STE WILLIAMS

Mexico’s defeated leftist presidential candidate has claimed his country’s election was “fraudulent”, a claim supported by the local chapter of Anonymous.

Enrique Peña Nieto, of the Institutional Revolutionary Party (PRI), declared victory late on Sunday after official results showed he landed 38 per cent of the vote. Andres Manuel Lopez Obrador, of the left-leaning Party of the Democratic Revolution (PRD), got 31 per cent while Josefina Vazquez Mota, of the conservative National Action Party, got 25 per cent.

Ahead of the election, hacktivist group Anonymous claimed to have identified a number of irregularities in the election process that would favour Peña Nieto. Mexican Anons claimed they broke into the Mexican Federal Electoral Institute (IFE) website and uncovered evidence that the election’s organisers pre-issued a number of ballots in favour of the PRI. The action was a continuation of previous operations in support of Mexico’s YoSoy132 student protest movement.

Analysis of the data Anonymous found on the IFE’s servers can be found in this blog post.

Lopez Obrador condemned Sunday’s vote as “filthy” during a press conference in Mexico City. “We cannot accept a fraudulent result, nobody can accept that,” he said, AFP reports.

The PRI bought votes and broke campaign spending limits as well as enjoying the advantage of biased media coverage, Obrador also alleged. The former mayor of Mexico City lost the 2006 presidential poll by just one per cent and subsequently organised protests that blockaded the Mexican capital’s main commercial boulevard for months. It is unclear whether or not similar, but ultimately futile, protests may occur this time around.

Unconfirmed reports in the Mexican news suggest some citizens were offered pre-paid grocery vouchers as bribes in exchange for voting cards, but it’s unclear how widespread this practice may have been.

About 80 million Mexicans were eligible to vote in the weekend’s elections to choose members of Congress and local politicians as well as a new president. If upheld, the presidential election results would see the PRI return to power, a party that governed Mexico for 71 consecutive years before losing the presidential election in 2000. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/04/mexico_election_vote_rigging_anon/

Computer scientists have identified a weakness in the Android mobile operating system that allows users to be tricked into silently installing hidden malware.

A research team led by Xuxian Jiang at North Carolina State University discovered that they could redirect a fandroid’s touchscreen taps – a technique known as clickjacking – to inject a rootkit that can evade detection and maliciously alter the operation of the device.

Xuxian was able to develop a “proof-of-concept prototype rootkit that attacks the Android framework, rather than the underlying operating system kernel”. The vulnerability was uncovered during a more general study into the security measures, or lack of, in various smartphone platforms.

The rootkit, which could be bundled with an app and is said to be undetectable by anti-virus packages, would allow an attacker to replace a smartphone’s browser with a version that logs key strokes to capture bank card data and uploads them to a hacker-controlled website. The malign technology can hide or replace any or all of the apps on a smartphone, as illustrated in this video:

The clickjacking vulnerability is present in Android 4.0.4 (Ice Cream Sandwich) and earlier versions of the smartphone OS. The mechanism – described as a “user interface readdresing attack” – means the malware can be installed by a user thinking he or she is agreeing to some other action and without a reboot. No privilege escalation is needed, nor any nobbling of the operating system’s core kernel.

“This would be a more sophisticated type of attack than we’ve seen before, specifically tailored to smartphone platforms,” Xuxian explained in a NCSU blog post about the work. “The rootkit was not that difficult to develop, and no existing mobile security software is able to detect it.”

“Now that we’ve identified the problem, we can begin working on ways to protect against attacks like these,” he added. Xuxian is founder of the Android Malware Genome Project, a collaborative research effort into existing Android malware, launched in late May. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/04/poc_android_clickjacking_rootkit/

A top US defence contractor has been fined $75m (£47.8m) for flogging software to China that was a vital component in the country’s first attack helicopter.

United Technologies and its two subsidiaries Pratt Whitney Canada (PWC) and Hamilton Sundstrand ‘fessed up to more than 500 violations of export restrictions in a federal court at the tail end of last week.

The headline grabber, however, involves the engine control software without which China could not have completed development of its Z-10 attack chopper – a battlefield-ready beast capable of carrying 30mm cannons, anti-tank guided missiles, air-to-air missiles and unguided rockets.

According to US Immigration and Customs Enforcement (ICE), which carried out the investigation, PWC turned a blind eye to the potential military use of the software in hope of securing a lucrative contract for civilian choppers from China – a $2bn deal that never appeared.

PWC had previously sold the Asian nation ten commercial development engines that did not require export licenses. However, the biz then wilfully followed that up with electronic engine control software made by Hamilton Sundstrand and modified it for use in a military helicopter, ICE said.

The export of “defence articles and associated technical data” has been banned by the US since the 1989 Tiananmen Square massacre.

The companies did themselves no favours by failing to disclose the illegal exports for several years and then making numerous false statements to the US State Department.

“PWC exported controlled US technology to China, knowing it would be used in the development of a military attack helicopter in violation of the US arms embargo with China,” said US Attorney David Fein.

“PWC took what it described internally as a ‘calculated risk’, because it wanted to become the exclusive supplier for a civil helicopter market in China with projected revenues of up to $2 billion. Several years after the violations were known, UTC, HSC and PWC disclosed the violations to the government and made false statements in doing so.”

A chaste United Technologies CEO and chairman Louis Chênevert issued the following canned statement:

Export controls are an integral part of safeguarding US national security and foreign policy interests. As a supplier of controlled products and technologies to the Department of Defense and other domestic and international customers, we are committed to conducting business in full compliance with all export laws and regulations. We accept responsibility for these past violations and we deeply regret they occurred.

The fine, $20m of which can be used by United towards a compliance programme, is unlikely to financially affect a firm with revenues exceeding $50bn, but the case will be a huge embarrassment to the US.

Politicians and military officials had been increasingly vocal in their criticism of China’s state-sponsored cyber espionage activities – much of which is directed at stealing military intelligence – when another national security threat, the private sector simply selling restricted technology, was in fact much closer to home.

China’s inexorable rise will soon see it take America’s crown as preeminent global superpower and in the end it is this new economic reality, and incidents like this which it gives rise to, which could yet prove the biggest threat to US hegemony.

Happy Fourth of July. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/04/us_defence_firm_sells_miltary_tech_china/

Analysis There’s suddenly a lot of panic about GPS satellite navigation spoofing, and BAE Systems among others would like to sell the military some tech to resist it. But in fact, most modern smartphones already have strong countermeasures against this sort of thing.

UK-headquartered but largely US-based BAE’s latest grab for government pork is a GPS companion which uses other transmissions, such as TV and cellular sites, to confirm a location fix, just as Google started doing in 2007, and others had been doing well before that.

Realistically a greater menace to GPS users than spoofing would appear to be the British Ministry of Defence itself. InsideGNSS reports that various suppliers of GPS receivers and satellites have had letters from Ploughshare Innovations – the MoD’s RD commercialisation arm – asking for patent fees. The claims stem from a patent taken out by Ploughshare on technology jointly developed by the US and European Union to ensure that users could make use of both the new GPS third-generation satellites and the upcoming European Galileo system. Doubtless the UK Defence Science and Technology Laboratories were involved, but their claim on a slice of GPS revenue as a result is far less clear.

That dispute is going to get bigger, potentially much bigger, but in the meantime BAE Systems reckons users should be looking to add a check on GPS data with ambient radio signals anyway.

Google for its part started using the locations of cellular towers in 2007, to speed up the time-to-fix of GPS systems and provide location data to those without GPS hardware. Google had to manually compile the initial list of cell sites, though the chocolate factory noadays sucks in constant updates automatically (from the phone of anyone using radio location in Google Maps) and has since added Wi-Fi hotspot data to the database – so providing very fast fixes to within a couple of metres without recourse to slow, power-hungry GPS.

Which is just what BAE’s NAVSOP (Navigation via Signals of Opportunity) does. NAVSOP claims to add TV transmitters to the mix, something Google would no-doubt bother with if more phones could receive TV signals.

“The potential applications of this technology are already generating huge excitement in both civilian and military circles,” says BAE’s Dr Faraghe – presumably those circles where Bing is the search engine of choice, as a stock Android handset is already doing nearly everything NAVSOP claims to be capable of – making itself largely immune to the GPS jamming (or more insidious spoofing) which so worries BAE.

Jamming and spoofing equipment is certainly readily available, and GPS signals are very weak (hence easily blotted out by noise or spoof signals). But people forget that military GPS signals are encrypted, meaning that they can’t be spoofed, only jammed. And a military GPS receiver, certainly in something important like a cruise missile or a smartbomb or a drone is only used as a check on inertial navigation anyway, so that a jammer would have to follow the bird along for a long time to have any effect (it would probably need to follow it from above, too, as the antenna is designed to look up at the sky).

Civil GPS signals aren’t encrypted, but in the civilian world you can introduce signals of opportunity as a check on location with ease, as your Android (or your iPhone) already does. Smartphones are acquiring some of the other military inertial checks, too: many phones now have magnetometers and accelerometers able to provide a basic dead-reckoning check.

Much is being made of the University of Texas team who did manage to recently spoof a drone owned by the US Department of Homeland Security, but as Aviation Week points out that drone was a commercially-available mini quadrotor totally reliant on civil GPS.

GPS has been assailed before: in the UK we’ve seen the LORAN crowd arguing that the availability of GPS jammers demands that alternative technologies be maintained and expanded (specifically LORAN obviously), but the cost of such alternatives is significant and it’s hard to see what they really bring to the party.

Using ambient radio signals to confirm a location isn’t “a real game changer” as BAE systems would have us believe, then, but it is quite a good idea: which is why Google, Apple and other rather faster-moving technology firms started doing it long ago. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/04/bae_gps/

Chinese and Hong Kong cops are hailing another success in their cross-border cyber policing efforts with the scalp of a high profile DDoS blackmail gang which targeted gold, silver and securities traders in the former British colony.

Six cyber hoodlums were arrested on the mainland in Hunan, Hubei, Shanghai and other locations at the end of June, according to a report in local Hong Kong rag The Standard.

Some 16 Hong Kong-based firms including the Chinese Gold Silver Exchange were targeted in the scheme designed to blackmail them to the tune of 460,000 yuan (£46,200).

The gang apparently threatened to cripple their victims’ web operations with distributed denial of service (DDoS) attacks if they didn’t cough up.

Four of the targeted firms transferred funds totalling 290,000 yuan (£29,150) into designated bank accounts in mainland China, the report said.

A source also told The Standard that some of the victims may have been involved in some shady dealings themselves, which made them more reluctant to seek police help.

Roy Ko, centre manager of the Hong Kong Computer Emergency Response Team (HKCERT) told The Reg that the arrests are an indication of improving cross-border cyber policing efforts.

“Working with counterparts cross border is always a challenge because of different practices, languages, different time zones and so on. Usually, HK and the mainland maintain a good working relationship, just like the HKCERT and CNCERT,” he said.

“Because we are in the same time zone, the response is usually quicker than working with the US, for example, where we have to wait until the next day to get a response.”

Ko also warned that the attacks show this form of cyber threat is still a popular one for avaricious criminal gangs.

“Firms have to assess whether they are a probable target of such an attack – ie whether they rely heavily on the internet to do business – and then prepare countermeasures,” he added.

“Subscribing to an anti-DDoS service may be part of the protection strategy in addition to anti-malware, firewall, etc.”

Hong Kong businesses have been warned before that they’re fair game to hackers from neighbouring China.

Experts told El Reg last month that multinationals in the Special Administrative Region of China cannot afford to be complacent when it comes to cyber security. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/04/hong_kong_china_bust_ddos_gang_blackmail/

The CEO of Full Tilt Poker has handed himself in to American authorities to face charges of running a Ponzi scheme against its users.

Raymond Bitar was arrested by the FBI at JFK Airport, in New York over allegations that his website, at one time the second biggest online poker company in the world, defrauded players by taking money that was reserved for payments and distributing it to directors of the company.

“Bitar and Full Tilt Poker persisted in soliciting US gamblers long after such conduct was outlawed. As alleged, Bitar has already been charged with defrauding banks to conceal the illegal gambling,” said FBI assistant director-in-charge Janice K. Fedarcyk in a statement.

“Now he stands accused of defrauding Full Tilt’s customers by concealing its cash-poor condition and paying off early creditors with deposits from later customers. The on-line casino become an Internet Ponzi scheme.”

According to the FBI, the company told players that their money was held in ringfenced accounts, but Bitar and the other directors siphoned off $430m for their own use, leaving US users short of $344m in lost gaming funds.

Full Tilt only had around $145m in its bank accounts and was using funds from new players to pay off existing debts, the FBI says.

“I know that a lot of people are very angry at me. I understand why,” Bitar said in a statement emailed to El Reg. “Full Tilt should never have gotten into a position where it could not repay player funds. For the last 15 months, I have worked hard on possible solutions to get the players repaid. Returning today is part of that process.” ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/04/full-tilt-poker-boss-arrest/

The US government demands more data from Twitter than any other nation, the micro-blogging website has revealed.

The company said it was “inspired” to reveal the stats, after its “peers” at Google started publishing so-called transparency reports in 2010 on what and how much data is demanded from countries across the globe.

Twitter said it had a “long-standing policy to proactively notify users of requests for their account information unless we’re prohibited by law; another example is transmitting DMCA takedown notices and requests to withhold content to Chilling Effects.”

The privately-held Web2.0 outfit added: “These policies help inform people, increase awareness and hold all involved parties – including ourselves – more accountable; the release of our first Transparency Report aims to further these ambitions.”

Of 849 requests submitted to Twitter from the start of 2012, the US government demanded access to user data 679 times of which 75 per cent were successful. Japanese authorities followed up with 98 such requests, while UK.gov asked for data on 11 separate occasions.

The same report also revealed that a total of 3,378 copyright takedown notices were demanded of Twitter in the first half of this year.

Material was removed in only 38 per cent of those cases, with around 6,000 Twitter accounts affected, more than 5,000 tweets removed and 599 instances where the media was deleted by the micro-blogging site.

Authorities from around the world requested more information from Twitter in the first six months of 2012 then it did for the full year of 2011. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/03/twitter_transparency_report/

The US government demands more data from Twitter than any other nation, the micro-blogging website has revealed.

The company said it was “inspired” to reveal the stats, after its “peers” at Google started publishing so-called transparency reports in 2010 on what and how much data is demanded from countries across the globe.

Twitter said it had a “long-standing policy to proactively notify users of requests for their account information unless we’re prohibited by law; another example is transmitting DMCA takedown notices and requests to withhold content to Chilling Effects.”

The privately-held Web2.0 outfit added: “These policies help inform people, increase awareness and hold all involved parties – including ourselves – more accountable; the release of our first Transparency Report aims to further these ambitions.”

Of 849 requests submitted to Twitter from the start of 2012, the US government demanded access to user data 679 times of which 75 per cent were successful. Japanese authorities followed up with 98 such requests, while UK.gov asked for data on 11 separate occasions.

The same report also revealed that a total of 3,378 copyright takedown notices were demanded of Twitter in the first half of this year.

Material was removed in only 38 per cent of those cases, with around 6,000 Twitter accounts affected, more than 5,000 tweets removed and 599 instances where the media was deleted by the micro-blogging site.

Authorities from around the world requested more information from Twitter in the first six months of 2012 then it did for the full year of 2011. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/03/twitter_transparency_report/

The Indian navy has been left licking its wounds after suspected Chinese hackers managed to lift classified data from maximum security, non-internet connected PCs via malware hidden on USB drives.

The Indian Eastern Naval Command – which is currently overseeing trials of the country’s first nuclear missile submarine, INS Arihant – was the target of the attacks, which were first discovered at the start of the year, according to the Indian Express.

A “person familiar with the investigation” revealed to the paper that thumb drives were found at the site. These were apparently infected with malware which, once placed in the standalone computers, covertly collected information according to certain keywords.

These documents remained hidden on a secret folder on the USB until it was connected to an internet-enabled PC again, when they were sent to certain IP addresses traced to China.

Although there is no conclusive proof that these IP addresses were the final destination of the stolen documents, China has been accused many times in the past of similar military-led cyber espionage attacks.

Just last month fears surfaced that a laptop which went missing from a Taiwanese missile boat was half-inched by a Chinese spy after the navy admitted security at the base where the boat was moored was not as tight as it should have been.

The Indian Eastern Naval Command is also charged with overseeing operations in the South China Sea, a region which is highly sensitive politically for China and one which has recently seen an escalation in tensions over its territorial claims.

The report claims six officers are awaiting strict disciplinary action after the incident, although there is no mention that any of them may have been acting maliciously.

The Indian government has finally been roused into action by the increasing threat to its national security from cyber space, recently announcing plans to create a 24-hour National Critical Information Infrastructure Protection Centre (NCIPC) to monitor threats.

More controversially, it has also been finalising plans which would authorise two agencies to carry out state-sponsored attacks if called upon. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/03/indian_navy_hacked_usbs/

West Hertfordshire Hospitals NHS trust is planning to invest £67m in an information management and technology (IMT) strategy over the next five years.

A spokeswoman for the trust told Guardian Government Computing that the board in approving the plan noted “that where capital funding is required to progress the workstreams, business cases would be developed to support investment decisions”.

A trust board paper says the strategy will be implemented in six workstreams. The first, costing £900,000, covers IMT governance, programme management and organisation. It will include a review of the structure of the existing IMT department.

The second, costing £2.8m, will focus on improving service management, while the third, with a £23m value, will cover the provision of end-user devices. It is intended to increase the security and resilience of LAN and WAN network services and ensure adequacy of support for a more mobile, agile workforce.

Other workstreams are a £21m investment in clinical systems, including replacing the existing patient administration and InfoFlex systems; £2m for better knowledge management; and £100,000 to make more effective use of non-clinical systems.

“The majority of the projects, whilst containing significant IMT elements are fundamentally transformational in nature,” the board paper says.

“The introduction of technology will involve changes to ways of working and the delivery of patient care, resulting in a more effective, efficient and clinically safe practice. A programme of clinical engagement and change management will be included within the outline business case for a proposed electronic patient record system.”

The strategy is intended to implement the trust’s digital hospital environment vision statement, which sets out how new technologies should be used to promote agile working and service transformation, as well as reducing paper and administrative costs.

The digital hospital environment says that “agile working will be underpinned by mobile, wireless technology to improve timeliness, patient safety and efficiency”.

It also sets out that patient communications will be standardised and centralised, while channels of communication with patients will be expanded to include SMS, email and social media.

This article was originally published at Guardian Government Computing.

Guardian Government Computing is a business division of Guardian Professional, and covers the latest news and analysis of public sector technology. For updates on public sector IT, join the Government Computing Network here.

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/03/west_hertfordshire_nhs_spend/