NSA Developing System To Crack Encryption

The U.S. National Security Agency is working to develop a computer that could ultimately break most encryption programs, whether they are used to protect other nations’ spying programs or consumers’ bank accounts, according to a report by the Washington Post.

The report, which the newspaper said was based on documents leaked by former NSA contractor Edward Snowden, comes amid continuing controversy over the spy agency’s program to collect the phone records Internet communications of private citizens.

In its report, The Washington Post said that the NSA is trying to develop a so-called “quantum computer” that could be used to break encryption codes used to cloak sensitive information.

Such a computer, which would be able to perform several calculations at once instead of in a single stream, could take years to develop, the newspaper said. In addition to being able to break through the cloaks meant to protect private data, such a computer would have implications for such fields as medicine, the newspaper reported.

The research is part of a $79.7 million research program called “Penetrating Hard Targets,” the newspaper said. Other, non-governmental researchers are also trying to develop quantum computers, and it is not clear whether the NSA program lags the private efforts or is ahead of them.

Snowden, living in Russia with temporary asylum, last year leaked documents he collected while working for the NSA. The United States has charged him with espionage, and more charges could follow.

His disclosures have sparked a debate over how much leeway to give the U.S. government in gathering information to protect Americans from terrorism, and have prompted numerous lawsuits.

Last week, a federal judge ruled that the NSA’s collection of phone call records is lawful, while another judge earlier in December questioned the program’s constitutionality. The issue is now more likely to move before the U.S. Supreme Court.

On Thursday, the editorial board of the New York Times said that the U.S. government should grant Snowden clemency or a plea bargain, given the public value of revelations over the National Security Agency’s vast spying programs.

Source

Will Google’s Project Shield Work?

Google has opened Project Shield, its service for small websites that don’t have the forces to repel denial of service attacks that might come their way.

Google introduced the service on Google+, saying that it is aimed at websites that might otherwise be at risk of online disruption.

“Project Shield, [is] an initiative that enables people to use Google’s technology to better protect websites that might otherwise have been taken offline by “distributed denial of service” (DDoS) attacks. We’re currently inviting webmasters serving independent news, human rights, and elections-related content to apply to join our next round of trusted testers,” it said.

“Over the last year, Project Shield has been successfully used by a number of trusted testers, including Balatarin, a Persian-language social and political blog, and Aymta , a website providing early-warning of scud missiles to people in Syria. Project Shield was also used to protect the election monitoring service in Kenya, which was the first time their site stayed up throughout an election cycle.”

Interested websites should visit the Google Project Shield page and request an invitation to the experience. They should not try to do the same at Nvidia’s website, as they will probably just come away with a handheld games console. This will not offer much assistance against DDoS attacks.

According to a video shared by Google last night, Project Shield works by combining the firm’s DDoS mitigation technologies and Page Speed Service (PSS).

Source

Is Skype Involved In Spying?

Luxembourg’s data protection authority is investigating Microsoft-owned Skype for its alleged cooperation with the U.S. NSA’s Prism spying program, according to the agency.

Luxembourg’s data protection authority, CNPD, is investigating Skype’s links to NSA spying programs after receiving several complaints, said Tom Kayser, a spokesman for the authority. “I can’t really talk about the details of the investigation because it is still ongoing,” he said.

Skype, which has its European headquarters in Luxembourg, allegedly cooperates with the NSA through a program exploring the legal and technical issues involved in making customer calls available to intelligence and law enforcement agencies. The Guardian newspaper first reported the investigation.

The CNPD has powers to ensure that multinational companies based in Luxembourg respect national law, and often receives complaints from the data protection authorities of other European Union member states.

Privacy campaign group Europe-v-Facebook filed one of the complaints in June. That filing was part of a barrage of complaints filed in various countries against European subsidiaries of tech companies that are allegedly involved in the NSA’s spying program, including Facebook, Apple, Microsoft and Yahoo.

Under Luxembourg data protection law service providers and operators are required to ensure the confidentiality of communications and related traffic data.

“No person other than the user concerned may listen to, tap or store communications or the traffic data relating thereto, or engage in any other kinds of interception or surveillance thereof, without the consent of the user concerned,” reads the law’s unofficial English translation.

Violators can face up to a year in prison and/or a fine up to a!125,000 ($170,000). The court dealing with the matter can also order companies like Skype to stop any processing that conflicts with the law on pain of a periodic monetary penalty determined by the court.

“We regularly engage in a dialogue with data protection authorities around the world and are always happy to answer their questions,” a Microsoft spokeswoman said in an email. “It has been previously widely reported that the Luxembourg DPA was one of the DPA’s that received complaints from the ‘Europe v Facebook’ group so we’re happy to answer any questions they may have.”

Source

Can Blackberry Be Sold?

Struggling smartphone maker BlackBerry is reviewing several options that could include joint ventures, partnerships or an outright sale, as the company’s leading shareholder steps down from its board in a possible prelude to taking a different role.

BlackBerry, which pioneered on-your-hip email with its first smartphones and email pagers, said on Monday it had set up a committee to review its options, sparking debate over whether Canada’s one-time crown jewel is more valuable as a whole or snapped up piece by piece by competitors or private investors.

The company said Prem Watsa, whose Fairfax Financial Holdings Ltd is BlackBerry’s biggest shareholder, was leaving the board to avoid a possible conflict of interest as BlackBerry determines its next steps.

The resignation of Watsa, often described as Canada’s version of Warren Buffett, suggests Fairfax may be part of a solution.

BlackBerry, once a stock market darling, has bled market share to the likes of Apple Inc and phones using Google Inc’s Android operating system, and its new BlackBerry 10 smartphones have failed to gain traction with consumers.

Blackberry shares rose 7.5 percent to $10.80 in New York and C$10.84 in Toronto in afternoon trading. But the shares remain well below the levels seen in June, before the company reported dismal results that included poor sales of the BlackBerry 10 phones it viewed as key to a successful turnaround.

The share price peaked at about C$150 in June 2008.

A clean balance sheet makes the smartphone seller an enticing takeover candidate. Like Dell Inc, it is a tech icon in need of a turnaround. But BlackBerry’s cash flow is worse, meaning leverage would be extra risky.

The company’s assets include a well-regarded services business that powers BlackBerry’s security-focused messaging system, worth $3 billion to $4.5 billion; a collection of patents that could be worth $2 billion to $3 billion; and $3.1 billion in cash and investments, according to analysts.

But the smartphones that bear its name have little or no value, and it may cost $2 billion to shutter that unit, the analysts said.

Analysts expressed skepticism about the new committee, noting that BlackBerry announced similar steps more than a year ago when it hired JPMorgan and RBC as financial advisers. A source said both are still involved in the strategic review.

Source

Are Russian Hackers Exploiting Android?

Russian mobile malware factories are working with thousands of affiliates to exploit Android users, a security company has claimed.

According to Lookout Mobile Security the system is so efficient that almost a third of all mobile malware is made by just 10 organisations operating out of Russia. These “malware HQs” are pumping out nasty toll fraud apps, largely aimed at Android users, which force the user to call premium rate numbers the report said.

Thousands of affiliate marketers are also profiting from the scheme and helping spread the malware by setting up websites designed to trick users into downloading seemingly legitimate apps. Affiliates can make up to $12,000 a month and are heavy users of Twitter.

The report’s release at the DEF CON 21 conference in Las Vegas indicated that Lookout Mobile Security are working with the spooks to bring the crooks down. The malware HQs had gone to great lengths to obfuscate and encrypt their code to make detection tricky, but their advertising was pretty brazen.

Source

Ericcson Transfers Patents

Ericsson has agreed to transfer 1,922 patents and 263 patent applications to Unwired Planet in exchange for a share in ongoing revenue that they will generate.

The transfer includes 753 U.S. patents related to 2G, 3G and LTE technologies, Unwired Planet said Thursday. Four months ago, the company owned just 200 U.S. and foreign patents, and around 75 pending patent applications.

“Our patent portfolio now extends to all layers of the telecom handset and infrastructure stack,” said Unwired Planet’s CEO Mike Mulica during a conference call. The patents cover application stores, location-based services, mobile search and mobile advertising as well as network protocols, antennas and many more topics, Mulica said.

The portfolio will continue to grow, as Ericsson has also committed to transfer a further 100 patents each year from 2014 through 2018.

Mulica said the company wants everyone who uses the patented technologies to pay a license fee. “We will use litigation when necessary,” he said.

Source…

Kaspersky Finds New Malware

Kaspersky Lab has discovered three Flame spyware related malware threats that it said use “sophisticated encryption methods”.

Kaspersky claims that it uncovered the three new hostile programs while analysing a number of Command and Control (C&C) servers used by Flame’s creators.

“Sophisticated encryption methods were utilised so that no one, but the attackers, could obtain the data uploaded from infected machines,” the firm’s statement read.

“The analysis of the scripts used to handle data transmissions to the victims revealed four communication protocols, and only one of them was compatible with Flame.

“It means that at least three other types of malware used these Command and Control servers. There is enough evidence to prove that at least one Flame-related malware is operating in the wild.”

The discovery of the three programs indicates that Flame’s Command and Control platform was being developed in 2006, four years earlier than first thought.

Flame was originally uncovered in May targeting Iranian computer systems. The malware drew widespread concerns within the security industry regarding its advanced espionage capabilities.

The full scale of Flame and its overarching implications remain unknown, despite the ongoing joint research campaign being mounted by Kaspersky, IMPACT, CERT-Bund/BSI and Symantec.

“It was problematic for us to estimate the amount of data stolen by Flame, even after the analysis of its Command and Control servers,” said Kaspersky’s chief security expert, Alexander Gostev.

Following the discovery of the three new related programs, Kaspersky’s chief malware expert Vitaly Kamluk told The INQUIRER that Flame is not the only one in this big family.

“There are others and they aren’t just other known malwares such as Stuxnet, Gauss or Duqu,” he said. “They stay in the shadows and no one has published anything about them yet. Others were probably used for different campaigns.”

Kamluk added that it is “very possible” there are more than the three listed in Kaspersky’s report.

“They started building RedProtocol, yet another ‘language’ for unknown malware. No known client types are using that one, which means that there is even more malware out there,” he added.

Source…

Ford Dealers Get iPad App

Ford dealers now have an iPad app they can access to quickly check available inventory and offer product information to help out customers in their showrooms.

Also included in the Showcase app is video content on car features that sales personnel can show to customers on an iPad as they shop at a dealership.

Michelle Moody, cross vehicle marketing manager for Ford, said the company started considering the app in early 2011 to improve the car-buying experience.

The app builds on the Ford.com website, which allows for configuring and comparing vehicles. Sales personnel can use the iPad app to determine what features a customer wants and then immediately check inventory to find a vehicle in stock that most closely matches those needs, Ford said in a statement.

Videos on the app can explain a variety of features such as Sync and active parking assistance, along with other features such as a lane-keeping system that Ford said might not be easy to showcase during a test drive.

Source…

Huawei Investigating Security Flaws

Huawei Technologies said on Thursday it was investigating claims that its routers contained critical vulnerabilities, after security researchers disclosed alleged problems last.

“We are aware of the media reports on security vulnerabilities in some small Huawei routers and are verifying these claims,” Huawei said in an email. The company added it uses “rigorous security strategies and policies” to protect the networks of its customers, while following industry standards and best practices concerning security.

“Huawei has established a robust response system to address product security gaps and vulnerabilities,” the company said. The company is also calling on industry to promptly report all product security risks so that the problems can be addressed and fixed, it said in its email.

The alleged security vulnerabilities were disclosed at the Defcon hackers conference this past Sunday by two security researchers. The vulnerabilities were found in the firmware of Huawei AR18 and AR29 series routers, which once exploited through the flaws, could be taken over via the Internet.

One of the researchers, Felix Lindner the head of security firm Recurity Labs, described the security of the Huawei devices he analyzed as “the worst ever”, and said there were bound to be more security flaws with the products.

Source…

Is GM Reconsidering Facebook

General Motors Co and Facebook Inc are in talks about the return of the U.S. automaker as a paid advertiser almost two months after GM said it would stop running ads on the social networking website, sources close to the situation said on Tuesday.

Although the two companies remain far from reaching an agreement, Facebook executives have actively courted the world’s largest carmaker. One source said Facebook was not pushing for GM’s immediate return, but offered to provide data showing the effectiveness of the website’s paid ads.

Facebook Chief Operating Officer Sheryl Sandberg sent GM Chief Executive Dan Akerson an e-mail urging the company to reconsider its decision shortly after the third-largest U.S. advertiser pulled its ads in May, a move that undermined confidence in Facebook on the eve of its highly-anticipated initial public offering, according to sources who were not permitted to speak publicly because the talks are ongoing.

Source…

« Previous Page — Next Page »