We begin with a notable hack from TechWorm:
$104 and 8 hours of Amazon’s cloud computing is all it took to hack NSA’s website
- Researchers hack NSA’s website with only $104 and 8 hours of Amazon’s cloud computing power using the #FREAK vulnerability
A group of researchers only needed $104 and 8 hours of Amazon’s cloud computing power and off course, FREAK to hack the NSA’s website. The researchers used NSA’s anti-encryption policies, which were the main reason for the newly disclosed internet flaw called FREAK, to make NSA’s own website a guinea pig.
The bug which was disclosed by Akamai and subsequently reported by Techworm on Monday allows any potential hacker to intercept a supposedly secure connection between people using Android or Apple devices and PC’s using Mac OS X and Safari browser. The websites vulnerable to this flaw may be in thousands including NSA.gov, FBI.gov and Whitehouse.gov.
Actually this isnt a flaw, it is a mis-implementation of encryption policies by United States and in a way NSA so that they could have a non-encrypted backdoor on every mobile. It would be stupid to assume that NSA created a massive security dark hole, that allows hackers to impersonate said website and steal confidential data like passwords and logins, without knowing it was doing that.
From the Register, ignoring the evident:
US watchdog: Anthem snubbed our security audits before and after enormous hack attack
- Hackers probe where federal officials were forbidden
A year or so before American health insurer Anthem admitted it had been ruthlessly ransacked by hackers, a US federal watchdog had offered to audit the giant’s computer security – but was rebuffed.
And, after miscreants looted Anthem’s servers and accessed up to 88.8 million private records, the watchdog again offered to audit the insurer’s systems, and was again turned away.
“We do not know why Anthem refuses to cooperate,” government officials told The Register today.
The Office of the Inspector General (OIG) for the US Office of Personnel Management (OPM) told us it wanted to audit Anthem’s information security protections back in 2013, but was snubbed by the insurer.
From CBC News, a password showdown at the Canadian border:
Quebec resident Alain Philippon to fight charge for not giving up phone password at airport
- Whether border officials can force you to provide password hasn’t been tested in Canadian courts
A Quebec man charged with obstructing border officials by refusing to give up his smartphone password says he will fight the charge.
The case has raised a new legal question in Canada, a law professor says.
Alain Philippon, 38, of Ste-Anne-des-Plaines, Que., refused to divulge his cellphone password to Canada Border Services Agency during a customs search Monday night at Halifax Stanfield International Airport.
Philippon had arrived in Halifax on a flight from Puerto Plata in the Dominican Republic. He’s been charged under section 153.1 (b) of the Customs Act for hindering or preventing border officers from performing their role under the act.
The Washington Post covers whistlblower fails at the FBI:
Report says procedures put a chilling effect on potential FBI whistleblowers
Jane Turner loved being a FBI agent.
It had been her dream job since she was 13, and she had been a good agent during her 25 years with the bureau.
But once she became a whistleblower, the FBI turned on her the way the mob turns on a snitch, by her telling. She wasn’t killed, but her career was.
Turner has become a prime example of the way the FBI should not treat whistleblowers. The Government Accountability Office (GAO) cites her case in a report that will be the focus of a Senate hearing Wednesday.
From the Associated Press, seeking access to the cloud:
Poland asks US for IT data vital in eavesdropping probe
A prosecutor says that Poland has asked U.S. authorities to release data from an IT company’s cloud that could be vital for the ongoing probe into a government eavesdropping scandal.
Spokeswoman for a Warsaw prosecutor’s office, Renata Mazur, said Thursday that a request was sent to U.S. justice authorities in January. She refused to name the IT company in question.
Polish prosecutors believe the cloud may hold some conversations between former government ministers and business people that were secretly taped in Warsaw restaurants. Some of the compromising conversations were published last year by the Wprost magazine, leading to some lower-ranking officials being fired, but many other recordings remain unknown.
The Guardian covers European net neutrality anxiety:
Freedom campaigners warn against dangers of two-speed internet
- While the US voted to protect open internet, European ministers are accused of pushing to ‘permit every imaginable breach of net neutrality’
European ministers are pushing for new laws which would “permit every imaginable breach of net neutrality”, internet freedom campaigners have warned.
Days after the US voted to protect an open internet where all traffic is considered equal, proposals agreed by the telecoms ministers of 28 members states could allow a two–speed internet, where companies such as YouTube or Netflix could legally pay mobile networks or broadband providers for faster, more reliable delivery of their content – potentially to the detriment of other internet users.
Campaigners warn the move could stifle online innovation and undermine the digital economy.
From the Associated Press, spooky imbalance and the permafrost:
UK report: Spy agencies should seek female recruits online
British lawmakers say the country’s intelligence agencies, which inspired James Bond, aren’t doing enough to promote real-life Jane Bonds.
A report on women in the intelligence services says female staff members are being held back by a layer of middle managers, dubbed “the permafrost,” who have “a very traditional male mentality and outlook.”
The report published Thursday by Parliament’s Intelligence and Security Committee said that women make up 37 percent of the workforce at domestic spy service MI5, overseas intelligence agency MI6 and electronic eavesdropping center GCHQ. But women account for only 19 percent of senior staff.
The lawmakers said the agencies should cast a wider net to recruit middle-aged women and mothers, who had “valuable life experience.” It said agencies in which all staff “are cut from the same cloth” could lead to unacknowledged biases that hampered the work of espionage.
From BBC News, food for conspiratorial thought:
German BND spy agency hit by ‘Watergate’ leak
Germany’s Federal Intelligence Service (BND) is dealing with what media have described as its own “Watergate” scandal, after taps were removed from its unfinished new Berlin headquarters.
The removal happened on Tuesday and left large parts of the building flooded, police say.
An investigation has begun into the theft, but police have so far found no signs of a break-in. The incident is seen as embarrassing for the BND, as well as expensive.
From the Guardian, an old-fashioned spookery:
Russian police officer found guilty of spying for US
- Roman Ushakov convicted of treason for handing over classified material and sentenced to 15 years in prison, in case likely to inflame US-Russian tensions
A Russian police officer has been convicted Thursday on charges of spying for the United States – using a cache disguised as a rock – and sentenced to 15 years in prison. It was the latest in a host of spy cases amid rising Russia-west tensions over Ukraine.
The Moscow city court on Thursday found Roman Ushakov guilty of treason for handing over classified information to the United States. Prosecutors produced his messages, which contained sensitive information about the interior ministry, as well as a rock-like cache with cash and a letter from the CIA, according to the Interfax news agency.
Interfax quoted prosecutor Viktor Antipov as saying Ushakov was caught red-handed, pleaded guilty and gave detailed testimony about his contacts with US intelligence. Antipov said Ushakov worked in Siberia, but gave no further details.
From the Associated Press, Bolivia’s former top narc investigated:
Former chief of Bolivia drug police under investigation
The retired police general who reorganized Bolivia’s counter-narcotics force after President Evo Morales expelled U.S. drug agents is under investigation for illicit enrichment and drug trafficking ties.
A judge was to decide Wednesday whether Gen. Oscar Nina should be jailed. Nina’s wife and two children were ordered jailed late Tuesday for suspected laundering of illicit earnings.
Interior Minister Hugo Moldiz cited “serious suspicions” that Nina and his family had links to drug trafficking. Prosecutor Gomer Padilla said investigators had discovered assets unsubstantiated by income but did not disclose their nature.
After the jump, another hotel chain hacked, Another piece of point of sale malware targets credit card data, a social engineering death threat, a privacy half-measure, drones to target cell phones with ads, on to the ISIS front, first, with oil fields ignited to block advance on Tikrit,, thousands take flight, U.S. strategies rely on Iranian help and an Iranian general becomes a star at home, ISIS bulldozes a legendary archaeological site, and an air strike kills Syrian Al Qaeda leaders, Afghanistan’s security forces dwindle, on to the Boko Haram front, first with an abundance of potential recruits, a massacre in a Nigerian village, and victims very young and very old, the South China Seas Game of Zone drives out a British oil exploration company, North Korea praises an attack on a U.S. ambassador, China refuses Japan’s plea to silence a Game of Zones website, but Beijing and Tokyo agree to security talks, Shinzo Abe’s team proposes streamlining the army command structure for combat readiness, and to close, Tokyo sues Okinawa to block release of an American base relocation agreement. . . Continue reading