Tuesday, 10 September 2013

Google turns 15: Search giant enters mid-teen Android years

Google has officially turned 15 marking a milestone moment in the search-turned-hardware and software giant's history.
While Google has celebrated the news, like all teenagers, Google's fifteenth year looks set to be a turbulent one. This is because despite concerns from privacy groups, having taken control of well over 90 percent of the search market, Google has been increasingly eager to create new ways to monetise its valuable customer data over the last half decade.
The story of Google and its quest for customer data, as all great start-ups do, started in a basement, where in September 1998 Larry Page and Sergey Brin launched the first iteration of Google Search. Taking on the then embedded leaders, like former heavyweight Yahoo, Google proved a hit and by July 2000 the search engine was listed as the world's most popular, responsible for one billion indexes.
Riding off the early success and clearly realising the value of its search data, Google decided to embark on a wave of service releases designed to expand and refine the amount of data it could collect. This started in 2001 when it expanded its search engine to offer image search to its users. However it was only in 2005 when Google really hit its stride, releasing its Earth, Maps, Talk and Video services and making what could be argued as its most important purchase to date - Android.
The purchase of Android was a clear bid by Google to increase the data it could collect, with smartphones and tablets running the OS offering the firm a means to collect previously unknown information, like customer location data. Aware of this, Google's focus has gradually shifted to devices as well as software, with the company releasing its first own-brand Nexus device, the Nexus One in 2010 and buying former mobile heavyweight Motorola in 2011.
Since then Google's device and software development business has boomed, with Android currently being listed as the most used mobile operating system in the world. However, the success has come with a cost, with numerous privacy groups getting increasingly angry about the amount of data Google's storing. This anger culminated over the summer when it was revealed Google was one of the main companies targeted by the NSA during its PRISM campaign - which saw the agency siphon vast amounts of customer data from Google.
Unperturbed by this, Google's unveiled its latest KitKat Android version and has pushed forward with the development of its Google Glass wearable computer - a device again surrounded by privacy concerns. For this reason, while Google's first 15 years may have been entirely focused on collecting customer data, its next 15 may well be about finding ways to secure it and win back concerned customers trust - a fact apparently not lost on Google, which according to recent reports has begun working to better encrypt data being stored and passing through its data centres.

Google petitions US government again to let it publish NSA PRISM FISA requests

Google logo (Robert Scoble Flickr)
Tech giant Google has formally petitioned the US government to let it publish information detailing the Foreign Intelligence Surveillance Act (FISA) requests it received from the NSA as a part of the agency's notorious PRISM campaign.
Google's director of law enforcement and information security, Richard Salgado, and director of public policy and government affairs, Pablo Chavez, confirmed filing the petition in a public blog post. The two Google directors said the firm would also make a similar request during a meeting with the President's Group on Intelligence and Communications Technologies scheduled for Monday.
"Today we filed an amended petition in the US Foreign Intelligence Surveillance Court. This petition mirrors the requests made to Congress and the President by our industry and civil liberties groups in a letter earlier this year. Namely, that Google be allowed to publish detailed statistics about the types (if any) of national security requests we receive under the Foreign Intelligence Surveillance Act, including Section 702. Given the important public policy issues at stake, we have also asked the court to hold its hearing in open rather than behind closed doors. It's time for more transparency," read the blog post.
"In addition, along with a number of other companies and trade associations, we are meeting the President's Group on Intelligence and Communications Technologies today. We'll reiterate the same message there: that the levels of secrecy that have built up around national security requests undermine the basic freedoms that are at the heart of a democratic society."
Google is one of many companies to call on the US government to let them publish information detailing what data they released to the NSA. Prior to the Google directors admission, Microsoft's general counsel Brad Smith confirmed the two companies planned to work together in their bid to release FISA request information.
Prior to Microsoft and Google, Yahoo won a court order allowing the declassification of documents that reveal its efforts fighting the NSA's data requests. News of the PRISM scandal broke in July this year when ex-CIA analyst Edward Snowden leaked classified documents to the press. The documents showed the NSA is siphoning vast amounts of user data from big-name tech companies.
Outside of its petition to the US government Google has mounted several other initiatives designed to help protect its customers. Most recently reports broke that Google is rushing to encrypt information stored and passing through its data centres, before the NSA has a chance to scan it.

Facebook, Yahoo and Wikipedia users vulnerable to attack thanks to PHP flaw

The Facebook logo
A flaw in the PHP code used by most websites, including Facebook, Yahoo and Wikipedia, is being exploited by hackers, according to Imperva researchers.
Imperva reported detecting a campaign targeting a vulnerability in PHP with an automated wave of cyber attacks in its Hacker Intelligence Initiative [PDF] report. Imperva's web research team leader Tal Be'ery explained to V3 the vulnerability being exploited stems from a flaw in PHP's Superglobal mechanism.
"By injecting a value into an internal variable, in this case by using PHP's Superglobal mechanism, the attacker is able to change the application flow and execute arbitrary commands to take control over the server. In the attack we researched, the attackers used a vulnerability in PHPMyAdmin, a popular database management app to inject commands via a vulnerability in its handling of the Session Superglobal," explained Be'ery.
"Combined with an additional vulnerability in some PHP versions, which allowed the storing and extracting of the Session in an unsafe manner, it enabled the attacker to run arbitrary code on the infected server and take full control over it."
Be'ery said the vulnerability is particularly dangerous due to the common use of PHP and could be used by hackers for a variety of purposes. "PHP code is powering most of the web (80 percent), including high-profile sites such as Facebook, Yahoo, Baidu and Wikipedia. Since the attack is automated by nature we believe that the attackers had attempted to hack into major sites as well as smaller sites," he said.
"Server takeover [grants the attacker] full control over the server's resources, including, but not limited to, access to all of the app users' stored data, enslaving the infected server to be a ‘soldier' in a botnet and storing an infection code on the server and infecting the site's users with malware."
The Imperva report revealed the attackers have been targeting the vulnerability with increased tenacity for several months and have already used it to hack several big-name companies.
"Over the course of a month, our research team witnessed 144 attacks per application (within a sample of 24 applications) that contained attack vectors related to Superglobal parameters," read the report.
"These attacks appeared in the form of request burst floods – we have seen peaks of over 20 hits per minute, reaching up to 90 hits per minute, on a single application. Some attack campaigns spanned over a period of more than five months. One of the attack sources was a compromised server belonging to an Italian bank."
Be'ery cited the campaign as further proof that criminals are developing new more sophisticated ways to attack businesses. "I think it's evidence for the general evolution of the web threat landscape, as it shows that attackers are capable of mounting complex attacks which consist of combining multiple vulnerabilities in different products and packaging them into simple-to-use tools. I believe we will see more combined attacks in the near future," said Be'ery.
The Imperva researcher said businesses can protect themselves in a variety of ways. These include implementing an application layer mechanism capable of looking for different types of security violations on the company network, bluntly blocking Superglobal parameters in requests and avoiding reliance on third-party code, like the PHPMyAdmin (PMA) utility used in the latest exploit.
The PHP campaign is one of many advanced attacks uncovered in recent months. Trend Micro researchers last month detected a spike in the numbers of criminal groups using Java native-layer vulnerabilities to infiltrate businesses and government systems.

US achieves 98 percent success rate in Yahoo user data snooping while UK faces resistance

Yahoo building in silhouette
Internet giant Yahoo has published its first ever transparency report, revealing the extent of user data requests made by governments around the world. The firm has joined companies such as Twitter, Facebook and Google in revealing this data in a bid to explain to users how their data is handled.
Yahoo had already revealed in June that the US government had made between 12,000 and 13,000 data requests between 31 December 2012 and 31 May 2013. The official figure was revealed in this latest report as 12,444, with the requests covering 40,322 different accounts. The UK government, meanwhile, made 1,709 requests relating to 2,832 individual accounts.
The data showed how many requests resulted in the release of user content data, including emails, chat messages, address books and Flickr photos. In the UK, the majority of data requests resulted in "non-content" data being released, which includes IP addresses, login details and billing information.
Twenty-seven percent of requests made by the UK government were rejected, which Yahoo explained can be due to the requests being made outside the jurisdiction of the agency concerned, or if the information required could "not be lawfully obtained with the legal process provided". By comparison, just two percent of requests made by the US government were rejected by Yahoo.
Ron Bell, Yahoo's general counsel, explained the company's reasoning on the Yahoo Tumblr blog. "At Yahoo, we take the privacy of our users seriously," he said. "We also recognise our role as a global company in promoting freedom of expression wherever we do business."
Bell also insisted that Yahoo does not take government data requests lightly. "We regularly push back against improper requests for user data, including requests that are unclear, improper, overbroad or unlawful," Bell explained. He also affirmed that the accounts affected made up less than 0.01 percent of Yahoo's total user base.
In light of the revelations surrounding the PRISM scandal, many large tech companies have in recent months been coming forward with similar transparency reports. Firms including Microsoft and Google have gone further, instigating legal action against the US government in a bid to further increase transparency.

Google rushing to encrypt data before NSA snoops can snatch it

google logo headquarters sign search engine seo
Google is rushing to encrypt information stored and passing through its data centres in a bid to protect its customers from snooping government agencies, according to The Washington Post.
The Washington Post reported that a number of "company officials", including vice president for security engineering at Google, Eric Grosse, confirmed Google has sped up the timeline for its encryption initiative following reports linking it to the notorious PRISM scandal. "It's an arms race," The Washington Post reported Grosse as saying. "We see these government agencies as among the most skilled players in this game."
The encryption initiative was officially launched in 2012 and is designed to offer Google customers an extra layer of protection against criminals and spies. At the time of publishing, Google had not responded to V3's request for comment on The Washington Post's report.
The PRISM scandal broke in July this year when ex-CIA analyst Edward Snowden leaked classified documents to the press, showing that the US National Security Agency (NSA) is siphoning vast amounts of user data from big-name tech companies including Google, Microsoft, Facebook, Yahoo and Twitter. Since news of the PRISM operation broke, reports involving numerous other intelligence agencies, including the UK Government Communications Headquarters (GCHQ), have emerged.
The NSA has since moved to downplay the significance of PRISM, issuing a public report claiming its agents only saw 0.00004 percent of the world's web traffic while conducting their missions. Despite the admission, numerous security experts have remained sceptical. Most recently, renowned cryptographer Bruce Schneier accused the NSA of commandeering the internet. Silent Circle chief executive Mike Janke also cited PRISM as proof that businesses using cloud services such as Gmail cannot hope to protect their customers' privacy.
Encryption is a hot topic within the security community, with many viewing it as a woefully underused basic defence measure. Most recently the UK Information Commissioner's Office (ICO) issued a public report claiming a lack of knowledge about encryption technologies is causing many businesses to mishandle sensitive data.

BMPoC Team Hacked 14 NASA sub-domains,defaced Stop spy on us!

National Aeronautics and Space Administration (NASA) which is now more famous for its poor cyber security rather then any else is again under attack, this time a hacker going with the handle of BMPoC along with his team has defaced 14 official sub-domains of the agency today.
Hackers left a deface page along with a message on all hacked websites against possible U.S strike over Syria and National Security Agency NSA‘s spying over Brazilian government and population. The deface message was expressed in following words:
NASA HACKED! BY #BMPoCWe!  Stop spy on us! The Brazilian population do not support your attitude! The Illuminati are now visibly acting!
Obama heartless! Inhumane! you have no family? the point in the entire global population is supporting you. NOBODY! We do not want war, we want peace!!! Do not attack the Syrians!
All hacked domains belong to agency’s internal departments and missons such as, Kepler Mission, Arctic Mars Analog Svalbard Expedition (AMASE), NASA Events domain, Ames Academy for Space Exploration, NASA’s Office of Planetary Protection, Virtual Astrobiology, NASA recruitment domain, NASA Lunar Science Institute, Moon Fest 2009 and domain of International Lunar Network (ILN).
Links of all hacked sites along with their mirrors are available here.
This is not the first time when NASA domains were hacked by BMPoC, on April 18, 2013 the same hacker had hacked and defaced 4 official NASA domains.
At the time of publishing this article, all domains were hacked and displaying deface page left by the hackers.

Hackers leak data in preparation for Sept. 11 cyber attack

AnonGhost is Everywhere,” the reportedly pro-Syrian hacker collective posted to Twitter on Saturday.
The hacktivists – said to be based in Spain, Canada and Brazil – have taken credit on Twitter for several attacks within the past week, including leaking 500 Canadian email addresses, accessing Israel police station data, hacking 5,000 Israeli bank accounts and acquiring thousands of Israeli credit cards.
The biggest hit came on Monday, when AnonGhost claims to have leaked personal information on more than 165,000 Israelis by attacking several websites in short order. One breached website, which offered web-hosting services, provided names, phone numbers, emails addresses and passwords.
"Mauritania Attacker," alleged to be the AnonGhost team leader, told news site techworm.in that the reason Israel has been targeted is because of attacks against Palestinian innocents and children.
Some of the other sites breached in the attacks include hashraa.co.il, Yamit 2000 and the website belonging to Avishay Braverman, a member of the Knesset for the Labor Party in Israel, according to a release put out by Israel-based internet security company Maglan and reported on in English by Israeli news site israellhayom.com.
The veracity of the claims by AnonGhost will be tested on Wednesday, a day the collective seems poised to carry out a massive cyber attack and release even more information. AnonGhost has been rallying the cause on Twitter, but further proof of intention was hidden within several of the websites' codes, notably in a threatening image with the date Sept. 11 and the Twitter hash tag #OpIsraelReborn.
In preparation, the FBI issued a notice in the beginning of August stating they are aware that an “Anonymous-affiliated group” may launch a wave of cyber attacks against United States-based and foreign financial institutions.
The attack would support OP USA, a previous campaign against similar institutions that occurred in May. OP USA was officially announced and organized by “Mauritania Attacker,” according to the FBI release (PDF), “who launched OP ISRAEL and is the founder of Mauritania Hacker Team and AnonGhost Team.”
Based on the less-than-successful May iteration of this attack, the FBI seems to be considering this a minimal threat, but still encourages institutions to secure cyber infrastructure.
The Israel Hayom article indicates that Maglan reviewed more than 40,000 compromised records and verified that the information released is genuine. However, the article goes on to say that Maglan identified a number of users whose information was “not up to date and had been changed a long time ago.

PrivateRecovery’s keylogger a Nigerian 419 scam

Keylogging tools to steal personal and financial information from victims are available as a “service” from a site known as PrivateRecovery, which offers the tools for just $25 to $33 a month, according to a list of leaked records which offers an insight into the black market for keyloggers.
PrivateRecovery’s keylogger is often sent to victims disguised as a screensaver, but site users attempt to scam victims into opening it via methods including online dating scams, where the malware is delivered as a “picture” of their beloved, after a long online courtship.
Many users of PrivateRecovery appear to be “Nigerian 419 scammers”, according to security expert Brian Krebs, who was forwarded a list of around 3,000 users of the site by an unnamed contact he described as a Gray Hat hacker.
“The site was so poorly locked down that it also exposed the keylog records that customers kept on the service,” Krebs said. “Logs were indexed and archived each month, and most customers used the service to keep tabs on multiple computers in several countries. A closer look at the logs revealed that a huge number of the users appear to be Nigerian 419 scammers using computers with Internet addresses in Nigeria.”
Site users even appeared to be targeting one another, according to Information Week. Krebs speculated that this might be in-fighting, or caused by the fact that such scammers often share the same internet cafes – which might have infected machines. Krebs said that many of the email addresses revealed on the list had previously been used in dating, confidence scams and lottery scams.
Krebs said that the site allowed users to track their victims. “New victims are indexed by date, time, Internet address, country, and PC name. Each keylogger instance lets the user specify a short identifier in the “note” field (failing to manually enter an identifier in the note field appears to result in that field being populated by the version number of the keylogger used).”
Krebs also said that the service appeared to be being used in online dating scams – with some scammers disguising the keylogger software as pictures of themselves.
“While many of the victims of this keylog service appear to be 419 scammers, I found that just as often an account was apparently being used to keep tabs on trusting Americans who were being duped into sending money overseas, either in pursuit of some stolen riches or — more often — in hopes of finally meeting someone they had only met online,” Krebs wrote. “Often when I reviewed logs chronicling some sad situation in which a woman or man in the United States was apparently the victim of a romance scam, the identifier in the “note” field of each keylog record was “picture.” It seems clear that these romance scammers are infecting their bogus sweethearts by disguising the keylogger as pictures of themselves.

Dutch Media Lunch whistleblower platform for Anonymous Leak to Press

In a press release a coalition of Dutch media together lunch a new whistleblower platform.The initiative, which was drawn up in collaboration with Foundation Publeaks, is intended to protect, to denounce abuses and support. Investigative journalism whistleblowers.
Publeaks press release September 9th
The Publeaks Foundation and a large number of Dutch media outlets are today launching Publeaks.nl , a website for people to leak documents to the media securely and anonymously. The initiative is designed to protect whistleblowers, shed light on wrongdoings and encourage and support investigative journalism.
Publeaks is a secure channel. It facilitates safe leaking to the press: the sender remains completely anonymous and he or she can choose which of the participating media outlets receive documents, sound fragments or photographic material. Recipient media outlets can process these files in a protected environment.
Publeaks is based on the GlobaLeaks software package developed by the Hermes Center for Transparency and Digital Human Rights. The Publeaks organization has no access to the leaked files, does not publish anything itself and has no means of identifying the informant. Participating media outlets have committed themselves to verifying the leaked materials, finding sources to support the content and hearing all sides before publishing anything. Journalists can put questions to the anonymous informant on a secure part of the site.. The informant decides whether or not to answer them. Journalists who receive material through Publeaks will know which other media outlets have received the same material and can decide whether or not to undertake a collaborative investigation.
Publeaks is an initiative of the Publeaks Foundation. The foundation takes measures to support press scrutiny and is financed by the participating news media: AD, De Correspondent, De Groene Amsterdammer, De Volkskrant, Het Financieele Dagblad, het Parool, NOS Nieuws, NRC Handelsblad, Nieuwsuur, Nu.nl, Pownews, RTL-Nieuws, Trouw and Vrij Nederland. This collaboration of almost all leading Dutch news organisations is a unique initiative without global precedent, in a time that safety, privacy and protection of whistleblowers is more relevant than ever.

Why Using Multiple Antivirus Programs is a Bad Idea

You might think that, much like a pirate going into battle, the more weapons you have at your disposal for your protection the better: cutlass in one hand, pistol and the other, knife held between the teeth (hence the expression ‘armed to the teeth’). But while that may work in old-fashioned combat, it is not the case when it comes to protecting your system from the sea of danger it constantly faces. Running two antivirus programs at the same time is, in fact, a very bad idea. There are three reasons why:
  1. They will try to kill each other. Because antivirus programs search your system for programs that are monitoring and sending information about your system, a competing antivirus program that is monitoring and sending information about your system tends to look like a virus, so it will attempt to block it and remove it.
    A competing antivirus program that is monitoring and sending information about your system tends to look like a virus.
  2. They will fight over viruses. When an antivirus program encounters a virus, it removes it and quarantines it. But if a competing antivirus program sees that quarantined file and wants to remove and quarantine it in accordance with its own objectives, then it will repeatedly send reports and notifications about this virus that it is detecting, even though it is no longer actually a threat to your system. If you don’t want to continually get bogus warning messages, this will be a problem for you.
  3. They will sap your power. Antivirus programs use a lot of your system memory to conduct system scans and other related operations. If you have two of these operating simultaneously, your system’s effectiveness can be greatly diminished or completely wiped out altogether, and without any benefit, since the two are performing redundant operations.
When it comes to protecting your computer, more protection is not better. Take some time to do the research and choose one comprehensive antivirus suite that has been independently tested to combat the latest known malware programs and that will singlehandedly arm your system to the teeth to protect it against every type of threat.

When a wife turns whistleblower

Millionaire stockbroker Kyran McLaughlin's fall from grace is likely to have Ireland's businessmen sleeping uneasily in their beds, says Liam Collins.
SHE had it all, you would imagine. Susan McLaughlin was married to a millionaire stockbroker, she had three children with a trust fund worth over £250,000, she lived in a mansion among the Foxrock millionaires (now the residence of the Dutch ambassador) and her social life revolved around the ladies who lunch, the Carrickmines Croquet and Lawn Tennis Club and Milltown Golf Club.
Susan and her husband Kyran McLaughlin lived the charmed life of Dublin's ultra-rich. Their detached home, Goleen, off Brighton Road was just around the corner from the Torquay Road residence of his partner in Davy Stockbrokers, David Shubotham; a stone's throw away in Westminster Road lived the other joint managing director of the firm, Tony Garry.
McLaughlin, an auctioneer's son from Blackrock, Co Dublin, had come through Aer Lingus, where he had worked closely with Michael Dargan, to the charmed old world of Davys, helping to turn the stockbroking firm into one of the biggest and most profitable financial services companies in Dublin.
Shubotham became a familiar face in the owners' and trainers' enclosure at the racecourses while the more retiring McLaughlin indulged his passion for rugby, following his school Blackrock, where he had once distinguished himself both as a schoolboy and in the second row of the senior cup team.
The real payback time came in 1988 when Bank of Ireland paid £30m for 90 per cent of Davy's, making the partners multi-millionaires and leaving the four senior figures in the firm, Brian Davy, David Shubotham, Tony Garry and Kyran McLaughlin, with the remaining 10 per cent.
In the meantime Kyran McLaughlin had married an attractive Galway girl, Susan Warner, a PE teacher at Muckross school for girls in Donnybrook. They were in their early 20s when they met on the rugby-hockey hop circuit.
But money and prestige and the social whirl of the millionaire set was not enough to hold it all together. Friends say that while Susan was interested in the social scene, Kyran was quieter, very religious, devoted to his family and enjoying a couple of pints with old friends. The couple stayed together until their children had grown up, and after 25 years of marriage they finally separated officially in 1995.
The settlement remains secret, but there is no reason to think that Kyran McLaughlin was anything other than generous to his former wife.
One friend of the couple says she is among the wealthiest women in the city. But even then there were murmurs that she ``had something on him''.
He is said to be worth at least £20m as a result of the sale of the business, his own personal investments and his continuing income and profits from the brokerage which has been involved in most of the big corporate deals in the city, including government business like the privatisation of Greencore.
``If I had his money I'd be dating Claudia Schiffer,'' said a rugby buddy, ``but Kyran isn't like that, he's very straight.''
Following his divorce McLaughlin moved into a more modest semi-detached home off Herbert Park in Dublin, and eventually met a new partner, Rena. Quite recently they had a baby daughter.
This happy event in his private life happened to coincide with his wife's decision to contact the Moriarty tribunal, which is investigating payments to politicians and has sparked a widespread inquiry into the holders of the now infamous Ansbacher accounts.
Susan McLaughlin may have split up irrevocably with her husband, but she still had access to some of his personal papers from those days. Among them was a detailed plan on how to set up an almost impossible-to-trace trust fund in far-off Liechtenstein and the famous document ``A Note to John Furze'', Mr Furze being the man who had established and run the Ansbacher deposits in the Cayman Islands with the Dublin accountant Des Traynor. John Furze and Des Traynor are now conveniently dead, but among the things they have left behind them is that immortal phrase for tax planners of the future, ``Towards Minimising the Footprints'', which translates into how to keep something secret from virtually everybody.
But since last October Kyran McLaughlin's footprints have been all over the place like a bad rash. The Moriarty tribunal got a copy of ``A Note to John Furze'', while RTÉ and selected newspapers have copies of the unfinished Liechtenstein Plan, which dates back to 1984.
While Kyran McLaughlin was building a new future, his past was coming back to haunt him.
When Ben Dunne stuffed an enormous quantity of cocaine up his nose on February 20, 1992, nobody could have foreseen the consequences, but now, almost eight years later, the ripples from that act have turned into waves.
One of those breakers engulfed the career of Kyran McLaughlin and turned it upside down last week.
BEN Dunne was the first casualty of his own recklessness, when he was dumped from the family firm by his sister Margaret Heffernan. Charlie Haughey and Michael Lowry came a quick second.
But now the Moriarty tribunal seems to be going in an unexpected direction. It is not the politicians whose reputations are on the line, but the pillars of the Irish business community.
Last week's resignation of Kyran McLaughlin as joint managing director of Davy Stockbrokers followed the resignation of one of the country's best-known businessmen, Jim Culliton, as chairman of the Hibernian Group last September.
Others, like David Doyle, formerly of Doyle Hotels, Tony Barry of the industrial conglomerate CRH, and Michael Dargan, have all publicly declared that they held Ansbacher accounts for legitimate business reasons.
Kyran McLaughlin is not on the famous and much speculated-about Ansbacher list, but he ended up in the clutches of the Moriarty tribunal all the same.
It was some weeks before that, when he started getting calls and faxed questions at his Dawson Street office, relating to his private finances, that the alarm bells began to ring.
In the last two weeks he unsuccessfully tried to prevent Susan McLaughlin releasing his private papers.
Before the Moriarty tribunal Mr McLaughlin denied he was the author of ``A Note to John Furze'', and to the media he denied that he had set up a Liechtenstein trust fund for his own benefit.
It was only last Tuesday, when the media were told ``you are asking the wrong question'', that he was forced to admit that in 1986 he had established the offshore trust for the benefit of his three children.
On Wednesday morning, fatally compromised, he told his partners he would be resigning from his position as joint managing director of Davys, but would remain on as a stockbroker.
He also said that the trust fund was established with ``after-tax income'' but he was in immediate contact with the Revenue Commissioners about the tax implications that arise from the public disclosure of his private finances.
While all this excitement was going on in the financial community, almost unnoticed last week the inspectors appointed by the High Court and working under the former President of the Court, Declan Costello, investigating Ansbacher (Cayman) Ltd, asked the public for information which will be ``treated in the strictest confidence''.
In other words, they are looking for anybody else out there who may have other people's financial secrets hidden away in the attic to give them a call.
It is an appeal which may leave a lot of Irish businessmen sleeping uneasily in their beds these long winter nights.

Syrian Electronic Army Boost The Israeli Economy

The growing number of Internet based attacks by a group of Syrian hackers, calling themselves the Syrian Electronic Army (SEA) has created a growing demand for Israeli Internet security products and services. That’s because SEA has been unable to do much damage to Israel and that’s because Israel has one of the largest and most successful collection of Internet security firms on the planet. This has long been known, but the SEA success at hacking high-profile media sites everywhere but in Israel has made Internet security (or the lack of it) a big issue. That, and the fact that security firms worldwide have recently been more successful at exposing the source (China and Eastern Europe) of major hacker organizations and the extent of their thefts in the past few years. Now everyone wants more protection and one of the best sources can be found in Israel.
The SEA is headquartered next door to Israel and is loyal to the beleaguered Assad dictatorship in Syria. The SEA has been especially effective using spear fishing to hack into media sites. Despite most media companies having in place software and personnel rules to block spear fishing attacks there are so many email accounts to attack and you only have to get one victim to respond for the SEA to get in (using the login data from the compromised account). The automated defenses are supposed to block the actions of the hacker software that is triggered when the victim clicks on the email attachment, but hackers keep finding exploitable vulnerabilities to these defenses and this creates an opening, as least until that vulnerability is recognized and patched.
The SEA has enough cash and expertise to know where in the hacker underground the latest and most effective malware attachments can be found and purchased. With that, it’s just a matter of modifying the malware package, buying the email lists (of media company employees) and the services of an illegal network of hacked PCs (a botnet) to transmit your spear fishing emails.
The SEA has another big advantage; Russia. One of the few (and most enthusiastic) foreign allies Syria has is Russia. That is where some of the most skilled hackers in the world operate from, and they do this by not attacking Russian targets and doing whatever the Russian government asks them to do. Apparently Russia told the Internet thugs they shelter to do what they can for the SEA and that has made the SEA far more effective than it would be if it just relied on its Syrian and Iranian members.
The SEA also exploits the fact that when it comes to Internet security there that there are more people looking for vulnerabilities (that allow hackers to secretly get into someone else's computers) than there are people of equal skill trying to prevent this. There are some highly skilled people in this hacker community, and many of them spend most of their time developing software that will automatically seek out vulnerabilities. Called "Zero Day Exploits" (ZDEs), in the right hands these vulnerabilities/flaws can enable criminals to pull off a large online heist or simply maintain secret control over thousands of computers. The most successful hackers use high-quality (and very expensive) ZDEs. Not surprisingly ZDEs are difficult to find and can be sold on the black (or legitimate) market for over $250,000. A lot of these are sold from black market Internet sites based in Russia.
Finding ZDEs is still a favorite activity for hackers. A growing number of countries encourage local hackers to find ZDEs. For example, China encourages and helps organize patriotic Internet users in order to obtain hacking services. This enables the government to use (often informally) thousands of hackers to attack targets (foreign or domestic) and find ZDEs or do other mischief. Government sponsored organizations arrange training and mentoring to improve the skills of group members. While many of these Cyber Warriors are rank amateurs, even the least skilled can be given simple tasks. And out of their ranks will emerge more skilled hackers, who can do some real damage. These hacker militias have also led to the use of mercenary hacker groups, who will go looking for specific secrets, for a price. Chinese companies are apparently major users of such services, judging from the pattern of recent hacking activity, and the fact that Chinese firms don't have to fear prosecution for using such methods.
All nations with a large Internet user population have these informal groups but not all nations have government guidance, subsidies, immunity from prosecution, and encouragement to make attacks. Another factor is events that cause highly publicized tensions between nations with large number of Internet users. This almost always results in the "hacker militias" of both nations going after each other.
The U.S. has one of the largest such informal militias but there has been little government involvement. That is changing. The U.S. Department of Defense, increasingly under hacker attack, is now organizing to fight back, sort of. Taking a page from the corporate playbook, the Pentagon is sending many of its programmers and Internet engineers to take classes in how to hack into the Pentagon. Not just the Pentagon but any corporate, or private, network. It's long been common for Internet security personnel to test their defenses by attacking these targets. Some "white hat hackers" (as opposed to the evil "black hat hackers") made a very good living selling their attack skills, to reveal flaws or confirm defenses. This resulted in standards regarding who was a qualified white hat hacker. This made it easier for white hats to get work and for companies to find qualified, and trustworthy, hackers to help with network security. There are still problems with certifying that former black hat hackers, especially those who have been prosecuted and jailed, are trustworthy enough to work for the good guys.
Now the Department of Defense is paying to get members of its Internet security staff certified as white hats, or at least trained to be able to do what the black hats do or recognize it. While many in the Department of Defense have been calling for a more attack-minded posture, when it comes to those who are constantly attacking Pentagon networks, the best that can be done right now is to train more insiders to think, and operate, like outsiders. Meanwhile, the CIA and NSA have long had a special recruiting program that sought out black hats wishing to change sides. The vetting process was intense, and some of these guys (they are mostly guys) were always kept under surveillance, just to be on the safe side.
At the moment, the black hats are winning. While some sites (most financial institutions, some government agencies) are largely invulnerable to hacker attack, most networks are not. As the scope of the losses becomes more widely known, that may change. The SEA has made spectacular use of Russian-based hacker resources. The irony of this is that it has led to sharp increases in sales for Israeli Internet security firms. Israel has been an arch-enemy of Syria for over half a century and the SEA is putting a spotlight on why Syria has been losing this battle for so long.

NSA may have new evidence about death UN chief

The U.S. Secret Service NSA may have some important evidence that might shed light on the death of UN chief Dag Hammarskjold, who was killed in 1961 when his plane crashed in Zambia.
This enables an independent commission that the mysterious crash has re-examined. The top lawyers presented their report Monday in the Peace Palace in The Hague.
The Commisssion consists of lawyers from different countries, including former Chief Prosecutor of the ICTY Richard Goldstone. They argue that there is new evidence that the plane may have been shot out of the sky, and call for a new UN study.
According to the NSA lawyers probably have intercepted radio traffic of aircraft above the then British protectorate of Northern Rhodesia were active. An earlier theory suggested that a fire fighter has opened, may be so controlled.
A request to release this information was rejected. The recordings wear after 52 years still the stamp 'strictly confidential'.
The committee heard through the grapevine that the Belgian pilot of the fighter he would have shot on the device. The Swedish UN chief announced in 1967 The goal would have been to return the unit, but that turned out differently.
Hammarskjöld's death is often considered, even by the UN, but the cause of the crash was never conclusively determined.
The Secretary-General was the fatal September day in 1961 on the way to Northern Rhodesia to discuss a ceasefire between the Government of the grid independent Congo and Congolese rebels in the Katanga region. The latter were supported by mercenaries from European mining companies that were active in the mineral rich region.

Banned Facebook is open for Iranian ministers

Iran's entire Cabinet has opened Facebook pages in what is seen as a move toward greater openness - even though the social media site is blocked in the Islamic Republic.
The Facebook pages of 15 ministers could be viewed in Tehran through a proxy server. Newspapers on Monday hinted the move might herald the lifting of some Internet barriers.
All but one minister signed up this August after the inauguration of centrist- and reformist-backed President Hasan Rouhani, who has also opened a page.
Hard-liners see the Internet as a possible corrupting force, but many Iranians use proxies to access banned sites.
"It seems the 'key'" - Rouhani's electoral symbol in his presidential campaign - "may turn the lock of (Internet) filtering," the pro-reform Shargh daily said.

Microsoft amends petition to US Foreign Intelligence Service Court

The following is a post from John Frank, Vice President & Deputy General Counsel at Microsoft. It was originally published on Microsoft on the Issues.

On Monday, we amended our petition to the United States Foreign Intelligence Surveillance Court (FISC). This is an amendment to the motion we filed on June 19.
Since then, working with others in the industry, we’ve been pursuing a variety of options to provide additional transparency about any legal demands we may receive pursuant to U.S. national security authorities. In the context of our FISC litigation, we have spent the last several weeks trying to reach an agreement with the government in an effort to accomplish our ultimate goal more quickly, but, as we highlighted recently, those discussions ended in failure.
Our amended motion makes clear that we believe we should be able to provide detailed information on the volume of requests we receive from the U.S. government, and the nature and scope of their impact on Microsoft’s customers.
These are really important issues, and we’re pleased that both Yahoo and Facebook have also filed suit this morning, joining the earlier efforts from Microsoft and Google.
As we’ve said before, we believe we have a constitutional right to share this information, and we’ll continue to make that case before the court.

Marine Corps responds to Syria-based cyber attack

Hackers claiming loyalty to the Syrian government hijacked the Corps' recruiting website Sept. 2, redirecting visitors to a page calling the president a traitor.
The Marine Corps says it’s taking precautions to prevent future cyber attacks like the one that made international news Sept. 2 when hackers allegedly supporting the Syrian government compromised an official recruiting website.
The attack targeted Marines.com, a website featuring videos, photos and other promotional materials designed to inform prospective Marines about the service. Hackers claiming to be affiliated with the Syrian Electronic Army corrupted the site’s URL, causing it to redirect visitors to another website featuring photos of anonymous U.S. troops holding posterboard signs bearing messages protesting military intervention in Syria.
A message on that site, addressed to “US Marines,” called President Obama “a traitor who wants to put your lives in danger to rescue Al Qaeda insurgents” and encouraged troops to refuse orders.
A Marine Corps spokesman, Capt. Tyler Balzer, would not confirm the attackers were Syrian but said “indications seem to point to that.”
Balzer said the cyber attack affected Marines.com for only a few hours and was repaired as soon as it was discovered. The website’s content was not attacked, he said.
“It is also important to note that Marines.com is used solely as a recruiting tool and does not contain any sensitive or personally identifiable information that would be at risk in the event of an actual hack,” Balzer said via email.
No websites with a .mil suffix, including the Marine Corps’ official page, Marines.mil, were attacked or breached in the hack.
“There are a number of robust protocols in place to protect Marine networks, and those have been entirely successful thus far,” he said. “Steps have been taken to deter this type of redirect in the future.”
He declined to elaborate and would not discuss how the attackers successfully redirected the site, saying only that the Marine Corps continues to refine and update security practices to keep would-be hackers at bay.
The attack on Marines.com follows a slew of successful attacks on civilian media targets, including Thomson Reuters and The New York Times, whose site was crashed and made unavailable twice in two weeks. Earlier this year, a bogus news item posted on The Associated Press Twitter feed claimed that Obama was injured in an attack on the White House. It caused a temporary drop in the stock market.
On Sept. 5, the FBI sent out an advisory about the Syrian Electronic Army, advising heightened awareness and security protocols in light of the hacks.
Defense Department officials declined to discuss whether they’ve experienced a heightened volume of cyber threats or increased precautions.
Cybersecurity experts have called the Syrian Electronic Army attacks unsophisticated, pointing out that the hackers have failed to do any lasting damage. But one retired military officer said no one should take their threats lightly. A former chief of modeling and simulation at U.S. Cyber Command, Marc Jamison, said the Syrians’ capabilities should concern defense officials.
“If they’re able to take down one of the number-one news outlets in the United States, what does that mean?” he said. “They have redundancies. They’re not new to this game.”
Asked how much damage might the hackers be capable of, Jamison said, “That’s the million-dollar question.”