Ongoing Attacks on Human Rights Web sites and the Problem of Attribution

“A number of cyber attacks took place against human rights groups this week; including Armorize’s discovery of a variant of a “drive-by-download” attack on Amnesty International’s Web site. As this Armorize blogpost explains, “A drive-by download attack refers to the process of a user visiting an infected page and subsequently gets installed with malware, without his/her knowledge and without having him/her to click on or to agree to anything.” In the case of this week’s attack on Amnesty International, a “drive-by-cache attack” (term dubbed by Amorize) was launched.”

From Information Warfare Monitor

Got an iPhone or 3G iPad? Apple is recording your moves

“Today at Where 2.0 Pete Warden and I will announce the discovery that your iPhone, and your 3G iPad, is regularly recording the position of your device into a hidden file. Ever since iOS 4 arrived, your device has been storing a long list of locations and time stamps. We’re not sure why Apple is gathering this data, but it’s clearly intentional, as the database is being restored across backups, and even device migrations.

The presence of this data on your iPhone, your iPad, and your backups has security and privacy implications. We’ve contacted Apple’s Product Security team, but we haven’t heard back.”


Putin minimizes Web censorship move

“MOSCOW, April 20 (UPI) — Vladimir Putin downplayed the threat of Internet censorship in Russia Wednesday despite security forces’ demands for e-mail access.

Two weeks ago, the FSB, successor to the KGB, moved to get access to online communication services like Gmail and Skype. The agency said the “uncontrolled use of these services could lead to a large-scale threat to Russian security,” RIA Novosti reported.”

From UPI

Facebook may ‘block content’ claim as speculation grows over entry into China

“Facebook could block content in some countries, a Washington lobbyist for the company has said, adding that it has faced uncomfortable positions over ‘too much, maybe, free speech’.

The comments come amid increasing speculation that the company plans to enter the Chinese market, probably in collaboration with a local partner.

‘Maybe we will block content in some countries, but not others,’ Adam Conner told the Wall Street Journal (WSJ).’We are occasionally held in uncomfortable positions because now we’re allowing too much, maybe, free speech in countries that haven’t experienced it before.’ ”

From The Guardian

Botnet takedown sets legal, not technical, precedent

“In the security industry, researchers have often been able to infiltrate botnets. Yet, the next step has always been a big question mark.

Now, defenders may have a new slate of options. The takedown of the Coreflood botnet marks the start of more aggressive stance against botnets, say security experts. Last week, the U.S. Department of Justice obtained a temporary restraining order forcing registrars to reroute requests from infected computers, not to Coreflood’s command-and-control servers, but to a substitute server managed by a non-profit group. Under the judge’s order, the sinkhole server can issue commands to prevent the bot agents from carrying out normal operations.”

From Network World

Dissident warns of ‘silent cyber war’

“Are the Chinese spying on Ottawa resident Maggie Wenzhuo Hou?

Hou, a 41-year-old Chinese dissident who has lived in Ottawa since June 2009, is convinced that agents of the government of China are monitoring and blocking her e-mail and telephone communications.

While she can’t prove her allegations, she can offer up a long list of circumstantial evidence to support her claims. Based on her dissident status and documented attacks by China-based hackers, security experts say hers is a credible story.”

From The Ottawa Citizen

Chinese Hackers Attack Platform in Reaction to Ai Weiwei Campaign

“Attackers use distributed denial of service attack to bring down the world’s fastest growing social action platform after more than 90,000 people in 175 countries call for release of Chinese dissident artist.

Chinese hackers temporarily brought down the world’s fastest-growing social action platform after more than 90,000 people in 175 countries endorsed an online call for the release of internationally acclaimed Chinese artist Ai Weiwei.

Weiwei, best known for his role in the construction of the Beijing Olympic stadium and his recent Sunflower Seeds exhibition at the Tate Modern, has become an increasingly outspoken critic of the Chinese government in recent years, in particular over the handling of the 2008 earthquake in the country’s Sichuan province.”

From The Official Blog of

Uganda: Communications Commission Orders 24-Hour Shutdown of Facebook Over Protests

“Kampala — The Uganda Communications Commission quietly asked Internet service providers to block communication on Facebook and Tweeter messaging platforms for 24 hours during the Walk-to-Work campaign on Thursday last week.

However, Internet services carried on without a glitch that day save for subscribers on one network who experienced intermittent interruptions.

An April 14 letter signed by Mr Quinto Ojok, who signed in acting capacity for UCC’s Executive Director Godfrey Mutabazi, said social networking fora like Tweeter and Facebook, be shut-down for security reasons.”


Thai Internet restrictions may be delayed

“Activists say Thailand’s prime minister has assured them that proposed legislation tightening restrictions on the Internet will not be rushed into law.

Prime Minister Abhisit Vejjajiva met Tuesday with concerned Internet users who are demanding that proposed revisions to the already restrictive Computer Crime Act not be finalized without a full public review.”

From The Globe and Mail

Internet-based attacks on critical systems rise

“Internet-based attacks on critical systems such as gas, power and water have increased around the world, a report suggests.

Security firm McAfee surveyed 200 IT executives working for utility companies in 14 countries.

Eight out of 10 said their networks had been targeted by hackers during the past year.”

From BBC News