The agency just released its file on Jobs, compiled during a background check conducted in the 1990s, when Jobs was being considered for a spot on a White House council on exports. And, with the exception of a noteworthy nugget or two, it’s about as mundane as they come.

If you’ve read Walter Isaacson’s biography of Jobs — or, frankly, any newspaper obituary of the man — then you’re already as well-informed on his life and peccadilloes as the FBI.

Put it this way: Among the highlights of the agency’s 191-page dossier is the observation that Jobs was a former hippie: “During the late 1960s and early 1970s, Mr. Jobs may have experimented with illegal drugs, having come from that generation.”

A few others:

• Jobs had a tendency to “twist the truth and distort reality in order to achieve his goals.”
• Jobs underwent a “change in philosophy by participating in eastern and/or Indian mysticism and religion. This change apparently influenced his personal life for the better.”
• Jobs was “strongwilled, stubborn, hardworking and driven, which … is why he is so successful.
• Jobs liked to get his way.
• Jobs was not a member of the communist party.
• Jobs did “an outstanding job in the computer industry.”

Really, the FBI’s only discovery of note was that Jobs was inexplicably granted Top Secret security clearance by the Defense Industrial Security Clearance Office between 1988 and 1990. Oddly, those credentials were issued by Pixar, which may have done some government work around that time.

Beyond that? Not much. Had Isaacson written his biography of Jobs a few decades earlier, he would have saved the FBI a hell of a lot of work.

Below, the report in its entirety:

Jobs

“I didn’t want the password to live in an email somewhere. I started thinking, what if there was something that would allow me to destroy the email?” Robbins said in an interview.

The thought stayed with him, and by summer, Robbins had dropped the other project to turn his full attention to building a service for hyper-secure email exchanges. He named the service Burn Note.

Burn Note, which opens up to the public today, allows the sender of an email to set a time frame in which the receiver can read an email before the email disappears.

At that point, the email no longer exists — anywhere.

Burn Note’s Web site says the service uses no binary logging, which means there are no standby servers, or backup copies of emails. The company uses a storage engine that has no journaling capabilities, and an underlying file system that logs metadata but not the content of the notes themselves.

While grabbing an image of the email might seem like a simple workaround, Robbins said he has introduced two methods to the service that make it extremely difficult for recipients to quickly copy the text of an email for posterity. Burn Notes can include Web links, but can’t send attached files, though Robbins has said attachments are in the works.

“I think there are a lot of legitimate uses for why people would want an off-the-record conversation,” Robbins said. “The message goes away, but it’s still been communicated to the recipient, which is the point.”

Robbins most recently served as the head of software development for Facebook-acquired Drop.io; he said the Burn Note service was partly inspired by that cloud-storage service. “There was a feature that we considered, but ultimately didn’t turn on, where a file could have a certain number of views before it self-destructed,” Robbins said.

While there currently aren’t any mobile apps for Burn Note, Robbins said that it’s a mobile-optimized Web site, so it can be accessed from a phone with a Web browser.

Highly encrypted or “vanishing” email services aren’t new. In 1999, Canada-based Hush Communications launched Hushmail, a free Web-based email system for individuals and businesses that sent PGP — Pretty Good Privacy — encrypted emails. As Wired reported, it was originally stated that “uniquely-coded” Hushmails were so encrypted that not even Hush employees with access to servers could read the emails.

But in 2007, Hush turned over a dozen CDs of emails, following a court order obtained through a mutual assistance treaty between the U.S. and Canada. The evidence was requested as part of a U.S. federal prosecution of alleged steroid dealers. The company subsequently acknowledged that Hushmails could, in some instances, be decrypted.

In 2009, the New York Times wrote about a group of scientists at the University of Washington who developed software that would make email messages disappear after a period of time. The software, called Vanish, would rely on a key-based encryption system that differed from the usual key cryptography used in digital communications, by making the “keys” erode over time.

A couple of months after that, “Freedom to Tinker,” which is hosted by Princeton’s Center for Information Technology Policy, released a paper detailing a series of experimental attacks against the Vanish prototype. The paper stated that Vanish should be considered too risky to rely on.

On a Web site for Vanish, the group acknowledged that the implementation on which Vanish was based was not adequately protected against attacks, and says it’s “investigating new directions and architectures for self-destructing data.”

Burn Note’s Robbins says Hushmail’s service and the Vanish project are different from Burn Note because those products rely on encryption keys, while Burn Note is effectively reengineering the default settings of computer systems and server systems so that nothing at all is saved.

When asked what Burn Note’s protocol would be for handling requests from law-enforcement officials for email exchanges, Robbins replied, “Burn Notes aren’t emails.”

He went on to say that the exchange of Burn Notes is more comparable to phone calls in that, unless they’re recorded, the exchange itself can’t be retrieved.

But Burn Note — unlike phone companies — doesn’t keep a log of who is communicating with whom. Robbins said the company plans to compile and study anonymous usage data, but will keep two separate logs — incoming messages and outgoing messages — rather than a log of messages exchanged between users. According to the company’s explanation of its technical procedures, even the time stamp on the message is anonymized: Burn Note rounds the times to the nearest hour so that timing cannot be used as a unique identifier.

“A lot of services launch to acclaim that they’re going make digital communications disappear,” said Paul Ohm, an associate professor of law focused on information privacy at the University of Colorado Law School. “But they sometimes become that place where bad people go to exchange information, or a haven for criminals. In order for this work, you have to stay on the side of legitimacy.”

“It’s never a complete dead end,” Ohm added. “There has to be data living somewhere, and there’s always a way to engineer around these systems.”

While Burn Note will at first be marketed to the average email user, Robbins said he hopes to attract attention from the enterprise market. “I think there’s a really interesting set of use cases around banks, especially if it can be made to plug in to existing systems,” he said.

When asked how Burn Note might comply with the record-keeping obligations of U.S. financial institutions have, Robbins said it would require a case-by-case evaluation.

“I don’t have a good answer for that, because it will require review by a legal professional before we can fully work through that type of situation,” Robbins said. He pointed to the company’s privacy policy, which plainly states:

“If you have a legal obligation to preserve data, do not use Burn Note.”

The move came a day after Washington lawmakers were besieged by complaints about legislation designed to crack down on the online sharing of pirated copies of music, movies and other material, people familiar with the matter said.

Read the rest of this post on the original site »

Stingrays are designed to locate a mobile phone even when it’s not being used to make a call. The Federal Bureau of Investigation considers the devices to be so critical that it has a policy of deleting the data gathered in their use, mainly to keep suspects in the dark about their capabilities, an FBI official told The Wall Street Journal in response to inquiries.

A stingray’s role in nabbing the alleged “Hacker” — Daniel David Rigmaiden — is shaping up as a possible test of the legal standards for using these devices in investigations. The FBI says it obtains appropriate court approval to use the device.

Read the rest of this post on the original site »

Agents in the Federal Bureau of Investigation’s Washington field office and fraud prosecutors in the Justice Department’s Criminal Division are handling a criminal investigation, which has been under way for at least a year, according to people familiar with the matter. Attorneys at the Securities and Exchange Commission are also investigating for possible civil violations, these people said.

Read the rest of this post on the original site »

The hacking group Anonymous claimed via its Twitter feed to have breached servers belonging to NATO, the North Atlantic Treaty Organization military alliance that has largely been responsible for the military defense of Europe since the end of World War II.

So far, three PDF copies of documents the group claimed to have taken in the attack were circulating on a sharing site devoted to PDF documents. Two were marked “NATO Restricted” and appear to have been removed from the PDFCast site.

I haven’t seen the first two, but the Telegraph described one as a working paper on communications systems used by NATO forces in Afghanistan, and was said to include technical and procurement information. A second concerned a plan to outsource communications for NATO forces stationed in Kosovo. If it sounds exciting, then I have some news for you: It’s not.

“Restricted” may sound important. As the Register points out, in the taxonomy of document labels, “Restricted” is for documents of relatively low importance. Anonymous is crowing like it has just broken into a trove of NATO’s deepest secrets. It appears instead they’ve taken some documents relating to relatively mundane workaday operations.

Higher up the scale are documents that get stamped “Confidential,” then “Secret” and then “Top Secret.”

A third document which just emerged via the @AnonymousIRC Twitter feed is a 59-page document concerning NATO security procedures. It is marked “NATO Unclassified” which is actually even lower on the totem pole than “Restricted.” The only restriction is that they’re subject to NATO copyright and can only be released with NATO permission. Not that NATO is going to care very much. This very document has been floating around since 2006.

We are sitting on about one Gigabyte of data from NATO now, most of which we cannot publish as it would be irresponsible. But Oh NATO….

July 21, 2011 3:57 am via Power TwitterReplyRetweetFavorite

@AnonymousIRC

AnonymousIRC

Hi NATO. Yes we haz more of your delicious data. You wonder where from? No hints, your turn. You call it war; we laugh at your battleships.

July 21, 2011 6:23 am via Power TwitterReplyRetweetFavorite

@AnonymousIRC

AnonymousIRC

This one isn’t restricted but ironic: http://t.co/A86jUGX | It describes security procedures within NATO. Well, seems nobody ever read them.

July 21, 2011 7:29 am via Power TwitterReplyRetweetFavorite

@AnonymousIRC

AnonymousIRC

NATO issued a statement saying that it is aware of the claim of the breach and is investigating. And it certainly will, but it’s not as if significant alarm bells are likely to be ringing at NATO Headquarters over this, at least not from the documents seen so far, though the group claims to be holding back on releasing some documents it says “most of which we cannot publish as it would be irresponsible.” It promises more releases in the coming days.

Meanwhile, if that weren’t enough, Anonymous and its ally LulzSec jointly taunted the FBI today. Responding to a quote given to National Public Radio in the story below, the groups issued a joint statement saying, “Your threats to arrest us are meaningless.” The statement appears below the radio story.

For those not keeping score, LulzSec is the group that claimed credit for attacking Sony umpteen times, then went on to attack other game companies and the U.S. Senate, then stole emails and other documents from servers belonging to the Arizona State Police. It also stole internal documents from AT&T.

LulzSec in recent weeks claimed it had been absorbed by the larger group Anonymous, but the lines appear to be blurring again, as it is at times active under its own banner. Two people connected to LulzSec’s activities were among 16 arrested in a nationwide FBI operation earlier this week. Fourteen others were arrested in connection with a denial of service attack against PayPal in sympathy with WikiLeaks.

The new statement is in reaction to a statement by an FBI assistant director saying the bureau wants to “send a message” about computer crime. The hacker group’s reaction essentially dares law enforcement to take further action. Something tells me they may get their wish.

The 14 arrested in Alabama, Arizona, California, Colorado, the District of Columbia, Florida, Massachusetts, Nevada, New Mexico and Ohio have been indicted by a federal grand jury in San Jose, California. I’ve embedded the complaint below.

Two others were arrested on similar charges on two separate complaints in Florida. The Florida case concerns the attack on InfraGard, the public-private information-sharing partnership affiliated with the FBI. The New Jersey case concerns the release of confidential documents stolen from AT&T. These would appear to be the first U.S. arrests connected with the LulzSec crew that’s been so active this summer.

Additionally, police in the U.K. arrested another person and police in The Netherlands arrested four more people in connection with the case.

The indictment names 14 people: Christopher Wayne Cooper, 23, a.k.a. “Anthrophobic;” Joshua John Covelli, 26, a.k.a. “Absolem” and “Toxic;” Keith Wilson Downey, 26; Mercedes Renee Haefer, 20, a.k.a. “No” and “MMMM;” Donald Husband, 29, a.k.a. “Ananon;” Vincent Charles Kershaw, 27, a.k.a. “Trivette,” “Triv” and “Reaper;” Ethan Miles, 33; James C. Murphy, 36; Drew Alan Phillips, 26, a.k.a. “Drew010;” Jeffrey Puglisi, 28, a.k.a. “Jeffer,” “Jefferp” and “Ji;” Daniel Sullivan, 22; Tracy Ann Valenzuela, 42; and Christopher Quang Vo, 22. One individual’s name has been withheld by the court, which suggests he or she is a juvenile.

The defendants are charged with conspiracy and intentional damage to a protected computer.

The 14 are accused of carrying out a December distributed denial of service attack against PayPal, the payment site owned by eBay. DDOS attacks are when attackers overwhelm a Web server with fake requests for attention at such a high volume that legitimate users can’t get through.

The group has also claimed responsibility for attacks against Visa, and at one point planned to attack Amazon. Various other factions connected to Anonymous have also attacked Sony and recently claimed responsibility for a hacking attack against the defense contractor Booz Allen Hamilton.

The FBI also made arrests today in the attack on the Web site of InfraGard, a non-profit group affiliated with the FBI itself. Scott Matthew Arciszewski, 21, was arrested today by FBI agents and charged with intentional damage to a protected computer. He’s been charged in the Middle District of Florida and has already appeared in a federal court in Orlando.

The complaint alleges that Arciszewski accessed without authorization the Tampa Bay InfraGard website and uploaded three files, and then Tweeted about it on Twitter.

InfraGard is a public-private partnership for critical infrastructure protection sponsored by the FBI with chapters in all 50 states.

In a related complaint unsealed in the District of New Jersey, the DOJ charged Lance Moore, 21, of Las Cruces, New Mexico with stealing confidential business information stored on AT&T’s servers and posting it on a public file sharing site. Moore is charged with one count of accessing a protected computer without authorization.

According to the New Jersey complaint, Moore, a customer support contractor for AT&T, exceeded his authorized access to AT&T’s servers and downloaded thousands of documents, applications and other files that, on the same day, he allegedly posted on a public file hosting site. That would be The Pirate Bay.

According to the complaint, on June 25, the computer hacking group LulzSec publicized that they had obtained confidential AT&T documents and made them publicly available on the Internet. The documents were the ones Moore had previously uploaded. He faces a maximum penalty of 10 years in prison and a $250,000 fine. Each count of conspiracy carries a maximum penalty of five years in prison and a $250,000 fine.

Here’s the indictment.

Indictment 7.19.11

[Image via Foxnews.com]

I’ve spoken with contacts at three FBI field offices — one here in New York, one in Los Angeles and another in San Francisco. I’m told that in New York search warrants were executed on homes in Brooklyn and in the towns of Baldwin and Merrick on Long Island. A source familiar with the investigation says that IP addresses that have come under scrutiny in the course of the investigation have led agents to search those addresses, but that no arrests have yet been made in New York.

Agents in California have made arrests, though the number and the names of those arrested have not yet been released. Additionally, Fox News is reporting that the FBI made arrests related to the investigation this morning in Florida and New Jersey, and that as many as a dozen people have been arrested in the operation nationwide. Obviously more information will be forthcoming as the situation develops.

The investigation is related specifically to the distributed denial-of-service attacks that were carried out last year and early this year against several companies in the U.S. The attacks were in sympathy with Wikileaks, which had just started disclosing its cache of leaked U.S. diplomatic cables. Visa, the credit card company, was one of its victims.

The group has grown recently as it absorbed another group of hackers calling itself LulzSec, which had harassed Sony in response to its lawsuits against a person who reverse engineered the security on the Playstation gaming console.

Arrests of Anonymous members have previously been reported in the U.K. , in Turkey and in Spain.

Fox has some raw video from the scene where one of the search warrants was executed on Long Island today. It’s below.

[Image and video via Fox News]

“For the past 50 days we’ve been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could,” the group wrote in its statement.

The collection of files it released — LulzSec’s “booty” — which I downloaded, contained a mishmash of text and images intended to demonstrate, one last time, the group’s hacking prowess. Among the collection was an image of a U.S. Navy web site civilian jobs board that had been defaced with 11 entries reading “PabloEscobar AntiSec.”

Another file, entitled “Office Networks of Corporations,” is a text file containing what appear to be the IP addresses of internal corporate networks belonging to several media and telecommunications companies. Among those on the list are the Walt Disney Company, Sony — a favorite LulzSec target — Qwest Communications and the EMI Group.

By far the biggest file — clocking in at more than 600 megabytes — was a folder containing what appeared to be internal documents taken from AT&T. They include what seem to be planning documents, timelines, internal memos related to testing and other documents concerning the construction of AT&T’s LTE wireless network.

Another file appears to be an internal memo concerning the structure of an AOL network.

Another text file, entitled “silly routers,” contains a long list of IP addresses of routers, the networking equipment that functions as the traffic cops of the Internet. Next to each IP address are the creditials used to log in and make changes to the settings of those routers; however, in each case the username and password are “root” and “admin” or “root” and “root.”

The significance here is that “root” is the highest level of administrative access that can be gained on any computer. A user with “root” access has complete control over the system, and “gaining root” is the gold standard of practically any hacker attack. In this case the joke — or Lulz — is that the root accounts are guarded by default passwords, either “root” or “admin,” meaning they’re essentially unguarded. I traced a few of the IP addresses and found they correspond with addresses in Brazil, where a LulzSec branch — really more of a copycat group — has emerged in recent days.

So why is LulzSec calling it quits now at the height of its infamy? For one thing, the heat is clearly on. At least one person said to have ties to the group, a 19-year-old named Ryan Cleary, has been arrested in the U.K., and assuming the person they’ve arrested is guilty as charged, chances are that when the pressure is on, he’ll give Scotland Yard as much evidence as he can in exchange for a lighter sentence.

Additionally, more information has started to emerge about the group via rival gangs and people who are former members. The Guardian Newspaper on Friday published a fascinating account, including a lengthy chatroom transcript that provides a great deal of insight into the group’s inner workings. That this much information has wound up in the hands of a newspaper means that the cone of silence the groups members have relied upon to cover their tracks is starting to break down. Law enforcement agents looking to make more arrests will be combing through the logs looking for connections.

They’ll be looking for someone else like Cleary, who has a history of hanging around on the periphery of groups like LulzSec, and who may have knowledge of how they operate, or other identities they use online. If it plays out as other cases have, eventually investigators will hit upon another clue that will lead to the arrest of key member who will, when the pressure of the law is brought to bear, start naming names of the other members.

With that kind of heat, it behooves LulzSec’s members to go silent and split up, and stop creating any kind of digital trail that might lead to them. Chances are that each member will destroy any evidence in their possession that might implicate them personally: Hard drives will be wiped and perhaps physically destroyed. At the same time they’ll probably retain somewhere enough evidence that will help them finger other members in the event they’re arrested.

Then again, there may never be any more arrests. There are untold scores of infamous computer crimes committed for which no one ever got arrested.

One such group that comes to mind is Hacking for Girliez, which in 1998 defaced the Web site of the New York Times. (See a mirror of what they put up here.) The people who carried out the attack later granted an interview to Forbes Magazine, but were never heard from again. No one ever faced charges in that incident, and the statute of limitations has long since expired.

LulzSec’s members could find a way to quietly fade into digital obscurity in the same way that Hacking for Girliez did more than a decade ago. But then much depends on how well its members can keep their mouths shut. Part of their appeal was their ability to brag about their conquests so publicly and with apparent impunity. If each of the group’s six members can resist the urge to brag that they were once part of the Internet’s most infamous gang of troublemakers, they might just get away with it.

LulzSec’s farewell Tweet and statement are below.

50 Days of Lulz statement: http://t.co/GbAD070 | Torrent: http://t.co/lGsJ4PU Thank you, gentlemen. #LulzSec

June 25, 2011 3:03 pm via webReplyRetweetFavorite

@LulzSec

The Lulz Boat

PREVIOUSLY:

• Despite All the Attention, LulzSec Hackers Failed
• At The Height Of Their Infamy, LulzSec Hackers Call It Quits
• Arizona Confirms LulzSec Docs Are Authentic, Worries About Officer Safety
• LulzSec Goes All Wikileaks On Arizona State Cops
• LulzSec Shrugs After Scotland Yard Nabs Hacking Suspect (Updated)
• LulzSec And Anonymous Team Up to Hack Governments and Banks
• Viral Video: LulzSec Gets Taiwanesed
• CIA Web Site Goes Down; LulzSec Takes Credit
• LulzSec Blasts Space Game Eve Online, Other Gaming Sites
• LulzSec Strikes Again, Hits Bethesda Softworks And U.S. Senate
• Turkey Arrests 32 Alleged Members of Anonymous, Days After Arrests in Spain
• Web Security Start-Up Cloudflare Gets Buzz, Courtesy of LulzSec Hackers
• No Hacks to Report at Xbox, But Microsoft Isn’t Letting Its Guard Down
• No LulzSec Hackers Have Been Arrested–At Least Not Yet
• LulzSec Posts More Sony Data, Amid Claim One of Them Is Arrested
  LulzSec Strikes Again, Claims Attack On Nintendo Server
  Sony Hacked for What Seems To Be the Umpteenth Time

• Sony’s Playstation Network Is Back. Sony’s Reputation Will Take a Little Longer.
• Exclusive: Sony Considers Offering Reward to Help Catch Hackers
• Anonymous Claims It Took No Credit Card Numbers From Sony
• Sony Implicates Anonymous in Attack; Group Denies Involvement
• Sony Apologizes For the Playstation Network Breach
• Sony Blames PlayStation Outage on “External Intrusion”

The arrest of a 19-year-old came in the wake of word that the U.K.’s Office for National Statistics is looking into the possibility that some data from the 2011 Census may have been stolen. There was a claim on Pastebin by someone claiming to be part of LulzSec that they had conducted just such an attack. On its Twitter feed, LulzSec denied any role in attacking the U.K. Census, but it expressed support.

Seems the glorious leader of LulzSec got arrested, it’s all over now… wait… we’re all still here! Which poor bastard did they take down?

June 21, 2011 5:27 am via webReplyRetweetFavorite

@LulzSec

The Lulz Boat

LulzSec, of course, is the group that claims to have hacked several Sony Web sites, as well as a Nintendo site, then the gaming servers of a couple of companies. It has also attacked the Web site of the CIA and of private affiliates of the FBI. As recently as yesterday it claimed to have carried out a denial-of-service attack against a British police agency.

Scotland Yard isn’t yet saying much about the arrest, but did say in a statement that it was in connection with computer attacks carried out against several companies, including denial of service attacks that LulzSec has been openly bragging about for days. It also said it is cooperating with the FBI.

The Wall Street Journal quoted a source familiar with the matter saying that the person arrested “may be a member of LulzSec,” but that can be difficult to pin down in these situations. The person could be merely a sympathizer emulating LulzSec’s methods but without taking the same care to avoid detection. Or it may be a person operating on the fringes of the group in some way.

For what it’s worth, there was yet another claim by the group Web Ninjas, a rival faction that says it wants to expose LulzSec members, that the person arrested goes by the name Ryan and that his is just the first arrest of several that are coming. “Well bad news for LulzSec, count your days as we count your heads, How about this for LULZ?” they wrote. The Web Ninjas go on to describe “Ryan” as the administrator of the IRC chat server supposedly used by LulzSec. But as I said yesterday, it’s difficult to sort out all these claims and counterclaims. We have, of course, seen similar claims before.

Meanwhile, if LulzSec is worried, it isn’t showing any evidence of it. It’s promising to publish more data it has been given.

Thank you to the supporters who have assisted in leaks. Like @WikiLeaks, our sources remain anonymous. Leak payloads are being decided now.

June 20, 2011 7:41 pm via webReplyRetweetFavorite

@LulzSec

The Lulz Boat

Update: LulzSec is now confirming at least some of the Web Ninja account. In a series of Twitter updates starting about an hour ago, the group said that the person initially identified as Ryan “is not a member of LulzSec,” though the group does acknowledge a connection. See the tweets below, one of which links to a Sky News report that I’ve embedded further down.

Ryan Cleary is not part of LulzSec; we house one of our many legitimate chatrooms on his IRC server, but that’s it. http://t.co/98VflEi

June 21, 2011 10:48 am via webReplyRetweetFavorite

@LulzSec

The Lulz Boat

Clearly the UK police are so desperate to catch us that they’ve gone and arrested someone who is, at best, mildly associated with us. Lame.

June 21, 2011 10:54 am via webReplyRetweetFavorite

@LulzSec

The Lulz Boat

PREVIOUSLY:

• LulzSec And Anonymous Team Up to Hack Governments and Banks
• Viral Video: LulzSec Gets Taiwanesed
• CIA Web Site Goes Down; LulzSec Takes Credit
• LulzSec Blasts Space Game Eve Online, Other Gaming Sites
• LulzSec Strikes Again, Hits Bethesda Softworks And U.S. Senate
• Turkey Arrests 32 Alleged Members of Anonymous, Days After Arrests in Spain
• Web Security Start-Up Cloudflare Gets Buzz, Courtesy of LulzSec Hackers
• No Hacks to Report at Xbox, But Microsoft Isn’t Letting Its Guard Down
• No LulzSec Hackers Have Been Arrested–At Least Not Yet
• LulzSec Posts More Sony Data, Amid Claim One of Them Is Arrested
  LulzSec Strikes Again, Claims Attack On Nintendo Server
  Sony Hacked for What Seems To Be the Umpteenth Time

• Sony’s Playstation Network Is Back. Sony’s Reputation Will Take a Little Longer.
• Exclusive: Sony Considers Offering Reward to Help Catch Hackers
• Anonymous Claims It Took No Credit Card Numbers From Sony
• Sony Implicates Anonymous in Attack; Group Denies Involvement
• Sony Apologizes For the Playstation Network Breach
• Sony Blames PlayStation Outage on “External Intrusion”

All the security attention paid in recent years to securing the Windows desktop and the applications running on it have paid off a little, Cisco found, making it harder for computer scammers to successfully carry off their intended crimes on that platform. The trouble is they’re now starting to focus more attention on mobile devices, including Apple’s iPhone and iPad, and devices running Google’s Android operating system, Cisco said.

Meanwhile, the overall global volume of spam, which often contains troublemaking links that are used to deliver attacks, decreased for the first time ever in 2010. Even so, spam still increased in some developed countries where broadband connections are multiplying. In the United Kingdom, spam volume nearly doubled, while the volume in France went up 115 percent. The U.S. saw a slight decline–11.1 trillion messages down from 11.3 trillion in 2009. Spam in Brazil, China and Turkey also declined. Some of the decline can be attributed to last year’s arrest by FBI agents in Milwaukee of a Russian accused of being the “king of spam,” and to the shutdown of a few botnets used by scammers to send spam.

One thing about Cisco’s report that’s likely to draw some attention is its finding that the raw number of vulnerabilities on Apple products appear to be growing. Apple users are usually pretty sensitive about this topic, and any comparison of the Mac to Windows on the security front tends to make them grind their teeth and pound out annoyed comments on tech blogs. I know because I’ve done the same teeth-grinding and have in the past criticized other reports for similar findings.

Here Cisco is addressing vulnerabilities that Apple has itself documented and patched in software updates. One thing that’s not clear to me–though it sure looks like it–is whether Cisco is combining vulnerabilities found on both iOS (iPhone and iPad) and OS X (the Mac). The data it’s using is from its IntelliShield service, which tracks vulnerabilities and security incidents, and shows that over five years Apple’s vulnerabilities rose, from less than 200 in 2006 to more than 350 in 2010. That rate was higher than Microsoft and Hewlett-Packard and Cisco itself, the report found, though it goes on to say that Apple has worked harder than most other vendors to protect its users. Security is one of the reasons Apple imposes such strict rules on what’s available in the App store, though people still jailbreak their phones.

Another trend Cisco found is something called “money muling.” Tom Gillis, VP and general manager of Cisco’s Security business unit, describes money muling as using unsuspecting people who are attracted by “work at home” spam messages and Web ads to participate in money laundering by moving small amounts of money into bank accounts, just a few thousand dollars at a time. He says the operations around this are becoming increasingly elaborate, and criminals will devote a lot of effort to developing it this year.

I talked with Gillis about the report and other security trends that Cisco found. Here are a few highlights from our conversation:

NewEnterprise: So you’re seeing fewer attacks on Windows and more on mobile devices. Is that simply because there are more of them?

Tom Gillis: It’s the simple fact that there’s this new class of mobile device coming into the enterprise that used to be a phone and now it’s a computer, and it can access enterprise information. So what we’re seeing is that the raw number, but not the severity, is down on Windows. Part of this is that Windows 7 was a very good release on Microsoft’s part from a security standpoint. And we’ve got these new devices coming into the enterprise, and so we’re seeing a shift in focus of attacks on these mobile devices. They’re vulnerable to attack and they’re relevant in the enterprise. Two years ago this would have been too small a population to be meaningful.

What kind of attacks are you seeing?

It varies. In some cases there’s a little “phone home” code in a free gaming app. Pretty gentle stuff so far. But as people start using smartphones to access sensitive information we need to start thinking about security considerations on these devices. There’s a larger theme here that the whole nature of attacks is changing dramatically. The fact that spam volumes dropped at all is a big tell. For 10 years this has only gone up. We’re not forecasting a steady decline in spam, but the fact that it slowed down at all is an indicator of the shift in the way that attackers are using email. The attacks are more targeted and personal, for one thing.

Can’t some of this decrease be attributed to some of the arrests that happened last year?

It can. There’s been a handful of arrests. And they went after not only the botnet operators but other parts of the spam value chain. There are firms and entities that build botnets of compromised machines that relay the spam, and then there are other firms and entities that rent time on those botnets that do the merchandising. The biggest category is selling fake pharmaceuticals. Some of these fake pharma operations were shut down and the people associated with them arrested. It’s not an easy thing to do, because they’re global, they move around, and so to make an arrest in this space is a huge accomplishment.

So what is the thinking now about securing the mobile device?

We think there are two ways to make mobile devices work in the enterprise. The flood of devices into the enterprise is huge, and everyone wants to use them to check their email and access corporate directories and other fundamental things. There needs to be some kind of software on the end point–the phone or device. It will have to be light. You can’t have some kind of antivirus suite running on the phone. It would be a little piece of software that’s on all the time that knows when you’re behind the corporate firewall and when you’re not, and manages your connection accordingly. We bought a company called ScanSafe that has 40 data centers around the world. When you’re outside the firewall it connects to you the nearest data center and enforces your corporate policies, but all you as the user know is that it just works. This notion of being on or off the corporate network goes away. And we can do all kinds of scanning for security, independent of the device that’s being used.

This year we also saw the Stuxnet attacks, which we now know for certain were carried out against the Iranian nuclear program. Clearly this is a new kind of attack that can be mounted against industrial control systems via computer networks. Is Cisco researching this?

Massively. Often these types of attacks are targeted against Cisco’s biggest enterprise customers. Who buys Cisco’s infrastructure? The biggest banks in the world, the defense contractors. If the goal of an attacker is to disrupt an economy, their targets will be our customers, and they’re demanding a response from us. I like to call it global threat correlation, but it comes down to taking huge samples of network traffic and picking out good traffic from the bad. Cisco has a good advantage here because our equipment is so widely deployed around the world. As we start measuring traffic we can develop reputation data on every publicly routable IP address on the Internet. As we start putting telemetry info into that equipment–and the customer can choose to enable it or not, and it’s turned off by default. But people turn it on because it helps them against the unknown kind of attacks that are popping up. If a Web server says its a Web server, but you just saw it sending spam three minutes ago, there’s a pretty good chance it’s part of a botnet. Once you know that you know that, you can start to mount a pretty good defense. We’re putting a lot of energy into developing that, and it’s proven to be pretty robust.

The latest to be arrested is Winifred Jiau, 43, of Fremont, Calif. Like others charged or arrested on Dec. 16, she has ties to Primary Global Research. She’s accused of providing inside information to Primary Global clients who were portfolio managers at hedge funds of Nvidia and Marvell Technology during a period from 2006 to 2008. Prosecutors say she collected $200,000 during that time. She’s facing charges of conspiracy and securities fraud.

In August of 2008, the complaint says, she provided managers of two hedge funds with detailed numbers for quarterly revenues, per-share earnings and gross margins for the quarter ending that month. The complaint says that in the conversations she made it clear she had obtained the information directly from an employee of Marvell. The funds in question–they were not named in the complaint–allegedly made $820,000 on trades from the information.

On Aug. 8, 2008, the complaint says, Jiau provided the hedge fund managers with an early look at Nvidia’s quarterly revenue and told them it planned to announce a stock buyback, which it did four days later.

I’ve embedded the complaint below.

Jiau, Winifred Complaint

However, we’re starting to get more information about how the McDonald’s incident appears connected to hacking incidents at other sites. Chicago Business is reporting that the company responsible for McDonald’s email marketing is Silverpop Systems, and that it had been operating under a subcontract from Chicago-based Arc Worldwide.

So who else is a customer of Silverpop? Yesterday I received an email from someone who’s a customer of deviantArt, a social network where artists share their creations. DeviantArt has a base of 13 million users. Got an account there? You’d better change any passwords that overlap with other sites. The site advised customers that their accounts were compromised, and blamed Silverpop.

It could extend much further yet. Silverpop has more than 100 clients, and not all of them are publicly disclosed, though here are a few, found on its client quotes page and its case studies page: Stamps.com, Pitney Bowes/Mapinfo, Encyclopedia Britannica, Santander Consumer Finance and watchmaker Fossil. There’s no word how any of those other companies are affected, if at all.

Silverpop CEO Bill Nussey said in a blog message to customers that the FBI is investigating the incident, and that only a small percentage of Silverpop customers have been affected. He also said that Silverpop was “among several technology providers targeted as part of a broader cyber attack.” Stacy Kirk, a Silverpop spokeswoman, wouldn’t say anything beyond what’s in Nussey’s message.

I’m beginning to wonder if there’s some indirect connection between what happened to Silverpop and what happened to Gawker. I’m speculating here, but it’s no stretch of the imagination that numbering among deviantArt’s 13 million users are some of the 1.5 million people whose accounts were compromised in the Gawkergate affair. And the FBI is investigating both. Thomas Plunkett, Gawker’s technology chief, told me by email that there’s no evidence of a connection. Then again, as Business Insider tells it, he hasn’t yet had his meeting with the FBI.

Maybe I’m looking for connections that aren’t really there, but it’s really not hard to see how the breach at Gawker could turn out be the start of a domino effect that’s much larger than anyone has yet realized. There certainly is a lot of grumbling about changing passwords today.

If you know more more about any of this, get in touch!

Below is the email to deviantArt users.

From: deviantART.com (address deleted)
Date: Mon, Dec 13, 2010 at 5:54 AM
Subject: RE: Email Notice

Silverpop Systems, Inc., a leading marketing company that sends email messages for its clients, told us that information was taken from its servers. This was probably part of a sweep by spammers. As a result, email addresses belonging to deviantART members were copied. Corresponding usernames and birth date may also have been removed.

We can assure you that nothing occurred on our systems with respect to this incident and no access was gained to private information on deviantART’s servers.

As a member of deviantART, you certainly have a right to know when an incident of this kind occurs. Unfortunately spammers are an unavoidable part of living on the Web.

The likely result of this event might be an increase in spam to your email. Experts have told us that there is an increase in email scams out there on the Internet and you should be cautious. Only click links or download attachments from people you know, particularly if they ask for personal information, and be sure that your email service provider has adequate spam filters.

Because we value the information that members give us, we have decided not to rely on the services of Silverpop in the future and their servers will no longer hold any data from us.

The firm’s clients include several prominent Internet companies, including Yahoo, social gaming giant Zynga, Myspace (a unit of News Corp., parent of this Web site) and Cablevision.

Granick gained a reputation as a lawyer willing to defend accused computer hackers. Her clients have included the hacker-turned-journalist Kevin Poulsen. I wrote this profile of her for Forbes.com in 2000, describing her as the person you might call if your day begins with an FBI raid.

About the same time, she gave a heavily attended talk on “Hacking and the Law” at the DEF CON 8 hacker conference in Las Vegas. She went on to become executive director at Stanford University’s Center for Internet and Society. She also taught at Stanford.

I caught up with her yesterday, and she said part of her role will be to help establish ZwillGen’s office in San Francisco. The firm has been adding legal talent at a rapid clip. In June it added three lawyers: Elizabeth Banker, a former associate general counsel at Yahoo; Bart Huff, a former assistant United States attorney in Chicago with a history of prosecuting computer crime; and Leota Bates, a former associate at Perkins Coie in Washington, D.C. Granick is the firm’s eighth attorney.

Will she still have time to take calls from hackers staring down FBI agents? “I think I’ll still be able to do that,” she said. “They wanted me because of my experience and because of who I’ve represented.”

“The FBI is executing court-authorized search warrants in an ongoing investigation,” said Richard Kolko, an FBI spokesman, who declined to comment further.

Both hedge funds are run by former managers of Steve Cohen’s SAC Capital Advisors. Level Global Investors LP is a Greenwich, Conn., hedge-fund firm run by David Ganek, a former SAC Capital trader and art collector. He started Level Global in 2003 and earlier this year reported managing about $4 billion in assets.

Read the rest of this post on the original site

A spokesman for prosecutors in Bonn, where Deutsche Telekom is based, said the office opened the inquiry after reviewing documents provided by the U.S. Securities and Exchange Commission, Federal Bureau of Investigation and Justice Department earlier this year.

U.S. officials have been investigating the company’s activities in the Balkans since 2006 and had asked German prosecutors to assist by collecting witness testimony in Germany.

German prosecutors searched Mr. Obermann’s office and one of his two homes on Aug. 31, said Manfred Balz, Deutsche Telekom’s management board member responsible for compliance, at a news conference Wednesday. The search included computers and documents belonging to Mr. Obermann and to employees who haven’t been named as suspects.

Read the rest of this post on the original site

The number of identity-theft victims in the U.S. jumped 12 percent to 11.1 million in 2009, according to research company Javelin Strategy & Research. Fraud cases reported to the Internet Crime Complaint Center, which is partly run by the Federal Bureau of Investigation, climbed 23 percent to 336,655 last year.

Information that people inadvertently make public on sites like Facebook plays a role. So too do the sort of technical exploits demonstrated by the group that recently exposed a flaw in AT&T Inc.’s (T) website.

But in many cases, finding social-security and credit-card numbers or medical records on the Internet doesn’t require computer expertise. Instead, such information is accessible to anyone who knows where to look.

Read the rest of this post on the original site

This week, Google (GOOG) complained that Apple’s new rules on sharing iPhone and iPad user data with advertisers unfairly advantages the company’s own iAd service over rivals like Google’s AdMob–and the government is reportedly looking into the issue. There’s also continued grumbling over the company’s decision not to support the Adobe (ADBE) Flash standard on the iPhone/iPad platform, and the Feds are apparently looking at that issue, as well.

Stifel Nicloas analyst Rebecca Arbogast reviewed the situation in a research note this morning, and finds that Apple has justifications in both cases that support its policies.

Read the rest of this post on the original site

“We can confirm that Gawker Media was contacted by the FBI earlier today and issued a formal preservation notice,” Valleywag said in its post.

Gawker Media publicized the incident Wednesday after being contacted by a small group of computer experts calling itself Goatse Security. The group said it discovered the flaw, explaining that it was able to find the email addresses by guessing numbers that identify iPads connected to AT&T’s mobile network. The group said it uncovered 114,000 email addresses, including those of prominent officials in companies, politics and the military.

Read the rest of this post on the original site

“The FBI is aware of these possible computer intrusions and has opened an investigation,” said Katherine Schweit, an FBI spokeswoman. Ms. Schweit said the FBI opened the investigation Thursday but it will not comment on what it is looking at. “It’s very early in the investigation,” she said.

AT&T, the sole U.S. provider of wireless service for the Apple Inc. (AAPL) tablets, acknowledged Wednesday that a security flaw in its website made it possible for iPad users’ email addresses to be exposed.

Read the rest of this post on the original site

Let’s make short work of this: Yesterday, the Justice Department named 15 new Assistant U.S. Attorneys to the Computer Hacking and Intellectual Property program, as well as 20 Federal Bureau of Investigation Special Agents, to police intellectual property violations, both domestic and international.

The new FBI agents nearly double the number working on copyright issues and will be part of “intellectual property squads,” located in Los Angeles, San Francisco, New York, and Washington, D.C.

Why all the muscle? Pressure from the entertainment industry no doubt.

Here’s the full press release from the DOJ:

Department of Justice Announces New Assistant United States Attorneys and FBI Agents to Combat Intellectual Property Crimes

WASHINGTON, April 26 /PRNewswire-USNewswire/–As part of the Department of Justice’s ongoing initiative to confront intellectual property (IP) crimes, Acting Deputy Attorney General Gary G. Grindler announced today the appointment of 15 new Assistant U.S. Attorney (AUSA) positions and 20 FBI Special Agents to be dedicated to combating domestic and international IP crimes.

These new positions–announced on the 10th annual World Intellectual Property Day–are part of the department’s continued commitment to combat the growing number of IP crimes here at home, and abroad. The new AUSA positions will be part of the department’s Computer Hacking and Intellectual Property (CHIP) program.

“Intellectual property law enforcement is central to protecting our nation’s ability to remain at the forefront of technological advancement, business development and job creation,” said Acting Deputy Attorney General Grindler. “The department, along with its federal partners throughout the Administration, will remain ever vigilant in this pursuit as American entrepreneurs and businesses continue to develop, innovate and create.”

The 15 new Assistant U.S. Attorneys will work closely with the Criminal Division’s Computer Crime and Intellectual Property Section (CCIPS) to aggressively pursue high tech crime, including computer crime and intellectual property offenses. The new positions will be located in California, the District of Columbia, Maryland, Massachusetts, Michigan, New Jersey, New York, Pennsylvania, Texas, Virginia and Washington.

The 20 new FBI Special Agents announced today will be deployed to specifically augment four geographic areas with intellectual property squads, and increase investigative capacity in other locations around the country where IP crimes are of particular concern. The four squads will be located in New York, San Francisco, Los Angeles and the District of Columbia. The squads will allow for more focused efforts in particular hot spot areas and increased contact and coordination with our state and local law enforcement partners. The 20 new agents will join the 31 agents devoted to investigating IP crimes who have already been deployed to field offices around the country.

“Theft of intellectual property–from inventions to trademarks and copyrights, to industrial designs and trade secrets–is a worldwide problem. It affects individuals and corporations financially and can threaten public safety. The additional FBI agents will significantly strengthen the efforts of our squads investigating intellectual property rights violations and help bring to justice those who seek to profit from intellectual property theft,” said Assistant Director Gordon M. Snow of the FBI Cyber Division.

Acting Deputy Attorney General Grindler serves as chair of the department’s Task Force on Intellectual Property, which was established earlier this year by Attorney General Eric Holder to coordinate the department’s efforts on IP crimes. The task force focuses on strengthening efforts to combat intellectual property crimes through close coordination with state and local law enforcement partners as well as international counterparts. As part of its mission, the task force works together with the Office of the Intellectual Property Enforcement Coordinator (IPEC), housed in the Executive Office of the President, to implement an Administration-wide strategic plan on intellectual property.

The task force includes representatives from the offices of the Attorney General, the Deputy Attorney General, and the Associate Attorney General; the Criminal Division; the Civil Division; the Antitrust Division; the Office of Legal Policy; the Office of Justice Programs; the Attorney General’s Advisory Committee; the Executive Office for U.S. Attorneys and the FBI.

World Intellectual Property Day was established by the World Intellectual Property Organization (WIPO) to recognize the importance of protecting intellectual property rights and enforcing their laws. Each year on April 26th, WIPO and its member states seek to increase public understanding of intellectual property through activities, events and campaigns.

The New York financial company sent employees in U.S. bank branches a memo to help respond to questions. The moves came after The Wall Street Journal reported that the Federal Bureau of Investigation is probing a computer-security breach aimed at accounts of the company’s Citibank unit.

It couldn’t be learned how funds were stolen, whether through Citibank’s systems or by other means. The breach could have involved a contractor that processes transactions for the U.S. financial institution. Investigators suspect that the theft was conducted by a well-known Russian cyber gang.

Read the rest of this post on the original site

“A study conducted by Microsoft Research shows that consumers can process results with images 20% faster than text only results,” Microsoft’s Todd Schwartz explained. “So it’s clear that images play a big part in helping consumers with a variety of search activities….Visual Search allows you to quickly scroll through the galleries or do a one-click refinement using the quick tabs on the left, which are specifically relevant to the type of results you are browsing through.”

Think of Microsoft’s innovation as iTunes Cover Flow for search. And though it currently works only for mainstream queries (celebrities, dog breeds, iPhone apps, FBI’s Most Wanted, etc.) it’s quite impressive. And if Microsoft (MSFT) works quickly to extend it beyond its currently limited purview, Visual Search could do much to differentiate Bing from Google (GOOG). Certainly, Google doesn’t offer anything quite like it at the moment.