Security trends for 2013

Year 2013 will be year of cyber security. CNN expects more cyber wars this year. Cybercrime is on the rise, and last year we saw more and more computer virus attacks. Security company Kaspersky Lab warns of more new cyber-threats against enterprises and mobile devices. Cyber security also relates to mobile.

Security becomes an increasingly important issue. Year 2013 is the year of cyber security. Security company Stonesoft predicts we will face a more targeted launch cyber-attacks, cyber espionage and hactivism. Cyber security is the fastest growing trend in information security and its importance will increase in the future. According to Stonesoft the current security systems are unable to provide adequate protection against targeted attacks: we require proactive cyber protection and willingness to face the unknown threats.

Hacktivism will continue. According to article Anonymous: ‘Expect us 2013′ the hacking group boasted its cyberattacks against the U.S., Syrian, and Israeli governments in 2012. They are also warning people to continue to expect this type of activity.

SCADA security was hit hard in 2012. Some of the big manufacturers hit hard have learned their lessons and test their devices more now. But how are some smaller manufacturers security testing? Metasploit has special category for SCADA
devices.
Good idea to test your devices against it.

There is still work to do on Cyber security standards and SCADA standards. For example in very widely used automation security standard IEC 61508 security is addresses only in informative way (NOT MANDATORY. IEC 62443-2-4: A Baseline Security Standard for Industrial Automation Control Systems is a good starting point when thinking on SCADA systems security.

Nowadays you need to think about SCADA system security more then some years ago. Previously, it was thought that it is sufficient to isolate factory process automation system from the office networks and the Internet. This is no longer enough. Nowadays you need to think about information security of production of automation systems. You can’t keep the automation systems isolated from Internet. Accidental connections to Internet from isolated networks happen. Malware can spread through USB memory sticks (Stuxnet did that). And nowadays there are more and more business reasons to connect process automation systems to other networks. So automations system do not anymore live in complete isolation from rest of the world.

Systems with SCADA vulnerabilities have become easier to find. Hackers tap SCADA vuln search engine article tells a search engine that indexes servers and other internet devices is helping hackers to find industrial control systems that are vulnerable to tampering. Search engine Shodan easily pinpoints shoddy industrial controls. Shodan makes it easy to locate internet-facing SCADA, or supervisory control and data acquisition, systems used to control equipment at gasoline refineries, power plants and other industrial facilities. The search engine can also be used to identify systems with known vulnerabilities. Shodan makes networks more vulnerable to brute-force attacks on passwords, many of which may still use factory defaults.

Thousands of SCADA Devices Discovered On the Open Internet article tells that there are all the time news of the continuing poor state of security for industrial control systems. The pair of researchers with found found not only devices used for critical infrastructure such as energy, water and other utilities, but also SCADA devices for HVAC systems, building automation control systems, large mining trucks, traffic control systems, red-light cameras and even crematoriums. Never underestimate what you can do with a healthy list of advanced operator search terms and a beer budget.

Researchers have also found crippling flaws in GPS receivers. Global Positioning System infrastructure critical to the navigation of a host of military and civilian technologies including planes, ships and unmanned drones. GPS system is also used to generate accurate clocks in SCADA system and smart grid devices. Researchers showed that they could permanently de-synchronise the date of Phasor Measurement Units used in smart grid and cause UNIX epoch rollover in a few minutes. The overall landscape of GPS vulnerabilities is startling.

crystalball

Happy now? Mobiles, cloud, big data now ‘a growing security risk’ article tells that innovations in mobile and cloud computing, social technology and the use of “big data” present an emerging risk to organisations’ IT security, experts have warned. The European Network and Information Security Agency (ENISA), which is an EU advisory body, said that those technologies would increasingly provide the platform for “most of the innovation expected in the area of IT” and warned that with their emergence would come an associated increased cyber threat. ENISA warned that the threat stemming from mobile computing comes from the fact that mobile communications take place over “poorly secured … or unsecured channels”. The most significant threat stems from hackers inserting malicious software in website browser and other software available on mobile devices. Cyber criminals could also use the capabilities of cloud computing for their own gains, such as by storing malware in those systems and using the technology as a platform to launch attacks.

Drive-by downloads attacks against web browsers have become the top web threat. More specifically, attackers are moving into targeting browser plugins such as Java (Java exploits are the major cross-platform threat), Adobe Reader and Adobe Flash. The drive-by download attacks are almost exclusively launched through compromised legitimate websites which are used by attackers to host malicious links and actual malicious code. Exploits are sold for considerable amount of money and quickly included into exploit kits.

Africa’s Coming Cyber-Crime Epidemic article tells that last decade may have just been the first step in a looming African cyber-crime wave. Africa has the world’s fastest-growing middle class, whose members are increasingly tech-savvy and Internet connected and lax law enforcement is a perfect petri dish for increased cybercrime.

European wide cyber police started. EU’s new European Cybercrime Centre (EC3) was just opened few days ago. The facility will act as the “focal point” in the EU’s fight against cybercrime, against both businesses and private citizens. EC3 will act as a hub where crime-fighters can pool expertise and information, support criminal investigations and help develop and spread best practice. It will work with industry to develop threat assessments. It will work closely with the FBI and the US Secret service, in addition to other foreign agencies.

1,930 Comments

  1. Tomi Engdahl says:

    Inside TAO: Documents Reveal Top NSA Hacking Unit
    http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969.html

    The NSA’s TAO hacking unit is considered to be the intelligence agency’s top secret weapon. It maintains its own covert network, infiltrates computers around the world and even intercepts shipping deliveries to plant back doors in electronics ordered by those it is targeting.

    In January 2010, numerous homeowners in San Antonio, Texas, stood baffled in front of their closed garage doors.

    In the United States, a country of cars and commuters, the mysterious garage door problem quickly became an issue for local politicians. Ultimately, the municipal government solved the riddle. Fault for the error lay with the United States’ foreign intelligence service, the National Security Agency, which has offices in San Antonio. Officials at the agency were forced to admit that one of the NSA’s radio antennas was broadcasting at the same frequency as the garage door openers. Embarrassed officials at the intelligence agency promised to resolve the issue as quickly as possible, and soon the doors began opening again.

    It was thanks to the garage door opener episode that Texans learned just how far the NSA’s work had encroached upon their daily lives. For quite some time now, the intelligence agency has maintained a branch with around 2,000 employees at Lackland Air Force Base, also in San Antonio. In 2005, the agency took over a former Sony computer chip plant in the western part of the city.

    Reply
  2. Tomi Engdahl says:

    Dell, others named in NSA spying program
    http://www.scmagazine.com.au/News/368562,dell-others-named-in-nsa-spying-program.aspx

    The best-selling servers of Dell are among a swathe of IT products released by US companies that have been compromised by the National Security Agency, information security enthusiasts were told at a conference overnight.

    Delivering a keynote speech at the 30th Chaos Computer Club conference in Hamburg, Germany, Tor contributor-cum-Der Spiegel journalist Jacob Applebaum presented a snapshot of dozens of zero day exploits used to spy on both US citizens and foreigners.

    Applebaum revealed numerous leaked NSA-branded slides detailing the agency’s armoury of exploits – most of which are yet to be published by any news outlet, providing fleeting glimpses of the headlines SC readers should expect to see over the coming weeks.

    Applebaum explained that the NSA had compromised many of these server hardware systems at the BIOS level.

    The NSA’s documents boast that these exploits work across servers running the Microsoft Windows, Linux, FreeBSD and even Sun Solaris operating systems.

    “How many people in Al Qaida are using Solaris?” Applebaum asked the crowd, referring to an operating system now owned by Oracle and most often used by western telcos, large banks and other corporations.

    “[The NSA] are interested in compromising systems, not just people,” he said. “They want to colonise systems with these tools.”

    One NSA-created slide specifically pointed out that Dell’s best-selling PowerEdge servers (1850, 2850, 1950, 2950), which the Texas-based vendor has sold in Australia since 2005, all feature a vulnerability that allows the NSA to post spyware iton the BIOS using either remote access or via the inserting of a USB drive.

    [The humble USB drive, often handed out as free gifts at IT fairs, was the expected attack vector for the Stuxnet virus, which sabotaged an Iranian power plant and several other industrial systems across the globe that used the same Siemens controller as Iran's nuclear enrichment program.]

    A related NSA exploit – named GODSURGE – uses a JTAG debugging interface in the Dell PowerEdge 1950 and 2950. A JTAG debugging interface is usually used to test the BIOS/firmware for bugs, but it can also be used to reflashthe BIOS from scratch.

    “Why did they release these servers with that software?” Applebaum asked the audience. “Is that a bug or a backdoor? This is an Advanced Persistent Threat.”

    HP’s popular Proliant 380DL G5 server was named in an NSA slide as being a target for another tool, IRONCHEF, which extracted data from the server using two-way RF communication.

    This exploit, however, required what the NSA terms ‘interdiction’ – physical access to a target’s server for the installation of a hardware-based implant.

    Beyond servers and switches, the NSA’s extensive list of exploits included IRATEMONKEY, which replaces the firmware on hard drives produced by Western Digital, Seagate, Maxtor and Samsung to retrieve data from laptops and desktop computers.

    One NSA slide revealed how a combination of the SOMBERKNAVE, VALIDATOR and OLYMPUS exploits can be used to extract data from Windows XP PCs that are “air-gapped”, i.e. not connected to any public networks. After taking control of a nearby wireless access point, SOMBERKNAVE is able to connect to a machine even if its embedded 802.11 device (WiFi cards are standard fare in business and consumer PCs) has been disabled.

    A further slide revealed that the NSA has developed USB cables called COTTONMOUTH that – whilst appearing to be industry standard – feature embedded bugs to tap wireless network traffic and gain access to a user’s machine.

    The NSA has developed its own base station routers as well as tools that mimic base stations – the latter being a ‘GSM Telephone Tripwire’ imaginatively named ‘CANDYWIRE’.

    Applebaum told the 30c3 audience that he expects the InfoSec community to now search systems for evidence of the NSA malware in use.

    “A lot of malware researchers will have a lot to say about this in the future,” he said.

    July 2013 at the Black Hat conference to prove beyond doubt that SIM cards could be compromised.

    “The NSA says that nobody will come to harm” from its computerised spying programs, Applebaum said, as the hacking tools it has created “will never be used by a third party”.

    The fact that Nohl’s team at Security Research Labs used some of the same techniques as the NSA to gain access to SIM cards proved “how wrong the NSA is on this,” he said.

    The danger for users, Applebaum reasoned, was that “for every Karsten there are hundreds of people paid to do this full-time who never tell anybody”, referring to criminal hackers that break into networks for financial gain.

    He also left IT security managers with a handy tip to begin their search. He suggested they search for suspect traffic sent via the UDP protocol and secured by the RC6 encryption algorithm

    Reply
  3. Tomi Engdahl says:

    Report: NSA intercepts computer deliveries
    http://www.washingtonpost.com/business/technology/report-nsa-intercepts-computer-deliveries/2013/12/29/dc14c3da-70a2-11e3-bc6b-712d770c3715_story.html?clsrd

    A German magazine lifted the lid on the operations of the National Security Agency’s hacking unit Sunday, reporting that American spies intercept computer deliveries, exploit hardware vulnerabilities, and even hijack Microsoft’s internal reporting system to spy on their targets.

    Der Spiegel said TAO had a catalog of high-tech gadgets for particularly hard-to-crack cases, including computer monitor cables specially modified to record what is being typed across the screen, USB sticks secretly fitted with radio transmitters to broadcast stolen data over the airwaves, and fake base stations intended to intercept mobile phone signals on the go.

    Reply
  4. Tomi Engdahl says:

    NSA’s toolkit horrify : ” Statements like science fiction ”

    For example, the iPhone can be presented in the presentation of the document to be seized by SMS or GPRS connection .

    The U.S. National Security Agency , or NSA spying scandal escalates and more precise. Dating from 2007, the new documents disclose the NSA’s spy network of technical sophistication of a stir in more detail than ever before.

    Documents presented to the German Der Spiegel on Sunday and Monday

    Document the origin is uncertain. For example, Edward Snowden was not mentioned.

    Application implants , which are code names such as validator, Commondeer , United Rake and Stuxnet , is installed on the NSA by the iPhone, sim cards , as well as Juniper , Huawei and Cisco routers.

    So far it is not known whether the companies NSA’s victims , or whether they do any co-operation with the Agency .

    Over wireless networks, malicious software can be installed on up to eight miles, or about 12 miles away.

    The method can be outraged , as especially critical to the construction of the safety instructions usually require that the new devices are checked against the operation .

    “Either the NSA has been pretty much LSD or read [ science fiction writer ] Philip K. Dick ,” Applebaum cleaved .

    ” Or maybe both. Maybe there was thought that Philip K. Dick’s books are not enough dystopistisia and wanted to put better.”

    Source:
    NSA:n työkalupakki pöyristyttää: “Otteet kuin tieteiskirjallisuudesta”
    http://www.hs.fi/ulkomaat/a1388386976926?jako=55aebca8e8e68fbda38ca7dd8ec97946

    Reply
  5. Tomi Engdahl says:

    NSA’s ANT Division Catalog of Exploits for Nearly Every Major Software/Hardware/Firmware
    http://leaksource.wordpress.com/2013/12/30/nsas-ant-division-catalog-of-exploits-for-nearly-every-major-software-hardware-firmware/

    After years of speculation that electronics can be accessed by intelligence agencies through a back door, an internal NSA catalog reveals that such methods already exist for numerous end-user devices.

    When it comes to modern firewalls for corporate computer networks, the world’s second largest network equipment manufacturer doesn’t skimp on praising its own work. According to Juniper Networks’ online PR copy, the company’s products are “ideal” for protecting large companies and computing centers from unwanted access from outside. They claim the performance of the company’s special computers is “unmatched” and their firewalls are the “best-in-class.” Despite these assurances, though, there is one attacker none of these products can fend off — the United States’ National Security Agency.

    Specialists at the intelligence organization succeeded years ago in penetrating the company’s digital firewalls. A document viewed by SPIEGEL resembling a product catalog reveals that an NSA division called ANT has burrowed its way into nearly all the security architecture made by the major players in the industry — including American global market leader Cisco and its Chinese competitor Huawei, but also producers of mass-market goods, such as US computer-maker Dell. See: Cisco / Dell Comments Re: NSA Backdoors

    Reply
  6. Tomi Engdahl says:

    NSA Hackers Get the ‘Ungettable’ With Rich Catalog of Custom Tools
    http://www.wired.com/threatlevel/2013/12/nsa-hacking-catalogue/

    While most Americans spend their time shopping Amazon, Target and Apple.com, the National Security Agency’s elite team of hackers spends its time shopping a secret high-end catalog of custom tools designed to subvert firewalls, servers, and routers made by U.S. firms, impersonate a GSM base station to intercept mobile phone calls, or siphon data from a wireless network.

    “For nearly every lock, ANT seems to have a key in its toolbox,” der Spiegel writes. “And no matter what walls companies erect, the NSA’s specialists seem already to have gotten past them.”

    With names like PICASSO, IRATEMONKEY, COTTONMOUTH, and WATERWITCH, the various tools allow NSA snoops to map networks and not only monitor data but surreptitiously divert it or modify it.

    A 50-page catalog from the NSA’s ANT Division provides a handy list of tools NSA employees can order to hack a target’s hardware and include prices that range from free to $250,000, according to der Spiegel.

    Reply
  7. Tomi Engdahl says:

    Don’t Want Your Laptop Tampered With? Just Add Glitter Nail Polish
    http://www.wired.com/threatlevel/2013/12/better-data-security-nail-polish/

    If you’re traveling overseas, across borders or anywhere you’re afraid your laptop or other equipment might be tampered with or examined, you’ve got a new secret weapon to improve security. Glitter nail polish.

    Don’t laugh. It works.

    Security researchers Eric Michaud and Ryan Lackey, making a presentation at the Chaos Communication Congress on Monday, highlighted the power of nail polish – along with metallic paints and even crappy stickers – to help people know when their machines have been physically tampered with and potentially compromised.

    Physical tampering with machines, whether by governments, corporate competitors or data thieves looking for bounty, is a growing problem. Businesspeople traveling to China in particular have reported problems with data theft and hardware tampering. While drive encryption, strong passwords and software-based measures might keep causal thieves out, traveling offers many ways for prying eyes to physically compromise a laptop, Lackey and Michaud noted. Border areas can be especially dangerous, as authorities can confiscate a laptop or cell phone to “examine” it, then return it with the drives imaged or malware installed.

    Short of keeping a machine with you 24/7, there is little you can do to be absolutely sure these things don’t happen, the researchers said. I

    Some travelers affix tamper-proof seals over ports or chassis screws. But these seals can in fact be replicated or opened cleanly in minutes by anyone with even minimal training, Michaud and Lackey said. They instead advise borrowing a technique from astronomers called blink comparison. Here’s where the glitter comes in.

    The idea is to create a seal that is impossible to copy. Glitter nail polish, once applied, has what effectively is a random pattern. Once painted over screws or onto stickers placed over ports, it is difficult to replicate once broken. However, reapplication of a similar-looking blob (or paint stripe, or crappy sticker) might be enough to fool the human eye. To be sure, the experts recommend taking a picture of the laptop with the seals applied before leaving it alone, taking another photo upon returning and using a software program to shift rapidly between the two images to compare them.

    By taking the picture with a cellphone that is kept with you at all times, you can be reasonably sure the original picture hasn’t been tampered with or replaced.

    Reply
  8. Tomi Engdahl says:

    Hacking and Philosophy: Surveillance State
    http://hackaday.com/2013/12/30/hacking-and-philosophy-surveillance-state/

    As the article explains, IRATEMONK is

    An implant hidden in the firmware of hard drives from manufacturers including Western Digital, Seagate, Maxtor and Samsung that replaces the Master Boot Record (MBR).

    It isn’t clear whether the manufacturers are complicit in implanting IRATEMONK in their hardware, or if the NSA has just developed it to work with those drives. Either way, it raises an important question: how do we know we can trust the hardware? The short answer is that we can’t. According to the text accompanying the graphic, the NSA

    …[installs] hardware units on a targeted computer by, for example, intercepting the device when it’s first being delivered to its intended recipient, a process the NSA calls ‘interdiction.’

    He came to my university to give a lecture on his experiences with the surveillance state and made some interesting points worth repeating. The first of which is that information is a commodity, and access to your personal life is valuable. By providing these agencies with large amounts of personal data, you’re essentially “flooding the market.” If everyone shared their data to this extent, he thinks the surveillance state couldn’t keep up (and if you haven’t seen [Elahi's] talk, it goes WAY beyond Facebook: he takes pictures of every meal he eats, every toilet he uses, every hotel room…everything).

    It’s an interesting idea, and if we truly are becoming a culture of sharing, such a future may be inevitable

    Here’s where I break with this strategy: during his lecture at my university, [Elahi] seemed to suggest that interested governmental entities (NSA, FBI, etc.) sort through this data with people, who—when faced with the overwhelming mountain of pointless photographs—will give up trying to profile you.

    Reply
  9. Tomi Engdahl says:

    OpenSSL Safe From NSA’s Grubby Mitts
    http://vpncreative.net/openssl-safe-nsas-grubby-mitts/

    Due to an accidental bug in the programming, OpenSSL does not rely on the same flawed random number generator Dual EC DRBG that the NSA and its intelligence counterparts had already cracked for a good ten years running now.

    “The nature of the bug shows that no one has been using the OpenSLL Dual EC DRBG.”

    After facing increasing levels of controversy over the pas several months the Dual EC DRBG standard was finally outed as a flawed architecture earlier this year by security contractor and international whistleblower Edward Snowden, affirming the suspicion that many netsec expers had been raising quietly but were too apprehensive to take public until now.

    Reply
  10. Tomi Engdahl says:

    Blame Silicon Valley for the NSA’s data slurp… and what to do about it
    Hive mind gloop and legal sophistry paved the way
    http://www.theregister.co.uk/2013/12/31/blame_silicon_valley_for_the_nsas_data_slurp_and_what_to_do_about_it/

    Widespread ridicule has greeted the announcement that eight giant technology companies led by Google and including Facebook and LinkedIn were going to save us from the NSA.

    The ridicule is thoroughly justified, for trusting giant corporations – whose business models rely on selling your identity to advertisers – to safeguard your privacy is like hiring a kleptomaniac to guard the sweet shop.

    Both practically and philosophically, today’s giant web corporations are incapable of defending you – and how can they, when don’t really accept that the individual really exists? In Silicon Valley, the individual is merely a phantom: a collection of patterns, or a node secreting data into one of its giant analytical processing factories.

    Spooky action at a distance

    Edward Snowden’s revelations confirmed that 20 years after it was opened to the public for commercial access, the internet is subject to the same casual warrant-free surveillance as the circuit-switched telephone network. Fantasies that the internet would put us beyond the reach of the spooks turned out to be just that: fantasies. Only a fraction of Snowden’s material has been released, and much of it is banal: spies spy on foreign powers, for example. But the material did confirm that the physical infrastructure of packet communication is completely compromised, and security backdoors are apparently commonplace.

    Yet at least the NSA is subject to democratic scrutiny. Technology companies are not. The scrutiny of the NSA may have been supine and ineffective

    What I find far more disturbing than anything in Snowden’s cache is the fact that Silicon Valley’s internet companies have been complicit in denuding citizens of the privacy an individual requires to be an individual.

    While you were out fighting SOPA, we left you this note

    One of the most ironic sights of 2013 was seeing the fugitive Snowden open up a laptop emblazoned with stickers for the EFF, the Electronic Frontier Foundation. The EFF is just one of many groups that receives money from the technology industry – with Google leading the handouts – waging a ceaseless war on the individual’s digital rights, while claiming to defend them.

    These groups also loudly claim to be privacy watchdogs – yet have turned their meek protest into a funding activity. And guess who’s doing the funding? When Google and Facebook settled their respective Buzz and Beacon privacy lawsuits, the biggest beneficiaries were not individuals but “organizations that are currently paid by [Defendant] to lobby for or to consult for the company”

    Why any Silicon Valley ‘bill of rights’ will guarantee you never have any

    Well, you can adopt DIY crypto tools, and try to teach your neighbour to use them. But most will give up long before they’re proficient in them – which means affordable powerful legal tools for the individual to exercise against government and corporations are vital.

    Because the web industry has spent 20 years fighting the application of individual property rights to digital things, like data, we can expect it to fight very hard for a meaningless set of “rights” that don’t protect your privacy. Through campaigns branded with the over-used phrase “open data”, the web industry has even persuaded governments to give away potentially lucrative data for nothing, without a penny being returned to the investor: the taxpayer. Yet without being able to assert property-ish rights (rights that exclude others), you’ll never have any privacy.

    Reply
  11. Tomi Engdahl says:

    Not All Bugs Are Random
    http://www.drdobbs.com/cpp/not-all-bugs-are-random/240165035

    By looking at a program’s structure, we can sometimes predict circumstances in which it is particularly likely to fail.

    Serious as these problems may be, there is an even more important reason for white-box testing: security. Security bugs are even harder to detect during testing than performance bugs because one has to assume that security bugs will be exploited maliciously. Many security bugs are really failures to implement correctly a requirement of the form “No matter what the input to this program is, it must not do X.” Black-box testing is generally able to verify only what a program does, not what it does not do.

    However, with a suitable combination of white-box testing and instrumentation, we can often be much more confident in the absence of at least certain kinds of security bugs.

 We’ll discuss such techniques further next week.

    Reply
  12. Tomi Engdahl says:

    Former Head of NSA Calls For Obama To Reject NSA Commission Recommendations
    http://news.slashdot.org/story/13/12/31/048212/former-head-of-nsa-calls-for-obama-to-reject-nsa-commission-recommendations

    “Retired general Michael Hayden … called on President Obama Monday to … reject many of the recommendations of the commission he appointed to rein in NSA surveillance …”

    Reply
  13. Tomi Engdahl says:

    Ex-NSA chief calls for Obama to reject recommendations
    http://www.usatoday.com/story/news/politics/2013/12/30/gen-michael-hayden-urges-obama-reject-nsa-commission-recommendations/4249983/

    Retired general Michael Hayden, former director of the National Security Agency and the Central Intelligence Agency, called on President Obama Monday to show “some political courage” and reject many of the recommendations of the commission he appointed to rein in NSA surveillance operations.

    Obama, who received the report from the five-member advisory committee just before he left to vacation in Hawaii, has promised to make “a pretty definitive statement” in January about its 46 recommendations. He appointed the panel in the wake of a firestorm over disclosures by former NSA contractor Edward Snowden about surveillance of all Americans’ telephone calls and spying on German Chancellor Angela Merkel and other friendly foreign leaders.

    The commission, led by former acting CIA director Michael Morell, said the recommendations were designed to increase transparency, accountability and oversight at the NSA.

    “Right now, since there have been no abuses and almost all the court decisions on this program have held that it’s constitutional, I really don’t know what problem we’re trying to solve by changing how we do this,” he said, saying the debate was sparked after “somebody stirred up the crowd.” That’s a reference to Snowden, who was granted asylum in Russia.

    Reply
  14. Tomi Engdahl says:

    Yes, the BBC still uses FTP. And yes, a Russian crook hacked the server
    Convenient file-store a convenient target for crook touting access
    http://www.theregister.co.uk/2013/12/30/bbc_ftp_server/

    A BBC FTP server http://ftp.bbc.co.uk was compromised by a Russian hacker and access to it touted online, say computer security researchers.

    FTP is a 1970s vintage protocol for transferring information in bulk over the internet; its use is discouraged because usernames and passwords to log into accounts are sent over the network unencrypted, although there are ways to establish secure connections.

    The hacked service was used by reporters to file material from the field, and by advertisers to upload video to BBC Worldwide channels.

    Reply
  15. Tomi Engdahl says:

    U.S. to China: We Hacked Your Internet Gear We Told You Not to Hack
    http://www.wired.com/wiredenterprise/2013/12/nsa-cisco-huawei-china/

    The headline news is that the NSA has surreptitiously “burrowed its way into nearly all the security architecture” sold by the world’s largest computer networking companies, including everyone from U.S. mainstays Cisco and Juniper to Chinese giant Huawei. But beneath this bombshell of a story from Der Spiegel, you’ll find a rather healthy bit of irony.

    After all, the United States government has spent years complaining that Chinese intelligence operations could find ways of poking holes in Huawei networking gear, urging both American businesses and foreign allies to sidestep the company’s hardware. The complaints grew so loud that, at one point, Huawei indicated it may abandon the U.S. networking market all together. And, yet, Der Speigel now tells us that U.S. intelligence operations have been poking holes in Huawei networking gear — not to mention hardware sold by countless other vendors in both the States and abroad.

    “We read the media reports, and we’ve noted the references to Huawei and our peers,” says William Plummer, a Huawei vice president and the company’s point person in Washington, D.C. “As we have said, over and over again — and as now seems to be validated — threats to networks and data integrity can come from any and many sources.”

    Reply
  16. Tomi Engdahl says:

    Apple Denies Working with NSA on iPhone Backdoor
    http://allthingsd.com/20131231/apple-says-it-is-unaware-of-nsas-iphone-backdoor/

    Apple just responded to newly released documents claiming that the U.S. National Security Agency has a method for gaining backdoor access to its iPhone. It says it has never worked with the agency, and is unaware of the alleged program targeting the iPhone known as DROPOUTJEEP.

    The program was disclosed in a trove of documents leaked yesterday and shared by the security researcher Jacob Appelbaum and the German news magazine Der Spiegel.

    Reply
  17. Tomi Engdahl says:

    Orange to take legal action after report of spying via its cable
    http://www.reuters.com/article/2013/12/30/us-usa-security-orange-idUSBRE9BT0MN20131230

    Orange (ORAN.PA) is preparing its legal response to a report alleging the U.S. National Security Agency (NSA) accessed customers’ data transmitted by a submarine cable partly used by the French telecoms operator.

    German website Spiegel Online said it had seen documents showing the NSA had tapped telecoms data from the cable running from Marseille to North Africa and Asia.

    Orange uses the submarine cable along with 13 other telecoms companies, which collectively operate the cable.

    Reply
  18. Tomi Engdahl says:

    Skype social media platforms hacked by ‘Syrian Electronic Army’
    http://www.bbc.co.uk/news/technology-25572771

    The social media platforms of Skype have been hacked by a group claiming to be the Syrian Electronic Army (SEA).

    The group posted anti-surveillance messages, including a message telling people not to use email services of Microsoft, the owner of Skype.

    It claimed “they are monitoring your accounts and selling the data to the governments”.

    Reply
  19. Tomi Engdahl says:

    How the NSA hacks PCs, phones, routers, hard disks ‘at speed of light’: Spy tech catalog leaks
    It’s not as bad as you thought – it’s much worse
    http://www.theregister.co.uk/2013/12/31/nsa_weapons_catalogue_promises_pwnage_at_the_speed_of_light/

    Reply
  20. Tomi Engdahl says:

    Dual_EC_DRBG Backdoor: a Proof of Concept
    http://it.slashdot.org/story/14/01/01/1830238/dualecdrbg-backdoor-a-proof-of-concept

    “Dual_EC_DRBG is an pseudo-random number generator promoted by NIST in NIST SP 800-90A and created by NSA. This algorithm is problematic because it has been made mandatory by the FIPS norm (and should be implemented in every FIPS approved software)”

    ” It is quite obvious in light of the recent revelations from Snowden that this weakness was introduced by purpose by the NSA. It is very elegant and leaks its complete internal state in only 32 bytes of output”

    Reply
  21. Keeping Your Data Private From the NSA « Tomi Engdahl’s ePanorama blog says:

    [...] over the NSA’s controversial PRISM surveillance program (check the latest comments on my Security trends for 2013 article) after top-secret slides detailing the massive electronic surveillance programme were [...]

    Reply
  22. free pokebank subscription says:

    Wow, amazing weblog format! How lengthy have you been running a blog for? you make running a blog look easy. The overall look of your website is great, let alone the content material!

    Reply
  23. apc says:

    Aw, this was an incredibly nice post. Taking a few minutes and actual effort to produce a good article… but what can I say… I put things off
    a whole lot and don’t seem to get nearly anything done.

    Reply
  24. Website says:

    Melontek provides Exchange Hosting at reasonable costs.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*