Archive

Archive for May, 2012

My news stories on Infosecurity Magazine, 31 May 2012

May 31, 2012 Leave a comment

My news stories today:

US difficulties over Megaupload case continue
In April we reported that a US judge voiced doubts over whether Megaupload would ever get to trial in the US; now there are doubts it will even get to the US.
31 May 2012

Military grade chips may not be as secure as we think
Sergei Skorobogatov and Chris Woods have discovered a backdoor into a military grade chip, permitting ‘a new and disturbing possibility of a large-scale Stuxnet-type attack via a network or the Internet on the silicon itself’.
31 May 2012

Today is a key day for ACTA in Europe
Three EU committees are today due to make recommendations on ACTA. So far, two have reported: do not ratify ACTA, they tell the European Parliament.
31 May 2012

Categories: All, Security News

The changing face of European politics

May 31, 2012 Leave a comment

Today all three European parliament committees due to vote on their ACTA recommendations came out clearly: do not ratify ACTA.

Courtesy of Rick Falkvinge, we ask: is this the beginning of the end for the old order? Is this the changing face of European politics?

Categories: All, Politics

My news stories on Infosecurity Magazine, 30 May 2012

May 30, 2012 Leave a comment

My news stories today:

Flaming Hack: What does ‘Flame’ mean for the rest of us?
We’ve all heard about Flame, the ‘mother of all cyberweapons’, the attack tool that takes cyberwarfare to a new level. But what does it actually mean for the rest of us?
30 May 2012

Neelie Kroes Promises champagne connection – for the wealthy
Neelie Kroes, European Commissioner for the Digital Agenda, has promised a champagne connection for those who can afford it.
30 May 2012

Assange’s appeal fails: extradition lawful – everything left to play for
By a majority of 5 to 2 (Lord Mance and Lady Hale dissented) the UK supreme court has this morning ruled that Julian Assange’s extradition to Sweden is lawful, “and his appeal against extradition is accordingly dismissed.” Assange was not present in court.
30 May 2012

Categories: All, Security News

My news stories on Infosecurity Magazine, 29 May 2012

May 29, 2012 Leave a comment

My news stories today:

Flame proves cyberwarfare is active
Cyberwarfare is an emotive and contentious issue. But the emergence of an extensive and sophisticated attack toolkit, Flame, apparently targeted against Iran removes all doubt: cyberwar is here and active.
29 May 2012

Google Apps for Business gets ISO 27001 certification
Google’s achievement in gaining ISO 27001 certification should be applauded; but users must remember that security in the cloud is a partnership between provider and user.
29 May 2012

Yahoo and TalkTalk confirm human error as security weakness
Two recent and separate events, involving Yahoo and TalkTalk, demonstrate that no amount of security policy or product can defend against the one great security weakness: human error.
29 May 2012

Categories: All, Security News

My news stories on Infosecurity Magazine, 28 May 2012

May 28, 2012 Leave a comment

My news stories today:

iOS 5.5.1 jailbreak done; iOS 6 jailbreak pending
On Friday, the iOS 5.5.1 untethered jailbreak, Absinthe 2, was released. Now the same team is already working on a jailbreak for iOS6. But users should consider this: you’re on your own if you jailbreak.
28 May 2012

UK’s new cookie law came into effect Sunday
UK websites can now only use cookies with the informed consent of their visitors. That’s the law – but is still far from the practice.
28 May 2012

Corporate response to mobile threats still confused
Tenable Network Security has released research from the RSA Conference 2012 and Infosecurity Europe 2012 comparing US and UK attitudes towards the mobile threat: confused, contradictory and inconsistent.
28 May 2012

Categories: All, Security News

Why did TheWikiBoat’s OpNewSon fail?

May 26, 2012 2 comments

TheWikiBoat’s OpNewSon, which commenced at midnight on Friday 25th May, falls somewhere between a fail and an abject fail.

It was announced on 11 April. “On the day of the operation, we plan to hit and attack several high corporate entities,” said TheWikiBoat. “Those targets are none other then the ones who ultimately rule: the high revenue making companies of the world.” The attack would be multi-phased: first a DDoS followed by a hack resulting in the leak of “highly classified data from the targets”.

Somehow, this description grew into an attack on 46 major global companies, including Bank Of America, Apple, Wal-Mart, Tesco and others. I can find no source for this, so it could either be journalistic licence or a passing comment on an IRC channel. I did a preview of OpNewSon on Infosecurity Magazine: TheWikiBoat’s OpNewSon fires today.

But OpNewSon never matched its claims. In the event, it seems that only one site, BethBlog, was attacked with debatable success. BethBlog is the online home of Bethesda Software, a game developer and publisher and not of “the ones who ultimately rule”. In security terms it would be classified a soft target.

So what do we make of TheWikiBoat now? Is it a group of wannabees looking for the notoriety of LulzSec and the fame of Anonymous, but with more chutzpah than skill? That is bound to be the first reaction, and it may well be right. It may also be wrong.

TheWikiBoat seems to be blaming VoxAnon for pulling the IRC channel and effectively leaving the wiki boat without a rudder. Given the global nature of its members and the many different time zones involved, it became impossible to focus the fire power. Could be. Or it could be the group just didn’t get the LOIC critical mass; it could be they didn’t have the fire power to focus.

Either way, you cannot imagine either Anonymous or LulzSec making such a mess of such a well publicised plan. Personally, I hope TheWikiBoat disbands. If they have skills, then they should use their skills for good. Lulz for lulz sake is just childish. And if they are wannabees, they should simply grow up. There is already too much wrong in this world to add to it.

Categories: All, Security Issues

News stories on Infosecurity Magazine: 17, 18, 21 and 22 May, 2012

May 25, 2012 Leave a comment

My recent news stories…

Security: do as I say, not as I do
While the role of the CISO is increasingly recognized – usually reporting directly to the board and sometimes sitting on the board – the problems it faces is highlighted by a new Cryptzone survey: security policy doesn’t apply to senior management.
25 May 2012

The rightsholders’ war of attrition against the internet
Google’s Transparency Report now provides a new section on copyright, “disclosing the number of requests… to remove Google Search results because they allegedly link to infringing content.”
25 May 2012

TheWikiBoat’s OpNewSon fires today
TheWikiBoat, a new hacking group that uses techniques and tools similar to Anonymous, but for the lulz rather than the principle, plans to launch its first major operation, #OpNewSon, today.
25 May 2012

Google describes the winning hack at Pwnium
Each year the CanSecWest conference runs the pwn2own hacking contest against leading browsers: Chrome, Firefox, IE and Safari. This year Google withdrew its sponsorship and set up its own Chrome specific contest: Pwnium, an extension of the Chromium Security Rewards program.
24 May 2012

Clueful – an app to describe app behavior
Earlier this year social networking company Path was hauled over the coals by both users and Apple for automatically uploading users’ iPhone address books. This, says Apple, is “in violation of our guidelines.”
24 May 2012

FCC’s net neutrality rules may be tested by VoIP
Bad blood in a local dispute in Georgia leads to request for the FCC to proceed “with corrective action as required or as deemed necessary… to protect the national and global interest of the public and the internet application industry alike.”
24 May 2012

Long-standing secret meetings between Canadian telcos and government on C-30
Michael Geist, a law professor at the University of Ottawa specializing in internet and e-commerce law, has discovered secret talks between Canadian telcos and the government on internet surveillance.
23 May 2012

McAfee Q1 Threats Report
The latest quarterly McAfee threats report shows cyber threats increasing across the board: PC, Mac, mobile malware; botnets and hacktivism are all on the rise.
23 May 2012

Monday Mail Mayhem: Anonymous dumps 1.7GB from the DoJ
Monday Mail Mayhem was this week launched by Anonymous starting with the Pirate Bay dump of a 1.7GB database stolen from the Department of Justice, and the release of the traditional Anonymous video announcement.
23 May 2012

Categories: Security News, All
Follow

Get every new post delivered to your Inbox.

Join 138 other followers