Saturday, March 14, 2009

Goodbye, Blockbuster. Hello, Netflix.

The only thing Blockbuster had going for it was the neat-o, convenient feature where you could return your "by mail" rentals for free in-store replacements when you returned in person, instead of by mail -- and now they have gone and screwed that up, too.

I was kind of wondering why the guy at my local Blockbuster muttered to me last week that (paraphrased) " won't get the next DVD in your queue until you return this one..." -- referring to my in-store exchange selection.

Now I know.

They deviously changed their policy, and -- oh yeah, they didn't bother notify their subscribers. Their customers.

Isn't there a law against that or something?

No matter -- I have now canceled my online, by mail DVD rental subscription to Blockbuster, and subscribed to Netflix. It's cheaper anyways.

I'll keep my Blockbuster card, just in case I want to drop in sometime and pick up a DVD in person, but they just lost another customer due to idiot business practices and for their own stupidity.


- ferg

India: Prime Minister's Office e-Mail System Infected for Three Months

Via The Times of India.

E-mail system of the Prime Minister's Office was under the grip of a computer virus for three months last year forcing officials to replace the software.

The technical glitch plagued the e-mail communication system of the PMO, which was based on the Microsoft Outlook Express, from February to April in 2008.

Although the extent of damage was uncertain, the PMO said that most of the e-mails addressed to it were not received.

The problem was detected only in late April after which the Microsoft Outlook Express email software was discontinued and replaced by another software - Squirrel mail.

The matter came to light during one of the hearings of the Central Information Commission where the PMO submitted that "there was virus problem during the months of Feb-Mar-Apr that was finally diagnosed only late in April".

More here.

Merchant of Death Watch: U.S., Russia Spar Over Viktor Bout

Viktor Bout, in Thailand prison in July 2008.

An AP newswire article, vis, reports that:

U.S. President George W. Bush's last meeting with the prime minister of Thailand was in August, a swan song moment before his departure. Yet he made time to bring up the issue of one man: Viktor Bout, also known as the Merchant of Death.

Bout, a Russian businessman who is thought to be the world's most notorious arms dealer, has been held in a Bangkok prison since he was arrested last March after a U.S.-Thai sting operation. The United States is desperate to extradite him for trial to New York, where he has been indicted for allegedly conspiring to sell millions of dollars worth of weapons to leftist rebels in Colombia.

The Bush administration "wanted the prime minister to understand that this was an issue of importance to us, given that we have a very solid legal case against Viktor Bout," said Juan C. Zarate, former deputy national security adviser for counterterrorism.

Yet Russia is equally keen to get Bout out of Thailand and back to Moscow. After a yearlong tug of war between Russia and the United States, a Thai judge could rule on Bout's fate as soon as next week.

More here.

Image source: Foreign Policy Passport Blog

FBI Cited for Worst FOIA Responses

Ben Bain writes on

An open-government group cited the FBI today for poor response to requests for records by giving the bureau its annual award for “outstandingly bad responsiveness to the public that flouts the letter and spirit of the Freedom of Information Act” (FOIA).

George Washington University’s National Security Archive gave its "Rosemary Award" to the FBI for what the group found to be a high percentage of “no records” responses to FOIA requests in 2008 and the low percentage of requests that the FBI granted. According to the archive, last year the FBI gave “no records” responses to 57 percent of the requests it processed and provided documents in less than 14 percent of the cases. In addition, the group said the FBI granted only 89 FOIA requests in full by providing unredacted versions of all the documents requested.

The archive said FBI’s FOIA response rates were worse than the other major agencies and criticized the time it took the bureau to respond to record requests. Tom Blanton, that group’s director, also cited problems with the way the bureau searches its computer systems for records that have been requested.

More here.

No Warrant Required: Feds Submit 20k Phone Location Requests Per Year

Chris Soghoian writes on Slight Paranoia:

Last week, the Berkman Center hosted Al Gidari, a partner at Perkins Coie, who frequently represents some of the major telecom companies as well as a few household names in the Web 2.0 world. Most famously, he represented Google, and helped to fight off the Department of Justice's request for search logs.

I was super happy to have helped to bring Al to Berkman. He is one of the most knowledgeable people out there on the obscure and shadowy world of surveillance law.

Perhaps the most interesting gem for me was Al's mention that the wireless carriers each receive about 100 requests per week from law enforcement for the location information on consumers. Most importantly, one request can be for "every person using this particular cell tower in a 10 minute span" -- and thus, can apply to hundreds or thousands of people.

100 requests per week * 4 wireless carriers (Sprint, Verizon, AT&T, T-Mobile) * 52 weeks = 20,800 requests per year, none of which require a warrant or judicial oversight. Scary.

More here.

Friday, March 13, 2009

Post 9/11: Fake Passports Still Easy to Obtain

An AP newswire article by Eileen Sullivan, via The Boston Globe, reports that:

Using phony documents and the identities of a dead man and a 5-year-old boy, a government investigator obtained U.S. passports in a test of post-9/11 security. Despite efforts to boost passport security since the 2001 terror attacks, the investigator fooled passport and postal service employees four out of four times, according to a new report made public Friday.

The report by the Government Accountability Office, Congress' investigative arm, details the ruses:

  • One investigator used the Social Security number of a man who died in 1965, a fake New York birth certificate and a fake Florida driver's license. He received a passport four days later.
  • A second attempt had the investigator using a 5-year-old boy's information but identifying himself as 53 years old on the passport application. He received that passport seven days later.
  • In another test, an investigator used fake documents to get a genuine Washington, D.C., identification card, which he then used to apply for a passport. He received it the same day.
  • A fourth investigator used a fake New York birth certificate and a fake West Virginia driver's license and got the passport eight days later.

Criminals and terrorists place a high value on illegally obtained travel documents, U.S. intelligence officials have said. Currently, poorly faked passports are sold on the black market for $300, while top-notch fakes go for around $5,000, according to Immigration and Customs Enforcement investigations.

More here.

SAIC to Support U.S. Air Force Cyber Warfare

Via UPI.

The U.S. Air Force has contracted Science Applications International Corp. to provide cyberspace-management and analytical-support services.

U.S. company SAIC was awarded the contract from the Air Force Intelligence, Surveillance and Reconnaissance Agency. Under the $12 million deal, SAIC will provide support services for the Air Force Network Operations.

Officials said the majority of the support work from SAIC would take place at Barksdale Air Force Base in Louisiana and would include helping AFNETOPS manage next-generation warfare, cyber defense and attack operations and other services.

More here.

Ukraine Officials Vow to Counter Cyber Crime

Via UPI.

Ukraine government authorities are looking to increase coordinated international efforts to combat cybercrimes.

The Ukrainian government sent a delegation of representatives from the State Financial Monitoring Committee, Ministry of Internal Affairs and other agencies to participate in Octopus Interface 2009, an international conference on cybercrimes in Strasbourg, France.

Ukrainian authorities participated in the conference as part of a government effort in Ukraine to strengthen efforts to combat the evolving threat of terrorism, money laundering, fraud and other crimes that have a growing presence on the Internet.

The conference focused on ways to enhance coordinated actions to combat cybercrimes on the national and global scale.

More here.

Visa Suspends Heartland: A Little Revisionist History?

Evan Schuman writes on StorefrontBacktalk:

Visa struck back at both Heartland on Thursday (March 12), suspending the data breach victim and removing it from Visa’s online list of PCI DSS compliant providers. Visa’s chief enterprise risk officer, Ellen Richey, told banks the news in an E-mail Thursday.

Richey described Heartland’s status as being “in a probationary period,” during which it can still accept payments, assuming it meets various new requirements. Heartland “is now in a probationary period, during which it is subject to a number of risk conditions including more stringent security assessments, monitoring and reporting. Subject to these conditions, Heartland will continue to serve as a processor in the Visa system.”

Heartland issued a statement Friday (March 13) that didn’t address Visa’s suspension, but was clearly prompted by it. “Heartland Payment Systems is pleased to continue our long relationship with Visa. Heartland is cooperating fully with Visa and other card brands and we are committed to having a safe and secure processing environment,” the statement said, which added that Heartland was certified as PCI-DSS compliant in April 2008 and “expects to continue to be assessed as PCI-DSS compliant in the future. We’re undergoing our 2009 PCI-DSS assessment now, which Heartland believes will be complete no later than May 2009 and will result in Heartland, once again, being assessed as PCI-DSS compliant.”

In Richey’s E-mail, she also referenced Heartland’s comments to Visa that it hopes to assessed PCI compliant soon. Heartland “will be relisted once it revalidates its PCI DSS compliance using a Qualified Security Assessor and meets other related compliance conditions.”

More here.

Friday Monkey Blogging: Chimps Use Geometry to Navigate The Jungle

As I mentioned a few months ago, I started a regularly recurring blog entry meme every Friday afternoon, inspired by Bruce Schneier's regular series of "Friday Squid Blogging" posts, and my very own maddening Monkey Theory.

Here is this week's installment.

Ewen Callaway writes on

If you're ever lost in the jungle, follow a chimpanzee. New research suggests the great apes keep a geometric mental map of their home range, moving from point to point in nearly straight lines.

"The kind of striking thing when you are with the chimpanzees in the forest is that we use a compass or GPS, but obviously these guys know where they are going," says Christophe Boesch, a primatologist at the Max Planck Institute for Evolutionary Anthropology in Leipzig.

With the aid of GPS, he and colleague Emmanuelle Normand shadowed the movements of 15 chimpanzees in Côte d'Ivoire's Taï National Park for a total of 217 days.

In a given day, a single animal might visit 15 of the roughly 12,000 trees in its 17-square-kilometre range, Boesch says. "They are kind of nomads."

More here.

Image source: NewScientist / Frans Lanting / National Geographic / Getty

Deutsche Post Raided in Connection with Spying Affair

Via Deutsche Welle.

The prosecutor's office in Bonn announced that it had raided Deutsche Post headquarters on Friday, March 13, as well as the residence of Zumwinkel and former Deutsche Telekom CEO Kai-Uwe Ricke.

According to Deutsche Post spokesperson Silje Skogstad, "no documents were seized" during the raid at Deutsche Post and the company is "not opposed to the investigation."

Klaus Zumwinkel, who was the Chief of the Board of Directors at Deutsche Telekom at the same as he was CEO of the sister company Deutsche Post, is at the center of investigations. Zumwinkel has already faced tax evasion charges which resulted in a suspended sentence of two years and a financial punishment of one million euros ($1.29 million).

In mid-May 2008, Deutsche Telekom announced they were launching an internal investigation into a data scandal. During 2005 and 2006, approximately 65 people including the formal Human Resources CEO Heinz Klinkhammer, board members and journalists were allegedly spied on. The purpose of the spying was reportedly to prevent the release of internal data to the public.

Senior prosecutor Friedrich Apostel has revealed that eight suspects are being investigated in the matter, with Zumwinkel and former Deutsche Telekom CEO Ricke at the center of the investigation

Ricke's residence in Switzerland was raided and his wife's house in Bavaria was also searched. Zumwinkel's former villa in Cologne as well as his house on Italy's Lake Garda were also searched. Two computers were seized from his Italian home.

More here.

Hacktivism Watch: Political Network Attacks Increase

Erica Naone writes on the MIT Technology Review:

When armed conflict flared up between Russia and Georgia last summer, the smaller country also found itself subject to a crippling, coordinated Internet attack. An army of PCs controlled by hackers with strong ties to Russian hacking groups flooded Georgian sites with dummy requests, making it near impossible for them to respond to legitimate traffic. The attacks came fast and furious, at times directing 800 megabits of data per second at a targeted website.

This type of politically motivated Internet attack is becoming increasingly common, says Jose Nazario, manager of security research for Arbor Networks. "The problem is sweeping and has changed over the years," Nazario said during a presentation at the security conference SOURCE Boston this week. He noted that the frequency of these attacks and the number of targets being hit have grown steadily over the past few years.

More here.

Plunge: Fergie's Tech Blog Now Ad-Free

I've been contemplating it for a while, but finally took the plunge -- with the recent news that Google Ads will now be targeting people based on behavioral targeting models, I can no longer in good conscience continue to host Google ads on the blog.


- ferg

Lessons From the Russia-Georgia 'Cyber War'

Kenneth Corbin writes on

With the benefit of hindsight, the Russian military campaign against Georgia last summer seems to offer conclusive proof that cyberwar has come into its own.

Speaking here at the FOSE convention, an annual trade show for government IT workers, Georgia's Secretary of National Security, flanked by a pair of U.S. security experts, recounted the experience of last July when the small nation in the Caucasus saw its digital infrastructure brought to its knees.

"It's distressful to think of the way in which the technology which is so helpful and beneficial for all of us to get all the nations together and then ... is used for the purposes [where] people suffer," said Eka Tkeshelashvili, who at the time of the Russian invasion was Georgia's foreign minister.

Aug. 7 marked the official date of the onset of the conflict, when Russia launched air and ground strikes in the disputed territory of South Ossetia, but the offensive began in earnest the previous month with a massive Internet attack on Georgia's government Web sites and commercial operations.

"Today, cyberspace has clearly emerged as a dimension to attack an enemy and break his will to resist," said Paul Joyal, managing director of public safety and homeland security for National Strategies Inc.

More here.

Former FBI Director Calls for Decentralization of Cyber Security Responsibilities

Via H-Online.

Louis Freeh, formerly director of the Federal Bureau of Investigation (FBI), says last week's resignation of Rod Beckström from his post as director of the US Homeland Security's National Cybersecurity Center is symptomatic of a fundamental problem in the USA. In his keynote speech at the Federal Office Systems Exposition (FOSE) in Washington DC, he confirmed Beckströms impression that the NSA is grabbing too much power. Media reports say Freeh is calling for closer cooperation between government authorities and private companies.

Freeh said there are many cybersecurity experts in the FBI (of which Freeh was director from 1993 to 2001) and also in the NSA, but for better efficiency these institutions should serve rather as interfaces. He still sees some problems with cooperation between government authorities and private companies, quoting as one example the uncertainty of telecommunications companies about their responsibility for monitoring traffic on behalf of the NSA. He thinks the problems of security on civilian, military and intelligence networks are also too complex for a state organisation to resolve.

Beckström resigned last week, just a year after his appointment as director of the National Cyber Security Center (NCSC), citing as one reason the NSA's grabbing too many powers, within the domain of cybersecurity, that should rightly be the responsibility of the Department of Homeland Security (DHS). This, he warned, endangered the democratic process. He further complained that his area of responsibility had not been adequately financed.

More here.

Off Topic: Friday the 13th and The Knights Templar

Happy Friday the 13th.

Via Wikipedia.

At dawn on Friday, October 13, 1307, scores of French Templars were simultaneously arrested by agents of King Philip, later to be tortured in locations such as the tower at Chinon, into admitting heresy in the Order.

Over 100 charges were issued against them, the majority of them identical charges to what had been earlier issued against the inconvenient Pope Boniface VIII: accusations of denying Christ, spitting and urinating on the cross, and devil worship. The main interrogation of the Templars was under the control of the Inquisitors, a group of experienced interrogators and clergy who circulated around Europe at the beck and call of any European noble.

The rules of interrogation said that no blood could be drawn, but this did nothing to stop the torture. One account told of a Templar who had fire applied to the soles of his feet, such that the bones fell out of the skin. Other Templars were suspended upside-down or placed in thumbscrews.

Of the 138 Templars (many of them old men) questioned in Paris over the next few years, 105 of them "confessed" to denying Christ during the secret Templar initiations. 103 confessed to an "obscene kiss" being part of the ceremonies, and 123 said they spat on the cross. Throughout the trial, however, there was never any physical evidence of wrongdoing, and no independent witnesses - the only "proof" was obtained through confessions induced by torture.

More here.

Thursday, March 12, 2009

Worldwide Cyber Crime Police Network Grows

Jeremy Kirk writes on PC World:

More countries are joining a network designed to quickly react to cybercrime incidents around the world, a senior U.S. Federal Bureau of Investigation official said Wednesday.

Fifty-six nations are now part of the 24/7 Network, which means a country has a computer security official available at all times to help meet requests for data or preservation of data from another nation, said Christopher Painter, deputy assistant director of the FBI's cyberdivision.

Becoming part of the network is required under the Convention on Cybercrime, an international treaty that sets a legal model for other countries to follow when writing anticybercrime legislation.

Of 47 countries that are part of the Council of Europe, 24 have ratified the treaty, and 23 others have signed it but are awaiting their national legislatures to ratify it. Countries outside the Council are invited to accede to the treaty, meaning they have national laws in line with the treaty.

The 24/7 Network is intended to improve coordination between law enforcement, as Internet scams and frauds are often executed using networks of hacked computers located around the world.

More here.

Cybercrime-as-a-Service Takes Off

Ry Crozier writes on

Malware writers that sell toolkits online for as little as $400 will now configure and host the attacks as a service for another $50, a security expert has said.

Speaking at the Vasco Banking Summit in Sydney yesterday, the company's technical account manager, Vlado Vajdic, told delegates that cyber crime was becoming so business-like that online offerings of malicious code often included support and maintenance services.

Additionally, he said, cybercrime outsourcing would become a key trend in 2009.

"It was inevitable that services would be sold to people who bought the malware toolkits but didn‘t know how to configure them," Vajdic said.

"Not only can you buy configuration as a service now, you can have the malware operated for you, too. We saw evidence of that this year."

"Investors get malware developers to write code for them and then get the writers to host and distribute it, too."

More here.

Wednesday, March 11, 2009

Mark Fiore: COPS - Darfur

More Mark Fiore brilliance.

Via The San Francisco Chronicle.

- ferg

APWG Suggests e-Crime Reporting System

Jeremy Kirk writes on TechWorld:

A group dedicated to fighting phishing scams has developed a way for police and other organisations to report e-crimes in a common data format readable by a web browser or other application.

The challenge facing law enforcement and security organisations is a lack of a coherent reporting system, said Peter Cassidy, secretary general of the Anti-Phishing Working Group (APWG), a consortium that tracks Internet fraud and scams.

Until now, there was no standard way to file an e-crime report. That makes it hard to coordinate the vast amount of data that is collected on cybercrime, Cassidy said.

APWG decided to develop a terminal file format for e-crime incidents. APWG wanted reports to have unambiguous time stamps, support for different languages, support for attaching malware and the ability to classify the kind of fraud and the company brand that was being attacked, Cassidy said.

APWG couldn't find an existing data model that was perfect. But the group did see potential for the XML-based Instant Object Description Exchange Format (IODEF), which was already being used by computer incident response teams to report adverse network events.

"It had a lot of the things we needed," Cassidy said.

APWG has created some extensions to IODEF to cover its other needs.

More here.

Note: Hopefully I will see you at the 3rd APWG Counter e-Crime Operations Summit (CeCOS III) in Barcelona in mid-May 2009. Details here. -ferg

Police in Romania Detain 20 Alleged Hackers

An AP newswire article, via, reports that:

Police in Romania on Wednesday detained 20 people suspected of cloning the Web sites of banks in other countries to deplete customers' bank accounts.

Stefan Negrila, chief of the organized crime police in the western city of Timisoara, said people in Italy and Spain were tricked into divulging their bank details.

The information was used by accomplices in those countries to withdraw cash, Negrila said, adding that the fraud could total hundreds of thousands of euros.

In another case, police detained a person suspected of hacking into the servers of U.S. universities and government agencies, including NASA. Police believe the suspect installed a program that registered a U.S. IP address to keep authorities from finding him.

No further information on that case was immediately available.

More here.

Russia's Cyber-Attacks on Georgia and Estonia Draw Criticism

Jacob Goodwin writes on

The popular concept of the cyber-attacks launched by Russia against Estonia and Georgia in recent years is that an army of volunteer hackers bombarded government computers in those target countries with disabling botnet attacks.

But the reality is that most of the cyber-pain suffered by Estonia, for example, was caused when the U.S. and European banking system chose intentionally to cut off Estonia from the Internet-based financial clearing networks, because the networks couldn't distinguish bona fide transactions emanating from Estonia from botnet-induced bogus transactions.

"We lost the U.S. Treasury for four hours," explained Stephen Spoonamore, a partner with Global Strategic Partners and an expert in international cyber warfare, "and that's really bad."

While Estonia's banking system was being bombarded, the European banking settlement networks were trying to close for the day, but were being flooded with botnet attacks from Estonia and Lithuania (another target of Russia's cyber-offensive).

Trillions of dollars of flow was at stake, said Spoonamore, during a luncheon presentation at the GovSec security show in Washington on March 11, "but no one could tell what was real." To protect the integrity of its financial system, the European banking network cut off Estonia and Lithuania, he added.

More here.

DHS Appoints Cyber Security Official


Homeland Security Secretary Janet Napolitano announced the appointment of Philip Reitinger today as the new deputy undersecretary of DHS’ National Protection and Programs Directorate. He will work on DHS’ efforts to protect the government’s computer systems, the department said in a statement.

Reitinger comes to the department from Microsoft Corp., where he serves as a senior security strategist. The deputy undersecretary position was previously held by Scott Charbo.


German Intelligence 'Tapped' Foreign Desktops

John Daly writes on

The German foreign intelligence service, the Bundesnachrichtendienst (BND), has eavesdropped on 2,500 PCs in the last couple of years.

News magazine Der Spiegel broke the news on its website this weekend. According to the magazine, information saved on HDDs was copied and transferred to Pullach, where the BND is headquartered. In various other cases, keyloggers were installed to capture passwords for email accounts.

A new note has been issued, giving new operating procedures which will put a clamp on the service's desktapping attempts.

Legally, the BND is treading in murky waters. According to the note, a civil servant with the qualification to be a judge must keep tabs on any wiretap attempts and decide if a suspect may be monitored under restriction of commensurability. The German Constitutional Court set rules when and how PCs within Germany may be tapped, setting the bar high and thereby defeating a new federal law proposed by minister of the interior Wolfgang Schaeuble. The current legal basis for the BND's attempts to infiltrate PCs and networks does not fulfill the requirements set by the Constitutional Court last year. HDD and PCs may only be monitored if there is stone-hard evidence of a threat for legally protected, utmost interests.

Last year, Der Spiegel discovered the BND had intercepted emails sent between a reporter working for the magazine and Afghan minister Amin Farhang. Pakistani nuclear scientist Abdul Qadir Khan was another target, as well as PC networks in Iraq. PCs of German nongovernmental aid group Welthungerhilfe stationed in Afghanistan were also spied upon.

Former minister of the interior and Liberal Democrat Gerhart Baum expressed his outrage today, stating the government had lied to and cheated him. In the last few months, German parliament the Bundestag was in negotiations with the government about the prerequisites and procedure of 'online searching', as it is called in Germany. Baum states the government ensured all parties online monitoring was so complex, it was merely resorted to in a few cases each year. The newest figures are in stark contrast to the government's statements, which were made during sensitive talks. Baum sees no adequate legal basis for bugging PCs in foreign countries.

More here.

Motorola Security Chief: 'Outlaws and Terrorists' Amplify Security Challenges

Ellen Messmer writes on NetworkWorld:

The current era is marked by tumultuous change, high speed and huge danger, said Motorola's corporate security officer Bill Boni, based on his perspective of more than 30 years as a security practitioner.

"Outlaws and terrorists are now positioned to compete -- and sometimes win -- against nation states," said Boni in his presentation Monday at the Infosec conference. Criminals are coming together to "leverage the Internet," sometimes more effectively than the good guys do, he said. Add in the global economic crisis, and Boni said the current era is the most dangerous he can recall.

"I've never seen the world this unstable and dangerous," said Boni, who recently was put in charge of Motorola's physical security as well as information security. From terrorist attacks such as the devastating attack on a hotel in Mumbai to infiltration of payment card networks, as occurred at Heartland Payment Systems, it's clear "there's unprecedented risk to organizations and people," Boni noted.

For security professionals trying to protect corporate assets, there is a need to respond quickly to changes to help companies survive in these trying times, he pointed out. "Speed is the mega-trend facing the organization," Boni said.

More here.

U.S. House Hearing: U.S. in 'Dangerous' Cyber Security State

Angela Moscaritolo writes on SC Magazine US:

Public and private cybersecurity experts, in a hearing before Congress on Tuesday, discussed goals and challenges of federal government cybersecurity initiatives going forward.

During the hearing before the U.S. House Subcommittee on Emerging Threats, Cybersecurity, Science and Technology, witnesses discussed goals for the 60-day review of federal government cybersecurity initiatives ordered last month by President Obama. The review is underway, being overseen by former Bush aide, Melissa Hathaway. [SC Magazine erroneously reported on Monday that she was scheduled to present an update on the review's status to the committee.]

“We find ourselves in an extremely dangerous situation today – too many vulnerabilities exist on too many critical networks, which are exposed to too many skilled attackers who can inflict too many damages to our systems,” said Rep. Yvette Clarke, D-N.Y., who chairs the subcommittee, during opening statements. “Unfortunately, to this day, too few people are even aware of these dangers, and fewer still are doing anything about it.”

Amit Yoran, chairman and CEO at cyberintelligence firm NetWitness, who was among the witnesses that testified at Tuesday's hearing, said the federal cybersecurity mission needs improvement. Yoran said the White House must lead efforts, which should involve the intelligence community and the private sector.

More here.

NSA Dominance of Cybersecurity Would Lead to 'Grave Peril', Ex-Cyber Chief Tells Congress

Kim Zetter writes on Threat Level:

The government's national cybersecurity efforts would be in "grave peril" if they were dominated by the intelligence community, said Amit Yoran, former head of the Department of Homeland Security's National Cyber Security Division.

Yoran told a House subcommittee on Tuesday that although the Department of Homeland Security, which currently oversees the government's cybersecurity efforts, has demonstrated "inefficiency and leadership failure" in those efforts, moving the cyber mission to the National Security Agency "would be ill-advised" due to the agency's lack of transparency.

Two weeks ago, Director of National Intelligence Admiral Dennis Blair told the House intelligence committee that the NSA should take over government cybersecurity duties, because the agency has the smarts and the skills for the job.

But Yoran, who served at one time as CEO of In-Q-Tel, the venture capital arm of the Central Intelligence Agency, said a cyber program overseen by the NSA would be over-classified and lack adequate oversight and review, which is needed to gain the trust of the public and private-sector partners who will be needed to secure the nation's infrastructure.

More here.

Monday, March 09, 2009

Panda: ID Theft Trojans on 1 in 100 PCs

Robert McMillan writes on InfoWorld:

Perhaps as many as 10 million PCs are infected with sneaky programs designed to steal sensitive financial information, anti-virus vendor Panda Security reports.

The company found that just over 1 percent of systems belonging to the 67 million people who tried out its free ActiveScan test site last year were infected with malicious software designed to help thieves steal sensitive information about victims. If 1 percent of the world's 1 billion computers are infected, that would mean that this kind of software is on 10 million PCs worldwide, the company reports.

These identity-theft-focused Trojan programs are becoming more sophisticated and more common. Panda's detection rate jumped 800 percent between the middle of 2008 and the end of the year, according to Carlos Zevallos, a security evangelist with the security company. "The report shows a very sobering number," he said. "We don't want it to seem that it is a hopeless battle [but] all businesses innovate, and crimeware is a business."

More here.

Pie Chart of The Week: Reasons for Using Internet Explorer

Via GraphJam.


- ferg

SCADA Watch: New DHS Cyber-Security Working Group Links Agencies

Hilton Collins writes on Government Technology:

The U.S. Department of Homeland Security has created a collaborative venture for public- and private-sector organizations in order to nip problems in the bud that are associated with industrial control systems -- at least the ones that can be nipped by computer.

The Control Systems Security Program (CSSP), offered by the Department of Homeland Security's National Cybersecurity Division, has created the Industrial Control Systems Joint Working Group (ICSJWG) to allow the federal government to work with vendors and state and local agencies to address high-tech issues in their operations. The Department of Homeland Security issued a press release in February 2009 about the work group, but the group had already been established earlier in January.

"Basically what we focus on in the industrial control systems, or ICS community -- it's that connection between the cyber-world, or virtual world, and the real world," explained Sean McGurk, the director of control systems security in the National Cyber Security Division. "Essentially it's everything that you see in the real world that is controlled by a computer, for all intents and purposes."

This includes systems that run aquariums and zoos, people movers, roller coasters, data centers, power generation and distribution at nuclear facilities, chemical processing and manufacturing, oil and natural gas pipeline systems, heating and air conditioning -most of what anyone could think of in the systems-control arena.

Because so many of these systems are computerized, they're also vulnerable to security holes.

More here.

NASA Plans Improved 'Internet in Space'

Sean Gallagher writes on

NASA’s Deep Space Network is on the way toward becoming a true Internet in space, thanks to the agency’s research and investment in software-defined radios (SDRs). Also, the agency is preparing an SDR test module for the International Space Station that will be capable of connecting the station with an uplink of 100 megabits per second.

Pat Elben, the chairman of NASA’s software defined radio architecture and technology team (SAT) at NASA’s Space Communications and Navigation directorate, told attendees at the IDGA’s Software Radio Summit that the agency is setting up a new test platform. The platform, named the Communication Navigation and Networking Reconfigurable Testbed (CoNNeCT) will help NASA test waveforms based on the agency's Space Telecommunications Radio System (STRS), NASA's own standard for space-rated software-defined radio systems.

CoNNeCT will be added to the International Space Station in 2011, and demonstrate communications between the space station and the Tracking and Data Relay Satellite constellation that makes up the backbone of NASA’s network with three radio systems -- the Electra radio that flew aboard MRO, the General Dynamics Starlight radio, and the Orion radio -- the system being designed for NASA's follow-on to the space shuttle.

More here.

FBI Warns of Online Car-Sales Scam


Scam artists are now posing as members of the United States military in a new ruse to dupe consumers buying vehicles on the Internet, the Federal Bureau of Investigation (FBI) warns.

These scammers claim they’ve either been sent overseas to improve military relations or need to sell their vehicles “quickly and cheaply” because of upcoming deployments to Iraq or Afghanistan, FBI officials say.

This is a new twist to an old scam that continues to rip-off unsuspecting consumers buying cars and other vehicles on the Internet, the FBI says.

“Victims find attractively priced vehicles advertised at different Internet classified ad sites,” the agency warns. “Most of the scams include some type of third-party vehicle protection program to ensure a safe transaction.”

After consumers receive what the FBI calls “convincing e-mails from the phony vehicle protection program,” they are told to send either the full payment -- or a percentage of the payment -- to the third-party agent using a wire payment service.

More here.

IPv6 Fails to Penetrate Internet

Maxwell Cooter writes on TechWorld:

Only a small percentage of the Internet supports the emerging protocol IPv6 despite the technology being mandated [.pdf] by the US government.

Figures from the web monitoring company Pingdom showed that just four percent of the Internet supports IPv6. Furthermore, an examination of the traffic at the Internet's biggest exchange AMS-IX showed that just 0.25 percent of Internet traffic is IPv6 and that the world is expected to run out of IP addresses by 2012. Pingdom doesn't pull punches on this, describing the situation as a "crisis".

That's not something that Internet numbering authority ICANN will go along with, "I don't think that a word like "crisis" is a helpful way to characterise the situation. Clearly, a lot of people need to do a lot of work but the work that needs to be done is achievable and in many cases has already started," said Leo Vegoda number resources manager at ICANN's IP address adjunct IANA.

Of course, It wasn't supposed to be like this: Pingdom showed a slide from a Cisco presentation from 2002 which suggested that IPv6 would be fully adopted by 2007. "Generally speaking, if you look at the current state of things, adoption will have to be sped up significantly over the coming 2-3 years. At the current rate, we'll have IPv6 fully deployed a decade or so later than when we need it, said a Pingdom spokesman.

More here.

More Charges Filed in Palin e-Mail Hacking Case

David Kernell

An AP newswire article by Duncan Mansfield, via, reports that:

Three more federal charges have been filed against a University of Tennessee student charged with hacking into the personal e-mail account of Sarah Palin, the Alaska governor and former Republican vice presidential nominee.

David Kernell, the son of a Democratic Tennessee legislator, pleaded not guilty to all charges Monday, and a magistrate agreed to push back his trial from May to October.

Kernell allegedly gained access to Palin's account in September by correctly answering a series of personal security questions.

The new counts are fraud, unlawful electronic transmission of material outside Tennessee and attempts to conceal records to impede an FBI investigation.

An earlier indictment against Kernell was unsealed in October. He pleaded not guilty and was released on several conditions, including staying away from his computer except for school work.

More here.

Defense Tech: Counter Cyber Intelligence

Kevin Coleman writes on DefenseTech:

Professional spies in the service of nation states, businesses, organized crime and terrorist organizations target and steal secret information from the public and private sectors to use and sell. Traditional foreign espionage efforts attack the heart of national security and any country's well-being. Non-traditional espionage efforts attack the competitiveness and prosperity of our businesses.

When you add the recent increases in cyber intelligence collection efforts, the threat has risen to unprecedented levels and triggered numerous warnings from experts around the globe. To put this threat in perspective, in the 2008 Top Ten Cyber Security Menaces by the SANS Institute, cyber espionage ranked number three. In order to counter this threat, you need to understand counter intelligence and counter cyber intelligence.

Counter Intelligence (CI) is defined as the efforts made by intelligence organizations to prevent adversaries or enemy intelligence organizations from gathering and collecting sensitive information or intelligence about them. Many governments create counter intelligence organizations separate and distinct from their intelligence collection counterparts.

Counter Cyber Intelligence (CCI) is defined as all efforts made by one intelligence organization to prevent adversaries, enemy intelligence organizations or criminal organizations from gathering and collecting sensitive digital information or intelligence about them via computers, networks and associated equipment. CCI are measures to identify, penetrate, or neutralize computer operations that use cyber weapons as a means and mechanism to collect information.

More here.

Australia: Bottle Domains Hacked, Credit Card Information of 60,000 Stolen

Mark Hawthorne writes on The Age:

In January the personal account details, including credit card numbers, of up to 60,000 customers were stolen from Bottle Domains by a computer hacker, who has allegedly tried to sell the information on the internet.

The Australian Federal Police is investigating and a 22-year-old Perth man has been arrested over the theft and charged with dishonestly dealing in personal financial information.

It seems that Bottle's records were hacked into, and the account information stolen, despite claims that the company was compliant with the latest security standards.

According to industry website eCommerce Report, the alleged thief offered the file of customer records for sale on a hackers website in February — eCommerce even obtained a screen grab of the file posted by the hacker — which included the complete customer credit card details of 25,000 people.

More here.

Australia: NSW Police to Get Hacking Powers

Renai LeMay writes on ZDNet Australia:

The New South Wales Government has unveiled plans to give state police the power to hack into computers remotely, with owners potentially remaining in the dark about the searches for up to three years.

The new powers are part of a package introduced into parliament last week by Premier Nathan Rees. Broadly, they aim to give police the right to apply for covert search warrants from the Supreme Court to gather evidence in cases which could involve serious indictable offences punishable by at least seven years' imprisonment.

Judges issuing the new warrants could authorise owners not being told about the searches for up to three years (under exceptional circumstances), NSW Police Minister Tony Kelly said in a statement, with police having to apply for several extensions to get the full period.

Rees said the laws would enable computers to be searched, including access to "computers networked to a computer at the premises being searched".

More here.

Sunday, March 08, 2009

Classic xkcd: Pirate Bay

Click for larger image.

We love xkcd.


- ferg

New Airport Security Rules to Require More Personal Information

Jon Hilkevitch writes on The Chicago Tribune:

You may have been patted down at airports or suffered the indignity of having your dirty laundry from a vacation searched at screening checkpoints. Now prepare yourself for security to get a little more personal.

Passengers making airline reservations soon will be required to provide their birth date and their sex in addition to their names as part of aviation security enhancements the 9/11 Commission recommended. The information provided at the time seats are booked must exactly match the data on each traveler's ID.

The new program, called Secure Flight, shifts responsibility for checking passenger names against "watch lists" from the airlines to the Transportation Security Administration. Only passengers who are cleared to fly by the TSA will be given boarding passes.

Personal data on most passengers will be retained for no more than seven days, agency officials said.

But privacy advocates say the changes amount to a system of government control over travel. U.S. airlines carry about 2 million passengers per day. Opponents also have protested that combing through personal information won't result in better security.

More here.

Hat-tip: Pogo Was Right

UK Police Under Fire in New Database Row

Phil Muncaster writes on

Just a day after the Information Commissioner raided a firm for possessing a covert database of construction workers’ personal information, it emerged that the police force is keeping a potentially illegal database listing the details of political activists and journalists.

In a Guardian newspaper investigation, the Metropolitan Police force, which is said to have pioneered surveillance techniques at demonstrations, was accused of storing details including names, photographs, political associations and video footage of protesters and reporters.

The information is stored on CrimInt, a centralised database used by all police to catalogue criminal intelligence, the report said.

The information was obtained by the paper via Freedom of Information requests, court testimony, an interview with a senior Met oficer and police surveillance footage.

According to reports, the data is held by the police for up to seven years, and reviewed each year, so it is unclear whether the ICO will decide to investigate possible breaches of the Data Protection Act.

However, the storage of details belonging to people who have not been convicted or accused of a crime could contravene the Human Rights Act.

More here.

Monkey Man

Live it.

- ferg

Play With Fire (1965)


- ferg

Paint It Black


- ferg

Under My Thumb


- ferg

Harlem Shuffle

Another great.

- ferg

Mothers Little Helper

"What a drag it is getting old."

- ferg

Honky Tonk Woman (Live in Hyde Park 1969)


- ferg

Doo Doo Doo Doo Doo (Heartbreaker)


- ferg

Far Away Eyes


A Bakersfield kind of song.

- ferg

Midnight Rambler

On a roll here.. I should back to normal in the morning.

- ferg

Sympathy For The Devil

More fun on a late night rampage.


- ferg

Gimme Shelter

I have to say, I do love the early Stones above almost everything...


- ferg

You Can't Always Get What You Want

Say no more.

Still the best.

- ferg