Friday, February 22, 2008

17 arrested in Canadian hacking bust

Quebec provincial police conducted raids on Wednesday, breaking up a hacking ring that police say is responsible for an estimated CDN$45 million (US$44.3 million) in damage to computer systems.
The hackers installed remote-controlled "botnet" software on victims' computers in order to run phishing and spamming operations, said Capt. Frederick Gaudreau, of the Surete du Quebec, in a videotaped press conference posted to the police agency's Web site. "The hackers managed to install botnets on the victims' computers, which permitted them to control at a distance the victims' computers," he said. "These said computers were then used to attack Web sites in order to steal victims' data."

If convicted of computer hacking charges, the accused could face 10 years in prison, he said.

Although the hackers operated from about a dozen towns all over Quebec, their botnet network was international in scope, infecting 39,000 computers in Poland, 28,000 in Brazil, and 26,000 in Mexico -- the top three countries affected by the group. In all, they hacked into more than 100,000 computers in 100 countries.

The accused range in age from 17 years old to 26 years old, but police did not release the names of the accused. Three of them are minors, Gaudreau said.

This is the first time that Canadian authorities have dismantled such a network, he added. The investigation was done in collaboration with the Royal Canadian Mounted Police.

Europe makes moves towards Internet censorship

A debate over the use of internet filtering is heating up in Europe, with privacy advocates and carriers going head to head with authorities.
In Finland programmer Matti Nikki is under investigation for publishing a secret list of domains that authorities had allegedly censored in an effort to stop the spread of child pornography. Nikki published his list to prove the system was being abused, and was himself censored as a result. The Finnish Chancellor of Justice has received a complaint about police handling of the matter.

The authorities distribute their list to the country's twenty largest Internet service providers, which then block access to the sites. The rest of Finland's 200 ISPs haven't implemented the technology, so protection is far from complete.

The problem with filtering is that it is a very blunt tool, according to Swedish Internet activist Oscar Swartz.
"I have seen the list Nikki published and it includes links to sites with regular pornography, so they shouldn't be censored," said Swartz.

The Finnish police force is aware of the problems with filtering.

"The technology we currently use works well with sites that only include child pornography. To filter sites with a mixture of content we need to use other technologies as well," said Lars Henriksson, chief superintendent at the National Bureau of Investigation.

Finland isn't the only country where the temperature is rising. Danish authorities recently decided to block file-sharing site Pirate Bay, after pressure from the International Federation of the Phonographic Industry (IFPI). ISP Tele2 decided to fight the court order. They are so far the only ISP that has been ordered to shut off access to The Pirate Bay, but IFPI has plans to expand the blocking.

Other organizations are starting to show an interest in the use of filtering, including mobile network operators. They are banding together to combat the distribution of child pornography.

"We are here to tackle a very disturbing and damaging phenomenon," said Craig Ehrlich, chairman of the GSM Association, a group of mobile network operators, launching the initiative at a conference in Barcelona last week.

The use of emotive issues to justify the introduction or extension of censorship worries some.

"It's easy to ignore the negative aspects of filtering and censorship when talking about something so universally disliked as child pornography," said Swartz.

But state censorship proposals don't stop there: the European Union's Justice and Security Commissioner Franco Frattini called last September for ISPs to block access to Web sites hosting information about bomb-making, and U.K. Home Secretary Jacqui Smith said in January that she wanted action taken against sites that encouraged terrorism, including social networking sites.

Such actions could have wider consequences: "If the E.U. starts to filter sites related to piracy, terrorism and child pornography, it will have some serious effects on the freedom to communicate," said Swartz.

White spaces group: Device testing on track

A wireless broadband device tested by the U.S. Federal Communications Commission for interference with television and wireless microphone signals has not failed, as a broadcasting group claimed last week, members of the White Spaces Coalition said Thursday.
The National Association of Broadcasters (NAB) on Feb. 11 said a so-called prototype device submitted by Microsoft lost power during tests being run by the FCC. The power failure comes after another whites spaces device malfunctioned in tests run by the FCC last year.

But Ed Thomas, a tech advisor to the White Spaces Coalition and a former chief of the FCC's Office of Engineering and Technology, said Thursday that while the devices power supply failed after many hours of continuous testing, it did not interfere with television signals due to the power failure.

Thomas, during a press briefing, said the NAB was engaged in "rhetoric" designed to complicate the FCC's device testing."Let this be based on science, not politics," Thomas said of the ongoing testing at the FCC. "Let the facts prevail."

The White Spaces Coalition, including Microsoft, Philips, Dell and Google, is asking the FCC to allow wireless devices to operate in the so-called white spaces of the television spectrum, space allocated for television signals but vacant. The coalition wants the white spaces opened up to give consumers more wireless broadband options, and the white spaces devices would be targeted at longer-range broadband than traditional Wi-Fi.

If the FCC approves the devices this year, commercial white spaces wireless devices could be available as soon as late 2009.

The FCC's in-house testing of four devices will continue for a couple more weeks, then the agency will conduct field tests for up to eight weeks. A second white spaces device has experienced no power failure problems, Thomas said.

But television broadcasters have opposed the coalition, saying it's likely that the that wireless devices will interfere with TV signals. The NAB has suggested the FCC should focus instead on a successful transition of TV stations to digital broadcasts, required by February 2009.

White spaces devices are "not ready for prime time," said Dennis Wharton, the NAB's executive vice president.

Wharton responded to Thomas' assertion that the Microsoft device did not interfere with TV signals.

"The devices they've tested haven't performed the way they were expected to perform," Wharton added. "That, in our view, constitutes a failure."

Open APIs may help Microsoft repair reputation

If Microsoft executes effectively on its new interoperability promises, it could repair its tarnished reputation in the technology industry and help the company get out of its own way to compete more effectively with Google.
At first glance, Microsoft's news on Thursday that it would provide access to documentation for its major software products, including Windows Vista, Office 2007 and Exchange Server 2007, appeared to be a way to appease the European Commission in its ongoing antitrust case. It also seemed an acknowledgment that Microsoft can't ignore the open-source community's impact on its business and prominence in the industry any longer.

"[The news] validates and places a Microsoft acknowledgment that the open models that have emerged -- which Microsoft has denied almost as vociferously as tobacco companies have fought the idea that smoking causes cancer -- are a perfectly reasonable way to go," said Nick Selby, a senior analyst and research director at The 451 Group.

Still, many remain skeptical that providing easier access to APIs (application programming interfaces), and vowing to allow developers to build open-source implementations on those APIs without interfering, doesn't mean Microsoft is a friend to open source, or that the company will change how it does business. Already open-source companies like Red Hat are adopting a wait-and-see approach to the news -- and rightfully so, as Microsoft has cloaked its own business interests in interoperability announcements before. For example, last year, Microsoft struck a so-called interoperability pact with Linux vendor Novell, while at the same time saying the company would go after people who violated more than 200 patents Microsoft says it holds for technologies in Linux.

But Thursday's news could, if played correctly, repair the long-held notion in the industry that Microsoft is a proprietary bully that buries anyone who jumps in its sandbox. By making a companywide commitment to being more transparent about its technology and friendly to open-source developers and companies that build interoperable technology, Microsoft proves it realizes it can no longer embrace proprietary principles -- and expect the entire industry to go along with it.

"This is the new Microsoft," said Chris Swenson, an analyst at NPD Group. "They really are changing." However, he acknowledged that because of Microsoft's previous business practices and reputation, it's highly likely that "no one is going to give them credit for it."

Still, people should keep an open mind about Microsoft's extension of a new olive branch to open source, he said. If critics take a few steps back, they'll see that Microsoft's decision did not happen overnight.

Microsoft's new attitude is the result of many years of antitrust tussling, beratement at the hands of the open-standards community and product-interoperability challenges that have inspired the company to change its ways in order to stay relevant, analysts said. Under increased global pressure, the company has been slowly coming around to the idea of open source -- through key initiatives like the Open Specification Promise -- over the past few years.

Mike Gilpin, an analyst with Forrester, suggested that many of Microsoft's recent executive changes also represent a shift in mind-set to a more open policy, and noted the rise of executives such as Bill Hilf, general manager of platform strategy and a former IBM Linux specialist, as part of this attitude adjustment.

"I wouldn't be surprised if there wasn't a relationship between the two things," he said. "This does come from the top. I think in the way this is being communicated inside of Microsoft, it places a lot of requirements on developers and product managers to behave in a certain way -- and if they don't do that, they'll be in a lot of trouble with [Chairman] Bill [Gates] and [CEO] Steve [Ballmer]."

Gilpin acknowledged that he has always been skeptical of Microsoft's intentions toward being more open and transparent, but in the past two years, he said the company "has really changed its stripes around interoperability."

In a blog post on Thursday, Hilf himself noted that Microsoft's new commitment has evolved over time, though he called the changes to Microsoft's strategy "broad-reaching" and said they "go above and beyond any prior incremental changes in Microsoft's DNA."

These changes are not only happening because of market forces that have given rise to the success of open source, but also because Microsoft has suffered from its own proprietary legacy. Aside from its embroilment in lengthy and costly antitrust cases both in the U.S. and overseas, a lack of support for open standards and interfaces also have hurt the adoption of its technology. By being more open, the company could also be more successful in areas where it has struggled, like the Internet, analysts said.

For example, when Microsoft created a new version of its Internet Explorer browser, IE 7, to keep up with the latest Internet standards -- and to compete with Mozilla's Firefox browser -- many people who'd built sites to work with previous versions of IE found they no longer worked because they had been designed to support Microsoft's proprietary technologies. In trying to do the right thing and support more open and generally supported technologies, Microsoft found that its own proprietary software got in the way of its best intentions.

In fact, the changing business models on the Internet that have made Google so successful are another example of where Microsoft could have benefited if it had embraced open standards and more technological transparency sooner, Selby said. Google right away gave developers access to APIs to create a community around its Web-based products and services -- and used this fact to criticize Microsoft, he said.

Microsoft's decision to be more open takes a bit of the wind out of the sails of that argument, he added. "It's a simple way to do the right thing and also manage a poke in Google's eye," Selby said.

Providing more open access to technologies also could give Microsoft leverage if it is indeed successful in its bid to purchase Yahoo, which recently said it would open up more APIs to developers in its own pursuit of Google.

Hard drive encryption has Achilles heel

If you think that encrypting your laptop's hard drive will keep your data safe from prying eyes, you may want to think again, according to researchers at Princeton University.
They've discovered a way to steal the hard drive encryption key used by products such as Windows Vista's BitLocker or Apple's FileVault. With that key, hackers could get access to all of the data stored on an encrypted hard drive.

That's because of a physical property of the computer's memory chips. Data in these DRAM (dynamic RAM) processors disappears when the computer is turned off, but it turns out that this doesn't happen right away, according to Alex Halderman, a Princeton graduate student who worked on the paper.

In fact, it can take minutes before that data disappears, giving hackers a way to sniff out encryption keys.

For the attack to work, the computer would have to first be running or in standby mode. It wouldn't work against a computer that had been shut off for a few minutes because the data in DRAM would have disappeared by then.

The attacker simply turns the computer off for a second or two and then reboots the system from a portable hard disk, which includes software that can examine the contents of the memory chips. This gives an attacker a way around the operating system protection that keeps the encryption keys hidden in memory.

"This enables a whole new class of attacks against security products like disk encryption systems that have depended on the operating system to protect their private keys," Halderman said. "An attacker could steal someone's laptop where they were using disk encryption and reboot the machine ... and then capture what was in memory before the power was cut."

Some computers wipe the memory when they boot up, but even these systems can be vulnerable, Halderman said. Researchers found that if they cooled down the memory chips by spraying canned air on them, they could slow down the rate at which memory disappeared. Cooling chips down to about -58 degrees Fahrenheit (-50 degrees Celsius) gave researchers time to power down the computer and then install the memory in another PC that would boot without wiping out the data. "By cooling the chips we were able to recover data perfectly after 10 minutes or more," Halderman said.

Led by Princeton University, the team included researchers from the Electronic Frontier Foundation and Wind River Systems.

U.S. states have enacted a series of tough data disclosure laws over the past five years which force companies to notify residents whenever they lose sensitive information. Under these laws, a missing laptop can cost a company millions of dollars as well as public embarrassment as it is forced to track down and notify those whose data was lost.

However, many state laws, such as California's SB 1386 make an exception for encrypted PCs. So if a company or government agency loses an encrypted laptop containing sensitive data, they are not compelled to notify those affected.

The team's research may spur legislators to rethink that approach, Halderman said. "Maybe that law is placing too much faith in disk encryption technologies," he said. "It may be that we're not hearing about thefts of encrypted machines where that data could still be at risk."

Laws like SB 1386 treat encryption as if it's a "magic spell" and ignore the fact that there's such a thing as bad encryption, said encryption expert Bruce Schneier, who is chief technology officer with BT Counterpane.

The underlying problem is that if someone gains access to your machine, it is very difficult to protect the data on your hard drive, Schneier said. "That's an extremely hard problem for a lot of reasons, and this is one example of that."

Hardware-based encryption would probably reduce the risk, Halderman said, but he agreed that "it's a difficult problem."

Hard-drive makers Seagate and Hitachi both offer hardware-based disk encryption options with their hard drives, although these options come with a premium price tag.

EMC buys Pi to round out cloud computing unit

Storage giant EMC continues to push into the consumer territory: Its latest move is to acquire Pi, a company whose software and services will help users keep track of their personal data.
Seattle-based Pi develops software and online services to enable users to control how they find, access, share and protect everything from photos, videos, and music. The data can be stored online or locally.

The company name stands for personal information, not the number 3.14.

The rapidly growing amount of personal data is what prompted EMC to open its wallet, according to CEO Joe Tucci. It's a cash transaction, but EMC won't disclose the amount.

Pi hasn't actually launched any products or services yet: They are in beta testing, according to EMC.

EMC sees Pi not only as part of its consumer push, but also an element of its cloud computing strategy, the next big thing in storage, according to one analyst.

"Cloud computing is the next storage hype. It's all about moving storage, back up, and even clock cycles to the net," said Per Sedihn, chief technology officer at Swedish storage integrator Proact.

EMC expects to complete the deal during the first quarter, at which point Pi and its 100 employees will join EMC's newly minted Cloud Infrastructure and Services Division. It already includes Mozy, an online backup service, and Fortress, a platform for cloud-based services. Pi founder and CEO Paul Maritz (who used to be an executive at Microsoft), will join EMC's executive management team as president and general manager of the divsion.

EMC is far from the only company interested in the area. Amazon launched Simple Storage Service (S3) two years ago. It provides data storage through a web services based interface.

Proact's Sedihn also likes Nirvanix, a company that counts Intel among its investors. "They have a very nice user interface", said Sedihn, adding that Google is also waiting in the wings.

"I think cloud services will mainly be used by consumers and smaller companies. But I also expect larger companies to build their internal infrastructure with this model, said Sedihn.