Attack Of The Mini-Botnets

Via DarkReading -

Big-name botnets like Kraken/Bobax, Srizbi, Rustock, the former Storm -- and even the possible botnet-in-waiting, Conficker -- have gained plenty of notoriety, but it's the smaller and less conspicuous ones you can't see that are doing the most damage in the enterprise.

These mini-botnets range in size from tens to thousands versus the hundreds of thousands, or even millions, of bots that the biggest botnets deploy. They are typically specialized and built to target an organization or person, stealing corporate and personal information, often without a trace. They don't attract the attention of the big spamming botnets that cast a wide net and generate lots of traffic; instead they strike quietly, under the radar.

"There's definitely specialization [in botnets] these days," says Joe Stewart, senior director of malware research for SecureWorks. "There are botnets designed for fraud, and they have been around for a while and don't seem to cross over [with the bigger spamming botnets]," he says.

These mini-botnets specialize in identity theft, fraud, and stealing corporate information, and are much more difficult to spot and infiltrate than a big spamming botnet. "We have to rely on the few anecdotal instances, where we've managed to get a look at the back-end," Stewart says.

[...]

The main goal of specialized botnets is to steal user names and passwords, banking credentials, intellectual property, and other valuable information, he says. "We've seen them target banking credentials used by the enterprise to conduct corporate banking," Cox says. "We've also seen particular executives targeted who are involved in intellectual property development and research activities.

"There's a strong tie there between what information the [targeted] employee has access to and the value that asset has to the attacker."

SecureWorks' Stewart says small botnets are more worrisome than Conficker's next move. These botnets include Clampi (a.k.a. Ligats and Rscan), Torpig (a.k.a. Sinowal, Anserin), Zeus (a.k.a. prg/zbot), Pinch (a.k.a. ldpinch), and SilentBanker Cimuz -- all named after the malware they use -- plus one that has been around for some time, Coreflood (a.k.a. Afcore), which Stewart has studied closely. "I am far more worried about some of the recent Clampi [activities] and some of the other ones," Stewart says. "They have made inroads to affect users and do something malicious, like steal their credentials" for committing identity theft and fraud, he says.

[...]

Steven Adair, a researcher with the Shadowserver Foundation, says his organization has seen targeted botnet attacks that have used anywhere from dozens to hundreds or more machines. "They are often a lot smaller than the spamming and DDoS botnets due to their target selection," Adair says.

These targeted botnet attacks often use spear-phishing email attacks, using malicious PDF attachments or links that appear legitimate because they contain information familiar to the user. Shadowserver has also seen mini-botnets infect Websites that cater to a specific group of users, Adair says. "The sites were specifically chosen due to their audience," he says.

Pigeons Fly Cell Phones into Brazilian Prison

Via Google (AP) -

Inmates have devised an innovative way to smuggle in cell phones into a prison farm in Brazil: carrier pigeons.

Guards at the Danilio Pinheiro prison near the southeastern city of Sorocaba noticed a pigeon resting on an electric wire with a small cloth bag tied to one of its legs last week.

"The guards nabbed the bird after luring it down with some food and discovered components of a small cell phone inside the bag," police investigator Celso Soramiglio said Tuesday.

One day later, another pigeon was spotted dragging a similar bag inside the prison's exercise yard. Inside the bag was the cell phone's charger, Soramiglio said.

The birds were apparently bred and raised inside the prison, smuggled out, outfitted with the cell phone parts and then released to fly back.

"Pigeons instinctively fly back home, always," the investigator said.

Soramiglio said that police have not discovered who raised the pigeons nor the name of the inmate who was going to receive the cell phone, but that he hoped the telephone carrier would provide the information.

"Some of them are members of organized crime groups that use cell phones to talk to family and friends and to give and receive orders for criminal actions outside and inside prisons," Soramiglio said.

He did not want to elaborate further until investigations conclude.

In 2006, Sao Paulo's notorious First Capital Command used cell phones to coordinate a wave of assaults on police, banks and buses that left more than 200 people dead in South America's largest city.

The gang's leaders are based in prisons, and use smuggled cell phones to plan and execute drug deals, kidnappings and bank robberies.

Washington D.C. Restaurants Become Credit Card Cloning Hot Spots

Via Wired.com (Threat Level) -

Four former servers at three upscale Washington D.C. restaurants blocks from the White House were arrested last week for allegedly using covert skimming devices to clone customer credit card data, in a year-long counterfeiting operation that's put $750,000 in fraudulent charges on the plastic of Washington's elite.

Servers at Clyde's of Gallery Place, M&S Grill, and 701 Restaurant, along with Maryland workers at Carrabba's Italian Grill and the Gaylord Hotel, allegedly stole the card numbers. According to the Secret Service, the data wound up in the hands of 28-year-old Joseph Artemus Bush, III, a Maryland man who was repeatedly caught on surveillance video using counterfeit cards with the skimmed account numbers.

Bush's alleged MO was to purchase American Express gift cards at area Target and Walmart stores, then redeem them at high-end shops like Barney's of New York and Gucci. Last week he was charged with credit card fraud, along with two alleged confederates, Erick V. Burton and Aaron Gilbert. The four servers charged are Lavelle Denise Payne, Shannon Eileen McLaughlin, Jamaal Snowden and Simone Carrie Diane Folk.

------------------------------

Luckily I didn't visit any of these places in my trips to DC...but some of my friends do on a regular basis.

Know Your Enemy: Containing Conficker

http://www.honeynet.org/papers/conficker/

Our "Know Your Enemy: Containing Conficker" whitepaper was released on March 30th as a PDF only. You can download the full paper from the link below.

Paper Abstract

The Conficker worm has infected several million computers since it first started spreading in late 2008 but attempts to mitigate Conficker have not yet proved very successful. In this paper we present several potential methods to contain Conficker. The approaches presented take advantage of the way Conficker patches infected systems, which can be used to remotely detect a compromised system. Furthermore, we demonstrate various methods to detect and remove Conficker locally and a potential vaccination tool is presented. Finally, the domainname generation mechanism for all three Conficker variants is discussed in detail and an overview of the potential for upcoming domain collisions in version .C is provided. Tools for all the ideas presented here are freely available for download including source code.

In addition, as a result of this paper and the hard work of Dan Kaminsky, most vulnerability scanning tools (including Nmap) should now have a plugin or signatures that allow you to remotely detect infected Conficker systems on your networks. Finally, we would like to recognize and thank the tremendous help and input of the Conficker Working Group.

Paper last updated March 30th 2009, 23:00 GMT (rev1)
PDF MD5sum = 135ba75c33534327eb2800e98c8077e8 (KYE-Conficker.pdf)

Foreign Phisher Makes History with US Conviction

Via TechWorld.com -

A 23-year-old Romanian man has become the first foreigner to be convicted by a US court for phishing.

Ovidiu-Ionut Nicola-Roman, of Craiova, Romania, was sentenced to four years and two months in prison Monday for his role in an international phishing operation. Prosecutors had charged him with setting up fake banking sites and then sending out tens of thousands of fraudulent spam messages in hopes of tricking victims into giving up their account information.

The sentence was handed down by Judge Janet Hall of the United States District Court in Connecticut.

Nicola-Roman was arrested in Bulgaria and extradited to the US in November 2007. He pleaded guilty last July to a fraud charge and had been facing a possible five years in prison. Additional charges that he faced in California were dropped because they were not listed in his extradition request.

He was charged as part of a larger phishing bust that also named six other Romanians, none of whom have been arrested.

Security experts say countries such as Russia, Romania and the Ukraine have become hotbeds of cybercrime, in part because local governments are slow to prosecute fraudsters who take money from victims in other countries such as the US.

The FBI said Monday that Internet fraud complaints had spiked 33 percent year-over-year in 2008.

In Nicola-Roman's case, prosecutors said they found 2,600 credit and debit card numbers in email accounts linked to him, and that he had probably harvested more information. He set up a fake phishing site to snare customers of People's Bank in October 2005, but also had tools that would have allowed him to phish customers of Wells Fargo, Suntrust, Amazon.com, PayPal and eBay, according to court documents.

He doesn't appear to have written software himself, but assembled a large collection of online fraud tools, including a program called Web Data Extractor, which harvested e-mail addresses. He sent spam to victims using a program called Email Sender Express, which could send 30,000 spam messages per hour, and created counterfeit cards using a program called T2Gen, prosecutors said. Another program, called WebZIP Unlimited, could be used to counterfeit legitimate websites.

According to data supplied to prosecutors by People's Bank, 78 of the 88 People's Bank card numbers that investigators found in Nicola-Roman's possession had been used for fraud. Nicola-Roman was able to take an average of $960 (approx £722) per card number collected, prosecutors said.

Somali Pirates Hijack Two Tankers in 24 Hours

Via Google (AP) -

Pirates armed with machine guns pursued and captured a Norwegian chemical tanker off the coast of Somalia on Thursday, the owners said, less than 24 hours after a smaller Greek-owned vessel was seized in the same area.

The U.S. 5th Fleet, which patrols the pirate-infested Gulf of Aden, confirmed both hijackings and said they happened in the same area but separate from the gulf, one of the world's busiest — and now most treacherous — sea lanes.

The 23,000-ton Norwegian-owned Bow Asir was seized 250 miles (400 kilometers) off the Somali coast on Thursday morning, and the 9,000-ton Greek-owned Nipayia, with 19 crew members, was attacked about 450 miles (720 kilometers) off Somalia on Wednesday afternoon, the European Union's military spokesman said.

Norway's shipowner's association said the Bow Asir had a crew of 27 with a Russian captain, but the 5th Fleet said there were 23 crew on board. Fleet spokesman Lt. Nate Christensen said the Norwegian ship was Bahamian-flagged, but he did not know its cargo. U.S. Cmdr. Jane Campbell confirmed the hijacking on Wednesday of the Nipayia.

Both vessels are chemical tankers but their cargoes were not immediately made public

A Nairobi-based diplomat said the Nipayia had 18 Filipinos on board and a Russian captain. He said the ship is managed by Athens-based Lotus Shipping, speaking on condition of anonymity because he was not authorized to speak to the press.

The owner of the Norwegian Bow Asir, Salhus Shipping AS, said it received a security alert message from the Bow Asir at 0729GMT saying the ship was being chased by two small boats with suspected pirates on board.

At 0745GMT, the captain reported that the pirates had boarded the vessel, and three hours later, Salhus Shipping received an e-mail from the ship confirming that 16 to 18 pirates carrying machine guns had gained control, managing director Per H. Hansen said in a statement.

"We have no reports of any injuries," he said. "We are doing our utmost to ensure the safety of the crew, and have established communication lines with naval forces, insurance companies, flag state and charterer."

Japan Vows to Shoot Down North Korean Missile - if it fails

Via Janes.com -

The Japan Self-Defense Force (JSDF) is preparing to destroy a ballistic missile test-fired from North Korea should a failed launch pose a danger to Japan, a defence official has stated.

Following a high-level security meeting with Prime Minister Taro Aso on 27 March, Japan's Defence Minister Yasukazu Hamada was expected to order the JSDF to activate Japan's missile defence system to prepare to shoot down the missile or any debris after it is fired in early April.

This destruction order is based on Article 82-2 of JSDF Law, which stipulates that, even if the possibility of a missile or rocket falling onto Japan is unclear, the JSDF can take preventative action.

North Korea is poised to launch what it claims is a satellite launch vehicle between 4-8 April to boost national prestige ahead of the Supreme People's Assembly starting on 9 April.

Report: Chinese Develop Special "Kill Weapon" to Destroy U.S. Aircraft Carriers

Via UNSI.org -

With tensions already rising due to the Chinese navy becoming more aggressive in asserting its territorial claims in the South China Sea, the U.S. Navy seems to have yet another reason to be deeply concerned.

After years of conjecture, details have begun to emerge of a "kill weapon" developed by the Chinese to target and destroy U.S. aircraft carriers.

First posted on a Chinese blog viewed as credible by military analysts and then translated by the naval affairs blog Information Dissemination, a recent report provides a description of an anti-ship ballistic missile (ASBM) that can strike carriers and other U.S. vessels at a range of 2000km.

The range of the modified Dong Feng 21 missile is significant in that it covers the areas that are likely hot zones for future confrontations between U.S. and Chinese surface forces.

The size of the missile enables it to carry a warhead big enough to inflict significant damage on a large vessel, providing the Chinese the capability of destroying a U.S. supercarrier in one strike.

Because the missile employs a complex guidance system, low radar signature and a maneuverability that makes its flight path unpredictable, the odds that it can evade tracking systems to reach its target are increased. It is estimated that the missile can travel at mach 10 and reach its maximum range of 2000km in less than 12 minutes.

Supporting the missile is a network of satellites, radar and unmanned aerial vehicles that can locate U.S. ships and then guide the weapon, enabling it to hit moving targets.

While the ASBM has been a topic of discussion within national defense circles for quite some time, the fact that information is now coming from Chinese sources indicates that the weapon system is operational. The Chinese rarely mention weapons projects unless they are well beyond the test stages.

If operational as is believed, the system marks the first time a ballistic missile has been successfully developed to attack vessels at sea. Ships currently have no defense against a ballistic missile attack.

Along with the Chinese naval build-up, U.S. Navy officials appear to view the development of the anti-ship ballistic missile as a tangible threat.

-----------------------

The ASBM is said to be a modified Dong Feng 21 (DF-21).

Firefox Attacks Sharpen Bite

Via eWeek (Security Watch) -

Security researchers are highlighting a more powerful breed of attack that is specifically targeting users of the open source Mozilla Firefox web browser.

Long touted for its improved security over rival browsers including Microsoft IE, Firefox has been mined for dozens of vulnerabilities over the last few years, but the application hasn't ever faced the same level of attacks as Explorer.

However, experts are charting the emergence of a new, sophisticated breed of Firefox threat that packs a significantly more potent punch than its predecessors.

Posting to the Webroot Threat Blog, longtime security researcher Andrew Brandt describes several newly discovered pieces of badware in circulation that he cites as "raising the bar" for Firefox attacks.

"In the past few weeks, we've seen malware writers up the ante in their bets against Firefox. Two new spies came across the transom in the past week, and easily managed to load themselves into a freshly installed copy of Firefox 3.0.7. I should note that this isn't due to any problem or negligence on Mozilla's part; once you execute malicious code on your PC, any application is vulnerable. Firefox just happens to be a big target," Brandt notes.

The first piece of malware Brandt points to is a malicious plugin that appears to be a new variant of a known spyware attack, DNSChanger. Framed as a browser hijacking ploy, the installer drops a DLL payload into the Firefox components folder, and then runs in the background from thereon.

The threat, also ID'd as "Firesox" then injects ads or modified results when it detects certain search query strings sent to engines including Google, Yahoo, MSN, Altavista, Teoma, Ask, Pricegrabber, Brandt reports.

"In the past, we saw DNSChanger used to help fraudulent advertising affiliates boost their numbers, and to direct unsuspecting users to rogue antimalware tools by generating bogus results. It remains to be seen whether this new variant will be as prolific as the old version," he writes.

The second attack highlighted in the researcher's blog post is a piece of adware that only installs correctly with Firefox versions 3.x or later. Parceled together with other programs and a too-long-to-read EULA, the threat, dubbed Foxicle, appears after users attempt to opt-out of another adware toolbar, Mirar.

Whether they agree to keep Mirar or end up saddled with Foxicle, users unlucky enough to stumble onto the programs appear destined to stare at some unwanted ads when they're browsing.

In both cases, the attacks represent a new generation of Firefox threats in their ability to cloak themselves from discovery, Brandt contends.

"Neither Firesox, the DNSChanger clone, or Foxicle put an obvious entry in Firefox's plugins dialog that signal their presence. While not widely distributed, I suspect we'll be seeing more of them," he said.

Taliban Leader Vows To Attack D.C. Says “Will Amaze The World”

Via CBSNews -

The top Taliban commander in Pakistan promised an assault on Washington "soon" - one he says will "amaze" the world.

"Soon we will launch an attack in Washington that will amaze everyone in the world," Baitullah Mehsud told The Associated Press by phone.

Mehsud also claimed responsibility for Monday's attack on a police academy outside the eastern Pakistani city of Lahore, saying it was in retaliation for U.S. missile strikes against militants along the Afghan border.

Mehsud and other Pakistani Taliban militants are believed to be based in the country's lawless areas near the border with Afghanistan, where they have stepped up their attacks throughout Pakistan.

One year ago, CBS News security correspondent Bob Orr reported that U.S. intelligence officials were increasingly concerned that Mehsud could eclipse even Osama bin Laden as a threat to America.

The U.S. recently announced a $5 million bounty on Mehsud's head. Asked about it, he told the AP he would be happy to "embrace martyrdom."

Wireshark PROFINET DCP Format String Vulnerability

http://secunia.com/advisories/34542/

Description: A vulnerability has been discovered in Wireshark, which can potentially be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a format string error within the PN-DCP dissector when processing station names containing format string specifiers. This can be exploited to cause a crash and potentially execute arbitrary code via specially crafted packets captured off the wire or loaded via a capture file. The vulnerability is confirmed in version 1.0.6. Other versions may also be affected.

Solution: Disable support for the "PN-DCP" protocol.

Provided and/or discovered by: THCX Labs

Original Advisory: http://milw0rm.com/exploits/8308

----------------------------------------------------

The PN-DCP protocol can be disabled in Wireshark by hitting "Shift-Ctrl-R" and then unchecking "PN-DCP".

The Snooping Dragon: Social-Malware Surveillance of the Tibetan Movement

In this note we document a case of malware-based electronic surveillance of a political organisation by the agents of a nation state. While malware attacks are not new, two aspects of this case make it worth serious study. First, it was a targeted surveillance attack designed to collect actionable intelligence for use by the police and security services of a repressive state, with potentially fatal consequences for those exposed. Second, the modus operandi combined social phishing with high-grade malware. This combination of well-written malware with well-designed email lures, which we call social malware, is devastatingly effective. Few organisations outside the defence and intelligence sector could withstand such an attack, and although this particular case involved the agents of a major power, the attack could in fact have been mounted by a capable motivated individual. This report is therefore of importance not just to companies who may attract the attention of government agencies, but to all organisations. As social-malware attacks spread, they are bound to target people such as accounts-payable and payroll staff who use computers to make payments. Prevention will be hard. The traditional defence against social malware in government agencies involves expensive and intrusive measures that range from mandatory access controls to tiresome operational security procedures. These will not be sustainable in the economy as a whole. Evolving practical low-cost defences against social-malware attacks will be a real challenge.

University of Cambridge Report (3.0 MB)
http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-746.pdf

-----------------------

Grab a copy of the other report on GhostNet over @ F-Secure
http://www.f-secure.com/weblog/archives/00001637.html

Software Labs Warn of ATM Virus Used to Steal Money

Via InfoTech.TMCNet.com -

Russia's leading computer security labs have warned of a new software virus which infects Automatic Teller Machines (ATM) to steal money from bank accounts of their users.

Two leading anti-virus software producers 'Doctor Web' and 'Kaspersky Lab' claimed to have discovered a new virus, in the networks of several bank ATMs, which is able to collect information from bank cards.

"This is a malicious programme intended to infect and survive in ATMs. It is possible that new software will appear, aimed at illegitimately using banking information and removing funds," an official of the Kaspersky Lab was quoted as saying by RIA Novosti news agency.

He said the virus is a Trojan which is able to infect the popular American Diebold brand of ATMs, used in Russia and Ukraine. Judging by the programming code used, there is a high probability that the programmer comes from one of the former Soviet republics, he added.

The computer security experts say the number of infected ATMs is minimal but individual bank cardholders will not be able to detect whether an ATM is infected or not.

However, banks can run a security software to find out if their machines are at risk.

Mozilla Patches Firefox's Critical Pwn2Own Bug

Via ComputerWorld -

Mozilla Corp. patched two critical Firefox bugs on Friday, including one used the week before by a German student to win $15,000 for hacking three different browsers at the Pwn2Own contest.

Firefox 3.0.8 was released several days earlier than expected. As recently as Thursday, Mozilla had set April 1 as the ship date for what the company labeled a "high-priority fire-drill security update" that would fix not only the Pwn2Own bug, but another that was revealed last Wednesday.

Both vulnerabilities were rated critical by Mozilla, But the most notable was clearly the one exploited earlier this month at CanSecWest, the Vancouver, British Columbia security conference that hosts the Pwn2Own hacking challenge.

At the contest, a 25-year-old computer science student from Germany who would only give his first name as Nils hacked Firefox and Safari on an Apple Inc. notebook, as well as Microsoft Corp.'s Internet Explorer 8 running on Windows 7. Nils was paid $5,000 for each successful exploit by 3Com Inc.'s TippingPoint, the Pwn2Own sponsor.

According to Mozilla, Nils' bug is in XUL, Mozilla's XML user interface markup language. In some cases, the "_moveToEdgeShift" tree method crashed Firefox; that crash could then "be used by an attacker to run arbitrary code on a victim's computer," Mozilla concluded.

Mozilla restricted access to additional information on the vulnerability by locking down Bugzilla, its bug tracking and management database, allowing only authorized users to view more information on the flaw.

Firefox 3.0.8 also patched a critical vulnerability that had gone public on the milw0rm.com exploit site last Wednesday. The bug allowed an attacker to crash Firefox by using malicious XSL code embedded on a Web site. "An attacker could potentially use this crash to run arbitrary code on a victim's computer," Mozilla warned in the accompanying security advisory.

Mac OS X Kernel Exploit PoC Code Published

Via InformationWeek -

Proof-of-concept exploit code has been posted online for six kernel vulnerabilities, five of which affect Mac OS X 10.5.6, the most current version of Apple's operating system software.

The vulnerabilities were discussed at CanSecWest 2009 last week during a talk about security flaws in the FreeBSD, Mac OS X, and Solaris kernels by security researchers Christer Oberg and Neil Kettle of Convergent Network Solutions.

One of them, a local kernel root exploit in FreeBSD 7.0/7.1, has been patched.

The five that affect Mac OS X, which uses the Mach kernel and incorporates portions of FreeBSD Unix, remain unpatched.

In an e-mail, Kettle explained that the vulnerabilities exploited were not disclosed to Apple when they were found and remained private until they were published to Milw0rm.com on Monday. He said no one has yet complained about the disclosure of the vulnerabilities, noting that in his experience, kernel bugs are not as serious as other vulnerabilities. "We wanted to show how easy it still is to break production kernels in well-used operating systems," he said.

Inaki Urzay, CTO of Panda Security, said the proof-of-concept code isn't an immediate threat but that it could be in the future. "The vulnerabilities are proofs of concept that demonstrate the code can take control of a machine, either via creating a privilege escalation modifying the users or launching DoS local attacks against the PC," he said in an e-mail. "The proof of concept code has the ability to create a new system volume, call to some OS functions, change the user ID, and so on, without administrative privileges."

The PoC code is designated as follows: 1) Mac OS X xnu <= 1228.3.13 (zip-notify) Remote Kernel Overflow PoC; 2) Mac OS X xnu <= 1228.3.13 (macfsstat) Local Kernel Memory Leak/DoS; 3) Mac OS X xnu <= 1228.3.13 (profil) Kernel Memory Leak/DoS PoC; 4) Mac OS X xnu <=1228.x (vfssysctl) Local Kernel DoS PoC; and 5) Mac OS X xnu <= 1228.x (hfs-fcntl) Local Kernel Root Exploit.

-----------------------------

Several of the exploits can be found on Milw0rm's DoS / PoC Section...

Hezbollah Uses Mexican Drug Routes Into U.S

Via Washington Times -

Hezbollah is using the same southern narcotics routes that Mexican drug kingpins do to smuggle drugs and people into the United States, reaping money to finance its operations and threatening U.S. national security, current and former U.S. law enforcement, defense and counterterrorism officials say.

The Iran-backed Lebanese group has long been involved in narcotics and human trafficking in South America's tri-border region of Paraguay, Argentina and Brazil. Increasingly, however, it is relying on Mexican narcotics syndicates that control access to transit routes into the U.S.

Hezbollah relies on "the same criminal weapons smugglers, document traffickers and transportation experts as the drug cartels," said Michael Braun, who just retired as assistant administrator and chief of operations at the U.S. Drug Enforcement Administration (DEA).

"They work together," said Mr. Braun. "They rely on the same shadow facilitators. One way or another, they are all connected.

"They'll leverage those relationships to their benefit, to smuggle contraband and humans into the U.S.; in fact, they already are [smuggling]."

His comments were confirmed by six U.S. officials, including law enforcement, defense and counterterrorism specialists. They spoke on the condition that they not be named because of the sensitivity of the topic.

[...]

A U.S. official with knowledge of U.S. law enforcement operations in Latin America said, "we noted the same trends as Mr. Braun" and that Hezbollah has used Mexican transit routes to smuggle contraband and people into the U.S.

Two U.S. law enforcement officers, familiar with counterterrorism operations in the U.S. and Latin America, said that "it was no surprise" that Hezbollah members have entered the U.S. border through drug cartel transit routes.

"The Mexican cartels have no loyalty to anyone," one of the officials told The Washington Times. "They will willingly or unknowingly aid other nefarious groups into the U.S. through the routes they control. It has already happened. That's why the border is such a serious national security issue."

GhostNet - Vast Spy System Loots Computers in 103 Countries

Via NYTimes -

A vast electronic spying operation has infiltrated computers and has stolen documents from hundreds of government and private offices around the world, including those of the Dalai Lama, Canadian researchers have concluded.

In a report to be issued this weekend, the researchers said that the system was being controlled from computers based almost exclusively in China, but that they could not say conclusively that the Chinese government was involved.

The researchers, who are based at the Munk Center for International Studies at the University of Toronto, had been asked by the office of the Dalai Lama, the exiled Tibetan leader whom China regularly denounces, to examine its computers for signs of malicious software, or malware.

Their sleuthing opened a window into a broader operation that, in less than two years, has infiltrated at least 1,295 computers in 103 countries, including many belonging to embassies, foreign ministries and other government offices, as well as the Dalai Lama’s Tibetan exile centers in India, Brussels, London and New York.

The researchers, who have a record of detecting computer espionage, said they believed that in addition to the spying on the Dalai Lama, the system, which they called GhostNet, was focused on the governments of South Asian and Southeast Asian countries.

Intelligence analysts say many governments, including those of China, Russia and the United States, and other parties use sophisticated computer programs to covertly gather information.

The newly reported spying operation is by far the largest to come to light in terms of countries affected.

This is also believed to be the first time researchers have been able to expose the workings of a computer system used in an intrusion of this magnitude.

Still going strong, the operation continues to invade and monitor more than a dozen new computers a week, the researchers said in their report, “Tracking ‘GhostNet’: Investigating a Cyber Espionage Network.” They said they had found no evidence that United States government offices had been infiltrated, although a NATO computer was monitored by the spies for half a day and computers of the Indian Embassy in Washington were infiltrated.

The malware is remarkable both for its sweep — in computer jargon, it has not been merely “phishing” for random consumers’ information, but “whaling” for particular important targets — and for its Big Brother-style capacities. It can, for example, turn on the camera and audio-recording functions of an infected computer, enabling monitors to see and hear what goes on in a room. The investigators say they do not know if this facet has been employed.

The researchers were able to monitor the commands given to infected computers and to see the names of documents retrieved by the spies, but in most cases the contents of the stolen files have not been determined. Working with the Tibetans, however, the researchers found that specific correspondence had been stolen and that the intruders had gained control of the electronic mail server computers of the Dalai Lama’s organization.

The electronic spy game has had at least some real-world impact, they said. For example, they said, after an e-mail invitation was sent by the Dalai Lama’s office to a foreign diplomat, the Chinese government made a call to the diplomat discouraging a visit. And a woman working for a group making Internet contacts between Tibetan exiles and Chinese citizens was stopped by Chinese intelligence officers on her way back to Tibet, shown transcripts of her online conversations and warned to stop her political activities.

The Toronto researchers said they had notified international law enforcement agencies of the spying operation, which in their view exposed basic shortcomings in the legal structure of cyberspace. The F.B.I. declined to comment on the operation.

Although the Canadian researchers said that most of the computers behind the spying were in China, they cautioned against concluding that China’s government was involved. The spying could be a nonstate, for-profit operation, for example, or one run by private citizens in China known as “patriotic hackers.”

“We’re a bit more careful about it, knowing the nuance of what happens in the subterranean realms,” said Ronald J. Deibert, a member of the research group and an associate professor of political science at Munk. “This could well be the C.I.A. or the Russians. It’s a murky realm that we’re lifting the lid on.”

Mozilla Pounces On New Firefox Zero-Day Exploit

Via DarkReading -

A zero-day exploit for Firefox was unleashed online yesterday, but Mozilla didn't waste any time before patching for the critical vulnerability it abuses: The open-source group now has a patch ready for the flaw that will ship with the next Firefox update on April 1.

The researcher who discovered the vulnerability yesterday released with it proof-of-concept code. Mozilla developers jumped on it right away, coming up with a fix.

The flaw is a remote memory corruption vulnerability that affects all versions of Firefox 3.0.x, and could let an attacker execute malware on a victim's machine or crash the browser, according to the vulnerability report. The user would have to be lured into viewing a malicious file with his Firefox browser.

Johnathan Nightingale, whose title at Mozilla is "human shield," says so far Mozilla hasn't seen signs of an exploit in the wild for the bug.

The vulnerability affects Windows, OS X, and Linux versions of Firefox 3.0.x.

Web Fraud 2.0: Data Search Tools for ID Thieves

Via Washington Post (Security Fix) -

Data such as your Social Security number, mother's maiden name and credit card balance are not as difficult for ID thieves to find as most people think. I've recently learned that cyber crooks are providing cheap, instant access to detailed consumer databases, offering identity thieves the ability to find missing data as they compile dossiers on targeted individuals. Security Fix spent the past week testing services offered by two Web sites that sell access to a wealth of information on consumers. Each site offers free registration, but requires users to fund their accounts via Webmoney, a PayPal-like virtual currency that is popular in Russia and Eastern Europe.

I enlisted the help of a half-dozen volunteers who agreed to let me try to find their personal and financial data on these sites. For a payment of $3 each, I was able to find full Social Security numbers on four of the volunteers, as well as their most recent street addresses and birthdays.

Another set of three $3 payments allowed me to gather the mother's maiden name (MMN) on half of the volunteers. For both the SSN and MMN lookups, all that is required is the target's name, street number, and ZIP code (see snapshot above). Users are not charged for queries that fail to return results.

Using the service pictured above, customers can check the available balance on a credit card for a $1 payment, by including just the credit card number, the name of the cardholder, and his or her address. According to one source who is investigating the back-end technology behind this credit card balance-checking service, the site's operators are dialing in to the automated voice response units at various card issuers, using Skype, an Internet-based telephone service that can mask the caller's phone number and location.

Other data points that users can query the target's date of birth (50 cents per lookup); mother's date of birth ($6); drivers license number ($8); background report ($15); and credit report ($24). The site also offers a service that automates the changing the billing address on a target's credit or debit card ($35).

It's unclear how these sites are obtaining this kind of information. It may be that they're relying on insiders at companies with access to this data. Alternatively, perhaps the services are making use of using stolen credentials needed to access sensitive online databases. More likely, it is a mixture of both.

The legality of these services depends largely upon how the information was gathered. Obviously, selling data obtained via stolen credentials that allow access to a protected database would be illegal. And of course, no business can legally resell the ability to change someone else's credit card billing address without the owner's permission.

But there are several commercial services that sell massive amounts of consumer data that is collected from public sources, such as mortgage and court records. In fact, federal law does not prohibit the resale of Social Security numbers and other consumer data that was collected from public sources, said Ari Schwartz, vice president and chief operating officer for the Center for Democracy & Technology.

For example, services like Intelius.com, sell loads of consumer data, such as the ability to find someone's identity by looking up a cell phone number.

"They might be aggregating this data in ways that could be legal for them to resell," Schwartz said. "Once that data is gathered from public sources, there aren't really rules about what you can do with it."

For the past several years, lawmakers in Congress have tried but failed to gain support for legislation to block the resale of Social Security numbers and other sensitive consumer data without an individual's consent.

Researchers Can ID Anonymous Twitterers

Via ITWorld -

Web sites that strip personally identifiable information about their users and then share that data may be compromising their users' privacy, according to researchers at the University of Texas at Austin.

They took a close look at the way anonymous data can be analyzed and have come to some troubling conclusions. In a paper set to be delivered at an upcoming security conference, they showed how they were able to map out the connections on public social networks such as Twitter and Flickr. They were then able to identify people who were on both networks by looking at the many connections surrounding their network of friends. The technique isn't 100 percent effective, but it may make some users uncomfortable about whether they should allow their data to be shared in an anonymous format.

Web site operators often share data about users with partners and advertisers after stripping it of any personally identifiable information such as names, addresses or birth dates. Arvind Narayanan and fellow researcher Vitaly Shmatikov found that by analyzing these "anonymized" data sets, they could identify Flickr users who were also on Twitter about two-thirds of the time, depending on how much information they have to work with.

"A lot of the time people will share information online and they'll expect that they are anonymous," Narayanan said in an interview. But if their identity can be ascertained on one social network, its possible to find out who they are on some other network, or at least make a "strong guess," he said.

They do this not just by looking at one person's immediate circle of friends, but by analyzing the patterns in the connections between all friends on the social network. "The more of a person's network you can map out, the easier it gets to de-anonymize someone in the future, wherever they might go," he said.

In 2006, hoping to give search researchers a useful tool, AOL released a database of more than 650,000 user search records. Although this data was scrubbed, it didn't take long for the New York Times to identify one user based on her search queries, showing how supposedly anonymous data could be used to identify people.

The technique described by the University of Texas researchers could be used by government agencies looking to do surveillance or by online marketers or even scammers who want to target people with their messages. And it doesn't only apply to social networks. This method could be used to identify users in databases of phone calls too, the researchers say.

Narayanan and Shmatikov used similar techniques two years ago to show how they could identify Netflix users by comparing the anonymous movie rating data released by Netflix with publicly available reviews posted to the Internet Movie Database.

The research also has implications for privacy policies on social networks, which share information on users, but with personally identifiable information such as names removed. According to Narayanan and Shmatikov, current techniques simply do not make people anonymous.

"Social-network operators should stop relying on anonymization as the 'get out of jail' card insofar as user privacy is concerned," they write on their Web site. "They should inform users when their information is disclosed to third parties, even if this information has been anonymized, and give them the opportunity to opt out."

Al-Qaeda Ideologue Describes Alleged Spread of Al-Qaeda in the Levant

Via The Jamestown Foundation -

A leading jihadi ideologue known as “the Spearhead of the Mujahedeen” claims that al-Qaeda already exists in Palestine and soon there will be “huge good news” to prove its existence. In an internet question and answer session, “Assad al-Jihad 2” concentrated on the Israeli-Palestinian conflict in the shadow of last December’s Gaza conflict. Assad al-Jihad 2 is a regular contributor of articles written on behalf of al-Qaeda and affiliated groups, which are usually posted on jihadi web-forums and are highly regarded by their users. The question and answer session was published by al-Qaeda’s Global Islamic Media Front and posted on several jihadi websites (al-faloja.info, February 7).

Assad al-Jihad 2 focused on the so-called “al-Qaeda in the Levant,” claiming that this organization is “well-established and firm in the region, like the Levant’s mountains. [The organization] has studied every inch of the Levant, sent their reports to the leaders of al-Qaeda, and discussed them with the geniuses of the organization. [Al-Qaeda] has penetrated the Levant states and infiltrated them. I think the reason for the delay in announcing the presence of the organization is due to waiting for the completion of preparations.”

The ideologist stated that the goal of al-Qaeda in the region is to fight against Israel, alleging that the organization was already behind missile strikes on “the north of so-called Israel” on June 17, 2007, and again in January 2008; “one day before [ex-President] Bush’s visit to the region.” Assad al-Jihad 2 also claimed that the weapons the Lebanese army announced they discovered stored in the south of the country on December 25, 2008 belonged to al-Qaeda in the Levant. He claimed that these Russian pattern Grad rockets were stored for use in attacks on Akka (Acre) and the northern Israeli cities of Nahariya and Shlomi. Nahariya was targeted by hundreds of Hezbollah rockets in 2006; Shlomi was struck by Hezbollah rockets in 2005 and 2006.

Assad al-Jihad 2 asserted that al-Qaeda started to attack Israel from Lebanon in December 2005, when the late leader of al-Qaeda in Iraq, Abu Mus’ab al-Zarqawi, claimed responsibility for launching missile attacks on northern Israel (Daily Star [Beirut], December 20, 2005; Jerusalem Post, December 30, 2005). Assad al-Jihad 2 also claimed Osama Bin Laden has sent some al-Qaeda leaders to create bases in Lebanon. One of these leaders was Salih al-Qablawi (Abu Ja’afar al-Maqdesi) from Ain al-Hilwa, who was the mastermind behind an attack against Israel in 2002. Al-Qablwai later became friends with al-Zarqawi and appeared with him in a video in 2006 before being killed in Iraq the same year.

Security Projects Aim for Google Summer of Code 2009

Via SecurityFocus -

A number of security-focused open-source projects have announced their participation as mentoring organizations in Google's Summer of Code.

The NMap Project plans to sponsor students who will code modifications to the NMap port scanner's scripting engine, the ZenMap graphical frontend to the tool and the NCat networking utility. The OpenSSH project is looking for a few good students to help rewrite the sftp secure copy tool and improve performance. And, the Honeynet Project announced a slate of proposals to attract students interested in participating in the initiative, including improving the honeypots, developing a managed solution for client-side honeypots and visualizing the data from a deployed honeynet.

While 2009 will be the Honeynet Project's first year in the Google Summer of Code, the members are excited about the program, said project leader Lance Spitzner.

"We are looking to get a lot of stuff done," he said. "We tend to find that the best honeypot development comes from students."

In its fifth year, Google's Summer of Code allows students to work on coding projects that help the open-source software industry. In 2005, its first year sponsoring the program, Google accepted 400 student projects mentored by 40 open-source projects. Last year, the company worked with 175 organization to mentor 1,125 students, but plans to pare back to 1,000 students this year.

Among the other security-related projects, Harvard University's Berkman Center will sponsor applicants to work on an open Web community platform using reputations derived from its StopBadware.org service. The KDE Project is also looking for security coding and modeling for its desktop project, Plasma.

The Globus Alliance, a group focused on developing fundamental grid-computing technologies, and the National Center for Supercomputing Applications (NCSA) at University of Illinois are also sponsoring project focusing on the security of token-based grid architectures and more general cybersecurity initiatives.

The deadline for applying to Google's Summer of Code is Friday, April 3. Google pays the student programmer $4,500 and gives $500 to the mentoring organization.

Japan Says Ready to Shoot Down North Korean Missile

Via Yahoo! News -

Japan on Friday gave its military the green light to shoot down any incoming North Korean rocket, with tensions high ahead of a planned launch that the US and allies say will be an illegal missile test.

Japanese and US warships have already deployed ahead of the April 4-8 window, when the secretive North has said it will launch a communications satellite -- warning that shooting it down would be seen as an act of war.

But South Korea, Japan and the United States have all warned the North that any launch would be unacceptable, amid fears the regime is actually intending to test a long-range missile that could reach North America.

Russia -- which with the two Koreas, China, Japan and the US is part of a six-party forum working on the North's nuclear disarmament -- urged Pyongyang not to carry out the launch, saying there was no need to "ignite passions".

The security council in Japan, officially pacifist since the end of World War II, decided ahead of time to shoot down any incoming missile that could hit its territory rather than wait until a launch.

"The security council this morning decided to issue a destruction order in advance," said Defence Minister Yasukazu Hamada. "We will do our best to handle any flying object from North Korea."

The North said Thursday that even referring a launch to the United Nations would ruin the long-running and erratic six-nation nuclear disarmament talks, during which North Korea has already tested one missile and an atomic bomb.

US National Intelligence Director Dennis Blair said the North wanted to show it had the technology to launch an intercontinental ballistic missile.

The North is believed to be preparing to test a Taepodong-2 that could hit Alaska.

"North Korea is attempting to demonstrate an ICBM capability through a space launch," Blair said.

Japan has announced no plans to strike the North Korean rocket unless it appears to pose a direct threat, for example due to a mishap that could send an errant missile or debris flying toward the country.

"There are various scenarios -- for example, a case of failure," Hamada said. "It's extremely unpleasant that an object flies over our territories."

Pyongyang has reportedly already put a rocket onto one of its launch pads, raising the stakes in a delicate diplomatic stand-off that has come just two months into the new US administration of President Barack Obama.

[...]

he six-nation talks have offered the North aid and security guarantees in exchange for dismantling its nuclear programme.

North Korea said Thursday that bringing any launch to the United Nations would be a "hostile action" that would end the negotiations.

The United States, which says the launch would violate a UN Security Council resolution, has vowed to do so.

"The six-party talks will become non-existent," a spokesman for the North's foreign ministry told official media.

In Moscow, Russian Deputy Foreign Minister Alexei Borodavkin told reporters: "North Korea would be better off refraining from it."

"There is no need to ignite passions around this problem," he was quoted as saying by Russian news agencies.

Aussie Classification Site Hacked in Censorship Protest

Via The Register UK -

Hackers broke into the Australian government's film and videogame classification website yesterday and posted a message opposing comms minister Stephen Conroy's trial of internet filtering.

At the time of writing the site is still unavailable - but here is a screengrab of the front page kindly sent in by an Antipodean Reg reader.

Conroy was appearing on ABC TV show Q&A last night and from all accounts did not win many new recruits to his plan to filter internet content for all Aussies. The show should be available for download from here a little later.

The trial of the great Aussie Firewall has faced increased criticism since the secret blacklist of banned sites was published on WikiLeaks. Contrary to Conroy's promises the list included many sites which had nothing to do with child sexual abuse. The website of a travel agent and a Queensland dentist were among those which Australian citizens may not visit.

An Aussie photographer also found his pictures on the blacklist - Conroy blamed "technical errors" for the gaffe.

Conroy originally denied the leaked addresses were the Australian Communications and Media Authority(ACMA) list but then changed his mind and admitted it was broadly similar.

GAO Investigators Get Government Approval for Fake Medical Product

Via FoxNews -

U.S. government investigators looking into lax screening of medical research said Thursday they easily won approval from a private review board of a fake product to be used in medical testing on human subjects.

The Government Accountability Office also said it was able to register with the Health and Human Services Department a fictitious institutional review board, a panel of doctors and scientists that must approve any medical drug or device to be used in federally funded testing on humans. The president of this fake review board was a dog named Trooper.

The GAO said its investigation showed that they system "is vulnerable to unethical manipulation, particularly by companies or individuals who intend to abuse the system or to commit fraud."

Rep. Bart Stupak, a Democrat and chairman of the House Energy and Commerce Committee's oversight and investigations panel, said the findings "raise serious questions" about both the specific IRB that approved the fake product and "the entire system for approving experimental testing on human beings."

Officials from health department and the Food and Drug Administration assured lawmakers that there were substantial protections in place to ensure that testing is done in a responsible and ethical manner.

The review board that fell for the GAO ruse, Coast IRB, LLC., charged that the GAO violated federal and state criminal laws by falsely representing itself to be a medical device company and forging a medical license.

"We got hoodwinked," said Daniel Dueber, Coast IRB's chief executive officer.

"You didn't get hoodwinked," Stupak replied. "You took the bait, hook, line and sinker."

---------------------------------

Ohh man, I love the GAO.

I really don't understand this..."well, what they did was illegal" defense. It's like the IRS not finding instances of tax fraud because according to the law, cheating the IRS is illegal...thus no ones would attempt to do it - so we don't have to look.

That view is wrong on so many levels...

Individuals looking to manipulate ANY system for fraudulent purposes clearly don't care much about the laws - that is why it is called "fraud".

Approval processes exist to weed out the bad stuff...including the illegal. So, how did this happen?

Slides - CanSecWest Vancouver 2009

http://cansecwest.com/csw09archive.html

IATRP Reveals IAM / IEM Student Information

http://iatrp.com/certified_list.php?w=IEM

The following individuals successfully completed the NSA-sponsored IAM or IEM course on the date indicated. An individual's placement on this list does not constitute an endorsement, recommendation or warranty of his/her services on the part of NSA or any other government agency, nor does it imply any confirmation of an individual's experience level or ability. This web page is merely intended to distribute contact information of individuals who have successfully passed the IAM or IEM courses. Listed individuals are responsible for the accuracy of contact information.

This list is for official IATRP purposes and should not be used for mass mailing.

Student Information for Official Use Only

---------------------------

The list contains information on hundreds of IAM / IEM students.

Company name, phone number and e-mail address.

'The Analyzer' Hack Probe Widens; $10 Million Allegedly Stolen From U.S. Banks

Via Wired.com (Threat Level) -

Ehud Tenenbaum, an Israeli hacker arrested in Canada last year for allegedly stealing about $1.5 million from Canadian banks, also allegedly hacked two U.S. banks, a credit and debit card distribution company and a payment processor in what U.S. authorities are calling a global "cashout" conspiracy.

The U.S. hacks have resulted in at least $10 million in losses, according to court records obtained by Threat Level, and are just part of a larger international conspiracy to hack financial institutions in the United States and abroad.

The broadened case highlights the continued vulnerability of U.S. financial networks to cybercrime, despite supposedly tight industry security standards. It comes on the heels of other multimillion-dollar heists that also breached the security protecting ATM codes and account information. In late 2007, criminals used four hacked iWire payroll cards to steal $5 million from ATMs around the world in just two days. Shortly thereafter, a processing server that handles withdrawals from Citibank-branded ATMs at 7-Eleven convenience stores was cracked, leading crooks to converge on New York to withdraw at least $2 million from Citibank accounts using the stolen ATM data. And a carefully coordinated global heist last November resulted in a one-day haul of $9 million in cash, following a breach at payment processor RBS WorldPay.

Tenenbaum, 29, made headlines a decade ago under his hacker handle "The Analyzer" for penetrating Pentagon computers and other networks. He'd been living in France, and had only been in Canada about five months on a six-month visitor's permit when he was arrested last August in Calgary with three alleged accomplices for allegedly hacking into Direct Cash Management, a Calgary company that distributes prepaid debit and credit cards. A Canadian court granted him CDN $30,000 bail, but before he could be released from jail, U.S. authorities swooped in with a provisional warrant to retain him in custody while they pursued an indictment and extradition.

"I think he's probably been getting away with stuff for 10 years," said Darren Hafner, an acting detective with the Calgary police who investigated Tenenbaum on the Canadian charges. "We haven't seen or heard from him since the Pentagon attack. But these guys tend to get this 'cops can't touch me attitude' and then they get sloppy like any criminal in any type of crime."

Documents in the U.S. case have been sealed, but Threat Level obtained an affidavit detailing the U.S. allegations filed with the Canadian court handling Tenenbaum's extradition case. The affidavit (.pdf) was signed by Hafner and provides insight into the wave of multimillion-dollar hacks that have hit a number of financial institutions in the last year as well as the trail of clues left behind by at least one of the alleged hackers.

According to the affidavit, in October 2007, the United States Secret Service began investigating "an international conspiracy" to hack into computer networks of U.S. financial institutions and other businesses. As part of that investigation, agents examined network intrusions that occurred in January and February 2008 at OmniAmerican Credit Union, based in Fort Worth, Texas, and Global Cash Card of Irvine, California, a distributor of prepaid debit cards used primarily for payroll payments.

In both cases, the attacker gained access using a SQL injection attack that exploited a vulnerability in the company's database software. The attacker grabbed credit and debit card numbers that were then used by thieves in several countries to withdraw more than $1 million from ATMs.

In April and May 2008, agents investigated two additional hacks at 1st Source Bank in Indiana, and at Symmetrex, a prepaid debit card processor based in Florida. The intruder again used a SQL injection attack, and losses added up to more than $3 million.

-------------------------------

SOLAR SUNRISE was a series of DoD computer network attacks which occurred from 1-26 February 1998. At least eleven attacks followed the same profile on Air Force, Navy, and Marine Corps computers worldwide.The attacks targeted key parts of the defense networks and obtained hundreds of network passwords. Although all DoD targeted systems were reported as unclassified, many key support systems reside on unclassified networks (Global Transportation System, Defense Finance System, medical, personnel, logistics, and official e-mail).

The attackers were two teenagers from California and one teenager from Israel - Analyzer.

Navy Chemist May Have Rediscovered 'Cold Fusion'

Via FoxNews -

Twenty years ago this week, a pair of previously unknown scientists stunned the world by announcing they'd done the impossible by achieving nuclear fusion in a lab flask at room temperature.

Martin Fleischmann and Stanley Pons quickly became celebrities as the news media hailed them for discovering a cheap source of nearly limitless power. But it all fell apart as other scientists couldn't duplicate their results, and the pair later admitted they'd made mistakes in the experiments.

Now a U.S. Navy researcher, speaking on the anniversary of their announcement and in the same city where they made it, thinks Fleischmann and Pons may have been right.

In a paper presented on Monday, chemist Pamela Mosier-Boss told the annual convention of the American Chemical Society in Salt Lake City that her team had gotten "very significant" evidence of some sort of nuclear reaction.

"To our knowledge, this is the first scientific report of the production of highly energetic neutrons from an LENR device," said Mosier-Boss, a researcher at the Navy's Space and Naval Warfare Systems Center in San Diego, in a press release.

[...]

"LENR" stands for "low energy nuclear reaction," which in this case happens in a lab flask containing palladium chloride mixed with deuterium, or "heavy water" made with a special form of hydrogen — the same setup Fleischmann and Pons used.

When an electrode was dipped into the flask and the power switched on, Mosier-Boss said, odd patterns of triple neutron strikes would appear on the adjacent plastic receptor.

Fleischmann and Pons' results centered on unexplainable excess heat resulting from the reaction. Mosier-Boss didn't get that, but the neutrons are even more significant.

"People have always asked 'Where's the neutrons?'" Mosier-Boss said in the press release. "If you have fusion going on, then you have to have neutrons. We now have evidence that there are neutrons present in these LENR reactions."

Nuclear fusion occurs at the center of stars, which fuse hydrogen nuclei together to create helium. It creates enormous amounts of energy, but it takes huge amounts of heat to happen at all.

Humans have so far generated the necessary heat only by detonating fission-based atomic bombs, which heat up cores of special two-neutron hydrogen to create a second, fusion-based explosion — a hydrogen bomb.

Decades of efforts to create controlled nuclear fusion, which could power reactors endlessly using cheap, abundant hydrogen, have so far been fruitless.

Most Electronic Voting Isn't Secure, CIA Expert Says

Via mcclatchydc.com -

The CIA, which has been monitoring foreign countries' use of electronic voting systems, has reported apparent vote-rigging schemes in Venezuela, Macedonia and Ukraine and a raft of concerns about the machines' vulnerability to tampering.

Appearing last month before a U.S. Election Assistance Commission field hearing in Orlando, Fla., a CIA cybersecurity expert suggested that Venezuelan President Hugo Chavez and his allies fixed a 2004 election recount, an assertion that could further roil U.S. relations with the Latin leader.

In a presentation that could provide disturbing lessons for the United States, where electronic voting is becoming universal, Steve Stigall summarized what he described as attempts to use computers to undermine democratic elections in developing nations. His remarks have received no news media attention until now.

Stigall told the Election Assistance Commission, a tiny agency that Congress created in 2002 to modernize U.S. voting, that computerized electoral systems can be manipulated at five stages, from altering voter registration lists to posting results.

"You heard the old adage 'follow the money,' " Stigall said, according to a transcript of his hour-long presentation that McClatchy obtained. "I follow the vote. And wherever the vote becomes an electron and touches a computer, that's an opportunity for a malicious actor potentially to . . . make bad things happen."

Stigall said that voting equipment connected to the Internet could be hacked, and machines that weren't connected could be compromised wirelessly. Eleven U.S. states have banned or limited wireless capability in voting equipment, but Stigall said that election officials didn't always know it when wireless cards were embedded in their machines.

While Stigall said that he wasn't speaking for the CIA and wouldn't address U.S. voting systems, his presentation appeared to undercut calls by some U.S. politicians to shift to Internet balloting, at least for military personnel and other American citizens living overseas. Stigall said that most Web-based ballot systems had proved to be insecure.

The commission has been criticized for giving states more than $1 billion to buy electronic equipment without first setting performance standards. Numerous computer-security experts have concluded that U.S. systems can be hacked, and allegations of tampering in Ohio, Florida and other swing states have triggered a campaign to require all voting machines to produce paper audit trails.

The CIA got interested in electronic systems a few years ago, Stigall said, after concluding that foreigners might try to hack U.S. election systems. He said he couldn't elaborate "in an open, unclassified forum," but that any concerns would be relayed to U.S. election officials.

Stigall, who's studied electronic systems in about three dozen countries, said that most countries' machines produced paper receipts that voters then dropped into boxes. However, even that doesn't prevent corruption, he said.

Turning to Venezuela, he said that Chavez controlled all of the country's voting equipment before he won a 2004 nationwide recall vote that had threatened to end his rule.

When Chavez won, Venezuelan mathematicians challenged results that showed him to be consistently strong in parts of the country where he had weak support. The mathematicians found "a very subtle algorithm" that appeared to adjust the vote in Chavez's favor, Stigall said.

Calls for a recount left Chavez facing a dilemma, because the voting machines produced paper ballots, Stigall said.

"How do you defeat the paper ballots the machines spit out?" Stigall asked. "Those numbers must agree, must they not, with the electronic voting-machine count? . . . In this case, he simply took a gamble."

Stigall said that Chavez agreed to allow 100 of 19,000 voting machines to be audited.

"It is my understanding that the computer software program that generated the random number list of voting machines that were being randomly audited, that program was provided by Chavez," Stigall said. "That's my understanding. It generated a list of computers that could be audited, and they audited those computers.

"You know. No pattern of fraud there."

A Venezuelan Embassy representative in Washington declined immediate comment.

XSS Rays - Open Source XSS Scanner

http://www.thespanner.co.uk/2009/03/25/xss-rays/

I’ve developed a new XSS scanner tool that’s written in Javascript called XSS Rays for Microsoft. They have given me permission to release the tool as open source which is awesome because it can be used for other open source applications. I recommend you use it as part of the web development process to make sure you’ve filtered XSS correctly on your application.

It works as a bookmarklet and scans any links, paths or forms on the target scanning page (even cross domain). You can add vectors to it quite easily and it includes some of the most common injections I’ve found on sites over the years. I’ve tested it on IE7/IE8 and Firefox but it could work in other browsers.

The advantage of the bookmarklet is that vectors can be customised for each browser and they are executed in the context of the browser, in IE8 standards mode were css expressions are disabled in IE8 the vector won’t be executed for example.

Hopefully there should be no false positives either because each vector is actually executed and it reported back as successful, in fact if there is a false positive it will be a bug in my code (lets hope not).

Mozilla Firefox XSL Parsing Remote Memory Corruption PoC 0day

// firefox XSL parsing remote memory corruption poc
// k`sOSe - works both in windows and linux

http://www.milw0rm.com/exploits/8285

Phoenix Mayor Welcomes Border Buildup

Via Yahoo! News (AP) -

Posing as police officers, gunmen in bulletproof vests pulled over a motorist, took him to a Phoenix house, bound him with zip ties and held him for a $30,000 ransom in an abduction that may have been carried out by Mexican drug smugglers.

The abduction earlier this month was one of nearly 1,000 kidnappings reported in Phoenix over the past three years in a surge of lawlessness so terrifying that the mayor welcomed the news this week that Washington is sending more manpower and equipment to the Mexican border, 180 miles to the south.

"It's a good first step, but we'll need to do more," said Mayor Phil Gordon, who had pleaded with Congress for help.

The Obama administration announced Tuesday that it will dispatch nearly 500 more federal agents to the border, along with X-ray machines and drug-sniffing dogs, to stop the spillover of violence into the U.S. from Mexican drug- and immigrant-smugglers.

Homeland Security Secretary Janet Napolitano said that the move is just a first step and that National Guardsmen might also be sent, something Texas Gov. Rick Perry has requested.

On Wednesday, Secretary of State Hillary Clinton paid her first visit to Mexico and pledged that the U.S. will help Mexico fight its murderous drug cartels, a battle that has cost more than 7,000 lives south of the border.

The additional federal agents will be used to fight crime and illegal immigration in border communities. Some will be stationed in between border communities; some will scrutinize motorists entering Mexico, to curb the smuggling of guns. Guns brought into Mexico from the U.S. are blamed for 95 percent of the killings south of the border.

Cracking passwords with Wikipedia, Wiktionary, Wikibooks etc

Via Sébastien Raveau's Blog -

One effective way of assessing password strength is to try and crack them, and as most of you probably know, dictionary attack is the simplest yet formidable technique for cracking passwords.

Now, the problem is: your dictionary has to be as exhaustive as possible. Relying solely on common dictionaries (such as The Collins, Le Larousse, the ones contained in spell checkers, etc) just won't do because these are very limited, whereas basic human nature has us looking around when prompted to choose a password; a lot of people will then choose "belinea" because it's the brand of the monitor sitting in front of their eyes, "abnamro" because it's the bank outside their window, and so on.

However, it is very likely that any word you can put your eyes on is already in Wikipedia: try it, it is amazing.

A couple of years ago I generated a quick & dirty wordlist from Wikipedia in a dozen of languages. It helped quickly crack countless passwords, a lot of which bruteforcing would never get to.

Recently I managed to spare some time in order to generate a new one, inventorying words from 2009 (my old Wikipedia wordlist doesn't even have "twitter", imagine that :-P ) and from a way more comprehensive list of sources.

[...]

All this represents tens of gigabytes of XML data that I processed with a little C program, but I'm not releasing the source code for this one as I don't want to be responsible for a bandwidth hit on the Wikimedia Foundation; I'm already more than grateful to them for helping me on a daily basis...

[...]

Currently, the wordlist can be downloaded from a temporary storage provided by my ISP: wikipedia-wordlist-sraveau-20090325.txt.bz2 (MD5=e28104f22192b84854d259d9e93b5042, just for integrity). Feel free to leave a comment if you need a re-upload, or better yet if you can provide hosting ;-)

North Korea Prepares Rocket for ‘Satellite’ Launch

Via Times Online UK -

North Korea is loading a Taepodong rocket in anticipation of the launch of a communications satellite next month, US officials said.

Regional powers, however, worry that the claim is a cover for the launch of a long-range missile capable of reaching Alaska. In 1998 North Korea faked a satellite launch to cloak a missile development test.

The US National Intelligence Director, Dennis Blair, said this month that all the indications were that Pyongyang would, in fact, launch a satellite. South Korea, America and Japan have urged North Korea to refrain from going ahead with the launch, expected to take place between April 4 and 8, calling it a violation of a UN Security Council resolution barring the country from ballistic activity.

In 2006 North Korea launched a Taepodong2 long-range missile that blew up less than a minute into flight. The satellite rocket and the missile use similar technology.

Pyongyang insists that it bears the right to develop its space programme and has warned the US, Japan and their allies not to interfere with the latest launch.

------------------------

In early March, North Korea told two U.N. agencies it plans to launch a communications satellite sometime between April 4 and 8. The unprecedented disclosure is seen as trying to fend off international condemnation expected after what many believe will be a test of long-range missile technology.

Today in Mexico City, US Secretary of State Clinton said a North Korean missile launch, for any purpose, would be a provocative act and a violation of U.N. Security Council resolution 1718 - approved after its 2006 nuclear test-demanding an end to Pyonyang's nuclear weapon and missile programs.

"We have made it very clear that the North Koreans pursue this pathway at a cost, and with consequences to the six-party [nuclear] talks, which we would like to see revived and moving forward as quickly as possible," said Hillary Clinton. "And we intend to raise this violation of the Security Council resolution, if it goes forward, in the U.N., and coincidentally Mexico will be chairing the Security Council starting in April."

Adobe Detail Secret PDF Patches

Via ComputerWorld -

Adobe Systems Inc. revealed today that it patched five critical vulnerabilities behind the scenes when it updated its Reader and Acrobat applications earlier this month to fix a bug already under attack.

According to a security bulletin issued today, the updates to Reader 9.1 and Acrobat 9.1 that Adobe delivered on March 10 included patches for not just one bug -- as Adobe indicated at the time -- but for five other vulnerabilities as well.

Foremost among the five were a quartet of bugs in Adobe's handling of JBIG2 compressed images, which was also at the root of the original vulnerability made public in February. When Adobe updated Reader and Acrobat to Version 9.1 two weeks ago, it fixed all five JBIG2 flaws, though it admitted only to the one at the time.

That bug has been used by hackers since at least early January, when they began sending malformed PDF files to users as e-mail attachments.

"The way we always handle this," said Brad Arkin, Adobe's director of product security and privacy, "is, will publicly released information help more users than not releasing the information?" Adobe, said Arkin today, decided the answer was "no," since it had yet to issue updates for all users when it first patched the software on March 10.

The decision was prompted by the staggered release of the Reader and Acrobat updates. Although Adobe patched the Windows and Mac OS X editions of the two apps on March 10, offered updates to the Version 8 line on March 17, and didn't issue Reader 9.1 and Acrobat 9.1 for Unix until today. It also didn't produce a fix for the even-older Version 7 until today.

"With this JBIG security incident, we wanted to patch as soon as possible," said Arkin, "and staggering the updates like we did was going to get the patches to the biggest demographic as soon as possible." More users run Version 9 on Windows and Mac than any other edition of Reader and Acrobat, Arkin added.

The four newly revealed JBIG2 vulnerabilities were reported to Adobe after Symantec Corp. said it had found a new Reader bug in the wild, said Arkin, but there was enough time before the March 10 update deadline to add fixes for them to Version 9.1.

That matches the schedule spelled out by iDefense Labs, a computer security research arm of VeriSign Inc. In its own bulletin today, iDefense said it had notified Adobe of a JBIG2 bug on Feb. 24, and provided the company with proof-of-concept code a day later.

All four of the already-patched JBIG2 bugs were classified by Adobe as critical, and could "lead to remote code execution," according to the bulletin.

The fifth vulnerability detailed today was also critical, and had actually been patched in the Unix edition of Reader 8.1.3 and Acrobat 8.1.3 last November. "That had not been ported over to the other platforms, however," said Arkin, referring to the Windows and Mac versions of the software.

One security researcher said that while he agreed with Adobe's call, the company could have done better at communicating about what it was doing. "It does make some sense if you are forced into doing a staggered release," said Andrew Storms, director of security operations at nCircle Network Security Inc. "There's no sense in exposing users any more than necessary. But what gives us the bad taste is how they aren't being upfront about it now," referring to the security bulletin, which doesn't mention the newly revealed bugs in its summary, but tucks them deeper in the document.

YouTube Blocked in China, Google Says

Via NYTimes -

Google said Tuesday that its YouTube video-sharing Web site had been blocked in China.

Google said it did not know why the site had been blocked, but a report by the official Xinhua news agency of China on Tuesday said that supporters of the Dalai Lama had fabricated a video that appeared to show Chinese police officers brutally beating Tibetans after riots last year in Lhasa, the Tibetan capital.

Xinhua did not identify the video, but based on the description it appears to match a video available on YouTube that was recently released by the Tibetan government in exile.

It purports to show police officers storming a monastery after riots in Lhasa last March, kicking and beating protesters. It includes other instances of brutality and graphic images of a protester’s wounds. According to the video, the protester later died.

“We don’t know the reason for the block,” a Google spokesman, Scott Rubin, said. “Our government relations people are trying to resolve it.”

Mr. Rubin said that the company first noticed traffic from China had decreased sharply late Monday. By early Tuesday, he said, it had dropped to nearly zero.

China routinely filters Internet content and blocks material that is critical of its policies. It also frequently blocks individual videos on YouTube. YouTube was not blocked Tuesday or Wednesday in Hong Kong, the largely autonomous region of China. Beijing has not interfered with Internet sites there.

“The instant speculation is that YouTube is being blocked because the Tibetan government in exile released a particular video,” said Xiao Qiang, adjunct professor of journalism at the University of California, Berkeley, and editor of China Digital Times, a news Web site that chronicles political and economic changes in China.

Mr. Xiao said that the blocking of YouTube fit with what appeared to be an effort by China to step up its censorship of the Internet in recent months. Mr. Xiao said he was not surprised that YouTube was a target. It also hosts videos about the Tiananmen Square protests and many other subjects that Chinese authorities find objectionable.

The video about the beatings was pieced together from different places, Xinhua said on Tuesday, citing an unidentified official with the Tibetan regional government in China.

There has been no independent assessment of whether the video is authentic. In a statement sent via e-mail, Lobsang Nyandak, a representative of the Tibetan government in exile, said that the video was authentic.

The government did not directly address whether YouTube had been blocked. When asked about the matter at a news conference, a Foreign Ministry spokesman, Qin Gang, said: “Many people have a false impression that the Chinese government fears the Internet.

In fact, it is just the opposite.”Even as China steps up its censorship efforts, the country’s Internet participation is booming. Often, critics often find a way to avoid censors and debate controversial topics.

FBI Deployed by US to Fight Mexican Drug Lords

The Guardian UK -

The White House yesterday revealed plans for a crime-fighting operation targeting Mexican drug cartels on a scale not seen since the battles against the US mafia.

Washington is dispatching more federal agents and equipment to its south-western border with Mexico to target the cartels. Among them are a newly formed FBI unit, to deal with the ringleaders, and treasury officials who will track drug money. An extra 100 customs officers are to be sent to the border within the next 45 days.

The moves reflect growing concern in Washington that the carnage in Mexico involving the cartels is in danger of spilling over the border. A White House statement said: "The president is concerned by the increased level of violence, particularly in Ciudad Juárez and Tijuana, and the impact that it is having on the communities on both sides of the border."

The homeland security secretary, Janet Napolitano, at a White House press conference yesterday, singled out Houston, Texas, and Phoenix, Arizona, as recording increases in violence and kidnapping. Other officials have also mentioned El Paso, Texas, and San Diego, California.

The plan to beef up operations came the day before the secretary of state, Hillary Clinton, is due to visit Mexico City for discussions about the drug war with the Mexican president, Felipe Calderón. Barack Obama is to visit Mexico next month. As well as sending more agents to the border, the White House is providing $700m (£476m) to the Mexican government for five new helicopters, a surveillance aircraft and other crime-fighting equipment.

Calderón has dispatched more than 45,000 Mexican troops to combat the cartels, which responded with thousands of kidnappings and murders, including beheadings. Despite a string of arrests and drug busts - last week, soldiers captured two drug bosses - a record 6,300 drug-related killings occurred last year.

Other measures announced by the White House yesterday included dispatching more mobile x-ray units to the US side of the border to screen vehicles involved in gun trafficking. Napolitano said that over the last week, the US had stopped 997 firearms en route to Mexico. Absent from the announced plans were high-visibility moves such as deployment of the National Guard or expansion of the border fence started under George Bush. But the Obama administration argues that these are not necessarily effective.

David Ogden, the deputy attorney general, said that the best way to fight the cartels was through intelligence-based operations, "the same approach as we took towards the Cosa Nostra".

Al-Qaeda Trained Britons Return from Pakistan

Via The Long War Journal -

More than 20 Britons who have trained in al Qaeda terror camps inside Pakistan have returned to Britain, according to Pakistani intelligence.

The Britons, whose families are from Pakistan, were monitored by Pakistan's Inter-Service Intelligence agency, Sky News reported. But the ISI failed to notify British intelligence until after the men entered the country, the news agency reported.

Pakistani intelligence officials were indifferent about the activities of the Britons, sources told Sky News. "We know the number of British Pakistanis engaged in what we would call suspicious activities is much higher -- probably in the hundreds -- but, to be frank, this isn't a Pakistani priority," one official said. "The intelligence services here have much bigger things to worry about and these guys haven't committed any crime on Pakistani soil."

Four of the Britons are thought to have actively fought inside Afghanistan. The men claimed to have entered Pakistan to visit relatives, study, vacation, or work for a charity. "The suspects are aged between 17 and 23 and have apparently created 'sufficient suspicion' with their activities for the ISI to believe they pose a 'potential danger' to Britain," Sky News reported.

British intelligence officers are nearly overwhelmed with tracking terror suspects operating inside Britain, many of whom are Pakistanis. In November 2008, an intelligence report stated there are "extremist concentrations" in "London, [and] Birmingham, with significant extremist networks in the South East, notably Luton."

Thousands of suspected British terrorists are supporting terror attacks inside Britain and abroad. "The majority of extremists are British nationals of south Asian, mainly Pakistani origin but there are also extremists from north and east Africa, Iraq and the Middle East," the report stated.

Al Qaeda has long sought to penetrate security in Western countries by recruiting and training operatives who hold dual passports. These operatives have a better chance of being able to travel to and from Pakistan without raising too many flags.

Many of the major post-Sept. 11 plots and attacks against the West have been traced back to Pakistan's tribal areas. Western Arabs and South Asians have traveled to Pakistan's tribal areas for approval, guidance, training, financing, and support to conduct their attacks.

US intelligence officials are concerned that al Qaeda's next big attack, like past attacks and foiled plots, will originate in Pakistan's tribal areas.

"We believe the next major attack will be carried out by someone carrying a Western passport," a US intelligence official told The Long War Journal in September 2008. The official was clearly worried about the deteriorating security situation in northwestern Pakistan.

"It is imperative we stop the next [Sept. 11] attack," the official said, noting that the Predator campaign in northwestern Pakistan is aimed at taking out al Qaeda's external network, which is tasked with striking major targets in the West. "This is what we are trying to prevent."

Router-Based Botnet On The Loose

Via DarkReading.com -

Now your routers can become zombies, too: Researchers have discovered a botnet that uses home DSL devices to build out its army.

The so-called "psyb0t" malware may be the first such code to go after home network devices, say researchers at DroneBL, an organization that monitors abuse of infected machines. So far, somewhere around 100,000 devices have been infected, are being used to wage distributed denial-of-service (DDoS) attacks, and are stealing usernames and passwords, according to DroneBL.

DroneBL first discovered the botnet after it hit the site with a DDoS attack. The botnet is IRC-based and had been studied earlier this year by another researcher, Terry Baume, who wrote a white paper (PDF) detailing how vulnerabilities in embedded Linux devices, such as Netcomm's NB5 ADSL modem, were being infected and recruited into a botnet.

Routers traditionally have been considered relatively immune to malware and attacks, and botnets traditionally use PCs and servers. "Malware is starting to use routers -- in this case, still simple Linux boxes," says Felix "FX" Lindner, a researcher with Recurity Labs, who recently demonstrated how Cisco-router hacking isn't as difficult as once thought.

To be at risk of psyb0t infection, DroneBL researchers say a router must be Mipsel-Linux-based; have telnet, SSH, or Web-based interfaces available to the wide-area network; and have a weak username and password, or firmware daemons that are exploitable. "As such, 90 percent of the routers and modems participating in this botnet are participating due to user error (the user themselves or otherwise)," the researchers blogged.

The router-based botnet is stealthy. "Most end users will not know their network has been hacked, or that their router is exploited. This means that in the future, this could be an attack vector for the theft of personally identifying information. This technique will certainly not be going away," the researchers wrote.

-------------------------

Linux based network devices appear to have played a role in the February 2009 Metasploit DDoS as well. HD Moore said this yesterday on twitter...

many of the DDoS sources from the February Metasploit flood were running openwrt/dd-wrt, but still had ssh/web open

Coalition Against Cyber-Terrorism Sets Up HQ in Malaysia

Via SDA-Asia -

A United Nations-backed global coalition against cyber-terrorism has set up its global headquarters in Cyberjaya, Malaysia.

The International Multilateral Partnership Against Cyber-Terrorism (IMPACT), a global public-private partnership aims to unite governments, industry leaders and cyber security experts in the fight against online threats.

Located in Malaysia’s IT hotbed, the seven-acre facility features four key divisions- global response, policy and international co-operation, training and skills development as well as security assurance and outreach.

It is supported by an advisory board that features leading figures from the industry and academia such as the “father of the Internet” Dr Vinton Cerf and former White House security advisor, Howard Schmidt.

IMPACT has forged a partnership with the United Nations International Telecommunication Union (ITU). It will play host to ITU’s Global Cybersecurity Agenda (GCA), which promotes international cooperation to make cyberspace safer in today’s highly networked society.

The partnership aims to develop real-time analysis, aggregation and dissemination of global cyber threat information. An early warning system capable of providing emergency response to global cyber threats is also in the pipeline.

Other key partners that have come onboard include security solutions providers such as Cisco, Kaspersky Lab and Symantec.

DJ Manila Ice - Mount Finger More (Mixtape)

http://codeintheshell.com/Mixtape/

Hey everyone, this is my new mixtape that I'm releasing for free. This mix was made because I deal with computers and so do you. I've met all kinds of people in computing. I'm a DJ and I make money from computing. This was my chance to put them both together somehow and send a file to all those kinds of people I met in computing.

Enjoy!

Shoutout to the homey gh0zt/Alienbaby for getting me hip to this.

Tracklist:

1:Intro
2:Windows98
3:Deltron3030 - Virus
4:ytcracker - hac man
5:Monzy - so fucking pimp
6:Acrobatik - Internet Mc's
7:MC Plus Plus - Chip Hop Nerd
8:ytcracker - the legend
9:Stereo Mc's - connected
10: Monzy - kill -9

---------------------------

http://codeintheshell.com/Mixtape/DJManilaIce-MountFingerMore.mp3

Police Raid Home of Wikileaks.de Domain Owner Over Censorship Lists

Via Wikileaks.org -

Shortly after 9pm on Monday the 24th of March 2009, seven police officers in Dresden and four in Jena searched the homes of Theodor Reppe, who holds the domain registration for 'wikileaks.de'. According to the search protocol the reason for the search is "distribution of pornographic material" and "discovery of evidence". Police claim the raid was initiated due to Mr. Reppe's position as the Wikileaks.de domain owner.

Police did not want to give any further information to Mr. Reppe and no contact was made with Wikileaks before the search. It is therefore not totally clear why the search was made, however Wikileaks, in its role as a defender of press freedoms, has published censorship lists for Australia, Thailand, Denmark and other countries that include links to pornographic sites.

Some details of the search raise questions:

• Mr Reppe was not informed of his rights; police documentation clearly shows the box to be left unchecked.
• Contrary to what is stated in the police protocol, he did not agree to "not having a witness" present.

Ultimately, Mr Reppe refused to sign the police documentation due these and other inaccuracies.

The raid appears to be related to a recent German social hysteria around child pornography and the political battle for a national censorship system under the German family minister Ursula von der Leyen. It comes just a few weeks after a member of parliament, SPD minister Joerg Tauss had his office and private house searched by police and German bloggers discussing the subject were similarly raided.

Mr Reppe is maintainer of one of the most popular German Tor-proxy servers (morphium.info) and is not involved in the Wikileaks project other than sponsoring the German domain registration and mirroring a collection of US Congressional Research Service reports.

Wikileaks is a non-profit project, sponsored by transparency groups and investigative journalists world wide. To support our defense of this and other cases, see http://wikileaks.org/wiki/Wikileaks

Police documentation of the raid:

• Wikileaks.de police raid documentation, 24 Mar 2009

Additional context:

• Durchsuchungsbeschluss Blog wegen Verlinkung auf Schutzalter und anwaltliche Reaktion, 2009
• Grundrechtliche, telekommunikations- und telemedienrechtliche Fragen im Zusammenhang mit der Sperrung kinderpornographischer Inhalte im Internet, 19 Feb 2009
• Vertragsentwurf BKA ISP, 11 Feb 2009
• Bundestag: Sperrverfugung gegen Internet-Provider, 2009
• German Interior Ministry Internet Expertise re internet spying and censorship, 17 Feb 2009
• German police search warrant over study linking to Danish censorship list on Wikileaks, Feb 2009
• Australia secretly censors Wikileaks press release and Danish Internet censorship list, 16 Mar 2009
• Australian Government censorship of US anti-abortion site abortiontv.com, 21 Jan 2009
• Australian Government censorship of US anti-abortion site abortiontv.com, 21 Jan 2009
• Denmark: 3863 sites on censorship list, Feb 2008
• 797 domains on Finnish Internet censorship list, including censorship critic, 2008
• Thailand official MICT censorship list, 20 Dec 2008
• United Arab Emirates Internet censorship plan (2006)

Taliban Threaten to Behead Canadian Hostage

Via Globe and Mail -

A Canadian held hostage after she travelled to the lawless tribal belt of northern Pakistan says the Taliban will behead her by the end of the month if a ransom isn't paid.

In a new video provided to The Globe and Mail, Beverly Giesbrecht expresses fear for her life if her captors aren't paid.

“I have been advised and asked to make this video. We have very short time now and I am going to be killed, as you can see,” she says, gesturing at the dagger on the wall behind her, pointed at her head.

She alluded to Piotr Stanczak, a kidnapped Polish engineer who was executed by militants last month, the first killing of a Western hostage in Pakistan since U.S. journalist Daniel Pearl in 2002.

“I am going to be beheaded just like the Polish engineer, probably by the end of the month. The deadline is by the end of March, and that's basically, I don't know, 18 days or 16 days,” she says, closing her eyes.

“I'm not quite sure how long that is but the time is very short and my life is going to end,” she adds in a choked voice.

In the short video, Ms. Giesbrecht, 52, wearing a head scarf and sitting on a wooden chair, says that she is being held by the Taliban “near the Afghan border, either Pakistan or Afghanistan.”

The video opens with a voice reciting from the Koran. Abu Jindal, a moniker adopted by some jihadis, appears in Arabic and Urdu, superimposed over Ms. Giesbrecht's face.

Ms. Giesbrecht, who is also known as Khadija Abdul Qahaar, has been a captive for four months.

The West Vancouver resident converted to Islam after the Sept. 11, 2001, attacks and runs a website, Jihad Unspun, that says it provides information “devoid of the constraints of mainstream media.” Her visa application to Pakistan said she was a freelance journalist working on a documentary for the Al-Jazeera television network.

She was captured by gunmen last November, reportedly by the Taliban commander Gul Bahadur, who leads fighters in the volatile North Waziristan region.

“I need some kind, someone to help me, the Pakistani government and my own country and somebody must move now, because my life is going to be over. I want to go home. So, these people are serious. Please help me,” a wavering Ms. Giesbrecht says in her latest video.

North Waziristan residents said the Taliban kidnapped her because they are struggling financially.

“They are in dire need of money. We are sure she will be released as they get the ransom. The demand of the money should be accepted and it is not an expensive deal to save her life,” said Muhammad Noor, sitting in a medical store in North Waziristan's Miranshah hamlet.

Though the involvement of local residents could help secure her release, common people and tribal elders in the embattled zone do not dare approach the Taliban. In the last year, decapitations of locals accused of being “spies for U.S. forces” have surged.

Earlier this month, a Taliban fighter who would identify himself only by the name Qari told The Globe and Mail that the Taliban would free Ms. Giesbrecht for $375, 000 (U.S.).

Initial reports had the Taliban asking for cash and a prisoner exchange. But Qari had said money alone could now secure her release.

The Canadian government is aware of the latest video but has no other comments, Lisa Monette, a spokeswoman for the Department of Foreign Affairs, said yesterday.

AP Invokes DMCA Against Obama "Hope" Poster Artist

Via EFF DeepLinks -

The lawsuits between Shepard Fairey (creator of the iconic tricolor Obama "Hope" poster) and the Associated Press have an interesting legal wrinkle that is worth examining: AP claims that Fairey violated the Digital Millennium Copyright Act (DMCA) in the creation of the famous poster.

The AP counter-sued Fairey for violation of Section 1202 of the DMCA, which prohibits the removal of copyright management information ("CMI") from copyrighted works or the distribution of works whose CMI has been removed. The DMCA question has received little attention compared to whether Fairey's use of the photograph by AP photographer Manny Garcia is a fair use under copyright law (or even whether Fairey took any creative expression in the first place).

What's the CMI that Fairey is accused of "stripping" from the original photo? Well, the AP complaint is not entirely clear on this question. In one part of the complaint, AP alleges that all of its digital photos include digital metadata that Fairey allegedly "stripped" from the image. In another part of the complaint, AP seems to rely on Fairey failing to preserve the "copyright notice line" at the edge of the photo.

Prof. Bruce Boyden at Marquette University Law School has a series of informative blog posts on the legal aspects of the case. He notes that AP's DMCA claim may turn on the process by which Fairey created the image:

Now, suddenly, it seems like the process by which Fairey created the poster, at least digital versions of the poster image, might actually matter. If it was created by hand, then that wouldn’t have involved “removal” or “alteration” of the CMI embedded in the original JPEG file. But if it was copied and edited, then it may have. AP would still need to prove that the removal was intentional, though, and here’s a question I don’t know the answer to: what happens to all that metadata if you copy a photo, edit it in Photoshop, and then use the “Save As…” command?

The answer to Prof. Boyden's second question is that a file edited and re-saved in Photoshop generally will retain its metadata. As for the first question, it appears to be be answered by this video from Time magazine, in which Fairey demonstrates his process — clearly not a digital transformation of a digital file. As he shows in the video at around 2:15, he creates his images by cutting away sheets of transparent film placed over the photo with a razor, and after scanning those films, applies color in Photoshop. And in this NPR interview, he describes the Hope poster as "a hand-illustrated image that I also did some digital tweaks to before I started illustrating it." If that's right, then the AP would have to argue that the physical act of cropping the photo (thus eliminating the AP copyright notice line), violates the DMCA. That could be an uphill fight for AP, at least in light of a case rejecting a similar claim for a fabric design that included a copyright notice on the garment hang tag and fabric selvage.

So why did AP bother to add a DMCA claim to what seems to be a straight copyright dispute? Consider this: under the DMCA, the prevailing party is entitled to statutory damages between $2500 and $25000 "per violation." How do you count up "violations"? The statute doesn't tell us. But although there are very few cases that have addressed this question, some suggest (wrongly, in my view) that you tally statutory damages based on the number of copies distributed — which in Fairey's case is at least 300,000 (more if one includes the millions of bootleg copies). This is very different from statutory damages in copyright, which are tallied based on the number of works infringed (in Fairey's case, 1). So this may give AP a big statutory damages hammer that copyright law doesn't give them.

In any event, there is no liability under DMCA Section 1202 unless the CMI was removed for the purpose of inducing, enabling, or facilitating copyright infringement. So if Fairey wins the copyright infringement issue (either on the basis of fair use or because he didn't appropriate any protectible expression owned by AP or Garcia), he should also beat AP's DMCA claim. But it's hard not to conclude that the DMCA claim is in there to intimidate Fairey by making him fear a larger damages award if AP wins, an award that has no relationship to any "harm" that Fairey allegedly caused to AP.

In short, this is yet another way that the DMCA chills fair use, by potentially turning a small statutory damages award (for infringing one work) into a big statutory damages award (for distributing many copies of your inspired, transformative poster).

Laser Weapon Design Hits 100-kilowatt Target

Via CNET -

From the week gone by on the directed-energy weapons front: defense contractor Northrop Grumman reported that it got a solid-state laser to fire a beam with a potency of 105.5 kilowatts.

For the ray-gun wing of the military-industrial complex, the 100-kilowatt threshold is a major milestone, marking the entry point to weapons-grade laser weapons. Adding to the appeal is that solid-state lasers are much more compact, and less noxious, than chemical laser systems such as the one in the works for the 747-centric Airborne Laser.

The technical details of Northrop's achievement break down this way, starting with a modular, "building block" approach that bodes well for scalable systems, the company said:

For building blocks, the company utilizes "laser amplifier chains," each producing approximately 15kW of power in a high-quality beam. Seven laser chains were combined to produce a single beam of 105.5 kW. The seven-chain JHPSSL laser demonstrator ran for more than five minutes, achieved electro-optical efficiency of 19.3 percent, reaching full power in less than 0.6 seconds, all with beam quality of better than 3.0.

Adding an eighth chain that the system was designed for would increase laser power to 120 kilowatts, Northrop says.

Where this test saw five minutes of continuous operation for the laser, altogether the system has been operated at above 100 kilowatts for a total duration of more than 85 minutes.

The efforts are part of the Pentagon's Joint High Power Solid State Laser (JHPSSL) program.

Even though 100 kilowatts has long been the "proof of principle" sought for weapons systems, Northrop says that "in fact, many militarily useful effects can be achieved by laser weapons of 25 kW or 50 kW, provided this energy is transmitted with good beam quality, as our system does."

Of course, this is still a laboratory laser system and not a field-tested, ruggedized product. "It is still a little heavy and a little big," Dan Wildt, vice president of Northrop's directed energy systems program, told the LA Times.

[...]

Earlier this year, Boeing said that it had used a "kilowatt-class" solid-state laser to shoot down a UAV from a ground-based system. The company hopes that the Airborne Laser, meanwhile, will do its first-ever aerial target shoot sometime in 2009.

Finjan Cybercrime Intelligence Report - First Issue

In the first issue of its Cybercrime Intelligence Report for 2009, Finjan shows how rogueware affiliate networks use SEO techniques to distribute their rogue Anti-Virus Software for profit. Typos and misspelled keywords (such as “obbama” and liscense”) as well as trendy keywords taken from Google Trends system were abused to show compromised websites as top search results. Subsequently, the traffic volume to the compromised websites increased significantly luring masses of potential buyers to the rogueware offering. Members of one of the researched rogue affiliate networks were rewarded for each successful redirection, which accumulated to (illegal) earnings of $ 10,800 a day.

http://www.finjan.com/Content.aspx?id=1367

Russian Spy Agencies Linked to Georgian Cyber-Attacks

The Register UK -

More circumstantial evidence has emerged linking the Russian authorities to cyber-attacks on Georgia that coincided with a ground war between the two countries in July and August last year.

Security researchers from Greylogic published a report on Friday which concluded Russia's Foreign Military Intelligence agency (the GRU) and Federal Security Service (the FSB), rather than patriotic hackers, were likely to have played a key role in co-ordinating and organising the attacks.

The Stopgeorgia.ru forum, which became a fulcrum for attacks of key Georgian websites last year, uses an ISP located a few doors down from GRU headquarters. Greylogic reckons the site was added as a front for state-backed cyber-attacks under the cover of cybercrime.

The StopGeorgia.ru forum was part of a bulletproofed network that relied on shell companies and false WHOIS data to (a) prevent its closure through Terms of Service violations, and (b) to mask the involvement of the Russian FSB/GRU. By mimicking the structure of the Russian Business Network, a cyber criminal enterprise, it creates plausible deniability that it is a Kremlin-funded Information Operation.

Greylogic's study concludes: "The available evidence supports a strong likelihood of GRU/FSB planning and direction at a high level while relying on Nashi intermediaries and the phenomenon of crowdsourcing to obfuscate their involvement and implement their strategy."

"Nashi" (translation: “Youth Democratic Anti-Fascist Movement Ours!") is a youth group in Russia founded four years ago to counter anti-Russian and fascist tendencies in the country. The group is supposedly funded by Russian businessmen, but a pipeline from the Kremlin is suspected.

Long-standing rumours that Russia was behind cyber-attacks on neighbouring countries were recently fuelled when State Duma Deputy Sergei Markov (somewhat implausibly) claimed that one of his assistants was responsible for instigating cyber-attacks against Estonia in 2007. In a Spartacus-style move shortly after this, Konstantin Goloskokov, a "commissar" in Nashi, claimed he and other associates were responsible for the month-long cyber-assault on Estonia.

The Project Grey Goose Phase II report is a follow-up to an October report by the same group of security researchers on the Georgian cyber war. The latest report looks at cyberwarfare incidents beyond the sphere of the former Soviet republics to consider attacks in Gaza and politically-motivated assaults against the Eastern India Railway Web site.

Mexico Offers $2 million for Top Drug Lords

Via MSNBC.com -

Mexico's government on Monday offered $2 million each for information leading to the arrest of 24 top drug lords in a public challenge to the cartels' violent grip on the country.

The list indicated that drug gangs have splintered into six main cartels under pressure from the U.S. and Mexican governments. The two most powerful gangs — the Pacific and Gulf cartels — each suffered fractures that have given rise to new cartels, according to the list published by the Attorney General's Office.

The list offers 30 million pesos ($2 million) in rewards for 24 top members of the cartels and 15 million pesos ($1 million) for 13 of their lieutenants.

--------------------------

Thanks to @phn1x for the link..

Exposing Flash Application Vulnerabilities with SWFScan

Via The HP Security Laboratory Blog -

After months of hard work and late caffeine-fueled nights, HP’s Web Security Research Group is proud to release HP SWFScan.

HP SWFScan is a free security tool to help developers find and fix security vulnerabilities in applications developed with the Adobe Flash Platform. The tool is the first of its kind to decompile applications developed with the Flash platform and perform static analysis to understand their behaviors. This helps developers without security backgrounds identify vulnerabilities hidden within the application which cannot be detected with dynamic analysis methods.

Simply, point HP SWFScan at the SWF file for any Flash application and it will:

• Decompile the ActionScript 2 or ActionScript 3 bytecode back to the original source code.
• Audit the code for over 60 vulnerabilities including exposure of confidential data, Cross-Site Scripting (XSS) and cross-domain privilege escalation.
• Validate the Flash application adherence with Adobe's security best practices.

HP SWFScan is not the first free Flash tool. Excellent decompilers such as Flare or OWASP’s SWFIntruder security tool have existed for a few years now. Unfortunately, the capabilities of free tools have not kept up with new Flash innovations such as the introduction of Flash 9 and 10, ActionScript 3, and Adobe’s Flex framework. HP’s SWFScan is the first and only free tool to decompile both ActionScript 2 and ActionScript 3 and analyze them for security vulnerabilities.

In addition, HP SWFScan offers several other features to help developers, code auditor/reviewers, and pen-testers examine the contents of Flash applications, including:

• Highlighting the line of source code that contains the vulnerability to help better understand the context of the issue.
• Providing summaries, details and remediation advice for each vulnerability in accordance with Adobe’s recommendation for secure Flash development.
• Generating a vulnerability report to share and solve the detected issues.
• Exporting the decompiled source code for use with other external tools.
• Revealing all the URLs and web services the Flash Application contacts.
• Flagging class names, function names, or variable names that may be of interest such as loadedUserXml or crypt()

While developing HP SWFScan, we downloaded and audited over 4000 Flash applications. We encountered numerous insecure applications and collected some interesting statistics:

• Of 250 Flash applications we tested that had a login form 15% had user names or passwords hard-coded inside the application code.
• 16% of SWF applications targeting Flash Player 8 and earlier contained XSS vulnerabilities.
• 35% of all SWF applications violated Adobe's security best practices.
• 77% of SWF applications targeting Flash Player 9 and 10 contained developer debugging information and source code file references.
  

(You can learn more about how we got these figures in our SWFScan FAQ)

A few things to note: HP SWFScan only looks at the portion a Flash applications that runs inside the browser. This is the SWF file that contains the Flash code Adobe's Flash player executes. It does not look at the components that run on the server. To conduct a complete security assessment of your applications, HP provides a suite of software and services for testing applications throughout the application lifecycle.

Romanian Police Arrest Pentagon Hack Suspect

Via The Register UK -

Romanian police have arrested a hacker suspected of breaking into Pentagon systems and planting malware.

Eduard Lucian Mandru, 23, a business studies student from Iasi, Romania, is suspected of breaking into US Department of Defense systems in 2006. A criminal hacker nicknamed "Wolfenstein" accessed sensitive systems at that time, using compromised servers located in Japan in a bid to cover his tracks.

The cracker infected an unspecified number of systems with an unidentified information-stealing trojan before deleting access logs, Softpedia reports. US authorities say that damages in sorting out the resulting mess came to over $35,000.

One of the few leads investigators had to go on was a Yahoo email address - wolfenstein_ingrid@yahoo.com - linked to the attack. Mandru recently posted his CV on job-seeking websites giving this Yahoo address as his email contact, a blunder that reportedly put investigators on his trail. Police raided Mandru's home, seized computer equipment and took him into custody on Wednesday.

If found guilty of computer hacking offences, Mandru faces a prison term of between three and 12 years.

Victor Faur, AKA SirVic, another Romanian hacker alleged to have broken into US military systems, received a suspended prison sentence of 16 months. At the time of his arrest, the US-Romania extradition agreement then in force omitted hacking offences. A revamped extradition treaty does include hacking offences, making Mandru a possible candidate for extradition.

It's unclear if US authorities will take this option.

Although the apparent blunder that put investigators onto Mandru trail appears dumb, cybercrooks often make such mistakes.

"Hackers who deface police and military websites often leave email addresses," explained Graham Cluley, senior technology consultant at Sophos. Jeffrey Lee Parson, convicted author of a variant of the infamous Blaster worm, coded the malware to phone home for updates from a website he owned. He also wrote his online nickname (teekid) into the fabric of Blaster-B, Cluley added.

Researchers Make Wormy Twitter Attack

Via NetworkWorld -

Computer security researchers have devised a new Twitter attack that they say could spread virally, much like a worm on the microblogging service.

The attack, posted online Thursday by researchers at Secure Science is an innocuous proof of concept that forces users to send out a predetermined twitter message, but it could be repurposed into a very nasty worm, said Lance James, chief scientist with Secure Science.

"You can couple an attack with our code and it would just tear the crap out of Twitter," he said.

The hack is similar to a clickjacking attack that was making the rounds on Twitter last month. There, hackers used a sneaky technique to trick users into clicking on a link without realizing it. That link would post the Twitter message saying "don't click" along with a URL.

This time around, Secure Science's researchers found a way to take advantage of a Web programming error on Twitter's support site to post the unwanted message. After a warning message, Secure Science's test code posts the message: "@XSSExploits I just got owned!" to the victim's profile.

A malicious user could do much worse with this bug, however, James said. The attack could be modified so that there was no warning screen, and it could be beefed up with a sensational message that users would be more likely to click. If it were combined with malicious browser attack code, it could be used to take control of victims' machines, James said.

"I'm holding my breath hoping no one does something stupid at this moment," he said.

Twitter could disable the attack by fixing the cross site scripting flaw that the Secure Science researchers are exploiting, but if another similar bug were to pop up on the site, users would be faced with the same problem all over again.

The issue is made worse by the fact that because of Twitter's 140 character limit, Twitterers use shortened Web links such as Tinyurl.com and often have no idea whether or not they are clicking on a trustworthy Web link, James said.

Twitter's security practices have been in the spotlight lately as the service has gained mainstream popularity. In January, the company instituted a full security review after hackers gained access to the accounts of President-elect Barack Obama, Fox News, and CNN.

James said he hopes that his demonstration will push Twitter into making security a priority.

"We don’t want to cause any damage to Twitter," he said.

Technocrat in Washington DC

Hey everyone,

I am currently in Washington DC for business...so the blog might be a little slow this week, but I will try to keep up. Normal programming should be back in full force next week - but I will do my best this week.

Secret Australian Blacklist of Banned Website Made Public

Via The Register UK -

The inevitable has happened - the secret Australian blacklist of banned websites has been published on the internet.

The list contains some 2,395 sites about half of which do not contain child sexual abuse images. It includes online poker sites, fetish, satanic and Christian sites, Wikipedia pages, gay and straight pornography, a travel operator and even the website for a Queensland dentist.

The Australian government is trialling technology to filter the internet for all its citizens. The list would have been sent to all ISPs in the country - at which point it would definitely have leaked. It is just surprising it has happened so quickly.

University of Sydney associate technology professor Bjorn Landfeldt told the Sydney Morning Herald the leak was every parent's worst nightmare because curious children would now be looking for the list. But he told the paper, which has seen the document, "It seems to me as if just about anything can potentially get on the list."

The list has gone to Wikileaks which told the Herald it would publish the list shortly - it already hosts lists for several other countries. At the time of writing Wikileaks is unavailable, presumably because it is struggling with requests from intellectually curious Aussies.

Wikileaks founder Julian Assange told the Herald that such secret censorship was inevitably corrupt. Thailand implemented a similar system apparently in order to counter child abuse images, but the list included over a thousand sites critical of the Thai royal family.

-------------------------

At the time I blogged this, Wikileaks.org was back up but still overloaded.

Monitor the Wikileaks twitter feed for updates.

Metasploit Gets New OSX Modules

Via PC World -

Two well-known Mac hackers are updating a widely used hacking toolkit, making it easier to take control of a Macintosh computer.

Over the past few days, the researchers have been quietly adding new software to the Metasploit toolkit, used by security researchers and criminals alike. Metasploit already supported Mac attacks, but until recently the Mac code hadn't been as good as Metasploit's Windows and Linux tools, said Dino Dai Zovi, an independent security researcher who talked about the new tools with his collaborator Charlie Miller at the CanSecWest conference Friday. "Our goal was to make Mac OS X a first-class target for Metasploit."

[...]

Miller and Dai Zovi say their work is designed to bring attention to serious security problems in the Mac platform, which has largely avoided the wide-scale attacks that have plagued Windows for years. Dai Zovi said he considers the Mac safe, but not secure. "There's a difference between safety and security," he said. "It's like leaving your door unlocked. ... Leaving your door unlocked is always insecure, but it may or may not be safe."

At the show, the researchers demonstrated several payload programs they have developed for Metasploit, including one called "Pic the Vic," which can be used to snap a photograph of a Mac user who has been hacked, using the computer's camera.

They have also ported a Windows tool, called Meterpreter, to the Mac. Meterpreter is a stealth tool that can be used to gain information from and import more software onto a hacked computer.

In the next few days they plan to add exploit code to Metasploit for a handful of previously patched Mac software bugs. Exploit code must be used to first hack into the computer before any payload software can be installed.

Although there are still many more exploits available for Windows software than for Macs, the new payload code means there is now "more or less the same functionality if you want to target a Mac box or a Windows box," Miller said.

--------------------------------

The modules were not "quietly" added....HD tweet'd about them days ago.

Photo of the Day - No More Free Bugs

Alexander Sotirov and Dino Dai Zovi @ CanSecWest 2009

http://blogs.zdnet.com/security/?p=2941

Ryan Naraine: Did you consider reporting the vulnerability to Apple?

Charlie Miller: I never give up free bugs. I have a new campaign. It’s called NO MORE FREE BUGS. Vulnerabilities have a market value so it makes no sense to work hard to find a bug, write an exploit and then give it away. Apple pays people to do the same job so we know there’s value to this work. No more free bugs.

Crossing the Line in Cook County - Fingerprints Required for Home Sellers

The Fox Forum (Glenn Beck) -

Hello, America. I wanted to start off this column by saying that, mostly to remind myself that I am still in America. More and more … each and every day… it seems that those who’ve been elected into power have forgotten the very fundamentals of our freedom as Americans.

[...]

Before I give you the details, let’s start with what you need to know as true and inalienable: You have a right to privacy. Period. End of story. The First, Third, Fourth, Ninth and Fourteenth Amendments to our Constitution all include specific provisions pertaining to your right to privacy. Of course, remember — I’m talking about news out of Chicago, and it seems that they have an, um … unique approach to governing, and the Constitution doesn’t always appear to be anyone’s favorite point of reference. Ok, so brace yourself, because here it is: In Cook County, Illinois, you have to give over your fingerprint if you want to sell your house. No, I’m not kidding.

There are all kinds of people you’d think we want to fingerprint before they become an American homeowner (you know … like maybe non-citizens coming into our country?), but no — the legal eagles over there in Cook County have started with regular hard-working, home-owning Americans just like you. This is yet another example of the government getting bigger in the process of making your rights smaller.

This law goes into effect on June 1, and was passed very quietly last October by … wait for it … wait for it — former Illinois Gov. Rod Blagojevich. Chicago politics — don’t you just love ‘em! So the deal is that under this new law, every time a real estate transaction takes place in Cook County, Illinois, a notary is required to take a fingerprint and keep it on file for seven years. So why is Cook County doing this, you might ask? Lawmakers say it’s to cut down on the occurrence of fraud. (Call me cynical, but in Chicago it might be easier for them to keep track of the times fraud doesn’t enter into the legal and political systems. I’m just sayin’…)

Look, I understand the need to help keep homeowners safe — the last thing you need today is one more person trying to screw you when it comes to your biggest investment. So this week I spoke to a Cook County homeowner and asked why a law aimed at preventing fraud didn’t have at least some merit. His name is Gerald Cain, and here’s what he had to say:

“The way the law is written, there would be so many ways around it. Certainly, someone would just have to cross a state border and have the deed notarized in another state. So aside from being just an invasion of privacy and treating the good citizens of Cook County like they’re criminals, it’s unenforceable.”

March 20th - Spring / Vernal Equinox / Nowruz

Nowrūz (meaning 'New Day') is the traditional Iranian new year holiday celebrated by Iranian peoples, having its roots in Ancient Iran. Since the Achaemenid era the official year has begun with the New Day when the sun leaves the zodiac of Pisces and enters the zodiacal sign of Aries, signifying the Spring Equinox. Apart from the Iranian cultural continent (Greater Iran), the celebration has spread in many other parts of the world, including parts of Central Asia, South Asia, Northwestern China, the Crimea, and some ethnic groups in Albania, Bosnia, Kosovo and the Republic of Macedonia.

Nowruz marks the first day of spring and the beginning of the year in Iranian calendar. It is celebrated on the day of the astronomical vernal equinox, which usually occurs on March 21 or the previous/following day depending on where it is observed. As well as being a Zoroastrian holiday and having significance amongst the Zoroastrian ancestors of modern Iranians. The moment the sun crosses the equator and equalizes night and day is calculated exactly every year and Persian families gather together to observe the rituals.

------------------------

Noruz mobarak! Someone save some Sabzi Polo Mahi for me.

Mexico Nabs Suspected Sinaloa Cartel Leader Without a Shot

Via Yahoo! News (AP) -

A purported top leader of Mexico's Sinaloa drug cartel was in police custody Thursday, as authorities extended a cross-border crackdown on the gang that has included the arrest of 755 of its members in the U.S.

Vicente "El Vicentillo" Zambada was arrested before dawn Wednesday at a home in an elite Mexico City neighborhood, said Gen. Luis Arturo Oliver, the Mexican Defense Department's deputy chief of operations.

Oliver said Zambada became a top Sinaloa cartel leader last year, with control over logistics and the authority to order assassinations of government authorities and rivals.

"This significantly affects the organization's ability to operate and distribute drugs," said Ricardo Cabrera, who runs the terrorism and drug trafficking unit in Mexico's federal Attorney General's office.

Zambada's father, Ismael "El Mayo" Zambada, also is considered a top leader of the Sinaloa cartel and is among Mexico's most-wanted suspects.

Report: Iranian Defector Tipped Syrian Nuke Plans

Via Yahoo! News (AP) -

An Iranian defector told the West that Iran was financing North Korean moves to transform Syria into a nuclear weapons power, leading to the Israeli airstrike that destroyed a secret reactor, a report said Thursday.

The report, written by Hans Ruehle, former chief of the planning staff of the German Defense Ministry, details an Iranian connection and fills in gaps about Israel's Sept. 6, 2007, raid that knocked out Syria's nearly completed Al Kibar reactor.

Ali Reza Asghari, a retired general in Iran's elite Revolutionary Guards and a former deputy defense minister, "changed sides" in February 2007 and provided considerable information to the West on Iran's own nuclear program, Ruehle said in his article in the Swiss daily Neue Zuercher Zeitung.

"The biggest surprise, however, was his assertion that Iran was financing a secret nuclear project of Syria and North Korea," he said. "No one in the American intelligence scene had heard anything of it. And the Israelis who were immediately informed also were completely unaware."

In Washington, however, a U.S. counterproliferation official denied that Iran funded the Syrian site.

"There is strong reason to believe that only two countries were involved in building the Syrian covert nuclear reactor at Al Kibar — Syria and North Korea," said the official, who spoke on condition of anonymity.

Ruehle, who did not identify the sources of his information, regularly publishes and comments on security and nuclear proliferation in different European newspapers and broadcasts, and he has held prominent roles in German and NATO institutions.

He said U.S. and Israeli intelligence had detected North Korean ship deliveries of construction supplies to Syria that started in 2002, and American satellites spotted the construction as early as 2003.

But they regarded the work as nothing unusual, in part because the Syrians had banned radio and telephones from the site and handled communications solely by messengers — "medieval but effective," Ruehle said.

Intensive investigation followed by U.S. and Israeli intelligence services until Israel sent a 12-man commando unit in two helicopters to the site in August 2007 to take photographs and soil samples, he said.

"The analysis was conclusive that it was a North Korean-type reactor," a gas graphite model, Ruehle said.

Other sources have suggested that the reactor might have been large enough to make about one nuclear weapon's worth of plutonium a year.

Just before the Israeli commando raid, a North Korean ship was intercepted en route to Syria with nuclear fuel rods, underscoring the need for fast action, he said.

"On the morning of Sept. 6, 2007, seven Israeli F-15 fighter bombers took off to the north. They flew along the Mediterranean coast, brushed past Turkey and pressed on into Syria. Fifty kilometers (30 miles) from their target they fired 22 rockets at the three identified objects inside the Kibar complex.

"The Syrians were completely surprised. By the time their air defense systems were ready, the Israeli planes were well out of range. The mission was successful, the reactor destroyed," Ruehle said.

SRI International: Analysis of Conficker C

http://mtc.sri.com/Conficker/addendumC/

This addendum provides an evolving snapshot of our understanding of the latest Conficker variant, referred to as Conficker C. The variant was brought to the attention of the Conficker Working Group when one member reported that a compromised Conficker B honeypot was updated with a new dynamically linked library (DLL). Although a network trace for this infection is not available, we suspect that this DLL may have propagated via Conficker's Internet rendezvous point mechanism (Global Network Impact). The infection was found on the morning of Friday, 6 March 2009 (PST), and it was later reported that other working group members had received other DLL reinfections throughout the same day. Since that point, multiple members have reported upgrades of previously infected machines to this latest variant via HTTP-based Internet rendezvous points. We believe this latest outbreak of Conficker variant C began first spreading at roughly 6 p.m. PST, 5 March 2009.

In this addendum report, we summarize the inner workings and practical implications of this latest malicious software application produced by the Conficker developers. In addition to the dual layers of packing and encryption used to protect A and B from reverse engineering, this latest variant also cloaks its newest code segments, along with its latest functionality, under a significant layer of code obfuscation to further hinder binary analysis. Nevertheless, with a careful mixture of static and dynamic analysis, we attempt here to summarize the internal logic of Conficker C.

New Usama Bin Laden Audio - "Fight On, Champions of Somalia"

Via CT Blog -

The NEFA Foundation has obtained a new audio recording released on March 19, 2009 of Shaykh Usama Bin Laden, titled "Fight On, Champions of Somalia." During the recording, produced by Al-Qaida's As-Sahab Media Foundation, Bin Laden condemned the decision of former Somali Islamic Courts Union (ICU) president Shaykh Shareef to join in a peace initiative with the interim Somali government. According to Bin Laden, "as a result of inducements and offers from the American envoy in Kenya", Shaykh Shareef "changed and turned back on his heels [as an apostate], and agreed to partner infidel positive law with Islamic Shari’ah to set up a government of national unity, and this partnering is greater polytheism which expels one from Islam. How can intelligent people believe that yesterday’s enemies on the basis of religion can become today’s friends? This can only happen if one of the two parties abandons his religion. So look and see which one of them is the one who has abandoned it: Shaykh Shareef or America? ...These sorts of presidents are the surrogates of our enemies and their authority is null and void in the first place, and as Shaykh Shareef is one of them, he must be dethroned and fought."

An English transcript of Bin Laden's latest message can be downloaded from the NEFA Foundation website.

US Army Confirms Israeli Nukes; Israeli Aid At Stake

Via DoDBuzz.com -

The Army has let slip one of the worst-kept secrets in the world — that Israel has the bomb.

Officially, the United States has a policy of “ambiguity” regarding Israel’s nuclear capability.

Essentially, it has played a game by which it neither acknowledges nor denies that Israel is a nuclear power.

But a Defense Department study [PDF] completed last year offers what may be the first time in a unclassified report that Israel is a nuclear power. On page 37 of the U.S. Joint Forces Command report, the Army includes Israel within “a growing arc of nuclear powers running from Israel in the west through an emerging Iran to Pakistan, India, and on to China, North Korea, and Russia in the east.”

The single reference is far more than the U.S. usually would state publicly about Israel, even though the world knew Israel to be a nuclear power years before former nuclear technician Mordechai Vanunu went public with facts on its weapons program in 1986.

Several years later investigative reporter Seymour Hersh published “The Samson Option,” detailing Israel’s strategy of massive nuclear retaliation against Arab states in the event it felt its very existence was threatened. Israel’s nuclear arsenal has been estimated to range from 200 to 400 warheads.

Yet Israel has refused to confirm or deny it’s nuclear capabilities, and the U.S. has gone along with the charade.

As recently as Feb. 9 President Barack Obama ducked the question when asked pointedly by White House correspondent Helen Thomas whether he knew of any country in the Middle East that has nuclear weapons. Keeping the blinders on is necessary politically in order to avoid a policy confrontation with Israel.

By law, the U.S. would have to cease providing billions of dollars in foreign aid to Israel if it determined the country had a nuclear weapons program. That’s because the so-called Symington Amendment, passed in 1976, bars assistance to countries developing technology for nuclear weapons proliferation.

Given the U.S.’s long history of selective blindness when it comes to Israeli nukes, it’s unlikely that the Joint Operating Environment 2008 report compiled by the Army amount to much more than a minor faux pas.

The Israeli newspaper Haaretz, in a March 8 article on the report, observed: “It is virtually unheard of for a senior military commander, while in office, to refer to Israel’s nuclear status. In December 2006, during his confirmation hearings as Secretary of Defense, Robert Gates referred to Israel as one of the powers seen by Iran as surrounding it with nuclear weapons. But once in office, Gates refused to repeat this allusion to Israel, noting that when he used it he was ‘a private citizen.’ ”

Israeli Troops Describe Shooting Gaza Civilians

Via Guardian UK -

Striking testimony has emerged from Israeli soldiers involved in the recent Gaza war, in which they describe shooting unarmed civilians, sometimes under orders from their officers.

One soldier described how an Israeli sniper shot dead a Palestinian mother and her children, adding that troops believed Palestinian lives were "very, very, less important than the lives of our soldiers".

The accounts, published in two Israeli newspapers yesterday, gives rare insight into how the soldiers acted. It reinforces Palestinian accounts of disproportionate Israeli force and contradicts the Israeli military's official version of events.

The accounts come from unnamed soldiers who were graduates of a pre-military course at Oranim Academic college, in Tivon, near Haifa. Their testimony was given in mid-February, and the transcript of the session was published this week.

Ha'aretz newspaper printed one infantry squad leader's description of the shooting of unarmed civilians: "There was a house with a family inside ... We put them in a room ... a few days after there was an order to release [them]. There was a sniper position on the roof. The platoon commander let the family go and told them to go to the right. One mother and her two children didn't understand and went to the left, but they forgot to tell the sharpshooter on the roof they had let them go and it was OK, and he should hold his fire and he ... he did what he was supposed to, like he was following his orders.

"The sharpshooter saw a woman and children approaching him, closer than the lines he was told no one should pass. He shot them ... In any case, what happened is that in the end he killed them."

He believed the sniper did not feel regret. "I don't think he felt too bad about it, because, after all, as far as he was concerned, he did his job according to the orders given. And the atmosphere in general, from what I understood from most of my men who I talked to ... I don't know how to describe it ... the lives of Palestinians, let's say, is something very, very, less important than the lives of our soldiers. So as far as they are concerned they can justify it that way."

According to a Palestinian human rights group, more than 1,400 Palestinians were killed in the three-week war, which began in late December. Thirteen Israelis were killed in the conflict.

-------------------------------------------

Recently, a group of prominent international war crimes experts is calling for an inquiry into the behavior of Israeli forces and Palestinian armed groups during the Jewish state's recent offensive in Gaza.

Feds: Hacker Disabled Offshore Oil Platforms' Leak-Detection System

Via Threat Level (Wired.com) -

A Los Angeles federal grand jury indicted a disgruntled tech employee Tuesday on allegations of temporarily disabling a computer system detecting pipeline leaks for three oil derricks off the Southern California coast.

Mario Azar, 28, faces a maximum 10-year term after being accused of purposely impairing a computer system that monitored for leaks on three Pacific Energy Resources platforms offshore of Huntington Beach.

Federal authorities expressed alarm over the incident. Most malicious hacks, especially those by aggrieved employees, often wreak havoc on a company's internal computer operations to disrupt business activity. But in this case, the Southern California coastline was exposed to an environmental disaster.

"It was offline. The leak-detection system was rendered inoperable for a period of time," said Thom Mrozek, a spokesman for Los Angeles federal prosecutors.

It's not the first time a hack was directed at the environment.

An Australian man was sent to prison for two years in 2001 after gaining unauthorized access to a Queensland sanitation system -- releasing millions of gallons of raw sewage. And in 2003, the Slammer worm penetrated the network at Ohio's Davis-Besse nuclear power plant, disabling a safety monitoring system for nearly five hours.

Azar did not immediately respond to a message seeking comment.

Bill Lane, a spokesman for Long Beach-based Pacific Energy Resources, said there was no oil leak from the derricks that are connected to the Southern California shore with miles-long oil pipelines.

He declined further comment.

According to the indictment (.pdf), Azar was an information technology consultant for Pacific Energy Resources who received his last paycheck May 8. He sought permanent employment, but the company refused, according to the indictment.

From May 8 to June 29, according to the indictment, Azar used his multiple user accounts to impair the leak-detection system while logged in from his Southern California home.

Azar is expected to make his initial court appearance April 6.

Microsoft to Release Exploitability Tool

Via SecurityFocus.com -

Aiming to better identify bugs that could lead to security issues, Microsoft announced on Wednesday that it planned to release a tool to help developers classify and assess program crashes.

The tool, known as !exploitable and pronounced "bang exploitable," is a plugin for the Windows debugger that categorizes crash information using two hashes, members of Microsoft's Security Science group told SecurityFocus in a briefing. Using the hashes, which Microsoft called major and minor hashes, the tool can group crashes that are caused by the same bug, even if the program executed in different ways to produce the crashes. The tool also estimates the exploitability of the vulnerability, rating them as Exploitable, Probably Exploitable, Possibly Exploitable, and Unknown.

"It helps to define what exploitability means among researchers," said Jason Shirk, Microsoft's program manager for fuzzing technology. "It's saying, how do we want to talk about these things, so we are sure we are talking about the same thing."

The program is the latest software tool that Microsoft has released to help third-party developers better secure their software. In 2006, the company announced it had added three security features to Vista: address space layout randomization (ASLR), data execution protection (DEP) and kernel patch protection. In 2002, Microsoft released new versions of Visual C++ development platforms, which included an anti-buffer-overflow feature known as the GS flag. On Wednesday, Microsoft also announced that it would be improving the GS flag technology in Visual Studio 2010, allowing it to protect against integer overflows and database array overflows.

To demonstrate the usefulness of the !exploitable program, Microsoft's Security Science group asked internal testing groups to run four different fuzzers against a recently acquired software program. The !exploitable tool identified 15 security issues among the 57 different crashes produced by the fuzzers and classified only one issue Exploitable.

"Internally, if someone comes across someting that is Exploitable or Probably Exploitable, then they have no choice, it has to be fixed," said Shirk said.

Microsoft plans to release the tool at the CanSecWest conference on Friday after a presentation to attendees on the technology.

Photo of the Day - SXSW & 6th Street

SXSW Festival attendees on East 6th street in Austin, Tex.

Photo is part of the NYTimes SXSW Slideshow...

-----------------------------

You will see paper pizza plates on 6th street almost every weekend...but I have never seen that many. Crazy.

Microsoft Releases Internet Explorer 8

Via InformationWeek.com -

Microsoft will release the latest version of Internet Explorer at noon Pacific time on Thursday, bringing major changes in a bid to hold onto the browser's dominance and fend off an increasingly crowded field of browsers, including the still-surging Mozilla Firefox.

Internet Explorer 8 brings to the table a number of new user-friendly features, increased standards support, and much improved security. The browser has been downloaded tens of millions of times since it entered public testing mode a little more than a year ago, constituting one of Microsoft's largest beta tests ever. Improved security is one of IE8's most significant features. NSS Labs released an independent study early Thursday showing IE8 significantly besting Mozilla Firefox, Apple Safari, Google Chrome, and Opera in catching and blocking malware. With its SmartScreen filtering, IE8 Release Candidate 1 caught 69% of malware, while Firefox 3.07 caught only 30%.

[...]

IE8 also contains a number of other security features, including an InPrivate Browsing mode that keeps no trail of browsing history and new features that prevents certain cross-site scripting attacks, click-jacking, and the installation of malicious ActiveX controls.

Nevertheless, a hacker successfully hijacked a machine running the IE8 release candidate and Windows 7 beta -- competitive browsers were hacked, too -- in a contest at the CanSecWest security conference on Wednesday.

The user interface in IE8 has been overhauled, adding new features such as color-coded browser tabs to group recently opened tabs together, the ability to recommend sites, a new visual search feature that allows users to see pictures of things such as eBay and Amazon results, auto-completion of searches and URLs, and a toolbar like Mozilla Firefox's for searching within a page. New tabs also show commonly visited Web sites as links, and tabs work in isolation so that if one tab crashes, the entire browser doesn't.

Throughout the testing process, Microsoft has focused most heavily on two new usability features, Web Slices and Accelerators. Accelerators let users perform actions like translation, mapping, and search from the right-click context menu, which brings up a window inside the current page to show translated text, a map, or search results.

Web Slices, which requires work on the part of site developers and therefore are still few and far between, let users create a link on their favorites bar, which brings up only a small portion of a Web site such as a condensed local weather forecast.

Microsoft claims that IE8 is faster or as fast as its main competitors, though the claim is debatable since Microsoft itself did the tests. The company released a high-speed video last week showing highly trafficked Web sites loading side-by-side in multiple browsers; IE8 came out ahead more often than not. Still, Microsoft isn't overplaying its hand here, simultaneously raising and downplaying the results. "These differences come down to milliseconds," Dean Hachamovitch, Microsoft's general manager of Internet Explorer, said in an interview.

U.S. Commanders: U.S. Ready for Any North Korean Missile

Via FoxNews -

Two top American military commanders say the United States is "fully prepared to respond" to North Korea's planned rocket launch next month, calling it a threat to U.S. security.

The comments come as North Korea reportedly prepares for what the U.S. believes will be a long-range missile test in early April.

The top U.S. commander in the Pacific, Adm. Timothy Keating, told senators Thursday that there is a "high probability" that the United States could knock down any North Korean missile.

He says the United States is watching North Korea closely so that it can respond to the launch should such action be needed.

Gen. Walter Sharp, the top U.S. commander in South Korea, says the threat is real amid concern in South Korea. He called on North Korea "not to do this provocation."

------------------------

It will be very interesting to see how this plays out.

Early this month (March), it was reported that the Japanese Ministry of Defense will dispatch two Aegis equipped destroyers into the Sea of Japan that could potentially shoot-down missiles launched by North Korea. Of course, the Japanese government did not confirm these reports.

The United States has deployed seven Aegis destroyers capable of intercepting missiles as part of its joint military drills with South Korea that started on March 9, according to military sources cited in the upcoming edition of East-Asia-Intel.com.

Meanwhile, North Korea's military has warned that it would retaliate against any U.S. or Japanese attempt to intercept a satellite it says it is preparing to launch, saying such an attempt would spark a war. In a strongly worded statement, the General Staff of the People's Army vowed to mobilize "the most powerful military means" to attack any countries trying to shoot down its rocket.

Just last week, the US North Korean issued a veiled threat against cilivan airlines in or near its airspace.

Pwn2Own Trifecta: Hacker Exploits IE8, Firefox & Safari

Via ZeroDay Blog -

It took a while longer but Microsoft’s Internet Explorer 8 did not survive the hacker onslaught at this year’s CanSecWest Pwn2Own contest.

A security researcher named “Nils” (he declined to provide his full name) performed a clean drive-by download attack against the world’s most widely used browser to take full control of a Sony Vaio machine running Windows 7.

He won a cash prize and got to keep the hardware. Details of the vulnerability, which was described by contest sponsor TippingPoint ZDI as a “brilliant IE8 bug!” are being kept under wraps.

Several members of Microsoft’s security response team were on hand to witness the successful exploit.

“Nils” also scored a clean hit against Apple’s Safari (he was the second hacker to exploit Safari) and, later in the afternoon, he exploited a Firefox zero-day flaw to claim the trifecta.

PWN2OWN 2009 - Safari Falls First!

According to both Ryan Naraine and HD Moore, Charlie Miller just killed Safari on the Macbook with a zero-day exploit @ PWN2OWN 2009...

Charlie predicted that Safari would be the first to fall...and I guess we know why ;)

Last year @ PWN2OWN 2008, Charlie Miller was part of the team that compromised the Apple MacBook Air with an Safari 0day exploit.

Keep out eye out on the TippingPoint ZDI Blog for updates and official news / results.

Card-Sniffing Trojans Target Diebold ATM Software

Via The Register UK -

Security researchers from Sophos have discovered sophisticated malware that siphons payment card information out of automatic teller machines made by Diebold and possibly other manufacturers.

Sophos researcher Vanja Svajcer found three samples after combing through VirusTotal and a similar online database earlier this month. If installed, all three trojans contained functions that allowed them to log information recorded by an ATM's magnetic card reader.

They also appeared to include routines for encrypting the stolen data and instructions for retrieving the captured passwords using the ATM's printing capabilities. That would allow mules outfitted with the proper codes to fetch the pilfered information from the targeted machines, Svajcer told The Register.

Diebold became aware of the trojans in January, after an incident "isolated in Russia" attempted to use the malware to intercept sensitive information, according to an advisory the company sent its customers. Suspects in the incidet have been apprehended, and Diebold is working with authorities "to assist with the investigation into these recent crimes," the advisory added.

Diebold has also offered a software update as a precautionary measure.

The Sophos researcher said this appears to be the first time malware has been uncovered that specifically targets banking ATMs. That said, it's not unusual for cybercriminals to steal payment card information by tampering with point-of-sale terminals. In October, for example, organized crime syndicates managed to doctor hundreds of card swipers used by UK-based retail outlets. The attack resulted in the estimated loss of tens of millions of pounds.

The trojans uncovered by Svajcer target Diebold software known as Agilis 91x, which can manage large fleets of ATMs made by Diebold and other manufacturers. Little is known about the malware's authors. Functionality that converts currency between US dollars, Russian ruples, and Ukrainian grivna leads him to believe they have ties to Eastern Europe.

Both Svajcer and Zacheroff stressed the trojan could only be installed by someone who had physical access to an ATM, since the devices, obviously, don't have floppy drives and typically run only on private isolated networks. That means the malware could most likely be installed only with help of an insider or in the event passwords weren't managed properly.

More from Svajcer is available here.

Bin Laden Calls for Infiltration of Jordan to 'Liberate Al-Aksa'

Via Jerusalem Post -

Al-Qaida leader Osama bin Laden's latest audio message has targeted Jordan for the first time, calling on his supporters to infiltrate the country in order to "liberate al-Aksa," according to the Middle East Media Research Institute (MEMRI).

Bin Laden released a 33-minute message on Islamist forums Saturday, outlining his plan, which also included "a mujahadeen victory in Iraq."

He declares it "a mandatory religious duty" for Muslims "to cut off [the] heads" of the leaders of nations bordering Israel, including Jordan, who have suppressed the mujahadeen.

Bin Laden added that a victory in Iraq would be the impetus for the Islamists to infiltrate Jordan, enter the West Bank, and from there "the rest of Palestine," according to a transcript of the message from the Washington-based MEMRI.

"This is the first time [al-Qaida] really pinpoints Jordan as the weak link to break through to Palestine," MEMRI's director of the Jihad and Terrorism Studies Project, Eli Alshech, told The Jerusalem Post on Tuesday.

"In the past few months, something has been going on in Jordan," Alshech said. "There have been indications of an increase in al-Qaida activities there; they are comfortable there. A strong country would not allow this."

Between the lines, said Alshech, "they're feeling pressure in Iraq. They're on the defensive and want to increase the mujahadeen presence to finish the fight."

Bin Laden called on Muslims to support the mujahadeen in Iraq, because he claimed "the West and its Arab allies are preventing the mujahadeen from coming to the aid of the Palestinians."

He included Hizbullah leader Hassan Nasrallah in this avowal, charging that his agreement to UN Resolution 1701, which permitted international forces into south Lebanon, made him guilty of thwarting the mujahadeen duty of aiding Palestinians.

'Flash Mob' Phenomenon Ranges From Harmless Pranks to Public Mess

Via FoxNews -

Imagine leisurely walking through the middle of Grand Central train station in New York City and witnessing a mob hit.

But this is no ordinary mob — and no ordinary "hit."

A large group of people appears suddenly in the middle of the terminal, freezes in mid-motion and, after several motionless minutes, unfreezes and nonchalantly carries on with the day’s business -- as if nothing unusual happened.

It may sound odd, but a group of more than 200 people pulled off such a stunt in January, part of a phenomenon known as a "flash mob" that often succeeds in confusing people who aren't in on the act.

Such flash mobs form through mass text messages, Facebook networks, e-mails and Web sites. Web sites, such as Flashmobaustin.com, are solely dedicated to this mission, billed as "one spontaneous event at a time."

Although many mobs pull harmless pranks, such as shopping in slow motion at a store, others can get nasty and leave a messy mob scene behind.

In San Francisco, the annualmob public pillow fight last Valentine’s Day left a wet mix of feathers on buildings, gutters and cars. City workers were left to clean up thousands of dollars worth of damage, and city officials are considering new regulations.

Mob "agents" could be required to obtain a permit and pay for usage of the event location before it takes place, threatening the very spontaneity and anarchic flavor that define the mobs. And the organizers may be responsible for providing security and portable toilets for the event.

It often is hard even to locate the organizers of such events, but many pasts "hits" that have occurred across the United States also have become hits on YouTube.

----------------------

I love the idea of flash mob events and public social experiments...but I personally feel that organizers should work hard to minimize damage (clean up cost, etc) or disruption to the general public.

Photo of the Day - Expired Software @ Iran's Bushehr Nuclear Power Plant

(UPI Photo/Mohammad Kheirkhah)

http://www.upi.com/News_Photos/Features/Nuclear_Power_Plant_in_Iran/1581/2/

An error is seen on a computer screen of Bushehr nuclear power plant's map in the Bushehr Port on the Persian Gulf, 1,000 kms south of Tehran, Iran on February 25, 2009. Iranian officials said the long-awaited power plant was expected to become operational last fall but its construction was plagued by several setbacks, including difficulties in procuring its remaining equipment and the necessary uranium fuel.

U.S. Arrests Man For Shipment to Iran of Helicopter Engines, Aerial Cameras

Via CT Blog -

A multi-agency task force today announced an arrest and indictment of a suspected arms trafficker who sought to ship helicopter engines and advanced aerial cameras to Iran. The mastermind of the sale allegedly intended to use companies in Malaysia, Ireland and the Netherlands to funnel the arms to Iranian entities, including the Iran Aircraft Manufacturing Industrial Company. That company was designated on September 17, 2008 by the Treasury Department with other Iranian firms for activities in support of WMD proliferation and for providing support to the Iranian Revolutionary Guard Corps.

Iranian citizen Hossein Ali Khoshnevisrad was arrested on Saturday when he arrived at San Francisco International Airport. According to an affidavit filed in the case, in 2007 Khoshnevisrad and his company, Ariasa, purchased 17 turbo-shaft helicopter engines from Rolls-Royce Corp. in Indiana. The helicopter engines were then exported from the U.S. to a “book publisher” in Malaysia, and later shipped to Iran. Additionally, in 2006 Khoshnevisrad instructed a Dutch aviation parts company to order several aerial panorama cameras designed for use on bombers, fighters and surveillance aircraft, from a Pennsylvania company and then ship them to Iran.

The case shows that the Iranian regime continues to acquire advanced Western technology, by any means necessary, for military use. You can download the criminal complaint and associated affidavit here.

Apple: Cracking Under Increasing Marketshare

Via geekonomicsbook.com -

At the SOURCE Boston conference, Dino Dai Zovi, an independent security professional, called Mac OS X, "one of the easiest operating systems to crack." He went on to state, "Steve Jobs' fairy dust only protects against the most naive attackers...Writing exploits for [Microsoft] Vista is hard work. Writing exploits for Mac is a lot of fun."

Full story is here: Serious holes in Mac OS X memory, researcher shows.

To quote:

Dai Zovi said the Mac OS X operating system lacks sufficient memory corruption defense features built into its internal coding. For years Macintosh users have remained shielded by attackers who targeted Microsoft Windows, in an attempt to steal passwords, account information or other sensitive data from its massive user base. But Apple's growing market share is gaining attention in the hacking community, Dai Zovi said.

When clear, observable, and reliable signals about software security are not available to the market, consumers have little more to go on than vacuous, un-provable assertions by software manufacturers. In Dai Zovi's words, these assertions, specifically Apple's assertions, are "fairy dust." As a result, secure software remains undersupplied, and inconsistently distributed across the market. By the time consumers find out the assertions were false, it is already too late.

This is the unfortunate truth for Apple's consumers: their primary defense from mainstream cyber attacks was Apple's relative market obscurity.

This scenario should serve as a reminder that no software product is inherently "more secure" than another software product without an objective statement of assurance. Without such a statement, and without clear, observable, and reliable signals communicated to consumers about that statement, software manufacturers are free to sprinkle fairy dust on our dreaming brows.

EFF Launches Search Tool for Uncovered Government Documents

Via EFF -

In celebration of Sunshine Week, the Electronic Frontier Foundation (EFF) today launched a sophisticated search tool that allows the public to closely examine thousands of pages of documents the organization has pried loose from secretive government agencies. The documents relate to a wide range of cutting-edge technology issues and government policies that affect civil liberties and personal privacy.

EFF's document collection -- obtained through requests and litigation under the Freedom of Information Act (FOIA) -- casts light on several controversial government initiatives, including the FBI's Investigative Data Warehouse and DCS 3000 surveillance program, and the Department of Homeland Security's Automated Targeting System and ADVISE data-mining project. The documents also provide details on Justice Department collection of communications routing data, Pentagon monitoring of soldiers' blogs, mismatches in the Terrorist Screening Center's watchlist, and FBI misuse of its national security letter subpoena authority.

The new search capability enables visitors to EFF's website to conduct keyword searches across the universe of government documents obtained by EFF, maximizing the value of the material.

"Until recently, documents obtained under FOIA often gathered dust in filing cabinets," said David Sobel, EFF Senior Counsel and director of the organization's FOIA Litigation for Accountable Government (FLAG) Project. "We believe that government information should be widely available and easy to research, and our new search engine makes that a reality."

EFF is launching the tool during national Sunshine Week, an annual, non-partisan event that promotes government transparency. The celebration is particularly significant this year, because it comes after eight years of a presidential administration that was widely criticized for its secrecy and two months into a new administration that has promised "unprecedented" openness.

"We welcomed President Obama's declaration -- on his first full day in office -- that he will work to make the federal government more open and participatory," EFF Staff Attorney Marcia Hofmann said. "There's certainly a lot of work to do -- so much government activity has been hidden from public view in the name of 'national security' and the 'war on terror.'"

For the new FOIA document search tool:
http://www.eff.org/issues/foia/search

For more on EFF's FLAG Project:
http://www.eff.org/issues/foia

Texas Wants More (Craft) Beer!!!

Report from Saint Arnold Brewery -

------------------------------

We have the chance to change history. Please help us out and please pass this along to others. Cheers!

SUPPORT HB HB 1926! YOU CAN BE A PART OF CHANGING THE TEXAS LAW!

State Rep. Jessica Farrar has filed a bill this session that would allow you to get a six pack or a case of beer from your favorite craft brewery at the end of a tour! This change in the law would go a long way toward creating a healthier environment in Texas for craft breweries and help us compete fairly with out-of-state craft breweries that have the same rights in their home states. Beer distributors are helping support Farrar's effort as well, but we need you to tell your legislators that you support this, and that you would like to be able to get a six pack of beer at the end of a Saint Arnold tour just like many of you have when you have visited breweries in other states.

Supporting this bill will only take you 5 minutes. Here is what you need to do: If you don't know who your state representative is, then go to: http://www.legis.state.tx.us/Home.aspx

You can then click on the name of your state representative (not the state senator - that will come later). This should send you to their home page where you can usually click on a link named "send email" or "email", or sometimes there is a form right there for sending them an email. Write a brief email stating your support for HB 1926 and that this is an important issue to you. Let them know that the Licensing & Administrative Committee will be having a hearing on it this Wednesday, March 18. That's all!

In case you are in Austin and would like to attend this Wednesday's hearing, it will be at 8 AM (although we may be waiting for a while) in Room E2.016 in the state capitol.

Below is a list of the members of the Licensing & Administrative Committee. If you happen to live in one of their districts, PLEASE, PLEASE contact them.

Here are the committee members:
Chair: Rep.Edmund Kuempel (Seguin)
Vice Chair: Rep.Senfronia Thompson (Houston)
Rep.Warren Chisum (Panhandle)
Rep.Charlie Geren (Fort Worth)
Rep.Roland Gutierrez (San Antonio)
Rep.Mike Hamilton (Beaumont)
Rep.Delwin Jones (Lubbock)
Rep.Jose Menendez (San Antonio)
Rep.Chente Quintanilla (El Paso)

Your reward will be more and healthier Texas craft breweries and an even better experience when you visit Saint Arnold!

-----------------------------

For those of you that are unaware of how the current Texas laws are hurting local compaines check out this article - http://www.houstonpress.com/2008-10-16/news/texas-wants-beer/

-Technocrat

BBC Responds to Botnet Illegality Claims

Via ZDNet -

The BBC has said that it had no intention of breaking the law by building and using a botnet.

BBC Click acquired the means to build a botnet, used it to spam Gmail and Hotmail accounts it had set up, and launch a distrbuted denial of service attack against security company Prev-X.

In a statement on Monday, the BBC said that its actions had been "in the public interest".

"It was not our intention to break the law," the BBC told ZDNet UK on Monday. "There is a powerful public interest in demonstrating the ease with which such malware can be obtained and used; how it can be deployed on thousands of infected computers without the owners even knowing it is there; and its power to send spam e mail or attack other websites undetected."

The BBC said it had built and used a botnet in a news article on Thursday, bringing claims from security experts that this action had violated Section 1 of the Computer Misuse Act.

However, on Monday the BBC insisted that its actions had been in the public interest.

"This will help computer users realize the importance and value of using basic security techniques to defend their computers from such attacks," said the BBC statement. "The BBC has strict editorial guidelines for this type of investigation which were followed to the letter."

The BBC said that it had taken legal advice before making the progam. It makes me wonder about the quality of the legal advice the BBC took, and who they took it from.

The BBC declined to comment on exactly how much it had cost for the botnet, which criminals it had paid for access to the botnet, or indeed how it had acquired the botnet at all.

However, in the program Click reporter Spencer Kelly said the botnet had cost "a few thousand dollars", and that the BBC had no idea who it had paid.

The BBC added that the "demonstration was very much in the public interest. We believe that as a result of the investigation, general computer users are now better informed of the importance and value of using basic security techniques to defend their PCs from attacks."

I've already expressed my views about the BBC's actions in this case. Sophos security expert Graham Cluley told me on Monday that the BBC did not need to use real computers to launch the attack.

"It's just so unnecessary," said Cluley. "The BBC could have done a reconstruction under lab conditions to demonstrate how a computer sends out spam [and demonstrate Ddos]."

Cluley added that the BBC experiment could have caused trouble for the users of the computers.

"Imagine if you are filling in your tax return or uploading a prescription, and someone meddles with your computer," said Cluley. "What I'm concerned about is the recklessness of it."

-------------------------------

The BBC is trying to make it sound like they did ALL of this in the interest of the public....as if they are breaking the "botnet" story and trying to get the word out to the public on this "unknown" threat.

While I haven't had a chance to watch this esopide of "Click", I have a feeling that it didn't give the public anymore information on botnets...than a simple Google search could provide.

Lets get real...

Botnets are nothing new...and buying them and using them to spam e-mail addresses or conduct a DDoS attack across the public internet is illegal.

From the sound of it, the BBC's use of a botnet in "Click" brought nothing new to the world-wide botnet discussion....other than making everyone question the illegality of their actions.

Facebook User Poked - By the Courts

Via TheStar.com -

Chatting with "friends" on social networking sites could have legal implications and turn Facebook users into their own worst enemies.

In a precedent-setting decision, a Toronto judge has ordered a man suing over injuries from a car accident to answer questions about content on his Facebook page that is off limits to the public.

Lawyers for Janice Roman, the defendant in the lawsuit, believe information posted on John Leduc's private Facebook site – normally accessible only to his approved "friends" – may be relevant to his claim an accident in Lindsay in 2004 lessened his enjoyment of life.

As a result of the ruling by Justice David Brown of Ontario's Superior Court of Justice, Leduc must now submit to cross-examination by Roman's lawyers about what his Facebook page contains.

Brown's Feb. 20 ruling also makes clear that lawyers must now explain to their clients "in appropriate cases" that postings on Facebook or other networking sites – such as MySpace, LinkedIn and even blogs – may be relevant to allegations in a lawsuit, said Tariq Remtulla, a Toronto lawyer who has been following the issue.

This could easily apply in a personal injury case in which a litigant claims his or her quality of life has been affected, Remtulla said.

"If you are alleging that, as a result of an accident, you have not been able to enjoy life the same way and there is a photo taken after the accident showing you skiing or exercising ... that could be relevant," the civil litigation and intellectual property lawyer said in an interview yesterday.

What's on Facebook might also matter in insurance cases or family law cases where there's a dispute over custody, Remtulla suggested. Photos, for example, could reveal something about a parent's living conditions.

Army Database May Have Been Breached

Via FCW.com -

An Army database that contains personal information about nearly 1,600 soldiers may have been penetrated by unauthorized users, Army officials have announced.

Soldiers who registered with, or participated in, the Army-sponsored Operation Tribute to Freedom program during the past five years may be affected by the security breach, Army officials said March 10. The service is notifying those soldiers about the issue through e-mail messages and letters.

The information that may have been breached includes the service members' names, e-mail messages, phone numbers, home addresses, awards received, ranks, gender, ethnicity, and dates the soldiers deployed and returned from their deployment, Army officials said.

Only information that was provided at the time of registration was potentially compromised, officials said. The Criminal Investigation Command is investigating how the password-protected, secure Web-based information was penetrated.

Operation Tribute to Freedom lets soldiers share their stories with the public. The program’s speakers service helps event coordinators find the soldiers for events and the service members speak about their experiences in Iraq and Afghanistan.

Texas Jail Turns Animal House

Via breitbart.com -

For months, perhaps longer, the Montague County Jail was "Animal House" meets Mayberry.

Inside the small brick building across from the courthouse, inmates had the run of the place, having sex with their jailer girlfriends, bringing in recliners, taking drugs and chatting on cell phones supplied by friends or guards, according to authorities. They also disabled some of the surveillance cameras and made weapons out of nails.

The doors to two groups of cells didn't lock, but apparently no one tried to escape—perhaps because they had everything they needed inside.

The jailhouse escapades—some of which date to 2006, according to authorities—have rocked Montague (pronounced mahn-TAYG), a farming and ranching town of several hundred people near the Oklahoma line, about 65 miles northwest of Fort Worth.

There were whispers in the past year about an affair between a female jailer and male inmate, but folks dismissed the rumors as small-town gossip. It was not until late last month, when a Texas grand jury returned a 106-count indictment against the former sheriff and 16 others, that the inmates-gone-wild scandal broke wide open.

The indictment charged Bill Keating, sheriff from 2004 until December, with official oppression and having sex with female inmates. The others indicted include nine guards—seven women and two men—who were charged with various offenses involving sex or drugs and other contraband. Four inmates also were charged.

Local, state and federal authorities are still trying to figure out how this small-town Texas jail was turned into something resembling a frat house.

The new sheriff, Paul Cunningham, said he was stunned while touring the jail for the first time just hours after being sworn into office Jan. 1. He saw partitions made of paper towels that blocked jailers' view into cells, and pills scattered about.

Cunningham, who had not worked for the county before his election in November, immediately ordered the jail closed and moved the nearly 60 inmates to another institution.

"It literally scared me—not for myself but for the employees," Cunningham said. "How somebody kept from being killed was beyond me."

Cunningham, who defeated Keating in the Republican primary last spring, suggested that Keating lost interest in the jail after that and turned his back on the place.

Separately from the indictment, Keating, 62, faces up to 10 years in federal prison after pleading guilty in January to charges he coerced a woman into having sex with him by threatening to jail her on drug charges.

Keating's attorney, Mark Daniel, called the latest charges against the former sheriff "kind of silly in the face of the federal investigation, like piling on." He declined further comment.

The investigation began with a tip last fall from inside the jail.

An official received a handwritten letter on notebook paper from an inmate arrested on charges of kidnapping his girlfriend. The inmate, Luke C. Bolton, said they met in 2007 when she was a jail guard and he was behind bars on another charge. He said their sexual relationship started in a jail shower and continued during her late-night visits to his cell.

U.S. Military Confirms It Shot Down Iranian Drone

Via Wired.com (Danger Room) -

Last month, a U.S. fighter aircraft tracked and shot down an Iranian drone. Details — first reported by Danger Room — have been elusive, but the U.S. military has now confirmed the incident.

Multinational Forces Iraq spokesman Col. Scott Maw tells Danger Room that coalition fighters intercepted an Iranian unmanned aerial vehicle over Iraqi airspace on Feb. 25. The UAV, an Ababil-3 (pictured here), was "tracked as it crossed the border." Coalition aircraft were sent up to visually ID the drone. Finally, they did, and then shot it down "over 25 miles from the Iraq-Iran border." All told, the UAV was tracked "for an hour and 10 minutes before it was shot down."

Maj. Gen. Abdul Aziz Mohammed Jassim, head of military operations at the Iraqi Defense Ministry, also confirmed the incident, telling Reuters: "An unmanned Iranian plane crossed the border and it was discovered by multi-national forces' radar. They intercepted it and brought it down ... an American plane brought it down." According to Jassim, the incursion was most likely a "mistake."

Initially, coalition press officials would neither confirm nor deny the incident. But the presence of Iranian drones over Iraq — and the confirmation of the shoot-down — raise new questions about Tehran's unmanned aircraft capabilities and its intentions.

New Waledac Worm Variant Uses Geo-Location to Customize Story

Via The Register UK -

Malware authors have incorporated technology designed to find the geographic location of prospective marks as a tactic to enable more convincing social engineering scams.

A new variant of the Waledac worm uses an email message claiming a "dirty bomb" explosion in order to tempt the gullible into visiting a maliciously-constructed website posing as the homepage of news agency Reuters. This website uses a GEO-IP lookup to customise the story so as to appear that the explosion appeared in a city or location near the surfer viewing it.

Punters are encouraged to view a video supposedly related to the shocking news of a nearby radioactive bomb explosion. When users click on the video they are prompted to download the latest version of "Flash Player". But the software on offer turns out to be nothing to do with Adobe, instead coming loaded with the latest variant of the Waledac worm.

Write-ups of this geo-targeted malware attack, currently doing the rounds, can be found in security blogs run by Websense (here) and Sophos (here).

New Organic Material May Speed Internet Access

Via physorg.com -

In the morning, the bricks will be covered with snow and barely discernible. The snowflakes will have filled every vacant space between and around the bricks.

What you will see, says Ivan Biaggio, resembles a phenomenon that, when it occurs at the smallest of scales on an integrated optical circuit, could hasten the day when the Internet works at superfast speeds.

Biaggio, an associate professor of physics at Lehigh University, is part of an international team of researchers that has developed an organic material with an unprecedented combination of high optical quality and strong ability to mediate light-light interaction and has engineered the integration of this material with silicon technology so it can be used in optical telecommunication devices.

A description of this material was published on the Nature Photonics Web site March 15.
The material, which is composed of small organic molecules with high nonlinear optical susceptibilities, mimics the behavior of the snowflakes covering the bricks when it is deposited into the slot, or gap, that separate silicon waveguides that control the propagation of light beams on an integrated optical circuit.

Just as the snowflakes, being tiny and mobile, fill every empty space between the two bricks, Biaggio says, the molecules completely and homogeneously fill the slot between the waveguides. The slots measure only tens of nanometers wide; 1 nm is one one-billionth of a meter, or about the width of a dozen carbon atoms.

[...]

The slot between the waveguides is the region where most of the light guided by the silicon propagates. By filling the slot, say Biaggio and his collaborators, the molecules add an ultra-fast all-optical switching capability to silicon circuitry, creating a new ability to perform the light-to-light interactions necessary for data processing in all-optical networks.

The nanophotonic device obtained in this way, says the group, has demonstrated the best all-optical demultiplexing rate yet recorded for a silicon-organic-hybrid device.

Multiplexing is the process by which multiple signals or data streams are combined and transmitted on a single channel, thus saving expensive bandwidth. Demultiplexing is the reverse process.

In tests, the novel hybrid device was able to extract every fourth bit of a 170-gigabit-per-second telecommunications data stream and to demultiplex the stream to 42.7 gigabits per second.

Photo of the Day - Killer Hot Dogs at Jackalope

(Photo: Jim Merithew/Wired.com)

The Jackalope serves a killer hot dog.

And by "killer," I mean deadly as a cross-border drug skirmish: The house specialty known as The Tijuana is a heart attack wrapped in a coronary, fried in myocardial infarction and smothered in cardiac arrest.

(Translation: It's a quarter-pound beef dog wrapped in bacon and deep-fried, then laid lovingly on a bun and topped with a generous portion of melted jack cheese. To give this death-king an edge, it's crowned with jalapenos and chipolte mayo.)

If you dare take on a Tijuana at this Austin dive bar, you'll find yourself with a mouthful of salty, greasy goodness that probably seems pretty close to heaven after a night of club crawling on busy Sixth Street. It's definitely a stunt dog, but it's surprisingly satisfying in certain situations.

http://blog.wired.com/underwire/2009/03/sxsw-eats-kille.html

-------------------------

Ohhh man, I love this town. The sun is setting on this beautiful Sunday in ATX right now.

India Expects Pakistan to Act in Mumbai Investigation

Via GlobalSecurity.org -

India says it expects Pakistan to take action in the investigation into last November's terrorist attack in Mumbai.

India's External Affairs Ministry says New Delhi wants Pakistan to help bring the perpetrators of the attack to justice and to dismantle the terrorist infrastructure in Pakistan.

The statement came after India provided more information about Pakistan-based militants suspected of involvement in the Mumbai attacks.

India's Home Minister Palaniappan Chidambaram said a dossier on the suspects given to a Pakistani official answers 30 questions raised by Pakistan about evidence India had presented in January.

India has accused Pakistan-based militant group Lashkar-e-Taiba of training and equipping the 10 terrorists who attacked in Mumbai, India's commercial capital. Pakistan has acknowledged the attacks were partly planned on its soil but wanted more evidence.

Indian officials say the latest dossier contains forensic evidence from the gunmen and information about intercepted telephone conversations between the gunmen and their handlers in Pakistan.

Ten gunmen went on a 60-hour rampage through Mumbai starting November 26, killing about 165 people in raids on two five-star hotels, a train station and a Jewish center. Indian commandos killed nine of the attackers and captured the 10th.

Indian authorities filed charges against the surviving terrorist last month.

Indian leaders have accused Pakistani government agencies of supporting the gunmen, a charge Islamabad denies. Pakistan has detained several Islamic militants, some of whom India has named as plotters of the Mumbai attacks.

Germs, Viruses, and Secrets: The Silent Proliferation of Bio-Laboratories in the United States

Via FAS Secrecy News Blog -

In an awkward and disturbing irony, the most significant bioterrorism incident in the U.S. to date — i.e., the 2001 anthrax attacks — apparently originated in a U.S. military laboratory that was engaged in biological defense research. Yet the pursuit of such research, and perhaps the associated threat, has continued to expand.

“No one in the Federal Government even knows for sure how many of these labs there are in the United States, much less what research they are doing or whether they are safe and secure,” said Rep. Bart Stupak at a 2007 congressional hearing, the record of which has recently been published. “What we do know is that the Federal Government has been funding the proliferation of these labs on an unprecedented scale.”

See “Germs, Viruses, and Secrets: The Silent Proliferation of Bio-Laboratories in the United States” (pdf), House Committee on Energy and Commerce, October 4, 2007 (published December 2008).

“High-containment laboratories play a critical role in the biodefense effort, offering the hope of better responses to an attack and a better understanding of the threat posed by bioterrorism,” according to a new report (pdf) from the Congressional Research Service. “However, they also could increase the risk of a biological attack by serving as a potential source of materials or training.”

One approach to mitigating that risk would be to curtail such research. Another approach, which is explored in the new CRS report, is to expand oversight of biodefense research facilities. A copy of the new report was obtained by Secrecy News. See “Oversight of High-Containment Biological Laboratories: Issues for Congress,” March 5, 2009.

Malcrafted SWF Threat in the Wild

Via Websense Security Labs -

Websense Security Labs has seen a new SWF threat thriving in the wild recently. SWF files have become increasingly popular in the 'net world. A great many Web sites use SWF files to show wonderful content to customers. Because SWF files can do a lot, they leave openings for the bad guys. Recently, we have noticed a trend showing the bad guys using SWF files to redirect users. What's amazing to us is that traditional antivirus software is showing zero detection of this problem.

[...]

First, we used flare to decompile the actionscript. Unfortunately, flare crashed. Then we dumped the binary code to find the reason. Following Adobe's documentation, we read the binary. The first actionscript instruction is ActionJump(0x99), and the jump offset is 0x2C. At the target offset, which is followed by a ActionConstantPool(0x88), the parameter is a string: flashccVersion /:$version i.SWF _root. The next instruction is also ActionJump, jumping to offset 0xFFA9. A negative value means that the code will jump back. It jumps back to execute ActionPush(0x96). So the hex byte 63 02 00 00 00 will never be executed. It is meaningless opcode for Adobe Flash Player. When decompile tools like flare attempt to parse the meaningless opcode, they crash. This looks like the anti-decompilation code in PE files. We guess that the tiny SWF sample was made manually.

[...]

We strongly recommend that customers update Adobe Flash Player to the latest version to guard against this threat. Websense Security Labs will continue to do more research to protect customers against SWF file threats.

Group Launches New Best Practices For Secure Software Development

Via DarkReading -

A group of software experts has published a battle-tested set of best practices for secure software development that it hopes will be widely adopted by programmers.

The Building Security In Maturity Model (BSIMM) is a collection of 110 activities discovered during an extensive study of nine organizations that are recognized as being highly effective in building secure software. It was developed largely by two security tools vendors, Cigital and Fortify, but it has been vetted and reviewed by many software development organizations, the creators say.

"BSIMM is a real-world set of software security activities organized so that you can determine where you stand with your software security initiative and how to evolve your initiative over time," the group says. "BSIMM describes the set of activities practiced by nine of the most successful software security initiatives in the world. In that sense, it is a de facto standard because it's what organizations actually do. You could say we discovered it, rather than dreamed it up."

The BSIMM effort has received praise from those who have reviewed and participated in its development, including Microsoft. It's a free download, with the only requirement that if developers use it, they must point back to it in their documentation.

DoD: USNS Impeccable 'Did Not Violate Law'

Via Janes' Information Group -

A US Military Sealift Command surveillance ship that jostled with five Chinese vessels in the South China Sea on 8 March did not violate international laws, according to the US Department of Defense (US DoD).

A Pentagon official told Jane's on 11 March: "USNS Impeccable (T-AGOS 23) is a surveillance ship that looks for underwater threats. We feel that we were conducting legal military operations in accordance with international law."

Crewed by civilians, Impeccable is equipped with an active low-frequency towed array with a series of modules, each housing two high-powered transducers. The DoD stated that the ship was carrying out routine bottom mapping when Chinese sailors attempted to snatch the array, then circled around the 5,370-ton ship, forcing it to stop.

The Chinese vessels comprised a naval intelligence-gathering ship, a fisheries patrol vessel, an Oceanographic Administration vessel and two trawlers.

The incident took place approximately 75 miles off Hainan Island, where China has built an underground nuclear submarine base. Jane's revealed the existence of the base, at Sanya, in a report in April 2008.

Apple Adds Still More DRM to iPod Shuffle

Via EFF Deeplinks Blog -

Even as it attacks DRM on music, Apple is continuing to add more DRM to its own hardware (we recently documented all of Apple's various hardware DRM restrictions). The latest example is the new iPod Shuffle. According to the careful reviewers at iLounge, third-party headphone makers will have to use yet-another Apple "authentication chip" if they want to interoperate with the new Shuffle.

Normally, of course, independent headphone makers could simply reverse engineer the interface. The "authentication chip" is there so that Apple's lawyers can invoke the DMCA to block those efforts. So this shows us, yet again, what DRM is for -- not stopping piracy, but rather impeding competition and innovation.

iLounge sums up what this means for consumers:

This is, in short, a nightmare scenario for long-time iPod fans: are we entering a world in which Apple controls and taxes literally every piece of the iPod purchase from headphones to chargers, jacking up their prices, forcing customers to re-purchase things they already own, while making only marginal improvements in their functionality? It’s a shame, and one that consumers should feel empowered to fight.

Couldn't have said it better myself.

One final thought: why have so many of the reviews of iPods failed to notice the proliferation of these Apple "authentication chips"? If it were Microsoft demanding that computer peripherals all include Microsoft "authentication chips" in order to work with Windows (or Toyota or Ford doing the same for replacement parts), I'd think reviewers would be screaming about it.

Scientists Developing One-Size-Fits-All Bioterrorism Vaccine

Via onemedplace.com -

Scientists at the Scripps Research Institute are developing a new method of vaccination that could potentially be used to provide instantaneous protection whether the target is a cancer cell, flu virus, or a toxin like anthrax in the event of a bioterrorism attack. Normally, it takes days or weeks for the body to build immunity against a pathogen. The scientists injected mice with chemicals designed to trigger a universal immune reaction, as well as “adapter molecules” that they had developed to recognize the target cells causing the disease. The adapter molecules cooperate with the antibodies to create “covalent antibody-adapter complexes” within the body of the animal. “The antibodies in our vaccine are designed to circulate inertly until they receive instructions from tailor-made small molecules to become active against a specific target,” says Scripps professor Carlos Barbas III. “The advantage of this method is that it opens up the possibility of having antibodies primed and ready to go in the time it takes to receive an injection or swallow a pill.” This presents an exciting possibility for the field of biodefense, especially.

MQ-9 Reaper UAV Getting GPS Guided JDAMs

Via Air Force Material Command -

The already lethal MQ-9 Reaper unmanned aircraft system will soon bring even more punch to the enemy in the form of the Joint Direct Attack Munition.

The results of the series of GBU-38 JDAM test drops at the China Lake test range in California are still being evaluated, but they mark a significant step in certifying the Reaper to carry the 500 pound version of the JDAM.

Considering the Reaper's perfect 9 hits out of 9 drops, the way ahead looks clear.

"This is a great success that adds another valuable weapon system to the warfighter's arsenal," said Col. Chris Coombs, 703rd Aeronautical Systems Group Commander. "Putting the JDAM on the Reaper significantly increases its lethality on the battlefield."

Flight testing is only one part of the process, according to Colonel Coombs. After additional analysis, the group hopes to certify JDAM capability on the Reaper this July.

Currently, the Reaper is authorized to carry the GBU-12 Paveway II, which is a 500 lb., laser guided bomb and the AGM-114 Hellfire missile. The JDAM adds the precision afforded by its global positioning system guidance control unit along with adverse weather capability.

"We try to look at the types of target sets the warfighter needs to engage and the best weapon to utilize including a range of factors such as collateral damage," Colonel Coombs said. "Our next step is to add the GBU-39B Small Diameter Bomb which will further increase the types of target sets the warfighter can engage."

F-35 May Need Thermal Management Changes

Via aviationweek.com -

The Lockheed Martin F-35 Lightning II may be redesigned to improve its ability to absorb heat from its electronics and systems.

The aircraft is meeting the specification for thermal management, but the Joint Strike Fighter program’s deputy executive officer, Maj. Gen. David Heinz (select), says he is asking contractors to assess the costs of changes to give it a bigger margin over the requirement.

“We meet that requirement but it is a very tough requirement,” Heinz says, adding that, while he has asked for studies for an improved margin, “at the moment I don’t need it.”

The F-35 is designed to transfer heat from its powerful electronics and systems to its fuel, to keep the aircraft cool and make it less detectable by infrared cameras.

Under most conditions, that presents no challenge, but if the aircraft is at the end of a mission, it will have little fuel aboard to absorb the heat energy, says Tom Burbage, Lockheed Martin’s executive vice president for F-35 program integration. And the toughest part of the specification is to distribute the heat into the remaining fuel while operating in the tropics in hot and high conditions.

While Heinz says the aircraft can do that, his interest in finding ways of increasing the margin – for example, by circulating the fuel faster and reducing the amount of generated heat – implies that the aircraft is only just meeting its specification without much room for comfort.

WWW Inventor Attacks Deep Packet Inspection

Via ZDNet -

The inventor of the World Wide Web, Sir Tim Berners-Lee, has attacked deep packet inspection, a technique used to monitor traffic on the internet and other communications networks.

Speaking at a House of Lords event on the 20th anniversary of the invention of the World Wide Web, Berners-Lee said that deep packet inspection was the electronic equivalent of opening people's mail.

"This is very important to me, as what is at stake is the integrity of the internet as a communications medium," Berners-Lee said on Wednesday. "Clearly we must not interfere with the internet, and we must not snoop on the internet. If we snoop on clicks and data, we can find out a lot more information about people than if we listen to their conversations."

Deep packet inspection involves examining both the data and the header of an information packet as it passes a 'black box' on a network, in order to reveal the content of the communication. Targeted advertising services, such as Phorm in the UK, use deep packet inspection to monitor anonymised user behaviour and to target adverts at those users. In addition, UK government initiatives such as the Intercept Modernisation Programme have proposed using deep packet inspection to perform mass surveillance of the web comunications of the entire UK population.

Speaking to ZDNet UK at the event, Berners-Lee declined to comment about any particular company or government initiative, but said that internet service providers (ISPs) should not perform deep packet inspection.

"If [third parties] are using the data for political ends or commercial interest, there we have to draw the line," Berners-Lee said. "There's a gap between running a successful internet service and looking inside data packets."

Berners-Lee expressed concern that the UK government had taken no action over deep packet inspection, in contrast to the US government's response to the use of deep packet inspection by targeted advertising company NebuAd. Last autumn, the US Congress decided to review privacy concerns around the start-up, after which the company's chief executive, Bob Dykes, stepped down.

"I'm embarrassed, as a UK citizen and as a US resident, that the US has drawn a line firmly against deep packet inspection and this country hasn't," Berners-Lee said.

Researchers Find Ways to Sniff Keystrokes From Thin Air

Via ITWorld.com -

That PC keyboard you're using may be giving away your passwords. Researchers say they've discovered new ways to read what you're typing by aiming special wireless or laser equipment at the keyboard or by simply plugging into a nearby electrical socket.

Two separate research teams, from the Ecole Polytechnique Federale de Lausanne and security consultancy Inverse Path have taken a close look at the electromagnetic radiation that is generated every time a computer keyboard is tapped. It turns out that this keystroke radiation is actually pretty easy to capture and decode -- if you're a computer hacker-type, that is.

The Ecole Polytechnique team did its work over the air. Using an oscilloscope and an inexpensive wireless antenna, the team was able to pick up keystrokes from virtually any keyboard, including laptops. "We discovered four different ways to recover the keystroke of a keyboard," said Matin Vuagnoux, a Ph.D. student at the university. With the keyboard's cabling and nearby power wires acting as antennas for these electromagnetic signals, the researchers were able to read keystrokes with 95 percent accuracy over a distance of up to 20 meters (22 yards), in ideal conditions.

Laptops were the hardest to read, because the cable between the keyboard and the PC is so short, making for a tiny antenna. The researchers found a way to sniff USB keyboards, but older PS/2 keyboards, which have ground wires that connect right into the electric grid, were the best.

Even encrypted wireless keyboards are not safe from this attack. That's because they use a special algorithm to check which key is pressed, and when that algorithm is run, the keyboard gives off a distinctive electromagnetic signal, which can be picked up via wireless.

Vuagnoux and co-researcher Sylvain Pasini were able to pick up the signals using an antenna, an oscilloscope, an analog-digital converter and a PC, running some custom code they've created. Total cost: about US$5,000.

Spies have long known about the risk of data leaking via electromagnetic radiation for about 50 years now. After the U.S. National Security Agency found strange surveillance equipment in a U.S. Department of State communications room in 1962, the agency began looking into ways that radiation from communications equipment could be tapped. Some of this research, known as Tempest, has now been declassified, but public work in this area didn't kick off until the mid-1980s.

The idea of someone sniffing out keystrokes with a wireless antenna may seem ripped from the pages of a spy thriller, but criminals have already used sneaky techniques such as wireless video cameras placed near automated teller machines and Wi-Fi sniffers to steal credit-card numbers and passwords.

"If you are a company using highly confidential data, you have to know that the keyboard is a problem," Vuagnoux said.

If pulling keystrokes out of thin air isn't bad enough, another team has found a way to get the same kind of information out of a power socket. Using similar techniques, Inverse Path researchers Andrea Barisani and Daniele Bianco say they get accurate results, picking out keyboard signals from keyboard ground cables.

Their work only applies to older, PS/2 keyboards, but the data they get is "pretty good," they say. On these keyboards, "the data cable is so close to the ground cable, the emanations from the data cable leak onto the ground cable, which acts as an antenna," Barisani said.

That ground wire passes through the PC and into the building's power wires, where the researchers can pick up the signals using a computer, an oscilloscope and about $500 worth of other equipment. They believe they could pick up signals from a distance of up to 50 meters by simply plugging a keystroke-sniffing device into the power grid somewhere close to the PC they want to snoop on.

Because PS/2 keyboards emanate radiation at a standard, very specific frequency, the researchers can pick up a keyboard's signal even on a crowded power grid. They tried out their experiment at a local university's physics department, and even with particle detectors, oscilloscopes and other computers on the network were still able to get good data.

Barisani and Bianco will present their findings at the CanSecWest hacking conference next week in Vancouver. They will also show how they've been able to read keystrokes by pointing a laser microphone at reflective surfaces on a laptop, such as the screen. Using the laser's very precise measurements of the vibrations on the screen's surface caused by typing, they can figure out what is being typed.

Previously researchers had shown how the sound of keystrokes could be analyzed to figure out what is being typed, but using the laser microphone to pick up mechanical vibrations rather than sound makes this technique much more effective, Barisani said. "We extend the range because with the laser microphone, you can be hundreds of meters away," he said.

The Ecole Polytechnique team has submitted their research for peer review and hopes to publish it very soon.

Cybercrime-as-a-Service Takes Off

Via ITNews.com.au -

Malware writers that sell toolkits online for as little as $400 will now configure and host the attacks as a service for another $50, a security expert has said.

Speaking at the Vasco Banking Summit in Sydney yesterday, the company's technical account manager, Vlado Vajdic, told delegates that cyber crime was becoming so business-like that online offerings of malicious code often included support and maintenance services.

Additionally, he said, cybercrime outsourcing would become a key trend in 2009.

"It was inevitable that services would be sold to people who bought the malware toolkits but didn‘t know how to configure them," Vajdic said.

"Not only can you buy configuration as a service now, you can have the malware operated for you, too. We saw evidence of that this year."

"Investors get malware developers to write code for them and then get the writers to host and distribute it, too."

Vajdic showed delegates an email purported to be from a malware 'provider' offering hosted services for an extra $50 for three months.

Vasco's regional director for Pacific, India and Japan, Dan Dica, said company researchers buy the kits online and disassemble them to try to learn the secrets of their programming.

"The kits come with maintenance, support and a user guide," Dica said.

"For $400 you can become a hacker."

Vajdic said that toolkit creators increasingly appeared to apply commercial development techniques in their creation.

"There's evidence of solid software engineering practices being built into them," he said.

"Today's bad guy is a business person that attracts investment, has malware writers working under them and probably even employs a project manager. These people are high-flyers."

Vajdic also said that the malware writers often viewed themselves as being involved in a legitimate business.

"They say it is spyware or that it's for research purposes only and they can't control what you do with it," Vajdic said.

BBC Program Purchases Botnet, Touches Off Ethical Debate

Via eWeek.com -

BBC's technology program "Click" purchased a botnet recently as part of an experiment meant to show how botnets can do damage. But by putting money in the hands of hackers, did BBC's program do more harm than good?

The minds behind BBC’s television program "Click" have inadvertently thrust themselves into an ethical quagmire.

Recently, the team at Click purchased a botnet to demonstrate to viewers the power wielded in the cyber-underworld. The team used the roughly 22,000-machine botnet to spam Hotmail and Gmail accounts they controlled, as well as to launch a distributed denial of service (DDoS) attack against a site owned by security vendor Prevx. The DDoS attack was performed with Prevx's consent.

According to Click, the team shut down the botnet after their experiment was finished. Though the team said they never accessed information on the compromised PCs, they also claimed they notified the owners of the bots that they were infected. Click did not respond to an inquiry by eWEEK before publication, but those involved appear to have done this by modifying desktop wallpapers with messages to the owners that their computers were infected.

While Click maintains that no laws were broken, opinions on their experiment – which proved something that most people already know – were mixed, to say the least.

“[It’s] not even a gray area, it is flat out unprofessional,” said Gartner analyst John Pescatore. “It is like paying an arsonist to burn down an abandoned building to get good footage of flames. They could have gone to any one of several security vendors who could have demonstrated the severity of the bot problem.”

Click did not say how much money was paid for the botnet, but the story quoted a Jacques Erasmus of Prevx saying this: “computers from the U.S. and the U.K. go for about $350 to $400 (£254-£290) for 1,000 because they've got much more financial details, like online banking passwords and credit cards details.”

Leaving aside the financial details, there is an issue of law. While Click stated via a Tweet message that the program proceeded with legal advice, others have questioned this. For example, international law firm Pinsent Masons published an article both calling the experiment illegal and stating that the intent of BBC does not matter – only that unauthorized access occurred.

“A guest who is uninvited remains a trespasser regardless,” said Scott Crawford, an analyst with Enterprise Management Associates. “Would these same individuals have welcomed the BBC forcing its cameras into their homes?"

--------------------------

Very unprofessional indeed...and perhaps illegal...as none of the owners of the zombies [bot computers] granted permission for BBC to be on their computer...thus they gained unauthorized access to 22,000 international machines. Some of these machines may be owned by corporations or governments...making the issue even more serious.

Just because someone has already broken into my house [by breaking the door]...and stole my TV...doesn't mean you can come in, digg around and leave a sign.

Cue Drama Button...

FBI Concerned About Young US Men Recruited for Terrorism

Via MSNBC.com -

Sources tell KING 5 News that Seattle FBI agents are now working on a nationwide terrorism investigation.

They're concerned that young men are being recruited in the United States to join the Jihad overseas.

The FBI has confirmed some cases of young men traveling to the East African nation of Somalia to join al Qaeda-sponsored groups there.

One of the cases they're looking at includes a man killed in fighting in Somalia last year – an American citizen from Seattle.

Ruben Shumpert was a convert to radical Islam whose anti-American rhetoric and quest for guns brought him to the attention of the Seattle FBI in 2004.

Agents raided his south Seattle barbershop and arrested a group of men in a potential terrorism case.

Those people later pleaded guilty to counterfeiting, but Shumpert who was free on bond never showed for sentencing.

Last year he was listed among the dead in a U.S.-sponsored rocket attack near Mogadishu - the capital of war-ravaged Somalia.

Muslim extremists are fueling the fighting and now the investigation into Shumpert's apparent death has taken on new urgency because at a Seattle mosque – and others in the Minneapolis area – at least a dozen Somali families report young men who have vanished.

In several cities the FBI is investigating whether young Somali Americans have traveled back to their native country to fight.

Minneapolis college student Shira Ahmed killed more than two dozen people in Somalia in October and became the first suicide bomber radicalized in the U.S., according to the head of the FBI.

"We certainly believe that he was recruited here in the United States and we do believe there may have been others that have been radicalized as well," said Robert Mueller, FBI director.

The head of the Seattle Somali Community Center didn't want to speak to KING 5 on camera, but says she is not aware of anyone who has reported a missing family member.

A federal justice source also says agents haven't turned up firm evidence that anyone other than Shumpert traveled from Seattle to fight. However, with the fourth largest Somali community in the country here, agents are trying to build their rapport with that community.

Of course, the concern is that these extremists are U.S. citizens that could bring the violence back here.

The Web: 20 Year B-Day!

Via CNET -

Is it already 20 years since Tim Berners-Lee authored "Information Management: A proposal" and set the technology world on fire?

Back in 1989, Berners-Lee was a software consultant working at the European Organization for Nuclear Research outside of Geneva, Switzerland. On March 13 of that year, he submitted a plan to management on how to better monitor the flow of research at the labs. People were coming and going at such a clip that an increasingly frustrated Berners-Lee complained that CERN was losing track of valuable project information because of the rapid turnover of personnel. It did not help matters that the place was chockablock with incompatible computers people brought with them to the office.

"When two years is a typical length of stay, information is constantly being lost. The introduction of the new people demands a fair amount of their time and that of others before they have any idea of what goes on. The technical details of past projects are sometimes lost forever, or only recovered after a detective investigation in an emergency. Often, the information has been recorded, it just cannot be found."

So he got to work on a document, which is amazing to read with the benefit of 20-20 hindsight. But it would take Berners-Lee another couple of years before he could demo his idea. Even then, the realization of his theory had to wait until the middle of the 1990s when Jim Clark and Marc Andreessen popularized the notion of commercial Web browsing with Netscape.

And as prescient as the CERN document was, not even Berners-Lee could imagine where his basic design was about to lead. To wit, part of his very modest conclusions:

"We should work toward a universal linked information system, in which generality and portability are more important than fancy graphics techniques and complex extra facilities."

"The aim would be to allow a place to be found for any information or reference which one felt was important, and a way of finding it afterwards. The result should be sufficiently attractive to use that it the information contained would grow past a critical threshold, so that the usefulness the scheme would in turn encourage its increased use."

So it is that on Friday, Berners-Lee and other personages involved in the development of the Web will congregate at the particle physics lab to celebrate. I can't make the event, but from one side of the pond to the other, here's a virtual toast to Sir Tim Berners-Lee on a job very well done.

Two Engineers Arraigned For Theft Of Trade Secrets From Goodyear

Via DarkReading.com -

Two Wyko Tire Technology engineers are facing up to 150 years in prison after allegedly scamming their way into a Goodyear tire factory and secretly photographing its proprietary equipment.

According to a UPI report, in early 2007 Wyko secured a contract to supply the Haohau South China Guilin Rubber Co. with tire manufacturing equipment, the U.S. Department of Justice said in a statement.

In May of that year, Wyko engineers Sean Howley and Clark Roberts allegedly visited a Goodyear Tire & Rubber Co. plant in Topeka, Kan., under false pretenses. During the visit the pair "used a cell phone to surreptitiously photograph proprietary [off-the-road] tire manufacturing equipment," the DoJ said.

The photographs, which contained "valuable trade secret information," were sent to a Wyko subsidiary in Dudley, England, where they were used to build similar equipment for the Chinese tire company, according to the DoJ. The contract was worth approximately $1.2 million.

Roberts and Howley were arraigned in Knoxville, Tenn., and both denied the charges against them. If convicted, the two face up to 150 years in prison and a fine of $2.75 million on 12 counts related to theft of trade secrets and trade fraud, Justice said.

Access Any Album on Any Facebook Profile

Via Security Ninja Blog -

Hi everyone,

I was creating a presentation last week covering the security risks and weaknesses of social networking websites and I found a few interesting things. The most interesting flaw I found was the poor control around access to users photo albums on Facebook, not the worlds biggest hack by a long way but still interesting.

I contacted Facebook last Thursday and I never received a response so I felt it was time to post the full details on my blog. I think most Facebook users would know that you can give a public URL to every photo and album you upload so that non Facebook users can view them. I wondered if we could exploit this somehow to allow us to access any users photos and albums without being their friends, without being in groups with them, have friends who are friends with them etc etc I found out it is possible! All you have to do is perform a search, hover over the “add friend” link, fire up the Burp Suite and sit back and wait for the photos!

[...]

So thats it really, its very simple to carryout this hack and access anyones profile picture album. But the title of this blog post is “Access any album on any Facebook profile” not just accessing one album.

To access any album you just need to do the same as we have above but change the aid= to §§ in the Burp Suite as well and use another custom iterator using 0123456789 and always 5 characters in length. It will obviously take longer than the first hack because we are forcing two values instead of one but it will give you access to any album on any Facebook profile.

MIT Chips Away at Lithium Ion Barrier

Via CNET -

Engineers at MIT have made a breakthrough that could translate into smaller, lighter, and faster-charging lithium ion batteries, the Massachusetts Institute of Technology announced Wednesday.

Gerbrand Ceder, the Richard P. Simmons Professor of Materials Science and Engineering at MIT; aided by Byoungwoo Kang, a graduate student in materials science and engineering, have made a small battery that can be fully charged or discharged in 10-20 seconds.

A detailed explanation on how they did this has been published in the March 12 issue of Nature, but here is a brief recap of what they essentially accomplished.

While lithium ion batteries have high energy densities, they are also known for their inability to gain and discharge energy quickly. That is why it commonly takes hours to recharge the battery on a plug-in electric vehicle.

Electric vehicle proponents have been struggling with this battery issue, some coming up with clever ways around it. Better Place, for example, came up with the idea of drivers saving time by swapping-out discharged car batteries for fully charged ones at electric vehicle stations.

Ceder and Kang experimented with the way lithium ions move in and around lithium iron phosphate, a material commonly used in lithium ion batteries. They worked with it to develop a new surface structure that gets ions to move more quickly from one place to another. They compare their project to building a beltway that goes around a city to avoid traffic, but has tunnels that let you drop in to exactly where you need to be.

"The ability to charge and discharge batteries in a matter of seconds rather than hours may open up new technological applications and induce lifestyle changes," according to Ceder and Kang's paper in "Nature."

In addition to being significantly faster, batteries made with their material degraded much less than usual lithium ion batteries after repeated discharges and recharges during testing. Because of that, they believe their batteries could be made with less material making them lighter and smaller.

Because their invention is not a completely new material, but a change to the way it's structured, the researchers said in a statement that their material could be implemented into commercial batteries within 2-3 years.

UN Agencies: North Korea Plans April Satellite Launch

Via Google News (AP) -

North Korea told two U.N. agencies it plans to launch a communications satellite sometime between April 4 and 8. The unprecedented disclosure is seen as trying to fend off international condemnation expected after what many believe will be a test of long-range missile technology.

Pyongyang's notification to the International Maritime Organization and the International Civil Aviation Organization underscores the communist regime is intent on pushing ahead the launch in an attempt to gain greater leverage in negotiations with the United States, analysts say.

The U.S. and other governments have warned that any rocket launch — whether missile test or satellite — would violate a 2006 U.N. Security Council resolution banning North Korea from ballistic missile activity.

The London-based IMO and Montreal-based ICAO said Thursday that North Korea informed them by letter of the launch details the day before. It is the first time the regime has offered a safety warning ahead of a missile or a satellite launch, according to the South Korean government.

"They want to do the launch openly while minimizing what the international community may find fault with," said Kim Yong-hyun, a professor at Seoul's Dongguk University. "The launch will earn North Korea a key political asset that would enlarge its negotiating leverage."

It is an international norm for countries planning a space launch or a missile test to notify maritime or aviation authorities of their plans so aircraft and ships can be warned to stay away from the affected regions.

But North Korea never did that ahead of its purported satellite launch in 1998 over Japan and a failed 2006 test-flight of a long-range missile, drawing strong international condemnations.

Few buy Pyongyang's claim that it needs a communications satellite at a time when it is one of the country's top national goals to address what it euphemistically calls the "problem of eating" — chronic food shortages that the country has grappled with since the mid-1990s.

Use of mobile phones, the Internet and international calls are tightly controlled in the totalitarian North.

"They might put a transistor on the rocket" and claim it was a satellite launch, said Hong Hyun-ik, a North Korea expert at the security think tank Sejong Institute, who is skeptical of the North's intentions.

Officials and experts have said even if a satellite is launched, the North's ultimate goal is to test and demonstrate its missile capabilities.

U.S. National Intelligence Director Dennis Blair said Tuesday the North may be planning a space launch, but said the technology is no different from that of a long-range missile and its success would mean the communist nation is capable of striking the mainland U.S.

"If a three-stage space launch vehicle works, then that could reach not only Alaska and Hawaii but part of what the Hawaiians call the mainland and what the Alaskans call the lower forty-eight," he said before a Senate panel.

South Korea, Japan and the United States have warned the North against any rocket launch.

Higgs Boson Particle Not a Heavyweight, Studies Suggest

Via NewScientist.com -

The possibility of a high-mass Higgs boson may have just evaporated with new data released today by the Fermi National Accelerator Laboratory in Batavia, Illinois. The result could mean a tougher, more protracted search for a welterweight version of the Higgs, the much-sought-after subatomic particle whose discovery would be a major triumph for particle physics and bring fame to the team who finds it first.

At the heart of the new result is a more precise measurement of the W boson. This is a well known particle, a mediator of the weak force, whose mass is theoretically linked to the Higgs.

The improved measurement will undoubtedly narrow the range of allowable values for the Higgs mass, and may well close off a narrow window on the upper end of that range where direct searches have not yet penetrated.

[...]

The chief impact of the measurement is not its value but how much it will reduce the overall uncertainty in the W boson mass. According to Heidi Schellman of Northwestern University, that error could shrink by as much as 10% once it is combined with other measurements. This, in turn, could drop the upper limit on the Higgs mass by 5 GeV or more, making the remaining space between 170 and 180 GeV uncomfortably tight, even for a tiny particle like the Higgs.

[...]

The news comes just ahead of a widely anticipated announcement on Friday from DZero and its counterpart, CDF, that a wider swath of values around 170 GeV have now been excluded. In other words, a heavy Higgs could be gone by the weekend.

If so, attention will shift to a region below 160 GeV where it is somewhat harder for both the Tevatron and the LHC to see the Higgs. Tevatron seems to be at an advantage, however, because it is working steadily and gradually building up data, while the LHC is on the sidelines following a liquid helium spill last fall.

Earlier this week, researchers at Fermilab also announced they've spotted collisions that produce single top quarks. Such collisions are easily concealed by background noise. Their discovery reinforces predictions that Fermilab should be able to spot a Higgs boson as light as 120 GeV by late 2010.

The Higgs boson is the last undiscovered particle in the so-called Standard Model of particle physics. A first discovery of the Higgs at Fermilab would be electrifying for a facility that is perceived as having long passed its heyday and a shot in the arm for US experimental physicists who have felt that the momentum in their field has shifted to Europe. Researchers agree that even if the Higgs is spotted first at Fermilab, the LHC will still be needed to confirm the find and to explore the new physics that lies beyond, as researchers move into a high-energy domain where the Tevatron cannot follow.

US Official: Al Qaeda's Afghanistan Presence Increasing

Via LATimes.com -

Al Qaeda has expanded its presence in Afghanistan, taking advantage of the sinking security situation to resurface in the country it was forced to flee seven years ago, the top U.S. military intelligence official testified Tuesday.

Army Lt. Gen. Michael D. Maples, director of the Defense Intelligence Agency, described Al Qaeda's efforts as one of the reasons for the Obama administration's decision last month to order additional troops to Afghanistan.

Afghanistan is no longer the haven for Al Qaeda that it was before the Sept. 11 attacks in the United States. But in testimony before the Senate Armed Services Committee, Maples said, "I believe Al Qaeda's presence in Afghanistan is more significant, although still at a relatively minor scale, than we have seen in the past."

Maples also cited intelligence indicating that Iran is playing a more active role in supporting a militant group based in Pakistan that is launching attacks against U.S. and Afghan forces.

"We are seeing some increased activity between Iran and the Haqqani network," Maples said, referring to a militant group that has carried out a series of brazen strikes against targets in and around Kabul, the Afghan capital.

Maples testified alongside Director of National Intelligence Dennis C. Blair in a hearing that covered an array of national security threats.

Freedom of Expression “Systematically Violated” in Tibet

Via Reporters Without Borders -

Reporters Without Borders is outraged by the systematic violation of press freedom and free expression in Tibet. Foreign journalists are finding it increasingly difficult to visit the Himalayan province and free speech is being suppressed even more ruthlessly there than in the rest of China. In the past few days, the editor of a Tibetan website has been arrested, a Tibetan culture website has been closed and SMS services have been suspended in parts of Sichuan province.

“We urge the Chinese authorities to allow foreign journalists to visit Tibet and the Tibetan regions freely,” Reporters Without Borders said. “We also call on them to grant the Tibet-based media more editorial freedom and to stop jamming international radio stations broadcasting in the Tibetan language.”

US-Chinese Anti-Submarine Cat and Mouse Game in South China Sea

Via FAS Strategic Security Blog -

The incident that unfolded in the South China Sea Sunday, where the U.S. Navy says five Chinese ships harassed the U.S. submarine surveillance vessel USNS Impeccable, appears to be part of a wider and dangerous cat and mouse game between U.S. and Chinese submarines and their hunters.

News media reports cite Pentagon reports of half a dozen other incidents just within the past week in which U.S. surveillance vessels were “subjected to aggressive behavior, including dozens of fly-bys by Chinese Y-12 maritime surveillance aircraft.”

The latest incident allegedly occurred in international waters only 75 miles south of a budding naval base near Yulin on Hainan Island from where China has started operating new nuclear attack and ballistic missile submarines. The U.S. Navy on its part is busy collecting data on the submarines and seafloor to improve its ability to detect the submarines in peacetime and more efficiently hunt them in case of war.

[...]

Among Chinese submarines the USNS Impeccable was monitoring is probably the Shang-class (Type-093) nuclear-powered attack submarine, a new class China is building to replace the old Han-class, and which has recently been seen at the Yulin base.

A commercial satellite image taken September 15, 2008, shows two Shang-class submarines present at the base, the first time – to my knowledge - that two Shang-class SSNs have been seen at the base at the same time.

[...]

The incident begs the question who or at what level in the Chinese government the harassment in international waters was ordered. The incident will make life harder for those in the Obama administration who want to ease the military pressure on U.S.-Chinese relations, and easier for hardliners to argue their case.

For both countries the Sunday incident and the many other incidents that have occurred recently are reminders that the time is long overdue for an agreement to regulate military operations. Following a break in response to U.S. military sales to Taiwan, U.S.-Chinese mid-level military-to-military talks were scheduled to resume last month, and the Commander of U.S. Pacific Command, Admiral Timothy Keating, said “nascent initiatives” were underway to draw up some “rules of the road” to address some of these issues.

----------------------------

More can be found here.

Photo of the Day - Sandstorm Blankets Saudi Capital

(Photo via Asharq Alawsat Newspaper)

Residents of Saudi Arabia's capital are cleaning up after a huge sandstorm blanketed the city with a thick layer of yellow dust. Cars and houses are covered by sand after the Tuesday storm forced the closure of the international airport and shut down schools.

Google Serves Up Behavioural Ads

Via BBC -

Google has entered the sometimes controversial arena of behaviour-based advertising.

It has launched a system that will serve up ads to web users based on their previous online activities.

The search giant is offering users the chance to see and edit their profiles and it will also offer them the choice to opt out of the service.

But privacy campaigners are outraged by the move, with Privacy International calling for a parliamentary enquiry.

-------------------------------

Check out this EFF article on the ads as well...

Foxit Reader 3.0 (<= Build 1301) PDF Buffer Overflow Exploit

http://www.milw0rm.com/exploits/8201

FoxIT Reader (and Adobe) released a new versions yesterday to address the big JBIG2 vulnerability. Yet Apple still haven't released an update to address the JBIG2 Stream vulnerability.