MI5 warns over China spy threat

,----[ Quote ]
| Earlier this week, China said that it too had been attacked by computer
| hackers. Meanwhile, other experts say that hackers outside of China may be
| using the country's many insecure computers and networks to disguise their
| locations.
`----

http://news.bbc.co.uk/1/hi/world/africa/7123970.stm


Related:

World on the brink global cyber warfare?

,----[ Quote ]
| At the height of these attacks, 20,000 networks of compromised computers were
| linked, and analysis of the malicious traffic showed that computers from the
| United States, Canada, Brazil, Vietnam and others were involved. *
`----

http://www.itwire.com/index.php?opti...r+your+vote%21


In zombies we trust

,----[ Quote ]
| A little over a year ago, I wrote an editorial where in back-of-the-envelope
| style (.pdf) I estimated that perhaps 15-30% of all privately owned computers
| were no longer under the sole control of their owner. In the intervening
| months, I received a certain amount of hate mail but in those intervening
| months Vint Cert guessed 20-40%, Microsoft said 2/3rds, and IDC suggested
| 3/4ths. It is thus a conservative risk position to assume that any random
| counterparty stands a fair chance of being already compromised. * * *
`----

http://blogs.zdnet.com/security/?p=661


Over 50% of corporate desktops infected with malware: IronPort

,----[ Quote ]
| The report also reveals that more than 50% of corporate desktops
| worldwide are infected with some type of spyware with the rate of
| infection as high as 70% in the United States. Trojans or malicious
| system monitors represented over 7% of the infections. Rootkits and
| trick loaders, which reinstall spyware and other obfuscation techniques,
| make remediation very difficult thus prevention is the key to stopping
| these threats.
`----

http://www.crn-india.com/breakingnew...ies/66870.html


Botnet 'pandemic' threatens to strangle the net

,----[ Quote ]
| Cerf estimated that between 100 million and 150 million of the
| 600 million PCs on the internet are under the control of hackers,
| the BBC reports.
`----

http://www.theregister.co.uk/2007/01/26/botnet_threat/


China Crafts Cyberweapons

,----[ Quote ]
| The Defense Department reports China is building cyberwarfare
| units and developing viruses.
`----

http://www.pcworld.com/article/id,13...icle.html(News)


Estonia suspects Kremlin in Web attacks

,----[ Quote ]
| He said more than 1 million computers worldwide have been used in
| recent weeks to attack Estonian government and business Web sites
| since a dispute arose with Moscow over Estonia's moving of a
| Soviet-era war memorial from downtown Tallinn.
`----

http://www.cnn.com/2007/TECH/interne...?eref=rss_tech


U.S. cyber counterattack: Bomb 'em one way or the other

,----[ Quote ]
| If the United States found itself under a major cyberattack aimed
| at undermining the natio's critical information infrastructure,
| the Department of Defense is prepared, based on the authority of
| the president, to launch a cyber counterattack or an actual
| bombing of an attack source.
`----

http://www.networkworld.com/news/200...r-attacks.html


US plans for cyber attack revealed

http://www.theinquirer.net/default.aspx?article=37563


Homeland Security sees cyberthreats on the rise

,----[ Quote ]
| To test the nation's response to a cyberattack, the Department
| of Homeland Security plans to hold another major exercise,
| called Cyberstorm II, in March 2008, Garcia said. A first
| such exercise happened early last year.
`----

http://news.com.com/2100-7355_3-6157...0-20&subj=news
http://tinyurl.com/2dpbmv


Zombie botnets attack global DNS servers

,----[ Quote ]
| Hackers launched a sustained attack last night against key root servers
| which form the backbone of the internet.
|
| Security firm Sophos said that botnets of zombie PCs bombarded the
| internet's domain name system (DNS) servers with traffic.
|
| "These zombie computers could have brought the web to its knees,"
| said Graham Cluley, senior technology consultant at Sophos.
`----

http://www.vnunet.com/vnunet/news/21...-attack-global


Perspective: *Microsoft security--no more second chances?

,----[ Excerpt ]
| CNET News.com's Charles Cooper says the software maker is running out
| of excuses for a history of poor security.
`----

,----[ Quote ]
| As if Homeland Security Secretary Michael Chertoff didn't have enough on
| his plate.
|
| Not only has he had to deal with Katrina and Osama. Now he's also got to
| whip Steve Ballmer and the crew at Microsoft into shape. If past is
| prologue, that last task may be the most daunting of all.
`----

http://news.com.com/2010-1002_3-6104...4512&subj=news


Botnet 'pandemic' threatens to strangle the net

,----[ Quote ]
| Cerf estimated that between 100 million and 150 million of the
| * * * * * * * * * * * * * * ^^^^^^^^^^^^^^^^^^^^^^^^^^^
| 600 million PCs on the internet are under the control of hackers,
| * * * * * * * * * * * * * * * * * * ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
| the BBC reports. "Despite all that, the net is still working,
| which is pretty amazing. It's pretty resilient," he said.
`----

http://www.theregister.co.uk/2007/01/26/botnet_threat/


EveryDNS, OpenDNS Under Botnet DDoS Attack

,----[ Quote ]
| The last time the Web mob (spammers and phishers using botnets)
| decided to go after a security service, Blue Security was forced
| to fold and collateral damage extended to several businesses,
| including Six Apart.
`----

http://securitywatch.eweek.com/explo...os_attack.html


Duh! Windows Encryption Hacked Via Random Number Generator

,----[ Quote ]
| GeneralMount Carmel, Haifa – A group of researchers headed by Dr. Benny
| Pinkas from the Department of Computer Science at the University of Haifa
| succeeded in finding a security vulnerability in Microsoft's "Windows 2000"
| operating system. The significance of the loophole: emails, passwords, credit
| card numbers, if they were typed into the computer, and actually all
| correspondence that emanated from a computer using "Windows 2000" is
| susceptible to tracking. "This is not a theoretical discovery. Anyone who
| exploits this security loophole can definitely access this information on
| other computers," remarked Dr. Pinkas.
|
| Editors Note: I believe this "loophole" is part of the Patriot Act, it is
| designed for foreign governments. Seriously, if you care about security,
| privacy, data, trojans, spyware, etc., one does not run Windows, you run
| Linux.
`----

http://www.linuxelectrons.com/news/g...mber-generator


"Trusted" Computing

,----[ Quote ]
| Do you imagine that any US Linux distributor would say no to the
| US government if they were requested (politely, of course) to add
| a back-door to the binary Linux images shipped as part of their
| products ? Who amongst us actually uses the source code so helpfully
| given to us on the extra CDs to compile our own version ? With
| Windows of course there are already so many back-doors known and
| unknown that the US government might not have even bothered to
| ask Microsoft, they may have just found their own, ready to
| exploit at will. What about Intel or AMD and the microcode on
| the processor itself ?
`----

http://tuxdeluxe.org/node/164


,----[ Quote ]
| In relation to the issue of sharing technical API and protocol
| information used throughout Microsoft products, which the
| states were seeking, Allchin alleged that releasing this
| information would increase the security risk to consumers.
|
| "It is no exaggeration to say that the national security is
| also implicated by the efforts of hackers to break into
| computing networks. Computers, including many running Windows
| operating systems, are used throughout the United States
| Department of Defense and by the armed forces of the United
| States in Afghanistan and elsewhere."
`----

http://en.wikipedia.org/wiki/Jim_Allchin


How NSA access was built into Windows

,----[ Quote ]
| A careless mistake by Microsoft programmers has revealed that
| special access codes prepared by the US National Security Agency
| have been secretly built into Windows.
|
| [...]
|
| The first discovery of the new NSA access system was made two years
| ago by British researcher Dr Nicko van Someren. But it was only a
| few weeks ago when a second researcher rediscovered the access
| system. With it, he found the evidence linking it to NSA.
`----

http://www.heise.de/tp/r4/artikel/5/5263/1.html


NSA Builds Security Access Into Windows

,----[ Quote ]
| A careless mistake by Microsoft programmers has shown that special access
| codes for use by the U.S. National Security Agency (NSA) have been secretly
| built into all versions of the Windows operating system.
`----

http://www.techweb.com/wire/story/TWB19990903S0014


House passes Restore Act with no telecom immunity provision

,----[ Quote ]
| The House of Representatives has passed the Restore Act, which facilitates
| broad surveillance of foreign terror groups while restoring the Foreign
| Intelligence Surveillance Act Court's oversight of communications between
| foreign and domestic surveillance targets. The Restore Act controversially
| does not include a provision granting telecom companies retroactive legal
| immunity for their involvement in the NSA wiretap program. * * *
`----

http://arstechnica.com/news.ars/post...provision.html


,----[ Quote ]
| "Is this a good idea or not? For the first time, the giant software maker
| is acknowledging the help of the secretive agency, better known for
| eavesdropping on foreign officials and, more recently, U.S. citizens as
| part of the Bush..."
`----

http://www.schneier.com/blog/archive...s_micro_1.html


Microsoft could be teaching police to hack Vista

,----[ Quote ]
| Microsoft may begin training the police in ways to break the
| encryption built into its forthcoming Vista operating system.
`----

http://www.vnunet.com/vnunet/news/21...ng-police-hack


UK holds Microsoft security talks

,----[ Quote ]
| "UK officials are talking to Microsoft over fears the new version of
| Windows could make it harder for police to read suspects' computer files."
`----

http://news.bbc.co.uk/1/hi/uk_politics/4713018.stm


Microsoft patents the mother of all adware systems

,----[ Quote ]
| The adware framework would leave almost no data untouched in its quest to
| sell you stuff. It would inspect "user document files, user e-mail files,
| user music files, downloaded podcasts, computer settings, computer status
| messages (e.g., a low memory status or low printer ink)," and more. How could
| we have been so blind as to not see the marketing value in computer status
| messages? * *
`----

http://arstechnica.com/news.ars/post...e-systems.html


Why proprietary code is bad for security

,----[ Quote ]
| Tho Skype is using an encrypted protocol, it’s still their own, non-disclosed
| code and property. So we don’t know what it contains.
|
| [...]
|
| It’s time to stop accepting that we are the bad guys, and to stop consuming
| things we just don’t understand (and cannot, because they are proprietary, *
| closed-source systems).
|
| Say no to companies, or even governments who treat you like this. Start using
| open sourced products and protocols wherever you can. Even if you could
| still never understand the code used in these systems, there are still lots
| of people who can, and who will examine it. The magic word here is “peer
| review” - your friend or buddy or neighbour may be able to understand all
| that, and to help. No, not with Skype or Windows or any black box from Cisco. * * *
`----

http://wolfgang.lonien.de/?p=394


Beware of Skype

,----[ Quote ]
| The Skype network has been a concern of government intelligence agencies
| since its inception because it provides a worldwide network of encrypted VoIP
| calls to potential “terrorists”. So how coincidental is it that 10 days after
| Bush signs into law a Bill giving the government authority to track foreign
| calls that go through U.S. networks that Skype, for the first time in its
| existence, undergoes a massive worldwide outage? * *
|
| [...]
|
| But there are FOSS alternatives to Skype people really should start
| considering now. One is the OpenWengo Project. Businesses, and even
| individuals, should also consider setting up their own Asterisk servers with
| encryption. *
`----

http://www.freesoftwaremagazine.com/node/2479


Skype staff play good cop bad cop with Linux users

,----[ Quote ]
| Thank goodness for another staff member, Ryan Hunt, who injected a
| little decorum into the thread, and more than a little honesty, by
| admitting “With 1.4 we're taking it back to basics so we can do it
| right - because that's what you deserve” and stating that “One of
| the features at the heart of 1.4 is the greatly improved audio
| quality and stability.
`----

http://www.daniweb.com/blogs/entry1501.html


Spy Master Admits Error

,----[ Quote ]
| Intel czar Mike McConnell told Congress a new law helped bring down a terror
| plot. The facts say otherwise.
`----

http://www.msnbc.msn.com/id/20749773/site/newsweek/


FBI ducks questions about its remotely installed spyware

,----[ Quote ]
| There are plenty of unanswered questions about the FBI spyware that, as we
| reported earlier this week, can be delivered over the Internet and implanted *
| in a suspect's computer remotely.
`----

http://news.com.com/8301-10784_3-9747666-7.html


United States Government Online Watchdogs? Part of the war on terror?

,----[ Quote
| Is there anyone in the abandonia community with a US based connection who is
| experiencing this watchdog behavior? Are any foreign Vista users experiencing
| similar attacks from their own countries ministries and governing agencies?" *
`----

http://www.whitedust.net/news/3984/U...on_terror?.../


Back doors in Windows XP...

http://www.youtube.com/watch?v=KGlNTEQ0RzM


Mother of all spyware...

http://news.softpedia.com/news/Forge...ft-58752.shtml


Police eats your CPU cycles and disk space...

,----[ Quote ]
| Vista—Microsoft’s latest operating system—may prove to be most
| appropriately named, especially for those seeking evidence of how a
| computer was used.
`----

http://www.abanet.org/journal/ereport/jy13tkjasn.html


Will Microsoft Put The Colonel in the Kernel?

,----[ Quote ]
| "The kernel meets The Colonel in a just-published Microsoft patent
| application for an Advertising Services Architecture, which delivers targeted
| advertising as 'part of the OS.' *
`----

http://slashdot.org/article.pl?sid=07/07/14/043200


Austria OKs terror snooping Trojan plan

,----[ Quote ]
| Austria has become one of the first countries to officially sanction the use
| of Trojan Horse malware as a tactic for monitoring the PCs of suspected
| terrorists and criminals. *
|
| [...]
|
| Would-be terrorists need only use Ubuntu Linux to avoid the ploy. And even if
| they stuck with Windows their anti-virus software might detect the malware.
| Anti-virus firms that accede to law enforcement demands to turn a blind eye
| to state-sanctioned malware risk undermining trust in their software, as
| similar experience in the US has shown. * *
`----

http://www.theregister.co.uk/2007/10...utonic_trojan/


Schäuble renews calls for surreptitious online searches of PCs

,----[ Quote ]
| In his speech towards the end of the national conference of the Junge Union,
| the youth organization of the ruling conservative Christian Democratic Union
| (CDU), in Berlin the Federal Minister of the Interior Wolfgang Schäuble has
| again come out in favor of allowing authorities to search private PCs
| secretly online and of deploying the German Armed Forces in Germany in the
| event of an emergency. * *
`----

http://www.heise.de/english/newstick...755/from/rss09