STE WILLIAMS

Hundreds of Australians have received unsolicited TXT messages in which their imminent demise is predicted, along with an offer to avoid a hitman’s gunsights if they fork over some hard-earned.

The messages read as follows:

“Someone paid me to kill you, get spared, 48 hours to pay $5000.00 if you inform police or anybody death is promised. Email me now”

Police forces around Australia say they’ve had hundreds of phone queries about the messages, which clearly aren’t scaring everyone into forking over the cash. And nor should they: everyone knows real hitmen are impeccable punctuators.

But it seems inevitable that someone has, by now, fallen for the scam. Police in the state of Queensland regularly report on residents’ losses to West African scammers, which were estimated at AUD$2million a month in September 2011.

Anyone receiving the message is urged to report it to the Australian Competition and Consumer Commission, in the hope the issuing phone number and email address from the message make it possible to bring these fiends to justice. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/23/australian_sms_death_threat_scam/

Iran’s military will establish a cyber-defence headquarters, the country’s official news agency IRNA reports – just in time to sort out an alleged heavy-metal infection at its nuclear labs.

The centre – staffed by an unspecified number of personnel – “would be commissioned to design and adopt comprehensive approaches in line with cultural onslaught of the enemies”, according to Brigadier Seyyed Mas’oud Jazayeri. Iran’s Revolutionary Guards are already actively involved in propaganda battles against the influence of Western media in Iran, all the while spreading the Islamic Republic message abroad and limiting the usefulness of social networks used to organise protests in the country.

The new unit could be an extenuation of these activities, rather than an attempt to counter or respond to Stuxnet – the virus that sabotaged machines associated with Iran’s controversial uranium enrichment programme – or Flame, the super-espionage tool.

Sanctions prevent Iran from purchasing Western antivirus technology. In response, the country is developing its own homegrown malware-catching technology, the effectiveness of which remains unclear.

The need for Iran to develop security software in the face of continuing electronic assault is all too clear. For example, Finnish software firm F-Secure reports that an email from someone within the network of the Atomic Energy Organisation of Iran (AEOI) claimed a worm played Thunderstruck by AC/DC at high volume throughout the night. The hacker, it is alleged, used Metasploit to find vulnerable systems. Infection by the worm supposedly forced sysadmins to “shut down the automation network” at Natanz and another facility Fordo near Qom.

F-Secure is unable to confirm the report beyond being able to say that the email was sent from AEOI’s network. Stealth is a primary requirement of cyber-espionage attacks, and the appearance of a worm that turns the volume up to 11 is hardly fitting with this – unless the goal of the malware is to drive scientists and other workers in Iran’s nuclear programme to distraction. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/23/hard_rock_malware_hits_iranian_nuclear/

A new survey commissioned by Skype reveals that 40 per cent of adults do not always update their software when prompted to do so, and that 25 per cent skip software updates because they think they offer no real benefit.

The survey was offered on Skype’s behalf to some 350,000 individuals in the US, UK, and Germany by internet pollster YouGov.

A quarter of the adults surveyed said they did not understand the benefits of software updates or what they were supposed to do.

About the same number said they didn’t know how to check for updates, and another quarter said they’d need to be prompted to upgrade their software at least twice before they would do it.

The respondents gave various reasons for shying away from updates. Some said they expected new versions of software would have “lots of bugs” or would crash too often, while others said they thought the updates would slow down their computers.

More than a quarter of respondents said the process of updating their software just takes too long.

Software updates: Don’t get ’em, don’t want ’em, can’t be bothered. (Source: Skype)

The most jaw-dropping result, however, was that 45 per cent of survey participants said they did not upgrade their software – paradoxically – because they worry about the security of their computers.

The survey results highlight the often-contentious issue of security updates for consumer software. Former Mozilla staffer Jonathan DiCarlo ignited a minor internet firestorm in early July when he spelled out the issue in a blog post:

Only after I heard from dozens of different users that the rapid release process had ruined Firefox did I finally get it through my thick skull: releasing an update is practically an act of aggression against your users. The developer perspective is “You guys are going to love this new update we’ve been working on!” The user perspective is “Oh god here comes another update, is there any way I can postpone the agony for a few more days?”

Thankfully, the Skype survey participants who replied that they did regularly update their software said they did so for sensible reasons. Of them, 76 per cent responded that they updated their software “to keep my computer safe and secure from viruses and hackers.”

Other popular reasons for upgrading were to keeping computers free of bugs so that they crash less often, and gaining the latest features.

About half of the respondents said they installed the updates because, hey, they don’t cost anything.

Skype commissioned its survey in preparation for a weeklong event it’s calling International Technology Upgrade Week (ITUW), a global effort to raise consumer awareness about the importance of software updates, which kicks off on Monday.

Joining Skype in promoting the ITUW effort are Adobe, Norton, and TomTom.

“We hear you – loud and clear,” writes Adobe’s Wiebke Lips in a statement. “The good news is that times have changed. Especially for consumers, software updates have become much easier and much more reliable than they once were. Software vendors continuously look for ways to make the update process less cumbersome.”

The companies may have a hard time convincing some customers, however. Consider the recent Symantec security update that triggered widespread reports of crashing PCs in July. (Symantec is the parent company of Norton, one of the sponsors of ITUW.) And then there was the Windows update earlier that same month that silently installed Skype onto business PCs without asking.

It appears that for all the good that the sponsors of IUTW hope to do with their campaign, a little “physician, heal thyself” may yet be in order. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/23/skype_software_update_survey/

Black Hat conference Organisers of the annual Black Hat conference have apologised after an estimated 7,500 conference delegates received a suspicious email yesterday resembling a phishing attack.

The dodgy email, informing entrants of a supposed password reset, was sent out after a volunteer with ITN International, the third-party firm handling on-site registrations for this week’s Las Vegas conference, “pressed the wrong button” on a mail-out webform, the organisers explained.

The email this morning was an abuse of functionality by a volunteer who has been spoken to. This feature has since been removed as a precautionary measure.

There are “no signs of compromise” said Trey Ford, general manager at Black Hat. Organisers acknowledged the security snafu minutes after the Sunday mail-out, diffusing any potential criticism.

Even so the incident is likely to become a candidate for the Pwnie Awards, Black Hat’s answer to the Golden Raspberry Awards.

The offending email smelled a little phishy for number of reasons – not least because it came from an organisation other than Black Hat and invited action in a link supplied in an email that didn’t even point to a Black Hat site. The link in the email was broken, however, so if it were a phish, it was never one that was going to work anyway.

A screenshot of the offending email, together with additional security commentary, can be found in a blog post by Paul Ducklin of Sophos here. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/23/black_hat_phishing_snafu/

A Russian man suspected to be connected to a series of denial-of-service attacks against Amazon.com that took place in 2008 has been arrested in Cyprus.

The US Attorney’s Office said Dmitry Olegovich Zubakha, 25, from Moscow, Russia, is also suspected of running DDoS attacks against Priceline.com and eBay and stands accused of aggravated identity theft in an unrelated scam involving credit card theft. Zubakha was arrested in Cyprus on an international arrest warrant.

The Russian national allegedly conspired with an associate to use botnets of compromised computers to launch two denial of service attacks against Amazon.com in June 2008. After a series of similar attacks against Priceline.com, his alleged accomplice then offered his services to the firm as a security consultant, says Washington.

The US is seeking to extradite Zubakha, who is being held in custody, from Cyprus. A DoJ statement on the case can be found here. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/23/amazon_hack_suspect_cyprus_arrest/

A computer technician accused of hacking into his wife’s webmail account to search for evidence of an affair has been cleared of all wrongdoing.

A computer hacking charge against Leon Walker was dropped after it emerged in court that his then-partner Clara Walker had been reading her husband’s mobile text messages at the same time that he had been snooping on her Gmail account using a shared PC.

The techie told the court that he had checked his then-wife’s email after she failed to return home one night as he suspected Clara Walker was having an affair with her second husband, a man she had left after he was allegedly arrested for beating her in front of her son, a child of her first marriage.

Leon Walker told the court that he was concerned for the boy’s welfare, prompting him to hand over the emails to Clara Walker’s first husband, who then used them in a custody battle for his son. The 34-year-old computer technician – from Rochester Hills, a northern suburb of Detroit – was Clara’s third husband. The origin of these emails emerged in court, and resulted in charges against Leon Walker, which had dragged on for two and a half years, being dropped last week.

This still left the secondary charge related to Leon Walker’s access, as a local government techie, to a confidential law enforcement database (CLEMIS) to see if any spouse had been charged with unauthorised access to their partner’s email, according to a CBS report.

Prosecutors dropped that charge on Thursday, 19 July, after it emerged that Leon Walker may have been given permission to use the system – or at least that he wasn’t properly informed that its use was restricted.

Leon and Clara Walker had a daughter together, a factor that made an already volatile relationship even more fraught. The Walkers have since divorced.

Leon Walker, who has been on paid leave from his county job since his initial arrest, has vowed to rebuild his life.

He reacted to the news with an update to his personal blog on Thursday under the heading “I Am Free”. On Twitter he added: “All charges against me have been dropped. I am exonerated. I am free!”

Walker’s lawyer, Leon Weiss, hailed the decision and called for a reworking of Michigan’s anti-hacking laws. Unless amended, the law could criminalise parental monitoring of their children’s online activities and other benign activities, he said in a press statement. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/23/spousal_email_spying_case_dropped/

Megaupload founder and Hollywood’s most wanted, Kim Dotcom has taken his fight against the US authorities to new social and viral levels launching an anti-Obama campaign on his personal website.

In a call to clicks, kim.com , declares that “the US government has declared war on the internet, millions of Mega users want their files back. If Megaupload.com is not back online by November 1, will you vote for Obama?” and features a poll and sign-up to join ‘the movement.’

Dotcom tweeted yesterday, “expect this movement to get crowded. August 1st we start inviting 200 million emails from our Mega database to join us!” Earlier the new self-styled internet freedom vigilante tweeted,”one man and his keyboard with the Internet behind him might render a billion dollar re-election campaign fund useless.”

The showcase of the revamped website is a new musical offering from the rapping dilettante, dedicated to President Barack Obama. Posted on Friday, it attracted 200,000 views in the first 24 hours with Dotcom declaring it a hit and pushing the viral buttons all weekend.

Clearly Dotcom has not been idle while awaiting his extradition trial under house arrest in New Zealand. Aside from mounting his very vociferous public campaign defending Megaupload’s innocence, he has hinted at the launch of a new cloud based offering and has been working the international press.

In an open, ‘copyright free’, letter to the entire entertainment industry published in this week’s Hollywood Reporter http://www.hollywoodreporter.com/news/kim-dotcom-megaupload-extradition-350605, Dotcom declares to Tinstletown: “I have the solutions to your problems. I am not your enemy.”

He asserts that providing “freemium” cloud storage and “speed of light” data transfer to society is not a crime, but is beneficial to society’s evolution.

“What will Hollywood do when smartphones and tablets can wirelessly transfer a movie file within milliseconds?,” he asks.

Dotcom maintains that his Megaupload services operated within the boundaries of the law and calls for a “happy ending” to the saga.

“Regardless of the issues you have with new technologies, you can’t just engage armed forces halfway around the world, rip a peaceful man from his family, throw him in jail, terminate his business without a trial, take everything he owns without a hearing, deprive him of a fair chance to defend himself,” he writes.

Ultimately, he claims, the netizens of the world will support his bid for internet freedom. “The people of the Internet will unite. They will help me. And they are stronger than you. We have logic, human nature and the invisible hand on our side.”

®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/22/dotcom_goes_viral/

Security outfit SecureState’s smart meter hacking framework, Termineter, has gone live over at Google Code.

The software is described as having a structure like Metasploit, with a similar interface and ability to be extended with external modules.

Termineter isn’t up to the full doomsday-scenario “remote attack” that troubles owners of critical infrastructure who stupidly opened up their control interfaces to the Internet (so as to save themselves the cost of private networks): it gathers smart meter data over the devices’ local serial optical interfaces.

SecureState announced its intention to release the software at the end of June. At the time, SecureState said the software allowed users to test for vulnerabilities such as energy consumption fraud and network hijacking.

In addition, Termineter can read from and write to tables in the smart meter, as well as parsing security, modem and log tables. To allow it to be open-sourced, the software focuses on the ANSI C12.18 and C12.19 standards used in smart meters. Users would need to write or acquire separate modules to access vendor-specific information.

As SecurityWeek notes, the tool is to be demonstrated in public at Las Vegas at the Security B-Sides conference on Wednesday July 25. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/22/termineter_smart_meter_hack_framework/

Apple has pulled from its App Store a utility that revealed how the software installed on iPhones is fondling punters’ data.

The Clueful app was created by security company Bitdefender and approved to go on sale in May. However, the privacy tool was yanked this week for reasons that are unclear.

Clueful analyses apps installed on an iPhone, and then names and shames those misusing fanboi data. A study of 60,000 popular apps found, for example, that 42.5 per cent do not encrypt users’ personal information, even when sending it over public Wi-Fi. Two in five programs can track a user’s location, and almost one in five apps access the entire address book on an iOS mobe.

It is unclear why Apple removed Clueful. As ever, the Foxconn-marketing biz chose not to comment on its App Store ruling.

Bitdefender said “Apple informed our product development team of the removal – for reasons we are studying – after it was approved under the same rules”. The Reg pushed for more details on the notice to no avail.

It’s possible some fanbois were misusing Clueful or that other app developers complained about it. Perhaps Apple took exception to Bitdefender’s claim that its code can “find out what your iOS apps are really doing”, although that would be inconsistent with their previous decision.

As with other applications removed from the App Store, Clueful will continue to work for people who have already downloaded it. But it may cease to work if an iOS update rolls in and breaks the software.

Apple’s software review process is famously opaque, with some odd decisions over the years. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/20/apple_data_protection_app/

Detectives have shelved an investigation into the high-profile hacking of computers at the University of East Anglia’s Climatic Research Unit (CRU).

The so-called Climategate attack led to 1,079 messages and more than 3,800 documents being leaked online in November 2009. Critics of the unit’s work seized upon the messages to suggest the team had misled the public and scientific community about its research into climate change, a charge scientists at the CRU were quick to deny.

A subsequent parliamentary study cleared the boffins of misconduct although mildly criticised their lack of transparency and sharing of data.

The question of who was behind the hack prompted almost as many conspiracy theories as the debate on global warming. Norfolk police were called in to investigate the breach, however two years into probe the force has admitted it’s hit a dead end. There is little prospect of making any arrests before the three-year statute of limitation expires for the offences at the centre of the case, the cops admitted.

In a statement, Detective Superintendent Julian Gregory, the senior investigating officer, said:

Despite detailed and comprehensive enquiries, supported by experts in this field, the complex nature of this investigation means that we do not have a realistic prospect of identifying the offender or offenders and launching criminal proceedings within the time constraints imposed by law.

The international dimension of investigating the World Wide Web especially has proved extremely challenging.

However, as a result of our enquiries, we can say that the data breach was the result of a sophisticated and carefully orchestrated attack on the CRU’s data files, carried out remotely via the internet. The offenders used methods common in unlawful internet activity to obstruct enquiries.

DS Gregory was at least able to dismiss early speculation that the hack might be an inside job.

“There is no evidence to suggest that anyone working at or associated with the University of East Anglia was involved in the crime,” he said. The investigation, codenamed Operation Cabin, was backed by computer crime specialists from the Metropolitan Police.

In a statement, the vice-chancellor of the university and the unit’s boss together the expressed disappointment that police effort had failed to apprehend a culprit. Prof Phil Jones, research director of the CRU, vowed to continue his work.

Prof Jones said: “I would like to thank the police for their work on this difficult investigation and also for the personal support they offered me. I am obviously disappointed that no one has been prosecuted for this crime but hope today’s announcement will draw a line under the stressful events of the last two and half years. My colleagues and I remain committed to the research CRU undertakes to illuminate the globally important issue of climate change.”

An analysis of the possible hacking techniques used to pull off the Climategate breach, and steps used to anonymously upload the swiped data, can be found in a blog post by Rob Graham of Errata Security here. The article, written in the days immediately after the data raid, stated that the hacker used “open proxies” to disguise his or her identity, and took issue with the conclusion that the techniques used were sophisticated.

What’s not in dispute is that the trail to the Climategate hacker has long since gone cold.

Graham Cluley, a senior technology consultant at net security firm Sophos, commented: “Unless someone associated with the hack owns up to their involvement, it seems that the story of Climategate may remain a mystery.” ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/07/20/climategate_hack_investigation_killed_off/