Saturday, February 02, 2008

Late Night Flasback: Buffalo Springfield - For What It's Worth


- ferg

Russia's Cyber Warfare Doctrine: From Hackers to H-Bombs

Jeff Carr writes on IntelFusion:

According to an article in Jane's Intelligence Review on the "e-mercenary" (30/07/2001), there were an estimated 250 to 500 hackers in Russia in 1999. Of those, about ten percent were available for hire. Today, it is widely believed that Russia and the states of the former Soviet Republic supply the majority of the world's hackers.

From a purely doctrinal standpoint, Russia and China share a similar cyberwarfare ideology:

"According to Professor Major General Vladimir Belous, 'it can be predicted that the battlefield of the future will begin to shift more and more into the area of intellectual effect. An aggressor country is capable of developing, and under certain conditions executing, a scenario of information war against another state in an attempt to demolish it from within. In that way it is possible to force the enemy to surrender without using traditional kinds of weapons.' (Sergey Ishchenko, "Before the verdict is in: Computers on the attack: Cyberwars already are being depicted on Staff Maps," Moscow Trud, June 28, 2001)

More here.

Off Topic, But Right Message: Yes We Can

As Jim Harper says over on The Technology Liberation Front, "Politics sucks quite a bit less when its served up this way."


- ferg

Hackers Again Bring Down Ghana 2008 Website

Via Monsters & Critics.

Hackers on Saturday broke into the official website of the African Cup of Nations ( and again claimed that Moroccan fans were behind the attack.

Morocco's Atlas Lions were on Monday beaten 2-0 by the hosts and eliminated from the competition. The team has since flown home.

On Saturday the website, which is being used widely by football fans and journalists to book accommodation and make transport arrangements, was down the whole day.

Instead of being usable, the website carried a message from a 'ghost from Morocco.'

More here.

Friday, February 01, 2008

California Senate Passes Identity Theft Bill 40-0


The California State Senate passed a bill Friday that would allow prosecution for identity theft cases in the county where the victim resides.

State Sen. Joe Simitian, D-Palo Alto, co-authored Senate Bill 612 and praised fellow senators Friday for voting 40-0 in favor of the legislation.

Current law permits prosecution in the county where the theft occurred, or where the information was illegally used, even when both locations are hundreds of miles from the victim's home, according to Simitian's office.

More here.

Late Night Flashback: Neil Young - Old Man

Simply... fantastic.

Enjoy. - ferg

U.S. Government Computers Under Attack

Via CBS News.

Computer systems, vital to national defense, are under a growing assault from Internet hackers, cyber terrorists and foreign spies looking to steal secrets and disrupt government operations.

"All around the country, there are literally thousands of attacks every day," Homeland Security Secretary Michael Chertoff told CBS News correspondent Bob Orr.

Secretary Chertoff knows this firsthand; DHS computer networks have already been compromised. So have computers at the Departments of State and Commerce.

Hackers have even breached systems at the Pentagon, infiltrating the email of Defense Secretary Robert Gates. U.S. officials have traced many of the attacks to hackers inside the Chinese government.

More here.

Defense Tech: Cyber Assassination

Kevin Coleman writes on Defense Tech:

“Cyber assassination” is when an individual is unaware that he or she is the subject of a cyber attack designed to discredit them and to call into question his or her credibility or loyalty.

Here's a possible scenario: A senior person in the CIA is working on a case and is disrupting the enemy’s activities or getting closer to uncover covert enemy operatives. A smart enemy might attack the leader or others involved in the investigation in an effort to slow down or derail the efforts to expose them. They may choose to hack the individual’s laptop and place damaging emails that allude to a pay-off on their hard drive. Then all that is required is a subtle leak that gets back to the CIA and you can imagine the rest.

More here.

U.S. Toll in Iraq, Afghanistan

Iraq and Afghanistan statistics via The Boston Globe (AP).

As of Friday, Feb. 1, 2008, at least 3,943 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes eight military civilians. At least 3,209 died as a result of hostile action, according to the military's numbers.

The AP count is one higher than the Defense Department's tally, last updated Friday at 10 a.m. EST.

As of Friday, Feb. 1, 2008, at least 414 members of the U.S. military had died in Afghanistan, Pakistan and Uzbekistan as a result of the U.S. invasion of Afghanistan in late 2001, according to the Defense Department. The department last updated its figures Tuesday at 10 a.m. EST.

Of those, the military reports 282 were killed by hostile action.

More here and here.

And as always, the Iraq Coalition Casualty Count keeps the grim watch on their website here.

Third Cable Cut Compounds Net Woes

Via The BBC.

A submarine cable in the Middle East has been snapped, adding to global net problems caused by breaks in two lines under the Mediterranean on Wednesday.

The Falcon cable, owned by a firm that operates one of the previously damaged cables, was snapped on Friday morning.

The cause of the latest break has not been confirmed but a repair ship has been deployed, said owner Flag Telecom.

Following the earlier break internet services were severely disrupted in Egypt, the Middle East and India.

More here.

Thursday, January 31, 2008

Oxymoron of The Day: 'Hello Secure World'

Silverlight. Secure World.

Which is why I run Firefox with NoScript to specifically block this nonsense.

Very entertaining, though. -ferg

Late Night Flashback: Thin Lizzy - Jail Break

Still awesome after all these years.

Enjoy. -ferg

Scare Tactics: New York Times Reporter Subpoenaed Over Source for Book

Philip Shenon writes in The New York Times:

A federal grand jury has issued a subpoena to a reporter of The New York Times, apparently to try to force him to reveal his confidential sources for a 2006 book on the Central Intelligence Agency, one of the reporter’s lawyers said Thursday.

The subpoena was delivered last week to the New York law firm that is representing the reporter, James Risen, and ordered him to appear before a grand jury in Alexandria, Va., on Feb. 7.

Mr. Risen’s lawyer, David N. Kelley, who was the United States attorney in Manhattan early in the Bush administration, said in an interview that the subpoena sought the source of information for a specific chapter of the book “State of War.”

The chapter asserted that the C.I.A. had unsuccessfully tried, beginning in the Clinton administration, to infiltrate Iran’s nuclear program. None of the material in that chapter appeared in The New York Times.

More here.

Note: As many of you may already know, James Risen and Eric Lichtblau were the New York Times reporters that originally broke the story on the illegal NSA wiretapping in December 2005. -ferg

Significant AT&T Wireless Data Outage Reported

Marguerite Reardon writes on the C|Net New Blog:

Some AT&T wireless customers in the Midwest and Southeast are having trouble accessing 3G and EDGE data services on certain handsets, the company confirmed Thursday.

Problems were reported as early as 6:30 a.m. EST, according to Mark Siegel, an AT&T spokesman. Siegel was not able to say how many subscribers have been affected or what exactly is causing the problem.

He also couldn't specify which specific handsets were having trouble accessing the data network. He would only say they were smartphone handsets. Some users on blogs and message boards have reported that the iPhone, Blackberry, and Palm Treo have all been affected. Siegel also said that some laptop users who have AT&T's PC wireless cards have also had trouble accessing the 3G and EDGE data networks.

More here.

IRC Hackers Set Date For Anti-Scientology Protests


Hackers who launched a massive online attack against the Church of Scientology are now turning to real-world protests to draw attention to what they call a "vast moneymaking scheme under the guise of 'religion.'"

The loosely organized group of hackers, who meet up and coordinate attacks through Internet Relay Chat channels, have set Feb. 10 for a wave of protests at Scientology locations worldwide.

In anonymous postings on the group's Web site, organizers said they are trying to raise awareness about the threats to free speech posed by the church's lawyers, who, the group claims, aggressively try to silence critics by threatening lawsuits. The church said its lawyers follow standard procedures for protecting copyrighted materials.

More here.

xkcd: Real Programmers

Click for larger image.

We love xkcd. - ferg

Best FISA Rant Ever: Keith Olbermann

Via Crooks and Liars.

Keith Olbermann’s Special Comment tonight on Countdown was yet another scathing rebuke of President Bush and his lies about the pending FISA legislation and fear tactics during his final State of the Union address earlier this week. Bush has said repeatedly he would veto any FISA legislation that did not include immunity for the telecommunications companies who broke the law and betrayed the American people.

However, as Keith points out, if the president were to veto the legislation and there was another terrorist attack inside the U.S., he, and he alone would be responsible for it — all in the name of protecting huge corporations over the American people he was charged with protecting.

A "must see" video commentary here.

Mystery Pretexters Targeting Emergency Responders

Kevin Poulsen writes on Threat Level:

Someone is staging social engineerings attacks against emergency responders in a mysterious effort to wheedle sensitive information from them, according to a DHS information-sharing center:

"The Emergency Management and Response—Information Sharing and Analysis Center (EMR-ISAC) continues to receive information regarding instances within the Emergency Services Sector (ESS) of social engineering by telephone, electronic mail, chat rooms, bulletin boards, and face-to-face. Social engineering is a method of fraudulently gaining access privileges to an organization's sensitive information and assets by querying personnel over the communications media identified in the preceding sentence."

More here.

Caught in a (Real) Security Bind

Ryan Naraine writes on eWeek:

RealNetworks finds itself at the mercy of an exploit writer who refuses to share details of a gaping hole in the widely deployed RealPlayer software.

More than a month ago, on Dec. 16, 2007, a Russian security research firm released an exploit for a zero-day vulnerability in RealNetworks' RealPlayer software into a subscription-only exploit package. The vulnerability, which still exists in the most up-to-date version of the cross-platform media player, is still unpatched because RealNetworks has been unable to get data on the bug from the creator of the exploit.

Gleg, one of a handful of legitimate companies that create and sell information on software flaws and exploits, has released of video of the exploit in action as a tease of its availability but, despite repeated pleas from high-level officials at RealNetworks and the Carnegie Mellon Software Engineering Institute CERT/CC (Computer Emergency Response Team), has refused to share details on the bug.

More here.

Note: This has not been a good week for RealNetworks -- their Rhapsody music service was also being used by unscrupulous criminals to serve up malicious banner advertisements and also fingered by for "...failing to accurately and completely disclose the fact that it installs advertising software on the user's computer."

Web 2.0 Security Risks Being Ignored

Julian Goldsmith writes on

Web 2.0 presents a barely understood risk to companies embracing social networking and instant messaging technology as business tools and could force a change in corporate IT security and greater use of encryption.

Almost two-thirds (65 per cent) of US companies do nothing to block third-party collaboration tools, such as real-time communications and information sharing, according to research from Yankee Group.

Tom Rashke, senior analyst at Forrester, said 25 per cent of US CIOs in a recent survey admitted adoption of web 2.0 tools would be a priority in 2008, even though the strategy would potentially increase potential areas of attack, increase the complexity of infrastructure and the return on investment (ROI) was not clear.

More here.

California Senate Approves Bill To Outlaw Skimming RFID Tags

K.C. Jones writes on InformationWeek:

The California State Senate voted to make it a crime to skim information stored on RFID tags.

The Senate voted 36 to 3 to pass the bill, introduced by State Sen. Joe Simitian (D-Palo Alto). The bill, SB 31, goes to the California State Assembly.

Simitian participated in a controlled experiment to demonstrate how skimming works.

"The problem is real," he said, while announcing passage of his bill. "The card I use to access the State Capitol was skimmed and cloned by a hacker in a split second. Minutes later, using that clone of my card, he was able to walk right into the Capitol through a 'secure' and locked entrance." Simitian said personal information on tags used for drivers' licenses and student IDs should be protected the same way other personal property is protected.

More here.

Two Communication Cables in the Mediterranean Are Cut

Heather Timmons writes in The New York Times:

Two undersea telecommunication cables were cut on Tuesday evening, knocking out Internet access to much of Egypt, disrupting the world’s back office in India and slowing down service for some Verizon customers.

One cable was damaged near Alexandria, Egypt, and the other in the waters off Marseille, France, telecommunications operators said. The two cables, which are separately managed and operated, were damaged within hours of each other. Damage to undersea cables, while rare, can result from movement of geologic faults or possibly from the dragging anchor of a ship.

Hundreds of undersea cables often owned and managed by international consortiums keep telecommunications running worldwide. A surge in phones and Internet connections in Asia and to new financial hubs like Dubai has increased traffic on many of these cables.

Most disrupted communications were quickly rerouted through other cables.

More here.

Bush Anti-Terrorist Eavesdropping Spurs Criminal Investigations

Robert Schmidt and James Rowley write for Bloomberg News:

The Bush administration's use of clandestine eavesdropping to fight terrorism is fueling an increase in criminal cases that rely on cooperation between prosecutors and intelligence agents.

Eliminating the wall that discouraged intelligence officials from sharing evidence with prosecutors has led to a quadrupling in the number of criminal investigations drawing on evidence gathered by spy agencies since the Sept. 11 attacks, the Justice Department says. The actual number is classified.

More here.

Bloggers Fingered as Possible National Security Threat

An AP newswire article by Ted Bridis, via The Boston Globe, reports that:

It's the government's idea of a really bad day: Washington's Metro trains shut down. Seaport computers in New York go dark. Bloggers reveal locations of railcars with hazardous materials. Airport control towers are disrupted in Philadelphia and Chicago. Overseas, a mysterious liquid is found on London's subway.

And that's just for starters.

Those incidents were among dozens of detailed, mock disasters confronting officials rapid-fire in the U.S. government's biggest-ever "Cyber Storm" war game, according to hundreds of pages of heavily censored files obtained by The Associated Press. The Homeland Security Department ran the exercise to test the nation's hacker defenses, with help from the State Department, Pentagon, Justice Department, CIA, National Security Agency and others.

The laundry list of fictional catastrophes - which include hundreds of people on "No Fly" lists suddenly arriving at airport ticket counters - is significant because it suggests what kind of real-world trouble keeps people in the White House awake at night.

More here.

Late Night: We Didn't Start The Fire

Just an awesome, awesome flashback to our current reality.


- ferg

Wednesday, January 30, 2008

Mark Fiore: Super Tuesday Change-O-Meter

By Mark Fiore, via The San Francisco Chronicle.


Verizon Taps Marcus Sachs as New Head of Government Affairs for National Security Policy

Via UPI.

One of the nation's leading cybersecurity experts has been named Verizon Inc.'s executive director of government affairs for national security policy.

Marcus Sachs, formerly Washington head of SRI International's Computer Science Laboratory, was named Tuesday in a statement from Verizon.

In the wake of the Sept. 11, 2001, terrorist attacks, Sachs was appointed by President Bush as director of communication infrastructure protection on the National Security Council staff. He later became the Department of Homeland Security's first cyber program director, in which post he developed the initial concept for the department's U.S. Computer Emergency Readiness Team, or US-CERT.

Sachs will represent Verizon on cybersecurity policy matters in government task forces, industry working groups, formal committees and industry trade associations, at the national level in Washington, said the statement.

More here.

Congratulations, Marc! - ferg

New Russian Internet Watchdog Proposed

Via Perspectives on the New Russia.

Today, the Duma is considering in its first reading a Bill "On the Internet" which proposes the creation of an Internet Technology Center. It also envisions the creation of an Association of Electronic Communication for the Inter-Parliamentary Assembly of the countries of the CIS (the loose confederation of successor states to the Soviet Union).

Other CIS countries (like Kazakhstan, Turkmenistan, or Belarus - who already have tight internet controls) could now work closely with the Russian watchdog (an ominous sign).

The government has of course been quick to argue that this body is simply created in response to the rising number of cyber crimes and, in particular, to curb increasing nationalist hate speech that is resounding across the Russian internet.

More here.

Image source: Perspectives on the New Russia

Short Attention Span Theater: Feingold on FISA

Russ Feingold breaks down what’s wrong with the Bush surveillance program in 30 seconds or less.

Via The Washington Note.

Interpol Urges Europe to Join Databases

Via UPI.

Interpol Secretary-General Ronald Noble is calling on European officials to adopt a global perspective on crime and terrorism to enhance the region's security.

Speaking at the 11th European Police Congress in Berlin, Noble urged officials there to utilize Interpol's global security framework. Noble called for the Schengen Information System, a European database with information related to border security and law enforcement, to be supplemented with Interpol's stolen and lost travel documents database, Interpol reported.

More here.

Fusion Watch: ODNI Releases Standards for Suspicious-Activity Reporting

Ben Bain writes on

The Office of the Director of National Intelligence has released for the first time a set of standards for how state, local and federal law enforcement officials should share information on suspicious activity with potential links to terrorism.

The Common Terrorism Information Sharing Standards place state and local intelligence fusion centers at the center of how information on perceived terrorist threats or tips flows among all departments and agencies that use terrorism or homeland security information.

The standards describe suspicious behavior as “observed behavior that may be indicative of intelligence gathering or pre-operational planning related to terrorism, criminal or other illicit intention.” Behavior that could be considered suspicious and potentially tied to terrorism, and thus warrant a report, includes surveillance, photography of facilities, site breaches or physical intrusions, cyberattacks and the examination of security.

More here.

ICANN SSAC Report on Fast Flux Hosting and DNS

My old friend & colleague, Patrik Fältström, writes:

SSAC has released a report [.pdf] on Fast Flux that might be interesting to read for people that are trying to make it easier to find bad guys on the net. Fast flux implies rapid modification of IP addresses associated with a system that hosts a malicious activity, or hosts a domain name that is used for such activities. All to try to make it harder to find and close the services in question.

The report ends with the following:

"Fast flux hosting is a serious and mounting problem that affects name services in all GTLDs. SSAC encourages ICANN, registries and registrars to consider the practices mentioned in this Advisory, to establish best practices to mitigate fast flux hosting, and to consider incorporating such practices in future accreditation agreements."

More here.

FTC Settles With Advertiser For Spam Campaign

Grant Gross writes on InfoWorld:

An online advertiser that drove traffic to its Web sites by sending out spam with misleading subject lines has agreed to settle a U.S. Federal Trade Commission (FTC) complaint charging that it failed to tell consumers they had to spend money to receive so-called free products, the FTC announced Wednesday.

The settlement requires Member Source Media to disclose the costs and obligations associated with the advertised products and services, and bars the company from sending e-mail that violates the CAN-SPAM Act, which regulates the sending of unsolicited e-mail. The company must also pay $200,000 in civil penalties, according to the settlement approved Wednesday in the U.S. District Court for the Northern District of California.

Member Source Media -- doing business as,,, and -- and the company’s owner, Chris Sommer, used deceptive spam and online advertising to lure customers to its Web sites, the FTC alleged.

More here.

Swedish Bank Stops Digital Theft

An AP newswire article, via Wired News, reports that:

A gang of Swedish criminals was seconds away from completing a digital bank heist when an alert employee literally pulled the plug on their brazen scam, investigators said Wednesday.

The would be bank robbers had placed "advanced technical equipment" under the employee's desk that allowed them to take control of his computer remotely, prosecutor Thomas Balter Nordenman said in a statement.

The employee discovered the device shortly after he realized his computer had started an operation to transfer "millions" from the bank into another account, Nordenman said.

"By pulling out the cable to the device, the employee managed to stop the intended transfer at the last second," he said.

More here.

Damaged Cable Cuts Internet in Mideast - UPDATE [4]

An AP newswire article by Pakinam Amer, via Wired News, reports that:

Internet outages disrupted business and personal usage across a wide swathe of the Middle East on Wednesday after an undersea cable in the Mediterranean was damaged, government officials and Internet service providers said.

In Cairo, the Ministry of Communications and Information Technology said the cut in the international communications cable had led to a partial disruption of Internet services and other telecommunications across much of Egypt.

Emergency teams were quickly trying to find alternative routes, including satellite connections, to end the disruptions, Minister Tariq Kamel said. But service was still slow or nonexistent by late afternoon Wednesday.

A telecommunications expert at the Egyptian communications ministry, Rafaat Hindy, said the government was "engaged in efforts to try and overcome the consequences of the problem" but cautioned that "solving this could take days."

More here.

UPDATE: 17:51 PST: Earl Zmijewski has a very good overview of the countries affected by this outage over on the Renesys Blog here. -ferg

UPDATE: 20:07 PST, 31 January 2008: The Renesys folks have a "Part II" on their blog regarding this issue now... -ferg

UPDATE: 11:05 PST, 2 February 2008: The Renesys folks also have posted a "Part III" on their blog regarding these outages. -ferg

UPDATE: 13:57 PST, 7 February 2008: The Renesys folks also have now posted a "Part IV" on their blog regarding these outages. -ferg

Tuesday, January 29, 2008

Off Topic: My New Favorite Blog: FAIL

The FAIL Blog.

Hat-tip: Boing Boing

Quote of The Day [3]: Tim Lee

"Every time the Democrats try to meet the president halfway he moves the goal posts."

- Tim Lee, writing on the Technology Liberation Front, regarding the ongoing FISA debate, in which the Democrats have thus far shown they have no spine.

ISPs Face New Role in Playing 'Network Police'

Michael Geist:

The support for locking down the Internet revives an old debate - the appropriate role and responsibility of ISPs for the activities that take place on their networks.

As the content owners were promoting legal protection for digital locks in the 1990s, the ISPs were supporting legal frameworks that treated them as the equivalent of common carriers that transferred data across their networks without regard for the content itself.

While that approach ensured that ISPs did not take an active role in monitoring or filtering Internet-based activity, the recent move toward a two-tiered Internet - one in which the ISPs themselves dream of distinguishing between different content as a new revenue source - revived the notion that ISPs could be called upon to play a more active role in monitoring and blocking content.

More here.

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Tuesday, Jan. 29, 2008, at least 3,941 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes eight military civilians. At least 3,203 died as a result of hostile action, according to the military's numbers.

The AP count is five higher than the Defense Department's tally, last updated Tuesday at 10 a.m. EST.

More here.

And as always, the Iraq Coalition Casualty Count keeps the grim watch on their website here.

Australia: Plastic Bags Patch Telstra Telco Lines

Joe Hildebrand writes on Australian IT:

Thousands of people are having their phones cut off every time it rains because cost-cutting by Telstra means the lines are no longer waterproof and sometimes protected only by children's lunch bags.

The Daily Telegraph has learned the number of faults skyrocketed to more than 5000 problems during the rains last week, compared to an average of 1000 in normal conditions.

The problem is so severe that parts of NSW are referred to as "Baghdad" because the plastic bag patch-up technique is so prevalent.

The situation follows massive job cuts as part of the controversial cost-cutting program embarked on by Telstra CEO Sol Trujillo in 2005.

More here.

UK: Terror Investigations Take Toll on British Intelligence


Britain's spy centre that eavesdrops on communications lacks resources and cannot cope with the growth in counter-terrorism operations in recent years, a parliamentary report concluded.

The shortcomings mean the Government Communications Headquarters (GCHQ), the country's intelligence monitoring hub, cannot adequately support the security services in the fight against terrorism, the report said.

More here.

Quote of The Day [2]: Steven Levy

"That would jack up the $2.99 iTunes rental fee for 'The Magnificent Seven' by 10 bucks. A high-def movie, typically 4 gigs, could cost you $30 more."

- Steven Levy, writing on his new Washington Post blog "The Technologist", regarding Time Warner's experiment with usage-based broadband billing.

ICANN Board Recommends Ending Domain Tasting


The Internet Corporation for Assigned Names and Numbers is looking to effectively end domain tasting with a proposal to start charging the annual ICANN fee on registrar domain registrations.

Domain tasting is the use of the Add Grace Period to test the profitability of a domain name registration. The AGP is a five-day period following the initial registration of a domain name when the registration may be deleted and a credit can be issued to a registrar.

"Domain tasting has been an issue for the Internet community and ICANN is offering this proposal as a way to stop tasting," said Dr Paul Twomey, ICANN’s President and CEO. "Charging the ICANN fee as soon as a domain name is registered would close the loophole used by tasters to test a domain name’s profitability for free."

AGP was originally introduced by registries so registrars could avoid costs if a domain name was mistyped or misspelled during the registration process. It is part of the .com, .net, .org, .info, .name, .pro, and .biz registry contracts.

Tasting has been a serious challenge for the Internet community and has grown exponentially since 2004. In January 2007 the top 10 domain tasters accounted for 95% of all deleted .com and .net domain names — or 45,450,897 domain names out of 47,824,131 total deletes.

More here.

'Scientology vs. The Internet' Takes an Ugly Turn

Ryan Singel writes on Threat Level:

Anti-Scientology agitators have repeatedly harassed and threatened violence against a 59-year-old PG&E worker and his wife, who they mistakenly flagged as pro-Scientology hackers.

John Lawson, who lives in Stockton, California with his wife Julia, began receiving threatening phone calls around 2 a.m. Saturday morning. He didn't know why until THREAT LEVEL explained that a hacking group calling itself the g00ns posted his home address, phone number and cell numbers, as well as Julia's Social Security number, online. The obscene and threatening calls have continued through Tuesday, according to Lawson.

The calls are just one small offshoot of an ongoing, larger attack on the Church of Scientology by a ragtag group of internet troublemakers who call themselves Anonymous. The group says it is targeting Scientology in part for its use of litigation to suppress unflattering documents on the internet.

More here.

TRIP'ed Up: When Your Name Is Mud at the Airport

Scott McCartney writes on The Wall Street Journal:

A government program set up to remove innocent people from terrorism no-fly and watch lists has been ineffective and riddled with problems, travelers and congressional leaders say.

The Department of Homeland Security's Traveler Redress Inquiry Program, or TRIP, was started almost a year ago to clear people routinely subjected to extra airport-security screening and even detention simply because their names were confused with those on the government's voluminous terrorism watch lists. The lists now contain more than 700,000 records and include many names as common as John Thompson and James Wilson.

But travelers say TRIP has done little to ease their security hassles.

More here.

The Potential Hazards of the Protect America Act

Matt Blaze:

A recurring theme in this blog over the last year has been how the sweeping surveillance technology envisioned by the 2007 US Protect America Act introduces fundamental technical vulnerabilities into the nation's communications infrastructure.

These risks should worry law enforcement and the national security community at least as much as they worry civil liberties advocates. A post last October mentioned an analysis that I was writing with Steve Bellovin, Whit Diffie, Susan Landau, Peter Neumann and Jennifer Rexford.

The final version of our paper, "Risking Communications Security: Potential Hazards of the Protect America Act," will be published in the January/February 2008 issue of IEEE Security and Privacy, which hits the stands in a few weeks. But you can download a preprint of our article [.pdf] today...

More here.

Renewed Concern Over 'Digital Pearl Harbor'

Bob Sullivan writes on MSNBC's "Red Tape Chronicles" Blog:

From the moment U.S. top cybercop Richard Clarke uttered the words "digital Pearl Harbor" in 2000, the technology world has been engaged in bitter debate: Could hackers really cause as much chaos with computers as terrorists armed with bombs and guns? Or are security experts simply spreading fear and trying to sell products when they talk about cyber attacks?

The discussion had died down until recently, owing to the fact that no digital Pearl Harbor ever occurred.

But then came reports late last year that Chinese nationals were actively attacking computers run by the U.S. government and private British companies, all of which were vehemently denied by the Chinese government.

Now security expert Alan Paller has fanned the flames, quoting a CIA agent as saying that hacker-profiteers had carried out the mother of all hack attacks -- taking power plants offline and extorting their owners for cash.

More here.

U.S. DoD Considers Prohibiting Personal Use of Networks

John Rendleman writes on

The Defense Department is considering a policy that would banish all traffic not proven to be purely official DOD business from its networks, said Lt. Gen. Charles Croom, director of the Defense Information Systems Agency, last week at the Institute for Defense and Government Advancement’s Network Centric Warfare 2008 conference in Washington.

The proposal to ban non-official traffic from the network is intended to increase the network’s security and stability by reducing the number of times malicious software code enters DOD networks, Croom said.

More here.

Quote of The Day: Bruce Schneier

"The debate isn't security versus privacy. It's liberty versus control."

- Bruce Schneier, writing on the false assertion that intrusive surveillance of Internet traffic makes us "safer".

Monday, January 28, 2008

Russian Call for 'Internetpol' to Fight Cyber Crime

Brad Howarth writes on

In its home market Kaspersky Lab is a giant, being the largest software tools supplier for virus and other malicious software (also called malware) removal in Russia and the Commonwealth of Independent States. It was founded 10 years ago, with four people, and today has grown to employ more than 800 worldwide.

The privately held company expects to report a profit of $US40 million ($A45.5 million) on revenue of more than $US200 million for 2007, with hopes of revenue hitting $US330 million this year and close to $US1 billion in 2010.

Kaspersky is aware of the incongruity of being an anti-virus company in Russia, a country considered by many to be the source of much of the world's malicious software code. But he disputes this assumption.

One of the most common — but least accurate — means of determining the place of origin of malicious code is to study the language of any written comments embedded in it. "Just because they use Russian characters, that doesn't mean they are Russian citizens — they could be Russian-speaking persons in Europe or the United States," he says.

More here.

Note: Eugene Kaspersky: Please contact me here. I would like to work with you (and other security industry professionals) to make this effort reality.

I do disagree with some of your assumptions here, but good information-sharing can fix these inaccuracies. - ferg

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Monday, Jan. 28, 2008, at least 3,940 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes eight military civilians. At least 3,201 died as a result of hostile action, according to the military's numbers.

The AP count is seven higher than the Defense Department's tally, last updated Monday at 10 a.m. EST.

More here.

And as always, the Iraq Coalition Casualty Count keeps the grim watch on their website here.

UK: Phones Tapped at The Rate of 1,000 a Day

James Kirkup writes on The Telegraph:

Britain is in danger of becoming a "surveillance state" as authorities including councils launch bugging operations against 1,000 people a day.

Councils, police and intelligence services are tapping and intercepting the phone calls, emails and letters of hundreds of thousands of people every year, an official report said.

Those being bugged include people suspected of illegal fly-tipping as councils use little known powers to carry out increasingly sophisticated surveillance to catch offenders.

The report, by Sir Paul Kennedy, the Interception of Communications Commissioner, has fuelled fears that Britain is becoming a state where private communications are routinely monitored.

More here.

U.S. Dept. of Energy Cyber Security Slammed

Via UPI.

Cybersecurity at the U.S. Department of Energy, which guards the nation's most important scientific secrets, is hampered by conflicting and overlapping roles.

A report by Energy Inspector General Gregory Friedman says that "as many as eight independent cyber security intrusion and analysis organizations" were at work in the department, reporting to either "program elements" or "facility contractors."

Their "missions and functions we found to be, at least partially, duplicative and not well coordinated," reads the report, released Friday.

The eight organizations lacked "a common incident reporting format and did not always ensure that essential attack-related information needed for investigative or trending purposes was reported or retained," Friedman found.

More here.

Dems Defeat Republican Fast Tracking of Spying and Telco Immunity Bill

Ryan Singel writes on Threat Level:

Senate Democrats defeated Monday a Republican attempt to ram through a bill that expands the government's warrantless spying powers and give retroactive legal immunity to telecoms that aided the President's secret warrantless wiretapping program.

The attempt by the Republicans to prohibit amendments to the bill and limit debate time failed to gather enough votes and failed with 48 yes votes and 45 against it. They needed 60 yes votes to limit the debate..

More here.

Off Topic: The SOTU 2008 Drinking Game

Enjoy. - ferg

U.S. Government Seeks to Invest $6B in 'Security by Obscurity'

Rich Steinnon writes on the ZDNet "Threat Chaos" Blog:

According to the Wall Street Journal this morning the Bush administration is pushing to spend $6 billion on cyber security in one year! They claim that US telecom systems are not adequately protected and that they need to spend this money to protect it. Just one problem, the government is not revealing to Congress just how these funds will be spent.

First of all let’s put some perspective around the size of this budget. $6 billion is larger than the entire industry for firewalls. That’s right, the total sales of firewalls from Check Point, Cisco, Juniper, Watchguard, Sonicwall, and twenty other vendors, world wide, is less than $6 Billion. The entire security industry for products is less than $24 Billion.

More here.

Sunday, January 27, 2008

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Sunday, Jan. 27, 2008, at least 3,934 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes eight military civilians. At least 3,200 died as a result of hostile action, according to the military's numbers.

The AP count is three higher than the Defense Department's tally, last updated Friday at 10 a.m. EST.

More here.

And as always, the Iraq Coalition Casualty Count keeps the grim watch on their website here.

Facebook Apps On Any Website: A Clever Move? Or a Security Nightmare?

Well, given the amount of malicious JavaScript, malware, and other possibilities to use Facebook (and other similar social networking platforms) for abuse, I certainly wouldn't categorize this news as a "clever move".

The announcement says, in part, that:

...JavaScript client library allows you to make Facebook API calls from any web site and makes it easy to create Ajax Facebook applications. Since the library does not require any server-side code on your server, you can now create a Facebook application that can be hosted on any web site that serves static HTML. An application that uses this client library should be registered as an iframe type. This applies to either iframe Facebook apps that users access through the Facebook web site or apps that users access directly on the app’s own web sites. Almost all Facebook APIs are supported.

In fact, I foresee this as an extraordinarily short-sighted move with far-reaching security implications -- which will allow the levels of malicious abuse to reach new heights.

In fact, minor annoyances such as this may become fond memories, as this new "feature" will allow miscreants to create much more malicious functionality.

So, this is a forecast placeholder for me -- we'll have to look back on my prediction at some point in the future to see if I'm right, or not.

- ferg