Officials and others pondering why U.S. Army intelligence analyst Bradley Manning allegedly leaked reams of classified documents to Wikileaks need look no further than a 20-year-old CIA study on moles. Project Slammer, now partially declassified, was based on extensive prison interviews with some 30 former military and intelligence personnel who had been convicted of spying for Russia, China and other hostile powers during the Cold War, from the lowest enlisted men to senior CIA officers like Aldrich Ames. It sought to answer why they had violated the trust their agencies had bestowed on them.
Full Article (SpyTalk - blog.washingtonpost.com)
In a story that continues to get more interesting with each passing day, one of our keynote speakers for The Next HOPE is said to be in great danger of being apprehended or worse by the United States government after a source of sensitive information was arrested. Our keynote speaker, Julian Assange of Wikileaks, published a video back in April that showed U.S. troops firing on unarmed Reuters journalists in Baghdad, killing them and wounding a number of others. Attempts by Reuters to get this video through the Freedom of Information Act had failed. It was only after it was sent to Wikileaks that the truth came out and a major scandal followed.
Full Article (The Next Hope - thenexthope.com)
I was asked by our PR team today whether that was a story on the recent iPad ‘vulnerability’ that is doing the rounds in both the tech and manstream media. The vulnerability was found by Goatse Security (great name guys) and is being pitched as ‘Apple’s worse security breach’. The situation has got massively out of hand, I recieved a number of emails from worried staff today and I’ve even read that the FBI are investigating ‘the cyberthreat posed by this exposure’. This is a classic example of security researchers using FUD to manipulate the media for publicity’s sake. The media is complicit as well, while what they are reporting is factually true, the apocolyptic impacts they are espousing are laughable. The reality is that the only story is that there isn’t really a story at all.
Full Article (Cloud Computing & Bad Behaviour - jimmyblacke.com)
As part of its regular Patch Tuesday, Microsoft released an update for its various toolbars, and this update came with more than just documented fixes. The update also installs an add-on for Internet Explorer and an extension for Mozilla Firefox, both without the user’s permission. As you can see in the Windows Update screenshot above, Microsoft does not indicate that the update will install anything for either browser. It’s also not really clear what the installed extension actually does.
Full Article (Ars Technica - arstechnica)
SCO was dealt yet another blow in court today when District Judge Ted Stewart rejected the company’s motion requesting a new trial or judgement of law. In a ruling issued today, Judge Stewart sided with a jury that issued a verdict against SCO in April, finding that Novell was the rightful owner of the UNIX SVRX copyrights. According to Judge Stewart, SCO failed to demonstrate that the jury’s verdict contradicted the evidence presented in the case.
Full Article (Ars Technica - arstechnica.com)
Apple has suffered another embarrassment. A security breach has exposed iPad owners including dozens of CEOs, military officials, and top politicians. They—and every other buyer of the wireless-enabled tablet—could be vulnerable to spam marketing and malicious hacking. The breach, which comes just weeks after an Apple employee lost an iPhone prototype in a bar, exposed the most exclusive email list on the planet, a collection of early-adopter iPad 3G subscribers that includes thousands of A-listers in finance, politics and media, from New York Times Co. CEO Janet Robinson to Diane Sawyer of ABC News to film mogul Harvey Weinstein to Mayor Michael Bloomberg. It even appears that White House Chief of Staff Rahm Emanuel’s information was compromised.
Full Article (Gawker - gawker.com)
The foreign policy priorities enumerated by the State Department, from Secretary of State Clinton to senior innovation advisor Alec J. Ross to case officers abroad, now include supporting Internet freedom around the world. As always with big ideas, the devil is in the details. “The issue for governments is that the same technology used for Internet freedom can be used for porn, copyright or terrorism,” said Andrew McLaughlin, deputy chief technology officer at the White House, at Privacy Camp in Washington, D.C. this spring. Implementation of Net freedom is where the opinion of researchers, academics and public intellectuals diverge.
Full Article (O’Reilly Radar - radar.oreilly.com)
How much information does someone really need to know in order to impersonate you to a 3rd-party? Your name? Birth date? Address? Armed with easily found information such as this, and maybe a couple other key pieces of information such as the high school you went to, your dog’s name or your mother’s maiden name, an individual might be able to access your existing accounts or establish new loans or credit in your name.
Full Article (About.com - about.com)
There were two awkward moments yesterday at Apple s World Wide Developers Conference. A few sites have already made much of Steve Jobs wireless networking difficulties during his demonstration. But the real awkward moment was when Jobs launched into his defense of Apple s app approval process which was a kind of “take it or leave it” apologia that for the most part didn t answer any of the tough questions about why some apps get turned down.
Full Article (ars technica - arstechnica.com)
Is it possible that given a clean slate and likely millions of dollars, engineers could come up with the ultimate in secure network technology? The scientists at the Defense Advanced Research Projects Agency (DARPA) think so and this week announced the Clean‐Slate Design of Resilient, Adaptive, Secure Hosts (CRASH) program that looks to lean heavily on human biology to develop super-smart, highly adaptive, supremely secure networks.
Full Article (NetworkWorld - networkworld.com)
Recently, a few articles have been published regarding Tor, Wikileaks, and snooping data coming out of the Tor network. I write to remind our users, and people in search of privacy enhancing technology, that good software is just one part of the solution. Education is just as important. This is why there is a warning on the Tor download page about what Tor does and does not do. We also have a FAQ entry about this topic. Any plaintext communication over the Internet is open to intercept. This is true if the transport mechanism is email, http, tor, or carrier pigeons. Tor does not magically encrypt the Internet from end to end. Tor does wrap your traffic in encrypted layers as it transports it through the Tor network. See this diagram for a visual explanation.
Full Article (The Tor Project Blog - blog.torproject.org)
How quickly we collectively rush into the breach in an effort to lynch the rat. But, wait. Do we know the facts of the case? Really? I know that I don’t. I’m often surprised by mob rule and the ebb and flow that it encompasses. Admittedly I have been drawn in on occassion. What can I say? I’m human.
Full Article (Liquidmatrix Security Digest - liquidmatrix.org)
Federal officials have arrested an Army intelligence analyst who boasted of giving classified U.S. combat video and hundreds of thousands of classified State Department records to whistleblower site Wikileaks, Wired.com has learned. SPC Bradley Manning, 22, of Potomac, Maryland, was stationed at Forward Operating Base Hammer, 40 miles east of Baghdad, where he was arrested nearly two weeks ago by the Army’s Criminal Investigation Division. A family member says he’s being held in custody in Kuwait, and has not been formally charged.
Full Article (Threat Level - wired.com)
We’re pleased to announce that security expert Dan Kaminsky will be one of the keynote speakers at The Next HOPE, taking place in New York City July 16-18, 2010. As previously announced, Julian Assange of Wikileaks will also be keynoting. Dan KaminskyDan has a widely respected history in the computer security world, probably best known for discovering the 2008 DNS cache poisoning vulnerability, a flaw which could allow attackers to easily perform cache poisoning attacks on any nameserver. He also was key in the Sony BMG CD copy protection scandal, where Sony was found to be complicit in installing rootkits on consumer computers, making them vulnerable to all sorts of malware. Dan estimated that Sony’s rootkit had been installed on computers spanning more than 500,000 networks.
Full Article (HOPE - thenexthope.com)
