A few of my recent stories on Infosecurity Magazine over the last couple of days…
Peter the Great beats Sun Tzu in cybercrime
Despite the hoohaa about the ‘Chinese cyberthreat’ (in reality, read east Asia), Russia’s Peter the Great (in reality, read east Europe) is beating Sun Tzu in modern cyber wargames. Eastern Europe has better cybercriminals than eastern Asia.
Beware of iPhone delivery phishes
iPhone pre-orders are now showing a 3-4 week shipping estimate. Since Apple announced that 2 million pre-orders were sold for the iPhone 5 in just 24 hours, delivery delays are not likely to disappear quickly.
NullCrew: the principled hacker group?
In a wide-ranging interview broadcast over online Spreaker radio but conducted probably via IRC, UK Anon Winston Smith has been talking to Null, the leader of the NullCrew hacking group.
Quantum Key Distribution takes to the air
An aircraft in flight has successfully transmitted quantum encryption keys to a ground station, bringing closer the time when satellites can be used to provide a theoretically (allegedly) secure communications network.
YouTube declines to remove Mohammad video clip
Asked by the White House to reconsider whether the infamous Mohammad video clip is in violation of its terms of service, Google has replied that it is not. Although it is blocking the clip in Egypt, Libya, Indonesia and India, this, says Google, is in keeping with local laws.
AlienVault doxes the man behind the PlugX RAT
AlienVault has been tracking the PlugX remote access trojan for some months, and following extensive detective work has now uncovered enough information to name the person behind it.
My recent news stories…
Security: do as I say, not as I do
While the role of the CISO is increasingly recognized – usually reporting directly to the board and sometimes sitting on the board – the problems it faces is highlighted by a new Cryptzone survey: security policy doesn’t apply to senior management.
25 May 2012
The rightsholders’ war of attrition against the internet
Google’s Transparency Report now provides a new section on copyright, “disclosing the number of requests… to remove Google Search results because they allegedly link to infringing content.”
25 May 2012
TheWikiBoat’s OpNewSon fires today
TheWikiBoat, a new hacking group that uses techniques and tools similar to Anonymous, but for the lulz rather than the principle, plans to launch its first major operation, #OpNewSon, today.
25 May 2012
Google describes the winning hack at Pwnium
Each year the CanSecWest conference runs the pwn2own hacking contest against leading browsers: Chrome, Firefox, IE and Safari. This year Google withdrew its sponsorship and set up its own Chrome specific contest: Pwnium, an extension of the Chromium Security Rewards program.
24 May 2012
Clueful – an app to describe app behavior
Earlier this year social networking company Path was hauled over the coals by both users and Apple for automatically uploading users’ iPhone address books. This, says Apple, is “in violation of our guidelines.”
24 May 2012
FCC’s net neutrality rules may be tested by VoIP
Bad blood in a local dispute in Georgia leads to request for the FCC to proceed “with corrective action as required or as deemed necessary… to protect the national and global interest of the public and the internet application industry alike.”
24 May 2012
Long-standing secret meetings between Canadian telcos and government on C-30
Michael Geist, a law professor at the University of Ottawa specializing in internet and e-commerce law, has discovered secret talks between Canadian telcos and the government on internet surveillance.
23 May 2012
McAfee Q1 Threats Report
The latest quarterly McAfee threats report shows cyber threats increasing across the board: PC, Mac, mobile malware; botnets and hacktivism are all on the rise.
23 May 2012
Monday Mail Mayhem: Anonymous dumps 1.7GB from the DoJ
Monday Mail Mayhem was this week launched by Anonymous starting with the Pirate Bay dump of a 1.7GB database stolen from the Department of Justice, and the release of the traditional Anonymous video announcement.
23 May 2012
There is a new jailbreak for the Apple 4S called Absinthe (a strong alcoholic drink prepared from wormwood and largely banned for its toxicity). I have written about this for Infosecurity Magazine here.
But what I want to consider now is perhaps more philosophic: is a jailbroken iPhone basically an Android? Opinions vary.
David Harley, the independent researcher behind the Mac Virus website, thinks ‘not really’. Jailbreaking alters the Apple’s kernel. If this is done you would get no further support from Apple. As a result, software that really requires co-operation between the developer of the software and the developer of the hardware would be at a disadvantage. Anti-virus software running on a jailbroken Apple, for example, would suffer. “So no,” he says, “jailbreaking isn’t precisely analogous to an unrooted Android: while most Android AV is pretty patchy in performance, you can get AV that could be described as commercial standard.”
But yes, thinks Luis Corrons of PandaLabs. “At the end of the day, the main difference between both platforms is that Android gives me, as a user, the option to decide what applications I want to install.” Confirming his view, Luis has a jailbroken iPad 1 and used to use a jailbroken iPhone 3GS (which he has now replaced with an Android Galaxy SII).
Kaspersky’s David Emm has a similar view. “It’s the commercial models taken by Apple and Google that are different.” The result of these commercial differences is that a jailbroken Apple has access to hundred of thousands of secure apps plus a few hundred unknown apps from Cydia Store. Android users have access to hundreds of thousands of unknown apps. The inference I draw, unstated by David, is that a jailbroken iPhone remains more secure, albeit more restricted, than an Android.
So what can we conclude? Not a lot really. If you jailbreak an iPhone you can technically gain the freedom inherent in an Android – but since most users will still be limited to third-party apps, you don’t gain many more. And you lose the security of the iPhone. In the final analysis, you simply pay your money and take your choice: Apple if you want security; Android if you want freedom. Jailbreaking seems to give you neither.
Absinthe download (unchecked, unverified)
“I have been saying for years,” said Philippe Courtot, chairman and CEO of Qualys, “that we are simply not meant to be dependent on a huge complex operating system like Windows on the desktop; and that in the future, most of our computing will be done in the cloud.”
That prediction is now coming true with shrinking clients and expanding clouds. “Look at the audience of technology professionals in any conference,” he continued. “They’ve all got their iPads and or their smartphones; and nothing else. You can get your email on your smartphone; and if you need to write a longer report you can use your iPad and Google Apps.” We no longer need, and probably never wanted, bloated operating systems on huge desktop computers that served primarily to shackle us to our desks.
We were actually talking about security and the cloud. Courtot’s point here is that because of the cloud, we now only need thin clients. This has two ramifications. Firstly, use of the cloud will, counterintuitively, make us more secure since thin clients can more easily be hardened; and secondly, tied-down clients have a head-start on open clients.
Think of this last point. As we enter the Second Computer Wars (the First Computer Wars was 25 years ago between Apple and Microsoft, and the theatre was The Desktop; this one is between Apple and Google, and the theatre is The Internet), we must remember that weapons have changed. In the first war, Apple lost because it was closed. But in this war we must ask ourselves whether that very closed nature is now an advantage. Philippe Courtot certainly seems to think so.
Today it is closed Apple versus open Android/Chrome. “Microsoft and Nokia will be left in the dust,” adds Courtot; they each took wrong turnings. Microsoft thought it could carry on with its old philosophy while Nokia never really committed itself one way or the other.
Android versus iOS. Open versus closed. Logic leans towards closed; my heart hopes for open.
EFF has won a major victory against abuse of DMCA: it has won two critical exemptions against the misuse of copyright law to shackle the hand of the consumer. In particular, smartphone jailbreakers can no longer be sued under DMCA.
The Copyright Office recognizes that the primary purpose of the locks on cell phones is to bind customers to their existing networks, rather than to protect copyrights. The Copyright Office agrees with EFF that the DMCA shouldn’t be used as a barrier to prevent people who purchase phones from keeping those phones when they change carriers. The DMCA also shouldn’t be used to interfere with recyclers who want to extend the useful life of a handset.
Jennifer Granick, EFF’s Civil Liberties Director
You could almost say that the EFF guided the hand of the copyright office in giving Apple a bloody nose (well, I’d like to think so, anyway):
When one jailbreaks a smartphone in order to make the operating system on that phone interoperable with an independently created application that has not been approved by the maker of the smartphone or the maker of its operating system, the modifications that are made purely for the purpose of such interoperability are fair uses.
A second victory is for remixers. The new rule holds that amateur creators do not violate the DMCA when they use short excerpts from DVDs in order to create new, noncommercial works for purposes of criticism or comment if they believe that circumvention is necessary to fulfill that purpose. Hollywood has historically taken the view that “ripping” DVDs is always a violation of the DMCA, no matter the purpose.
Noncommercial videos are a powerful art form online, and many use short clips from popular movies. Finally the creative people that make those videos won’t have to worry that they are breaking the law in the process, even though their works are clearly fair uses. That benefits everyone — from the artists themselves to those of us who enjoy watching the amazing works they create.
Corynne McSherry, EFF’s Senior Staff Attorney
Sophos has released a free iPhone app – the Sophos Security Threat Monitor, available for download from the iTunes App Store. It provides hourly worldwide threat updates via SophosLabs, including (and usefully) the latest subject lines being used in spam campaigns.
People are spending less and less time chained to their desks, and an app like this gives users access to the very latest security information, wherever they are. Sophos Security Threat Monitor is updated hourly by our analysts based around the world. Rather than merely providing text-based statistics, we’ve made it easy for users to understand the latest malware attacks, with alerts and information delivered straight to their iPhone, iPod Touch or iPad.
Graham Cluley, senior technology consultant at Sophos