Monday, 2 September 2013

PRISM: Microsoft and Google 'stand together' on government data requests

New Microsoft logo
Microsoft has aligned itself with Google to push the US government towards greater transparency on access to customer information in the wake of the PRISM surveillance scandal.
Microsoft's general counsel Brad Smith posted on the firm's TechNet blog, painting the picture of a united front as the two rival companies both press on with lawsuits filed in June to persuade the government to publish details of its user data requests.
"To followers of technology issues, there are many days when Microsoft and Google stand apart," he said. "But today our two companies stand together. We both remain concerned with the government's continued unwillingness to permit us to publish sufficient data relating to Foreign Intelligence Surveillance Act (FISA) orders."
He acknowledged the US government's recent move to annually publish the total number of customer data requests relating to national security, but said that it did not go far enough. "The public deserves and the Constitution guarantees more than this first step," he insisted.
Smith argued that the plans should go further, demanding the inclusion of more information about each request, including whether it is a request for content such as that of an email.
"We believe it's possible to publish these figures in a manner that avoids putting security at risk. And unless this type of information is made public, any discussion of government practices and service provider obligations will remain incomplete," he said.
So far, the US government is yet to respond to the firms' requests, with Microsoft agreeing to extend the deadline of its lawsuits. Smith said he was "disappointed" that negotiations had so far failed and so the firms would continue with their legal efforts.
"With the failure of our recent negotiations, we will move forward with litigation in the hope that the courts will uphold our right to speak more freely," he said.
Smith previously took to the TechNet blog in July in response to issues highlighted by NSA whistleblower Edward Snowden, posting a detailed summary of how Microsoft responds to data requests made to each of its online services including Outlook, Skype and enterprise email.
Two days later, the firm joined Apple, Facebook and Yahoo, plus another 18 technology companies in writing an open letter to US president Obama on the subject of transparency.
The US government insists its practices are within the law, but this has not stopped widespread public and industry condemnation of its actions.

ICO fines against UK public authorities top £4m for shoddy data handling

Cash
Public-sector authorities have now paid over £4m in fines for breaches of the Data Protection Act.
The Information Commissioner's Office (ICO) confirmed the figure exclusively to V3, and it represents a notable milestone since the data watchdog was given the ability to levy fines in April 2011.
“We have now issued penalties totalling over £4m against organisations in the public sector that have failed to look after the information of the people they serve," the ICO said.
The figure is double that of the last figure released by the ICO when it revealed fines totalling £2m had been handed out, suggesting that data handling at councils, NHS Trusts and police forces is getting worse, not better.
Recent examples of fines from the ICO include one of £100,000 levied against Aberdeen City Council after sensitive data on vulnerable children was posted online and Islington Council was fined £70,000 for putting data on residents online in an Excel spreadsheet.
All the fines paid to the ICO end up in the government’s consolidated fund, which is pooled back into the wider public purse, so it remains available for public spending. However, this still means local councils or NHS Trusts may deliver a reduced service.
The ICO added that the fact fines have now passed the £4m mark should serve as a wake-up call to organisations holding sensitive data that data protection should be a top priority.

“The public sector, particularly organisations working within health and local government, are regularly processing some of the most sensitive personal information, ranging from a person’s health record to details of vulnerable children," it said.

"This is why these organisations must make sure they are keeping this information secure and we have produced guidance and continue to offer support to help them achieve this."
In contrast to the public sector the ICO has issued fines of just £526,000 against private sector firms. This is not an entirely fair comparison, though, as public sector organisations are obliged to report all breaches, while private-sector firms are not.
The most notable of these fines is the £250,000 levied against Sony for the hack on its PlayStation Network in 2011. The firm had originally disputed this fine but recently agreed to pay up after it was concerned the appeal process would require it to reveal data it would rather not make public.
In other areas, the ICO revealed that it has now issued fines totaling £800,000 under the Privacy and Electronic Communications Regulations (PECR). This covers, among other things, issues of marketing via text, email and telephone calls, with several notable fines handed out.

NSA has 'commandeered' the internet, says Bruce Schneier

Security Expert Bruce Schneier
Security expert Bruce Schneier has attacked the NSA over its treatment of former anonymous email service provider Lavabit, claiming the agency has "commandeered the internet".
Schneier attacked the NSA for its behaviour in a public blog post, arguing that it is using laws to forcibly turn tech companies into mass surveillance tools. "If there's any confirmation that the US government has commandeered the internet for worldwide surveillance, it is what happened with Lavabit earlier this month," he wrote.
The renowned cryptographer said the NSA's treatment of Lavabit's founder Ladar Levison after he chose to shut down the service in a bid to protect his customers from the agency, is proof it is going too far in its efforts to monitor the internet.
"So far, we just have an extreme moral act in the face of government pressure. It's what happened next that is the most chilling. The government threatened him with arrest, arguing that shutting down this email service was a violation of the order," he wrote.
Schneier said the threat of arrest shows the US government's behaviour proves it believes it has sovereignty over private industry.
"There it is. If you run a business, and the FBI or NSA want to turn it into a mass surveillance tool, they believe they can do so, solely on their own initiative. They can force you to modify your system. They can do it all in secret and then force your business to keep that secret. Once they do that, you no longer control that part of your business," he wrote.
"You can't shut it down. You can't terminate part of your service. In a very real sense, it is not your business anymore. It is an arm of the vast US surveillance apparatus, and if your interest conflicts with theirs then they win. Your business has been commandeered."
He added that while it is unclear if law enforcement would actually be able to make good on its threats to arrest non-compliant businesses, the very fact the NSA made the threat proves the need for legislative change.
"Protection rackets are easier when you have the law backing you up. As the Snowden whistleblowing documents continue to be made public, we're getting further glimpses into the surveillance state that has been secretly growing around us," he wrote.
"The collusion of corporate and government surveillance interests is a big part of this, but so is the government's resorting to intimidation. Every Lavabit-like service that shuts down – and there have been several – gives us consumers less choice, and pushes us into the large services that co-operate with the NSA. It's past time we demanded that Congress repeal National Security Letters, give us privacy rights in this new information age, and force meaningful oversight on this rogue agency."
Schneier is one of many members of the security community to call for change following the PRISM revelation and Lavabit shutdown. Silent Circle chief executive Mike Janke made a similar claim after shutting down the company's own secure email service.

Tor user base doubles to 1.2 million in August

eye-spy-snoop-numbers
The number of active connections to the anonymous Tor web tool doubled to 1.2 million in August.
The figure was revealed on the Tor Metrics Portal, which showed a marked spike in the number of Tor connections, which usually averages around 550,000. Tor's Roger Dingledine has issued a statement confirming the figure, adding that the reason for the increase remains unknown.
"The number of Tor clients running appears to have doubled since August 19 and it's not just a fluke in the metrics data – it appears that there really are twice as many Tor clients running as before," he wrote.
"There's a slight increase (worsening) in the performance measurements, but it's hard to say if that's a real difference. So while there are a bunch of new Tor clients running, it would seem they're not doing much. Anybody know details? It's easy to speculate (Pirate Browser publicity gone overboard? People finally reading about the NSA thing? Botnet?) But some good solid facts would sure be useful."
Members of the Tor community have since mirrored Dingledine's surprise. One Tor community member posting under the name Mick suggested that the increase could be due to the recently launched PirateBay's PirateBrowser. "I suspect PirateBrowser, given that PirateBay users probably outnumber privacy lovers by two-to-three orders of magnitude," he wrote.
The PirateBrowser was launched by the PirateBay in August and is designed to let users get around internet service providers' (ISPs) online blockades. The browser is a preconfigured bundle for the Firefox Tor client (Vidalia), though it doesn't offer the same web anonymity as the regular Tor Browser.
Others, like community member Grarpamp, have been more suspicious, arguing that it is the result of a botnet or explorative cyber attack.
"Too big a double in under a week for me to believe it's natural growth based on news or some promo somewhere. I'd guess it got included in some app. A botnet fits perfect. Or it's some sort of analysis, attack or flood," wrote Grarpamp.
Tor is a free service designed to let people surf the internet anonymously by directing internet traffic through a volunteer network of more than 3,000 relays to conceal the user's location.
The process was previously believed to make web users untrackable, however earlier in August reports broke claiming the FBI has found a way to track people using the Tor Browser. Since the reports broke an exploit pertaining to be the one used by the FBI has appeared on the Metasploit penetration testing forum.

Leaked Documents Cast Doubts on Effectiveness of Spy Programs

After all the hoopla about the secret surveillance programs conducted by the country's spy agencies comes a new revelation that it might be money poorly spent.
The Washington Post says information it received from former NSA contractor Edward Snowden about the secret budget of the intelligence community puts the annual dollar figure on programs to protect national security at $52 billion.
However, even with that exorbitant price tag, the Post says that the White House still doesn't get enough worthwhile information to keep Americans safe from attacks emanating from both inside and outside the nation's borders.
Among other things, the U.S. is still at a loss to figure out what exactly is going on in North Korea, which possesses nuclear arms that at the very least, threaten the entire Pacific region.
Other so-called "blind spots" include information about Pakistan's nuclear weapons program, China's warplanes and the Hezbollah in Lebanon.
The Post says that it only published a small section of the 178-page budget after the government protested.
However, former CIA official Paul Pillar, now at the Brookings Institution, says the newspaper is still compromising national security by giving U.S. enemies a heads-up that can help them stave off future surveillance, particularly in the realm of potential cyber attacks.

Cybercrime abuses Facebook paid advertisements

A reading of an interesting study on the criminal abuse of Facebook’s Paid “Sponsor Ads” system to deliver nefarious websites to the users. 

The researchers Frank Angiolelli, Eric Feinberg, Ian Malloy issued a follow up on the analysis they presented titled “Facebook Paid Advertisements to Defraud“, it is an interesting study that analyze with you in this post.
Facebook, and any other social media platforms, offer a multitude of opportunity for cybercrime that could exploit the numerous services they provide, in particular the study evaluate how organized cybercriminals are leveraging Facebook’s Paid “Sponsor Ads” system to deliver nefarious websites to the user of the social network.
“These cybercriminals are paying Facebook to obtain sponsored advertisement space which is presented to the user without request or choice
The investigation revealed that coordinated groups using multiple brand names in a mass distribution system affecting the entire ecosystem.
Facebook fraud website
It has been estimated that every single user was presented with as many as 20 unique fraud advertisements in an 8 hour period on Facebook, as well as multiple repeat fraud websites. The Facebook frauds are managed through masses of redirector sites owned by ascribable groups employing varying evasive techniques to redirect users to their fraudulent content.
“The payment methods being employed by these websites are tied to numerous reports of fraud.Users who are tricked by a Paid Sponsored Advertisement send their money to nefarious groups with no recourse. There are two primary types of advertisements, a “root” website and a “zombie redirector” which equates to a farm of websites that can be submitted to Facebook. The root nefarious websites holds the actual content being delivered to the user.”
The researchers collected evidence that many fraudulent activities are attributable to Chinese actors that anyway adopted different techniques for bot management. Most of the content delivery sources are Chinese CDN networks
  • CNZZ and 51.la are the most frequent CDN networks employed
  • A majority of these websites have been developed using Chinese versions of software
  • The code replication techniques are published under what appear to be Chinese names
  • The registrars, outside of Godaddy, are primarily Chinese registrar technology companies.
  • The genesis of this has Chinese origins – We intend to expand on this in our next paper
Facebook fraud organization structure
One of the most interesting aspect of the research is the system developed by cyber security expert Frank Angiolelli, that was able to automatically identify fraudulent content among  a mass of legitimate sites while tracking correlation data.
The team of researchers identified a body of 225 individual counterfeit paid advertisements in an increasing exponential frequency curve commiserate with the resources assigned during a three week period.
“The result is that in mere seconds, 95%+ fraudulent sites were identified while tracking and trending the hosting, registrars and software origins. False positives on legitimate websites during the study period started at >0.9% and decreased exponentially as the data set expanded. Only 2% of the nefarious websites seen in this study had been seized, and the pattern of replication we uncovered proves that advanced methods employed by this team are successful countermeasures to address this problem. “ states the report.
The most popular registrar found during the investigation is “Godaddy”, which is primarily used to register pseudo-random Zombie Redirector sites. Outside of Godaddy, the remainders are mostly Chinese technology companies, with some notable exceptions. Cybercriminals are using mainly US hosting companies to deliver their fraudulent content.
Facebook fraud domains
The criminal conduct evidenced in the report will fall directly to the intellectual property owners, but also the same social network Facebook will lose in reputation, in the short term damage the information collected by the researchers portend a concerning increase for fraudulent advertisements. The phenomena are not interested only to Facebook, once deployed proper countermeasures fraudsters will abandon the popular social network for another vector.
Read the report for further information on Facebook paid advertisements.

Reversing Dropbox client code raises security issues

Researchers at last USENIX security symposium presented a new method and consolidated techniques for reversing Dropbox code to bypass Dropbox’s two factor authentication, hijack Dropbox accounts and intercept SSL data.

Reversing Dropbox analysis allowed researchers to crack its open cloud storage service, reverse engineering the encryption protecting the client it is possible to open it up to further security analysis.
Dropbox is a cloud based file storage service used by more than 100 million users, a security flaw could have serious repercussions.
During the last USENIX Security Symposium researchers Dhiru Kholia of Openwall and Przemyslaw Wegrzyn of CodePainters demonstrated how to use a code-injection attack to intercept SSL data and bypassing the two-factor authentication implemented for protection of Dropbox accounts. The attack allows the hijacking for Dropbox communication compromising the Dropbox security, the techniques proposed reverse engineer frozen Python applications, an approach that isn’t limited to just the Dropbox application.
“The client consists of a modified Python interpreter running obfuscated Python bytecode. However,Dropbox being a proprietary platform, no source code is available for these clients. Moreover, the API being used by the various Dropbox clients is not documented.”
Reversing Dropbox client
Company representative refused to consider reversing Dropbox a vulnerability, a spokesperson confirmed to Threatpost their position:
“In the case outlined here, the user’s computer would first need to have been compromised in such a way that it would leave the entire computer, not just the user’s Dropbox, open to attacks across the board,” the spokesman said.
In effect the Reversing Dropbox is possible only if the attacker is able to compromise the client exploiting an existing vulnerability that could  be executed remotely.
Dropbox client has a handy feature which enables a user to login to Dropbox’s website without providing any credentials. This is done by selecting “Launch Dropbox Website” from the Dropbox tray icon. So, how exactly does the Dropbox client accomplish this? Well, two values, host_id and host_int are involved in this process. In fact, knowing host_id and host_int values that are being used by a Dropbox client is enough to access all data from that particular Dropbox account. host_id can be extracted from the encrypted SQLite database or from the target’s memory using various code injection techniques. host_int can be sniffed from Dropbox LAN sync protocol traffic. While this protocol can be disabled, it is turned on by default. We have written an Ettercap plugin [8] to sniff the host_int value remotely on a LAN. It is also possible to extract this value from the target machine’s memory
Another concerning discovery made by the researchers is that the two-factor authentication available to access Dropbox folder on the Web isn’t supported by the client software, the client can be accessed with a value known as host_ID which could be obtained by an attacker.
Researcher Kholia confirmed that their discovery is arrived as a side-effect of the research mainly focused on Reversing Dropbox, anyway the study raises serious question on the security of the popular web storage.
“We believe that our biggest contribution is to open up the Dropbox platform to further security analysis and research,” “Dropbox will/should no longer be a black box.” said the expert Kholia.
Research on reversing Dropbox is not new but almost related to previous versions of the cloud storage, the researchers started from the analysis of API used by Dropbox client and they were able to decompile the Dropbox client source code and analyze it, in particular they were also able to use Reflective DLL injection and LD_PRELOAD on Windows and Linux to intercept SSL traffic.
“Once we are able to execute arbitrary code in Dropbox client context, we patch all SSL objects and are able to snoop on the data before it has been encrypted (on sending side) and after it has been decrypted (on receiving side),”“This is how we intercept SSL data. We have successfully used the same technique on multiple commercial Python applications.”  the paper said. 
Despite the results for reversing Dropbox the researcher confirmed their good opinion of the overall security level offered to the users.
“Overall, Dropbox is just fine,” “There is nothing to worry about. We are still using and loving it.” Kholia said.

Facebook Security YOU USE IT AT YOUR OWN RISK

Facebook Chief Privacy Officer Erin Egan send an email notification to all users to let know that they are proposing updates to Facebook Data Use Policy and our Statement of Rights and Responsibilities.
Its about two new document which you should read carefully! which tell you about how Facebook collect and use data, and the rules that apply when you choose to use Facebook.
In Section 16.3 of Facebook Statement of Rights and Responsibilities read that Facebook try to keep the platform safe but use it at your own risk.
Disputes
WE TRY TO KEEP FACEBOOK UP, BUG-FREE, AND SAFE, BUT YOU USE IT AT YOUR OWN RISK.
WE ARE PROVIDING FACEBOOK AS IS WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
WE DO NOT GUARANTEE THAT FACEBOOK WILL ALWAYS BE SAFE, SECURE OR ERROR-FREE OR THAT FACEBOOK WILL ALWAYS FUNCTION WITHOUT disruption, DELAYS OR imperfections.
FACEBOOK IS NOT RESPONSIBLE FOR THE ACTIONS, CONTENT, INFORMATION, OR DATA OF THIRD PARTIES, AND YOU RELEASE U.S., OUR DIRECTORS, OFFICERS, EMPLOYEES, AND AGENTS FROM ANY CLAIMS AND DAMAGES, KNOWN AND UNKNOWN, ARISING OUT OF OR IN ANY WAY CONNECTED WITH ANY CLAIM YOU HAVE AGAINST ANY THIRD PARTIES SEARCH.
IF YOU ARE A CALIFORNIA RESIDENT, YOU waive CALIFORNIA CIVIL CODE § 1542, WHICH SAYS: A GENERAL RELEASE DOES NOT EXTEND TO CLAIMS WHICH THE CREDITOR DOES NOT KNOW OR SUSPECT TO EXIST IN HIS FAVOR AT THE TIME OF EXECUTING THE RELEASE, WHICH IF KNOWN BY HIM MUST HAVE materially AFFECTED HIS SETTLEMENT WITH THE DEBTOR.
WE WILL NOT BE liable TO YOU FOR ANY LOST PROFITS OR OTHER consequential, SPECIAL, INDIRECT, OR incidental DAMAGES ARISING OUT OF OR IN CONNECTION WITH THIS STATEMENT OR FACEBOOK, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF DAMAGES SEARCH.
OUR AGGREGATE LIABILITY ARISING OUT OF THIS STATEMENT OR FACEBOOK WILL NOT EXCEED THE GREATER OF ONE HUNDRED DOLLARS ($ 100) OR THE AMOUNT YOU HAVE PAID U.S. IN THE PAST TWELVE MONTHS. APPLICABLE LAW MAY NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY OR incidental OR consequential DAMAGES, SO THE ABOVE LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU. IN SEARCH CASES, FACEBOOK'S LIABILITY WILL BE LIMITED TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW.

Opsec Details of Snowden Meeting with Greenwald and Poitras

I don't like stories about the personalities in the Snowden affair, because it detracts from the NSA and the policy issues. But I'm a sucker for operational security, and just have to post this detail from their first meeting in Hong Kong:
Snowden had instructed them that once they were in Hong Kong, they were to go at an appointed time to the Kowloon district and stand outside a restaurant that was in a mall connected to the Mira Hotel. There, they were to wait until they saw a man carrying a Rubik's Cube, then ask him when the restaurant would open. The man would answer their question, but then warn that the food was bad.
Actually, the whole article is interesting. The author is writing a book about surveillance and privacy, one of probably a half dozen about the Snowden affair that will come out this year.
EDITED TO ADD (8/31): While we're on the topic, here's some really stupid opsec on the part of Greenwald and Poitras:
  • Statement from senior Cabinet Office civil servant to #miranda case says material was 58000 ‘highly classified UK intelligence documents
  • Police who seized documents from #miranda found among them a piece of paper with the decryption password, the statement says
  • This password allowed them to decrypt one file on his seized hard drive, adds Oliver Robbins, Cabinet Office security adviser #miranda
You can't do this kind of stuff when you're playing with the big boys.

Facebook's Latest Privacy Changes: Tag, You're You

Under the new rules, Facebook is expanding its use of facial recognition, making it easier for you, your friends and acquaintances to tag your likeness in their pictures. A bigger facial recognition database could allow Facebook to collect more data about whom we are interacting with in the real world.

SEA hack defaced US Marines Website

The Syrian Electronic Army has defaced the Marines.com website posting a message to all US marines.
The Syrian Electronic Army (SEA) has been highly active over the last six months targeting media outlets it believes are reporting untruths about what is happening in Syria. The group, which supports President Bashar al-Assad, last week claimed responsibility for attacks on the New York Times and Twitter - as a result of the group's official Twitter account being suspended.
This morning however the group turned its attention to the US marines, who could potentially be drawn into the civil war in Syria, though President Barack Obama on Sunday was branded as "hesitant and confused" by the Assad regime over his plans to wait for Congressional approval before launching any air strikes against regime targets.
The SEA defaced the marines.com website early on Monday morning but at the time of publication the website had returned to normal. As well as posting a lengthy message to its "brothers" in the US marine corps, the SEA posted a series of pictures purporting to show soldiers in uniform holding up written messages protesting Us involvement in Syria.
The full text of the message reads as follows:
"This is a message written by your brothers in the Syrian Army, who have been fighting al-Qaida for the last 3 years. We understand your patriotism and love for your country so please understand our love for ours. Obama is a traitor who wants to put your lives in danger to rescue al- Qaida insurgents.
Marines, please take a look at what your comrades think about Obama's alliance with al-Qaida against Syria. Your officer in charge probably has no qualms about sending you to die against soldiers just like you, fighting a vile common enemy. The Syrian army should be your ally not your enemy.
Refuse your orders and concentrate on the real reason every soldier joins their military, to defend their homeland.  You're more than welcome to fight alongside our army rather than against it.
Your brothers, the Syrian army soldiers. A message delivered by the SEA"
In an email interview with the BBC over the weekend, an SEA spokesman warned media outlets reporting on the conflict in Syria to "expect us" and that the group had "many surprises" planned.
He added: "Military intervention in Syria has many consequences and will affect the whole world. Our main mission is to spread truth about Syria and what is really happening."

Firms Brace For Possible Retaliatory Cyberattacks From Syria

Cybersecurity consultants say their phones are ringing off the hook, with U.S. companies fearing that if it comes to an attack on Syria, they could find themselves on the front lines.

Yahoo's Internet portal in China has formally closed down

After seeing its popularity decline, Yahoo's Internet portal in China has formally closed down, in a sign that e-commerce giant Alibaba Group is transitioning away from the brand.
The portal went offline on Sunday. Its closure is rooted in an agreement Yahoo made last year with Alibaba Group, which has control over the Yahoo brand in the country.
For years now, Alibaba has operated Yahoo's China business as part of $1 billion deal investment from the U.S. company made back in 2005. In exchange, Yahoo acquired a 40 percent stake in Alibaba.
But last year, Yahoo agreed to sell part of that stake back to the Chinese e-commerce company, following ongoing disagreements between the two Internet giants. The share buy-back resulted in Yahoo granting Alibaba "a transitional license" to continue operating its brand for up to four years.
Since then, Alibaba has been phasing out Yahoo products. In December, Yahoo's music service in China went down. Then earlier this year, Yahoo's China site announced the closure of its email service, which formally went offline last month.
Sunday's shutdown of Yahoo's Chinese portal is the result of a strategy adjustment, the site's team said in an Internet posting. The portal, at cn.yahoo.com, now reroutes to an Alibaba site promoting public welfare projects.
Alibaba declined to elaborate on the site's closure. Yahoo had no immediate comment.
The popularity of the Yahoo portal site has gradually waned over the years, as the influence of Chinese Internet companies has only grown. In May, the site ranked as the tenth most-visited Internet portal in the country, according to CR-Nielsen, an Internet research company.
Alibaba likely has no more use for the Yahoo brand, considering that the company is focused on e-commerce, and not media portal sites, said Li Zhi, an analyst with Beijing-based research firm Analysys International.
"China Yahoo has been under Alibaba for many years. Its most valuable properties have been dismembered and used," she said, pointing to how Alibaba had originally wanted access to Yahoo's search technologies. In 2009, however, Yahoo decided to use Microsoft Bing to power its searches.
"Alibaba already has no need for a China Yahoo that's been squeezed dry," Li added.

LinkedIn, the online leak of 646 Million users password and Download

IOS applications, according to foreign media reports, professional networking site LinkedIn will collect in the device calendar to complete a detailed record of information sent back to the company, and in plain text form, so the alleged infringement of user privacy. Said the current account of about 6.5 million LinkedIn users plaintext and encrypted password is compromised.
It is reported that the message from the Norwegian IT website Dagens IT reported that exposure of 6.5 million encrypted password to be sent to a Russian hacker site. A security researchers Pearl Per Thorsheim confirmed the news through his Twitter, he also revealed that the attacker has been sending out encrypted passwords to find the crack.
Finland is responsible for security sector "Emergency Response Team (CERT-Fi) to the user warning Although the details of the user has not yet been leaked, but the attacker is likely to crack the password into the user's database, it is proposed that the majority of users change your password as soon as possible.
Sha1 collision tools on the network users, casually tested a few, can successfully restore the plaintext information, and to draw attention to the registered users on LinkedIn, the speed to change the password (http://www.linkedin.com/passwordReset) it!
The line also has a LinkedIn users have confirmed that his password stolen. At the time of LinkedIn this not make a positive response, so more than the authenticity of the message have not been confirmed.
Background
LinkedIn is a social network for business customers (SNS) site, was established in December 2002 and launched in 2003. The purpose of the website allows registered users to maintain the contacts they know and trust in commercial exchanges, commonly known as "contacts" (Connections,). Users can invite people to become "relationship" (Connections,) circle of people he knew. Linkedin users billions of dollars, per second on average there is a new member to join. About half of the members of its members in the United States, 11 million from Europe.