Categories
Internet Politics Technology

Global strategic war declared on governments against Internet Liberty

Dilbert Data SecurityRecently I wrote about the UK Government’s refusal to upgrade the ancient obsolete browser known as Internet Explorer 6 and how they were citing Security reasons for remaining on the ancient browser. With the British government yielding the current Internet Villian of the Year, then they must be confident in their security.

Lulzsec and Anonymous however may be about to put that security confidence to the test, the two hacking groups have joined forces in a joint operation that they are referring to as Operation Anti-Security. They have openly declared war against organizations, with a particular emphasis on Government and Banks (although I am not sure why they want to focus on banks) which are known to have dubious reputations in the internet liberties front.

Taking into account the governments highly controversial digital piracy laws which would see users and companies struck from the Internet for downloading unauthorized files I expect Lulzsec’s glare may shift towards the insecurity of the British Government. Who knows, perhaps they may in co-ordinating strategic attacks against the government awaken a sleeping generation of non voters prompting them to stand up and be counted at the next general election.

Suggestions that it may be a plot to give governments an excuse to take more control of the internet seem to be unfounded. The two groups have been increasingly becoming more high profile with recent attacks. The two groups if they play wisely, should stay away from attacking banks, despite the world distrust of the banking sector, people are still financially motivated. Removing access to financial information by striking down banks will lead to the general public siding with the banks and government instead. Keep it strategic and go after governments and a good population will not be unsympathetic to the cause.

References:
The Inquirer |  PCMag | iGyaan

Categories
News Politics

What does Restrictions mean for UPS?

Department of Transport blocks UPS Deliveries for Security

In a move that seems to be reminiscent of the British Government’s decision not to upgrade Internet Explorer 6 to something more secure citing security reasons, they have stopped United Parcel Service (UPS) from doing security scans on their cargo for “security” reasons. It seems that the UK Department of Transport is going on the somewhat cryptic logic that by not allowing any  cargo through it will secure the UK from an attack of ink cartridge bombs.

Surely all it will do is mean there will be lots of exploding ink sitting on the runway instead.

How will it affect UPS However?

Experts seem to think that this will be a short term delay to deliveries. UPS is a major

UPS Trucks carried on a FedEx Truck

organisation and they will adapt their policies to the new way that Britain wants them to scan their parcels. Otherwise they would lose to competitors not only here but abroad – after all who would want to ship with a company that does not take security seriously?

Financial experts are even going so far as to recommend the purchasing of stocks of UPS which is currently sitting at a low period in stock levels but will likely see this rise once the situation has been resolved.

A spokes person for UPS has indicated that they have a contingency plan already in place.

References
Guardian | BBC News | Edmonton Journal

Categories
News Politics

United States should take responsibility for Wikileaks

Dilbert Data SecurityIf Wikileaks has been acting like a terrorist organization it is most likely because the United States is trying to push the blame for the leak on Wikileaks. That is not however entirely accurate, we are referring of course to predominately United States Military and Diplomatic reports.

They key word there: United States.

United States Military Personnel and Diplomatic Staff have generated the reports, passed it on to their superiors, or their superiors secretaries whom in turn handed it in to their superiors most likely. So for every document that’s at least 3 people have seen it, although i would be surprised if it was just 3 there’s probably a whole bunch of personnel have access to the information.

This is where the leak came form, not from Australia, Julian Assange is by no means responsible for causing the leak – at most he might be responsible for distribution of the information but how is that different from what Blogger have done in response to the documents, likewise the news channels and papers around the world have reiterated some of the information. Does that mean we all need to hand ourselves in?

The problem lies with the United States personnel whom likely have commited Treason by releasing these documents to unauthorized parties. There is where justice must be sought. More importantly, given the scale of the security breach it must really bring into question how much trust countries can place in the United States in its position of dominance.

The release of the cables are a strong indicator that the United States does not take national security that seriously and should not be trusted with any information of a sensitive nature. Until such a time as they start considering this a serious problem countries must view discussions with US Personnel as something that will inevitably fall into the hands of unauthorized persons.

Australian foreign minister Kevin Rudd dismissed US diplomatic comments regarding him that came out from wikileaks as irrelevant – which it entirely is – it does not effect his ability to do his job. He has judged however that the US should consider this problem and deal with the culprits of the crime instead of using Assange as a scapegoat.

References
Guardian

Categories
Technology

Free Security: Four tips to protect your computer.

Today I got a call from a friend in distress over a call he had received about his computer “letting in viruses” he wanted to know If it sounded like a genuine call. To be honest, any one calling out of the blue about the security of your computer unless your in a security management contract of some kind is most likely cheap tactics to scare you into buying expensive products. With them suggesting a 1 to 8 year license it sounds like this one definitely fell into the category.

Lets take a look at the key products to secure your PC with.

avast Anti VirusLets start with your anti virus software. These days the definition of virus and spy-ware or malware has became very vague indeed. Many programs that would traditionally be considered an anti virus program can detect more than just Viruses. Software designed to do serious harm to your computer. This is where avast comes in. This is one of the best free anti virus programs on the market.

The free package just gives you a basic virus scanner but upgrades to premium packages which offer you services such as anti-spam mail filtering and protection from phishing – sites and emails that are designed to fool you into thinking you are giving details to a legitimate organization such as a bank.

Website: www.avast.com

I mentioned already about Spyware and Malware and there is two nice programs that handle it quite nicely. In fact, I am running a live system scan with one right now.

Ad-Aware Anti Malware The people at Lavasoft have put together a nice program called Ad-Aware, the free edition lacks the ability to run in real time so you need to remember to manually update and scan your system with this one, or upgrade and get the automatic and real time system included. Continuing to work with the free edition might be best however, because of our next player in this market. They have problems co-existing it seems. But run them at separate times and you’ll be left with a nice clean system.
Website: www.lavasoft.com
Spybot Search and DestroyWe could not have any form of protection article and not at least mention Spybot, this fast little tool supports the ability to immunize your system to reduce the likelihood of problems in the future. This is my personal favourite. As mentioned before, this and Ad-Aware seem to dislike each other, they are both fine tools and used together increases the protection but you must only run one at a time or you’ll end up with conflicts between the two, when you start Spybot with Ad-Aware installed it will warn you of the conflict.
Website: www.safer-networking.org

Firewalls are an important aspect to the security of your computer although a software firewall can be no match to using a hardware network based firewall which is generally what I rely upon and use software firewalls more as a warning in the event of a possible breach it will flag up to say there is an intrusion. But for completeness sake under a new brand, GFI, I have used the firewall software since it was first released two owners previously. The personal firewall software as their own description says, does not slow down the computer it is indeed rather speedy and I have enjoyed the flexibility of it. Like the previous applications a free edition is available.
Website: www.sunbeltsoftware.com

How do they compare against Norton and McAfee?

In my experience both Norton and McAfee have ran extremely slowly on computers and generally cause more problems than they actually prevent.  These disturbingly come with PCs provided by a great number of major retailers , and this often fools people into thinking they have adequate security. This is often not the case, many of these users do not realise that this kind of software needs to be updated frequently, and the packages included on new pcs are often only 30 day trials so a month down the line they stop working and offer no protection at all. You should avoid using them if you want your PC to be secure.

You might also want to consider switching away from Windows whilst your at it, but that’s another story perhaps one for another time, a quick guide to switching to Linux for newbies. Look out for that one!

Categories
Technology

Android the phone for the Enterprise

Mobile Phone SecurityWhen it gets to security, portable equipment has long been a major problem for the corporate world. Mobile phones in particular have been a specially problematic area. They spend most of their life’s out of the physical control of the IT Department. This means that making sure data on them does not fall into the wrong hands is a daunting challenge.

Google seems to have accepted that challenge, and have announced a new suite of administration controls for Android phones using Google Apps.

Features including:

  • Password Quality Checks – Length and Combination of Letters and Numbers Control
  • Remote Data Wiping
  • Withdraw access to corporate data
  • Lock the phone.

The security suite will become available free to premium and education users of Google Apps within the next few days. They are not the only company out there to develop security systems for mobile phone users. However for users already working with Google Apps this might prove to be a more economical patch than going to the competitors. Experts suggest that Google will soon be in a position to compete with Research in Motion, the people behind Blackberry.

References
ZDNet

Categories
News Politics

1 in 200 arrests under Anti Terror Laws had no Terrorism element laws deemed worthless

Counter Terrorism SquadThe Terrorism Act, Section 44 gave police powers to stop and search in the name of anti-terrorism. The extent of these searches has came to light as fruitless in a review by the new home secretary. Just 1 in every 200 stops lead to an arrest, and of these, none were arrests due to terrorism related offenses it may be possession of drugs or offenses like that they were taken into custody for.

It goes to show that violating civil liberties really doesn’t achieve much useful goals. The numbers work out at a successful arrest rate of 0.5% against 10% for stop and search conducted not using Terrorism as an excuse. Liberal Democrat peer Lord Ken MacDonald is conducting a review into the counter terrorism policy which should hopefully see some sanity come to the UK’s anti terror laws at last. The official review is expected to be published in the near future, and co-incides nicely with criticism of airport security just this week.

References
Associated Press

Categories
News Politics Technology

Airport: For security reasons please remove your pants.

Family GuySecurity measures at airports to prevent terrorism against planes has long been criticized as being over kill. Introduction of shoe x-ray process, extra effort taken to check laptops, restriction of what may be taken on board it all serves as a waste of time.

With a toilet sized container of flamable liquid onboard it is likely to take down the plane anyway. So it should really come as no surprise that the chairman of British Airways has gotten a little bit annoyed by checks.

The illusion of security is not being enforced by ridiculous “security” checks. He accuses the airport industry of doing what big brother (America) tells us to do regardless of weather or not it is a useful policy. Demanding that we should run our own country and airports the way we want seems a very sensible policy. The fact that in the United States the Americans do not even do many of the security checks they demand that we do should be a reminder that we are our own nation. We should stand up to the neighbourhood bully.

Many of the new checks are a direct result of someone plotting or thinking of using them to commit acts of terror. Which raises the question given a Nigerian man plotted to detonate a device hidden in his pants last year, when will the Americans insist that people on board flights are pant-less – surely that would help with security? Or maybe not.

References
The Telegraph

Categories
Internet Politics Technology

National Security should be secondary to Personal Security

Spy SatelliteEchelon has for a long time been reportedly able to intercept communications in essentially any form, e-mail, telephone, fax you name it they are meant to be able to in real time intercept it, and “secure” the state against terrorist attacks. Or whatever they happen to be trying to find out. Such a system especially in the hands of the United States would with a high likelihood be abused to political purpose.

Then the FBI walks in.

They have been putting pressure on getting even more power of interception over communications. The latest achievement that they are looking for is to regulate the encryption industry.

Regulating a security industry in the sense that the FBI wants is a dangerous idea. Security should be between two communicating parties and, if the security worked, no one else will be able to intercept what happened. The very definition of what the FBI is seeking to do, mandatory back doors to encryption protocols is the complete opposite of security. Instead of having to work out what the private key is, you just need to find the government master key in a very One Ring to Rule them all approach to security.

Creating a security protocol to protect two parties from intercepti0n, whilst allowing a government agency the ability to intercept is something that cannot be allowed. A protocol which allows this would be notoriously difficult to design and maintain, and this will open up even more potential security risks well beyond just the government snooping capability.

Without enabling this back door , it is obvious from the number of security breaches involving large companies that should know better that security is a difficult task as it is. Google was breached by China, Cisco already has built a network that allows tapping by law enforcement, and this is vulnerable to a number of breaches to.

The arguments put forward against the use of regulation in the encryption market are very strong, and even take into account constitutional issues and freedom in general.

References
Black Hat
CNN
Electronic Foundation Frontier

Categories
Internet Technology

UK Government not prepared for Cyber attacks

Cyber SecurityIt seems that whilst London has been busy fighting over where money should be going they may have forgot there is a nation to run. This week has seen some serious warnings about the failings of the UK National security preparations. Government Communication HeadQuarters (GCHQ) director Iain Lobban has warned of a threat of cyber attacks on the UK infrastructure.

A former advisor to the whitehouse working now at security firm RSA highlights that international efforts must be made to deal with the threat of cyber attacks. There are countries that still turn a blind eye to the activities so long as that they are being directed from outside their borders. These nations must deal with activities such as this – and I suspect these countries may belong to the middle east.

The house of lords have also held a debate for 2 hours into the subject of cyber defense. How productive that may have been im not sure, but the conclusion was that the Government needed to take action so even if they are clueless the right advise was suggested anyway. The debate came about as a result of an EU recommendation of an NATO-EU joint effort to protect member states from such threats. Of course, that was published in May, so its good to see the Lords are up to speed!

References
V3
V3

Categories
News

Goat Marrige calls from boys on twitter!

goat An alarming number of people have been posting on twitter about relationships with goats. Perhaps it is time for the law to be revised to open up marriage between the boys and the goats. It is in the interest of equal opportunities and equal rights of course!

In all seriousness hoewver, it turns out that Twitter is facing the second worm in the space of a week. It highlights the potential security issues associated with using Twitter, again. The users seem like they are not going to learn.

This time it was caused by basically the same flaw as the previous one with much the same effect. However this time the resulting messages seem to be all more or less the same content. The users of the site have realised they have been accidental posting humiliating content about their relationships with goats.

Given the nature of this threat and the similarity to the previous attack I wonder if this has been generated by the same hacker. Instead of merely hovering over the link this time you had to actually click on the link. The security aspects of preventing it need to be seriously considered by Twitter as part of a solid security review, and the sooner they start the better.

References
TechWatch