Wednesday, December 16, 2009

Iraqi Insurgents Hack U.S. Drones

Siobhan Gorman, Yochi J. Dreazen, and August Cole write in The Wall Street Journal:

Militants in Iraq have used $26 off-the-shelf software to intercept live video feeds from U.S. Predator drones, potentially providing them with information they need to evade or monitor U.S. military operations.

Senior defense and intelligence officials said Iranian-backed insurgents intercepted the video feeds by taking advantage of an unprotected communications link in some of the remotely flown planes' systems. Shiite fighters in Iraq used software programs such as SkyGrabber -- available for as little as $25.95 on the Internet -- to regularly capture drone video feeds, according to a person familiar with reports on the matter.

U.S. officials say there is no evidence that militants were able to take control of the drones or otherwise interfere with their flights. Still, the intercepts could give America's enemies battlefield advantages by removing the element of surprise from certain missions and making it easier for insurgents to determine which roads and buildings are under U.S. surveillance.

The drone intercepts mark the emergence of a shadow cyber war within the U.S.-led conflicts overseas. They also point to a potentially serious vulnerability in Washington's growing network of unmanned drones, which have become the American weapon of choice in both Afghanistan and Pakistan.

More here.

Mark Fiore: Happy Bonusmas

More Mark Fiore brilliance.

Via The San Francisco Chronicle.


- ferg

New Zealand: Conficker Cripples Waikato District Health Board


Waikato District Health Board has been crippled by a computer worm which has seen every PC in the organisation shut down.

While the main hospital in Hamilton and smaller outlying hospitals were continuing to function, spokeswoman Mary-Ann Gill said it was important people only came for treatment if it was absolutely necessary.

Emergency care was still available but those arriving for routine appointments were being affected, as were GPs who often made referrals to hospitals via email.

"We are asking GPs to only make urgent referrals," she said.

"We need to keep as many people out of hospitals as we can."

Ms Gill said DHB technicians were working on a computer upgrade overnight when things started to go awry.

"About 2am they noticed there were some issues with the computers. By 4am they realised a computer virus had got into our whole system.

More here.

House Delays Patriot Act Spy Vote

David Kravets writes on Threat Level:

The House on Wednesday tabled for two months legislation reforming U.S. surveillance law, a move that delays a collision with a competing Senate version.

The move, which is expected to be followed by the Senate within days, extends provisions of the Patriot Act that are expiring at year’s end. The act, hastily adopted six weeks after the 2001 terror attacks, greatly expanded the government’s ability to spy on Americans in the name of national security.

A key difference between the House and Senate packages concerns the standard by which the FBI may issue so-called National Security Letters — although Wednesday’s vote prolongs the time for more backroom negotiations. Reforming NSL powers is a key bone of contention in the Patriot Act debate, even though it is not one of the three Patriot Act provisions expiring Dec. 31.

NSLs allow the FBI, without a court order, to obtain telecommunication, financial and credit records relevant to a government investigation. The FBI issues about 50,000 NSLs annually, and an internal watchdog has found repeated abuses of the NSL powers.

More here.

Tuesday, December 15, 2009

FireFox 3.5.6 Released

Get it now.

Fixed in Firefox 3.5.6:

MFSA 2009-71 GeckoActiveXObject exception messages can be used to enumerate installed COM objects
MFSA 2009-70 Privilege escalation via chrome window.opener
MFSA 2009-69 Location bar spoofing vulnerabilities
MFSA 2009-68 NTLM reflection vulnerability
MFSA 2009-67 Integer overflow, crash in libtheora video library
MFSA 2009-66 Memory safety fixes in liboggplay media library
MFSA 2009-65 Crashes with evidence of memory corruption (rv:

Document Details Help TJX Hacker Gave Prosecutors

Kim Zetter writes on Threat Level:

Admitted TJX hacker Albert Gonzalez has identified two Russian accomplices who helped him hack into numerous companies and steal more than 130 million credit and debit card numbers.

Gonzalez told prosecutors that the hackers breached at least four card processing companies, as well as a series of foreign banks, a brokerage house and several retail store chains, according to a sentencing memo filed by his lawyer on Tuesday that was incorrectly redacted.

The document reveals that six months after his May 2008 arrest, Gonzalez located and provided prosecutors with the “complicated” and “lengthy” password to decrypt his laptop, which contained “a vast array of historical data and communications” that helped the government indict other members of Gonzalez’s team, and could be used in future search warrants. It also reveals that Gonzalez drew prosecutors a map that helped them find more than $1.1 million that he had buried in his parents’ backyard.

Gonzalez is scheduled to be sentenced on Dec. 21 in two cases out of New York and Massachusetts involving hacks into TJX, Dave & Busters restaurant chain and numerous other companies, though his sentencing is likely to be delayed. On Tuesday, the government asked for an 8-12 week continuance to give Gonzalez a psychological examination, following a defense claim that the hacker suffers from Asperger’s syndrome and may not have the “capacity to knowingly evaluate the wrongfulness of his actions.” That information was revealed in an exhibit filed with the sentencing memo that describes a psychological evaluation Gonzalez underwent with a psychologist hired by the defense.

More here.

One of the Best: I Still Love You


- ferg

Classic: Working Man

Worship as necessary.

- ferg

Don't Misunderstand Me

Keep riding.

- ferg

Evil Woman

- ferg

Putting Out Fire With...

Yeah. Listen closely.

- ferg

Random Luckiness

The only other great song by the Verve, and it is a great one.

- ferg

Life Is Like That Sometimes: Bittersweet Symphony

Life is like that sometimes...

- ferg

Sunday, December 13, 2009

CNNIC Will Begin to Require Hard Copy Domain Name Applications

David Goldstein writes on

The China Internet Network Information Center, CNNIC, have announced applicants for .CN domain names will be required to submit hard copy (paper) applications in addition to their online application as of 14 December 2009.

The hard copy application will need to include the original application form with business seal, company business license (photocopy), and registrant ID (photocopy). Registrars have been advised they are required to carefully review the application material, and when an application is deemed to meet the requirements, they are to submit the application material via fax or email to CNNIC and withhold the original application material.

If CNNIC does not receive the formal paper-based application material within five days or the application material does not meet requirements, the domain name applied for will be deleted.

More here.

Note: This should help dramatically cut back on malicious .CN domain registrations by Eastern European criminals -- stay tuned. -ferg

Report: Russian Investor in Talks to Buy ICQ

Steven Musil writes on C|Net News:

AOL is reportedly in talks to sell its ICQ instant-messaging service to a Russian Internet investment group.

Digital Sky Technologies (DST) is in negotiations to acquire ICQ for between $200 million and $250 million, according to Russian newspaper Vedomosti. ICQ, which AOL purchased in 1998 for $400 million, has about 8.4 million unique monthly visitors in Russia and is the No. 1 instant-messaging service in that country, according to market researcher ComScore.

AOL, which was recently spun off from Time Warner, was rumored last month to have hired investment bankers Morgan Stanley and Allen & Co. to find a buyer for the instant-messaging service.

DST, one of the leading Internet groups in Russia, made a $200 million investment in Facebook in May.

AOL representatives did not immediately respond to requests for comment.


Russia: Domain "блог.рф" (blog.rf) Registered By Russian Security Service

Alexey Sidorenko writes on Global Voices Online:

Domain "блог.рф" (blog.rf) was registered by the Russia Special Communications and Information Service (formerly known as FAPSI), part of the Federal Security Service), LJ-user di09en reports [Russian language] citing the info on WHOIS.


U.S. Spooks Storing UK Student's Fingerprints

Hilary Douglas writes on The Daily Express:

Pupils fighting a plan to digitally ­fingerprint them for cashless canteen payments have discovered the ­company employed by the school to store the data is the same one used by the American security services.

The secondary school students are worried that the biometric data could fall into the hands of identity thieves and compromise them for life.

Vericool, which supplied the ­software to Kingsbridge Community College in Devon, is owned by US ­company Anteon, used by many US government departments including security and counter terrorism.

More here.