Saturday, July 11, 2009

RFID Chips in Official IDs Raise Privacy Fears

An AP newswire article by Todd Lewan, via The San Jose MercuryNews, reports that:

Climbing into his Volvo, outfitted with a Matrics antenna and a Motorola reader he'd bought on eBay for $190, Chris Paget cruised the streets of San Francisco with this objective: To read the identity cards of strangers, wirelessly, without ever leaving his car.

It took him 20 minutes to strike hacker's gold.

Zipping past Fisherman's Wharf, his scanner detected, then downloaded to his laptop, the unique serial numbers of two pedestrians' electronic U.S. passport cards embedded with radio frequency identification, or RFID, tags. Within an hour, he'd "skimmed" the identifiers of four more of the new, microchipped PASS cards from a distance of 20 feet.

Embedding identity documents — passports, drivers licenses, and the like — with RFID chips is a no-brainer to government officials. Increasingly, they are promoting it as a 21st century application of technology that will help speed border crossings, safeguard credentials against counterfeiters, and keep terrorists from sneaking into the country.

But Paget's February experiment demonstrated something privacy advocates had feared for years: That RFID, coupled with other technologies, could make people trackable without their knowledge or consent.

He filmed his drive-by heist, and soon his video went viral on the Web, intensifying a debate over a push by government, federal and state, to put tracking technologies in identity documents and over their potential to erode privacy.

Putting a traceable RFID in every pocket has the potential to make everybody a blip on someone's radar screen, critics say, and to redefine Orwellian government snooping for the digital age.

More here.

Cheney Is Linked to Concealment of CIA Project

Scott Shane writes in The New York Times:

The Central Intelligence Agency withheld information about a secret counterterrorism program from Congress for eight years on direct orders from former Vice President Dick Cheney, the agency’s director, Leon E. Panetta, has told the Senate and House intelligence committees, two people with direct knowledge of the matter said Saturday.

The report that Mr. Cheney was behind the decision to conceal the still-unidentified program from Congress deepened the mystery surrounding it, suggesting that the Bush administration had put a high priority on the program and its secrecy.

Mr. Panetta, who ended the program when he first learned of its existence from subordinates on June 23, briefed the two intelligence committees about it in separate closed sessions the next day.

More here.

Friday, July 10, 2009

U.S. Toll in Iraq, Afghanistan

Iraq and Afghanistan statistics via The Boston Globe (AP).

As of Friday, July 10, 2009, at least 4,323 members of the U.S. military had died in the Iraq war since it began in March 2003, according to an Associated Press count.

The figure includes nine military civilians killed in action. At least 3,460 military personnel died as a result of hostile action, according to the military's numbers.

The AP count is three fewer than the Defense Department's tally, last updated Friday at 10 a.m. EDT.

As of Friday, July 10, 2009, at least 657 members of the U.S. military had died in Afghanistan, Pakistan and Uzbekistan as a result of the U.S. invasion of Afghanistan in late 2001, according to the Defense Department. The department last updated its figures Friday at 10 a.m. EDT.

Of those, the military reports 489 were killed by hostile action.

More here and here.

And as always, the Iraq Coalition Casualty Count keeps the grim watch on their website here.

Honor the Fallen.

Image of The Day: Popularity of Iranian Unrest in The News


- ferg

A Step in The Right Direction: Twitter Suspends Accounts of Users With Infected Computers

Jeremy Kirk writes on InfoWorld:

Twitter is suspending the accounts of some users whose computers have fallen victim to a well-known piece of malicious software that has targeted other sites such as Facebook and MySpace.

The malware, Koobface, is designed to spread itself by checking to see if person is logged into a social network. It will then post fraudulent messages on the person's Twitter account trying to entice friends to click the link, which then leads to a malicious Web site that tries to infect the PC.

The popular microblogging service has had a strong impact as a new communication platform, such as providing on-the-ground insight from participants in the recent protests over the presidential election in Iran. But it is also being targeted by fraudsters and hackers, who using it as a way to infect people's PCs with malicious software.

Twitter is the latest site to be targeted by a Koobface variant, said Rik Ferguson, senior security advisor for Trend Micro. Other sites have included Bebo, Hi5, Friendster and LiveJournal, according to the U.S. Computer Emergency Readiness Team.

"Koobface has a long, inglorious history and has been relatively successful at infecting machines," Ferguson said.

More here.

Report Says Wiretaps Got Too Little Legal Review

James Risen and Eric Lichtblau write on The New York Times:

The warrantless surveillance program approved by President George W. Bush after the Sept. 11 attacks received too little legal review at its inception and its ultimate effectiveness was unclear, according to an in-depth review released Friday by the inspectors general of five federal agencies.

The Bush administration had defended the wiretapping program, one of the government’s most highly classified operations to have been disclosed in recent years, as a vital intelligence-gathering tool that gave intelligence officials the ability to respond more quickly to possible terrorist threats.

But the independent auditors, reviewing the program at the request of Congress, found that other intelligence tools used in assessing threats provided more timely information and that the value of the program was unclear.

The report said that while the program obtained information that “had value in some counterterrorism investigations, it generally played a limited role in the F.B.I.’s overall counterterrorism efforts.”

In addition, most intelligence officials interviewed as part of the review group “had difficulty citing specific instances” in which the wiretapping program contributed to successes against terrorists.

More here.

Lawmaker Wants ‘Show of Force’ Against North Korea for Website Attacks

Kim Zetter writes on Threat Level:

A key Republican lawmaker on Thursday urged President Obama to launch a cyber attack against North Korea, or increase international sanctions against the communist country, in the wake of an unknown hacker’s denial-of-service attacks on U.S. and South Korean websites.

Rep. Peter Hoekstra (R-Michigan), the lead Republican on the House Intelligence Committee, said the U.S. should conduct a “show of force or strength” against North Korea for a supposed role in a round of attacks that hit numerous government and commercial websites this week.

Hoekstra, speaking on the conservative America’s Morning News radio show, produced by the Washington Times newspaper, said that “some of the best people in America” had been investigating the attacks and concluded that most likely “all the fingers” point to North Korea as the culprit.

They’re reaching the conclusion that this was a state act and that “this couldn’t be some amateurs,” claimed Hoekstra, in direct opposition to what security experts have actually been saying.

He added that North Korea needed to be “sent a strong message.”

More here.

Thursday, July 09, 2009

Mark Fiore: Technology

More Mark Fiore brilliance.

Via The San Francisco Chronicle.


- ferg

PCs Used in Korean DDoS Attacks May Self Destruct

Brian Krebs writes on Security Fix:

There are signs that the concerted cyber attacks targeting U.S. and Korean government and commercial Web sites this past week are beginning to wane. Yet, even if the assaults were to be completely blocked tomorrow, the attackers could still have one last, inglorious weapon in their arsenal: New evidence suggests that the malicious code responsible for spreading this attack includes instructions to overwrite the infected PC's hard drive.

According to Joe Stewart, director of malware research at SecureWorks, the malware that powers this attack -- a version of the Mydoom worm -- is designed to download a payload from a set of Web servers. Included in that payload is a Trojan horse program that overwrites the data on the hard drive with a message that reads "memory of the independence day," followed by as many "u" characters as it takes to write over every sector of every physical drive attached to the compromised system.

Stewart said he tested the self-destruct Trojan in his lab and found that it indeed erases the hard drive on the compromised system. For now, however, the Mydoom component isn't triggering that feature.

"One possibility is there's a bug in the code and it's supposed to run but it doesn't," Stewart said. "Or, there may be a time factor involved, where it's not supposed to erase the hard drive until a certain time."

More here.

Lessons for Your Website from U.S., S. Korean Attacks

Robert Lemos writes on ComputerWorld:

On July 4, a botnet estimated to contain between 30,000 and 60,000 compromised computers received new marching orders: Attack five U.S. government Web sites.

By Tuesday, the attack had widened, hitting at least 26 government, financial and news Web sites in the United States and South Korea. The attack escaped the notice of many network monitoring firms, who labeled it a "modest" packet flood, but severely impacted some of the targeted sites. Many sites, such as the White House's online hub, stoically weathered the attack, while others, such as the Federal Trade Commission's site, became inaccessible for long hours or days.

Companies should look at the attacks as a reminder to test their preparedness, says Amit Yoran, CEO of security firm NetWitness and the former head of the National Cyber Security Division at the U.S. Department of Homeland Security.

"If this can happen to mature organizations that really understand what the threat environment looks like-and are still falling victim to this stuff-it sends an ominous signal to other companies, who might not be as ready as they would like," says Yoran.

More here.

Chinese Spying Claimed in Purchases of NSA Crypto Gear

Kevin Poulsen writes on Threat Level:

A Chinese national was indicted this week for conspiring to violate U.S. export law, following a nearly three-year investigation into his alleged efforts to acquire sensitive military and NSA-encryption gear from eBay and other internet sources.

Chi Tong Kuok, of Macau, told Defense Department and Customs investigators that he had been “acting at the direction of officials for the People’s Republic of China,” according to a government affidavit in the case. “Kuak indicated he and PRC officials sought the items to figure out ways to listen to or monitor U.S. government and military communications.”

Kuok was arrested at the Atlanta International Airport last month en route from Paris to Panama, where he allegedly planned to meet an undercover federal agent he believed was going to provide him with military radios. He was transferred to California, where he was indicted Tuesday for money laundering, conspiracy, smuggling and one count of attempting to export a defense article without a license.

The U.S. began investigating Kuok in December 2006, when, using the first of many aliases, the man allegedly e-mailed a contact in the defense industry in search of software for a VDC-300 airborne data controller, used for secure satellite communications from American military aircraft.

More here.

Wednesday, July 08, 2009

Lazy Hacker and Little Worm Set Off Cyber War Frenzy

Kim Zetter writes on Threat Level:

Talk of cyberwar is rampant after more than two dozen high-level websites in the United States and South Korea were hit by unsophisticated denial-of-service attacks this week. But cooler heads are pointing to a pilfered five-year-old worm as the source of the traffic, under control of a hacker who apparently did little to bolster his borrowed code against detection.

Nonetheless, the attacks have launched a thousand headlines (or thereabouts) and helped to throw kindling on some long-standing international political flames — with one sworn enemy blaming another for the aggression.

Welcome to the New World Order of cybersecurity.

As reported by numerous media outlets this week, websites belonging to the White House, Department of Homeland Security, U.S. Secret Service, National Security Agency, Federal Trade Commission, Department of Defense and the State Department, as well as sites for the New York Stock Exchange and Nasdaq were hit by denial-of-service attacks over the July 4th holiday weekend. The Washington Post website was also reportedly affected by the attacks, launched by a botnet of more than 50,000 computers in several countries (mostly China, South Korea and Japan, according to Whois records) controlled by the hacker.

Then on Tuesday, at least 11 sites in South Korea, including sites for the Ministry of Defense and the presidential Blue House, were also targeted, leading the Associated Press to publish a story prominently quoting anonymous South Korean intelligence officials blaming the attacks on North Korea.

More here.

Monday, July 06, 2009

Microsoft: Attacks on Unpatched Windows Flaw

Brian Krebs writes on Security Fix:

Microsoft warned today that hackers are targeting a previously unknown security hole in Windows XP and Windows Server 2003 systems to break into vulnerable PCs. Today's advisory includes instructions on how to mitigate the threat from this flaw.

In a security alert posted today, Microsoft said the vulnerability could be used to install viruses or other software on a victim's PC if the user merely browsed a hacked or booby trapped Web site designed to exploit the security hole. Redmond says at this time it is aware of "limited, active attacks that exploit this vulnerability."

Microsoft doesn't define "limited, active" attacks in the context of this vulnerability, but the SANS Internet Storm Center is reporting that thousands of newly compromised Web sites have been seeded with code that exploits this vulnerability. SANS also says instructions for exploiting the vulnerability have been posted to a number of Chinese Web sites.

More here.

FBI: Russian Programmer Stole Stock-Trading Secret Code

Kim Zetter writes on Threat Level:

A computer programmer working for Goldman Sachs was arrested last week on charges that he stole proprietary source code for software his employer uses to make sophisticated, high-speed, high-volume stock and commodities trades.

Sergey Aleynikov, who earned nearly $400,000 a year in his job, allegedly stole 32 megabytes of data over four days in June and transferred it to a website hosted in Germany before trying to erase his tracks from Goldman Sach’s network. He neglected to take into account, however, that the company kept a backup record of its command logs. On at least two occasions, he transferred the data remotely while logged into his company’s network from his home computer.

Aleynikov, a naturalized U.S. citizen from Russia, was arrested on July 3 at the Newark Airport in New Jersey as he exited a flight and is being held on charges related to theft of trade secrets until he posts $750,000 in bond, pays $75,000 in cash and surrenders his travel documents.

Although the complaint against him [.pdf] doesn’t name the financial institution he worked for, news outlets, and a source familiar with the case, say Aleynikov worked for Goldman Sachs.

Aleynikov allegedly stole the code in the last days before he left Goldman Sachs on June 5 to take a job with a new, unnamed firm in the high-volume trade industry that promised to pay him three times the salary he’d been earning.

More here.

In Passing: Robert McNamara

Robert McNamara
June 9, 1916 – July 6, 2009

Sunday, July 05, 2009

Forbes 2009 Top Pick for Affordable City For U.S. Families: San Jose, California

San Jose, California


If you've scaled back your summer vacation and swapped dining out for eating in, you're not alone. Americans everywhere are sweating their daily expenses.

It's likely New Yorkers are cinching their belts. That's because New York is the least-affordable metro in the nation for families, according to our calculations. Families in the Big Apple struggle to keep their budgets balanced and likely worry about paying for expenses like food, health care and housing more than residents of virtually any other major city in the country.

Though New Yorkers' earnings are high compared with the rest of the country--their median income is the eighth-highest of our survey of the country's 40 largest cities--the cost of a family's most basic living expenses is nearly as high, accounting for a whopping 93% of annual pay.

If the typical family throws in an occasional trip to the movie theater, music lessons for the kids or membership at a club or gym, they will soon find themselves in the red. Folks in cities with more money leftover will have an easier time providing for their families. Education costs were not available and were not factored into our ranking.

Another notoriously high-rent city, San Jose, Calif., falls at the other end of the spectrum, emerging as the country's most affordable major city.

More here.