Tag: newstrack

Swedish pirate tricks security experts

0099413191_LSwedish Pirate Party’s youth wing president hacked Sweden’s leading security and military experts as they searched for ‘holidays’ and ‘forest hikes’ during working hours.

Gustav Nipe set up a Wi-Fi network called ‘Open Guest’ at a security conference earlier this week and several high profile officials used the network to log into their email accounts and surf the internet.

The Wi-Fi network was not encrypted which meant that Nipe could track which sites people visited as well as the emails and text messages of around 100 delegates, including politicians and journalists as well as security experts.

He said it was ironic that the security establishment was in Sälen pushing for more surveillance, but its leading figures go and log on to an unsecure W-Fi network.

Some people were looking at Skype, eBay and Blocket and stuff like that, or looking for holidays and where you could go and hike the forest. This was during the day when I suppose they were being paid to be at the conference working, Nipe said.

Nipe said that the stunt was to draw attention to the problem of network monitoring in Sweden, and says he will not be revealing which sites were visited by specific experts.

With insecure networks like these, you can end up getting access even to secure servers because people so often use the same passwords for different sites. So he could have got into the government’s server or used other information to track people in their everyday lives, he pointed out.

However, some think that Nipe’s stunt might have actually broken Sweden’s Personal Data Act.

Martin Brinnen, a lawyer at the Swedish Data Inspection Board told Dagens Nyheter that Nipe had acted without the “explicit consent” of the Wi-Fi network’s users, despite the fact that they had agreed to join an open network.

Nipe told The Local that all the data he had collected would be encrypted so that no-one else could access it and added that it would be erased after it had been analysed.

 

Virgin Galactic wants to bring internet to have-nots

 article-2546173-1AF57AF200000578-172_634x417Virgin Galactic’s Richard Branson announced plans to launch as many as 2,400 micro satellites in an effort to set up a constellation capable of bringing broadband communications to millions of people who do not have it.

Beardie said he plans to launch a low-earth-orbit satellite constellation of 648 satellites to get the project rolling. The internet will be available through a company called OneWeb.

OneWeb is backed by Qualcomm for this planned world-wide Internet service. OneWeb said it plans to work with local partners to provide access. OneWeb terminals act as small cells with the ability to provide access to the surrounding area via a WiFi, LTE, 3G or 2G connection using an operator partner’s licensed spectrum, or only LTE or WiFi on unlicensed spectrum.

Writing in his bog, Beardie said that Virgin is working to build a two-stage rocket, known as LauncherOne that would air-launch launch from the company’s existing WhiteKnightTwo aircraft at about 45,000 to 50,000ft.

WhiteKnightTwo was part of the Virgin Galactic’s space tourism venture which had a major setback in October when the spaceship it launched crashed killing one pilot and injuring the other. However, this one uses a different launcher technology.

LauncherOne will be built using advanced composite structures, and powered by a new family of LOX/RP-1 liquid rocket engines. Each LauncherOne mission will be capable of delivering as much as 225 kilograms (500 pounds) to a low inclination Low Earth Orbit or 120 kilograms (265 pounds) to a high-altitude Sun-Synchronous Orbit, for a price of less than $10M, Beardie wrote.

He said that this was a very efficient way of getting satellites into space. Virgin can take off every three or four hours.

The first batch of satellites will cost around $2 billion which will be very competitive on price, as far as the end-user is concerned.

“We believe that the break-even of this is not enormous. We feel it makes sense economically as well.”

 

 

Google Glass killed off

Google's Eric "Google Glass" SchmidtGoogle is ending sales of its Google Glass eyewear, but insists that it will launch the smart glasses as a consumer product one of these days.

Google said that it will instead focus on “future versions of Glass” with work carried out by a different division to before.

But it means that the Explorer programme, which gave software developers the chance to buy Glass for $1,500 will close.

It had been expected that once developers wrote some code to run on Glass it would be followed reasonably quickly by a full consumer launch.

However that did not happen and some feared that it would be it would be left in one of Google’s Beta hells for a thousand years.

Now it seems that that the Glass team will also move out of the Google X division which engages in “blue sky” research, and become a separate undertaking, under its current manager Ivy Ross.

Ross and the Glass team will report to Tony Fadell, the chief executive of the home automation business Nest, acquired by Google a year ago.

Fadell told the BBC   that the project had “broken ground and allowed us to learn what’s important to consumers and enterprises alike” and he was excited to be working with the team “to integrate those learnings into future products”.

Google says it is committed to working on the future of the product, but is not giving any timescale when we will see it or see through it. Intel had pledged to support Google Glass – Tesco launched a Google Glass app earlier this week.

Go figure….

 

UK pledges to increase snooping with US

spyThe UK and the US are using the massacres in Paris as a pretext for “increasing co-operation” on snooping on internet users.

Prime Minister David “one is an ordinary bloke” Cameron said the two countries will set up “cyber cells” to share intelligence and conduct simulated attacks to test the defences of organisations such as banks.

Cameron is visiting Washington to tell them how to sort out their economy and security, and is due to have a second meeting with President Barack Obama today.

Cameron said that the two countries had  hugely capable cyber defences and the expertise and that is why they  should set up cyber cells on both sides of the Atlantic to share information, Cameron said.

The cooperation between Britain’s GCHQ eavesdropping agency and the US National Security Agency will include joint war games, with the UK providing the Games Workshop figures and the US providing the rules, the polyhedral dice and the joints.

The first exercise later this year to involve the Bank of England and commercial banks in both the City of London and Wall Street. It is not clear who will be exercising but if you ask any bankers we have seen to do a push up the body bag count will be high.

“This is a real signal it is time to step up the efforts and to do more,” said Cameron.

The British leader said he also planned to discuss with Obama how the two countries could work more closely with big Internet companies such as Facebook and Google to monitor communications between terror suspects. This is of course something that Facebook and Google want nothing to do with, so chances are he will be talking about bringing in laws to force them.

One thing Cameron has not answered is that if the UK and US have such wonderful cyber ability and resources, how did the Paris attacks actually happen? It seems that the more snooping powers that the UK and the US demand, the less effect it has on the goal of preventing terrorism.

Stop squeezing broadband BT!

 

pelosi-lap-dogBritish Telecom has been told off by the British regulator Ofcom which seemed to back complaints from smaller broadband provider TalkTalk that BT was abusing its dominant position in the way it priced the wholesale offering.

Ofcom said it would set up safeguards to make sure BT maintains a sufficient margin between its wholesale and retail superfast broadband charges which would allow rival providers to profitably match its prices.

BT has built a fibre network that has driven the uptake of broadband services, both by consumers and by rivals who rent the lines on a wholesale basis.

TalkTalk had complained there was not enough of a gap between wholesale price and the rate at which BT sold the product to retail customers, squeezing margins for competitors.

Under the new proposal BT would be allowed to set its wholesale fibre prices, but they must do it in such a way that others can compete profitably for superfast broadband customers.

“Ofcom’s indicative assessment is that BT is maintaining a sufficient margin under the new draft rules,” Ofcom said. “Therefore, the condition is a safeguard which limits BT’s ability to reduce retail margins in future, and ensures that any increases in BT’s costs must be reflected in its prices.”

 

TSMC reports record profits

tsmcTSMC has reported record quarterly net profit and revenue thanks to strong sales of smartphones from its clients.

TSMC earned about $3 billion in net profit in October-December which doubles the results posted at the same time last year and slightly more than the last quarter.

Demand for increasingly feature-rich gadgets has led to a burst in growth for companies such as TSMC and local peer United Microelectronics, whose chips power features from fingerprint sensors to fourth-generation (4G) LTE receivers.

In the fourth quarter, TSMC’s profit margin decreased to 35.9 percent from 40.4 percent in the third quarter in October-December revenue.

However, things are not looking that good for TSMC’s future. Analysts are divided about whether Apple will select TSMC to produce chips for its next-generation smartphones. There are questions as to whether it can create the next generation chips Apple wants .

Samsung, which is TSMC’s main competitor for Apple custom, has previously said it is seeing increased demand for chips made with 14 nanometre technology, the likes of which could power the successor to the iPhone 6.

Now that the war between Apple and Samsung is cooling, it appears that Jobs’ Mob might return to its old chipmaker ally and leave TSMC high and dry.

 

 

CIA clears itself of charges of spying

cia-cleanerThe ironically named CIA Accountability Board has cleared the agency of wrongdoing after the spooks searched the files of congressional investigators who were investigating the possible use of torture tactics during the Bush years.

The board, set up by the CIA itself, published a report that said that five agency officials made a “mistake” by searching for files used by the Senate Intelligence Committee investigating the CIA, but said that their actions “did not reflect malfeasance, bad faith, or the intention to gain improper access to Senate Select Committee on Intelligence confidential, deliberative material”.

So, that is alright then, Americans can go back to bed knowing that its spooks are not really spying on their elected representatives.

However the  accountability board said such a mistake was possible because there were no clear rules for using the “unprecedented” RDINet, the secure network set up to allow congressional investigators to review the CIA’s files on rendition, detention, and interrogation techniques.

The five individuals had “acted reasonably to investigate a potential security breach.”

Needless to say this inquiry overturns the conclusions of the current inspector general of the CIA, David Buckley, who said in a report last July that the five CIA officials had acted improperly by accessing the network. Buckley also found at the time that the CIA had inaccurately filed criminal referrals against congressional investigators that accused them of mishandling classified information.

Intelligence Committee investigators were presented with a message — “your use of this system may be monitored and you have no expectation of privacy” — every time they logged on. While the accountability board rejected that the agency had deliberately attempted to access confidential material, it alleged that Intelligence Committee investigators had accessed restricted CIA documents, violating an agreement about the use of RDINet.

Senators are furious with the results of the review and wanted to make sure that the CIA would stop stonewalling investigations and retaliating by snooping on investigating Senators.

Senator Dianne Feinstein, the ex-chairperson of the SSCI, also voiced her reaction in a statement in which she said she was “disappointed that no one at the CIA will be held accountable.”

Feinstein accused the CIA of improperly accessing Senate computers in 2010, a year after investigators began looking into whether the CIA’s “enhanced interrogation” methods constituted torture.  CIA officials had snooped on the Intelligence Committee to discover what it knew about the agency’s interrogation methods, and that officials then began to remove almost 900 documents from the secure network that could implicate the agency in torture.

RadioShack might file for bankruptcy

1980-radio-shack-catalog The much troubled RadioShack may file for bankruptcy as early as next month.

The outfit, which was the major force behind the birth of the home computer industry, has been slowly heading towards doom since the turn of the century and in November warned that it might need to file for Chapter 11.

According to The Wall Street Journal  Radio Shack is strapped for cash.

It is discussing a deal with a private equity firm to “buy its assets out of bankruptcy”.  If that doesn’t work, the company could go to bankruptcy court, instead. Potential lenders who could fund operations during the bankruptcy proceedings are also in the mix, the Journal states, adding that much is in flux.

In November, the company reported it only had enough money to pay for operations in the very near term. The US has been struggling to keep up with online retailers for some time.

Radio Shack has been going for more than  94-years – starting as an electrical supplier.  It has been combatting the competition by revamping its offerings, closing stores, cutting costs and changing management. Despite the attempt to claw its way back up, the retailer has posted losses for the past 11 quarters.

Earlier this week, Marketwatch reported that Salus Capital offered RadioShack a $500 million loan to fund operations during bankruptcy. The offer was unsolicited and expires Thursday.

Blackberry denies Samsung buy out

 blackberry-juicerBlackberry has moved to dismiss claims that it is about to be bought by Samsung.

The source of the rumours was Reuters which claimed that a deal was close and Samsung was  ready to make an offer that John Chen and BlackBerry’s board may be reluctant to refuse. Samsung is willing to pay roughly $7.5 billion for BlackBerry’s assets – including its patent portfolio – Reuters claimed.

Apparently Samsung became interested in Blackberry two months after the two companies entered a strategic partnership to bring BlackBerry’s BES12 cross-platform EMM solution to Galaxy smartphones and tablets that feature embedded KNOX technology. At the time, the two companies indicated that they were looking forward to future ventures together.

The move seems all logical, but it is not quite, but completely and utterly untrue claimed Blackberry.

In a statement the company said it was aware of certain press reports published today with respect to a possible offer by Samsung to purchase BlackBerry.

“BlackBerry has not engaged in discussions with Samsung with respect to any possible offer to purchase BlackBerry. BlackBerry’s policy is not to comment on rumours or speculation, and accordingly it does not intend to comment further,” the phone maker said.

Windows 7 is off life support

ECGSoftware giant Microsoft killed off “mainstream support” for Windows 7 yesterday.

Leaving mainstream support only means that Windows 7 will not be receiving any new features or product tweaks, such as DirectX 12 gaming technology slated to launch with Windows 10. Free software support from Microsoft is not going to happen either.

Once a Windows desktop operating system leaves mainstream support, it enters the extended support phase. Windows XP was in that state from early 2009.

Users will still get security patches during extended support, which means that Windows 7 will not be cast out completely yet. Hotfixes will still be provided, too, assuming they are security related.

Extended support for Windows 7 lasts until January 14, 2020 so if you are happy with all that, there is no reason to rush to upgrade.

However, it is a sign that Microsoft has given up on the operating system, which is subjectively seen as being better than its successor.

Skeleton Key exposes password flaws

skeletonsSecureWorks, the security arm of Dell, has found malware which it has dubbed “Skeleton Key” which shows up weaknesses in the password system.

The attack consists of installing rogue software within Active Directory, and the malware then allows attackers to login as any user on the domain without the need for further authentication.

It has weaknesses as an attack vector — installation requires administrator access or a flaw on the server that grants such access.

But Skeleton Key has some interesting coding which could point to something even nastier in the future. It does not actually install itself on the filesystem. Instead, it’s an in-memory patch of Active Directory which makes detection even more difficult.

Access is not logged and the malware is completely silent and, as a result, extremely undetectable. Identifying the malware using traditional network monitoring also does not work due to the fact that Skeleton Key does not generate any network traffic.

In its current form, the malware does not survive a system reboot, which means that it has to be a continuous hack, but such things are possible, particularly if you have a disgruntled sysadmin.
Companies can also make the malware useless by having a two-factor authentication to connect to servers, VPN, email and the like. So in otherwords leaning on passwords is pretty much suicide.

Apple takes on Ericsson in phone row

handsetFruity cargo cult Apple has sued the Swedish phone outfit Ericsson in an attempt to break the patent deadlock between the pair.

Apple said that Ericsson’s LTE wireless technology patents are not essential to industry mobile standards and that it is demanding excessive royalties for them.

Jobs’ Mob insists that it has not infringed on the patents and does not owe Ericsson a cent for them.

Ericcson wants cash for the LTE technology calculated as a percentage of the price of the entire smartphone or tablet. However, Apple said that the royalties should be based on the value of the processor chip that includes the technology.

If Ericsson’s patents are deemed essential and the court rules Apple has infringed on them, Apple said it wants the court to assign a reasonable royalty rate.

Apple spokeswoman Kristin Huguet said that Apple was always willing to pay a fair price to secure the rights to standards essential patents covering technology in its products. However Apple can’t agree with Ericsson on a fair rate for their patents so, as a last resort, we are asking the courts for help.

Apple and Ericsson currently have a license agreement that covers many of Ericsson’s allegedly standard-essential patents. The agreement was signed in 2008 soon after Apple launched the iPhone, according to the court filing.

Google chucks rocks in glass house

obj058aIt seems that there is a large amount of pot calling kettle black when it comes to security.

Last month, Google angered Microsoft by releasing the details of a security vulnerability ahead of Microsoft’s Patch Tuesday. Microsoft said that the patch was set to be released two days after Google went live with the details and that they refused to wait an extra 48 hours so that the patch would have been released along with the details of the exploit.

That would all be fine but Google does not have the same standards for itself. An exploit has been uncovered in Android 4.3 (Jelly Bean) – which covers roughly 60 per cent of Android’s install base, according to the Android Developer dashboard – and Google is saying that they will not patch the flaw.

The flaw, which exists in WebView impacts nearly 1 billion users, when using Google’s own numbers as a base along with Gartner figures.

To make matters worse Jelly Bean was first announced in June of 2012, which means that Google is dropping support for its mobile OS less than three years after it was released.

Google is clearly stating that legacy support for the OS is not on their agenda even while phones are still being flogged with Jelly Bean under the bonnet.

The question is why if Google is being such a bastard about its own operating system is it so keen to throw Microsoft under the bus?

Cameron wants to read all internet communication

stupid cameronBritish Prime Minister David “one is an ordinary bloke” Cameron is insisting that he should be allowed to read any internet communication on the planet.

Cameron claims that there are places on the world wide wibble where terrorists can hide and he wants a  “comprehensive piece of legislation” to close the “safe spaces”. To do this he wants authorities to be able to access the details of communications and their content.

Apparently all the surveillance powers Cameron already has were not enough to stop an attack similar to the one which happened in Paris taking place in Blighty.

Mr Cameron said the recent attacks in Paris showed the need for such a move and he said he was comfortable that it was appropriate in a “modern liberal democracy”.  After all he and his chums will not be snooped on.

Speaking at an event in the East Midlands, Cameron said he recognised such powers were “very intrusive” but he believed that they were justified to counter the growing threat to the UK, as long as proper legal safeguards were in place.

The coalition introduced emergency legislation last year to maintain internet and phone companies’ obligation to store their customers’ personal communications data and to give access to the police.

But an attempt to extend these powers to include internet browsing history and social media sites were dropped following opposition from the Liberal Democrats.

Legislation would be needed to allow for “more modern forms of communication.”

He would also legislate in the “more contentious” area of the content of these online communications. There should be no “means of communication” which “we cannot read,” he said.

Previous governments had backed away from going down such a route, Cameron said, but he believed this would have to change so that, “in extremis,” such material could be obtained with a signed warrant from the home secretary.

It looks like voting him out will not get rid of such a law either — Labour leader Ed Miliband said it was important for security services to “keep up to date with technology” but said it had to be “done in the right way”, with “basic liberties” protected.

“That’s why we said there needs to be an independent look at these issues, to make recommendations about what needs to be changed for the future,” he added.

In other words, it is not fair you letting Cameron look at your emails I want a peek too.

Liberal Democrat Civil Liberties Minister Simon Hughes said he would not support “blanket powers” that would take away the liberties of “innocent civilians.”

What no one seems to be understanding is that if any government brings in laws the terrorists will work out a way to avoid them and it will be ordinary people who cannot get around the laws who will lose their privacy.

 

Anti-censorship killings mean more censorship

GodSilence It appears that all those European leaders standing against censorship moves of the Parisian terrorists have decided that the way to deal with them is by using more censorship.

In the wake of this week’s terrorist attacks in Paris, which began with the killing of 12 people at the offices of satirical publication Charlie Hebdo, the interior ministers of 12 EU countries have called for an increase in internet censorship.

France, Germany, Latvia, Austria, Belgium, Denmark, Spain, Italy, the Netherlands, Poland, Sweden and the U.K. said ISPs need to help “create the conditions of a swift reporting of material that aims to incite hatred and terror and the condition of its removing, where appropriate/possible”.

In other words, adopt a similar line to what has been agreed in the UK where ISPs use filters to stop citizens seeing “extremist” online content.

What this is supposed to do is not actually clear, governments have proved themselves unable to define what is a site designed to incite hatred and terror.  After all you would think that a site which calls for the dismantling of the European Union and for immigration to stop would be classed as hate speech but it is UKIP it is considered safe along with the comments section of the Daily Mail site.

Ironically the left wing Charlie Hebdo has itself frequently been accused of hate speech for its portrayal of Muslims and others. It has also been sued by the Roman Catholic Church several times for its anti-religion stance.

Ironically, this could mean that the newspaper which literally lost lives to anti-censorship could be closed as western governments try to protect themselves from Muslim censorship.