September 2011
68 posts
5 tags
August 2011
64 posts
4 tags
6 tags
Justice Dept. Moves to Block Merger Between AT&T... →
The Justice Department filed a lawsuit on Wednesday to block the proposed $39 billion merger between AT&T and T-Mobile USA on antitrust grounds, saying a deal between the nation’s second- and fourth-largest wireless phone carriers would substantially lessen competition, result in higher prices and give consumers fewer innovative products.
Full Article
4 tags
Akamai employee tried to sell secrets to Israel →
A 43-year-old former Akamai employee has pleaded guilty to espionage charges after offering to hand over confidential information about the Web acceleration company to an agent posing as an Israeli consular official in Boston. Starting in September 2007, Elliot Doxer played an elaborate 18-month-long game of cloak-and-dagger with James Cromer, a man he thought was an Israeli intelligence...
5 tags
Pakistan bans online encryption for the good of... →
A new order issued to ISPs from the Pakistan Telecommunication Authority (PTA) directs them to block all encrypted traffic on their networks. A PTA spokesperson told local media the reasoning was to prevent militants from using VPN traffic to coordinate themselves. According to a memo sent to ISPs, the PTA has ordered them to immediately block and prohibit the use of “…all such mechanisms...
5 tags
6 tags
Mac Lion blindly accepts any LDAP password →
Apple’s latest version of Mac OS X is creating serious security risks for businesses that use it to interact with a popular form of centralized networks. People logging in to Macs running OS X 10.7, aka Lion, can access restricted resources using any password they want when the machines use a popular technology known as LDAP for authentication. Short for Lightweight Directory Access...
5 tags
Dutch Government Scrambling To Reassure Citizens... →
Call it “RSA on the Rhine.” Government officials in The Netherlands were left scrambling Tuesday to reassure nervous citizens that the country’s digital ID system, dubbed DigID, was safe after it was revealed that DigiNotar, the certificate authority that backs the DigID system, had been compromised by hackers and used to issue fraudulent certificates. In a statement on...
5 tags
Digital Certificate Authority Hacked, Dozens Of... →
DigiNotar confirms it was breached and Google.com just one of ‘several dozens’ of fraudulently issued digital certificates obtained by hackers and now revoked
Full Article
8 tags
Iranian Man-in-the-Middle Attack Against Google... →
What’s worse than finding a worm in your apple? Finding half a worm. What’s worse than discovering that someone has launched a man-in-the-middle attack against Iranian Google users, silently intercepting everything from email to search results and possibly putting Iranian activists in danger? Discovering that this attack has been active for two months. People all over the world use Google...
10 tags
Attackers Obtain Valid Cert for Google Domains,... →
A certificate authority in the Netherlands issued a valid SSL wildcard certificate for Google to a third party in July, leading to concerns that attackers may have been using the certificate to route sensitive traffic through their own servers, capturing it and compromising user data in the process. The certificate was revoked by the CA, DigiNotar, after the problem came to light Monday.
Full...
6 tags
6 tags
6 tags
5 tags
6 tags
6 tags
Dangerous Cybercrime Treaty Pushes Surveillance... →
As part of an emerging international trend to try to ‘civilize the Internet’, one of the world’s worst Internet law treaties—the highly controversial Council of Europe (CoE) Convention on Cybercrime—is back on the agenda. Canada and Australia are using the Treaty to introduce new invasive, online surveillance laws, many of which go far beyond the Convention’s intended levels of...
2 tags
Stealing ATM PINs with thermal cameras →
At the USENIX Security Symposium last week, researchers Keaton Mowery, Sarah Meiklejohn and Stefan Savage from the University of California at San Diego presented their paper “Heat of the Moment: Characterizing the Efficacy of Thermal Camera-Based Attacks.” Inspired by previous research on safecracking by Michał Zalewski, they thought it would be easier for a criminal to snoop on ATM...
5 tags
Why IP Addresses Alone Don't Identify Criminals →
This spring, agents from Immigration and Customs Enforcement (ICE) executed a search warrant at the home of Nolan King and seized six computer hard drives in connection with a criminal investigation. The warrant was issued on the basis of an Internet Protocol (IP) address that traced back to an account connected to Mr. King’s home, where he was operating a Tor exit relay. An exit relay is...
6 tags
6 tags
On Pseudonymity, Privacy and Responsibility on... →
This whole persona/pseudonym argument may seem like a tempest in a teapot, but the fact is, the forum for public discourse is no longer the town hall, or newspaper, or fliers on the street. It is here on the Internet, and it is happening in communities like this, hosted by private sector companies. Freedom of speech is not guaranteed in these places. As Lawrence Lessig once said,”the code...
5 tags
Amazon, Dropbox, Google and You Win in Cloud-Music... →
The disk drives powering Dropbox, Amazon’s Cloud Drive, and Google Music likely issued a small sigh of relief Monday, after a federal court judge found that the MP3tunes cloud music service didn’t violate copyright laws when it used only a single copy of a MP3 on its servers, rather than storing 50 copies for 50 users. For Amazon and Google’s nascent cloud music services, the decision clears the...
6 tags
5 tags
3 tags
Assange Battle Escalates: Ex-Wikileaks Spokesman... →
Tensions between WikiLeaks founder Julian Assange and ex-spokesman Daniel Domscheit-Berg have escalated. According to information obtained by SPIEGEL, the former deputy destroyed thousands of unpublished documents entrusted to WikiLeaks. The information they contained appears to be lost forever.
Full Article
3 tags
Former WikiLeaks associate destroyed potentially... →
Daniel Domscheit-Berg, the former spokesperson for WikiLeaks, is said to have destroyed more than 3,000 documents, taken when he left the organization. Based on statements from WikiLeaks, the documents would have been explosive to say the least, considering the topics they covered. The news comes from German reporters at Der Spiegel, who said that more than 3,500 unpublished files were gone,...
8 tags
9 tags
1 tag
The Five Levels of ISP Evil →
Recently a number of ISPs have been caught improperly redirecting end-user traffic in order to generate affiliate payments, using a system from Paxfire. A class action lawsuit has been filed against Paxfire and one of the ISPs. This is a serious allegation, but it’s the tip of the iceberg. I’m not sure if everyone understands the levels of sneakiness that service providers can engage in. So,...
8 tags
6 tags
5 tags
Lawmakers Call for Probe of Medical Devices After... →
Two federal lawmakers have asked the General Accountability Office to look into the security of medical devices after a researcher showed how he was able to hack his insulin pump and alter settings due to security flaws in the system. Representatives Anna Eshoo (D-CA) and Ed Markey (D-MA), members of the House Energy and Commerce Committee, asked the GAO this week to investigate the safety of...
10 tags
4 tags
GingerMaster Malware Seen Using Root Exploit for... →
The evolution of mobile malware seems to be accelerating, especially as it applies to Android malware. The newest example of this rapid change is the appearance of GingerMaster, a variant of the DroidKungFu malware that now sports a root exploit for Android 2.3 and gives the attacker complete control of the infected device.
Full Article
8 tags
2 tags
Not an option: time for companies to embrace... →
Major social networks, e-mail providers, and communications companies offer products with insecure default settings, needlessly exposing their customers to hacking, identity theft, and government surveillance. Some firms offer security options that can be used to protect against common attacks; however, they are frequently so hidden in obscure configuration menus as to be invisible to the...
4 tags
Long Beach Police on Lookout for Photos with “No... →
What do you think of this photo of a refinery by photographer Sander Roscoe Wolff? Apparently Long Beach police don’t think very highly of it. Wolff was detained after capturing it last month, and now the police chief is saying that stopping photographers for photos with “no apparent esthetic value” is part of department policy.
Full Article
6 tags
3 tags
Top German Hacker Slams OpenLeaks Founder →
Former WikiLeaks deputy Daniel Domscheit-Berg has been expelled from Germany’s top hacker group, the Chaos Computer Club. In an interview, the group’s spokesman Andy Müller-Maguhn told SPIEGEL how he lost faith in Domscheit-Berg and his new whistleblowing project OpenLeaks.
Full Article
7 tags
5 tags
Nymwars: Thoughts on Google+ →
There’s something important happening around Google . It’s the start of a rebellion against the idea of “government authorized names.” (A lot of folks foolishly allow the other side to name this as “real names,” but a real name is a name someone calls you.)
Full Article
3 tags
Respawn Redux / Tracking without Cookies →
I thought I’d take the time to elaborate a bit further regarding the technical mechanisms described in our ‘Flash Cookies and Privacy II’ paper that generated a bit of buzz recently. For a bit of background, I, along with Chris Hoofnagle and Nathan Good, had the honor of supervising Mika Ayenson and Dietrich J. Wambach in replicating our previous 2009 study which found...
8 tags
6 tags
Repressing the Internet, Western-Style →
Did the youthful rioters who roamed the streets of London, Manchester and other British cities expect to see their photos scrutinized by angry Internet users, keen to identify the miscreants? In the immediate aftermath of the riots, many cyber-vigilantes turned to Facebook, Flickr and other social networking sites to study pictures of the violence. Some computer-savvy members even volunteered to...
8 tags
8 tags
9 tags
7 tags
8 tags
7 tags
