STE WILLIAMS

Innocent websites were blocked and labelled phishers on Wednesday following an apparent conflict between OpenDNS and Google’s Content Delivery Network (CDN).

OpenDNS – a popular domain name lookup service* – sparked the outage by blocking access to googleapis.com, Google’s treasure trove of useful scripts and apps for web developers. According to reports, a flood of errors hit pages that used Google-hosted jQuery and hundreds of thousands of sites fell over.

Visitors to websites were confronted with a message saying: “Phishing site blocked. Phishing is a fraudulent attempt to get you to provide personal information under false pretenses.”

Other visitors were greeted with a 404 error, aka the dreaded ‘file not found’ message.

Web design and hosting specialist Brit-Net, whose operations director Mat Bennett captured the phishing error message here, told The Reg the outage lasted for nearly three hours.

As sites and service providers struggled to get back online they employed fallback scripts and re-routed traffic to Microsoft’s rival CDN. Brit-Net was among those updating its code to point to Microsoft.

The cause of the problem with OpenDNS seemed to be the googleapi.com security certificates, according to Bennett and this article advising on working around the problem.

The fact the issue popped up suddenly on Wednesday would suggest that engineers at Google had been fiddling with SSL certificates or made some other change that conflicted with OpenDNS. Google was not available for comment at the time of publication.

Bennett told The Reg that one consequence of the outage for his company is that it would institute a system that sets Google as the default but would switch to Microsoft’s CDN if Google’s system drops out in future to save having to manually tweak web apps. ®

Bootnote

* DNS, for the uninitiated, is the vital system that points browsers at the correct servers when given a human-readable address, such as facebook.com or theregister.co.uk. Although ISPs provide DNS services for their customers, punters can opt to use alternative providers, such as OpenDNS.

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/01/05/google_opendns_clash/

Anonymous hunts neo-Nazis with WikiLeaks-style site

Loads of alleged donors, right-wing players to send those pizzas to

By John Leyden • Get more from this author

Posted in Bootnotes, 4th January 2012 12:23 GMT

Free whitepaper – Low-latency switches power in high-frequency trading

Members of Anonymous have re-doubled their offensive against German neo-Nazis.

The hacktivists of Operation Blitzkrieg this week launched a WikiLeaks-style website that aims to expose members of the far-right National Democratic Party (NPD) and other extremist groups, Der Spiegel reports. Nazi-leaks.net (German) already features a list of alleged donors to the NPD. It also hosts what OpBlitzkrieg claims are internal emails, a list of contact details purported to belong to far-right newspaper subscribers, and customer data allegedly hacked from neo-Nazi online stores.

Some of the data, such as the internal emails, had been previously disclosed, but other information is new. The launch of the site this week represents the latest phase of OpBlitzkrieg, which launched early last year with a string of DDoS attacks.

A representative of the NPD told German newswire DPA that it was considering legal action against nazi-leaks.net. The publishers of right-wing weekly newspaper Junge Freiheit (Young Freedom) have already launched a legal suit against the site’s “anonymous operators”. ®

Free whitepaper – Low-latency switches power in high-frequency trading

• 21 commentsPost a comment

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/01/04/anon_op_blitzkrieg/

Popular text file sharing service Pastebin.com has returned online following a denial of service attack on Tuesday.

The site, which allows users to anonymously upload (potentially large) documents and share them, has become a favourite resource for hacktivists from Anonymous and elsewhere over recent months. Anonymous uses Pastebin to upload data dumps and to post announcements of planned operations. The site also serves at an internet clipboard for programmers and many other users.

However a quick perusal of the trending pastes on Pastebin suggests the majority of the most widely read posts relate to Anonymous, hacktivism or the Occupy movement.

Pastebin confirmed the attack on Tuesday, via its official Twitter account, but without providing any clues about possible suspects or motives.

“Slowly getting things back under control,” it said. “Sorry for the downtime slow loading site guys, we are doing our best to stop this attack.”

This tweet followed one hour after an earlier update confirming an attack. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/01/04/pastebin_ddos_recovery/

A Saudi Arabian hacking group claims it has leaked information on up to 400,000 Israelis, including names, addresses and credit card details.

The data dump follows a reported attack on Israeli websites and has already led to fraudulent use of the sensitive info. Credit card biz Isracard said it had issued 6,600 of the 14,000 cards revealed.

However Dov Kotler, chief exec of Isracard, a unit of Bank Hapoalim, said that much of the data is either “incorrect or invalid”, Reuters reports. Only an unspecified percentage of the credit card details released were were actually valid. Even so the lifted data trove has been used to make a number of unauthorised internet purchases.

Kotler said Isracard has blocked transactions on cards that have been exposed, adding that anybody who suffered any losses as a result of the breach will be reimbursed. In the meantime the firm has set up an app on its website so that customers can find out if they are affected, a development that by itself suggests that a substantial number of people have been hit.

Israeli paper Haaretz reports that Israeli credit card companies say leaked list is repetitive and only includes the details of 14,000 Israelis. Much of the data came from a hack on popular sports website One.co.il, it adds.

The data dump was carried out by a member of group-xp, the self-described “largest Wahhabi hacker group of Saudi Arabia”. In a statement accompanying the release, the group said it had already used the stolen credit cards to purchase computing resources, such as VPNs and renting cloud clusters. It released the data partly to put Israeli banks at the expense of issuing new credit cards and partly through a desire a make Israeli-issued credit cards more untrusted globally.

The statement links to a series of files that purport to offer details on 400,000 credit cards. One of these five files is marked “184 working fresh Israeli credit cards”, a tacit admission by the hackers that data in the other files is outdated and therefore high on useless. Other uploaded files claim to offer personal information on more than 22,000 Israeli business people – names, addresses, phone numbers, passwords and so on. Another file purports to offer information on 500 people who donated to “Israeli Zionist Rabbis”. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/01/04/israel_credit_card_hack_fallout/

Details of the US military’s wish-list for non-lethal devices have been published online and show some interesting new technologies, as well as some more familiar ones that are to be beefed up.

The non-lethal weapons (NLW) book was posted online by researchers at Public Intelligence, and covers both existing weapons currently in use by the US military such as tasers and pepper spray, with new tools that the Pentagon would like to add to their arsenal. Such weaponry is described in the materials as vital for conflict resolution without force, and for winning the “hearts and minds” of the local populace by not leaving chunks of their hearts and minds strewn everywhere.

“In past operations, the effective employment of NLW resolved escalation of force situations,” the document states. “Specifically, the NLW created the right ‘direct effect’ on the personnel/materiel targeted. The use of NLW has also generated positive ‘psychological effects’ on others in the area and helped to contribute to mission accomplishment.”

The Raytheon Active Denial System microwave gun, which heats up the skin of target without (it’s hoped) causing injury, should be upgraded to allow the beam to be used over much longer distances. Ideally the range needs to be such that the device isn’t in potshot distance from small arms fire, although the amount of power required to do this may be prohibitive. The military would also like the units to be smaller and multidirectional.

Also on the list is a Distributed Sound and Light Array (DSLA) which combines lasers, other lighting and acoustics to disable opponents. The system is designed to disorient people, but may cause retinal scarring and ear damage if used at close range.

Existing technologies are planned for upgrades, including a new form of flashbang grenade to be tested next year that will blind people for ten seconds and subject them to a bowel-watering 143 decibels, while remaining “environmentally safe”. A 40mm grenade-launched version of the munition is also in the cards, as is a grenade version of the standard taser that could increase the range of such devices to hundreds of feet.

Current shotgun-fired beanbag rounds are also to have their range improved and have dye markers attached so the recipient of the round can be identified later. Current laser blinding technology will also be beefed up – with a requested range of three kilometers – although the document does say that a pair of reflective goggles would put paid to this device.

Some of the more esoteric devices include the “Subsurface Non-Lethal Engagement-Impulse Swimmer Gun”, which generates a directional, underwater pulsed sound wave that can be used against frogmen trying to sabotage shipping. The device will induce disorientation and nausea in swimmers within a 150m range.

Those weapons still at the conceptual stage include a pulse generator designed to bring down individuals by firing nanosecond electrical pulses at them until they lose muscle control. A similar system is also planned for stopping cars by overloading electrical circuits, and the Pentagon envisages an aircraft-mounted microwave generator that could be used to fry the electronics of shipping, either on the high seas or for landing craft making an assault.

However, the El Reg prize for the most ambitious NLW on the drawing board is the Laser Based Flow Modification system. This will be used against enemy aircraft to get rid of them without killing anyone, by firing lasers at the leading edge of an aircraft’s wing. This will alter the amount of lift generated by the wing and allow the aircraft to be turned away – or at least that’s the theory. We suspect it’d still cause the plane to crash, but for chutzpah it takes some beating. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/01/04/military_non_lethal_weapons_revealed/

Fujitsu has been commissioned to develop ‘seek and destroy’ malware, reportedly designed to track and disable the sources of cyber-attacks.

The fledgling cyber-weapon is the result of a three-year $2.3 million project that also involved developing tools capable of monitoring and analysing the sources of hacking attacks, The Daily Yomiuri reports. Deploying the technology would involve clearing both practical and legislative hurdles.

Tracing the source of cyber-attacks is notoriously difficult, mainly because attackers routinely hide behind botnets and anonymous proxies to launch attacks, such as denial of service assaults. The malware reportedly developed by Fujitsu is designed to trace connections back to their controlling hosts before disabling them.

Getting this right is a far from trivial process and the potential for collateral damage, even before hackers develop countermeasures, appears to be considerable. Another problem is that, if the tool is ever released, it could fall into the hands of miscreants who might reverse-engineer it before adapting it for their own nefarious purposes.

The malware is reportedly been tested in a “closed network environment”. The tool reportedly has the greatest potential in tracking back the sources of DDoS attacks. Whether it’s any good at the much more difficult process of picking out stealthy industrial espionage-style information-stealing attempts remains unclear.

Japanese law currently prohibits offensive responses in retaliation to cyber-attacks, another potential problem but one that’s easier to resolve perhaps by updating current laws. The current prohibition has more to do with post-Second World War agreements that restrict Japanese military capabilities than local laws against the creation of computer viruses.

Japan is a prime target for cyber-attacks and suffered numerous assaults last year alone. Reported victims include Japan’s parliament and industrial giant Mitsubishi.

The Defense Ministry’s Technical Research and Development Institute is understood to have outsourced the development of the tool to Fujitsu. A Defense Ministry official played down talk of offensive applications for the software and told The Daily Yomiuri that it was designed for applications such as tracing the source of cyber-attacks against Japanese Self-Defense Force systems. However Prof Motohiro Tsuchiya of Keio University, a member of a government panel on information security policy, said Japan ought to accelerate cyber-weapons development.

Fujitsu declined to comment about the supposed cyber-weapon, citing client confidentiality. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/01/03/japan_cyber_weapon_research/

The website of global intelligence-analysing firm Stratfor remains offline – a week after hacktivists broke into its poorly secured systems and extracted passwords and credit card details.

Members of Anonymous claimed to have broken into the website and slurped 200GB of sensitive information on Christmas Eve. The hackers claim to have made off with tens of thousands of credit card numbers, emails and other details relating to Stratfor’s clients, including login credentials.

Hacktivists boasted that they planned to use the purloined credit card data to make donations to various charities, though whether or not this happened remains unclear.

Samples from the 200GB of lifted data have been leaked online. Subsequent analysis of the login credentials reveals that many were easily guessable passwords and therefore vulnerable to brute-force attacks.

Stratfor has pulled its website in the aftermath of the attack, which has been reported to the police. In place of the usual content the website has been replaced with a holding statement apologising for the cock-up:

As you may know, an unauthorized party illegally obtained and disclosed personally identifiable information and related credit card data of some of our subscribers.

We are currently investigating this unfortunate event and are working diligently to prevent it from ever happening again. As a result, we have delayed restoring our website until we can perform a thorough security review. Stay tuned for our relaunch.

In the meantime, our main concern is the impact on our customers. As a result, we have provided paid subscribers with identity protection coverage from CSID, a leading provider of global identity protection, at our expense for 12 months.

Security firms slammed Stratfor for making schoolboy errors, such as not encrypting its password database.

Commenting on the hack, Check Point’s UK managing director Terry Greer-King said: “It’s not clear exactly how the hackers gained access to the servers, but once they’d breached the perimeter, sensitive business and personal data was unprotected. This made it easy to access and use for illicit purposes.

“It’s another clear lesson that this type of information needs to be encrypted, no matter how strong the organisation believes its perimeter security measures are. Encryption protects critical data against both accidental disclosure and hacking attempts.”

Stratfor clients include the US military as well as banks and other corporations. Reuters reports that hackers have threatened to upload copied mail spools.

This has yet to happen. The exact motives of the attack are unclear, but the fact that Stratfor provides intelligence services for law enforcement, among others, made them target for anti-sec hacktivists, who delight in exposing the security failings of White Hat infosec firms and consultancies. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/01/03/stratfor_mega_hack/

Telstra, which hasn’t yet gotten over the privacy breach that required 60,000 password resets in December, has suffered another embarrassment involving customer data.

This time, according to Musicfeeds.com.au, the breach involves customer data being posted to a cloud-based spreadsheet service. The site says the data was apparently put on the Editgrid.com site by a consultant in training (apparently and stupidly using live data).

Telstra has said the data was deleted within an hour of the telco becoming aware of the breach, and access to Editgrid.com has been disabled for all staff.

The Sydney Morning Herald today says customers are complaining that they have yet to hear from the Telco, which is already being investigated by the Federal Privacy Commissioner over the earlier breach.

The new data breach includes customers’ contact details and dates of birth, but according to Telstra, no credit information or passwords.

Editgrid appears to be a feast of private information. While the Telstra spreadsheet has been removed, Google has crawled a large number of spreadsheets containing full names, telephone numbers, physical addresses, e-mail details and business information for a host of individuals who probably aren’t aware that their information is published on the site.

Editgrid has been contacted for comment. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/01/01/telstra_data_on_stupid_insecure_cloud_spreadsheet/

Part Two As mobile sales and connections continued to soar and break records, just how much your phone knows about you and who can see that information were big subjects in 2011.

The long-smouldering issue in the UK of newspaper journos paying private investigators to break into mobile voicemail inboxes in search of scoops finally exploded.

The idea of PIs working for News International hacking into voicemails of people in the public eye had already been investigated. In 2011, however, it was the story that the News of the World had hacked into the voicemail of a murdered schoolgirl, Milly Dowler, that caused a storm. Other claims followed: that the voicemails of relatives of deceased British soldiers, and victims of the 7/7 London bomb attacks, had also been heard. Suddenly it was no longer the rich and famous who were victims. Now it was ordinary people.

The Murdochs appeared before a Parliamentary committee

PM David Cameron launched an inquiry headed by Lord Justice Leveson into phone hacking and the subject of police bribery by the media – a televised affair that has seen and heard from alleged hacking victims who came forward to tell their stories. Cameron’s director of communications Andy Coulson, who had also served as a NotW editor, was also forced to resign and was arrested. He’s now suing NotW‘s publisher, News International.

With advertisers abandoning the aforementioned Sunday tabloid and the political climate turning hostile, News International chief Rupert Murdoch switched to damage-limitation mode. He closed the NotW on 10 July after 168 years, and after standing by former NotW editor Rebekah Brooks, Murdoch he later accepted her resignation as NI chief executive. It wasn’t enough.

Rupert and son James, head of his dad’s UK business and therefore in charge of the NotW, were summoned before a Parliamentary committee on media affairs to give evidence on the hacking claims. There, both men denied they had any knowledge of the practice of phone hacking inside NotW, a remarkable claim given James had signed off hundreds of thousands of pounds in settlements related to hacking and given Rupert’s famously fastidious involvement in the paper’s running. When a News International lawyer challenged James‘ account, Murdoch junior was called back to Parliament for a heated showdown with committee members, but he stood by his claims of knowing nothing.

The fallout hit Rupert’s business plans, too, as he binned his plot to buy the remainder of satellite broadcaster BSkyB.

The relationship of Murdoch and News International to power was also laid bare: a former senior investigator for the independent Information Commissioner – who’d followed up on possible breaches of the Data Protection Act and who came across 17,000 requests for confidential information from journalists in notebooks owned by a private investigator – told Leveson he was told to lay off because the press was “too big” to take on.

Ironically, Scotland Yard officers later reported, in December, that the voicemails deleted on Dowler’s phone – the catalyst for the entire firestorm – were found to have been deleted not by intrusive NotW journos, but by the voicemail system

Ironically, Scotland Yard officers later reported, in December, that the voicemails deleted on Dowler’s phone – the catalyst for the entire firestorm – were found to have been deleted not by intrusive NotW journos, but by the voicemail system itself, which automatically canned messages after a period of 72 hours.

Voicemails weren’t the only weak point on smartphone privacy; the subject of your phone spying on you also became a hot topic.

An Android app developer published what he said was conclusive proof that 141 million smartphones were secretly monitoring the key presses, geographic locations, and received messages of users with a piece of software from Silicon Valley company Carrier IQ.

Next page: Who’s that inside my phone?

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/01/01/reg_review_of_2011_part_two/

The mother of a 10-year-old boy in Coventry has been expressing her shock after a demonstration model of Apple’s iPhone 4S swore at her son.

Kim Le Quesne told the Coventry Telegraph that her son Charlie was out shopping with his father in a local branch of Tesco, saw the handset in a display and asked the Siri personal assistant software how many people there were in the world. The phone replied by telling the lad that it wasn’t sure what he was saying, and telling him to “Shut the f*** up, you ugly t***.”

“It’s verbal abuse,” Mrs Le Quesne said. “We can’t believe the filth it came out with. He showed my husband what the phone had said to him and my husband found the store manager and said ‘it shouldn’t be saying that’.”

Tesco promised the device would be sent off to Apple for diagnostics, but it seems likely that some merry prankster had changed the username on the device to the offending seven words, so that the phone would default to the phrase no matter what the question. Apple is unavailable for comment over the holiday period.

Mrs Le Quesne told the paper her son went back to the store the next day and saw the same phone was still on the display case. The paper doesn’t note if the poor lad felt abused, or instead tried it again and dissolved into fits of giggles. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/12/30/apple_siri_swearing_tesco/