Anonops #12: Spy on the Spyers

quote:

Op vrijdag 9 maart 2012 18:17 schreef Papierversnipperaar het volgende:


Norton Antivirus all Platforms source code leaks to public

After PcAnywhere source code released Anonymous leaks Norton AntiVirus 2006 All Platform’s Source Code via PirateBay. The source code is available for download since 4:10PM today.

quote:

Curiosity Pwned the Cat

At the beginning of this week just hours before the news of Hector Monsegur’s arrest broke, many of you will have noticed that my twitter profile pic changed from the usual ‘Jester Mask’ to a QR-Code. The timing of this subtle change could not have been more favorable, as interest peaked with the news of @anonymousabu’s demise visits to my twitter profile rocketed. For posterity here’s a grab of said QR-Code:


Up until 30 minutes ago, anyone who scanned the QR-Code using their mobile device was taken to a jolly little greeting via their devices default browser hosted on some free webspace (I have since replaced all QR-Codes in the interests of opsec to point to the end of the internet website). The greeting featured my original profile pic and the word ‘BOO!‘ directly below it as per the screen grab below:


So whats up with that?

Well, the thing about QR-Codes is 99% of the time they will be accessed via a mobile device, and 99% of those will be iPhone or Android devices. This gives me a known and narrow vector to exploit.

Now before you all start freaking out it was a highly targeted and precise attack, against known bad guys, randoms were left totally unscathed. Allow me to explain further……

Embedded inside the webpage with the ‘BOO’ greeting was some UTF encrypted javascript, (I used this site to encrypt it) inside which was some code execution shellcode. When anyone hit the page the shellcode executed. The shellcode was a modified and updated version of the use-after-free remote code execution CVE-2010-1807, a known exploit for Webkit, which facilitated a reverse TCP shell connection to a ‘remote server’ which had an instance of netcat listening on port 37337.

I was going to leave it like this for a full week, however a keen eyed tweep going by the moniker @rootdial spotted the embedded code and asked about it via twitter (he wasn’t being malicious, just wondered if I knew about it.)

Webkit is an SDK component part used in both Safari for iPhone and also Chrome for Android.

quote:

A Long Time Ago, On an Imageboard Far, Far Away....

The idea of Anonymous is simple—freedom of speech and expression. Tracing the concept is a more complicated task. The embers started to glow on various imageboards. These were websites where people could post images and have discussion. No names were used and no registration was needed. There were no rules, only guidelines. Everyone was anonymous to everyone else. Some posts would grow and memes would form, while others would fade away and die, never to be heard from again. It is this open exchange of information that allowed ideas to flourish. You were no one, yet at the same time you were everyone. The only thing that mattered were the ideas.

When you’re allowed to have a name, it takes the focus away from the content itself and puts the focus on you as the creator of that content.

The users of these boards, united together by their views and thoughts, formed the first entity that can be called Anonymous. You have to understand the motivation behind what attracted people to imageboards like these, in order to understand the motivation of the current day Anonymous. Without a check on free speech, people could say and post whatever they wanted. This free marketplace of ideas grew and prospered as more and more people started posting and discussing topics openly. Soon the sense of "anonymous" was born. The idea that you don't have to be someone to be anyone.

It's anarchy at its most vibrant core.

Not a group, but a brand. Not a club, but a franchise. Just a group of people that have the same ideas. When they come together in a united cause...

Read more: http://null-byte.wonderho(...)33700/#ixzz1oj2QynOW

twitter:

torservers twitterde op zaterdag 10-03-2012 om 15:56:26 Monday is World Day Against Internet Censorship and comes with a great announcement. reageer retweet

quote:

Swedish Anonymous activists embark on bold trip to Syria

Activists within the Anonymous culture in Sweden headed to Syria this week amidst the chaos and inhumanity to bring much needed medical supplies and equipment to help the victims of the fragmented country.

#OpTripToSyria started trending on Twitter on Feb. 9 and has been gathering worldwide support very quickly. Supporters of the operation have had the chance to donate to the cause through a link on the triptosyria.wordpress.com web site the anons have established.

For nearly a year, constant protests have been flooding Syria's streets as citizens continue to relentlessly pressure current President Bashar al-Assad to step down. The protests have been hit with violence at the hands of al-Assad's military force. According to the UN, the conflict has claimed more than 7,500 lives.

Motivation for Anonymous's humanitarian mission to Syria had come from various factors, but most notably due to the attacks on the city of Homs.

“I think I had enough when I saw all the tweets from the Swedish activists @SyrienNyheter or more specifically of the babies who died when Assad's militia shut off the power to several incubators,” said an anon who currently goes by the handle TTS.

TTS also related a common creed of the Anonymous culture: that people shouldn't be afraid of their governments, governments should be afraid of their people.

Anonymous donations have come from all over the world and more than 50 people have contributed. “Donations have come from Swedes, Europeans, Asians, Russians, Americans – you name it,” said TTS.

As of March 4, the anons had raised $2,257 US that they will use to purchase the medical supplies they will be bringing. The supplies will include medical kits, water purification tablets, washcloths and antibiotics and painkillers.

Many followers of the twitter account @TriptoSyria have expressed concern about the safety of the individuals who are embarking on the trip.

“There are a lot of concerns that things might go wrong; we could be killed, captured, arrested or robbed, but we can only aim for success," said TTS. "Hopefully, our actions will inspire other people to do the same thing. Risking everything for what we believe is the right thing to do. And we know that our operation will have some kind of impact whatever happens.”

The team of activists is also well trained. Some of them have gone through military training, and have experience in first aid, trauma handling and CPR. However, they have emphasized that the mission is strictly non-violent.

This mission is still a bold endeavour as the United States and other Western embassies have suspended their actions in Syria, due to the elevated security risk.

On the international scale, Russia and China, two countries that initially vetoed the military intervention, seem to be waning in their support of Assad's regime. Both countries have decried the violence in Syria and have dispatched diplomats to the region this week. Victims of conflict in Syria can only hope that this will help bring direct action from the international community to end the loss of innocents.

quote:

Op zaterdag 10 maart 2012 18:06 schreef Ebbao het volgende:

[..]

Ik weet niet of ik op je link wil klikken na het lezen van deze intro..

quote:

Something Stinks in the Story of Sabu

SPOILER

Om spoilers te kunnen lezen moet je zijn ingelogd. Je moet je daarvoor eerst gratis Registreren. Ook kun je spoilers niet lezen als je een ban hebt.

Apparently it has not occurred to anyone that all information in the case of Sabu and the LulzSec arrests, originates from either the FBI itself, or Fox News (through some kind of ‘inside source’). Think about this for a second. What was the law enforcement organization that Anons appear to almost universally hate? The FBI. What was the news outlet known for it’s shoddy reporting and unreliable reports, despised by many Anons? Fox News.

Is it really a good idea to blindly trust information coming from these two, at best questionable, sources? Does anyone really believe that “Fox News would never make this up” or “the FBI would never issue false documents”? There does not seem to be any information whatsoever from any source other than these two, so is it really a good idea to assume the ‘official story’ is what happened?

Yet, never before have Anons and other internet creatures been seen so quickly turning on someone they idolized only days before. The #FuckSabu hashtag is widely used, people are calling for the release of all Anons ‘except for Sabu’, articles are being written detailing how he personally ratted out LulzSec, lured Anons into traps, and in the meantime killed kittens erryday.

Really, guys?

For another interesting turn of the plot: does anyone remember how Sabu was initially ‘doxed’? According to this Ars Technica article, his personal information was found when his WHOIS protection dropped after renewing the prvt.org domain, which was known to belong to Sabu.

Wait a second. Who owns Domains By Proxy?

Yes, Domains By Proxy, the WHOIS protection service used by Sabu, is part of GoDaddy. Remember how GoDaddy spoke out in support of SOPA, and was caught in backfire from ‘the internet’? Remember how they have a history of shutting down controversial domains? Remember how they are in US jurisdiction and appear to consider US law enforcement to be important, no matter how bad it may turn out for other people?

Hey, wait a second, GoDaddy has of course always had Sabu’s contact information on file, despite the WHOIS protection! Yet it’s claimed that Sabu was found because he connected to an Anonymous-related IRC network without using appropriate protection – a claim that, considering Sabu’s IRC habits, sounds quite unrealistic.

Something to think about.

Update: Peter Bright from Ars Technica clarified that the WHOIS exposure was not the source for the initial doxing of Sabu. This does not change the above conclusion that GoDaddy has always had Sabu’s contact details (even before the exposure), but it is still worth pointing out.

quote:

Hacker: The FBI Used Our “Dox” to Arrest Sabu (Exclusive)

quote:

A large part of the hacking community was shocked earlier this week to find out that one of the more vocal supporters of the Anonymous movement, Sabu, had been working with the FBI ever since the summer of 2011 when he was arrested.

Few internauts expected that Sabu, now known as Hector Xavier Montsegur from New York, would rat out so many hackers. However, there were some of them, such as the members of the respected TeaMp0isoN group who suspected that something was out of place with the LulzSec crew and this Sabu character.

As a result, in June 2011, TeaMp0isoN made public the true identities of the members of the LulzSec gang. At the time no one gave the incident much attention, because there was a lot of doxing going on and due to the large quantity of incorrect information many of the releases were simply ignored.

While many ignored this release, federal authorities took it very seriously, which ultimately led to the arrest of Sabu and the rest of the story as we know it.

The FBI and other involved law enforcement agencies would have a hard time admitting to have used the data provided by the hackers, but a former TeaMp0isoN member came forward with details that prove how they were able to identify the LulzSecs and how the government got into the possession of that information.

[interview]

quote:

LulzSec's Sabu: 'ask me about the CIA'

When the Guardian spoke to the hacker last year, he was keen to discuss claims he worked for the authorities

Last July the Guardian was investigating the elusive, mysterious individuals behind LulzSec and Anonymous – the loose hacker groups who had suddenly become front page news, as they led a wave of cyber attacks against a range major corporations and law enforcement. One individual, or one hacker name, stood out: Sabu, a proflic hacker often referred to as the leader of the groups.

Getting to Sabu was not easy; he was well aware of the illegal nature of his activities. But that month, the Guardian had a stroke of luck. Sabu objected violently to a piece we had carried, examining – and shooting down – allegations from a rival pro-US hacker that Sabu was using Anonymous and Lulzsec to push an extreme Islamic agenda.

He asked me to join him in an off-the-record internet chat – a conversation that happened seven weeks after Sabu, now unmasked as Hector Xavier Monsegur, had already been picked up by the FBI.

Given the latest revelations about Sabu's activities, that he worked as an informer from after his arrest on 7 June until just a few days ago, I think it is appropriate to publish a few extracts from our conversation.

Sabu – and we cannot even be sure that our correspondant was the real Monsegur and not a US agent – was not representing himself accurately to the newspaper. If anything, he was testing the Guardian out, openly flirting with the notion that he worked for the CIA – and then inviting me to knock him down.

Less than three weeks later, Monsegur pleaded guilty to 12 counts relating to computer hacking in secret, which carry a maximum sentence of 124 years and six months. But there is no sign in the logs of a man under pressure.

Sabu began by denouncing the Guardian's publication of the vague allegations of the supposed Islamic links of the hacker community. Then he switched tack, asking why the paper hadn't published rumours linking him to the CIA, arguing that would amount to an equivalent and equally inaccurate allegation. Given what we know now, the swerve is particularly noteworthy.

In case it is not obvious, my online name is <jamesrbuk>.

<SABU> OK. I'm waiting for the article discussing the potential of me being the leader of a CIA blackops operation and me denying it.

<SABU> can we work on it now?

<SABU> I'll begin my message

<SABU> <jamesrbuk> : I thank you for brining up this serious allegation but I deny being part of the CIA or any black operations unit/organization.

<SABU> I am an activist and security researcher. Not a CIA operative

Moments later, I strayed even closer to what had become Sabu's emerging double life (remember, the indictments released yesterday refer to Monsegur only being a member of Anonymous until 7 June 2011, the day of his arrest). I linked a recent Guardian story – unaware of any ironies – suggesting the FBI had managed to recruit a full quarter of all US hackers as informants:

<SABU> The CIA has done more blackops and terror operations than al-qaeda could ever do

<SABU> so, lets be realistic

<jamesrbuk> Something we covered: http://www.guardian.co.uk(...)hackers-fbi-informer

<SABU> That has literally nothing to do with what I'm talking about

<SABU> and I must say if your article is correct - the FBI is doin a very bad job at recruiting informants.

<jamesrbuk> Well, you were mentioning CIA blackops/etc. It's related.

<SABU> No it is not

At the time, I was bemused if not baffled by our exchange – and totally unable to see any motivation for Sabu's keenness that we start publishing what seemed to amount to little more than conspiracy theories about the operations of Anonymous and Lulzsec.

With hindsight, I wonder whether Sabu was trying in some way to set out a warning, or red flag to other hackers. Or perhaps he was goading me to see if I actually believed he might be a turncoat. Either way, these were signals I missed at that the time.

My other thought, looking back on the logs, is whether Sabu was thinking aloud as to why he was being asked to become an FBI informant rather than being publicly prosecuted. Here's more; here Sabu says some are claiming he had been working "with the CIA" although having closely followed the debate at the time this is not an allegation I can recall having seen aired:

<SABU> When can I expect an article discussing the idea of me being with the CIA and my denial?

<SABU> I'm eager to see this happen.

<jamesrbuk> So I see. May I ask why?

<SABU> Hmm...? is it not obvious?

<jamesrbuk> Not totally. And I'd prefer to hear rather than jump to wrong conclusions

<SABU> There is no wrong conclusion if you have been a part of this conversation

<SABU> You just said there was a claim that I may be a terrorist. You "researched" it and wrote the article

<SABU> There re claims I am with the CIA pushing to get tighter / stricter cyber-laws passed

<SABU> its literally the same shit, two different extremes.

Then, intriguingly, he goes onto say that UK and US goverments have been involved in covert operations, before going to say that he could not be linked to terrorism. Anonymous or LulzSec would not carry out their operations so publicly if they had an ulterior motive.

<SABU> The people are aware that our governments in the UK and the US have involved themselves in black operations in the past. it makes a lot of sense if lets say a rogue group of hackers suddenly began attaking national interests -- spawning a massive overhaul of internet security, theoretically.

<SABU> you're telling me thats not worse than some random jihadist who barely knows how to use a computer in the first place, "hacking"/

<SABU> Also heres where your entire point is flawed into oblivion

<SABU> why would a terrorist release and dump 90,000 INTELLIGENCE COMMUNITY MILITARY PERSONELL PASSWORDS AND EMAILS when they can just intercept military intelligence communications for the next year using this data ?

<SABU> Why would osama bin laden go through all the work of hacking booz allan [a US government and defence consultancy], just to post a pastebin with an ascii art mocking the security of federal contractors.

<SABU> Be realistic.

<SABU> Think.

Even as an FBI informer, Sabu would not be in a position to have evidence to back up his theories that the CIA were angling for a tightening of US cyber laws. Those co-operating with the authorities to mitigate their sentancing are rarely handed US government secrets. Instead, what's interesting is Sabu's internal reasoning for why – hypothetically at least – a compromised organisation (as we know now LulzSec was) might be allowed to continue.

One factor in the decision to make some of this public was an unusual comment towards the end of the conversation, in which Sabu advised me to make sure I kept a log, or transcript, of the chat for later use:

<SABU> AS FOR THE LOG I don't do interviews or usually paste chatlogs so I'm keeping it privately

<SABU> so I suggest you do the same

At this stage, surely Sabu would have known, or at least suspected, that his agreement to turn evidence against other members of Lulzsec would eventually become public. Re-reading this now, one wonders if he was hoping that some of our conversation would eventually become public too - an interview, in effect, at the point when he couldn't speak for himself.

Just over a fortnight after these published exchanges, we now know that Monsegur – aka Sabu – secretly pleaded guilty to 12 counts of computer hacking.

From June to March this year, he – and his FBI handlers – were party to details, often in advance, of hacking attacks including the interception of an FBI conference call, and the seizure of 5m emails from the servers of UK intelligence firm Stratfor, which are currently being published by WikiLeaks.

On Tuesday, charges were lain against five individuals alleged to be core members of Anonymous and Lulzsec – and the man behind Sabu was finally publicly unmasked as a 28-year-old unemployed Puerto Rican living in New York.

quote:

PM Project: Endgame systems

quote:

People who have seen the company pitch its technology—and who asked not to be named because the presentations were private—say Endgame executives will bring up maps of airports, parliament buildings, and corporate offices. The executives then create a list of the computers running inside the facilities, including what software the computers run, and a menu of attacks that could work against those particular systems. Endgame weaponry comes customized by region—the Middle East, Russia, Latin America, and China—with manuals, testing software, and “demo instructions.” There are even target packs for democratic countries in Europe and other U.S. allies. Maui (product names tend toward alluring warm-weather locales) is a package of 25 zero-day exploits that runs clients $2.5 million a year. The Cayman botnet-analytics package gets you access to a database of Internet addresses, organization names, and worm types for hundreds of millions of infected computers, and costs $1.5 million. A government or other entity could launch sophisticated attacks against just about any adversary anywhere in the world for a grand total of $6 million...

Endgame’s price list may be the most important document in the collection. If the company were offering those products only to American military and intelligence agencies, such a list would be classified and would never have shown up in the HBGary e-mails, according to security experts. The fact that a nonclassified list exists at all—as well as an Endgame statement in the uncovered e-mails that it will not provide vulnerability maps of the U.S.—suggests that the company is pitching governments or other entities outside the U.S. Endgame declined to discuss the specifics of any part of the e-mails, including who its clients might be. Richard A. Clarke, former Assistant Secretary of State and special adviser to President George W. Bush on network security, calls the price list “disturbing” and says Endgame would be “insane” to sell to enemies of the U.S.

quote:

'Censuur internet in China en Iran neemt toe'

Burgers in China en Iran hebben in toenemende mate last van censuur op internet, signaleert Reporters Zonder Grenzen. De organisatie, die zich inzet voor persvrijheid, heeft vandaag een lijst uitgebracht met 'Vijanden van het internet'. Daarop staan twaalf landen, waaronder China en Iran.

Terwijl het regime in Peking internetbedrijven dwingt mee te werken aan de digitale censuur, gaat Iran nog een stapje verder met de ontwikkeling van een eigen 'nationaal internet', dat is afgesloten van de rest van de wereld.

Gevangen
Minstens 199 bloggers en journalisten werden in 2011 gevangengezet vanwege hun activiteiten op internet, stelt Reporters Zonder Grenzen. China, Vietnam en Iran namen volgens de organisatie de meeste mensen gevangen wegens ongewenste meningen. Nieuw op de lijst van 'internetvijanden' zijn Bahrein en Wit-Rusland.

In Libië is het na de val van dictator Muammar Kaddafi juist veiliger geworden om je mening te verkondigen op internet, aldus de organisatie.

Dag tegen censuur
Hier het verslag van Reporters Zonder Grenzen op de eigen website, vandaag uitgebracht ter gelegenheid van World Day Against Cybercensorship, de 'Werelddag tegen Internetcensuur'.

quote:

Canada's Parliament summons Anonymous to testify

Idlepigeon sez, "Canada's government has moved to call Anonyomous to testify before the House Affairs Comitte, over threats made to a minister who's been pushing to pass Bill C30---online surveillance legislation. In this very funny piece from the Globe and Mail's Tabatha Southey, the entire Internet shows up to testify."

Anonymous is so nebulous that for the federal government to call Anonymous to testify is almost to call the Internet itself – something the government may regret.

“I'd to thank the committee for the opportunity to speak today,” the first witness might say. “The threats against the minister are grave and on the advice of my consul, Mr. Fry, I'd just like to assure the minister that I … am never gonna give you up, never gonna let you down, never gonna … ”

quote:

Chinezen verdacht van Facebook-aanval op topman NAVO

Chinese cyberspionnen worden ervan beschuldigd via Facebook militaire geheimen te hebben proberen ontfutselen aan NAVO-topman admiraal James Stavridis.

De militaire topman blijkt herhaaldelijk het doelwit te zijn geweest in een oplichtingszaak via Facebook die zou georganiseerd zijn door cyberspionnen in China, zo meldt The Observer. De spionnen maakten valse accounts in Stavridis' naam in de hoop dat zijn intimi hem daarop zouden contacteren of antwoorden op privé-berichten.

Dit soort van vervalsing op sociale media komt steeds vaker voor. Volgens de NAVO is het niet duidelijk wie verantwoordelijk is voor de webfraude, maar andere veiligheidsbronnen wijzen met de vinger naar China.

Ook bedrijven geviseerd
Vorig jaar werden Chinese criminelen nog beschuldigd van een gelijkaardige operatie met codenaam Night Dragon. Daarbij gaven hackers zich uit voor CEO's van bedrijven in de Verenigde Staten, Taiwan en Griekenland met het oogmerk bedrijfsgeheimen te stelen.

De fraude met Facebook doet de vrees groeien dat de schaal waarop China aan cyberspionage doet groter is dan totnogtoe werd vermoed. Naast hoogeplaatste militairen zou de tactiek ook toegepast worden om op grote schaal interne informatie te verwerven van bedrijven die voor de NAVO werken.

42 miljoen voor beveiliging
De verfijning en de meedogenloosheid waarmee dergelijke cyberaanvallen worden uitgevoerd, doen geheime diensten aan beide kanten van de Atlantische Oceaan vermoeden dat die door staten worden gesponsord.

De NAVO heeft al zijn toplui gewezen op de gevaren van dergelijke impersonaties op socialenetwerksites. Een gespecialiseerd bedrijf krijgt van de NAVO 42 miljoen euro om de veiligheid van het NAVO-hoofdkwartier en 50 andere militaire sites in Europa op te drijven.

Samenwerking met Facebook
Een woordvoerder van de NAVO bevestigt dat Stavridis, die topcommandant van de NAVO voor Europa is, in de voorbije twee jaar verscheidene keren doelwit is geweest. Facebook werkte mee aan het blokkeren van de valse accounts. De NAVO houdt inmiddels regelmatig contact met de account managers bij Facebook, de valse pagina's werden doorgaans binnen de 24 uur verwijderd. Het is echter extreem moeilijk de bron van dergelijke valse accounts te traceren.

Stavridis, die ook de leiding heeft over de Amerikaanse troepen in Europa, is een fervent gebruiker van sociale media. Hij heeft ook een échte Facebookpagina die hij vaak gebruikt om te melden wat hij doet en waar. Vorig jaar meldde hij op Facebook het einde van de militaire campagne in Libië.

quote:

Op maandag 12 maart 2012 14:43 schreef Yuri_Boyka het volgende:

[..]

Nee gewoon informatie waar je hele regeringen, grote machtige duivelse corporaties etc. etc. opdoekt en dat dat een werkelijke grote impact heeft waardoor je serieus de wereld verbetert.

quote:

http://www.thesmokinggun.com/buster/fbi/sabu-still-hiding-857902

The hacker-turned-informant whose undercover work resulted last week in criminal charges against several of his alleged “Anonymous” cohorts remained in hiding today, avoiding an appearance in a New York courthouse to answer a misdemeanor criminal charge.

When Hector Monsegur’s case was called this morning at Manhattan Criminal Court, the 28-year-old snitch was nowhere to be found. Instead, his lawyer approached the bench for an off-the-record conversation with the judge and an assistant district attorney.

At the parley's conclusion, the jurist announced that, due to “extraordinary circumstances,” Monsegur’s case was being adjourned for an arraignment next month. Outside the courtroom, Peggy Cross-Goldenberg, Monsegur’s lawyer, declined to discuss what transpired at the bench, and politely deflected other TSG questions about her client, including whether he was currently under protection by federal officials.

Last month, during the course of his vigorous cooperation with agents, Monsegur--who is known online as “Sabu”--was arrested by the NYPD outside his apartment building in the Jacob Riis housing project on Manhattan’s Lower East Side. According to a criminal complaint, when a cop asked him for ID, Monsegur reportedly said, “Relax. I’m a federal agent. I am an agent of the federal government.”

Monsegur--a federal informant, not a federal agent--was subsequently busted on a misdemeanor criminal impersonation charge.

quote:

Onderzoek: bedrijven slecht voorbereid op cybercriminaliteit

Nederlandse bedrijven en instellingen zijn slecht voorbereid op aanvallen door cybercriminelen. Uit maandag gepubliceerd onderzoek van adviesbureau KPMG onder ruim 170 bestuurders blijkt dat slechts één op de vijf organisaties zichzelf in staat acht om met succes een digitale aanval af te slaan.

De afgelopen maanden zijn diverse incidenten naar buiten gekomen. Zo waren onder meer de websites van Philips, KPN en Bavaria doelwit van hackers, die vele persoonsgegevens buit wisten te maken. Het overgrote merendeel van de cybercriminaliteit wordt echter niet naar buiten gebracht.

Van de door KPMG onderzochte bedrijven was bijna de helft het afgelopen jaar slachtoffer van cybercriminelen. Ruim 60 procent geeft aan dat de schade zich jaarlijks beperkt tot een bedrag van 100.000 euro. Bij ruim 10 procent overstijgt de schade een bedrag van 1,5 miljoen euro. Phishing (met misleidende e-mails proberen gegevens te ontfutselen) blijkt de belangrijkste vorm van cybercriminaliteit. De financiële sector is het populairste doelwit, hier vindt 75 procent van de aanvallen plaats.

'De werkelijke omvang van cybercrime is moeilijk te achterhalen omdat de detectieprocedures mogelijk niet alles in kaart brengen', zegt John Hermans, partner bij KPMGRiskConsulting. 'De complexe IT-omgeving maakt het vrijwel onmogelijk om incidenten volledig uit te bannen. Het doel is dan ook vooral te voorkomen dat een aanval uit de hand loopt. De focus moet dus met name liggen op het beschermen van de belangrijkste bezittingen en het zeker stellen van mechanismen waarmee organisaties goed en snel op incidenten kunnen reageren.'

quote:

How I learned to stop worrying and love Anonymous

I am 25 year veteran of the Internet as a profitable concern and today, I would like to add my voice in support of #Anonymous.

This is a strange and perhaps career-limiting admission to make. But I no longer believe Anonymous is some gang of cyber terrorists, nor is it a Mafia-like criminal organization or a pack of cowards hiding in their parents’ basement. Those who publicly claim otherwise are, in my opinion, being alarmist and intellectually lazy to the point of negligence or duplicity.

Yes, the Anonymous movement is made up of a broad International coalition of online communities spanning the sometimes dark corners of AntiSec hackers, the wider world of DDoS (distributed denial of service) activists and even some prominent human rights and freedom of information advocates like Julian Assange.

That said, sometimes “Anonymous” is just a single person with a cellphone camera or a YouTube account making sure evil does not go unwitnessed.

There are divergences within this coalition of ideologies, but I can agree with one basic tenet of the movement: It posits that, as worldwide connectivity tops 2 billion, the Internet has evolved into something new and greater than the sum of its parts, with rights, rules, obligations and a culture unique unto itself.

It also believes action is needed to defend those rights.

Last month – eSentire's Travis Barlow invited me to host a session at the Atlantic Security Conference regarding Anonymous and its implications for both the security community and small business.

I stood up in front of 200 of my peers, some of the finest security minds this country has to offer, and suggested to them this so-called hacktivist fringe has the power to be a force for great good.

Hactivism, as undertaken by Anonymous, sees no buildings burned, no kids are clubbed and no officers pelted with rocks. It is non-violent protest that deliberately targets nothing more, and nothing less, than reputation.

The most dangerous outcome of the Anonymous movement, perhaps the most important thing it can do, is the embarrassment of people unaccustomed to being embarrassed.

Given the grandstanding around Bill C-30, it is easy to forget that it was an Anonymous crew that executed a campaign called #OpDarkNet in which it publicly released e-mail accounts and server locations for some of the largest child porn operations on the Internet. Clearly, that operation was not “with the child pornographers” and you may have read about several actual arrests in Canada around that time.

Because the Anonymous movement is not just a gang of credit-card-stealing thugs it was not “beheaded” by the arrest of a crew within the LulzSec community. That said, the infiltration and arrests may have radicalized the vast centre of the movement.

Another example of the kind of non-violent action Anonymous takes came in response to SOPA/ACTA/TPP/C-11 and C-30 and Occupy Wall Street evictions worldwide.

Several Anonymous communities undertook an educational campaign to distribute simple tool sets and basic information to activist communities both here and abroad. This campaign was aimed at re-empowering people driven from streets by the rubber bullet and the tear gas gun while exercising their right to protest.

As a result – thousands of Anonymous DDoS activists set up digital picket lines to shut down kukluxklan.bz, ufc.com, americannaziparty.com, eolas.com, heritagefront.com, monsanto.com and godhatesfags.com.

In response to government assurances that warrantless retention of private Internet data was completely safe, Anons opened several almost completely unsecured police sites world wide to make the point that it wasn't.

While it remains to be seen if Anonymous will manage to wield their power more wisely than other revolutionaries who have come before them, there can be no argument that the stakes are small or insignificant.

I can think of one monstrous example that overwhelmingly argues that thinking people everywhere need to try to listen to Anonymous (even if you can not participate in or support its actions): The death of a 26-year-old Syrian dad named Rami Ahmad al-Sayeed.

On Feb 21, 2012 Mr. al-Sayeed was killed in a mortar attack as the Assad forces shelled BabaAmr.

Mr. al-Sayeed spent the last eight months of his remarkable life bypassing Syrian Internet censorship – with the direct technical assistance of a lot of so-called “Anonymous Cyber Terrorists” here and abroad – in order to upload video to YouTube as the shells rained down around him in Homs.

He, and Anonymous, were making sure the world could see how it ends when governments no longer serve or protect the people they govern.

His final post makes for a chilling epitaph: “I expect this will be my last message and no one will forgive you who talked but didn't act.”

Following a 20 year career pioneering digital publications, B2C/B2G/B2B e-commerce and high security mobile solutions both in Canada and abroad – Jon Blanchard spent the last 6 years as Webmaster with the Halifax Herald family of companies.

quote:

Flying Swarm Of Robots Gives Protesters And Activists Free Wi-Fi, On The Go

quote:

During the 2011 Egyptian revolution, the government unplugged the Internet. Protesters were left without Internet, and thereby the ability to communicate even locally, instantly.

Electronic Countermeasures is a project by Liam Young of think tank Tomorrow’s Thoughts Today and Unknown Fields Division, with assistance from Eleanor Saitta, Oliviu Lugojan-Ghenciu, and Superflux. The project is essentially an autonomous, roaming Internet swarm, constructed from repurposed UAVs.

quote:

Flycatcher computer chip could soon connect fridges and forests to internet

Arm Holdings, UK firm whose designs feature in all smartphones and tablets, unveils new chip to enable 'internet of things'

Arm Holdings, the British technology group, has produced a low-power computer chip capable of connecting traffic lights, parking meters, fridges and even forests to the internet.

Codenamed Flycatcher, the tiny semiconductor is Arm's bid to expand its empire from smartphones and tablet computers, where its designs already feature in 100% of the devices on sale today, to the "internet of things", the 50bn everyday objects which it is predicted will be connected to the internet by the end of the decade.

With connected parking meters, on trial in San Francisco, motorists can identify free spaces from their mobile phone, reserve the spot, and pay over the internet without having to scramble for loose change.

Internet-controlled traffic lights could be co-ordinated to ease congestion after accidents, or change to green to allow emergency vehicles and VIP motorcades fast passage through city centres.

Arm hopes its chip, which measures less than a millimetre square, will find its way into white goods and motors, as well as wireless sensors for home and office lighting, heating and burglar alarms.

Medical devices, such as stethoscopes or blood pressure and glucose monitors, could also use it to transmit information to the doctor's surgery.

Flycatcher, whose official name is the Cortex-M0+, is designed for devices which cannot be attached to an electricity supply and must run off batteries.

It could be attached to sensors on trees in the Amazon to monitor rainfall, or to irrigation pipes on African farms to reduce water wastage.

"By enabling the connection of everyday devices we are pushing the edge of the internet out," said Arm director Gary Atkinson. "By connecting rooms or motors to the internet, you could significantly reduce the amount of energy consumed worldwide." Atkinson said around half of the world's electricity is used by motors, many of which have an efficiency rating of between 40% and 85%.

Arm, which designs rather than manufactures chips, already produces micro-processors for washing machines, street lights and motors. But the new product is 50% less power-hungry, cheaper and faster at processing information. It is one of a new generation of 32-bit micro-processors, also produced by Renesas Electronics Corporation in Japan and Microchip Technology in the US, which can run for years at a time without needing a change of battery.

Inhabiting devices which automatically switch power off when not being used, the speed at which they process and transmit information, via Wi-Fi or a mobile phone signal, is crucial. To save energy, power can be switched off many times a second, or for hours at a time.

Today, there are an estimated 12.5bn internet connected devices, an average of two per person, and many of these are phones or computers. In 2025, according to IT firm Cisco, there will be 1 trillion such devices.

Arm has been producing 8 and 16-bit micro-processors since 2007, but they were slower and much of the internet now communicates using 32-bit protocol. This means code for operating Flycatcher is easier to write or use off-the-shelf. While earlier Arm micro-processors cost half a dollar each, the new design will be closer to 20 cents (13 pence).

The product will see Arm pitching for a share of the entire $15bn micro-controller market, Atkinson said, rather than the third it addresses today. The group's royalty revenues from such units totalled $16m in 2010, out of total royalties of $335m, but Morgan Stanley forecasts this will more than double to $37m by the end of 2012.

quote:

Inside the Stratfor Attack

Last December, a group of hackers quietly orchestrated an attack on Stratfor Global Intelligence Service, a company based in Austin, Tex., that analyzes geopolitical risk and publishes a newsletter for various clients, among them the Departments of Homeland Security and Defense. The hackers breached the company’s network and, once inside, confided in their fellow hacker, Hector Xavier Monsegur, and, as it turns out, the Federal Bureau of Investigation.

Six months earlier, in June, the F.B.I. had arrested Mr. Monsegur and turned him into an informant. With his help, four hackers in Britain and Ireland were charged last Tuesday with computer crimes; a fifth man was arrested Monday in Chicago. Using the information he passed along, F.B.I. officials said it was able to thwart attacks on roughly 300 private companies and government agencies.

But with Stratfor, they were not so lucky.

Conspiracy theorists across the Internet surmise that federal agents sat back and let the Stratfor attack occur to collect evidence, or perhaps net a juicier target — say, Julian Assange, the founder of WikiLeaks, which later released the five million internal e-mails that hackers obtained in the Stratfor hack.

“That’s patently false,” said one F.B.I. official, who would speak only on anonymity because the investigation was continuing. “We would not have let this attack happen for the purpose of collecting more evidence.”

F.B.I. officials said they learned of the Stratfor breach on Dec. 6, after hackers had already infiltrated the company’s network and were knee-deep in Stratfor’s confidential files. On that date, F.B.I. officials said, Jeremy Hammond, suspected as the attack’s ringleader, informed Mr. Monsegur he had found a way into Stratfor’s network and was already working to decrypt its data.

The F.B.I. said that it immediately notified Stratfor, but said that at that point it was too late. Over the next several weeks, hackers rummaged through Stratfor’s financial information, e-mail correspondence and subscribers’ personal and financial information, occasionally deleting its most valuable data — all in full view of F.B.I. agents.

In addition to monitoring hackers’ chat logs, the F.B.I. managed, with Mr. Monsegur’s help, to persuade Mr. Hammond and Stratfor’s other attackers to use one of the agency’s own computers to store data stolen from Stratfor. The hackers complied and transferred “multiple gigabytes of confidential data,” including 60,000 credit card numbers, records for 860,000 Stratfor clients, employees’ e-mails and financial data, to the F.B.I.’s computers, according to the complaint against Mr. Hammond.

The F.B.I. said it told Stratfor to delay notifying customers while it completed its investigation — a demand that later made Stratfor the target of a class-action lawsuit from subscribers who complained the company did not inform them of the breach until it was too late. Stratfor had little choice but to go public with the breach on Dec. 24, when hackers defaced its Web site and began posting receipts online for donations they had made with customers’ stolen credit card information.

Over the following days, hackers released credit card details for thousands of Stratfor clients, made at least $700,000 in fraudulent purchases using their credit cards, and exploited their e-mail addresses for malware attacks. Stratfor was forced to stop charging for subscriptions to its newsletter — its principal source of revenue. All told, Stratfor estimates the breach cost it $2 million in damages and lost revenue, according to the complaint.

And that’s just the financial cost. Two weeks ago, the company suffered further embarrassment when, three months after the breach, hackers funneled its internal e-mails to WikiLeaks, for widespread publication.

Conspiracy theorists wonder why, with ample evidence, the F.B.I. waited three months to arrest Mr. Hammond after the Stratfor breach. Some suggest that the F.B.I. purposely waited to net a bigger target: Mr. Assange.

But F.B.I. officials said it simply took that long to collect the evidence to support their case. Cybercrime investigators and former federal prosecutors say that this makes sense, and that the time frame between Stratfor’s attack and subsequent arrests is not unusual.

“It’s not surprising it would take them that long to make arrests,” said Mark Seiden, a cybercrime investigator. “They have to collect evidence, and the paperwork takes between three and six months. If you don’t know exactly how hackers attacked a site, it’s difficult to bring them to justice. There’s no point in picking an unripe fruit.”

That news might disappoint the conspiracy theorists, but not nearly as much as it does Stratfor and its subscribers, whose personal and financial information was compromised as a result of the attack.

“It’s extremely frustrating,” said David White, a subscriber. Mr. White said he and his company were debating whether to renew their subscription. “At this point, it’s up in the air.”

quote:

VoxAnon: What is Project Affinity?

quote:

Project Affinity is an Anonymous experiment of a grand scale. If successful, it will radicalize and reinvirogate the way Anonymous functions, and allow us to operate at a much greater level of purpose and efficiency. It will solve all the problems listed above, and more. Although it may initially seem like a lot of effort, the benefits of having such a system in place would far outweigh the costs. Think of it as an Anonymous State of the Union. Every two weeks, we host an intra-Anonymous meeting between all the different Cells, Operations, and members of Anonymous.

quote:

Eurocommissaris: sociale media medeschuldig aan mislukken ACTA-verdrag

Dat de invoering van het anti-piraterijverdrag ACTA op de lange baan is geschoven, is mede de schuld van sociale media als Facebook en Twitter. Door hun 'intense mediacampagne' hebben sommige regeringsleiders nog geen handtekening onder het verdrag willen zetten. Dat heeft Eurocommissaris Karel de Gucht van Handel gezegd tijdens een vergadering van de Europese Commissie.

Dat blijkt uit de notulen van de vergadering. Verschillende technologiesites berichten er vandaag over. De Gucht maakte op 22 februari bekend dat de Anti-Counterfeit Trade Agreement (ACTA), een handelsovereenkomst ter bestrijding van namaak, zal worden voorgelegd aan het Europees Hof van Justitie.

Hoewel de Europese Commissie de omstreden wet al heeft aangenomen, loopt de invoering hiervan aanzienlijke vertraging op. Een aantal landen, waaronder Nederland, weigert het verdrag te tekenen zolang niet duidelijk is of de wet de internetvrijheid beperkt.

SOPA en PIPA
Ook de Amerikaanse antipiraterijwetten SOPA en PIPA zijn volgens De Gucht 'getorpedeerd' door een 'vijandige campagne' van sociale media. Het Republikeinse wetsvoorstel Stop Online Piracy Act (SOPA) en zijn Democratische tegenhanger Protect IP Act (PIPA) riepen een storm van protest op.

Verschillende grote sites, waaronder de Engelstalige Wikipedia, gingen zelfs enige tijd op zwart. Eind januari besloot de Amerikaanse Senaat de stemming voor beide wetsvoorstellen voor onbepaalde tijd uit te stellen.

Censuurwet
De Gucht meent dat er iets soortgelijks aan de gang is met ACTA. Die wet probeert de internationale standaarden voor de bescherming van de rechten van producenten van muziek, films, farmaceutica, mode en tal van andere producten te harmoniseren. Tegenstanders noemen het ook wel de 'censuurwet', omdat het de internetvrijheid drastisch zou beperken.

quote:

Stratfor CEO: WikiLeaks ‘makes war more likely’

AUSTIN, TEXAS — Speaking to an audience on Tuesday at this year’s South by Southwest convention, Strategic Forecasting CEO George Friedman suggested that by publishing archives of U.S. diplomatic cables, the anti-secrecy group WikiLeaks actually “makes war more likely.”

And in a surprising claim, Friedman added that his company tended to engage in an “orgy of speculation” following major world events — such as the killing of Osama bin Laden and the possibility of a sealed grand jury indictment against WikiLeaks founder Julian Assange — which is why Stratfor never published that information: because, he said, those claims are simply not true.

Friedman’s speech Tuesday marked the first time he has spoken in public about a devastating hack his company suffered at the end of 2011, which resulted in their entire email archives landing in the possession of WikiLeaks.

Opening his talk, Friedman was almost immediately interrupted by two activists with Occupy Austin, who “mic checked” him and offered the crowd a message about how Stratfor worked as a private spy agency on behalf of wealthy corporations. The crowd reacted negatively to the protesters, booing them loudly. Friedman quickly fell silent, waiting for security to usher them outside.

Continuing, he said that the hack on Stratfor was so completely thorough that their servers were “completely destroyed,” and that even he does not have a copy of the company’s emails anymore.

“I plan to ask the FBI to give me [a copy],” Friedman quipped.

He went on to suggest that hackers who attacked Stratfor had simply done it “for the lulz,” which Friedman called a “nihilistic” concept that he worried may be gaining traction on today’s Internet.

That led him to WikiLeaks, which he claimed to be inflating Stratfor’s profile tremendously by selectively publishing their emails. Reminiscing about the complexity of human conversation, and how that has been lost in the age of the Internet, he added that by elevating a single email from Stratfor, or diplomatic cables from WikiLeaks, as the subject of legitimate reporting, members of the press offer “complete falsification” due to a lack of human context.

“If you’re going to have diplomacy, you must have secrecy,” he said before suggesting that WikiLeaks had only served to “destroy life long relationships” between diplomats continents apart.

Again touching upon the need for more human context in online communications, he added that WikiLeaks, along with the rise of hacker groups like “Anonymous” and “LulzSec,” ultimately advances the Internet’s death march toward repression, instead of broader transparency.

Friedman transitioned into the constantly changing world of Internet security, saying that the “global commons” has evolved to become utterly crucial to business, yet the Internet is still “built with bubblegum and paper clips.”

“We’ve never had a system that so rapidly became so fundamental to what we do, which at the same time is so immature,” he said. “What is it, 20 [years old]? When the automobile was 20 years old, the Model T’s were out. [The Internet] is a Model T.”

He went on to warn that corporations and governments are much more powerful than Anonymous and WikiLeaks, meaning “they will win” in the ongoing power struggle simply by changing the rules of the conflict — I.E., changing the Internet itself.

“It’s not going to go on anymore because large corporations are getting hacked and it’s costing them large amounts of money, and these guys are powerful enough to make changes,” he warned.

“It may be, in the end, that repression is inevitable… I don’t know that Internet 1.0 — and we are still in beta — that this Internet will survive the way it is… [because] every justification for repression is being created by those who claim to oppose it.”

“Those who don’t want that to happen have to find a way to secure the Internet, because Joe McCarthy’s ghost is sitting out there waiting,” Friedman concluded.

quote:

Anonymous-OS 0.1 : Anonymous Hackers released their own Operating System

quote:

Yes! Its true, Anonymous Hackers released their own Operating System with name "Anonymous-OS", is Live is an ubuntu-based distribution and created under Ubuntu 11.10 and uses Mate desktop. You can create the LiveUSB with Unetbootin.

quote:

Warning : It is not developed by any Genuine Source, can be backdoored OS by any Law enforcement Company or Hacker. You at your own Risk.

quote:

Anonymous brings you #OpRenaissance

Welcome to phase 0

Once a week we will provide a topic. Research and discuss the topic with your peers. The hive mind will prevail and bring more important topics to the surface - if we do this together, we will not fail.

opRenaissance is a Humanist Social Experiment designed with three specific goals in mind;

1. To unite and educate human beings through exposure to alternative cultural worldviews and belief systems.

2. To provide an objective and logical outlet of humanistic thought to scientific-social sectors of society.

3. To facilitate the alleviation of all suffering.

These goals are met through a series of operations or phases which utilize funding, member volunteers and free exchange and provision of information. The key to our success thus far - is a sanskrit word called “u, pie, yah”, which is often translated as, “Skillful Means.” In a sense, the movement strives to use any and all resources, whether they be psychological and scientific knowledge, spiritual understanding, pop culture, or artistic ability and any other human faculties to the end of fulfilling, what we believe to be our human obligations to the world.

There are no requirements to become an active member of opRenaissance - though a general curiosity in the nature of existence is encouraged, the primary requirement is love for one’s fellow man.

As a member of opRenaissance your first assignment is to tell two other people about opRenaissance. The second assignment is talk about it with somebody who’s heard of opRenaissance. Make friends, meet people, talk deeply and passionately about ways to change the world. Spread the idea of Intelectual Renaissance. Everybody has something to contribute. Spread the word and await our next transmission.

We are progression.

We are becoming.

Expect The Renaissance.

Become The Renaissance.

quote:

Anonymous finds political support in Rhode Island

quote:

Tuesday evening was a quiet one on Twitter. At least it was, but that was before an elected official in the state of Rhode Island announced that he makes no secret about the fact he supports the idea that is Anonymous.

The Tech Herald reached out to the man who made those comments, Rhode Island State Rep. Dan Gordon, and spoke to him at length about his views and opinions. The call lasted for more than two hours, and extended far beyond the topic of Anonymous.

Gordon is a blue collar guy, and when he’s not serving his constitutes from Rhode Island’s District 71, (Portsmouth, Tiverton, Little Compton), he’s a contractor in the construction industry. This is what he was doing when he fell into politics.

quote:

Anonymous-OS Live CD Based on Ubuntu is Fake

Four days ago someone registered a new project on the SourceForge website, called Anonymous-OS, pretending that they are the famous Anonymous hackers.

Based on Ubuntu 11.10 and powered by the new MATE desktop environment created by the Linux Mint developers, the Anonymous-OS tries to be a Linux distribution packed with hacker tools for "checking the security of web pages".

The website created on tumblr for the Anonymous-OS Live CD project looks completely believable for some, not to mention that the Live CD's artwork and theme are preatty awesome (see more screenshots below).

"The Anon OS is fake it is wrapped in trojans." confirmed the Anonymous group on their Twitter channel.

We are writing this piece of news just to inform the adventurous ones NOT to download this Live CD ISO image and test it, or event worse, install it on their machines!

Download Anonymous-OS 0.1? Hell no, stay away from it! Download Backtrack 5 R2 instead, if you really want to test the security of web sites.

quote:

Vrouw (75) heeft snelste internet ter wereld

De 75-jarige Sigbritt Löthberg uit Karlstad in Zweden is de gelukkige bezitster van de snelste internetverbinding ter wereld.Zij raast met een duizelingwekkende snelheid van 40 gigabit per seconde over het net.

Met deze snelheid kan ze bijvoorbeeld een High Definition DVD-film in twee seconden downloaden. Of 1500 HD tv-kanalen tegelijk kijken.

Sigbritt dankt deze snelle verbinding aan haar zoon Peter Löthberg. Hij is een bekende internetexpert in Zweden. Löthberg experimenteert met nieuwe technieken van data-overdracht via bestaande verbindingen.

De jaloers makende snelheid wordt vooralsnog niet ten volle benut door de krasse bejaarde: zij gebruikt de computer vooral om op haar gemakje digitale kranten online te lezen.

quote:

The corporate titans take on the Internet

The fight over copyright is not a struggle between capital and labour, but one between different factions of capital.

New York, NY - American politics is riven by an increasingly contentious debate over the status of intellectual property, especially copyright. On one side are those who argue that tougher enforcement of IP is desperately needed to protect the rights of creators, promote innovation, preserve jobs, and ensure economic growth. Opposing them are those who argue that the draconian enforcement of intellectual property rights will only curtail free speech and stifle economic activity, while entrenching the profits of a small class of digital-age rentiers.

How we resolve the tension between freedom of knowledge and intellectual property protection will have a profound impact on the kind of society and economy we become. But this debate is not merely a contest of ideologies - it is also a clash between some of the most powerful corporate actors in American politics with the rest of us caught in the middle. This is one important reason that the contending sides in this debate do not line up with the typical partisan or ideological cleavages in US politics, such as Democrat vs Republican, liberal vs conservative, left vs right.

Take, for example, the debate over the Stop Online Piracy Act (SOPA) and its Senate counterpart, the Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act (PIPA). The bills were promoted as necessary responses to copyright infringement, but they would also have imposed serious restrictions on Internet communication.

In order to disrupt the distribution of copyrighted material, such as music, movies, software, or books, copyright holders would have been given the power to cut off the flow of payments to allegedly infringing foreign websites, without ever having to prove their case in court. The government would have been given the power to "blacklist" sites, essentially disappearing them from the American Internet. Sites could be targeted even if they did not provide access to copyrighted material, but only to tools for circumventing these bills' censorship provisions, including tools used to circumvent government censorship in places like China and Iran. And the law would have been open to easy abuse for those who wanted to use the claim of copyright infringement as a cover for censorship, such as governments demanding that YouTube remove videos of police brutality (something Google claims has already occurred).

For those of us accustomed to seeing the copyright lobby get its way in Congress as a matter of course, the resistance to SOPA and PIPA was surprisingly strong and effective. A grassroots campaign was organised by advocacy organisations like the Electronic Frontier Foundation, but major Internet companies also opposed the legislation. On January 18, web sites including Wikipedia and Reddit shut down to register their opposition. A few days later, voting on SOPA was indefinitely postponed, and its lead sponsor announced that it would be re-drafted.

quote:

Activists in Iran and Syria targeted with malicious computer software

In February 2012 we learned that activists in Iran and Syria were targeted with two different types of malicious computer software. We received a copy of each malware, and Jonathan Tomek from ThreatGRID helped with the analysis.

How you get infected

The malicious software is spread as email attachments, and as files sent via Instant Messaging and Skype. The software looks like two completely harmless files; a Microsoft PowerPoint slide show and an image file. The malicious software will silently install itself on your computer when you open one of the files.

Malicious software, such as the two copies we analyzed, is normally designed to gather sensitive information and gain unauthorized access to a computer system. The seemingly harmless PowerPoint slide show turned out to be a keylogger, while the image file was really a backdoor, providing the attacker with full access to the system.

Both the keylogger and the backdoor will transfer data to http://meroo.no-ip.org/, on port 778. This domain name used to point to a server at a government-owned telecommunications company in Syria, but was later updated to point to a Linode server in London, UK. No-IP have since pointed the domain name to an invalid IP address (0.0.0.0).

Most anti-virus software will be able to detect and remove both the keylogger and the backdoor. You may try updating your anti-virus software, running it, and using it to remove the malware if anything pops up. However, the safest course of action is to re-install the operating system on your computer.

The EFF wrote a blog post called How to Find and Protect Yourself Against the Pro-Syrian-Government Malware on Your Computer. In the post, they recommend "that you take steps to protect yourself from being infected by not running any software received through e-mail, not installing software at all except over HTTPS, and not installing software from unfamiliar sources even if recommended by a pop-up ad or a casual recommendation from a friend.".

PowerPoint slide show: keylogger

When you first try to open the PowerPoint slide show, you will get a security warning asking if you really want to allow this file to run. The Name field points to the following executable file: C:\Program Files\Common Files\VMConvert32\wmccds.exe

If you ignore the warning and click Run, a self-extracting rar file will install the malware (the wmccds executable) onto your computer. The PowerPoint slide show will then open and you will see a series of images and some text in Farsi. The malware will not activate until you reboot your computer.

The first time you reboot, the malware will activate and start logging your keystrokes. If you are running Windows 7, you will see the same warning as mentioned above, and you have to click Run before the malware is actually activated. Older versions of Windows will not display this warning when you reboot.

The malware will modify the Windows startup script to ensure that the keylogger is always running when you are using the computer. The keylogger will affect your whole system, and it will even send the contents of your clipboard to the attacker. The Tor Browser Bundle does not protect you if you have a keylogger on your system.

Windows screen saver: backdoor

The Windows screen saver contains a type of malware that is a bit more complex than the one described above. When you run the Windows screen saver, it will start an image program and show you a picture (we saw a picture of a rifle, but that is not always the case). Meanwhile, the malicious software installs a backdoor onto your computer and opens a connection to http://meroo.no-ip.org/, using port 778.

The backdoor (1122333.exe in the Documents and Settings folder), which is similar to the DarkComet Remote Administration Tool, allows the attacker to connect to your computer and do anything that he or she wants, including logging keystrokes and acting as the system administrator. The malware will modify the Windows startup script to ensure that the connection is always open.

quote:

'Mogelijk 100.000 bezoekers Nu.nl besmet met schadelijke software'

Mogelijk 100.000 computers van bezoekers van nieuwssite nu.nl zijn mogelijk besmet geraakt met malware (schadelijke software). De website verspreidde die software gistermiddag ongeveer een uur lang, na een aanval door een hacker.

Volgens de website Security.nl, die zich baseert op cijfers van beveiligingsbedrijf Fox-IT, gaat het om software die nog niet is te verwijderen is door antivirusprogramma's. Er zou wel inmiddels een nieuw pakket van de al bestaande software HitmanPro in aanmaak zijn, waarmee de malware wel wordt gedetecteerd.

Nu.nl advissert haar bezoekers intussen hun computer te controleren op virussen. Volgens de website is er vooral een verhoogd risico voor gebruikers met verouderde versies van Internet Explorer, Flash Player en Adobe Reader. Nu.nl is in de tussentijd weer veilig te gebruiken, aldus een bericht op de website.

quote:

Anonymous’ new timeline of FBI infiltration suggests Antisec may have been an FBI creation

Today, the @YourAnonNews Twitter account theorized that Antisec, which was created just before LulzSec began retreating into Anonymous, was in fact the creation of the FBI.

At the time of Antisec’s inception, there was some chatter within the hacking community that LulzSec created Antisec in order to stage some misdirection—to get authorities looking elsewhere. Almost simultaneously, if memory serves, some observers were even suggesting that government authorities, whether in the US or UK and elsewhere, were bearing down on LulzSec.

YourAnonNews has created a document laying out the timelines of the FBI’s activity with Sabu and the rise of Antisec, and it’s a very enlightening read.

For instance, the first mention of Antisec occurs on June 4, 2011, when The Lulz Boat Twitter feed tweets, “So gather round, this is a new cyber world and we’re starting it together. There will be bigger targets, there will be more ownage. #ANTISEC.” On June 7th, as we know, the FBI paid a visit to Sabu and got him singing arias.

On June 19th, Sabu returns from an extended break and tweets, “Operation Anti-Security:http://pastebin.com/9KyA0E5v - The biggest, unified operation amongst hackers in history. All factions welcome. We are one.” The same day Operation Antisec is announced via Pastebin.

In that statement, we find this paragraph:

. Welcome to Operation Anti-Security (#AntiSec) – we encourage any vessel, large or small, to open fire on any government or agency that crosses their path. We fully endorse the flaunting of the word “AntiSec” on any government website defacement or physical graffiti art. We encourage you to spread the word of AntiSec far and wide, for it will be remembered. To increase efforts, we are now teaming up with the Anonymous collective and all affiliated battleships.

If the FBI is ventriloquizing Sabu (which they were) at this time, then it would seem that the words contained in the Antisec press release are, in fact, evidence of entrapment. That is, the FBI was encouraging hackers and Anonymous supporters to “fire on,” or attack, “any government or agency.”

No, folks. Trust your government to do the right thing.

Read the entire timeline over at Scribd.

quote:

ISPs to Start Throttling Pirates, More by July 12

Numerous ISPs including Verizon, Comcast and Time Warner are about to become copyright cops.

The largest Internet service providers in the nation are gearing up to be copyright cops after all -- within months, at that.

Cary Sherman, CEO of the Recording Industry Association of America, said on Wednesday that ISPs are getting ready to seriously crack down on piracy by July 12. These ISPs include Comcast, Cablevision, Verizon, Time Warner Cable and other bandwidth providers. What they will be looking out for is music, movies and software illegally downloaded by subscribers.

The ISPs originally agreed to adopt policing policies back in July 2011, but nothing else has been said about the anti-piracy movement until Sherman's announcement on Wednesday during a panel discussion at the Association of American Publishers' annual meeting. That's because the ISPs needed a year to get everything up and running, and so far most of the participants are on track for the July 12 launch, he said.

"Each ISP has to develop their infrastructure for automating the system," Sherman said. "[They need this] for establishing the database so they can keep track of repeat infringers, so they know that this is the first notice or the third notice. Every ISP has to do it differently depending on the architecture of its particular network. Some are nearing completion and others are a little further from completion."

The anti-piracy program is called "graduate response," and requires that ISPs send out one or two educational notices to customers accused of downloading copyrighted content illegally. If the downloading still continues after the warnings, a confirmation notice is sent out to the suspected pirate, asking that they confirm receipt of the notice. They're also "educated" on the risks of further piracy.

If that still doesn't work, ISPs can then crank up the heat and go into "mitigation measures" mode. Here ISPs can choose to throttle down the connection speed among other penalties. The ISPs can waive the mitigation measure if they choose, CNET reports. So far there's no indication that customers will be kicked off the Internet entirely, but there's a good chance official announcements will be made in the next few months, providing plenty of details.

quote:

Going after Anonymous for attacks against minister a waste of time, MPs told

OTTAWA - House of Commons technicians went on alert after online threats were made against Public Safety Minister Vic Toews; they even checked to ensure the menacing videos weren't coming from Parliament Hill.

But it's no use trying to track down the culprits responsible, the clerk of the Commons told a committee of MPs on Thursday.

The attacks were "unprecedented" as they came from an unknown group and there may be little to be gained from trying to figure out who is behind them, clerk Audrey O'Brien said.

"I'm not sure that seeking out a culprit as such wouldn't be a giant waste of time, because I think the nature of these attacks is that they are extremely fluid," she said.

The activist collective Anonymous claimed responsibility for a series of videos posted online last month digging into Toews' personal life and promising further attacks if he didn't kill a recently introduced online surveillance bill.

The bill has riled critics who fear it's far too intrusive and has inspired a number of online-campaigns aimed at Toews as a result.

One of those campaigns, a Twitter account that shared details of Toews' divorce, was eventually linked to a Liberal party staffer, who then resigned.

While Toews referred some of the threats against him to the RCMP, he also complained to the Speaker of the House of Commons.

Speaker Andrew Scheer ruled the threats violated Toews' privilege, leaving it up to the committee on House affairs to figure out who was behind them and what to do about it.

The committee wrestled with the issue on Thursday.

"There is no way this committee has the ability to identify the culprit," said NDP Joe Comartin.

"It's going to have to be done by someone else."

It's not impossible to track down members of Anonymous.

Five were charged earlier this month in connection with attacks against government agencies and private companies in U.S., Mexico and Europe, although they were outed by one of their own.

The police need to try and find the culprits in the Toews case too, said Tory MP Laurie Hawn.

"(Anonymous) are like the Taliban, we will never run out of them, they are always going to be there," he said.

"But I think any chance we get to track one down and make an example, we should do that and I hope they are proceeding with that."

O'Brien suggested MPs could issue a formal statement on the problem.

"I think that a statement to that effect would say that you as members of Parliament take what comes with the territory of your job, you're willing to be attack on your political positions, but once the line in the sand is crossed and personal threats are uttered, that's unacceptable," she said.

"I know this would be an obvious statement, but I think that it's important that everybody come together around this fact."

In the meantime, MPs also used the hearing to ask the House of Commons' chief information officer about technology security.

Louis Bard said that when the attacks against Toews first surfaced, monitoring of online threats against Parliament was increased and overall IT security of the Hill is reviewed on a daily basis.

Bard said 70 per cent of the email sent to Parliament Hill never makes it through because it's either spam or improperly addressed.

It's also common for MPs to have their laptops and or their caucus servers infected by viruses or be the subject of an attack, he said, but the attackers have never gone far.

"Never in the last 19 years, we've lost access to our network," Bard said.

Read it on Global News: Global News | Going after Anonymous for attacks against minister a waste of time, MPs told

quote:

The NSA Is Building the Country’s Biggest Spy Center

quote:

Under construction by contractors with top-secret clearances, the blandly named Utah Data Center is being built for the National Security Agency. A project of immense secrecy, it is the final piece in a complex puzzle assembled over the past decade. Its purpose: to intercept, decipher, analyze, and store vast swaths of the world’s communications as they zap down from satellites and zip through the underground and undersea cables of international, foreign, and domestic networks. The heavily fortified $2 billion center should be up and running in September 2013. Flowing through its servers and routers and stored in near-bottomless databases will be all forms of communication, including the complete contents of private emails, cell phone calls, and Google searches, as well as all sorts of personal data trails—parking receipts, travel itineraries, bookstore purchases, and other digital “pocket litter.” It is, in some measure, the realization of the “total information awareness” program created during the first term of the Bush administration—an effort that was killed by Congress in 2003 after it caused an outcry over its potential for invading Americans’ privacy.

quote:

Before yottabytes of data from the deep web and elsewhere can begin piling up inside the servers of the NSAs new center, they must be collected. To better accomplish that, the agency has undergone the largest building boom in its history, including installing secret electronic monitoring rooms in major US telecom facilities. Controlled by the NSA, these highly secured spaces are where the agency taps into the US communications networks, a practice that came to light during the Bush years but was never acknowledged by the agency. The broad outlines of the so-called warrantless-wiretapping program have long been exposedhow the NSA secretly and illegally bypassed the Foreign Intelligence Surveillance Court, which was supposed to oversee and authorize highly targeted domestic eavesdropping; how the program allowed wholesale monitoring of millions of American phone calls and email. In the wake of the programs exposure, Congress passed the FISA Amendments Act of 2008, which largely made the practices legal. Telecoms that had agreed to participate in the illegal activity were granted immunity from prosecution and lawsuits. What wasnt revealed until now, however, was the enormity of this ongoing domestic spying program.

quote:

So the agency had one major ingredienta massive data storage facilityunder way. Meanwhile, across the country in Tennessee, the government was working in utmost secrecy on the other vital element: the most powerful computer the world has ever known.

The plan was launched in 2004 as a modern-day Manhattan Project. Dubbed the High Productivity Computing Systems program, its goal was to advance computer speed a thousandfold, creating a machine that could execute a quadrillion (1015) operations a second, known as a petaflopthe computer equivalent of breaking the land speed record. And as with the Manhattan Project, the venue chosen for the supercomputing program was the town of Oak Ridge in eastern Tennessee, a rural area where sharp ridges give way to low, scattered hills, and the southwestward-flowing Clinch River bends sharply to the southeast. About 25 miles from Knoxville, it is the secret city where uranium- 235 was extracted for the first atomic bomb. A sign near the exit read: what you see here, what you do here, what you hear here, when you leave here, let it stay here. Today, not far from where that sign stood, Oak Ridge is home to the Department of Energys Oak Ridge National Laboratory, and its engaged in a new secret war. But this time, instead of a bomb of almost unimaginable power, the weapon is a computer of almost unimaginable speed.

quote:

A Letter to Anonymous

By Rose Collins (mother of hacktivist Jeremy Hammond)

Hi. Lulz to you. I’m Jeremy’s mom and I have a few questions. Answer them or not, but at least think about it.

1. If you are legion, do you have attorneys among you? If so, please send one to help Jeremy. I certainly don’t blame you for his behavior. He is (theoretically) an adult and knows what he is doing.

2. If you do not forget or forgive, are you in agreement with Jeremy regarding imprisonment of those convicted of crimes? He is against it for several reasons, including rehab futility, slave labor, training people for new crimes, etc. If you do feel the way he does, what will you do if/when you meet up with Sabu? Does he deserve to go to jail? If you would rip him to shreds as I have considered doing myself with my long, sharpened, poisonous, badly manicured fingernails, doesn’t that smack of the same injustices you have railed about for instance, in San Antonio? How would you be able to wear a mask superior to that of the government you detest?

3. Speaking of Sabu and our government, have you considered the possibility that Sabu himself was a victim? I cannot figure out why the feds would out him if he indeed had turned against his comrades and worked with them. It certainly won’t make protecting him any easier for them. I have seen it blamed on FoxNews, but how could they have accessed that information without a little haction on their part? And don’t you consider them liars anyway? Here’s a theory: The feds found a way to become stowaways on the Luhlzboat and got the dirt on LuhlzSec without his knowledge. And when they did arrest him, since he wouldn’t cooperate, they put the word out complete with pictures, just to distract You. In this scenario, you won’t find him because he’s busy making his little kissy-face to the fishes that are eating him piece by piece. Further, if the data stolen from Stratfor was indeed held on a server controlled by the FBI, the data is definitely compromised and therefore useless to the cause of transparency you wish.

Look, I’m a nobody and my mask is smaller than yours, as is my power. Like you, I don’t trust the government as far as I can spit a rat. Some of your shenanigans I approve of, such as the Westboro Baptist church, who gives all Christians a bad name, and the KKK morons who make all white people look like racists. But who decides what is good and bad? The government? OWS? The tea party? Westboro Baptists? You? Who are you to decide that all government secrets must be exposed? Let the wrong information out and we may all have to learn Mandarin soon. Keep working with Farakkhan’s Nation of Islam to end capitalism, and when you win that battle come over to my house and shoot me in the head, because I will never wear a burka. Better yet, free Jeremy and send him. He can even use my Baretta. He got a few luhlz when I told him that, but these people have more faith in their beliefs than I do in mine. No offense intended to Muslims, but there are those who would force their religion on a flailing nation.

My final question/point is this: I watched a video on YouTube saying that those who caused our economy to shatter for their own enrichment must pay. I totally agree! The question is, who are they? I believe (could be wrong) that you and the OWS crowd think it was the Wall Street Fat Cats. I personally believe that while their hands are not clean, they did not cause the housing crisis which was the first domino to fall. Look into history and you will see that Barney Frank and Chris Dodd (probably others too), had much more to do with it. Back in the 70s, these cartoon characters, along with ACORN and other protest professionals forced banks to give loans to people who could not pay it back or be labeled racist organizations. FYI it is no longer a race issue. My brother, who is of the peachy persuasion, also lost his house during the first year or so of the fallout. Here’s the question. How come you buy into one part of the answer, but fail to investigate other possibilities? Could it be that Anonymous is also susceptible to propaganda? I’m sure I have been as well, but I do try to see other views to a question. Can you?

Please don’t come at me bro-nonymous. I’m just trying to understand. More importantly, help my son!

quote:

*Editors note: After receiving the letter from Mrs. Collins via email, she asked me to make several minor edits to the letter of not more than a dozen words, more or less. Otherwise, the letter is unedited.

quote:

‘Russische hacker achter cyberaanval nu.nl’

Het virus dat woensdag op nu.nl stond is daar waarschijnlijk geplaatst door Russische internetcriminelen. Dat meldt de nieuwssite zojuist.

Onderzoekers van IT-beveiligingsbedrijf Fox-it hebben de zaak bestudeerd, zo meldt persbureau Novum. Een van de sporen leidt naar een Rus die sinds 2007 geregeld verantwoordelijk was voor digitale aanvallen. Ook zou hij geen onbekende zijn in de onderwereld. Hij opereert in ondergrondse fora onder de naam Piupiupo. Fox-it ontdekte daarnaast dat de server die is ingezet vaker is gebruikt voor cyberaanvallen.

Mogelijk 100.000 computers geïnfecteerd

De trojan die via de nieuwssite werd verspreid heeft mogelijk honderdduizend computers geïnfecteerd. Volgens Fox-it was het de bedoeling van de hackers dat de kwaadaardige software onderdeel zou worden van een groter netwerk. Het virus werkte echter niet goed.

Nu.nl adviseerde bezoekers eerder al om hun computers te controleren op virussen. Vooral pc’s met verouderde software zouden makkelijk geïnfecteerd kunnen zijn, zo schreef de hoofdredactie van de site online:

. “We adviseren iedereen die op woensdag 14 maart tussen 11.30 en 13.30 uur NU.nl heeft bezocht zijn of haar computer te controleren op de aanwezigheid van een virus.”

quote:

300.000 @AnonOps Followers! Thank you all!

This communication group wants to say THANK YOU for always being there. We are from 7 different countries, and for 2 years we take you the latest Anonymous news. We hope to be doing a good job. Our main goal was and will always be freedom for all people worldwide.

^{Blog Stats: over 15 million page views // Twitter @AnonOps: +300k Followers}

quote:

SOPA’s father gets a not-so-subtle warning

With America’s largest Internet providers only weeks from their next attempt at curbing copyright crimes by way of a coast-to-coast anti-piracy campaign, opponents of online censorship are taking their own message to the streets — literally.

At least 120 supporters have pledged a total of $15,111 by Thursday afternoon, more than enough to fund a billboard that will be erected above an avenue in the State of Texas district that is represented by Lamar Smith, the same lawmaker who introduced the failed Stop Online Piracy Act (SOPA).

Although Representative Smith’s SOPA was killed in Congress, advocates for an open Internet still have concerns over how a partnership between Washington and Hollywood could crush the World Wide Web through other attempts at censorship. Even with SOPA and the Protect IP Act put aside, copyright violations and hacktivism continue to be topic widely debated on Capitol Hill and now the nation’s top ISPs plan to roll-out policies this summer that could cause alleged copyright criminals to have their own Internet privileges wiped away. In order to combat this and other potential ploys that would add government-sanctioned eyes over the Web, activists have successfully raised more than $15,000 to fund a billboard in Rep. Smith’s district, which includes the cities of Austin and San Antonio, Texas.

Co-opting a slogan synonymous with the Lone Star State, “Don’t mess with Texas,” the men behind the message have remixed the rally cry to read something more appropriate — the billboard, the design of which has yet to be settled on, will decry “Don’t mess with the Internet.”

If you’ve followed the fight against online censorship closely over the last few months, you shouldn’t be too surprised to learn that the billboard campaign was created by Alexis Ohanian, co-founder of the popular website Reddit which was instrumental in orchestrating a protest movement earlier this year against SOPA and PIPA. Mashable.com reports that Ohanian came up with the idea just this week while brainstorming with others at a get-together at the South by Southwest conference in Austin.

“(The party) was a chance for all of us who have been talking about protecting the Internet to get together in a more relaxed setting,” Ohanian says. “There’s still plenty of work to be done. Now we can work together to protect our online rights, because nearly all of us in America value our freedom online and, well — we don’t want it messed with.”

Utilizing Crowdtilt, a website that allows an audience to donate funds towards practically any type of project, Ohanian and his associates managed to raise more than enough money to make the billboard scheme a reality in only a matter of days. He adds that even weeks after a massive Internet blackout endorsed by Reddit and Wikipedia earlier this year, he’s “really pleased” by the concern that is still rampant among Internet users skeptical of the government’s next move.

Before tossing in the towel with SOPA, Rep. Smith said, “It is clear that we need to revisit the approach on how best to address the problem of foreign thieves that steal and sell American inventions and products.” After a massive campaign made enough waves to force Washington to reconsider, Ohanian adds that more and more congressman are already siding with the online community advocating against increased censorship.

“There are now many more representatives and senators whose ear we have. The tech community is being asked what we’d like. . .we’re working on an online bill of rights — we’d like to codify the rights we enjoy offline to rights we can enjoy online,” says Ohanian.

Ohanian adds that he will be using suggestions and contributions from the Reddit community to help decide on a final design for the billboard, which was brainstormed with the help of the website’s co-founder, Erik Martin, and Holmes Wilson, co-founder of FightForTheFuture.org.

quote:

The Secret Sharer

quote:

The morning that Al Qaeda attacked the U.S. was, coincidentally, Drake’s first full day of work as a civilian employee at the N.S.A.—an agency that James Bamford, the author of “The Shadow Factory” (2008), calls “the largest, most costly, and most technologically sophisticated spy organization the world has ever known.” Drake, a linguist and a computer expert with a background in military crypto-electronics, had worked for twelve years as an outside contractor at the N.S.A. Under a program code-named Jackpot, he focussed on finding and fixing weaknesses in the agency’s software programs. But, after going through interviews and background checks, he began working full time for Maureen Baginski, the chief of the Signals Intelligence Directorate at the N.S.A., and the agency’s third-highest-ranking official.

quote:

In the late nineties, Binney estimated that there were some two and a half billion phones in the world and one and a half billion I.P. addresses. Approximately twenty terabytes of unique information passed around the world every minute. Binney started assembling a system that could trap and map all of it. “I wanted to graph the world,” Binney said. “People said, ‘You can’t do this—the possibilities are infinite.’ ” But he argued that “at any given point in time the number of atoms in the universe is big, but it’s finite.”

As Binney imagined it, ThinThread would correlate data from financial transactions, travel records, Web searches, G.P.S. equipment, and any other “attributes” that an analyst might find useful in pinpointing “the bad guys.” By 2000, Binney, using fibre optics, had set up a computer network that could chart relationships among people in real time. It also turned the N.S.A.’s data-collection paradigm upside down. Instead of vacuuming up information around the world and then sending it all back to headquarters for analysis, ThinThread processed information as it was collected—discarding useless information on the spot and avoiding the overload problem that plagued centralized systems. Binney says, “The beauty of it is that it was open-ended, so it could keep expanding.”

quote:

In the weeks after the attacks, rumors began circulating inside the N.S.A. that the agency, with the approval of the Bush White House, was violating the Foreign Intelligence Surveillance Act—the 1978 law, known as FISA, that bars domestic surveillance without a warrant. Years later, the rumors were proved correct. In nearly total secrecy, and under pressure from the White House, Hayden sanctioned warrantless domestic surveillance.

quote:

When Binney heard the rumors, he was convinced that the new domestic-surveillance program employed components of ThinThread: a bastardized version, stripped of privacy controls. “It was my brainchild,” he said. “But they removed the protections, the anonymization process. When you remove that, you can target anyone.” He said that although he was not “read in” to the new secret surveillance program, “my people were brought in, and they told me, ‘Can you believe they’re doing this? They’re getting billing records on U.S. citizens! They’re putting pen registers’ ”—logs of dialled phone numbers—“ ‘on everyone in the country!’ ”

quote:

But Susan Landau, a former engineer at Sun Microsystems, and the author of a new book, “Surveillance or Security?,” notes that, in 2003, the government placed equipment capable of copying electronic communications at locations across America. These installations were made, she says, at “switching offices” that not only connect foreign and domestic communications but also handle purely domestic traffic. As a result, she surmises, the U.S. now has the capability to monitor domestic traffic on a huge scale. “Why was it done this way?” she asks. “One can come up with all sorts of nefarious reasons, but one doesn’t want to think that way about our government.”

quote:

In December, 2005, the N.S.A.’s culture of secrecy was breached by a stunning leak. The Times reporters James Risen and Eric Lichtblau revealed that the N.S.A. was running a warrantless wiretapping program inside the United States. The paper’s editors had held onto the scoop for more than a year, weighing the propriety of publishing it. According to Bill Keller, the executive editor of the Times, President Bush pleaded with the paper’s editors to not publish the story; Keller told New York that “the basic message was: You’ll have blood on your hands.” After the paper defied the Administration, Bush called the leak “a shameful act.” At his command, federal agents launched a criminal investigation to identify the paper’s source.

quote:

a successor to Trailblazer, code-named Turbulence

twitter:

AnonymousPress twitterde op maandag 12-03-2012 om 18:19:01 One of our Anon brothers @Anon_Finland has been killed in Afghanistan. Rest in peace... #Anonymous reageer retweet

quote:

http://youranonnews.tumbl(...)er-from-rose-collins

In response to an open letter from Rose Collins, the mother of arrested Anonymous hacktivist Jeremy Hammond, @YourAnonNews issues the following remarks:

First, we do not presume to speak on behalf of the entire Anonymous movement. No one can speak for everyone in Anonymous. However, when we saw the open letter from Jeremy Hammond’s mother linked above, we knew we had to issue a response of some sort. This response encapsulates the personal views of the YourAnonNews team and in no way is meant to be reflective of Anonymous as a whole. Second, Hammond was a true friend and ally in Anonymous—a fellow compatriot at electronic arms, so to say. His fierce convictions and inner strength could be strongly sensed even over nothing but text on a screen. If we can in any way help his mother understand the strongly held convictions of her son and the movement he is involved in, we will do our best. Here goes…

(1) Please Rose, for the sake of all that is good in this world, don’t EVER attempt to speak “Internet” again. Please. Don’t. (We kid, of course. We appreciated the attempt.)

(2) If you do some basic research, you would find that Anonymous has a strong legal network, with close ties to various legal organisations, including the NLG and EFF, as well as various criminal defence law firms. Your son is represented currently by attorney Liz Fink, with the NLG. We suggest that you reach out to the attorney and establish contact, if you have not done so already.

(3) Your son also has a legal defense fund and a dedicated site with constant updates on his legal proceedings. You can learn more about it here: http://freehammond.org/

(4) Some of us here knew Hammond closely online. His arrest is a great loss to us, not only as Anons, but also on a personal level. Your son is an amazing person and has a big heart. We sorely miss his online presence.

(5) We will not presume to know what your family’s personal situation is like, but whatever your political differences may be with your son, it’s probably best to reach out to him at this time. Be there for him. Support him. He believed in what he was doing. Honour that.

(6) What will we do if we meet up with Sabu? We’ll listen to his side of the story. Because we strongly believe that every story has multiple sides and each deserves a fair hearing. Perhaps many in the community were too quick to rush to judgment. Perhaps not. Only time will tell once all of the facts get laid out and properly sorted.

(7) Please get a manicure. And why are your nails poisonous? Just curious. That’s probably not a good thing…

(8) You actually make some interesting points about the feds and Sabu and raise some good questions that all of us should have asked ourselves before we hastily jumped to conclusions. It is interesting that you, out of all of us, are the one to most vocally question the how and why the feds burned Sabu as their informant asset. Thank you for reminding us of the need to remain critical and curious. We strongly encourage all Anons and other individuals to do their own research and analyse mainstream-media disseminated stories before jumping into them head first and making assumptions. We cannot say it enough: Facts, facts, facts. Research, research, research.

(9) How does one “spit a rat”? Wait…don’t answer, we don’t want to know! D:

(10) You ask, who are we to decide that all government secrets must be exposed? You should actually be asking, who are we NOT to demand this? The People have a right to know what is going on within the depths of THEIR government. The government is there to serve us, not politicians’ self interest, corporate profits, or special interest groups. If it fails in its singular goal of preserving liberty and freedom, and instead starts to impinge onto our essential rights, who are we to NOT stand up to it? Who watches the watchmen? WE DO, because frankly, no one else will.

(11) No one’s trying to force you to wear a burqa. How does ending capitalism lead to you wearing a burqa? Lady, we’d love to get inside your head and understand your reasoning.

(12) We’re not a group. Stop thinking of us as such. It seems that your arguments directed at us are actually directed at your son’s political views. Why don’t you take some time to hash them out with him? Or at least try to understand how he conceptualises Anonymous and sees himself in it?

(13) Anonymous actively works toward contradictory aims. What can we say? We’re just a bag of convoluted contradictions. But don’t you see? That is the beauty of the idea and movement. Anonymous has been pro choice and pro life. Anonymous has fought for uncensored Internet and yet conducts vigilante attacks on pedophile websites. Anonymous is comprised of tens of thousands of people from all schools of political thought. And yet, despite all of that, there exists a common fibre that is woven through the social fabric within Anonymous—We care about change and we exist to challenge the status quo. We have a remarkable degree of ability to work together on common causes where they exist because we know that we are working to create a better future not just for ourselves, but for generations to come. We hope you can understand this.

(14) We’re glad that you’re just as mad at the economic situation as us. You actually raise a good point—that perhaps the economic crisis is not any one specific segment’s fault more than another, but rather, a multi-faceted endemic systemic failure of the current capitalistic economy and its supporting structures. Thank you.

(15) We are doing what we can to help your son. And we hope you are as well. Reach out to him. Be there for him. Support him. Stay strong for him. Try to understand him. Try to put his actions in context. Help him. Love him. You can do this better than any of us.

We sincerely hope we provided some sort of insight in answer of your queries. Please feel free to reach out to us or any other Anons should you have additional questions or concerns.

Best,

The YourAnonNews Team

quote:

The CIA wants to spy on you through your TV: Agency director says it will 'transform' surveillance

> Devices connected to internet leak information
> CIA director says these gadgets will 'transform clandestine tradecraft'
> Spies could watch thousands via supercomputers
> People 'bug' their own homes with web-connected devices


When people download a film from Netflix to a flatscreen, or turn on web radio, they could be alerting unwanted watchers to exactly what they are doing and where they are.

Spies will no longer have to plant bugs in your home - the rise of 'connected' gadgets controlled by apps will mean that people 'bug' their own homes, says CIA director David Petraeus.

The CIA claims it will be able to 'read' these devices via the internet - and perhaps even via radio waves from outside the home.

Everything from remote controls to clock radios can now be controlled via apps - and chip company ARM recently unveiled low-powered, cheaper chips which will be used in everything from fridges and ovens to doorbells.

The resultant chorus of 'connected' gadgets will be able to be read like a book - and even remote-controlled, according to CIA CIA Director David Petraeus, according to a recent report by Wired's 'Danger Room' blog.

Petraeus says that web-connected gadgets will 'transform' the art of spying - allowing spies to monitor people automatically without planting bugs, breaking and entering or even donning a tuxedo to infiltrate a dinner party.

'Transformational’ is an overused word, but I do believe it properly applies to these technologies,' said Petraeus.

'Particularly to their effect on clandestine tradecraft. Items of interest will be located, identified, monitored, and remotely controlled through technologies such as radio-frequency identification, sensor networks, tiny embedded servers, and energy harvesters - all connected to the next-generation internet using abundant, low-cost, and high-power computing.'

Petraeus was speaking to a venture capital firm about new technologies which aim to add processors and web connections to previously 'dumb' home appliances such as fridges, ovens and lighting systems.

This week, one of the world's biggest chip companies, ARM, has unveiled a new processor built to work inside 'connected' white goods.

The ARM chips are smaller, lower-powered and far cheaper than previous processors - and designed to add the internet to almost every kind of electrical appliance.

It's a concept described as the 'internet of things'.

Futurists think that one day 'connected' devices will tell the internet where they are and what they are doing at all times - and will be mapped by computers as precisely as Google Maps charts the physical landscape now.

Privacy groups such as the Electronic Frontier Foundation have warned of how information such as geolocation data can be misused - but as more and more devices connect, it's clear that opportunities for surveillance will multiply.

Read more: http://www.dailymail.co.u(...)e.html#ixzz1pNO5K1Jg

quote:

Which VPN Providers Really Take Anonymity Seriously?

Last month it became apparent that not all VPN providers live up to their marketing after an alleged member of Lulzsec was tracked down after using a supposedly anonymous service from HideMyAss. We wanted to know which VPN providers take privacy extremely seriously so we asked many of the leading providers two very straightforward questions. Their responses will be of interest to anyone concerned with anonymity issues.

As detailed in yesterday’s article, if a VPN provider carries logs of their users’ activities the chances of them being able to live up to their claim of offering an anonymous service begins to decrease rapidly.

There are dozens of VPN providers, many of which carry marketing on their web pages which suggests that the anonymity of their subscribers is a top priority. But is it really? Do their privacy policies stand up to scrutiny? We decided to find out.

Over the past two weeks TorrentFreak contacted some of the leading, most-advertised, and most talked about VPN providers in the file-sharing and anonymity space. Rather than trying to decipher what their often-confusing marketing lingo really means, we asked them two direct questions instead:

1. Do you keep ANY logs which would allow you or a 3rd party to match an IP address and a time stamp to a user of your service? If so, exactly what information do you hold?

2. Under what jurisdictions does your company operate and under what exact circumstances will you share the information you hold with a 3rd party?

This article does not attempt to consider the actual quality of service offered by any listed provider, nor does it consider whether any service is good value for money. All we are interested in is this: Do they live up to claims that they provide a 100% anonymous service? So here we go, VPN providers in the file-sharing space first.

quote:

#InfoSec: How The NSA Intends to Eliminate Privacy on Earth

quote:

1 Geostationary satellites

Four satellites positioned around the globe monitor frequencies carrying everything from walkie-talkies and cell phones in Libya to radar systems in North Korea. Onboard software acts as the first filter in the collection process, targeting only key regions, countries, cities, and phone numbers or email.

2 Aerospace Data Facility, Buckley Air Force Base, Colorado

Intelligence collected from the geostationary satellites, as well as signals from other spacecraft and overseas listening posts, is relayed to this facility outside Denver. About 850 NSA employees track the satellites, transmit target information, and download the intelligence haul.

3 NSA Georgia, Fort Gordon, Augusta, Georgia

Focuses on intercepts from Europe, the Middle East, and North Africa. Codenamed Sweet Tea, the facility has been massively expanded and now consists of a 604,000-square-foot operations building for up to 4,000 intercept operators, analysts, and other specialists.

4 NSA Texas, Lackland Air Force Base, San Antonio

Focuses on intercepts from Latin America and, since 9/11, the Middle East and Europe. Some 2,000 workers staff the operation. The NSA recently completed a $100 million renovation on a mega-data center here—a backup storage facility for the Utah Data Center.

5 NSA Hawaii, Oahu

Focuses on intercepts from Asia. Built to house an aircraft assembly plant during World War II, the 250,000-square-foot bunker is nicknamed the Hole. Like the other NSA operations centers, it has since been expanded: Its 2,700 employees now do their work aboveground from a new 234,000-square-foot facility.

6 Domestic listening posts

The NSA has long been free to eavesdrop on international satellite communications. But after 9/11, it installed taps in US telecom “switches,” gaining access to domestic traffic. An ex-NSA official says there are 10 to 20 such installations.

7 Overseas listening posts

According to a knowledgeable intelligence source, the NSA has installed taps on at least a dozen of the major overseas communications links, each capable of eavesdropping on information passing by at a high data rate.

8 Utah Data Center, Bluffdale, Utah

At a million square feet, this $2 billion digital storage facility outside Salt Lake City will be the centerpiece of the NSA’s cloud-based data strategy and essential in its plans for decrypting previously uncrackable documents.

9 Multiprogram Research Facility, Oak Ridge, Tennessee

Some 300 scientists and computer engineers with top security clearance toil away here, building the world’s fastest supercomputers and working on cryptanalytic applications and other secret projects.

10 NSA headquarters, Fort Meade, Maryland

Analysts here will access material stored at Bluffdale to prepare reports and recommendations that are sent to policymakers. To handle the increased data load, the NSA is also building an $896 million supercomputer center here.

quote:

We were down a few hours earlier today. There's no need to worry, we haven't been raided this time. We're only upgrading stuff since we're still growing.

One of the technical things we always optimize is where to put our front machines. They are the ones that re-direct your traffic to a secret location. We have now decided to try to build something extraordinary.

With the development of GPS controlled drones, far-reaching cheap radio equipment and tiny new computers like the Raspberry Pi, we're going to experiment with sending out some small drones that will float some kilometers up in the air. This way our machines will have to be shut down with aeroplanes in order to shut down the system. A real act of war.

We're just starting so we haven't figured everything out yet. But we can't limit ourselves to hosting things just on land anymore. These Low Orbit Server Stations (LOSS) are just the first attempt. With modern radio transmitters we can get over 100Mbps per node up to 50km away. For the proxy system we're building, that's more than enough.

But when time comes we will host in all parts of the galaxy, being true to our slogan of being the galaxy's most resilient system. And all of the parts we'll use to build that system on will be downloadable.

quote:

Rogers’ “Cybersecurity” Bill Is Broad Enough to Use Against WikiLeaks and The Pirate Bay

Congress is doing it again: they’re proposing overbroad regulations that could have dire consequences for our Internet ecology. The Cyber Intelligence Sharing and Protection Act of 2011 (H.R. 3523), introduced by Rep. Mike Rogers and Rep. Dutch Ruppersberger, allows companies or the government1 free rein to bypass existing laws in order to monitor communications, filter content, or potentially even shut down access to online services for “cybersecurity purposes.” Companies are encouraged to share data with the government and with one another, and the government can share data in return. The idea is to facilitate detection of and defense against a serious cyber threat, but the definitions in the bill go well beyond that. The language is so broad it could be used as a blunt instrument to attack websites like The Pirate Bay or WikiLeaks. Join EFF in calling on Congress to stop the Rogers’ cybersecurity bill.

Under the proposed legislation, a company that protects itself or other companies against “cybersecurity threats” can “use cybersecurity systems to identify and obtain cyber threat information to protect the rights and property” of the company under threat. But because “us[ing] cybersecurity systems” is incredibly vague, it could be interpreted to mean monitoring email, filtering content, or even blocking access to sites. A company acting on a “cybersecurity threat” would be able to bypass all existing laws, including laws prohibiting telcos from routinely monitoring communications, so long as it acted in “good faith.”

The broad language around what constitutes a cybersecurity threat leaves the door wide open for abuse. For example, the bill defines “cyber threat intelligence” and “cybersecurity purpose” to include “theft or misappropriation of private or government information, intellectual property, or personally identifiable information.”

Yes, intellectual property. It’s a little piece of SOPA wrapped up in a bill that’s supposedly designed to facilitate detection of and defense against cybersecurity threats. The language is so vague that an ISP could use it to monitor communications of subscribers for potential infringement of intellectual property. An ISP could even interpret this bill as allowing them to block accounts believed to be infringing, block access to websites like The Pirate Bay believed to carry infringing content, or take other measures provided they claimed it was motivated by cybersecurity concerns.

The language of “theft or misappropriation of private or government information” is equally concerning. Regardless of the intent of this language, the end result is that the government and Internet companies could use this language to block sites like WikiLeaks and NewYorkTimes.com, both of which have published classified information. Online publishers like WikiLeaks are currently afforded protection under the First Amendment; receiving and publishing classified documents from a whistleblower is a common journalistic practice. While there’s uncertainty about whether the Espionage Act could be brought to bear against WikiLeaks, it is difficult to imagine a situation where the Espionage Act would apply to WikiLeaks without equally applying to the New York Times, the Washington Post, and in fact everyone who reads about the cablegate releases. But under Rogers' cybersecurity proposal, the government would have new, powerful tools to go after WikiLeaks. By claiming that WikiLeaks constituted “cyber threat intelligence” (aka “theft or misappropriation of private or government information”), the government may be empowering itself and other companies to monitor and block the site. This means that the previous tactics used to silence WikiLeaks—including a financial blockade and shutting down their accounts with online service providers—could be supplemented by very direct means. The government could proclaim that WikiLeaks constitutes a cybersecurity threat and have new, broad powers to filter and block communication with the journalistic website.

Congress is intent on passing cybersecurity legislation this year, and there are multiple proposals in the House and the Senate under debate. But none is as poorly drafted and dangerously vague as the Rogers bill. We need to stop this bill in its tracks, before it can advance in the House and before the authors can negotiate to place this overbroad language into other cybersecurity proposals.

Internet security is a serious problem that needs to be addressed. But we don’t need to sacrifice our civil liberties to do so. Help us safeguard the web by contacting Congress today.

quote:

Syrian activists targeted by fake YouTube

Spoof site can plant malware on PCs of people who leave comments on videos, pressure group warns

Syrian activists are being targeted by a fake version of Google's YouTube video site which plants malware on the PCs of people who leave comments on videos shown there, the Electronic Frontier Foundation has warned.

The EFF, a pressure group for free speech online, said that the site has been used to target people watching videos showing the conflict inside Syria, and that it may have captured the login details for Google accounts belonging to activists inside or outside the country. It also warns that the site offers a fake "update" to the Flash software used on most PCs to view video content.

The discovery ratchets up the online attacks against Syrian anti-government activists, who have been increasingly targeted by malware which is capable of capturing webcam details, turning off antivirus programs and capturing passwords.

The organisation warned last week that it had found two cases of pro-Syrian government malware – which can take over a machine or silently watch everything that the user types – being sent as web links in emails and chat.

It found that that malware sent back details to an internet address, 216.6.0.28, which has been assigned to the Syrian Telecommunications Establishment – indicating that unlike the vast majority of malware, which is used by criminals to download bank or other details and controlled via machines on the wider web, this one connects back to an official address inside Syria. That makes it likely that it is controlled by agencies acting for the Syrian government. The online security company Symantec detailed the effects of the malware in February.

The EFF warns people who have recently viewed such videos that they should check the security of their Google account, including the enabling of "two-factor authentication" – which requires special login details and will send a warning to the user's phone if the account is accessed from a different machine than the one which they normally use.

The fake YouTube uses the same layout as the official one, with Arabic script as Syrian users would expect.

YouTube has become an important channel for Syrian activists trying to get news about attacks by the government on citizens and locations out to the rest of the world. Videos uploaded to the site have revealed detail about the effects of shelling on cities and the killing of citizens. By targeting those who watch such videos, pro-government activists might be able to build up information about the networks and members of activist groups.

In a statement, the EFF noted that "EFF is deeply concerned about this pattern of pro-government malware targeting online activists in authoritarian regimes. We will continue to keep a close eye on future developments in this area."

quote:

Doc outrage: Anonymous 'behind' web-siege on Russian TV channel

The Russian faction of Anonymous has claimed responsibility for a cyber-attack on a Russian TV station's website. The outage follows a controversial documentary about Russian protestors produced by NTV.

One of Russia's major TV channels, NTV says its website was down for eleven hours Monday after DDoS attacks 'claimed by Anonymous.'

The site was under continuous threat of serious hacker attacks since last Friday, after the network showed a controversial documentary on the Russian opposition's protests that sparked a wave of outrage.

Anonymous admitted it was behind the cyber attack on March 16. “ntv.ru Tango down!” one member of Russian Anonymous posted to their twitter account.

“Protests Anatomy,” the documentary which sparked the attacks, was first aired last Thursday. Focusing on protests that have been taking place in Moscow ever since the 2011 parliamentary election, NTV speculated about whether protestors were paid from outsideof the country.

The documentary features a number of 'exposing videos' which are said to prove that many protestors were taking part in opposition mass-rallies for money. The reaction was explosive – shortly after the broadcast, a hashtag in Russian – #НТВлжет (#NTVlies) – made it to the top of worldwide trends on Twitter. Many were quick to label the program as outright propaganda, accusing NTV of fabrications and disinformation.

On Sunday, people angry at the channel gathered outside Moscow’s main TV center, which headquarters NTV, for an unsanctioned protest. Dozens were detained, but were released shortly after.

Gazprom-Media Holding, the owner of the channel, has slammed the hackers' attacks: "NTV is an informational and publicist channel that covers all aspects of societal life, and presents a palette of opinions and moods. Programs broadcasted are a matter of discussions of issues of the day. I believe the attacks violate democratic mechanisms and freedom of speech," said Nikolay Senkevich, general director of Gazprom Media.

quote:

Obama zet zich in voor vrij internet in Iran

Obama wil zich sterker inzetten voor het vrije internet in Iran. De Amerikaanse president beschuldigt Iran ervan een ‘elektronisch gordijn’ te hebben opgetrokken. Burgers hebben er geen toegang tot vrije informatie, zegt de president.

De Verenigde Staten zullen het makkelijker gaan maken voor Amerikaanse bedrijven om software Iran in te krijgen. Met die software moeten Iraniërs makkelijker van internet gebruik kunnen maken, zei Obama vandaag volgens persbureau Reuters in een videobericht aan het Iraanse volk.

Obama meent dat Iran een ‘elektronisch gordijn’ heeft opgetrokken om een vrije uitwisseling van ideeën en informatie tegen te houden. Hij roept de Iraanse regering op te stoppen met het blokkeren van informatie voor burgers, en voor het respecteren van hun universele rechten.

Tegelijkertijd gaf Obama aan dat er geen reden is voor een verdeling tussen de Verenigde Staten en Iran. Obama zei dat hij wil dat Iraniërs weten dat Amerika de dialoog zoekt om hun visie en wensen te horen. De president gaf de videotoespraak ter gelegenheid van het Iraanse nieuwjaar.

De opmerkingen van Obama komen tijdens verhoogde spanningen tussen Iran en de VS rond het nucleaire programma van Iran. Obama zei dat als Iraanse regering een “verantwoordelijk pad” volgt, het welkom is in de internationale gemeenschap terug te keren. Iran houdt vol dat het nucleaire programma vreedzaam van aard is en dat het niet bezig is kernwapens te ontwikkelen.

quote:

Judge Lifts Twitter Ban On "Anonymous" 14

MARCH 19--Over objections from the Department of Justice, a judge has lifted a Twitter ban on 14 accused members of “Anonymous” now under indictment for their alleged roles in a coordinated online assault against PayPal, an attack prosecutors contend was carried out via the social networking site.

Ruling on motions filed by several defendants, Magistrate Judge Paul Grewal stated that since government lawyers did not sufficiently link “allegedly criminal activities to use of a Twitter account,” the defendants were free to use the microblogging service. Grewal’s order was filed Friday in U.S. District Court in San Jose, California.

In a January court filing, defendant Vincent Kershaw argued that bail conditions barring his use of Twitter unduly burdened his First Amendment right to engage in political discourse. Kershaw, 28, contended that the Twitter ban prohibited him from “even perusing such critical communications from our own President or engaging in the Twitter Town Halls in any manner.”

In opposing Kershaw’s motion, a prosecutor described Twitter as one of the “principle tools through which the members of the Anonymous hacking group planned and coordinated their criminal activities.”

Kershaw, pictured in the above mug shot, also sought permission to use Internet Relay Chat so that he could participate in “political debate” and “political speech” in IRC chat rooms. That motion was denied by Grewal, who ruled that Kershaw and his codefendants are allowed “substantial internet use for purposes that include political discourse.”

Kershaw, a Colorado landscaper, and his codefendants were charged last July with conspiracy and intentional damage to a protected computer for allegedly participating in an “Anonymous”-organized denial of service attack on PayPal. The felony counts carry a combined maximum of 15 years in prison and a $500,000 fine.

The December 2010 online assault--dubbed “Operation Avenge Assange”--was prompted by the suspension of WikiLeaks’s PayPal account in the wake of the publication of classified Department of State cables by the group headed by Julian Assange. (3 pages)

twitter:

AnonOpsRomania twitterde op dinsdag 20-03-2012 om 22:05:57 Dutch biggest ISP's website Ziggo.nl Database leaked http://t.co/g2UjuI4O VIA @anonyINTRA #Anonymous #AntiSec reageer retweet

quote:

http://pastebin.com/Qpa4MMMU
#author:
AnonyINTRA
AnonbiH

#Target:
Ziggo.nl

-----------------------------------------------------------------------------------------------
Ya, as some proof some few costumers information.

quote:

Op woensdag 21 maart 2012 14:41 schreef picodealion het volgende:

[..]

Virusmelding op die pastebin link.

quote:

NSA Chief Denies, Denies, Denies Wired’s Domestic Spying Story

NSA chief General Keith Alexander faced tough — and funny — questions from Congress Tuesday stemming from Wired’s story on the NSA’s capabalities and warrantless wiretapping program.

Congressman Hank Johnson, a Georgia Democrat, asked Alexander whether the NSA could, at the direction of Dick Cheney, identify people who sent e-mails making fun of his inability to hunt in order to waterboard them.

Alexander said “No,” adding that the “NSA does not have the ability to do that in the United States.” Elaborating, Alexander added: “We don’t have the technical insights in the United States. In other words, you have to have [...] some way of doing that either by going to a service provider with a warrant or you have to be collecting in that area. We’re not authorized to do that, nor do we have the equipment in the United States to collect that kind of information.”

That statement seemingly contradicts James Bamford’s story, The NSA Is Building the Country’s Biggest Spy Center (Watch What You Say), as well as stories from The New York Times, the Los Angeles Times, USA Today and Wired, which collectively drew a picture of the NSA’s post-9/11 foray into wiretapping the nation’s telecommunication’s infrastructure to spy on Americans without getting warrants.

Bamford writes:

. In the process — and for the first time since Watergate and the other scandals of the Nixon administration — the NSA has turned its surveillance apparatus on the US and its citizens. It has established listening posts throughout the nation to collect and sift through billions of email messages and phone calls, whether they originate within the country or overseas. It has created a supercomputer of almost unimaginable speed to look for patterns and unscramble codes. Finally, the agency has begun building a place to store all the trillions of words and thoughts and whispers captured in its electronic net. And, of course, it’s all being done in secret. To those on the inside, the old adage that NSA stands for Never Say Anything applies more than ever.

But in testimony Tuesday in front of the House Armed Services subcommittee on Emerging Threats and Capabilities, Alexander responded to questions about the program, saying the NSA did not have the capability to monitor, inside the United States, Americans’ text messages, phone calls and e-mails. He added that if the NSA were to target an American, the FBI would take the lead and fill out the paperwork. (That’s an odd statement, since the process for targeting an American by the intelligence services is for the NSA to fill out the paperwork, submit it to the Justice Department and then send it to a secret court, according to statements by former Director of National Intelligence Michael McConnell.)

Alexander and Johnson both mispronounced Bamford’s name as Bashford (a Freudian slip). But it’s an odder mistake by Alexander, given that Bamford is the premier chronicler of the NSA.

It’s hard to tell here whether Alexander is parsing the questions closely, misspeaking or telling the truth. The heads of the intelligence service have a long tradition of misspeaking or telling untruths that advance their agenda. President George Bush himself on the re-election campaign trail said that no American had been wiretapped without a warrant, which was plainly false, according to numerous news stories and the government’s own admissions of the program.

In the aftermath of those half-truths, the Congress passed, and Bush signed into law, the FISA Amendments Act, which re-wrote the nation’s surveillance laws to give the NSA a much freer hand to wiretap American infrastructure wholesale.

Court challenges to the program, brought by the EFF and the ACLU, attempted to argue that even allowing the NSA to harvest Americans’ communications alongside foreigners into giant databases violated American law and the US Constitution. However, those challenges have never survived the Bush and Obama administration’s invocation of the “state secrets” privilege to have them thrown out of court.

Which is another way of saying that Americans have no idea what’s going on. Given the choice between an administration official saying nothing is going on and a respected reporter with inside sources saying something wicked this way comes, I know where my trust would lie.

Hank asks NSA director tough questions about wiretaps, e-mail intercepts

quote:

DHS Turns Over Occupy Wall Street Documents to Truthout

quote:

The Department of Homeland Security (DHS) closely monitored the Occupy Wall Street movement, providing agency officials with regular updates about protests taking place throughout the country, responding to requests from fusion centers for intelligence on the group and mining Twitter for information about Occupy's activities, according to hundreds of pages of documents DHS released to Truthout Wednesday morning in response to our Freedom of Information Act (FOIA) request.

quote:

http://truth-out.org/file(...)elease_OWS_Part1.pdf

I left both of you voice mail messages in which I described this issue in greater detail.
There is attached to this email a threat bulletin being disseminated by the Office of Emergency Management in Pittsburgh in which it discusses the threat posed by the Occupy Pittsburgh campaign and the hackers’ group: Anonymous. Both myself and (IO deployed to the PACIC Center in Harrisburg) are somewhat concerned that several items contained in this Intel Bulletin might be advocating surveillance and other countermeasures to be employed against activities protected under the 1st Amendment. Would either one or both of you be able to see what could be developed from this document that could take back to the Intel staff that produced this so that in the future they have a greater awareness of how to develop intelligence assessments that don’t undermine Constitutionally protected speech and assembly rights? Thanks in advanced, really appreciate all your help.

quote:

Documents Show Homeland Security Was Tracking Occupy Wall Street Even Before The First Protest

The Department of Homeland Security has been tracking the Occupy Wall Street movement since well before protesters first took Zuccotti Park last September, according to internal DHS memos obtained by Business Insider through a Freedom of Information Act Request.

The documents show that DHS alerted its agents to the Wall Street protests — and specifically the involvement of the hacker group Anonymous in organizing the protests — sometime before the Sept. 17 kickoff of the protests in downtown Manhattan.

In an undated memo, titled "Details On 'Anonymous' Upcoming Operations: 17 September 2011: Occupy Wall Street; U.S. Day of Rage," the DHS Office of Intelligence notes that the hacker group had came out in support of the planned Sept. 17 Wall Street protests. The memo provides details of a YouTube video released by Anonymous that called on protesters "to adopt a non-violent 'Tahrir-acampadas model,'" and to "flood into lower Manhattan, set up tents, kitchens, peaceful barricades and occupy Wall Street for a few months."

The memo warns that AdBusters, the original organizers of the OWS protests, had also planned a demonstration on the National Mall to coincide with the 10th anniversary of the invasion of Iraq in October 2011.

Another DHS Intelligence memo provides further warnings about the impact and likelihood of upcoming Anonymous Operations.

According to that memo, DHS cybersecurity analysts considered it "likely" that that peaceful OWS protests would occur on Sept. 17, and that "those protests may be accompanied by malicious cyber activity conducted by Anonymous."

The memo says analysts considered it unlikely that Anonymous would follow through with threats to launch a coordinated attack against Facebook on Nov. 5 2011.

On Anonymous's "Project Mayhem," — a year-long effort that will end with an "unveiling of secrets" on Dec. 21 2012 — the DHS warns that "inconsequential physical mischief and potentially disruptive malicious cyber activities" are expected, but "specific tactics, techniques, and procedures are unknown."

The memo also mentions an "Operation Halliburton" but says that "little is known" about the potential operation, which presumably targets the U.S. oilfield services giant.

Two other memos obtained by BI warn about Anonymous' threats to take down the New York Stock Exchange and to hack Fox News' website over the network's coverage of the OWS movement.

The documents were released to Business Insider today in response to a FOIA request we filed when reports first started circulating that DHS helped coordinate the nationwide OWS crackdown last November.

Although we have only made it through some of the 408 documents, what we've seen so far indicates that while the agency reluctant to get involved in the Occupy protests (at least initially), Homeland Security was definitely keeping tabs on the movement from the outset.

Read the memos below.

Read more: http://www.businessinside(...)2012-3#ixzz1pmgAeMeE

quote:

Brein wil omzeilen van verbod Pirate Bay aanpakken

Stichting Brein sommeert mensen die het klanten van Ziggo en Xs4all via een omweg het mogelijk maken om toch op The Pirate Bay te komen om hier onmiddellijk mee te stoppen.

Enkele Nederlandse beheerders van zogeheten proxyservers hebben een brief gekregen van de auteursrechtenorganisatie. Dat meldt de website Tweakers.net.

Ziggo en XS4ALL blokkeerden onlangs al de toegang tot torrentsite The Pirate bay, nadat de rechtbank in Den Haag ze daar toe had verplicht in een door Brein aangespannen zaak. Abonnees zouden muziek, films of games uitwisselen via The Pirate Bay en daarmee inbreuk maken op auteursrechten.

Volgens Brein-directeur Tim Kuik bieden de beheerders van proxyservers opzettelijk omzeiling van een rechterlijk verbod aan. “Als zij niet voldoen houden wij ze aansprakelijk voor schade”, zegt hij aan Tweakers.net. Onduidelijk is hoeveel mensen een beschikking en een sommatie hebben gekregen.

Brein daagde vorige maand internetproviders UPC, KPN, Tele2 en T-Mobile voor de rechter in een poging ook deze bedrijven ertoe te bewegen de website The Pirate Bay te blokkeren. De zaak dient 19 april.

quote:

T E L E C O M I X opsyria has established a secure dropbox

quote:

#opsyria has established a secure dropbox, administrated by LulzPanda, where you can put informations and files to publish without fear of being identified.

quote:

Exposed: Inside the NSA’s Largest and Most Expansive Secret Domestic Spy Center in Bluffdale, Utah

A new exposé in Wired Magazine reveals details about how the National Security Agency is quietly building the largest spy center in the country in Bluffdale, Utah, as part of a secret NSA surveillance program codenamed "Stellar Wind." We speak with investigative reporter James Bamford, who says the NSA has established listening posts throughout the nation to collect and sift through billions of email messages and phone calls, whether they originate within the country or overseas. The Utah spy center will contain near-bottomless databases to store all forms of communication collected by the agency. This includes the complete contents of private emails, cell phone calls and Google searches, as well as all sorts of personal data trails — parking receipts, travel itineraries, bookstore purchases and other digital "pocket litter." "The NSA has constantly denied that they’re doing things, and then it turns out they are doing these things," Bamford says in response to NSA Director General Keith Alexander’s denial yesterday that U.S. citizens’ phone calls and emails are being intercepted. "A few years ago, President Bush said before camera that the United States is not eavesdropping on anybody without a warrant, and then it turns out that we had this exposure to all the warrantless eavesdropping in the New York Times article. And so, you have this constant denial and parsing of words." [includes rush transcript]

quote:

Sarkozy wil bezoek terroristische sites bestraffen – ‘campagne weer begonnen’

Sarkozy wil het bezoeken van terroristische websites en het reizen naar terroristische kampen in Afghanistan en Pakistan strafbaar stellen. Daarnaast wil hij strafrechtelijke maatregelen tegen “indoctrinatie” van islamisten, zei hij vanmiddag in een verklaring na de dood van de Franse schutter.

Sarkozy reageerde vanmiddag in een verklaring op het nieuws dat de schutter die zeven mensen in Frankrijk heeft vermoord, vanochtend gedood is bij een hevig vuurgevecht.

De Franse president zei dat Frankrijk het bezoeken van websites die oproepen tot terrorisme, haat of geweld strafbaar gaat maken. “Frankrijk zal geen rekrutering en ideologische indoctrinatie op zijn grondgebied tolereren”, zei Sarkozy. Daarnaast wil hij onderzoeken of gevangenissen gebruikt worden om extremisme in Frankrijk te propaganderen.

quote:

Anonymous Hacks Christian Websites In Mexico: “POPE is not welcome, out out!!!!!”

Anonymous Hispano, the Mexican branch of the online hacktivist collective based in Latin America lay siege to two Mexican websites on Tue, March 20 in protest of Pope Benedict XVI's upcoming visit in an cyber-operation referred to as #opFariseo (hypocrite) on Twitter. The hackers succeeded in temporarily knocking the websites offline and defacing them with their own message: "Hacked system. The POPE is not welcome, out out!!!!!"

Both hacked websites were linked to the Pope's planned visit to the country this Friday through Monday, before the religious leader continues his tour in Cuba. The website of the Achdiocese of Mexico was down for several hours on Tue. March 20 as was the website of the Institute of Communications and Philosophy (Comfil), which is usually devoted to teaching philosophy.

On their Facebook page, Anonymous Hispano confirmed that the websites were "hacked for supporting Benedict XVI). In a corresponding YouTube video the hacktivists claimed that the Pope's visit was connected to political campaigning for the upcoming Mexican presidential elections on July 1, and is an effort to throw the Catholic Church's support behind the current ruling party and to "keep the population shrouded in lies."

They also argue that the Pope's visit will not include any chances to witness the country's intense poverty and violence. Instead he will only see "a country of lies and facades where everything will apparently be wonderful."

In an explanatory message on Pastebin in Spanish, Anonymous Hispano posted a manifesto of sorts, titling the cyber-attack "Operation Freeloader," in a reference to the Pope. The message goes on to state that the collective believes Mexico should be a secular nation, and described the alliance of church and state in Mexico as an "irrefutable fact." (Read the full translated message below).

Anonymous has conducted operations in Mexico before, targeting the notorious drug cartels in the past when members of the hacktivist collective were held captive by the Mexican warlords.

quote:

TERRORIST Facebook pages leaked from CIA.

quote:

Source: Roger Landry WTPNetwork™(312-94876)
Updated List (3/17/12) These groups, pages and websites will be added to the terrorists watch list pending investigation.

quote:

List of Partner Forums

A Free and Voluntary Society
"Action Group to Uphold the Constitution"
Anarcho-Capitalism
Columbia Missouri for Ron Paul 2012
End the War on Drugs
Growing Organic, Eating Organic

quote:

Shopping For Zero-Days: A Price List For Hackers' Secret Software Exploits

A clever hacker today has to make tough choices. Find a previously unknown method for dismantling the defenses of a device like an iPhone or iPad, for instance, and you can report it to Apple and present it at a security conference to win fame and lucrative consulting gigs. Share it with HP’s Zero Day Initiative instead and earn as much as $10,000 for helping the firm shore up its security gear. Both options also allow Apple to fix its bugs and make the hundreds of millions of iPhone and iPad users more secure.

But any hacker who happens to know one Bangkok-based security researcher who goes by the handle “the Grugq”–or someone like him–has a third option: arrange a deal through the pseudonymous exploit broker to hand the exploit information over to a government agency, don’t ask too many questions, and get paid a quarter of a million dollars–minus the Grugq’s 15% commission.

That iOS exploit price represents just one of the dozens of deals the Grugq (pictured above) has arranged in his year-old side career as a middle man for so-called “zero-day” exploits, hacking techniques that take advantage of secret vulnerabilities in software. Since he began hooking up his hacker friends with contacts in government a year ago, the Grugq says he’s on track to earn a million in revenue this year. He arranged the iOS deal last month, for instance, between a developer and a U.S. government contractor. In that case, as with all of his exploit sales, he won’t offer any other details about the buyer or the seller.

Even with the $250,000 payout he elicited for that deal, he wonders if he could have gotten more. “I think I lowballed it,” he wrote to me at one point in the dealmaking process. “The client was too happy.”

A six-figure price for a single hacking technique may sound extravagant, but it’s hardly unique. Based on speaking with sources in this secretive but legal trade, I’ve assembled a rough price list for zero-day exploits below.



Each price assumes an exclusive sale, the most modern version of the software, and, of course, not alerting the software’s vendor. Some fees might even be paid in installments, with each subsequent payment depending on the vendor not patching the security vulnerabilities used by the exploit. In some cases the techniques would need to be used in combination to be effective.

An exploit’s price factors in both how widely the target software is used as well as the difficulty of cracking it. A technique that allows a hacker to gain control of a Mac OSX machine after hacking an application might earn only a fraction of one that targets Windows, for instance, because of Windows’ greater market share. But an iOS exploit pays more than one that targets Android devices partly because it requires defeating Apple’s significantly tougher security features. That means most agencies can simply develop their own Android attacks, the Grugq says, while ones that can penetrate the iPhone are rare and pricey. For the Jailbreakme 3 iOS exploit created by the hacker Comex last year, the Grugq says he heard agencies would have been eager to pay $250,000 for exclusive use of the attack.

Who’s paying these prices? Western governments, and specifically the U.S., says the Grugq, who himself is a native of South Africa. He limits his sales to the American and European agencies and contractors not merely out of ethical concerns, but also because they pay more. “Selling a bug to the Russian mafia guarantees it will be dead in no time, and they pay very little money,” he says, explaining that he has no contacts in the Russian government. ”Russia is flooded with criminals. They monetize exploits in the most brutal and mediocre way possible, and they cheat each other heavily.”

As for China, he says that the country has too many hackers who sell only to the Chinese government, pushing down prices. “The market is very depressed,” he says. Other regions like the Middle East and the rest of Asia can’t match Western prices either.

As a result, the Grugq earns 80% of his revenue from the U.S., though occasionally the developers who work with him have asked that he sell only to Europeans. Over more than a decade in the hacker scene, he’s met enough federal agents to have contacts at multiple U.S. agencies, and he knows how to package his developer’s exploits for sale to those buyers, with professional marketing and support. “You’re basically selling commercial software, like anything else. It needs to be polished and come with documentation,” he says. “The only difference is that you only sell one license, ever, and everyone calls you evil.”

One of the most vocal of those critics is Chris Soghoian, a privacy activist with the Open Society Foundations, who has described the firms and individuals who sell software exploits as “the modern-day merchants of death” selling “the bullets of cyberwar.”

“As soon as one of these weaponized zero-days sold to governments is obtained by a ‘bad guy’ and used to attack critical U.S. infrastructure, the shit will hit the fan,” Soghoian warned in a talk at the Kaspersky analyst summit in February. “Security researchers should not be selling zero-days to middle man firms…These firms are cowboys and if we do nothing to stop them, they will drag the entire security industry into a world of pain.”

The Grugq sees no ethical compromise in his work. “The Chinese are conducting espionage on a massive scale. [Soghoian] wants to ban sales of software–sorry, exploits–to the U.S. and European allies?” he asks. “The only possible outcome is that the Chinese will increase their internal production and skills and the…West will fall behind.”

Anyway, he adds, he doesn’t believe banning the sale of exploit code wouldn’t make users more secure. “That’ll work just as well at eliminating exploits as the war on drugs has worked at eliminating drugs,” he says.

The Grugq is hardly alone in his industry. Small firms like Vupen, Endgame and Netragard buy and sell exploits, as do major defense contractors like Northrop Grumman and Raytheon.

Netragard’s founder Adriel Desautels says he’s been in the exploit-selling game for a decade, and describes how the market has “exploded” in just the last year. He says there are now “more buyers, deeper pockets,” that the time for a purchase has accelerated from months to weeks, and he’s being approached by sellers with around 12 to 14 zero-day exploits every month compared to just four to six a few years ago.

Desautels won’t offer much about exactly who his customers are. But he says not every buyer aims to use his zero-days for spying. He claims to have recently sold a browser exploit for $125,000 to a private sector client for who aimed to use it merely as a proof-of-concept for marketing purposes. Other buyers use Netragard’s exploits for penetration testing, he says. “If you test a bullet proof vest, you use a bullet, not a squirt gun,” says Desautels.

Nonetheless, he says that the firm is “extremely careful” about choosing its customers. “We reject a lot more people than we accept,” he says. “Realistically, we’re selling cyberweaponry.”

And what about the option of selling the exploits to the software vendor itself, so that it can patch the targeted program? Firms like Mozilla and Facebook offer developers a few thousand dollars for reporting bugs. Google typically offers a maximum of $3,133.70 for information about the most complex flaws in its software, a number that’s meant to spell out “elite” in hacker slang.

But a four-figure price is hardly elite enough for the Grugq. ”If they want their bugs fixed, they can buy them at market rates like everyone else,” he says. “From each according to their ability, to each according to their needs? That’s communism. If they want the output, they can pay for it like anyone else. They have my email.”

quote:

Planned BitTorrent Pirate Punishments Spark Protest

In a few months, millions of alleged BitTorrent pirates in the US will risk being punished by their Internet providers. While the plan was announced a year ago, protests against it have only started to heat up this week. In just a few days more than 90,000 people have signed a petition asking their Internet providers not to participate, and many more are expected to follow.

Last year the MPAA and RIAA signed a ‘ground-breaking’ deal with all the major Internet providers in the United States.

In an attempt to deter online piracy, a third-party company will collect the IP-addresses of alleged infringers on BitTorrent and other public file-sharing networks.

The ISPs will then notify these offenders and tell them that their behavior is unacceptable. After six warnings the ISP may then take a variety of repressive measures, which include cutting off the offender’s connection temporarily.

After the initial announcement things went quiet, but that changed last week when the RIAA and the Center for Copyright Information confirmed that all major ISPs will start warning BitTorrent users this summer.

This renewed attention resulted in wide press coverage, and also sparked massive protests. Activist group Demand Progress quickly switched back to SOPA-style campaign mode and launched a petition asking ISPs to cut out of the deal.

“They’re selling us out,” the group writes.

“Just weeks after Internet users from across the globe came together to beat SOPA, the major ISPs are cutting a deal with Big Content to restrict web access for users who are accused of piracy.”

The call didn’t go unheard, and within 24 hours more than 60,000 people signed the petition. Today this number has swelled to more than 90,000 and the end still isn’t in sight.

Earlier this week the Electronic Frontier Foundation (EFF) also expressed its concerns over the so-called ‘graduated response’ system. They highlight that the agreement puts the burden of proof on the alleged file-sharers, which doesn’t seem fair considering the many wrongful accusations that can occur.

“One key problem is the arrangement shifts the burden of proof: rather than accusers proving infringement before the graduated response process starts against a subscriber, the subscriber must disprove the accusation in order to call a halt to it,” EFF writes.

“Worse, accused subscribers have to defend themselves on an uneven playing field. For example, they have only ten days to prepare a defense, and with only six pre-set options available. Of course, there’s no assurance that those who review the cases are neutral, and the plan sorely lacks consequences for an accuser who makes mistaken or fraudulent claims.”

The EFF informed TorrentFreak that they plan to launch an activism campaign in the near future to raise awareness of these issues.

How ‘bad’ the graduated warning system turns out to be largely depends on what punishments Internet providers intend to hand out. Needless to say, a temporary reduction in bandwidth is less severe than cutting people’s Internet access.

At TorrentFreak we are interested in finding out which third-party company will be hired to monitor people’s BitTorrent downloads, and how solid their evidence gathering methods are.

This is important, because the RIAA’s previous partner MediaSentry used rather shoddy techniques which resulted in many false accusations. The RIAA’s current partner DtecNet also has shortcomings as they fail to understand how BitTorrent works.

As we move closer to the July deadline more details should emerge. At the same time the online protests are also expected to increase, both through public initiatives and various advocacy groups. While it’s doubtful that they will ever get the same exposure as the SOPA revolt, there is no doubt that these protests will be noticed.

quote:

DOJ Signs New Rules To Let Intelligence Officials Access, Store And Search More Info About US Citizens

quote:

The Obama administration is moving to relax restrictions on how counterterrorism analysts may access, store and search information about Americans gathered by government agencies for purposes other than national security threats.

Attorney General Eric H. Holder Jr. on Thursday signed new guidelines for the National Counterterrorism Center, which was created in 2004 to foster intelligence sharing and to serve as a clearinghouse for terrorism threats.

The guidelines will lengthen to five years — from 180 days — the center’s ability to retain private information about Americans when there is no suspicion that they are tied to terrorism, intelligence officials said. The guidelines are also expected to result in the center making more copies of entire databases and “data-mining them” — using complex algorithms to search for patterns that could indicate a threat — than it currently does.

quote:

An Answer to Rose Collins, Mother of Jeremy Hammond

This letter is in response to http://finance.townhall.c(...)for_anonymous/page/2

Hello Rose,

I have read your open letter and would like to provide a response. Before I do that please understand the following: I am merely one Anon of many and I can only speak for myself. I do not know how many fellow Anons do agree with this, some may, others may in part while even more may totally disagree. But this does not matter, this is just the way Anonymous works.

I will not go into my involvement in Anonymous Operations but I can say that I have communicated with both Sabu and the online identity who is alleged to be your son Jeremy on more than one occasion. So the whole situation is not completely alien to me.

As for your first question: Yes, we do have lawyers. Within Anonymous and also outside, which are willing to support and defend Anons who have been arrested. You may have seen the websites http://anonlg.com/, http://freeanons.org/, and http://freehammond.org.

These are just the ones I can think of right now, there are more. Additionally the EFF (Electronic Frontier Foundation, http://www.eff.org) is willing to help. So yes, there is much help on the legal front and if you want to provide your son with additional legal help, I suggest you contact one of these volunteers.

To your second question: "If you do not forget or forgive, are you in agreement with Jeremy regarding imprisonment of those convicted of crimes?"

This is a tough one, but I will give you my own answer: I guess you won't find many lawyers that would argue that AntiSec related actions are not illegal at all, but I do *not* consider them criminal. This is an important difference. I think his actions were morally justifiable because he did not hack for his profit - never. He did it out of conviction, because he believed in a good cause. He is sick of the system we live in, which certainly is a view that many Anons share. While there are a large group of Anons that do not share the methods he used, this is not relevant to me (and my opinion on this does not matter). What is important is that Jeremy - in my belief - acted out of a conviction that is ethically honorable and I respect that.

Coming to Sabu. A very delicate subject, as you can imagine. From what I can see, the majority of Anons despise Sabu with all their guts and some may even want to do him physical harm. I do not consider myself one of them, mostly because there is so much information missing (and some information reported in the media may be outright false) so I dare not judge on this incident without having access to the full facts. Secondly, I believe that Sabu was also fighting for a good cause and I would think (and hope) that he hates himself for what he has done. If what the FBI claims is all true, I am certainly disappointed in him, as I would have never expected that Sabu - of all! - would commit such a treason. It was a very sad day for Anonymous when this came out.

Next question: "Who are you to decide that all government secrets must be exposed?"

Well, I am Anonymous and again, I can only speak for myself. As I said above, many Anons do not condone the actions done by groups such as LulzSec and AntiSec; these operations were certainly controversial. But many Anons believe that governments must become more transparent and less secretive, especially because we learn every day that the Government is filled with corruption, lies and greed. There are very good reasons that almost every Anon is also a strong supporter of Wikileaks.

As for your last question: I agree. While the banks and bankers certainly play a major role in all the problems the system has, and certainly are to blame for much suffering of the majority of the people, they are only part of the machinery. There are also politicians, mighty international companies, manipulating mass media and lobbies - they all have their role in the fuckup we are living in. But in the end it all comes down to money. And this is why bankers are one of the most obvious targets.

I hope this answer helps you in any way. As a final word I wish to say that I hope that Jeremy will have the best possible result in court and I wish you both the very best for the future.

Kindly,

An Anon

quote:

Barendrechter aangehouden voor hacken KPN

De Nationale Recherche heeft vorige week dinsdag in Barendrecht een zeventienjarige jongen aangehouden op verdenking een digitale inbraak bij KPN in januari. Hij zou het computersysteem van het telecombedrijf met kwaadaardige software hebben beschadigd.

De Barendrechter verkreeg zo van enkele honderden servers de hoogste toegangsrechten. Dat meldt het Openbaar Ministerie. Ook werd in Australië een zestienjarige hacker aangehouden die in contact stond met de Nederlandse verdachte.

Verdachte hackte ook universiteitsnetwerken

De Nationale Recherche legde beslag op een versleutelde computer, twee laptops en gegevensdragers van de Nederlandse verdachte. Ze kwamen hem op het spoor nadat hij in een chatkanaal tegen studenten van de Korea Advanced Institute of Science and Technology (Kaist) had opgeschept over zijn inbraak. De verdachte is vermoedelijk ook binnengedrongen in computers van de Tokohu University in Japan, de universiteit van Trondheim in Noorwegen en de Kaist in Zuid-Korea. Bovendien lijkt de jongen een website te beheren waarop gegevens van gestolen creditcards worden verhandeld.

Volgens het OM blokkeerde KPN na de ontdekking van de hack uit voorzorg twee miljoen e-mailaccounts. Volgens het telecombedrijf staan de twee zaken los van elkaar. De inloggegevens van klanten die toen op internet verschenen bleken afkomstig van thuiswinkel baby-dump.nl, meldt persbureau Novum. KPN keerde een ton aan schadevergoedingen uit aan klanten die gedupeerd werden door het afsluiten van de mailaccounts.

Het voorarrest van de Barendrechter werd vrijdag met twee weken verlengd. Het OM kwam er vanwege het belang van het onderzoek niet eerder mee naar buiten. Volgens KPN laat de leeftijd van de verdachte Barendrechter en of er al dan niet sprake is van kwade opzet onverlet dat de beveiliging optimaal moet worden georganiseerd.

quote:

The disappearing virtual library

The shutdown of library.nu is creating a virtual showdown between would-be learners and the publishing industry

Los Angeles, CA - Last week a website called "library.nu" disappeared. A coalition of international scholarly publishers accused the site of piracy and convinced a judge in Munich to shut it down. Library.nu (formerly Gigapedia) had offered, if the reports are to be believed, between 400,000 and a million digital books for free.

And not just any books - not romance novels or the latest best-sellers - but scholarly books: textbooks, secondary treatises, obscure monographs, biographical analyses, technical manuals, collections of cutting-edge research in engineering, mathematics, biology, social science and humanities.

The texts ranged from so-called "orphan works" (out-of-print, but still copyrighted) to recent issues; from poorly scanned to expertly ripped; from English to German to French to Spanish to Russian, with the occasional Japanese or Chinese text. It was a remarkable effort of collective connoisseurship. Even the pornography was scholarly: guidebooks and scholarly books about the pornography industry. For a criminal underground site to be mercifully free of pornography must alone count as a triumph of civilisation.

To the publishing industry, this event was a victory in the campaign to bring the unruly internet under some much-needed discipline. To many other people - namely the users of the site - it was met with anger, sadness and fatalism. But who were these sad criminals, these barbarians at the gates ready to bring our information economy to its knees?

They are students and scholars, from every corner of the planet.

Pirating to learn

The world, it should not come as a surprise, is filled with people who want desperately to learn. This is what our world should be filled with. This is what scholars work hard to create: a world of reading, learning, thinking and scholarship. The users of library.nu were would-be scholars: those in the outer atmosphere of learning who wanted to know, argue, dispute, experiment and write just as those in the universities do.

Maybe they were students once, but went on to find jobs and found families. We made them in some cases - we gave them a four-year taste of the life of the mind before sending them on their way with unsupportable loans. In other cases, they made themselves, by hook or by crook.

So what does the shutdown of library.nu mean? The publishers think it is a great success in the war on piracy; that it will lead to more revenue and more control over who buys what, if not who reads what. The pirates - the people who create and run such sites - think that shutting down library.nu will only lead to a thousand more sites, stronger and better than before.

But both are missing the point: the global demand for learning and scholarship is not being met by the contemporary publishing industry. It cannot be, not with the current business models and the prices. The users of library.nu - these barbarians at the gate of the publishing industry and the university - are legion.

They live all over the world, but especially in Latin and South America, in China, in Eastern Europe, in Africa and in India. It's hard to get accurate numbers, but any perusal of the tweets mentioning library.nu or the comments on blog posts about it reveal that the main users of the site are the global middle class. They are not the truly poor, they are not slum-denizens or rural poor - but nonetheless they do not have much money. They are the real 99 per cent (as compared to the Euro-American 1 per cent).

They may be scientists or scholars themselves: some work in schools, universities or corporations, others are doubly outside of the elite learned class - jobholders whose desire to learn is and will only ever be an avocation. They are a global market engaged in what we in the elite institutions of the world are otherwise telling them to do all the time: educate yourself; become scholars and thinkers; read and think for yourselves; bring civilisation, development and modernity to your people.

Sharing is caring

Library.nu was making that learning possible where publishers have not. It made a good show of being a "book review" site - it was called library.nu after all, and not "bookstore.nu". It was not cluttered with advertisements, nor did it "suggest" other books constantly. It gave straight answers to straightforward searches, and provided user reviews of the 400,000 or more books in the database.

It was only the fact that library.nu included a link to another site ("sharehosting" sites like ifile.it, megaupload.com, or mediafire.com) containing the complete version of a digital text that brought library.nu into the realm of what passes for crime these days.

But the legality of library.nu is also not the issue: trading in scanned, leaked or even properly purchased versions of digital books is thoroughly illegal. This is so much the case that it can't be long before reading a book - making an unauthorised copy in your brain - is also made illegal.

But library.nu shared books; it did not sell them. If it made any money, it was not from the texts themselves, but from advertising revenue. As with Napster in 1999, library.nu was facilitating discovery: the ability to search deeper and deeper into the musical or scholarly tastes fellow humans and to discover their connections that no recommendation algorithm will ever be able to make. In their effort to control this market, publishers alongside the movie and music industry have been effectively criminalising sharing, learning and creating - not stealing.

Users of library.nu did not have to upload texts to the site in order to use it, but they were rewarded if they did. There were formal rules (and informal ones, to be sure), concerning how one might "level up" in the library.nu community. The site developed as websites do, adding features here and there, and obviously expanding its infrastructure as necessary. The administrators of the site maintained absolute control over who could participate and who could not - no doubt in order to protect the site from skulking FBI agents and enthusiastic newbies alike.

Even a casual observer could have seen that the frequent changes to the site were the effects of the cat-and-mouse game underway as law authorities and publishers sought to understand and eventually seek legal action against this community. In the end, it was only by donating to the site that law authorities discovered the real people behind the site - pirates too have PayPal accounts.

Shutting down learning

The winter of 2012 has seen a series of assaults on file-sharing sites in the wake of the failed SOPA and PIPA legislation. Mega-upload.com (the brainchild of eccentric master pirate Kim Dotcom - he legally changed his name in 2005) was seized by the US Department of Justice; torrent site btjunkie.com voluntarily closed down for fear of litigation.

In the last few days before they closed for good, library.nu winked in and out of existence, finally (and ironically), displayed a page saying "this domain has been revoked by .nu domain" (the island nation of Niue). It prominently displays a link to a book (on Amazon!) called Blue Latitudes, about the voyage of Captain Cook. A story about that other kind of pirate branches off here.

So what does the shutdown of library.nu mean? One thing it means is that these barbarians - these pirates who are also scholars - are angry. We scholars have long been singing the praises of education, learning, mutual aid and the virtues of getting a good degree. We scholars have been telling the world of desperate learners to do just what they are doing, if not in so many terms.

So there are a lot of angry young middle-class learners in the world this month. Some are existentially angry about the injustice of this system, some are pragmatically angry they must now spend $100 - if they even have that much - on a textbook instead of on themselves or their friends.

All of them are angry that what looked to everyone like the new horizon of learning - and the promise of the vaunted new digital economy - has just disappeared behind the dark eclipse of a Munich judge's cease and desist order.

Writers and scholars in Europe and the US are complicit in the shutdown. The publishing companies are protecting themselves and their profits, but they do so with the assent, if not the active support, of those who still depend on them. They are protecting us - we scholars - or so they say. These barbarians - these desperate learners - are stealing our property and should be made to pay for it.

Profiteering

In reality, however, the scholarly publishing industry has entered a phase like the one the pharmaceutical industry entered in the 1990s, when life-saving AIDS medicines were deliberately restricted to protect the interests of pharmaceutical companies' patents and profits.

The comparison is perhaps inflammatory; after all, scholarly monographs are life-saving in only the most distant and abstract sense, but the situation is - legally speaking - nearly identical. Library.nu is not unlike those clever - and also illegal - local corporations in India and Africa who created generic versions of AIDS medicines.

Why doesn't the publishing industry want these consumers? For one thing, the US and European book-buying libraries have been willing pay the prices necessary to keep the industry happy - and not just happy, in many cases obscenely profitable.

Rather than provide our work at cheap enough prices that anyone in the world might purchase, they have taken the opposite route - making the prices higher and higher until only very rich institutions can afford them. Scholarly publishers have made the trade-off between offering a very low price to a very large market or a very high price to a very small market.

But here is the rub: books and their scholars are the losers in this trade-off - especially cutting edge research from the best institutions in the world. The publishing industry we have today cannot - or will not - deliver our books to this enormous global market of people who desperately want to read them.

Instead, they print a handful of copies - less than 100, often - and sell them to libraries for hundreds of dollars each. When they do offer digital versions, they are so wrapped up in restrictions and encumbrances and licencing terms as to make using them supremely frustrating.

To make matters worse, our university libraries can no longer afford to buy these books and journals; and our few bookstores are no longer willing to carry them. So the result is that most of our best scholarship is being shot into some publisher's black hole where it will never escape. That is, until library.nu and its successors make it available.

What these sites represent most clearly is a viable route towards education and learning for vast numbers of people around the world. The question it raises is: on which side of this battle do European and American scholars want to be?

quote:

Tim Kuik: 'De echte boosdoeners zijn de Pirate Bays en Megauploads van deze wereld'

Vanuit Hoofddorp bindt de stichting Brein de strijd aan met illegale downloaders. Niet tot ieders genoegen.

'Sorry voor mijn kortademigheid', excuseert Tim Kuik zich met een wat gepijnigd gezicht. Op zijn kantoor in Hoofddorp, in het pand bij Buma/Stemra, zet hij thee neer voor zijn gast. 'Ik heb met skiën drie ribben gebroken, maar zet dat maar niet in de krant want dan wensen bepaalde groepen op internet me weer toe dat ik nog veel harder had mogen vallen.'

Welkom in de gezellige wereld waarin Tim Kuik (54), directeur van antipiraterijclub Brein zich al jaren beweegt. De stichting, bij het grote publiek vooral bekend van de waarschuwingsfilmpjes voorafgaand aan elke dvd of videofilm, bestrijdt sinds 1998 de inbreuk op auteursrechten. Dat doet ze namens en op kosten van de partijen die belang hebben bij handhaving van het auteursrecht. Naast de makers van bijvoorbeeld films en muziek zijn dat ook de uitvoerende kunstenaars, uitgevers, producenten en distributeurs.

Brein, waar elf mensen werken, zette zich de afgelopen jaren in om het overweldigende aanbod van illegaal materiaal via internet te verkleinen. Met succes. Er waren talloze rechtszaken voor nodig, maar uiteindelijk kreeg Brein vaak waarop het uit was.

De meest tot de verbeelding sprekende overwinning was de blokkering begin dit jaar van de immens populaire site The Pirate Bay. De uitspraak vormde het voorlopige sluitstuk van een jarenlange juridische strijd. De rechter beval internetproviders Ziggo en Xs4all de site te blokkeren. Het kat-en-muisspel dat Brein met zijn tegenstanders speelt, houdt nooit op, bleek afgelopen week alweer. Met de Pirate-Bay-uitspraak in de hand meldde Brein zich bij een aantal Nederlandse websites die internetters nu helpen het gerechtelijk verbod te omzeilen.

De activiteiten van Brein, en die van voorman Kuik in het bijzonder, maken hem tot vijand nummer één van velen die hun films en muziek graag gratis van internet betrekken. Ook in de wereld van voorvechters van een 'vrij en open internet' wordt hij door velen persoonlijk gehaat. De - vrijwel altijd anonieme - scheldpartijen aan het adres van Kuik op allerhande internetblogs liegen er niet om. 'We zijn maffia, we zijn nazi's, we zijn van alles. Ik kan me er niet druk om maken', aldus Kuik. Buiten schijnt de eerste echte lentezon.

quote:

Doet de heftigheid van de reacties u helemaal niets?
'Ach, zolang ze op al die blogs dit soort teksten zitten te tikken, zijn ze in ieder geval niet illegaal aanbod aan het downloaden.'

quote:

Maar het moet toch bijzonder onprettig zijn om doorlopend doodgewenst te worden.
'We hebben die reacties een tijd lang gevolgd en het is een vrij kleine club mensen die dat soort taal bezigt. Weet je wat het ook is? Ik vind dat soort reacties getuigen van zo'n grote domheid, dat ik het niet eens meer als storend ervaar.'

quote:

Er is ook meer inhoudelijke kritiek van serieuzere partijen. De strijd tegen The Pirate Bay won Brein bijvoorbeeld door internetproviders Xs4all en Ziggo voor de rechter te slepen. Zijn dat nou echt de boosdoeners?
'Nee, zij zijn het sluitstuk van onze strategie. De echte boosdoeners zijn de aanbieders van illegale content, dus de Pirate Bays en Mega-uploads van deze wereld. Wij spreken in eerste instantie altijd die partijen aan. Maar vaak reageren zij niet of ze laten weten dat ze niet van plan zijn om te stoppen met wat ze doen. In zulke gevallen stappen we naar de hostingprovider. Dat is de partij die, zeg maar, onderdak biedt aan die sites. Reageert die ook niet, of verplaatsen de aanbieders hun sites naar een andere hostingprovider - in het buitenland bijvoorbeeld - dan pas komen we bij internetproviders terecht, Ziggo en Xs4all in dit geval. Die werkwijze heeft de rechter nu al meerdere malen goedgekeurd.'

quote:

Financial services firms fear being shamed by Anonymous

Professionals in the financial services sector view reputational damage as one of the worst consequences of a successful cyber attack, a new report from PricewaterhouseCoopers (PwC) has revealed.

Based on the responses of 3,877 companies across 78 countries, PwC found that half of the respondents from the banking sector believed the risk cybercrime posed had increased over the past 12 months.

Exceeding the 36 per cent figure recorded in other industries, the report revealed that half of financial services professionals are primarily concerned over potential damage to their company's brand and reputation.

"Cybercrime puts the financial service sector's customers, brand and reputation at significant risk" said PwC partner Andrew Clark.

The increased number of 'shame' attacks by hacktivist groups such as the Anonymous collective was highlighted as a key dilemma facing FS companies.

"The impact of social media, hacktivism and activism are widening all the time," PwC director William Beer told V3.

"Reputational damage is far more difficult to shrug off than financial."

The professionals' fears follow a marked increase in the number of online attacks targeting the financial services industry.

PwC analysts revealed that cybercrime now accounts for 38 per cent of all reported crime incidents in the finance sector. This compared to the 16 per cent average recorded in other sectors.

The paper follows on from a research paper by Verizon reporting an increase in the number of politically motivated cyber attacks being mounted against companies and governments.

quote:

U.S. Agency Seeks Tougher Consumer Privacy Rules

The government’s chief consumer protection agency said on Monday that it intended to take direct aim at the vast industry that has grown up around the buying and selling of information about American consumers.

The agency, the Federal Trade Commission, called on Congress to enact legislation regulating so-called data brokers, which compile and trade a wide range of personal and financial data about millions of consumers from online and offline sources. The legislation would give consumers access to information collected about them and allow them to correct and update such data.

The agency also sent a cautionary signal to technology and advertising companies regarding a “Do Not Track” mechanism that allows consumers to opt out of having their online behavior monitored and shared. It warned that if companies did not voluntarily provide a satisfactory Do Not Track option, it would support additional laws that mandate it.

The recommendations, part of a sweeping set of guidelines in an F.T.C. report on Monday, represent the government’s latest move to address the issue of consumer privacy.

On one side of the debate are data brokers like Experian and Acxiom, which collect and sell information, and the huge ecosystem of technology and online advertising companies — including Google, Microsoft and Facebook — that target consumers based on their personal preferences.

On the other side are consumer groups and privacy advocates that are concerned about the volume of data being collected and how little control consumers have over that information.

The government’s Do Not Track efforts are likely to collide with the desire of companies to continue the lucrative business of collecting, using and sharing information about the people who use their services. Although these businesses say they support limits on using this information, they generally still want to be able to collect it.

One official from a prominent technology company, who declined to be named because the discussions with the government were continuing, said that “do not collect is basically death for online advertising.”

But the trade commission said unequivocally that it believed consumers who said they did not want to be tracked meant just that — no tracking at all. It said it would support legislation to require it.

“Do Not Track from our perspective certainly means ‘do not collect’ — not ‘do not advertise back,’ ” said Jon Leibowitz, the chairman of the F.TC. “If a real Do Not Track option doesn’t come to fruition by the end of the year, there will be, I don’t want to say a tsunami of support for Do Not Track legislation next Congress, but certainly a lot of support.”

The F.T.C. said it intended to work with the White House and the Commerce Department on proposals they unveiled last month to develop voluntary industrywide codes of conduct that the F.T.C. can enforce.

Mr. Leibowitz said the commission did not endorse any specific Congressional legislation, but he mentioned a bill introduced in the Senate in April 2011 by John Kerry, Democrat of Massachusetts, and John McCain, Republican of Arizona. That bill seeks to require companies to tell consumers what data is being collected and allow them to opt out of the practice.

At least two other bills have been introduced in Congress. But none of that legislation is likely to make it into law in this Congressional session, however, given the heavy schedule of pending matters and re-election campaigns.

Many data broker companies say much of the information they collect is available from public documents like property and voter registration records. Companies can sell their data to a variety of clients, including marketers, telecommunications companies, retailers and political campaigns.

Jennifer Barrett Glasgow, the chief privacy officer for Acxiom, said the focus on data brokers in the F.T.C. report was not a surprise. “It’s not an unreasonable request to have more transparency among data brokers,” Ms. Barrett Glasgow said. The company collects data from public records, surveys and consumer purchasing behavior both online and offline.

quote:

Europees Parlement zal ACTA niet voorleggen aan Hof van Justitie

Een commissie van het Europees Parlement heeft dinsdag in een stemming besloten om het omstreden antipiraterijverdrag ACTA niet voor te leggen aan het Europese Hof van Justitie. Het parlement zal nu zelf een oordeel moeten vellen.

De Commissie Internationale Handel van het Europese Parlement heeft met 21 stemmen tegen en vijf voor een Brits voorstel verworpen om het ACTA-verdrag voor te leggen aan het Europese Hof van Justitie. Door deze stap zal het Europese Parlement zelf een besluit moeten nemen over het omstreden antipiraterijverdrag. Als het verdrag toch aan het Hof van Justitie zou zijn voorgelegd, dan zou de behandeling van ACTA circa 1,5 jaar vertraging hebben opgelopen.

Naar verwachting zullen de parlementariërs in juni tijdens een stemming definitief een oordeel geven over ACTA. Alleen als het Europees Parlement groen licht geeft, kan het verdrag door de Europese Commissie geratificeerd worden.

Tegenstanders van het ACTA-verdrag zijn tevreden over het besluit. Doordat de stap naar de Europese rechter nu wordt overgeslagen, verwachten de tegenstanders dat het brede verzet tegen ACTA, dat in een groot aantal landen wordt gedragen, intact blijft.

Ondanks de kritische geluiden zou de Europese Commissie nog steeds voor implementatie van ACTA zijn, zo meldt het Duitse Heise Online op basis van een rapport dat zij in handen hebben gekregen. In het rapport is een citaat te lezen van Eurocommissaris van Handel, Karel de Gucht: "Er heerst een erg agressieve pan-Europese campagne tegen het ACTA-verdrag, wat ook cyberaanvallen op Europese instanties tot gevolg heeft."

De Europese Commissie zou bang zijn voor het imago van de Europese Unie mocht het antipiraterijverdrag worden afgewezen. Ook wordt de kritiek op ACTA bestempeld als 'niet onderbouwd'. Desondanks is het verzet in veel EU-lidstaten groot: zo wil Polen niets weten van ratificatie en zijn er bedenkingen in Nederland, Duitsland en Tsjechië.

quote:

Entertainment Industry Was Eager to Work With Megaupload

Considering the aggressive stance taken by the MPAA against Megaupload, one might be forgiven for thinking the Hollywood-backed group and file-hosting service were sworn enemies. But behind the scenes things were quite different, with companies including Disney, Warner Brothers and Fox courting Megaupload to set up content distribution and advertising deals.

“By all estimates, Megaupload.com is the largest and most active criminally operated website targeting creative content in the world,” said the MPAA in a statement issued immediately after Mega was shutdown in January.

As statements go, they don’t get much more harsh than that, so one might think that hostilities between Megaupload and the member companies of the MPAA are a long-standing thing.

But as we know, despite all the rhetoric the likes of the usually-aggressive Disney never sued the Hong Kong based file-hosting service, and instead opted to let the FBI do their work for them.

While this government-financed approach will have proven substantially cheaper than dragging Megaupload through civil court, some potentially embarrassing things would have inevitably come out in such a case – such as this selection of emails just obtained by TorrentFreak.

In an eyebrow-raising email penned by Disney attorney Gregg Pendola, the counsel contacts Megaupload not to threaten or sue the company, but to set up a deal to have Disney content posted on the Megavideo site.

quote:

Spanish Recording Industry Lobbyists Sue Professor For Highlighting Its Monopolistic Practices

Yet again, we're left scratching our heads at the basic failure of recording industry lobbyists to think about the consequences of their actions. The latest is that Promusicae, the Spanish recording industry lobbying group that is associated with the IFPI (which, itself is associated with the RIAA) has sued Spanish professor Enrique Dans for daring to state, in his opinion, that Promusicae violated Spanish antitrust laws. The blog post in question (Google translation) is actually mostly about the legal troubles of SGAE, the Spanish collection society which was accused of being involved in a massive criminal fraud operation. In the post, he also mentioned Promusicae and how it set up a system that he believes violated antitrust laws in effectively limiting access to radio airtime to members of Promusicae.

In response, Promusicae sued him for "violating their honor," demanding either 20,000 or 50,000 euros. Professor Dans explains the details on his own site (Google translation).

It seems pretty clear that this is nothing more than a SLAPP-style lawsuit -- with the recording industry lobbyists suing Dans to shut him up and to create chilling effects to silence other critics. It's a shameful way of dealing with critics, and, as Rick Falkvinge notes in his story (the first link up top), even if Dans is legally in the right, a court battle is very costly. Again as Falkvinge notes, perhaps it's time for the EU to start setting up anti-SLAPP laws to avoid these kinds of lawsuits as well.

But, more to the point, all this really does is call much more attention to Dans' original blog post from July, and the accusations he made about Promusicae. In what world does an industry lobbyist think that it's a smart move to call attention to a respected professor's blog post that describes some of their questionable behavior? A normal, thinking, individual would either respond directly to the charges with a detailed explanation for why it's wrong, or just let it go away. Suing only makes it worse in almost every way. Not only does it call worldwide attention to this blog post and the claims against Promusicae, but it also will likely make more people look more closely at Promusicae and what it's done... all the while showing off Promusicae lobbyists for the obnoxious bullies that they are. It's really quite incredible. As Falkvinge notes:

. Perhaps what amazes me most is that the public backlash to this kind of behavior is as predictable as a grandfather clock. How can the copyright monopoly lobby’s lawyers live in so completely disconnected an ivory tower, that they thought it was a good idea to file lawsuit against a reputable professor for claiming they’re a monopoly, using monopolistic practices – when this fact is not only well-established to the point of being in dictionaries, but even legislated? What kind of survivability would such a parasitic misantropic business have in the wild, if it were not protected by obsolete laws?

Of course, I guess they're thinking that the resulting chilling effects scaring away others from commenting might be worth any backlash. Or they're so focused on protecting "their honor" that they never bothered to think at all. I am curious, of course, how "honorable" it is to sue a respected professor for expressing his opinion? How can you sue someone for violating your honor when you have no honor at all?

quote:

Op dinsdag 27 maart 2012 01:02 schreef Papierversnipperaar het volgende:

Anonymous: Message to YouTube

quote:

UPDATE! Earlier this afternoon, YouTube decided to heed the warning and unlock TheAnonMessage's account. No Censorship. Knowledge is Free. We are Anonymous.

quote:

Death of a data haven: cypherpunks, WikiLeaks, and the world's smallest nation

A few weeks ago, Fox News breathlessly reported that the embattled WikiLeaks operation was looking to start a new life under on the sea. WikiLeaks, the article speculated, might try to escape its legal troubles by putting its servers on Sealand, a World War II anti-aircraft platform seven miles off the English coast in the North Sea, a place that calls itself an independent nation. It sounds perfect for WikiLeaks: a friendly, legally unassailable host with an anything-goes attitude.

But readers with a memory of the early 2000s might be wondering, "Didn't someone already try this? How did that work out?" Good questions. From 2000 to 2008, a company called HavenCo did indeed offer no-questions-asked colocation on Sealand—and it didn't end well.

HavenCo's failure—and make no mistake about it, HavenCo did fail—shows how hard it is to get out from under government's thumb. HavenCo built it, but no one came. For a host of reasons, ranging from its physical vulnerability to the fact that The Man doesn't care where you store your data if he can get his hands on you, Sealand was never able to offer the kind of immunity from law that digital rebels sought. And, paradoxically, by seeking to avoid government, HavenCo made itself exquisitely vulnerable to one government in particular: Sealand's. It found that out the hard way in 2003 when Sealand "nationalized" the company.

For the last two years, I've researched the history of Sealand and HavenCo. I used the Wayback Machine to reconstruct long-since-vanished webpages. I dug through microfilm of newspapers back to the 1960s. I pored over thousands of pages of documents, only recently unsealed, from the United Kingdom's National Archives.

My findings have just been published in a new 80-page article in the University of Illinois Law Review, one called "Sealand, HavenCo, and the Rule of Law" (PDF). It tells the full—and very weird—story of how this micronation happened to be in the right place (the North Sea) at the right time (the late 1990s) to provide some cypherpunk entrepreneurs with the most impractical data center ever built. Here, I'll give the condensed version of the tale, hitting the important points in HavenCo's history and explaining what went wrong.

quote:

U.S. Outgunned in Hacker War

WASHINGTON—The Federal Bureau of Investigation's top cyber cop offered a grim appraisal of the nation's efforts to keep computer hackers from plundering corporate data networks: "We're not winning," he said.

Shawn Henry, who is preparing to leave the FBI after more than two decades with the bureau, said in an interview that the current public and private approach to fending off hackers is "unsustainable.'' Computer criminals are simply too talented and defensive measures too weak to stop them, he said.

His comments weren't directed at specific legislation but came as Congress considers two competing measures designed to buttress the networks for critical U.S. infrastructure, such as electrical-power plants and nuclear reactors. Though few cybersecurity experts disagree on the need for security improvements, business advocates have argued that the new regulations called for in one of the bills aren't likely to better protect computer networks.

Mr. Henry, who is leaving government to take a cybersecurity job with an undisclosed firm in Washington, said companies need to make major changes in the way they use computer networks to avoid further damage to national security and the economy. Too many companies, from major multinationals to small start-ups, fail to recognize the financial and legal risks they are taking—or the costs they may have already suffered unknowingly—by operating vulnerable networks, he said.

"I don't see how we ever come out of this without changes in technology or changes in behavior, because with the status quo, it's an unsustainable model. Unsustainable in that you never get ahead, never become secure, never have a reasonable expectation of privacy or security,'' Mr. Henry said.

James A. Lewis, a senior fellow on cybersecurity at the Center for Strategic and International Studies, said that as gloomy as Mr. Henry's assessment may sound, "I am actually a little bit gloomier. I think we've lost the opening battle [with hackers].'' Mr. Lewis said he didn't believe there was a single secure, unclassified computer network in the U.S.

"There's a kind of willful desire not to admit how bad things are, both in government and certainly in the private sector, so I could see how [Mr. Henry] would be frustrated,'' he added.

High-profile hacking victims have included Sony Corp., SNE +1.73%which said last year that hackers had accessed personal information on 24.6 million customers on one of its online game services as part of a broader attack on the company that compromised data on more than 100 million accounts. Nasdaq OMX Group Inc., NDAQ -0.71%which operates the Nasdaq Stock Market, also acknowledged last year that hackers had breached a part of its network called Directors Desk, a service for company boards to communicate and share documents. HBGary Federal, a cybersecurity firm, was infiltrated by the hacking collective called Anonymous, which stole tens of thousands of internal emails from the company.

Mr. Henry has played a key role in expanding the FBI's cybersecurity capabilities. In 2002, when the FBI reorganized to put more of its resources toward protecting computer networks, it handled nearly 1,500 hacking cases. Eight years later, that caseload had grown to more than 2,500.

Mr. Henry said FBI agents are increasingly coming across data stolen from companies whose executives had no idea their systems had been accessed.

"We have found their data in the middle of other investigations,'' he said. "They are shocked and, in many cases, they've been breached for many months, in some cases years, which means that an adversary had full visibility into everything occurring on that network, potentially.''

Mr. Henry said that while many company executives recognize the severity of the problem, many others do not, and that has frustrated him. But even when companies build up their defenses, their systems are still penetrated, he said. "We've been playing defense for a long time. ...You can only build a fence so high, and what we've found is that the offense outpaces the defense, and the offense is better than the defense,'' he said.

Testimony Monday before a government commission assessing Chinese computer capabilities underscored the dangers. Richard Bejtlich, chief security officer at Mandiant, a computer-security company, said that in cases handled by his firm where intrusions were traced back to Chinese hackers, 94% of the targeted companies didn't realize they had been breached until someone else told them. The median number of days between the start of an intrusion and its detection was 416, or more than a year, he added.

In one such incident in 2010, a group of Chinese hackers breached the computer defenses of the U.S. Chamber of Commerce, a major business lobbying group, and gained access to everything stored on its systems, including information about its three million members, according to several people familiar with the matter.

In the congressional debate over cybersecurity legislation, the Chamber of Commerce has argued for a voluntary, non-regulatory approach to cybersecurity that would encourage more cooperation and information-sharing between government and business.

Matthew Eggers, a senior director at the Chamber, said the group "is urging policy makers to change the 'status quo' by rallying our efforts around a targeted and effective information-sharing bill that would get the support of multiple stakeholders and come equipped with ample protections for the business community."

The FBI's Mr. Henry said there are some things companies need to change to create more secure computer networks. He said their most valuable data should be kept off the network altogether. He cited the recent case of a hack on an unidentified company in which he said 10 years worth of research and development, valued at more than $1 billion, was stolen by hackers.

He added that companies need to do more than just react to intrusions. "In many cases, the skills of the adversaries are so substantial that they just leap right over the fence, and you don't ever hear an alarm go off,'' he said. Companies "need to be hunting inside the perimeter of their network," he added.

Companies also need to get their entire leadership, from the chief executive to the general counsel to the chief financial officer, involved in developing a cybersecurity strategy, Mr. Henry said. "If leadership doesn't say, 'This is important, let's sit down and come up with a plan right now in our organization; let's have a strategy,' then it's never going to happen, and that is a frustrating thing for me,'' he said.

quote:

Megaupload proves users were legit

In light of Megaupload's upcoming court case in which the US Government has accused Megaupload of being a hotbed for illegal users, Mega has proved the majority of it's users were legitimate. Megaupload has released that a large sum of it's users were actually belonging to US Officials including over 15,000 accounts held by US Military. Of the accounts held by US Officials these included accounts held by members of the FBI, Homeland Security, NASA and the Senate.

Megaupload attorney's and users are fighting hard for the data to not be deleted at this time however there is no certainty at this time if the information will be saved.

In other Megaupload news Kim Dotcom and his wife Mona welcome their twin baby girls into the world. The twin girls are reported to be a healthy weight at 5.3 and 6.2lbs however their names have not yet been released.
This is the fourth and fifth children for the couple. While Kim Dotcom is still under house arrest leading up to his extradition case the founder can live comfortably with his $50,000 a month spending limit. When doctor's asked if the couple would like to keep the placenta Kim Dotcom responded "yes, and please send it to the FBI for forensic analysis so they can verify there is no pirate DNA ;-)". If nothing else Megaupload founder has kept his sense of humour.

quote:

Hackers in Europa straks strenger gestraft - maar alleen als ze crimineel zijn

Hackers die inbreken in ict-systemen moeten in de toekomst strenger worden gestraft. Tenminste, als het gaat om inbraken met een crimineel doeleinde. 'Ethische' hackers die alleen beveiligingslekken willen aantonen, moeten juist vrijuit gaan.

Dat staat in een herziening van een Europese richtlijn, die deze week met 50 stemmen vóór, één stem tegen en drie onthoudingen ruimschoots werd goedgekeurd in het Europees Parlement. In veel landen, waaronder Nederland, staat nu nog 1 jaar cel op computervredebreuk, maar dat moet minstens twee jaar gaan worden. Op het uitvoeren van grootschalige cyberaanvallen komt minimaal vijf jaar te staan, aldus het voorstel.

Klokkenluiders
Maar vooral het amendement waarin staat dat hackers met goede bedoelingen voortaan gevrijwaard moeten worden van vervolging, betekent een belangrijke verandering in het beleid dat tot nu toe werd gevoerd. Op dit moment lopen deze klokkenluiders het risico vervolgd te worden op basis van verschillende andere wetten. Met de vernieuwde cybercrime-wet zal dat niet langer het geval zijn, mits kan worden aangetoond dat de hack geen schadelijke gevolgen heeft gehad.

Ook in Nederland is het onderwerp 'ethisch hacken' al meermalen voorbijgekomen. Verschillende hackers wisten aan te tonen dat er instanties zijn die wel persoonsgegevens beheren, maar niet goed in staat zijn om hun websites, databases en websites te beveiligen. De website Webwereld riep de maand oktober 2011 uit tot 'lektober', waarin iedere werkdag een privacylek aan het licht werd gebracht.

In september vorig jaar kon een wetsvoorstel van de PvdA om bescherming te bieden aan goedbedoelende 'hacktivisten' al rekenen op steun van een meerderheid in de Tweede Kamer. Tot nu toe is dat er echter nog niet van gekomen - terwijl het goedbedoelende deel van de hackerswereld met smacht op een dergelijke maatregel wacht.

Whitehats
De Europese richtlijn is voor hen dus zeer welkom. Niet alleen worden goedbedoelende hackers ('whitehats' in het hackersjagon) gespaard, de kwaadwillenden ('blackhats') worden strenger aangepakt. Zo moet ondermeer ook het verspreiden van software die is bedoeld om hacken mogelijk te maken, strafbaar worden gesteld, evenals het online aannemen van de identiteit van een ander.

Helemaal definitief is het voorstel overigens nog niet. Het Europees Parlement moet de richtlijn nog intern behandelen, en vervolgens moeten ook de Europese Commissie en de Raad van Europa zich er nog over uitspreken. Tenslotte wordt de herziene richtlijn aan de individuele lidstaten voorgelegd, die er allemaal mee moeten instemmen.

quote:

Kan Anonymous morgen het hele internet platleggen?

Kan de hackersgroep Anonymous het hele internet platleggen? Dat is de vraag die nu de gemoederen op IT-sites en social media bezighoudt onder de hashtag #OpGlobalBlackout. Het beruchte hackerscollectief heeft vorige maand aangekondigd op 31 maart, morgen dus, de DNS-servers te hacken die het belangrijkst zijn voor het wereldwijde web. Of gaat het hier om een publiciteitsstunt? Zo is het op 31 maart in de Verenigde Staten in de meeste landen tenslotte allang 1 april...

Anonymous stelt dat 'Operation Global Blackout' een protest is tegen de Stop Online Piracy Act (SOPA), tegen politieke leiders die daarvoor verantwoordelijk zijn en tegen de financiële mensen van Wall Street. Maar waarom doen ze zo'n aanval, die als doel heeft financiële instituten en beursgenoteerde bedrijven plat te leggen, op een zaterdag als er niet wordt gehandeld? En kunnen ze het eigenlijk wel voor elkaar krijgen?

De kracht van Anonymous
De groep Anonymous verrees in 2003 en staat bekend om zijn cyberaanvallen op hooggeplaatste websites, zoals die van de overheid en CIA, miljoenenbedrijven, credit card-aanbieders en banken. Zelfs het Vaticaan moest er deze maand aan geloven, toen de website van de katholieke kerk in Rome gehackt werd. Alle aanvallen zijn waarschuwingen, om de kracht van hackers te laten zien.

Volgens de videoboodschap van Anonymous, waarvan de authenticiteit niet kan worden nagegaan, zullen alle websites morgen een foutmelding geven. Zelfs als ze het voor elkaar krijgen, is de actie tijdelijk. De stem van Anonymous belooft dat gewone individuen niet gedupeerd worden: 'Vergeet niet dat het om een protestactie gaat en dat we niet de dood van internet willen'. Waarom zouden ze ook? De organisatie zelf bestaat uitsluitend op het internet.

Hoe het werkt
De website techzine.nl, die het nieuws over de black-out in februari bracht, denkt dat zo'n aanval best mogelijk is. De site schrijft: 'De capaciteit van het aantal DNS-rootservers is inmiddels al meerdere malen uitgebreid om ervoor te zorgen dat ze niet allemaal offline gehaald kunnen worden. Op dit moment zijn er dus 13, hoewel we mogen aannemen dat al deze knooppunten over een flinke capaciteit beschikken moet ook Anonymous niet onderschat worden.' De dertien DNS-rootservers zorgen dat domeinnamen worden omgezet naar IP-adressen en geven er de juiste extenties aan, zoals .net, .com, .org, .eu .nl, etcetera.

Als die hoofdservers niet werken, kan niemand de gevraagde website dus meer vinden, zelfs als die onder een lagere server hangt. Maar om de hoofdservers te demobiliseren, moet je honderdduizenden IP-verzoeken tegelijk op ze afschieten, door duizenden verschillende DNS-servers. Heeft Anonymous wel zo'n groot bereik? Bovendien zijn de hoofdservers, volgens de experts die ze hebben ontwikkeld, ingesteld op constante cyberaanvallen en maken ze gebruik van een omweg, waardoor ze nooit direct zelf het doelwit zijn.

Operatie 'Ontmasker'
Het kan ook nog zijn dat de mensen achter Operation Global Blackout inmiddels al achter de tralies zitten. Internationale opsporingsdienst Interpol kondigde eind vorige maand in een persbericht aan dat het in vier landen 25 individuen had opgepakt die ervan worden verdacht bij hackerscollectief Anonymous te horen. Operatie 'Ontmasker' ging halverwege februari van start met als doel een serie cyberaanvallen op doelen in Latijns Amerika en Europa een halt toe te brengen. En Anomymous heeft zijn #OpGlobalBlackout-dreigingen sindsdien niet herhaald...

quote:

White Supremacist Hacks Trayvon Martin’s Email Account, Leaks Messages Online

The racist smear campaign against Trayvon Martin, the unarmed black teen shot to death last month in Florida, has reached a new level of ghoulishness. A white supremacist hacker says he's broken into Martin's email and social networking accounts, and leaked his private Facebook messages. We've been able to confirm that at least one email account that belonged to Martin was cracked.

The hacker, who goes by the name Klanklannon, posted what he said were Martin's private Facebook messages to the politics section (NSFW) of the anarchic message board 4chan—called "/pol/"—Tuesday afternoon at around noon. The messages were posted on four slides, strategically arranged to back up the insane racist argument that Trayvon was a Scary Black Teenager and so somehow deserved to be killed by neighborhood watch captain George Zimmerman that night.

A slide titled "Trayvon Martin Used Marijuana Habitually," features an exchange between Trayvon and a friend about getting high. Another slide, "Trayvon Martin was a Drug Dealer" features Facebook messages and photos that supposedly prove Martin dealt drugs, including a picture of Martin posing "aggressively with a large amount of cash in his hand." It's impossible to verify the hacked messages' authenticity—like other anti-Trayvon Martin propaganda, they're probably a mix of real and fake content— but they are now being passed around as gospel among the racist underbelly of the internet, including message boards like the neo-Nazi hive Stormfront, which Klanklannon apparently frequents.

In addition to the Facebook messages, Klanklannon posted a list of usernames and passwords for Martin's social media and email accounts as proof of his exploits. All of the passwords had been changed to racist slurs. (Gmail: "niggerniggernigger" Twitter: "coontrayvonnigger")

"I realize that some of this information might be to (sic) extreme to believe," Klanklannon writes in a copy of the original 4chan thread we've obtained. "That's why I offer you evidence. Here are my sources."

The list included login details for Martin's Gmail, Yahoo, MySpace, and Twitter accounts. A source who came across the 4chan post when it was live was able to use the information to log onto Martin's Gmail account Tuesday night. Our source panicked upon seeing that trolls had started using the account to send emails under Martin's name, and deleted the account. (An email sent to Martin's Gmail address bounced back today; Martin's Twitter account has also been deactivated. His MySpace page is still up, showing that the last login was Tuesday.)

On 4chan, Klanklannon made clear their intention to smear Trayvon. Klanklannon introduces the post with, "Today /pol/, tomorrow CNN." One 4chan user told us Klanklannon had been attempting to break into Martin's accounts for days, posting periodic updates to the board.

"Where did all the liberals go?," Klanklannon taunted after posting his slides. "Did they run off because they can't handle the facts?"

But Klanklannon included none of Martin's emails in his leak, because the picture they paint is of a normal high school junior preparing for college. A screenshot of Trayvon's Gmail inbox our source provided us is heartbreaking. Martin apparently used his Gmail account for his college search, and it's filled with emails about upcoming SAT tests and scholarship applications. ("Trayvon, now is the best time to take the SATs!") One email included the results of a career aptitude test, our source said. It "talked about his interest in aeronautics and stuff."

Klanklannon has proven nothing more than the depths to which the racist amateur detectives who have spent days obsessing over every aspect of Trayvon Martin's short life will sink in their horrible quest to vet a dead teenager.

quote:

Russia's Interior Minister Pushes For Extreme Internet Censorship Measures

Russia’s Ministry of the Interior plans to set up special centers to assess hate-mongering and extremism in mass media, including online publications, YouTube, and Facebook pages, Interior Minister Rashid Nurgaliyev said on Friday, according to Ria Novosti.

Nurgaliyev wants to open a center in each Russian district. Two already operate in Moscow and St. Petersburg. "We are working on creating special interregional centers with expertise in electronic media, printed, audio and video features to check them for any indications of extremism," he told Gazeta. The monitoring will be done by bureaucrats who are part of the presidential administration.

The initiative is the latest in the government’s crackdown on extremism on the Internet. And while politicians and activists alike believe it needs to be dealt with, this measure seems to have touched a nerve with everyone. So much so that even those expected to implement it have washed their hands of it.

“I'm afraid it may create the total surveillance of the Russian segment of the internet," Pavel Chikov, a lawyer and head of Agora human rights watchdog, told Gazeta. He said the initiative would lead to political censorship and an increase of criminal cases against bloggers on "invented accusations connected to extremism," something Russia has been accused of before.

Duma members were also skeptical, saying it was unclear how plenipotentiaries, who are political institutions, were supposed to help fight extremism. The plenipotentiaries themselves seem surprised, too. "This idea is definitely not ours. This is important, but the Ministry of the Interior and the Federal Supervision Agency for Information Technologies and Communications already do this expertise," a Far Eastern representative said.

Read more: http://www.businessinside(...)2012-3#ixzz1qgRVQPiT

quote:

China blokkeert sites en sociale netwerken na coupgeruchten

Geruchten over een ophanden zijnde coup hebben in China geleid tot de sluiting van zestien websites en de blokkade van twee sociale medianetwerken. Ook zijn zes mensen gearresteerd en is een onbekend aantal mensen ondervraagd.

Op de websites en twee Twitter-achtige diensten doken volgens staatspersbureau Xinhua berichten op over militaire voertuigen die de hoofdstad zouden binnenrijden.'Er gaat iets mis in Peking', zo werd daarin geconcludeerd.

De actie, die vrijdagavond laat werd aangekondigd door verschillende staatsmedia, onderstreept de vrees van de autoriteiten voor de groeiende toegang tot internet van de Chinese bevolking en de gretigheid waarmee Chinezen, ondanks de censuur en mogelijke straffen, de politiek bespreken.

Reinigen
De twee sociale medianetwerken die getroffen zijn door de maatregelen hebben elk meer dan driehonderd miljoen gebruikers. Voor het 'reinigen' van de sites hebben de sites drie dagen uitgetrokken.

In China woedt momenteel een van de ergste politieke crises in jaren. De machthebbers zijn druk bezig om de nalatenschap van Bo Xilai uit te wissen, het politieke kopstuk dat eerder deze maand werd ontslagen als partijchef in de stad Chongqing.