Author Archives: Tyler

Anonymous Against FTC

Posted on by
Reply

Members of Anonymous’ “AntiSec” division attacked a Web server of the Federal Trade Commission’s Bureau of Consumer Protection, hacking into and defacing the sites hosted on it.

“The Bureau of Consumer Protection’s Business Center website and the partnership site NCPW run by the Federal Trade Commission were hacked earlier today,” FTC spokesperson Cecelia Prewett stated in an official statement. “The FTC takes these malicious acts seriously. The sites have been taken down and will be brought back up when we’re satisfied that any vulnerability has been addressed.”

A log of the hack was posted and went viral, which was a cut-and-paste from a shell session on the Red Hat Enterprise Linux server. This log shows the server’s directories, the user account names and encrypted passwords, and the MySQL databases running on the server.

The websites belong to the FTC, but they weren’t running in a government-owned data center. According to the IP address data for the server, it was hosted by Media Temple in Culver City, California. The sites were set up for the FTC by the public relations firm Fleishman-Hilliard. Media Temple CMO Kim Brubeck has stated that her company was unaware that Fleishman had intended to use the servers in its data center for .gov sites, and that she has requested they remove any additional .gov sites.

The attack by Anonymous was motivated by the FTC’s failure to step in to stop Google’s changes in its privacy policy, and by the US government’s support of ACTA. The member who posted the log threatened that “If ACTA is signed by all participating negotiating countries…We will systematically knock all evil corporations and governments off of our internet.” Since the United States is a free country and I am given the freedom of speech by the first amendment, I will admit that I totally support Anonymous and what they stand for.

Source: Ars Technica

iMessage Desktop Beta

Posted on by
Reply

iMessage on the desktop went from a wish to beta in only four months. Less than half a year after releasing its SMS “replacement” for iOS devices, Apple brought its iMessaging platform to the Mac OS X desktop as part of its announcement of Mountain Lion. The desktop app is titled “Messages,” and will be released during Mountain Lion, which comes out this summer. However, Apple released a public beta for Lion users (which requires 10.7.3) on Tuesday.

Once you login with your Apple ID, you have the option to begin receiving messages at several e-mail addresses if you wish, just like you can on your iOS devices. The visual layout looks just like iMessage on the iPad and very similar to iMessaging on the iPhone. Once you are setup, you could pretty much “text,” or iMessage, your friends that are already using iMessages on their iOS device. If I am on a Mac and you on an iPhone, we could message back and forth with you simply “texting” me and not even needing an app.

Messages is just one of the features that Apple is planning to bring to Mountain Lion (OS X 10.8) when it’s released this summer. Mountain Lion will feature a Notification Center and its own dedicated Notes app, just like iOS devices already do. While there may be some bugs on the Messages beta, we have to remember that it is in fact just a beta and that the final version isn’t due out until this summer.

Source: Ars Technica

LightSquared Proposal Denied

Posted on by
Reply

The Federal Communications Commission (FCC) has stated that it will not approve LightSquared’s proposal to build a national 4G-LTE network. They did so after multiple tests showed that the network would interfere with most existing GPS devices.

The decision to not approve the proposal came after the National Telecommunications and Information Administration (NTIA) warned the FCC that “LightSquared’s proposed mobile broadband network will impact GPS services and that there is no practical way to mitigate the potential interference at this time.” The FCC responded to that warning by suspending indefinitely LightSquared’s conditional waiver to operate the network.

LightSquared wanted to build an open-access, wholesale wireless broadband network that integrated satellite and terrestrial technology, but government testing showed that the network would harm performance of 75% of GPS devices. GPS makers and the airline industry, which is building a GPS-based navigation system, were among numerous different groups that opposed LightSquared’s proposal.

“This proceeding has revealed challenges to maximizing the opportunities of mobile broadband for our economy,” the FCC said in a statement. “In particular, it has revealed challenges to removing regulatory barriers on spectrum that restrict use of that spectrum for mobile broadband. This includes receivers that pick up signals from spectrum uses in neighboring bands. There are very substantial costs to our economy and to consumers of preventing the use of this and other spectrum for mobile broadband. Congress, the FCC, other federal agencies, and private sector stakeholders must work together in a concerted effort to reduce regulatory barriers and free up spectrum for mobile broadband. Part of this effort should address receiver performance to help ensure the most efficient use of all spectrum to drive our economy and best serve American consumers.”

Source: Ars Technica

Cryptome Infecting Visitors

Posted on by
Reply

Breaches galore as Cryptome hacked to infect visitors with malware
A breach that has caused Cryptome.org to infect visitors with malware was one of at least six attacks reported to hit high-profile sites or services in the past few days. Other sites affected by these hackers included Ticketmaster, websites for Mexico and the state of Alabama, Dutch ISP KPN, and the Microsoft store in India.
 
Cryptome is basically a database of leaked documents and other information that concerns free speech, privacy and cryptography. This site was attacked by hackers who left code on its servers that attempted to infect any visitor using Windows PCs with a trojan spawned by the Blackhole Toolkit.
 

Cryptome’s founder John Young stated that he believes the hackers were able to infect his website with a poisoned PHP file by exploiting a weakness in security or server software provided by Network Solutions, the host of the Cryptome website.

 

“It is not yet clear how the attacker got past Network Solutions (our ISP)’s security which has been pretty good,” Young wrote in an e-mail to Ars Technica. “A security expert sent a message just minutes ago which included a security scan of Cryptome which indicated the attacker likely knew how to bypass NetSol’s security with sophisticated tricks.”

 

According to security firm Symantec, the Blackhole Toolkit exploits vulnerabilities in a variety of software packages that are running on Microsoft’s Windows operating system. The PHP code on Crytome’s servers specifically excluded infecting machines using IP addresses from Google, presumably to keep the infection from coming to the attention of the company’s antimalware defenses. Google’s safe browsing diagnostics for Cryptome showed no reports of compromise, so this tactic definitely worked.

 

Source: Ars Technica

Fake Bomb Threat via Twitter

Posted on by
Reply

Dangerous tweets: Arrested, fined in 140 characters or less

Now this story is very interesting. Arrests because of tweets on Twitter? Sure, sometimes a tweet can be valuable information. However, sometimes people tweet things they don’t really mean and tweet almost nonstop.

In 2010, South Yorkshire police went to the workplace of 26-year old Paul Chambers and arrested him on the spot. What was his crime? Well, he posted a frustrated joke to Twitter after his girlfriend’s flight was delayed due to snow at the local airport. His tweet read, “Crap! Robin Hood airport is closed. You’ve got a week and a bit to get your shit together otherwise I’m blowing the airport sky high!!”

Chambers definitely could have had better word choice, but even police didn’t find the tweet “menacing.” Chambers’s lawyer describes the chain of events leading to his arrest:

[The tweet] was not sent to the airport, and when it was found in a search some days later it was graded as “non-credible” by the airport security manager. However, the process in place meant that it was referred to the airport police, who did nothing, and then to South Yorkshire police, who arrested Paul at his workplace for a suspected “bomb hoax.” The police in turn realised after interview that it was intended as no more than a joke; but they had to refer it to the Crown Prosecution Service for a decision.

The CPS agreed that it was not a bomb hoax offence, but they decided it was in the public interest to prosecute Paul under section 127. This seems the first time… that this offence had been used in respect of an internet communication.

Chambers was fined £400 plus costs (now over £3,000). He has now appealed the case, which was heard in London this week, and the ruling will set precedent as the first time an appellate court has considered this sort of issue related to social media.

The UK isn’t the only government that is a little confused on how to handle threats over Twitter. Two weeks ago, British tabloid The Sun interviewed a man and woman who had been sent back home after long flights to California, where the Department of Homeland Security had agents point to a recent tweet from the man saying, “Free this week, for quick gossip/prep before I go and destroy America.”

Yes, it is all a bit strange. I don’t think if it was my goal to “destroy America” that I would post it via Twitter or any means of public communication, especially in English. However, I suppose the Department of Homeland Security might get a little heat if they missed a tip because it was too obvious.

Source: Ars Technica

iPad 3 Rumored Announcement

Posted on by
Reply

As expected, there have been quite a few rumors about the launch of Apple‘s iPad 3. According to sources speaking to All Things D, the iPad 3 will be announced and introduced at an event in San Francisco during the first week of March. If this is true, it will be one year after the iPad 2 was announced in 2011.

What are the specs rumored to be? Well, so far, it has been generally accepted that the iPad 3 will feature a higher-resolution “retina” display. However, others have came up with conclusions of upgraded cameras, a slightly thicker body, a quad-core processor, and even possible LTE support. According to All Things D’s sources, the iPad 3 will be “a device similar in form factor to the iPad 2, but running a much faster chip, sporting an improved graphics processing unit, and featuring a 2048 X 1536 Retina Display—or something close to it.”

Really, the time seems to make all the sense in the world. Apple has always been a company that loves things to be on schedule, especially given their history of the annual September iPod event. The rumors and sources are similar to that of the iPad 2, in which they became a reality to the day. One year later, we are waiting and anticipating the arrival of the iPad 3.

Source: Ars Technica

Motorola Droid 4 Coming for Verizon

Posted on by
Reply

The Motorola Droid 4 will be coming to the Verizon Wireless network for $199.99 with a two-year contract. This was announced officially today in a press release by Motorola. This phone will feature a keyboard like its predecessor, the Droid 3, but has a much better design.

The Droid 4 will feature a 1.2GHz dual-core processor, 1GB of RAM, and a 4-inch qHD screen. Looking for a decent camera on your smartphone? The Droid 4 will have an 8-megapixel camera that can record 1080p video. An “HD” camera is also on the front. The smartphone will launch with Android 2.3 Gingerbread operating system, but is “to be upgraded to Android 4.0 Ice Cream Sandwich,” according to Motorola.

The Droid 4 still isn’t the thinnest phone around and is kind of heavy, but it is still a very nice phone. The sliding action of the keyboard going in and out is much smoother and easier than the Droid 3, which had a stiff mechanism. The keyboard of the Droid 4 is much easier to press, which should make for a better typing experience.

The Motorola Droid 4 will be available in stores and online for the Verizon Wireless network starting February 10, 2012.

Source: Ars Technica

BlizzCon 2012 Cancelled

Posted on by
Reply

Blizzcon 2012 canceled—but why?

Blizzard Entertainment has announced that they have decided not to host a BlizzCon 2012 because they are “heavily focused on getting Diablo III, Mists of Pandaria, and Heart of the Swarm into the players’ hands as soon as possible.” While this is true, further studying into the statement doesn’t fully explain the decision to the liking of the gamers.

Sure, they are working on some huge upcoming projects. However, Blizzard was working on a wide variety of pending projects in the past six of seven previous years that BlizzCon was put on. If you’re wondering about the one stray year, that was in 2006 after 8,000 people came out for the first 2005 BlizzCon.

But even without the projects in mind, it’s hard to believe that Blizzard would want to do without the huge promotional opportunity that BlizzCon represents. BlizzCon serves as a way to provide controlled previews and major announcements directly to tens of thousands of attending fans, as well as press coverage. Last year, tickets were $175 per ticket, so you would think Blizzard even makes quite a bit of money on that. However, Blizzard has stated in the past that it loses money on the convention, despite taking in millions in ticket sales. Though, we’re sure that they make up the “losses” in sales. If they simply lost on the event, they wouldn’t have put on six BlizzCon events.

It’s hard to say for sure what the exact reason is that they would choose not to put on BlizzCon 2012. Perhaps it has something to do with last year’s event being the only one to decline in attendance from the year before, going from 27,000 to 26,000 attendees. Maybe they really are simply too busy. Perhaps we won’t ever get the real scoop, or maybe the they’re-too-busy approach is simply the actual reason.

Source: Ars Technica

SOPA and PIPA Defeated

Posted on by
Reply

Internet wins: SOPA and PIPA both shelved

Only hours after Senator Harry Reid (D-NV) announced that he was delaying a vote on the PROTECT IP Act (PIPA), Rep. Lamar Smith (R-TX), the sponsor of the Stop Online Piracy Act (SOPA), followed suit and announced he would be delaying consideration of the companion legislation.

“I have heard from the critics and I take seriously their concerns regarding proposed legislation to address the problem of online piracy,” Smith said. “It is clear that we need to revisit the approach on how best to address the problem of foreign thieves that steal and sell American inventions and products.”

“The Committee will continue work with both copyright owners and Internet companies to develop proposals that combat online piracy and protect America’s intellectual property,” Smith continued. “We welcome input from all organizations and individuals who have an honest difference of opinion about how best to address this widespread problem.”

Former Senator Chris Dodd, head of Motion Picture Association of America, seemed to admit defeat as well. ”With today’s announcement, we hope the dynamics of the conversation can change and become a sincere discussion about how best to protect the millions of American jobs affected by the theft of American intellectual property,” he said in a statement. “It is incumbent that they now sincerely work with all of us to achieve a meaningful solution to this critically important goal.”

While the general idea of SOPA and PIPA may return sometime down the line in redesigned form, their present forms, and names, are done for good. A key figure in the fight against SOPA was Rep. Darrell Issa (R-CA). Issa planned to use his perch as chairman of the House Oversight and Government Reform Committee to highlight the flaws of SOPA’s DNS blocking provisions. His intentions were to hold a hearing featuring the testimony of actual technical experts, something that Smith’s hearings on the bill failed to include. Wednesday’s internet protests were scheduled to coincide with the hearings, but Issa scrapped his hearing after receiving assurances that the DNS provisions would be dropped from SOPA. The protests against SOPA and PIPA definitely continued and were very successful.

“Supporters of the Internet deserve credit for pressing advocates of SOPA and PIPA to back away from an effort to ram through controversial legislation,” Issa said in a Friday statement. “Over the last two months, the intense popular effort to stop SOPA and PIPA has defeated an effort that once looked unstoppable.”

“Postponing the Senate vote on PIPA removes the imminent threat to the Internet, but it’s not over yet,” Issa continued. “Copyright infringement remains a serious problem and any solution must be targeted, effective, and consistent with how the Internet works.”

Source: Ars Technica

SOPA Protests

Posted on by
Reply

SOPA protest by the numbers: 162M pageviews, 7 million signatures

Millions upon millions of people witnessed the protests against the Stop Online Piracy Act (SOPA) today as some of the Web’s most popular sites, including Google, reddit, Wikipedia, and Craigslist, staged protests against SOPA and its companion PROTECT IP Act (PIPA). The organizations that staged these protests are beginning to release hard numbers on the response, and they are pretty powerful.

The Wikimedia Foundation stated that it reached 162 million people with Wikipedia’s 24-hour English-language protest of the anti-piracy bills. Of those, more than 8 million readers in the United States then went and looked up contact information for their members of Congress, which could be done through the site. That being said, at least tens of thousands, if not more, of calls to congressional offices were more than likely made.

“The Wikipedia blackout is over and the public has spoken,” said Sue Gardner, Wikimedia Foundation Executive Director. “You shut down the Congressional switchboards, and you melted their servers. Your voice was loud and strong.”

Google did not go as far as blacking out its entire site as Wikipedia did, but it did have a black bar over their logo, as their Doodle, and encouraged users to sign the petition opposing SOPA, which went viral on Twitter, Google+ and Facebook very quickly. Google generated at least 13 million page views to its anti-SOPA page and got 7 million people to sign its petition.

The Progressive Change Campaign Committee, a liberal advocacy group, received 200,000 signatures on its petition. The organization stated that more than 30,000 Craigslist users called Congress through the PCCC’s website.

Not all was done on the internet. Opposers of SOPA and PIPA also staged in-person protests. Two of the largest protests were in New York City and San Francisco. All four of their senators are PIPA co-sponsors, despite them being the nation’s largest high-tech communities. Close to a thousand protestors were at the Manhattan offices of the New York senators. In San Francisco, speakers ranged from internet librarian Brewster Kahle to rapper MC Hammer. “When they say that it is to protect rights to content, that may be the surface, but as you drill down, you see all these other clauses that would put a tremendous burden upon service providers and a whole lot of other people,” Hammer said. He described SOPA as a “barbaric” bill that would “give the government the ability to shut down sites without due process.”

“This was one of the biggest outpourings of grassroots sentiment that I’ve ever experienced on Capitol Hill and it’s begun to tip the scales against SOPA and in favor of an open Internet,” Chris Fitzgerald, communications director for Rep. Jared Polis (D-CO), told Ars. “The phones rang off the hook once people became more aware of how SOPA will endanger jobs, free speech, and the Internet itself.” Polis is a longtime SOPA opponent.

At least 19 senators have declared their opposition to PIPA, including seven former co-sponsors. Senator Patty Murray of Washington expressed new reservations about the legislation.

Source: Ars Technica