STE WILLIAMS

Cyberattacks are the top threat to future national security, according to the former head of the US Department of Homeland Security (DHS) Michael Chertoff.

It’s well known that Chertoff, who is now the co-founder and managing principal of private security consultancy the Chertoff Group, has a healthy respect for the power of technology. Investments by the DHS during his tenure there included SBInet (known here at The Reg as the Eye-o-Sauron stare-towers); handheld lobster spy-beam scanners; and Project Hostile Intent, a non-invasive mind probe to separate the dastardly from the law-abiding.

However, Chertoff now worries that power will be used more and more often to attack financial and political systems, as we’ve already seen happen in Estonia and Georgia.

In April 2007, websites of the Estonian parliament, banks, ministries and the media were the victims of a number of cyberattacks while the country rowed with Russia over Soviet-era war memorials in its capital Tallinn. The following year, websites in Georgia were attacked before and during the military action with Russia. Russia denied being behind either attack and experts were unable to come up with the culprits, highlighting the difficulty of tracing many cybercrimes.

“Cybercrime is probably the cutting edge of where we’re going to be looking at threats in the future,” Chertoff said at a lecture at the London School of Economics this morning, adding that improvements in the internet “unquestionably create greater risks”.

As the 10-year anniversary of the 9/11 attacks nears, Chertoff gave a whistle-stop tour of the state of security in the US for the last decade, drawing particular attention to the global but fragmented nature of modern terror networks and how they are facilitated by technologies that allow movement of money, people and communications around the world.

He said that the US’s attempts to draw military and law-enforcement intelligence together and use it to intercept these movements has helped reduce the threat of al Qaeda in Pakistan and Afghanistan and stopped terrorists from making it over the border. But he admitted that this pressure on al Qaeda has led to new leaders and cells popping up in Yemen and Somalia and an increase in homegrown terrorists.

“If you radicalise an American citizen, you don’t have to get them in the country,” he said. (Nonetheless Chertoff and his firm are fully invested in full-body scanners.)

He also said that cybercrime was “the one area where we’ve done less than I’d like” in terms of national defence.

“The more and more technology is developing, the more we’re getting very dangerous intrusions into our cyberspace,” he said. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/09/05/cyber_crime_the_cutting_edge_of_future_threats/

The Friday before a public holiday is traditionally a great time to bury bad news. Google chose the Labor Day Lull to give the world an update on its copyright infringement measures. Funny, that.

Since the RIAA ended its catastrophic strategy of suing end users in 2008 (although not everyone has noticed), copyright enforcers have focused on the middlemen. Google is not only one of the biggest infringers in the world (if not the biggest) but the most trusted middleman, a global brand. The Chocolate Factory’s new strategy is to make life difficult for the casual user – the hardcore pirate will easily find what they want, and would do so even if Google was 100 per cent free of any links to infringing material. You don’t need Google if you know where to go.

Late last year Google made four proposals by which it intends to tackle infringement:

• booting pirate sites from Adsense;
• filtering search terms a little, from Autocomplete but not the main search index;
• showing more rich content from legitimate music sites; and
• responding to DMCA notices within 24 hours.

And, albeit by its own yardstick, it is doing very well, Kent Walker posted on Friday.

“In April, we were among the first companies to certify compliance in the Interactive Advertising Bureau’s (IAB’s) Quality Assurance Certification program,” wrote Walker, although he gave no numbers on (for example) how many companies had been kicked off Adsense.

So what does Walker mean when he says: “We look forward to further refining and improving our processes in ways that help both rights-holders and users” ?

But allow the hardcore pirates tell the story.

“Google hasn’t turned evil. They are just doing these little tidbits to keep the entertainment industry happy,” writes one poster on TorrentFreak. “Look at the bigger picture. If Google don’t throw these bones to MAFIAA every now and then, they would be constantly paying lawyers to defend themselves in court against the MAFIAA and who wants that huh? It’s a tricky situation and since we are are not paying money to Google to bail them out, they have to do whatever it takes to keep themselves safe and censoring terms from auto complete is not a big deal to me. The relevant results still come up on Google,” he adds [our emphasis added].

“Google needs to appease the copyright lobby with these small (and for people who know what they’re doing, meaningless) steps, to be able to make deals with them in other areas (YouTube, mobile areas, books, etc) where Big Media have more clout.” writes another.

So there you go.

Who knows better about the ease of piracy than a pirate? The TorrentFreak audience still considers Google a friendly intermediary. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/09/05/google_copyright_update/

Businesses and individuals using Facebook Pages are getting booted off their fanpage with no way back on, and it’s costing some of them money.

Typically, the administrator tries to access the Page, only to discover that someone else has managed to get admin privileges and then deleted their admin status.

Because they are no longer an admin of the Page, they have no standing with Facebook and no way of getting rid of the usurper and are usually told by the social network that the only option they have is to report it as “infringing or violating their rights” so that it will be deleted. But for many users, this is a difficult option to swallow after months, or even years, spent building up their fanbase.

Ali Naqvi, owner and director of 123vouchercodes.co.uk, lost his Page around three months ago at great cost to his business.

“We had 6,000 fans who were genuine followers interested in our updates and clicking away. The clicks brought in about 10 to 15 per cent traffic every month,” he told The Reg. “My webpage does about 50,000 unique visits a month – it’s not huge, but at the same time, whatever traffic is there, 10 to 15 per cent is a big chunk of that.”

After months of trying to get help from Facebook, Naqvi has resorted to starting a new Page, but it’s not a solution he’s happy with.

“I’ve actually started a new Page already, but the take-up is slow,” he said. “I spent two years building the 6,000 fan base and I’ve just started now so it’s only a couple of hundred on there. It’s not the same, it’s not going to bring the same amount of traffic.”

Many users believed that the original creator of the Page could never be removed as administrator, as stated in its own help pages, but Facebook denies this.

A Facebook spokesperson told The Reg that original administrators could be removed, adding that this had benefits for businesses because they could delete people who had left the company.

Graham Cluley, senior technology consultant at Sophos Security, said this presented serious risks for businesses using Pages.

“I’m sure there are many people who run Facebook Pages who take the help page’s word [on original creators] at face value, and believed it to be a safety net should anything ever go wrong. I certainly believed it to be true, which is why I was so surprised when I tested it for myself to find how simple it was to kick out the original admin,” he said.

Without that safety net, someone outside the company could convince an administrator to give them access for marketing purposes or some other service and then take control of the Page, or any legitimate additional admins could have their computer hacked, resulting in everyone getting kicked off the Page, Cluley added.

“If you run a Page with a lot of fans that’s a big problem – both for the fans (who might receive spam, malicious messages etc) and for your firm’s brand,” he said.

Other users who have lost their Pages have taken to the forums to vent their frustration at the lack of help from Facebook, and at the oft-quoted phrase from company that Pages “cannot be hacked”.

The spokesperson also said that Facebook Pages could not be hacked and said the only way they could be taken over was if the email and password login were found out somehow, for example through phishing – which might be a little too much like splitting hairs for a lot of users.

“As long as the current administrators of a group keep their login details secure, keep their account enabled, and do not allow any suspicious people to become admins, then the group or Page will remain secure,” Facebook said.

Naqvi said he had little interest in how his Page was hacked, but he wondered why, if a hacker had his Facebook login details, they hadn’t taken over his profile along with his Page.

Facebook’s spokesperson also said the site had a “host” of advanced tools to help people stay in control of their accounts, including login notifications, which let you save the devices you use to access your account, and “recent activity”, where you can look at your recent activity and remotely close open sessions.

“Unfortunately, Facebook is not able to reinstate people as an admin for any group or page so, as always, we advise people to practice good online security,” they said.

But Cluley said he didn’t understand why it should be difficult for Facebook to reinstate original admins.

“After all, they presumably have a log of who originally created a page,” he said.  “Even if they aren’t prepared to put in a system to do that – why can’t they code Facebook to do what its help pages say it will do? Either block attempts to remove the original admin, or send a request to the original admin asking if they agree to be removed from their administrator role.

“That would surely help prevent hijacks like this one taking place.” ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/09/05/facebook_fanpages_are_being_hijacked/

Low blow: Phishers target student loan applicants

• 
• 
• 
• 

Sadly victims may not notice grammatical error

By John Leyden • Get more from this author

Posted in ID, 5th September 2011 10:14 GMT

Free whitepaper – Implementing Energy Efficient Data Centers

Phishers are targeting UK student loan applicants in a new scam campaign.

Fraudulent emails, posing as messages from Directgov UK, attempt to trick recipients into handing over online account information and other personal data to fraudsters under the guise of a supposed account update. “We at HM Government noticed your Student loan online login details is [sic] incorrect and need to be updated,” the scam email reads.

The email is circulating just weeks before British students are about to start another year at university. The incident illustrates that phishers are widening their nets and going after a greater range of potential victims outside their traditional targets of online banking accounts and PayPal logins. For example, recent attacks separately targeted frequent flyer schemes in Brazil and Google AdWords accounts.

More on the student-loan phishing scam emails – along with samples of the offending missives – can be found in a blog post by Sophos here. ®

Free whitepaper – Effect of UPS on System Availability

• 1 commentPost a comment

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/09/05/student_loan_phishing_scam/

Communist Party officials in Beijing have flagged up concerns about the growth of micro-blogging websites in China.

According to a Reuters report, China may be pushing for more robust controls of such sites. The article cites a commentary piece written for the People’s Daily by individuals who pen the Communist Party’s quarterly Qiushi journal.

Twitter, Facebook and other networking portals are already heavily filtered in China.

But Beijing also has sites much closer to home that it may eventually single out for tougher measures, even though it admits that it is lagging behind on regulation.

Sina Corp-owned Weibo, for example, hit a 195 million userbase in late June, signalling a huge growth in micro-blogging in China over the past year.

Brit rock bores Radiohead created a page on Weibo in July, which almost immediately scooped up 50,000 followers from the People’s Republic at launch.

The commentary didn’t single out Weibo, however. But Beijing is clearly concerned about its usage.

“Internet opinion is spontaneous, but increasingly shows signs of becoming organised,” said the commentary.

“Among the many controversies stirred up on the internet, many are organised, with goals and meticulous planning and direction, and some clearly have commercial interests or political intentions in the background,” it continued.

“Unless administration is vigorous, criminal forces, hostile forces, terrorist organisations and others could manipulate public sentiment by manufacturing bogus opinion on the internet, damaging social stability and national security.”

The ruling party scribes called for a more cautious approach to adopting internet technologies in the future, by putting administration and regulation in place before their use becomes widespread in China in order to prevent a backlash against clamp-downs.

Weibo, like Twitter in other parts of the world, is in fact used by government officials as a communication tool in China. So the idea of altogether canning it is seemingly out of the question.

Here in the UK, Prime Minister David Cameron recently mulled over how to stop social media being “used for ill”, following the recent riots in England.

His rhetoric was quickly shot down, and the Coalition later abandoned such a plan. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/09/05/china_late_on_internet_regulation/

The network breach in July that forged a near-perfect replica of a Google.com credential minted more than 200 other SSL certificates for more than 20 different domains, a top manager for Mozilla’s Firefox browser said.

In stern rebuke of substandard practices at Netherlands-based certificate authority DigiNotar, Director of Firefox Engineering Johnathan Nightingale recited a litany of failures that put entire internet populations at risk. Bad enough was DigiNotar’s inability to accurately account for the certificates it issued, and its six-week delay in warning Mozilla of fraudulent certificates detected in mid July, one of which spoofed the sensitive https://addons.mozilla.org site.

Worse yet was the determination that DigiNotar’s lapses resulted in “multiple reports of these certificates being used in the wild.”

“The integrity of the SSL system cannot be maintained in secrecy,” Nightingale wrote in the first, and long-overdue, reprimand of DigiNotar. “Incidents like this one demonstrate the need for active, immediate and and comprehensive communication between CAs and software vendors to keep our collective users safe online.”

Nightingale went on to confirm what El Reg reported earlier today: that Mozilla was updating its software to permanently distrust two DigiNotar certificates formally adopted by the Dutch authorities for official government business. Previously, Mozilla, Google and possibly Microsoft excepted DigiNotar-signed PKIoverheid certificates from their ban after being assured by the Dutch officials they weren’t compromised during the security breach DigiNotar detected on July 19.

“The Dutch government has since audited DigiNotar’s performance and rescinded this assessment,” Nightingale wrote. “We are now removing the exemption for these certificates, meaning that all DigiNotar certificates will be untrusted by Mozilla products. We understand that other browser vendors are making similar changes.”

Around the same time Nightingale issued his statement, Google released a new version of its Chrome browser that also adds all DigiNotar certificates to a permanent block list.

Representatives with Microsoft have repeatedly declined to answer questions for the past 36 hours. Google officials have confirmed that preparations are under way to block the additional certificates but said discussions are still underway about whether they will follow suit.

Nightingale’s update coincided with a bare-bones report from a Dutch news service that said Netherlands Interior Minister Piet Hein Donner gave a press conference in the early hours of Saturday in which he announced plans to “hand over control of internet security to a different firm.”

DigiNotar is a wholly owned subsidiary of Vasco Data Security, an Illinois-based provider of two-factor authentication products and services. The company has barely uttered a peep since the fraudulent certificates first surfaced six days ago. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/09/03/diginotar_game_over/

A Peeping Tom webcam sextortionist has been jailed for six years after targeting several young women.

Luis Mijangos, 32, a resident of Santa Ana, California, was imprisoned on Thursday after he was convicted of hacking into more than 100 computers, using stolen personal information, to blackmail his young female victims into posing for sexually explicit videos and pictures.

Mijangos, a freelance computer consultant who is confined to a wheelchair, used malware to compromise victims’ machines. In one case he posted naked photos of a woman on her friend’s MySpace page. In another he posed as a victim’s boyfriend in order to trick her into posing for revealing pictures.

Mijangos used modified versions of remote access tools, such as Poison Ivy or SpyNet, which he planted onto file-sharing networks or sent to victims disguised as video clips or songs so that he could gain compromised access to their PCs, Computerworld reports.

The case is the latest in a long list of prosecutions of voyeurs who used computing technology to abuse victims. For example, Adrian Ringland of Ilkeston, Derbyshire, was jailed for 10 years back in 2006 after he was convicted of using spyware to take explicit photos of kids using compromised access to computer webcams. In 2008, a 47-year-old Cypriot got four years for taking illicit snaps of a teenager after he planted Trojan horse spyware to gain remote control of the 17-year-old’s webcam. More discussion on the issue and advice on possible countermeasures (use anti-malware and, if in doubt, disable webcams) can be found in a blog post by Sophos here. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/09/02/wheelchair_bound_webcam_pervert_jailed/

Diebold has taken the wraps off a prototype for a bank ATM that uses virtualisation technology.

Relying on remote servers instead of in-built computing resources reduces complexity while offering greater reliability and security. Diebold described the prototype as a “game changer” and part of its roadmap to make greater use of cloud-based technologies in cash machines and self-service kiosks.

“Virtualisation will fundamentally change the way Diebold – and its customers – deploy solutions to the marketplace,” said Frank A Natoli Jr, vice president and chief technology officer at Diebold. “It enables unified management of a wide array of services and paves the way for orchestration of multiple channels.”

He added: “This development is an important milestone on Diebold’s roadmap to leveraging cloud computing technology in the retail financial space.”

The virtualised ATM prototype was developed by Diebold in conjunction with VMware, which said that the kit illustrates that virtualisation has plenty of applications outside its traditional home in the datacentre. Diebold wants to recruit banks to set up sites for a virtual ATM proof-of-concept study.

Virtualisation removes the onboard computer from the ATM, tying each terminal single server running many “virtual” ATMs. This consolidation allows greater control and therefore better security, at least in theory. Far from offering a single point of failure, this approach would also allow faster failure recovery and more rapid software upgrades and services deployment, leading to an overall increase in ATM uptime, according to Diebold.

Diebold’s demonstration terminal at VMworld 2011 also showcased biometrics for enhanced security and near field communications (NFC) technology. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/09/02/diebold_virtual_atm/

Updated In the wake of hundreds of fraudulent secure sockets layer certificates issued by DigiNotar, Google developers are preparing a version of the Chrome browser that rejects some web credentials sanctioned by the Dutch government’s official certificate authority.

Source code posted Thursday afternoon California time on Google’s own website would prevent Chrome from trusting any secure website signed by DigiNotar under an official program set up by the Dutch government. It was set up under the auspices of PKIoverheid, the official certificate authority of the Netherlands.

Shortly after Monday’s discovery that DigiNotar had issued a fraudulent google.com certificate that was used to spy on people in Iran who accessed Gmail, Google, Mozilla, and Microsoft updated their software so it would no longer trust the Netherlands-based certificate authority. What Google and Mozilla, and possibly Microsoft as well, never said in their advisories was that their browsers and email applications would continue to trust two DigiNotar certificates that were linked to PKIoverheid.

All three software makers have ducked questions for three days, but a handful of web-based discussions show members of some of them arguing that the PKIoverheid-signed intermediate certificates can still be trusted. On Friday, around the same time this article was first published, Google issued its first on-the-record comment indicating the blocking of the DigiNotar-issued PKIoverheid certificates was under active discussion.

“We’re currently evaluating a number of factors, and we want to be prepared to act if we need to,” a spokesman wrote in an email. “Our top priority is to protect the privacy and security of our users. To be clear, in this instance we are considering a CA operated by DigiNotar, not the Staat de Nederlanden root CA. We encourage DigiNotar to provide a complete analysis of the situation.”

It’s unclear if or when Google intends to implement the planned changes. A few hours after the Chromium differential was posted publicly, access to it became restricted. A volunteer Chromium developer said the source code was a sign that at least some people inside Google may have reservations.

“The fact that Google is taking this preparatory step may be anticipating the worst,” said Ryan Sleevi, a who has contributed code to the Chromium project in the past. “It also seems to suggest that they may have information that PKIoverheid has been compromised or otherwise is untrustworthy through its link to Diginotar. PKIoverheid doesn’t appear to have done anything wrong other than associating with DigiNotar.”

It’s unclear how many website certificates might be affected by the move, but the number and profile of sites that use DigiNotar’s PKIoverheid certificate could be considerably higher than those that rely on DigiNotar’s root certificate alone. The site at https://www.nicugehoorscreening.nl appears to offer neonatal intensive care unit services from the Dutch government.

It appears as a valid SSL site under Google Chrome. If the changes under consideration are made, the browser would return an error that it’s not to be trusted.

On Thursday, Mozilla Vice President of Technical Strategy Mike Shaver issued a series of tweets that appeared to indicate developers of the Firefox browser and Thunderbird email client were inclined to continue trusting the intermediate certificates. Responding to one Twitter dispatch asking what in one of the excepted certificates suggested it wasn’t controlled by DigiNotar, Shaver offered the following response:

“nothing in the cert does. our conversations with the dutch authorities do. it doesn’t chain to digitar *root*, right?”

A separate tweet posted Wednesday b Google security researcher Adam Langley said: “PKIoverheid is still allowed for now based on assurances from the Dutch government. Conversation still ongoing.”

Microsoft has yet to say whether changes it has made to the Vista and later operating systems block the two PKIoverheid certificates signed by DigiNotar.

The relevant code in the version of Chromium is as follows:

Index: net/base/x509_certificate.cc
diff --git a/net/base/x509_certificate.cc b/net/base/x509_certificate.cc
index e96ece490ad4c32fafb735671317dae35115151e..36b0ed2bfcbf315595eb779922026c954db7d5b9 100644
--- a/net/base/x509_certificate.cc
+++ b/net/base/x509_certificate.cc
@@ -957,7 +957,7 @@ bool X509Certificate::IsBlacklisted() const {
 // static
 bool X509Certificate::IsPublicKeyBlacklisted(
     const std::vectorSHA1Fingerprint public_key_hashes) {
-  static const unsigned kNumHashes = 3;
+  static const unsigned kNumHashes = 5;
   static const uint8 kHashes[kNumHashes][base::SHA1_LENGTH] = {
     // Subject: CN=DigiNotar Root CA
     // Issuer: CN=Entrust.net x2 and self-signed
@@ -971,6 +971,14 @@ bool X509Certificate::IsPublicKeyBlacklisted(
     // Issuer: CN=Entrust.net
     {0xe2, 0x3b, 0x8d, 0x10, 0x5f, 0x87, 0x71, 0x0a, 0x68, 0xd9,
      0x24, 0x80, 0x50, 0xeb, 0xef, 0xc6, 0x27, 0xbe, 0x4c, 0xa6},
+    // Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2
+    // Issuer: CN=Staat der Nederlanden Organisatie CA - G2
+    {0x7b, 0x2e, 0x16, 0xbc, 0x39, 0xbc, 0xd7, 0x2b, 0x45, 0x6e,
+     0x9f, 0x05, 0x5d, 0x1d, 0xe6, 0x15, 0xb7, 0x49, 0x45, 0xdb},
+    // Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven
+    // Issuer: CN=Staat der Nederlanden Overheid CA
+    {0xe8, 0xf9, 0x12, 0x00, 0xc6, 0x5c, 0xee, 0x16, 0xe0, 0x39,
+     0xb9, 0xf8, 0x83, 0x84, 0x16, 0x61, 0x63, 0x5f, 0x81, 0xc5},
   };
 
   for (unsigned i = 0; i  kNumHashes; i++) {

It clearly shows two additional DigiNotar certificates, including their serial numbers, that would be blocked if the changes go into effect.

Asked why the source code was originally accessible to everyone and later was restricted, a Google spokesman said: “Code diffs may be private before they are committed. Commits to the tree will of course be public.”

Next page: Bring us the head of DigiNotar

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/09/02/google_chrome_diginotar/

Police in the UK could get new powers to suspend internet domain names without a court order if they’re being used for illegal activity, under rules proposed to .uk registry manager Nominet.

A Nominet volunteer policy team has recommended the creation of an “expedited” process for shutting down addresses when the police say “the urgent suspension of the domain name is necessary to prevent serious and immediate consumer harm”.

The proposed rules, if adopted, would apply to any address ending in .uk, such as example.co.uk.

Shutting down a domain name effectively shuts down the associated website and email.

In order for a domain to be grabbed under the policy, a law enforcement agency would have to file a declaration with Nominet that a seizure would be “proportionate, necessary, and urgent”.

Police would not need to seek court approval, however, in order to have a site taken down.

Domains being used to commit any of the laundry list of crimes covered by the Serious Crimes Act 2007 – such as counterfeiting, fraud, prostitution, money laundering, blackmail and copyright infringement – would be eligible for seizure under the policy.

The policy recommendations envision an explicit exception for cases where freedom of expression is at stake. There would also be an appeals process and a periodic policy review.

“This should not be a path of least resistance [for police],” said Nominet’s director of policy, Alex Blowers. “This is for cases where in the time it takes to obtain that court order the damage to consumers will already have been done.”

He added: “We are not going to recommend that this expedited process is used for private copyright enforcement.” Only law enforcement agencies known to Nominet would be able to ask for a take-down.

The “issues group” behind the creation of the recommendations was formed at the request of police earlier this year, and is the first example of Nominet’s newly instituted community-driven policy model.

It is chaired by Dr Ian Walden, a professor of communications law at Queen Mary University of London, and has members drawn from law enforcement, ISPs, domain registrars, the academia and rights groups.

Nominet’s rules and regulations currently do not allow for a domain to be blocked due to criminality.

However, in 2010 it disconnected thousands of domains used to sell counterfeit goods at the behest of law enforcement, on the pretext that the registrants had provided phoney contact information, which is against the existing rules.

Domain seizures are also proving popular across the pond, where the US Immigration and Customs Enforcement agency has grabbed scores of .com and .net domains. The ICE, however, does this by serving the registry manager, VeriSign, with judge-approved court orders.

The latest Nominet recommendations have not been finalised. The issue group will meet one more time, on 21 September, to discuss its report before it is submitted to the Nominet board of directors in October. If adopted, the policy could go into effect by the end of the year.

In the meantime, UK internet users are encouraged to submit their opinions. The draft report, and information for filing a comment, can be found here. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/09/02/cops_to_get_dot_uk_takedown_powers/