Saturday, December 22, 2007

An Oldie, But Goodie: Children's Xmas Letters to Christopher Walken

Something I blogged about the past couple of years -- the gift that keeps on giving.

Enjoy! And Seasons Greetings.

- ferg

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Saturday, Dec. 22, 2007, at least 3,897 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes eight military civilians. At least 3,171 died as a result of hostile action, according to the military's numbers.

The AP count is three higher than the Defense Department's tally, last updated Friday at 10 a.m. EST.

More here.

And as always, keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Former FBI Director Hoover Planned to Arrest 12,000

Tim Wiener writes in The New York Times:

A newly declassified document shows that J. Edgar Hoover, the longtime director of the Federal Bureau of Investigation, had a plan to suspend habeas corpus and imprison some 12,000 Americans he suspected of disloyalty.

Hoover sent his plan to the White House on July 7, 1950, 12 days after the Korean War began. It envisioned putting suspect Americans in military prisons.

Hoover wanted President Harry S. Truman to proclaim the mass arrests necessary to “protect the country against treason, espionage and sabotage.” The F.B.I would “apprehend all individuals potentially dangerous” to national security, Hoover’s proposal said. The arrests would be carried out under “a master warrant attached to a list of names” provided by the bureau.

More here.

Friday, December 21, 2007

U.S. Toll in Iraq, Afghanistan

Iraq and Afghanistan statistics via The Boston Globe (AP).

As of Friday, Dec. 21, 2007, at least 3,896 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count.

The figure includes eight military civilians. At least
3,171 died as a result of hostile action, according to the military's numbers. The AP count is two higher than the Defense Department's tally, last updated Friday at 10 a.m. EST.

As of Friday, Dec. 21, 2007, at least 405 members of the U.S. military had died in Afghanistan, Pakistan and Uzbekistan as a result of the U.S. invasion of Afghanistan in late 2001, according to the Defense Department.

The department last updated its figures Dec. 15, 2007, at 10 a.m. EST.
Of those, the military reports 274 were killed by hostile action.

More here and here.

And as always, keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Bigger Brother: FBI Prepares Vast Database Of Biometrics

Ellen Nakashima writes on The Washington Post:

The FBI is embarking on a $1 billion effort to build the world's largest computer database of peoples' physical characteristics, a project that would give the government unprecedented abilities to identify individuals in the United States and abroad.

Digital images of faces, fingerprints and palm patterns are already flowing into FBI systems in a climate-controlled, secure basement here. Next month, the FBI intends to award a 10-year contract that would significantly expand the amount and kinds of biometric information it receives. And in the coming years, law enforcement authorities around the world will be able to rely on iris patterns, face-shape data, scars and perhaps even the unique ways people walk and talk, to solve crimes and identify criminals and terrorists. The FBI will also retain, upon request by employers, the fingerprints of employees who have undergone criminal background checks so the employers can be notified if employees have brushes with the law.

More here.

Say It Ain't So: Chuck Norris Sues, Says His Tears No Cancer Cure

Christine Kearney writes for Reuters:

Tough-guy actor and martial arts expert Chuck Norris sued publisher Penguin on Friday over a book he claims unfairly exploits his famous name, based on a satirical Internet list of "mythical facts" about him.

Penguin published "The Truth About Chuck Norris: 400 facts about the World's Greatest Human" in November. Author Ian Spector and two Web sites he runs to promote the book, including, are also named in the suit.

The book capitalizes on "mythical facts" that have been circulating on the Internet since 2005 that poke fun at Norris' tough-guy image and super-human abilities, the suit said.

More here.

U.S. Trade Agency to Investigate Antivirus Patent Claims

Grant Gross writes on InfoWorld:

The U.S. International Trade Commission (ITC) has voted to investigate claims by Trend Micro of competitors' patent infringement involving antivirus products.

Trend Micro filed a trade complaint Nov. 21 against fellow cybersecurity vendors Barracuda Networks of Campbell, California; Panda Software International, based in Spain; and Panda Distribution of Glendale, California.

Trend Micro's complaint accuses the three companies of infringing its patent for virus detection and removal apparatus for computer networks. The technology "represents a dramatic departure from the traditional antivirus methods of safeguarding individual computers," the company says in its complaint.

More here.

Full Disclosure: Trend Micro is my employer... -ferg

ICANN Commences Whois Data Accuracy Study


Over the years ICANN constituencies and others have observed apparent inaccuracies in Whois contact information provided by registrants when registering and maintaining their domain names. In an attempt to contribute to community discussion regarding Whois policy, ICANN has undertaken a study of domain name Whois contact information accuracy.

After finalizing the methodology to determine the Whois data accuracy of each data set, staff will execute the steps for each registered domain name within the representative sample. Staff anticipates several steps will be necessary to determine Whois data accuracy. Therefore, staff will conduct this study in phases. ICANN will publish status reports as staff completes work in connection with each phase of the study. The first report regarding this study will be published by February 2008.

More here.

U.S. Army Quietly Deploying Apple Macs in Hopes of Better Security

Andy Greenberg writes on

Given Apple's marketing toward the young and the trendy, you wouldn't expect the U.S. Army to be much of a customer. Lieutenant Colonel C.J. Wallington is hoping hackers won't expect it either.

Wallington, a division chief in the Army's office of enterprise information systems, says the military is quietly working to integrate Macintosh computers into its systems to make them harder to hack. That's because fewer attacks have been designed to infiltrate Mac computers, and adding more Macs to the military's computer mix makes it tougher to destabilize a group of military computers with a single attack, Wallington says.

More here.

Websense: ARP Spoofing HTTP Infection Malware

Via The Websense Security Labs Blog.

This year, we've seen many ARP spoofing viruses, also known as ARP cache-poisoning viruses. This type of malware comes in many variants and is widely spread in China. Recently, we uncovered an ARP spoofing virus that exhibits several new features.

The new ARP spoofing virus inserts a malicious URL into the session of an HTTP response, thus including significant malicious content, and then exploits Internet Explorer. At the same time, the virus makes a poisoned host act as an HTTP proxy server. When any machine in the same subnet with the poisoned machine accesses the Internet, the traffic goes through the poisoned machine.

More here.

Image source: Websense

Judge Seems Wary of Opening CIA Inquiry

An AP newswire article, via MSNBC, reports that:

A federal judge appeared reluctant Friday to investigate the destruction of CIA interrogation videotapes while the Justice Department is conducting its own inquiry.

U.S. District Judge Henry H. Kennedy is considering whether to delve into the matter and, if so, how deeply. The Bush administration is urging him to back off while it investigates.

More here.

Consumers Left In Lurch By OnStar Network Shutdown

An AP newswire article by Peter Svennson, via, reports that:

When Adele Rothman bought her 16-year-old son a car in 2003, she made sure to pick one that had OnStar, the onboard communications and safety system.

What the Scarsdale, N.Y., resident didn't know was that the OnStar system in the car was already doomed to die. The federal government decided in 2002 to let cellular carriers shut down analog cell phone networks, used by Rothman's Saab and about 500,000 other OnStar-equipped cars, after Feb. 18, 2008.

It's the end of the nationwide network that launched the U.S. wireless industry 24 years ago, and it leaves a surprising number of users like Adele Rothman in the lurch.

OnStar told Rothman in March its service would stop at the end of this year, in anticipation of the network shutdown in February. "I was really upset," she said, "because that was my tieline" to her son.

More here.

China Taps Into U.S. Spy Operations

Bill Gertz writes in The Washington Times:

China's intelligence service gained access to a secret National Security Agency listening post in Hawaii through a Chinese-language translation service, according to U.S. intelligence officials.

The spy penetration was discovered several years ago as part of a major counterintelligence probe by the Naval Criminal Investigative Service (NCIS) that revealed an extensive program by China's spy service to steal codes and other electronic intelligence secrets, and to recruit military and civilian personnel with access to them.

According to officials who spoke on the condition of anonymity, China's Ministry of State Security, the main civilian spy service, carried out the operations by setting up a Chinese translation service in Hawaii that represented itself as a U.S.-origin company.

The ruse led to classified contracts with the Navy and NSA to translate some of the hundreds of thousands of intercepted communications gathered by NSA's network of listening posts, aircraft and ships.

More here.

Anti-Virus Vendor AVG Subpoenas Information on Counterfeiters

Jim Carr writes on SC Magazine US:

Anti-virus vendor Grisoft has filed subpoenas requesting that Google, Microsoft and Yahoo provide it with the identities of advertisers it claims are fraudulently promoting the company's products via sponsored text ads on search engines.

Grisoft, which does business as AVG, filed the subpoenas in Seattle district court under the Digital Millennium Copyright Act.

In addition, because the registration information for the alleged con sites used by the advertisers is not publicly available, Grisoft has requested the same sort of information from domain-name registrar GoDaddy, where the websites for several of the fraudulent site operators are registered.

To date, none of the companies has provided Grisoft "with accurate, up-to-date information regarding the identities of the entities behind the fake sites," the company said in a prepared statement this week.

More here.

Have a Cool Yule -- Winter Solstice Today

The precise moment of the 2007 solstice will be Friday, Dec. 21, 22:08 PST (Dec. 22, 06:08 UTC).

Today is Yule, the winter solstice celebration of the Germanic pagans still celebrated by some new (old?) age movements around the world. It is also one of the eight solar holidays, or sabbats, of Paganism.

In modern Paganism, Yule is celebrated on the winter solstice, which is tonight, at precisely 22:08 pacific standard time (-08:00 UTC).

All pagans celebrate!

Thursday, December 20, 2007

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Thursday, Dec. 20, 2007, at least 3,896 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes eight military civilians. At least 3,171 died as a result of hostile action, according to the military's numbers.

The AP count is two higher than the Defense Department's tally, last updated Thursday at 10 a.m. EST.

More here.

And as always, keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Rabbit-Ear Users Don’t Know The End (of Analog TV) Is Near

Saul Hansell writes on the New York Times "Bits" Blog:

In less than 14 months, any traditional television set still connected to its antenna will receive nothing but static, as the broadcasting industry cuts over completely to its new digital frequencies.

A recent poll by the marketing arm of the cable industry shows that most people still have no clue this is going to happen.

In a telephone survey in November of 1,017 people, only 48 percent said they had heard about the switch to digital television. And only 17 percent correctly identified 2009 as the year that analog television will be cut off.

More here.

Survey: Travelers Fed Up With The TSA

Carolyn Pesce writes on the USA Today "On Deadline" Blog:

A new Associated Press-Ipsos poll reports that the Transportation Security Administration is among the least-liked federal agencies.

Only the Federal Emergency Management Agency, still suffering from its mishandling of Hurricane Katrina, ranks below the TSA, which tied with the Internal Revenue Service.

More here.

Cisco Executive, CEO Heir-Apparent Charles Giancarlo Resigns

An AP newswire article, via, reports that:

Charles Giancarlo, Cisco Systems Inc.'s chief development officer and heir-apparent to CEO John Chambers, resigned Thursday to join the investment firm Silver Lake Partners.

In a conference call, Chambers called Giancarlo's departure a rare loss "where it wasn't the right time to lose him."

Giancarlo, 50, joined the network equipment maker 14 years ago when it bought Ethernet switch maker Kalpana. He started Cisco's business development organization and formed its successful acquisition strategy, the company said.

More here.

CIA to Release Videotape Documents

An AP newswire article, via, reports that:

The CIA said it would begin handing over documents to Congress about the destruction of videotapings showing the harsh interrogation of two terror suspects after the House Intelligence Committee threatened to subpoena two agency officials.

Committee Chairman Silvestre Reyes, D-Texas, said Dec. 19 he had prepared subpoenas for former and current CIA officials and attorneys if they won't appear before the committee voluntarily. The panel rejected a Bush administration request that it defer to an executive branch preliminary inquiry and has launched its own investigation into the videotape destruction.

Reyes wants acting CIA general counsel John Rizzo and Jose Rodriguez, the former head of the National Clandestine Service, to testify to the committee on Jan. 16. Rodriguez is the official who directed that the tapes, which document the interrogation of two al-Qaida suspects in 2002, be destroyed.

More here.

Police Brutality Cases Rise 25% Since 9/11

Kevin Johnson writes on USA Today:

Federal prosecutors are targeting a rising number of law enforcement officers for alleged brutality, Justice Department statistics show. The heightened prosecutions come as the nation's largest police union fears that agencies are dropping standards to fill thousands of vacancies and "scrimping" on training.

Cases in which police, prison guards and other law enforcement authorities have used excessive force or other tactics to violate victims' civil rights have increased 25% (281 vs. 224) from fiscal years 2001 to 2007 over the previous seven years, the department says.

More here.

2007: Cyber Crime 2.0

Brian Krebs writes in The Washington Post:

The year 2007 may go down in the annals of Internet crime as the year when organized cyber criminals finally got serious about their marketing strategies -- crafting cyber schemes that were significantly more sophisticated and stealthy.

Security experts say criminals are increasingly trying to ensnare Internet users by lurking on familiar Web sites and using purloined data to craft scam e-mails that are more believable, and thus more likely to entice an unsuspecting user.

"The attackers are now following the same path that businesses have, in trying to advertise themselves in their own special way on the more popular Web sites," said Tom Liston, an incident handler at the Bethesda, Md.-based SANS Internet Storm Center and a senior security consultant with Intelguardians, a Washington-based Internet security consulting group. "They're doing exactly what every business tries to do, which is to find innovative ways get themselves out in front of as many eyeballs as possible."

More here. Join the Community – Get Spyware

Via The CA Security Advisor Research Blog.

While Christmas shopping online this season, be careful what you are signing up for.

Visiting (and a few weeks ago, I was offered a chance to join My SHC Community, for free, but what I received was, from a privacy perspective, very costly. is distributing spyware that tracks all your Internet usage - including banking logins, email, and all other forms of Internet usage - all in the name of "community participation." Every website visitor that joins the Sears community installs software that acts as a proxy to every web transaction made on the compromised computer.

In other words, if you have installed Sears software ("the proxy") on your system, all data transmitted to and from your system will be intercepted. This extreme level of user tracking is done with little and inconspicuous notice about the true nature of the software.

More here.

Image source: The CA Security Advisor Research Blog

FTC Clears Google-DoubleClick Deal

An AP newswire article, via The New York Times, reports that:

U.S. antitrust regulators approved Google Inc.'s $3.1 billion purchase of DoubleClick Inc. Thursday, removing a key obstacle to a formidable combination in the burgeoning online advertising sector.

The transaction still faces substantial antitrust scrutiny from European regulators and cannot be completed without their approval. The European Commission has set a deadline of April 2 to finish its review.

The Federal Trade Commission appeared to accept many of Google's arguments that its online ad sales business doesn't compete with DoubleClick's ad-serving tools, saying its analysis ''showed that the companies are not direct competitors in any relevant antitrust market.''

More here.

Wednesday, December 19, 2007

Local: California Population Nears 38M

An AP newswire article, via, reports that:

Gov. Arnold Schwarzenegger is fond of referring to California as a nation state.

Population figures released Wednesday show that if the Golden State was its own country, it would be right there with Poland.

California's population is nearing 38 million, up 11.5 percent since the 2000 census, according to estimates by the state Department of Finance.

Among nations, 33 countries have more people, with Poland's population running just ahead at 38.5 million. The latest figure still means California has more people than Canada.

The department calculated that the nation's most populous state had about 37,771,000 people as of July 1. It added 438,000 more residents in the previous year.

Just more than 12 percent of the 301 million people in the U.S. live in California.

More here.

NFL Network Storming to Strong-Arm Franchises

Daniel C. Vock writes on

Some of the pro football fans who flocked to sports bars on a recent Thursday night to see a highly anticipated showdown between the Green Bay Packers and the Dallas Cowboys weren’t there for big-screen TVs and alcoholic beverages. They were just looking for a place to see the game.

That’s because, for most of the country, it wasn’t on cable. The game was carried by NFL Network, a four-year old programming outlet for the National Football League that many cable companies, including Comcast and Time Warner Cable, refuse to carry on basic cable.

Now the NFL wants states to end the standoff.

The league is starting its offensive drive in Texas and Wisconsin, home states of the Cowboys and Packers. NFL Commissioner Roger Goodell addressed Texas lawmakers in Austin last week and NFL officials talk to Wisconsin legislators in Madison on Thursday (Dec. 20).

An NFL Network spokesman said the appearances are just the beginning of the league’s state-level push.

More here.

Background here.

RBN: The Retail Payment Systems

Via RBN Exploit.

In an extension to analysis of the Russian Business Network (RBN) this is the first element of a series on RBN payment systems.

This article focuses on just one of the several payment systems for its “fakes” retail division i.e., this has been reported before namely the Sunbelt Blog Oct 3rd 06 in the report on the rogue software, also more recently reported within 2-spyware on Dec 10th 07.

In exploring this node of the RBN’s organization it raises several areas of interest; the location(s) of internet operation, SSL and transactional base. Briefly by way of an introduction to later more in depth analysis malware revenue models, analysis solely of isoftpay does provide a starting point for some generalized assumptions of RBN retail revenue.

More here.

Image source: RBN Exploit

Google 'Powerless' to Stop AdSense Maliciousness

Liam Tung writes on ZDNet Australia:

Launched in 2005, Google AdSense allows third-party Web sites or publishers to generate revenue from Google's text advertisers.

AdSense acts as a middleman between an advertiser and a publisher. By crawling the content of publishers' Web pages, AdSense determines the relevance of a text ad to page content and then places the ad within the page if there is a match.

Trojan.Qhost.WU, discovered by security firm BitDefender, has been designed to replace ads served by Google on third-party Web sites that use Google's AdSense network. The ads are replaced with alternative ads called from hosts outside the AdSense network.

Although it has not been established whether the ads served -- or the pages that the ads link to -- contain malicious software, BitDefender virus analyst Attila-Mihaly Balazs said it is "a very likely situation, given that they are promoted using malware in the first place".

More here.

Note: This 2008 prediction prophecy is self-fulfilling, almost.

While Google Adsense is the preferred method of choice (it appears) at the moment for Bad Guys (tm), it would appear that other online advertising venues are just as susceptible to malicious use.

And it will get worse. -ferg

Mark Fiore: 'Twas The Night Before Caucus

Mark Fiore, via

House Votes 407-0 To Approve Bill That Bans Lead In Toys And Increases CPSC's Funding

Nancy A. Nord, Acting Chairman
Consumer Product Safety Commission

Via The Consumerist.

Today the House of Representatives unanimously approved H.R. 4040, the Consumer Product Safety Commission Modernization Act of 2007, that virtually eliminates lead from children's toys (down to 100 parts per million by 2012) and increases the funding of the CPSC.

A Senate committee approved its own version of an anti-lead/pro-CPSC bill in October, but it hasn't reached a floor vote yet—so sometime (early?) next year a final bill should be hammered out to send to the White House.

More here.

Australia: Servers Hacked to Boost Google Ranking

Mahesh Sharma writes on Australian IT:

Australian web hosting company's servers have been hacked, with attackers embedding malicious code to generate "link farms" on its customers' websites.

Link farming is the process of exchanging reciprocal links with websites in order to increase search engine optimisation, according to internet encyclopedia [Wikipedia].

Melbourne-based MD Web Hosting confirmed that over the past two weeks it's been the victim of hacking attacks from IP addresses that originated from Russia and Turkey.

"Obviously some companies buy the services of these Russians to find vulnerable websites," Tom Najda, MD Web Hosting business services manager, said.

"These link farms were linking back to pharmaceutical websites which are obviously looking to boost their Google ranking," he said.

Attackers were able to gain access to around five servers which didn't have the correct security profiles. The problem was compounded by the fact that the company's IP blocking and firewalls were not up to scratch, Mr Najda said.

More here.

Note: Hmmm. I wonder what Russians he could be referring to? -ferg

FBI Agents Don't Always Get Court Orders to Spy on Cellphone Users

Ryan Singel writes on Threat Level:

By now it's well known that FBI agents can't always be troubled to get a court order before going after a surveillance target's telephone and internet records. But newly released FBI documents show that aggressive surveillance tactics have even caused friction within the bureau.

The revelation is the second this year showing that FBI employees bypassed court order requirements for phone records. In July, the FBI and the Justice Department Inspector General revealed the existence of a joint investigation into an FBI counter-terrorism office, after an audit found that the Communications Analysis Unit sent more than 700 fake emergency letters to phone companies seeking call records. An Inspector General spokeswoman declined to provide the status of that investigation, citing agency policy.

More here.

Pentagon Withholds Embarrassing Unclassified Intel Contracting Data

R J Hillhouse writes on The Spy Who Billed Me:

Just as Congress is attempting to get a clearer picture of the extent of outsourcing in the Intelligence Community, the Department of Defense is doing its part to keep this information from the light of public scrutiny.

The Undersecretary of Defense has granted waivers [.pdf] to the Defense Intelligence Agency (DIA), Counterintelligence Field Activity (CIFA) and the National Geospacial Agency (NGA) to withhold unclassified contracting data from a government website designed to give greater transparency to government spending.

More here.

FBI Recorded 27 Million FISA 'Sessions' in 2006

Ryan Singel writes on Threat Level:

At the end of 2006, the FBI's Telecommunications Intercept and Collection Technology Unit compiled an end-of-the-year report touting its accomplishments to management, a report that was recently unearthed via an open government request from the Electronic Frontier Foundation.

Strikingly, the report said that the FBI's software for recording telephone surveillance of suspected spies and terrorists intercepted 27,728,675 sessions.

Twenty-seven million is a staggering number given that the FBI only got 2,176 FISA court orders [.pdf] in 2006 from a secret spy court using the Foreign Intelligence Surveillance Act.

According to the math that means each court order resulted in 12,742 "sessions," all in regards to phone, not internet, surveillance.

More here.

Quote of the Day: Mike Masnick

"Well if the FBI can have a terrible computer system that's useless at catching terrorists, should it really be much of a surprise that the SEC has a computer system that isn't particularly useful at catching insider trading?"

- Mike Masnick, writing on

JibJab: In 2007

Watch it here.

Report: NY Emergency Radio Network Fails First Major Test

An AP newswire article, via, reports that:

A $2 billion radio network intended to connect emergency responders throughout the state failed its first major test, a newspaper reported Tuesday.

Buffalo chose to opt out of the system following what officials said were problems so severe that radios did not work in about half of the state's second largest city, the New York Times reported.

"West of the center of the city we had zero reception," said Buffalo Fire Commissioner Michel Lombardo. In the areas that did receive reception, he said, "it sounded like a guy was talking in a tin can."

More here.

Hat-tip: Danger Room

Google 2007 Year-End Zeitgeist

Via Google Zeitgeist.

We're bidding adieu to 2007 with a look back at the breaking news, the big events and the must-have gadgets that captivated us this year (give or take a few weeks; we compile this list by early December). To get a glimpse of what's been on our collective consciousness, we mined billions of search queries to discover what sorts of things rose to the top.

We encourage you to check out our findings to see if you, too, reflect the zeitgeist — the spirit of the times.

Much more here.

Report: Terrorists Cannot Train Online

Via UPI.

The Internet is useful to Islamic terror groups for propaganda and recruitment, but it cannot be used for terrorist military training, says a U.S. report.

The Austin, Texas-based private sector intelligence company Stratfor says in an analysis that some experts overstate the importance of the Internet.

"Although the Internet has been a great enabler for grassroots (terrorist) cells to spread their ideology and recruit new acolytes, some things are incredibly difficult to accomplish online -- namely, absorbing the technical information and tradecraft of terrorism and applying it to a real-world situation, particularly in a hostile environment," reads the analysis, published last week.

More here.

Microsoft, Google, Yahoo! Settle Gambling Charges

Grant Gross writes on PC World:

Microsoft, Google and Yahoo have agreed to pay a total of US$31.5 million to resolve claims that they promoted illegal gambling, the U.S. Department of Justice announced Wednesday.

Microsoft will pay $21 million, Google will pay $3 million and Yahoo will pay $7.5 million, the DOJ said in a news release. The three companies neither contest nor admit they promoted illegal online gambling by running advertisements for gambling Web sites between 1997 and June of this year.

More here.

Storm, Nugache Lead Dangerous New Botnet Barrage

Dennis Fisher writes on

In early 2006, Dave Dittrich, a senior security engineer and researcher at the University of Washington in Seattle, got a sample of a new strain of malware from a colleague, and began monitoring its activity. The Trojan was a bit lazy at first, making just a few outbound connections.

But it quickly became obvious that this was no ordinary piece of malware, because each of the connections was to a peer and not a central command and control server.

Much more here.

Kaspersky: Pinch Authors Pinched

Via The Kaspersky Blog.

Today Nikolay Patrushev, head of the Federal Security Services, announced the results of the measures taken to combat cyber crime in 2007.

Among other information, it was announced that it had been established who was the author of the notorious Pinch Trojan - two Russian virus writers called Ermishkin and Farkhutdinov. The investigation will soon be completed and taken to court.

It's well known that Pinch is one of the most popular Trojan programs with Russian malicious users. The Trojan makes it possible to steal email, icq and other account data, including to network services and application. The authors of this program, also known as Damrai and Scratch, used Pinch to build a criminal industry.

Patrushev's announcement today clearly shows that the security services are targeting active virus writing groups which participate in cyber crime, and that the steps being taken are meeting with success.

More here.

Adobe Ships 'Highly Critical' Flash Player Patch

Ryan Naraine writes on eWeek:

Adobe Systems has shipped an extremely critical patch to correct at least nine cross-platform vulnerabilities in its ubiquitous Flash Player software.

The APSB07-20 update, available for Adobe Flash Player and earlier, and earlier, and and earlier, could allow complete system takeover attacks on Windows, Mac and Linux machines.

"A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these potential vulnerabilities," Adobe warned Dec. 19.

The company is strongly recommending that all users upgrade to Adobe Flash Player (Win, Mac, Linux) via the software's auto-update mechanism. A patch for Solaris will be issued later.

More here.

DHS Was Warned About DNSSEC Key Ownership and Trust Issues

Brenden Kuerbis writes on The Internet Governance Project (IGP) Blog:

A consulting group (DNK LLC) report [.pdf] to the U.S. Department of Homeland Security stated clearly that the problems of who would own the DNSSEC keys and mistrust of the U.S. government's intentions could be barriers to DNSSEC deployment. While the August 2006 report covers developments only from March 2005 to July 2006, it makes two important points that are relevant and timely today.

First it makes clear, if it weren't already, that the issue of root signing and key management has been recognized as a political issue for long time. It also offers some interesting insights on how DHS has approached the politics of DNSSEC and Internet security.

More here.

Note: I am reminded of an opinion piece in eWeek written by Larry Seltzer entitled, "DNSSEC Is Dead, Stick a Fork in It." How very apropos. -ferg

Tuesday, December 18, 2007

The Rabbit Hole Goes Deeper: Bush Lawyers Discussed Fate of CIA Tapes

Mark Mazzetti and Scott Shane write in The New York Times:

At least four top White House lawyers took part in discussions with the Central Intelligence Agency between 2003 and 2005 about whether to destroy videotapes showing the secret interrogations of two operatives from Al Qaeda, according to current and former administration and intelligence officials.

The accounts indicate that the involvement of White House officials in the discussions before the destruction of the tapes in November 2005 was more extensive than Bush administration officials have acknowledged.

Those who took part, the officials said, included Alberto R. Gonzales, who served as White House counsel until early 2005; David S. Addington, who was the counsel to Vice President Dick Cheney and is now his chief of staff; John B. Bellinger III, who until January 2005 was the senior lawyer at the National Security Council; and Harriet E. Miers, who succeeded Mr. Gonzales as White House counsel.

It was previously reported that some administration officials had advised against destroying the tapes, but the emerging picture of White House involvement is more complex. In interviews, several administration and intelligence officials provided conflicting accounts as to whether anyone at the White House expressed support for the idea that the tapes should be destroyed.

More here.

Note: The depth and shocking audacity of the Bush Administration's machinations make Woodward & Bernstein's "All The President's Men" look like child's play. -ferg

FTC Under Fire as Credit Bureaus Sell Consumers' Data

Deborah Platt Majoras

Byron Acohido and Jon Swartz write in USA Today:

Federal Trade Commission Chairman Deborah Platt Majoras says her agency has done a credible job regulating the Big Three credit bureaus.

But the boom — and now bust — of subprime mortgages is fueling criticism that the FTC under Platt Majoras has given Experian, Equifax and TransUnion too much latitude to profit from the sale of credit data to lenders and consumers.

In February, the National Association of Mortgage Brokers lambasted the FTC for giving the credit bureaus tacit approval to keep selling listings — called "trigger lists" — containing personal and financial data of prospective borrowers. Some unscrupulous lenders used trigger lists to contact people who recently filled out a loan application, and then pitched them subprime mortgages, higher-priced loans aimed at people with spotty credit histories but also marketed to borrowers with good credit.

Most applicants never knew the bureaus were placing them on trigger lists and were surprised to be deluged by phone calls and e-mails for subprime loans. These too-good-to-be-true offers came from brokers who skirted rules requiring traditional lenders to make firm offers only in writing.

More here.

Note: Looks like Majoras has a lot on her hands now, given the fact that she also refuses to recuse herself from Google-DoubleClick oversight, too. -ferg

Chinese Corruption Reporting Website Crashed by Overload on First Day

Via Reuters.

A Chinese government Web site encouraging citizens to report corruption crashed on its first day under the weight of too many hits.

China's National Bureau of Corruption Prevention, formed in September after a string of high-profile scandals involving government officials, launched its official Web site ( on Tuesday.

By the afternoon, the Web site could not be opened, the Beijing Youth Daily said. It quoted an official as saying that the "number of visitors was too large".

The Web site was up later on Tuesday, the paper said, and had 12 pages of comments left by Internet users on its discussion board ranging from allegations of collusion between driving schools and government traffic bureaus to criticism of the Web site itself for being "done relatively crudely".

On Wednesday morning the Web site was again down for a while.

More here.

Charity for Military Families is Struggling

Via The Seattle Post-Intelligencer.

Overwhelmed by requests from military families in Washington for emergency help, the state chapter of a charity advocating for them now also needs help.

"We served over 5,000 military families and are doubling that this year," said Janice Buckley of Snohomish, president of Operation Homefront Washington.

"These military families are stressed out by the sacrifices they have made. The same higher costs that are hitting everyone, especially at Christmas season, are hitting them as well, but in the military it can be very lonely for families -- especially if a member deploys," she said.

Operation Homefront Washington is the 3-year-old state chapter of the larger national organization, Operation Homefront, founded after 9/11 and operating under a memorandum of understanding with the Defense Department to assist military families from all branches.

More here.

Note: If you're looking for a charity to donate money to this holiday season, this one is one that needs your help. -ferg

Google Toolbar Flaw Opens Door for Phishers

Robert McMillan writes on InfoWorld:

Google is working to fix a bug in the Google Toolbar that could allow criminals to steal data or install malicious software on a system, a security researcher warned Tuesday.

The flaw lies in the mechanism Google Toolbar uses to add new buttons on the browser. Because the toolbar does not perform adequate checks when new buttons are being installed, a hacker could make his button appear as though it was being downloaded from a legitimate site when in fact it came from somewhere else. By spoofing the origin of the toolbar button, an attacker could download malicious files or launch a phishing attack against the victim, wrote security researcher Aviv Raff in a blog post on the issue.

Raff has posted proof of concept code, showing how such an attack would work with the Internet Explorer browser. A Google spokeswoman confirmed Tuesday that the company is working to fix the problem.

More here.

Quote of the Day: Michael J. Copps

"In the final analysis, the real winners today are businesses that are in many cases quite healthy, and the real losers are going to be all of us who depend on the news media to learn what’s happening in our communities and to keep an eye on local government."

- Democratic FCC Commissioner Michael J. Copps, quoted in a New York Times article, on the FCC ruling to ease media restrictions that have, until now, prevented a company from owning both a newspaper and a television or radio station in the same city.

Justice Department: No Comment on Forcing Encryption Passphrases

Declan McCullagh writes on the C|Net "Iconoclast" Blog:

The U.S. Department of Justice won't say when it believes an American citizen should be forced to divulge his or her PGP passphrase.

We've been trying for the last two days to get the DOJ to answer this question, which became an important one after last week's news about a judge ruling a criminal defendant can't be forced to divulge his passphrase on Fifth Amendment grounds.

More here.

FOIA Expansion Reviewed by U.S. House

An AP newswire article by Laurie Kellman, via The Detroit Free Press, reports that:

Congress is moving to reverse one area of the Bush administration's trend toward secrecy since the 2001 terrorist attacks by expanding the Freedom of Information Act, increasing penalties for noncompliance and making records held by government contractors subject to the law.

The White House isn't saying whether President George W. Bush will sign the bill, S. 2488, once the House acts on it today. With a congressional recess starting at the end of the week, that raises the possibility that the act's first makeover in a decade could become law without his signature. The Senate passed the bill last week.

More here.

Dutch Regulator Slaps Spyware Purveyors With €1m Fine

Jan Libbenga writes on The Register:

Telecoms watchdog OPTA has fined three Dutch firms and their two directors a total of €1m for the illegal distribution of spyware.

It is the first time OPTA has imposed fines for spreading malicious Trojans, and has been called "one of the biggest cases of illegal software crime", by the regulator.

In 2005, the two unnamed businessmen distributed software called DollarRevenue among millions of internet users. Approximately 450 million software files were installed on 22 million computers in the Netherlands and abroad.

The adware application silently downloaded advertising software and installed it to the computer without the user's knowledge. DollarRevenue was also bundled with some ad-supported products and was extremely difficult to remove.

The software was also directly linked to certain botnet attacks, with over 7,700 machines hacked within 24 hours.

More here.

Swiss Police Shut Down eBay Sale of Ancient Iraqi Stone Tablet

An AP newswire article by Bradley S. Klapper, via E-Commerce Times, reports that:

A 4,000-year-old clay tablet authorities suspect was smuggled illegally from Iraq was pulled from eBay just minutes before the close of the online auction, authorities said Tuesday.

Criminal proceedings have been launched against the seller, identified only as a resident of Zurich, Switzerland, officials said.

More here.

Spy Planes to Recharge by Clinging to Power Lines

Paul Marks writes on

The next time you see something flapping in the breeze on an overhead power line, squint a little harder. It may not be a plastic bag or the remnants of a party balloon, but a tiny spy plane stealing power from the line to recharge its batteries.

The idea comes from the US Air Force Research Lab (AFRL) in Dayton, Ohio, US, which wants to operate extended surveillance missions using remote-controlled planes with a wingspan of about a metre, but has been struggling to find a way to refuel to extend the plane's limited flight duration.

So the AFRL is developing an electric motor-powered micro air vehicle (MAV) that can "harvest" energy when needed by attaching itself to a power line. It could even temporarily change its shape to look more like innocuous piece of trash hanging from the cable.

More here.

Image source: Defense Review

General Dynamics Picked for DHS Cyber Security Work

Jason Miller writes on Washington Technology:

General Dynamics Corp. has won a $48.2 million from the Homeland Security Department’s U.S. Computer Emergency Readiness Team to provide support and analysis services.

Under the contract, General Dynamics will provide U.S.-CERT with situational awareness support, analysis and technical and infrastructure support.

More here.

Ohio Study: Scariest E-Voting Security Report Yet

Ed Felten writes on Freedom to Tinker:

The State of Ohio released the report [.pdf] of a team of computer scientists it commissioned to study the state’s e-voting systems. Though it’s a stiff competition, this may qualify as the scariest e-voting study report yet.

This was the first detailed study of the ES&S iVotronic system, which up to now had been the only major system to have avoided such study. The study found many ways to subvert ES&S systems.

This is yet more evidence that today’s paperless e-voting machines can’t be trusted.

More here.

Monday, December 17, 2007

U.S. Cell Phone Spending Surpasses Land Lines

An AP newswire article by Dibya Sarkar, via, reports that:

With Americans cutting the cord to their land lines, 2007 is likely to be the first calendar year in which U.S. households spend more on cell phone services, industry and government officials say.

The most recent government data show that households spent $524, on average, on cell phone bills in 2006, compared with $542 for residential and pay-phone services. By now, though, consumers almost certainly spend more on their cell phone bills, several telecom industry analysts and officials said.

"What we're finding is there's a huge move of people giving up their land line service altogether and using cell phones exclusively," said Allyn Hall, consumer research director for market research firm In-Stat.

More here.

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Monday, Dec. 17, 2007, at least 3,895 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes eight military civilians. At least 3,168 died as a result of hostile action, according to the military's numbers.

The AP count is two higher than the Defense Department's tally, last updated Monday at 10 a.m. EST.

More here.

And as always, keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Former Russian Spies Are Now Prominent in Silicon Valley Business

Andrew E. Kramer writes in The New York Times:

At a venture capital conference in Silicon Valley, Oleg S. Shvartsman mixed easily among the titans of private equity.

“He didn’t stand out from the crowd,” said Evgeny Zaytsev, the organizer of the conference on Nov. 9.

That is, until he acknowledged in a newspaper interview that the $3.6 billion group of equity funds he manages serves investors “close to the top of the F.S.B. and S.V.R.,” the domestic and overseas espionage agencies of the Russian government.

Russians and outsiders have long suspected that the Federal Security Service, or F.S.B. by its Russian initials, successor to the K.G.B., has had a hand in Russian business. But Mr. Shvartsman’s statement, the boldest such assertion yet, has generated debate over the appropriate corporate role for spies and ex-spies.

More here.

Image source: Theodore's World

Dodd Filibuster Threat Wins - Spying Bill Postponed to Next Year

Ryan Singel writes on Threat Level:

Connecticut senator Christopher Dodd's threatened filibuster of a bill giving immunity to telecoms that helped the government spy on Americans unexpectedly carried the day Monday, as Senate Majority Leader Harry Reid decided to postpone the vote on the measure until after the winter break.

The announcement was an unexpected victory for civil liberties groups, whose anti-immunity fortunes looked grim this morning as the Senate looked primed to pass an expansive spying bill that would free telecoms like AT&T and Verizon from privacy lawsuits.

Dodd showed his moxie and determination all day, as he held the floor for long stretches, railing against an administration-backed bill that would have freed telecoms from 40-odd lawsuits pending against them in federal court.

More here.

Note: I really admire Chris Dodd for his leadership and sheer guts on this one. So much, in fact, that just did something I don't normally do -- contributed to his campaign for presidency. -ferg

Image source: Agitprop

Shameful: Here's How Your Senators Voted on FISA Bill S. 2248

Yes, you've probably heard by now that our elected representatives in the U.S. Senate voted this morning to pass a FISA bill that provides immunity for telecommunications companies that were complicit in providing your telecommunications & call records to U.S. Intelligence & law enforcement without a court-ordered subpoena or warrant.

Bill S. 2248 was passed by 76 votes in favor, 10 opposed, and 14 abstentions.

In my home state of California, U.S. Senator Diane Feinstein (D-CA), who voted in favor of this legislation, will not be getting my vote next time around.

On the other hand, U.S. Senator Barbara Boxer (D-CA), who voted against it, will be getting my vote.

If you would like to see how your elected representative voted for this, and if they betrayed your trust -- by not listening to the voice of their own constituents -- here is the the roll call.

This is, in my opinion, a very bad turn of events for the privacy of the citizens of this country.

- ferg

Note: The New York Times also has a good summary of the situation here. - ferg

True Crime: The Botnet Barons

Andrew Brandt writes on InfoWorld:

When federal agents announced on November 29 that they'd indicted or convicted eight individuals accused of using botnets (networks of computers infected with Trojan horse applications) to engage in criminal activity, the press release barely explained the nature and extent of the men's crimes -- or the investigations that led to arrests in an operation the FBI and other law enforcement agencies have termed Bot Roast II.

When InfoWorld decided to dig a little deeper, we found that the motivations of each perpetrator were far richer, and the nature of the crimes more complex, than a simple rundown of their rap sheets could express.

In fact, the eight Bot Roast II criminals committed a broad range of online crimes, which together make up a representative sample of motives and patterns common to these kinds of crimes. The following story is our attempt to profile the people behind the crimes.

More here.

How Rampant is Typo Squatting? Just Ask WIPO

Enrico Schaefer writes on CircleID:

How prevalent is cybersquatting and typosquatting? Take a look at, and then compare it with the World Intellectual Property Organization’s web site Ironically, the WIPO Arbitration and Mediation Center handles a majority of the UDRP domain dispute arbitrations internationally.

The very organization which is invested with the authority by ICANN to resolve cybersquatting and typosquatting disputes internationally under the UDRP is, by all appearances, being squatted.

More here.

Sunday, December 16, 2007

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Sunday, Dec. 16, 2007, at least 3,893 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes eight military civilians. At least 3,168 died as a result of hostile action, according to the military's numbers.

The AP count is four higher than the Defense Department's tally, last updated Friday at 10 a.m. EST.

More here.

And as always, keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.