Online Drug Sales

An AP newswire article, via The Boston Globe, reports that:

Authorities have detained a high-level narcotics officer they say was behind large-scale drug sales over the Internet, Russian news agencies reported Tuesday.

The officer, a lieutenant colonel and department head in the Moscow division of the Federal Narcotics Trade Control Service, was detained by officials of that agency, ITAR-Tass, RIA-Novosti and Interfax reported.

The drug control agency said the man organized drug sales over the Internet and that a female relative carried out the sales, according to the reports. Proceeds were allegedly laundered through banks.

The relative was also detained, and authorities searching her home found more than 2 pounds of heroin, an electronic scale, a computer containing information about the alleged sales and 245,000 rubles -- about $9,500, the reports said.

More here.

U.S. Launches 'MySpace for Spies'

Demetri Sevastopulo writes on

Spies and teenagers normally have little in common but that is about to change as America’s intelligence agencies prepare to launch “A-Space”, an internal communications tool modelled on the popular social networking sites, Facebook and MySpace.

The Director of National Intelligence will open the site to the entire intelligence community in December. The move is the latest part of an ongoing effort to transform the analytical business following the failure to detect the 9/11 terrorist attacks or find weapons of mass destruction in Iraq.

Thomas Fingar, the deputy director of national intelligence for analysis, believes the common workspace – a kind of “MySpace for analysts” – will generate better analysis by breaking down firewalls across the traditionally stove-piped intelligence community. He says the technology can also help process increasing amounts of information where the number of analysts is limited.

More here.

Lawsuit Filed on Behalf of 8.5M Consumers in Fidelity National Data Breach Case

Jaikumar Vijayan writes on ComputerWorld:

A California law firm has filed a class-action lawsuit against Fidelity National Information Services (FIS) and one of its subsidiaries over an incident involving the potential compromise of personal data belonging to 8.5 million consumers.

The lawsuit was filed last week in federal court for the Central District of California. It does not seek specific damages, but it accused FIS and Certegy Check Services, the subsidiary involved in the breach, of negligence, invasion of privacy and breach of implied contract.

The complaint, filed on behalf of 8.5 million consumers by the San Francisco-based law firm of Girard Gibbs LLP, charged both companies with failure to implement and maintain adequate security measures for protecting confidential financial information belonging to consumers. The suit also alleged that the companies failed to properly monitor and supervise the activities of employees entrusted with consumer data.

A spokesman for FIS and Certegy did not immediately respond to a call for comment.

More here.

Tennessee Nuclear Fuel Problems Kept Secret

An AP newswire article by Duncan Mansfield, via The Guardian, reports that:

A three-year veil of secrecy in the name of national security was used to keep the public in the dark about the handling of highly enriched uranium at a nuclear fuel processing plant - including a leak that could have caused a deadly, uncontrolled nuclear reaction.

The leak turned out to be one of nine violations or test failures since 2005 at privately owned Nuclear Fuel Services Inc., a longtime supplier of fuel to the U.S. Navy's nuclear fleet.

The public was never told about the problems when they happened. The Nuclear Regulatory Commission revealed them for the first time last month when it released an order demanding improvements at the company, but no fine.

More here.

(Props, /.)

Australia: Botched Upgrade Sends Ambulance Services into Chaos

A Computerworld Australia article by Darren Pauli, via CSO Online, reports that:

Melbourne, Australia’s Metropolitan ambulance service, was in a "state of bedlam" last week when a botched upgrade disabled the service’s computer-aided dispatch system for 24 hours.

In addition to turning up to jobs more than 10 minutes late, multiple ambulances were mistakenly showing up to the same emergency, while others doubled back because the archaic manual radio fallback system could not determine the closet available car.

A spokesman for the Liquor, Hospitality and Miscellaneous Union (LHMU), which represents the Victorian Metropolitan Ambulance Service, said the system failed to restore after it was shut down one night last week.

The following day, the system was completely disabled for 24 hours.

More here.

GoDaddy Suspends Chinese Human Rights Websites Without Warning

Via Reporters sans Frontières.

Reporters Without Borders today called on US web hosting provider Go Daddy to explain why it suddenly withdrew hosting for several Chinese sites specialising in human rights in China. According to a report on the news website Boxun , around 10 Chinese human rights sites were suspended without explanation on 17 August.

“The situation of online free expression in China is difficult enough already, so foreign companies need to act with the utmost transparency,” the press freedom organisation said. “One cannot rule out the possibility of Chinese government pressure on companies hosting websites that are already blocked in China. Go Daddy’s silence leaves too much room for doubt.”

More here.

Cryptome Updates Its NSA Surveillance Database

Juha-Matti writes on the SecuriTeam Blogs:

When putting together all six updates of IP address listings released at, it appears that National Security Agency knows very well what is happening in cables of companies, which are very familiar to us.

The newest August update Latest Updated NSA-Affiliated IP Resources 6 includes the following ISP’s and organizations: 3G Mobile, AT&T, Akamai Technologies, Amazon, Apple, Deutsche Telekom, eBay, Google, Microsoft,, Qwest, and Xerox Research Center.

More here.

Sprint Nextel Hikes Text Fee Again

Kelly Hill writes on RCR Wireless News:

Sprint Nextel Corp. is upping its casual text messaging rate by five cents as of Oct. 1, from 15 cents per message to 20 cents per message. And the carrier said the change—which is permissible under its terms of service—will not allow customers to slip out of their contracts without paying an early termination fee.

The news is notable since Sprint Nextel increased its casual text messaging fee from 10 cents to 15 cents just 10 months ago. At the time, the carrier said the move would allow affected customers to get out of their service contracts without paying an ETF, as the changes affected service costs.

This time, however, it appears Sprint Nextel’s current terms of service do allow for changes to text messaging fees.

More here.

Pentagon to Shut Down Controversial Database

An AP newswire article, via MSNBC, reports that:

The Pentagon said Tuesday that it will shut down an anti-terror database that has been criticized for improperly storing information on peace activists and others whose actions posed no threat.

It will be closed on Sept. 17 and information collected subsequently on potential terror or security threats to Defense Department facilities or personnel will be sent by Pentagon officials to an FBI database known as Guardian, according to Army Col. Gary Keck, a Pentagon spokesman.

The program, known as TALON, was created after the Sept. 11, 2001 terrorist attacks and was designed to maintain a base of information on reported potential threats to military facilities and personnel.

More here.

Ukrainian Suspect Named in TJX Credit Card Probe

Ross Kerber writes in The Boston Globe:

Authorities have zeroed in on a Ukrainian man they suspect played a key role in the sale of many credit card numbers stolen from TJX Cos. in what is considered the biggest corporate data breach to date.

Officials hope the recent arrest of Maksym Yastremskiy will be a breakthrough in the investigation of who hacked into systems at TJX and other companies, said Greg Crabb, a program manager in the global investigations division of the US Postal Inspection Service. The service is among various law enforcement agencies trying to track down hackers who made off with more than 45 million credit and debit card numbers from TJX starting in 2005.

Crabb said Yastremskiy allegedly sold card numbers through online forums hosted overseas, sometimes in Cyrillic or that were password protected. He is likely the largest seller of stolen TJX numbers, Crabb said.

Prices ranged from $20 to $100 per stolen card, and the cards were sold in batches of up to 10,000, depending on factors like the credit limits of the consumer accounts being traded. Crabb said Yastremskiy is associated with at least one other Ukrainian man previously charged with similar crimes, though unrelated to the TJX case.

More here.

Monday, August 20, 2007

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Monday, Aug. 20, 2007, at least 3,707 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 3,049 died as a result of hostile action, according to the military's numbers.

The AP count is six higher than the Defense Department's tally, last updated Monday at 10 a.m. EDT.

More here.

And as always, keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Nominum: ISP-Level Filtering? No Problem.

Stuart Comer writes on

US software company, Nominum, claims that its technology is able to provide ISP level content filtering with 'sub-millisecond' delays, contrary to many claims that ISP level filtering would inevitably slow down response times for web surfers.

Carl Braden, Nominum's sales director for Asia Pacific, told iTWire: "Nominum has recently developed a capability to redirect DNS queries with a 'black list' database referral that produces a sub millisecond delay to the network performance. We developed this technology as part of our ENUM based layer 7 routing technologies where database sizes are in the order of half a billion records."

He said this technology could be applied for content filtering purposes by ISP, and was already being used in this manner.

More here.

Gunplay Blamed for Internet Slowdown

Robert McMillan writes on NetworkWorld:

Internet service providers in the U.S. experienced a service slowdown Monday after fiber-optic cables near Cleveland were apparently sabotaged by gunfire.

TeliaSonera AB, which lost the northern leg of its U.S. network to the cut, said that the outage began around 7 p.m. Pacific Time on Sunday night. When technicians pulled up the affected cable, it appeared to have been shot. "Somebody had been shooting with a gun or a shotgun into the cable," said Anders Olausson, a TeliaSonera spokesman.

More here.

Photo of the Day: It's Not a Bug...

Via dratz.

(Hat-tip: Alex at Sunbelt.)

Quote of the Day: Dissent

"Why they were willing to legislate in the dark before summer recess was not addressed."

- Chronicles of Dissent

DHS Data Mining Program Suspended After Evading Privacy Review, Audit Finds

Ryan Singel writes on Threat Level:

A controversial Homeland Security data mining system called ADVISE that dreamed of searching through trillions of records culled from government, public and private databases analyzed personal information without the required privacy oversight, may cost more than commercially available alternatives and has been suspended until a privacy review has been completed, according to an internal audit.

The Analysis, Dissemination, Visualization, Insight, and Semantic Enhancement program, one of twelve DHS data mining efforts, hit the trifecta of civil libertarians concerns about data mining programs – invasiveness, secrecy and ineffectiveness, according to a recent DHS Inspector General report [.pdf].

More here.

Leahy Threatens Contempt Proceedings Over NSA Wiretapping Program

An AP newswire article by Jesse J. Holland, via The Boston Globe, reports that:

A top Senate Democrat on Monday threatened to hold members of the Bush administration in contempt for not producing subpoenaed information about the legal justification for President Bush's secretive eavesdropping program.

Leahy's committee on June 27 subpoenaed the Justice Department, National Security Council and the offices of the president and vice president for documents relating to the National Security Agency's legal justification for the wiretapping program.

White House lawyer Fred Fielding, in a Monday letter to Leahy, said that the administration needed more time.

Leahy said they had waited long enough.

More here.

Web 'Uh-Oh' Watch: First Exploit Appears for Patch Tuesday Vulnerability

Gregg Keizer writes on ComputerWorld:

A security researcher has published the first exploit against one of the 14 vulnerabilities patched last week by Microsoft Corp., security company Symantec Corp. has warned customers.

In a posting to the Full Disclosures security mailing list, Alla Bezroutchko, a senior security engineer at Brussels-based Scanit NV/SA, spelled out JavaScript code that crashes Internet Explorer 6.0 on Windows 2000 and Windows XP Service Pack 2. Bezroutchko's proof of concept exploits the critical bug in XML Core Services that was patched by MS07-042.

That update, one of six rated "critical" by Microsoft, affected every currently supported version of Windows, including the new Vista operating system. An analyst last week pegged MS07-042 as one that should be deployed immediately. "MS07-042 affects everything," said Don Leatham, director of solutions and strategies at PatchLink Corp. "There's so much going on with XML in enterprises. That's why this is so dangerous."

More here.

Service Problems Disable Wells Fargo ATMs, Online Accounts - UPDATE

An AP newswire article, via The Mercury News, reports that:

Service problems disabled ATMs and online accounts at Wells Fargo & Co. for at least 24 hours starting Sunday afternoon, leaving some customers of the nation's fifth-largest bank unable to get cash or use debit cards to pay for goods.

San Francisco-based Wells Fargo would not say how many customers or machines were affected but acknowledged that services were down throughout the company - from personal banking Web sites and ATMs to the processing of mortgage and student loans.

Angry customers complained Monday at many of the bank's 6,000 branches nationwide. Customers could get cash if they went into a branch and talked to a teller - but they had no way of getting cash after-hours.

More here.

UPDATE: 11:33 PDT, 21 August 2007: Wells Fargo says it is fixed as of earlier this morning.