Google
 

Wednesday, October 31, 2007

Warning Over Net Address Limits


30 October 2007

Internet Service Providers urgently need to roll out the next generation of net addresses for online devices, internet pioneer Vint Cerf has said.

Every device that goes online is allocated a unique IP address but the pool of numbers is finite and due to run out around 2010.

A new system, called IPv6, has been awaiting roll out for 10 years.

Unless IPv6 is switched on in the coming years, some devices might not be able to go online, Mr Cerf has warned.

Mr Cerf, who played a key role in the development of the protocols which underpin the global net, said: "There is a risk of not being able to get online."

He added: "The rate of consumption of available remaining IPv4 numbers appears to be on track to run out in 2010/11."

Mr Cerf is about to step down as chairman of Icann, the body which oversees the net, and is also Google's chief internet evangelist.

Potential shortage

The current system, called IPv4 provides four billion addresses but the explosion in the number of devices which go online has led to the potential shortage.

Although IPv6 was standardised 10 years ago it has not been rolled out at speed.

While modern computers, servers, routers and other online devices are able to use IPv6, internet service providers have yet to implement the system.

"The reason they haven't - which is quite understandable - is that customers haven't asked for it yet," said Mr Cerf, adding, "my job, whether with my Icann hat on or not, is to persuade them to ask for it.

"If you don't ask for it, then when you most want it you won't have it."

IPv6 will create 340 trillion trillion trillion separate addresses, enough to satisfy demand for decades to come.

"To be clear - if we finally exhaust the IPv4 pool it doesn't mean the internet stops working. But people wanting an IPv4 address won't get one.

"If there is an internet that does not support IPv6, not getting an IPv4 address means not getting on the net."

He added: "The appreciation of the importance of getting IPv6 into operation is very much more visible than before.

"I'm anticipating in 2008 a substantial increase of use of IPv6, introduced in parallel with IPv4."

One complicating factor is that IPv6 and IPv4 are not compatible so ISPs will have to run the two systems in parallel - adding to costs.

In Asia, governments in China, Korea and Japan have begun to lead roll out of IPv6 and the European Union is reviewing methods to encourage adoption
Source: BBC News

Sunday, September 23, 2007

Broadband speeds under scrutiny

21 September 2007

Broadband speeds in the UK are much slower than advertised by internet service providers, a study by Computeractive magazine has found.
Some 3,000 readers took part in speed tests and 62% found they routinely got less than half of the top speed advertised by their provider
.

It is the latest in a series of questions over the way net firms advertise broadband services.

Regulator Ofcom said it was aware of the issue and was "investigating".

Testing times

The figures were gathered from more than 100,000 speed tests that the 3,000 respondents carried out to build up a picture of their average net-browsing speed on ADSL lines.

Statistics about net users in the UK show that half of current broadband users receive ADSL services that should run at speeds between one and four megabits per second (mbps).

The other 50% are on deals offering up to eight mbps but the tests revealed that, in reality, very few achieve the top speeds.

"This problem has been building for a while with a growing gulf between what is advertised and what is delivered," said Paul Allen, editor of Computeractive.

"The adverts often have super-fast broadband in huge lettering with the "up to" clause in very small print," he said.

"Users who have taken the test were surprised at the size of the gulf," he added.

Some 28% of the 3,000 respondents who took the ADSL speed test found that they received less than a quarter of their maximum advertised bandwidth.

While consumers may currently not notice their sluggish connections, this could change thinks Mr Allen.

"Previously it has not been a massive issue but in the coming year we are entering the net TV age and video content is bandwidth-hungry," he said.

Mr Allen called on regulator Ofcom to provide an independent speed test to anyone who has signed up to receive broadband.

Speaking for the telecommunications watchdog, a spokesman said: "We are looking at this issue. It is not a huge driver of complaints but it has come on to our radar screen."

"It's about the difference between the headline rate and the rate received," he said.

The spokesman said Ofcom was working with the net industry and other organisations such as Which to investigate the extent of the problem and what can be done about it.

"Once we have carried out this work we will assess what options might be available to tackle it," he said. The results of the investigation would be made available in the "near future", said the spokesman.

Fast chance

Research by market analysts Point Topic sugggests that, in many areas of the UK, few people will be able to get the fastest broadband speeds.

Only 5% of the population will be able to enjoy speeds of 18Mbps. More than half will only be able to get 8Mbps.


Ofcom was also working with the Advertising Standards Authority to keep an eye on how net service firms word their marketing materials.

"We make sure broadband advertising does not advertise speeds that cannot be guaranteed," he said. "They have to make it clear that there is a best possible speed rather than an average speed."

The ASA has investigated several cases of misleading promotions, most recently asking Bulldog to make it clear in its adverts that speed was dependent on how far away from the exchange people lived.

It ruled that broadband providers could use the words "up to" 8Mbps when describing services as long as customers were likely to get close to those speeds.

A survey last month by consumer group Which found that consumers with services promising speeds of up to 8Mbps were actually getting an average speed of 2.7Mbps.

There are many variables that determine the speed of a connection, including how far away from the telephone exchange the line is, how many others are using the line at the same time and the quality of the wiring within a home.

The tool used in the study is available for download from the Computeractive website. It was developed by advice service Broadband Choice.

Computeractive has also launched an e-petition on the Downing Street website, asking the government to force net service firms to provide clear information about the typical speed users will receive alongside the maximum speed. Source BBc News

Thursday, September 13, 2007

The Making of e-Soldiers

Weapons without barrels or bullets
By Tim Weber


Make no mistake: Defence Systems & Equipment International (DSEI), held in the huge Excel Centre in London's docklands, is an arms fair.

Armoured fighting vehicles tower over visitors; most gleaming, some proudly muddy as if straight from the training range.

Stands are bristling with weapons - from lightweight submachine guns to long-barrelled sniper rifles.

And there are plenty of uniformed men (and a few women), some in combat gear, most in their parade-ground best with plenty of gold decorating their shoulders.

High-ranking Chinese officers crowd around the finest that UK arms firm BAE system has to offer, Sony camera at the ready.


Fewer weapons

But there are much fewer weapons on display than on previous shows - fewer guns and bombs, less military hardware.

It's not that DSEI - held every two years - has become smaller; indeed, the organisers say that it has grown by 20% and is the biggest show yet.

Rather, the two wars in Iraq and Afghanistan have shown that most armies are not equipped to fight clever and ruthless insurgents that have little regard for civilian casualties.

The 'e-soldier'

There still is some old-style posturing. Italian gun make Beretta shows off a new assault rifle to the tune of Wagner's Ride of the Valkyries - in best Apocalypse Now-style.

However, were it not for the camouflage decorations, many exhibition booths at DSEI would not look out of place at an electronics fair.


Communications equipment, sensors, microprocessors, software packages and rugged laptops are arrayed to help modern armies compensate for what they are least likely to get more of: manpower.

Visiting DSEI allows to catch glimpses of a new warrior in the making, the "e-soldier", as Matt Howchin of UK microtechnology firm C-Mac calls it.

E-soldiers still carry a gun, but their uniforms and helmets are laced with electronics, monitoring both their own vital signs and their environment, relaying the information up the chain of command.

Helmet cam

Some of this technology is battle-ready, but still looks a bit cumbersome.

French defence firm Thales shows a soldier's battle gear that is supposed to block some of the remote control signals that are used to set off insurgents' bombs.

And at the ITT stand, a soldier - thick wires protruding behind his neck - sports a helmet cam and headphone set wired up to a Spearnet data radio.

The set-up - effectively a high-resolution webcam - allows the commander back at headquarters to get a real-time look at the battlefield.

Software packages could integrate all this information from the battlefield with systems like General Dynamics' Urban Istar programme.

This combines a powerful scanning system with a database that would allow troops engaged in urban warfare not only to detect hidden insurgents, but to understand the structure and weak points of a building without entering it.

Ultimately, this is about smarter fighting, "not with the bullet, but with better command and control systems," says Peter Felstead, editor of Jane's Defence Weekly.

The suicide bomber belt

The new wars have brought new threats.

One stand at DSEI shows a mannequin kitted out with a suicide bomber's explosives belt.

The pyrotechnic belt is a training device for armies and police forces, developed by Isle of Man-based Milpolice Equipment.


The belt allows the wearer to mimic the triggers used by real suicide bombers - and helps soldiers prepare for the threat.

The firm also makes IED simulators - the notorious Improvised Explosive Devices, or roadside bombs, that have caused so many casualties in Iraq and Afghanistan.

So how does the company keep up with the constantly changing techniques used by the insurgents?

"We have good contacts in the intelligence services," says managing director Stephen Blakely with a wry smile.

The race for better armour

While training is useful, protection is better.

"Force protection is where the big bucks are at the moment," says Jane's Peter Felstead.


John Rutledge at American Defense Systems Inc, a maker of heavy armour, speaks of full order books - and an arms race against the increasingly powerful devices used by Iraqi insurgents.

"We are using ever more exotic materials to protect the troops", he says; "getting real-time intelligence" helps the firm to stay ahead of the latest insurgent tactics.

At previous arms fairs, armies were looking to "up-armour" their existing vehicles, like light Land Rovers and Humvee trucks. Now the focus has shifted to new vehicles that are heavily armoured by design.

US firm International Truck and Engine is rushing out more than 1,900 Maxxpro trucks to the US Marine Corps, troop carriers that are designed to withstand mine blasts and roadside bombs on the Iraq battlefield.

Look, no driver

Oshkosh - which provides all the US army's heavy trucks - has put mirrors below a truck that show the heavy armour plating protecting the driver's cabin.

Everywhere there are stands displaying the latest in blast-proof glass or ceramics, so that vehicle makers can achieve the protection level armies are calling for.

After all, says German army Colonel Udo Kalbfleisch, "without giving soldiers proper protection you can't motivate them" and points to a video showing the heavily armoured Dingo that protects German soldiers on patrol in Afghanistan.

The more radical solution, however, is to take the driver out of the truck.

Oshkosh is working on control systems for unmanned vehicles.

Long supply convoys could have just a few real drivers. The other trucks would be steered by sophisticated electronics that work both in all-terrain and urban environments.

"I can easily foresee a future where we can achieve a 75% reduction of troops at risk," says Joaquin Salas at Oshkosh. "We are in discussions with the military to see when they might want to test this capability."

All this comes at a hefty cost. There is a trade-off between better armour and tight budgets, says John Rutledge, and it just "doesn't add up".

Already the cost of troop protection has started to cut into other procurement programmes, say industry insiders.

Lifesaver bottles

Battlefield innovation comes in many guises.

Pour dirty polluted water into the Lifesaver Systems bottle, pump a couple of times, and out comes perfectly drinkable water - without the use of chlorine or iodine. It's a solution that works not just for soldiers but disaster areas as well.

UK firm Chemviron Carbon tries to find customers for its ultra-lightweight chemical weapons protection fabric. Buyers so far have been the Swedish army and some special forces, and the company is now talking to police forces.

"When you think about it, the most likely [chemical] attack won't be on troops, but in a metropolitan environment," says Chemviron's Paul Graham.

C-Mac's stand doesn't sport any guns or camouflage at all.

The UK firm makes ceramic-based chip modules that work under extreme conditions - in fighter jets, tanks and rockets.

The tiny electronics components don't look much. But they can help win wars.
Source: BBC News

Wednesday, September 5, 2007

Hacking Tools On Sale

Cyber crime tool kits go on sale

Malicious hackers are producing easy to use tools that automate attacks to cash in on a boom in hi-tech crime.
On sale, say security experts, are everything from individual viruses to comprehensive kits that let budding cyber thieves craft their own attacks.

The top hacking tools are being offered for prices ranging up to £500.

Some of the most expensive tools are sold with 12 months of technical support that ensures they stay armed with the latest vulnerabilities.

Tool time

"They are starting to pop up left and right," said Tim Eades from security company Sana, of the sites offering downloadable hacking tools. "It's the classic verticalisation of a market as it starts to mature."


Malicious hackers had evolved over the last few years, he said, and were now selling the tools they used to use to the growing numbers of fledgling cyber thieves.


"When it comes to the hacking industry and level of business acumen there's no limit to what your money can buy "Paul Henry, Secure Computing

Mr Eades said some hacking groups offer boutique virus writing services that produce malicious programs that security software will not spot. Individual malicious programs cost up to £17 (25 euros), he said.

At the top end of the scale, said Mr Eades, were tools like the notorious MPack which costs up to £500.

The regular updates for the software ensure it uses the latest vulnerabilities to help criminals hijack PCs via booby-trapped webpages. It also includes a statistical package that lets owners know how successful their attack has been and where victims are based.

MPack has proved very popular with criminally minded groups and in late June 2007 managed to subvert more than 10,000 websites in one attack that drew on the tool.

Hacking groups also operate volume pricing schemes and discounts for loyal customers, he said.

"It's almost a play-by-play of good business practices of software marketing," he said. "When it comes to the hacking industry and level of business acumen there's no limit to what your money can buy."

Paul Henry, vice president of technology evangelism at Secure Computing, said the numbers of downloadable hacking tools was growing fast.

According to Mr Henry there were more than 68,000 downloadable hacking tools in circulation. The majority were free to use and took some skill to operate but a growing number were offered for sale to those without the technical knowledge to run their own attacks, he said.

But, he added, many hacking groups were offering tools such as Mpack, Shark 2, Nuclear, WebAttacker, and IcePack that made it much easier for unskilled people to get in to the hi-tech crime game.

Mr Henry said the tools were proving useful because so many vulnerabilities were being discovered and were taking so long to be patched.

Little risk

"MPack used more than 12 different vulnerabilities that were launched against any web browser that visited any compromised site," he said.

Many hacking groups were attracted to selling the kits because it meant they took little risk themselves if the malicious software was used to commit crimes.

"The only thing you are going to find is a disclaimer that this was distributed for educational purposes and the user accepts any responsibility for any misuse," he said.

The only risk the hacker groups faced in making the tools available was in having someone else steal them and offer them at a lower price. Already, he said, the sheer number of tools for sale was driving down prices.

Garry Sidaway, a senior consultant at security firm Tricipher, said the success of MPack and the attendant publicity was rumoured to be worrying its creators.

"It was made by a group of friends and they all have regular jobs," he said.

Mr Sidaway said the group would not lose much money if they did stop selling it because they made much more from other lines of business.

In particular, he said, the groups can sell information about unpatched or unknown vulnerabilities in software for thousands of pounds per bug.
BBC News

Monday, September 3, 2007

Hackers Target Legitimate Sites

Hackers target 'legitimate' sites
20 June 2007


More than 10,000 websites have become unwitting hosts of malicious software, say security experts.
Those visiting the hijacked pages risk having keylogging software installed on their PC if it is not protected with the latest patches.

The webpages compromised are all legitimate sites devoted to subjects such as tax, jobs, tourism and cars.

The sites are thought to have been booby-trapped using a malware kit, called MPack, sold commercially online.

Hacked host

The MPack kit was first discovered by Panda Software in May 2007 and is now implicated in infections on more than 160,000 computers.

The kit, put together by Russian hackers, can be bought for $1,000 (£503) and the price includes a year of technical support.

Using the kit, budding hi-tech criminals can churn out code that exploits the latest vulnerabilities in widely used web browsers that work on Windows.

The latest round of infections using MPack is thought to be one of the most successful.

It is believed to have started when malicious hackers got access to one of Italy's largest website hosting companies and seeded servers with the code that attacks anyone visiting those sites.

Security experts say the attack code is "browser aware" and will tune its attack depending on the web browsing software used by a visitor. Attack code is present for Internet Explorer, Firefox and Opera.

Following the initial outbreak in Italy, booby-trapped sites are now turning up in Spain, the US and many other nations.

The new outbreaks come about as the attack code is inserted on more and more legitimate websites.

Hundreds of thousands of users are thought to have been caught out by the infection.

Many anti-virus companies have already updated their security software to defend against the attacks used in this outbreak.

BBC News

Sunday, September 2, 2007

How to Detect a Phishing Attempt

Phishing growth

Phishing e-mails that try to make you hand over confidential details are becoming more common.
In July 2006, the Anti-Phishing Working Group got reports about 23,670 unique phishing scams.

The trick seems to be catching a lot of people out too. In 2005 UK losses from phishing scams stood at £23.2m.

In this gallery we give you some handy hints on how to spot the signatures of the phish.

Name and address

The first thing to look for is if the phish is addressed to you at the e-mail account your bank knows.
Many phishers are former spammers and often send messages to mailing lists rather than individuals.

Look to see how you are addressed in the body of the message. Phishers almost always use generic greetings, such as in this phish from 2005, rather than your actual name.

Banks also make clear they will never ask for your personal information in e-mails.

Detailed look

There will be many more clues in the body of the message.
If the phish includes details, such as an account or credit card number, check they are correct.

As phishers want to steal this information they are unlikely to have it before they send the mail.

Many phishing gangs take a chance and include random details to make the message look more official and hope people respond rather than read the text

Text check

Though phishing gangs are getting more sophisticated and literate, many bogus e-mail messages give themselves away by their poor command of the English language.
This is because many phishing gangs hail from nations where English is rarely spoken.

Grammatical errors and spelling mistakes are classic signs that a message is a phish.

If you stumble over the text, it's probably a phish.


Link lessons

There are more subtle signs that a message is a phish rather than legitimate.
For instance, look to see if the web link in the body of the message matches those in the status bar of the e-mail.

If these differ you have probably caught a phish.

If you are suspicious do not click on the links in the e-mail body. Instead type the address out manually.

Text tricks

Many phishing gangs exploit the readiness of the human eye to see what it wants to see rather than what is actually there.
For instance, in this old Paypal phish the scammers have registered a site that, to a quick glance, looks very like the name of the payment company.

Most phish fall down on one or more of these criteria. If you are suspicious contact your bank directly.
BBC News

Bloggers Blogs Under Attack

Bloggers battered by viral storm

Google's Blogger site is being used by malicious hackers who are posting fake entries to some blogs.
The fake entries contain weblinks that lead to booby-trapped downloads that could infect a Windows PC.

Infected computers are being hijacked by the gang behind the attacks and either mined for saleable data or used for other attacks.

The Blogger attack is the latest in a series by a gang that has managed to hijack hundreds of thousands of PCs.

Attack pattern

Security researcher Alex Eckelberry from Sunbelt Software first noticed the booby-trapped links turning up on Blogger on 27 August.

Now many hundreds of blogs on the site have been updated with a short entry containing the link.

Mr Eckelberry said it was not yet clear how the links were posted to blogs. The bogus entries could have exploited a Blogger feature that lets users e-mail entries to their journal.

The blogs themselves could also be fake and set up solely to act as hosts for spam.

Commenting on the attack a Google spokesperson said: "The blog posts are likely from users' whose machines have been compromised by a virus.

"Among the other recipients of spam e-mails generated by the virus are users' mail2blogger accounts, which allow them to update their blogs via e-mail," said the spokesperson.

"We are in the process of notifying impacted users and recommending that they scan their computers and run current anti-virus tools--good advice for all internet users," they added.

The entries on the blogs have the same text as some of the spam distributed by the group behind the attacks. These attempt to trick people into clicking on links and downloading booby-trapped files using cleverly crafted messages.

Some pose as YouTube links others claim to be looking for testers of software packages or digital greetings cards.

The group behind the attack on Blogger is thought to have mounted a huge series of attacks since January.

The first attack used a spam that purported to give recipients more information about the severe storms seen in Europe in January. This led to the virus used by the gang being dubbed the "Storm Trojan".

Since January the group has been sending out huge numbers of different spam messages in a bid to trick people.

"The criminals responsible for this spam campaign are experts at exploiting social engineering to propagate their botnets," said Bradley Anstis from security firm Marshal.

The spam messages have been changed to capitalise on news events and the viral payload has been updated many times to fool anti-virus programs.

Mr Anstis said the sheer number of messages being sent by the group was staggering. On some days, he said, 4-6% of all the junk messages seen by Marshal were sent by the group.

Security experts estimate that the group can send out so much junk mail because they have hijacked so many Windows PCs via successive campaigns. Some suspect that the group has infected more than one million PCs over the last eight months.

STORM WORM SUBJECT LINES
are you kidding me? lol
Dude dont send that stuff to my home email...
Dude your gonna get caught, lol
HAHAHAHAHAHA, man your insane!
I cant belive you did this
LMAO, your crazy man
LOL, dude what are you doing
man, who filmed this thing?
oh man your nutz
OMG, what are you thinking


BBC News

Virus on Web Videos

Virus writers target web videos

The growing popularity of online video has caught the attention of malicious hackers and hi-tech criminals.

Security firms are reporting more and more instances of booby-trapped Windows codecs - file compressors - required to play some video formats.

Some of the codecs let users play types of net-based video, but also have spyware and adware wrapped inside.

Others, say experts, are outright fakes that just want to infect victims with data-stealing programs.

Audience ratings

"Everyone is watching movies on their PC," said David Robinson, UK head of security firm Norman Sandbox, "they are downloading the latest, greatest clips."

While sites such as YouTube and Revver try to make it easy to watch video online, many of the downloadable clips posted on the web require extra software, called a codec, to play them.

Mr Robinson said many security firms were now logging instances in which spyware and adware firms are turning out software bundles that claim to roll together many popular codecs or just have the one needed to play a particular clip.

Some of the codecs do help to play clips, but others are disguised as a variety of nuisance or malicious programs.

Some rogue codecs plague users with pop-up adverts, while others invisibly install keyloggers that try to grab confidential data.

Anti-spyware firm Sunbelt Software discovered one codec that became a program that found fictitious security problems on a PC and demanded payment to repair them.

Many downloads look benign when scanned with an anti-virus program, but, once installed, download updates from other websites that contain the malicious payload.

Mr Robinson said the growth of booby-trapped video codecs was just another example of how hi-tech criminals have moved on from the old days in which a virus only travelled by e-mail.

Now, he said, they maintain a diverse portfolio of attack methods and will tailor these to whatever is proving popular online.

Mr Robinson said his company Norman Sandbox, which analyses captured samples of malicious code, gets hundreds of new variants of malicious programs submitted to it every day.

David Emm, senior technology consultant at anti-virus firm Kaspersky Labs, said it was only a matter of time before virus writers turned to sites such as YouTube and booby-trapped pages showing popular clips with bugs.

"YouTube is almost by definition unregulated," he said, and was ripe for exploitation by malicious hackers. "It gives an almost endless stream of stuff to tap into."

Already spyware firms are known to be using the popularity of some clips on YouTube and social networking site MySpace to install their wares on the PCs of more victims.

Increasing numbers of malicious attacks were pegged to news or other events, said Mr Emm, which helped to catch people out.

The upcoming Halloween holiday is already being exploited by malicious hackers who are baiting websites with viruses and trojans. BBC News


Friday, August 31, 2007

Call To Regulate The Net Rejected

The internet should not be used as a scapegoat for society's ills, said Vint Cerf, Google's net evangelist and a founding father of the network.

Speaking on the BBC Radio 4's Today programme he rejected calls for strict control of what is put online.

He said the net was just a reflection of the society in which we live.

Anyone regulating beyond what was clearly illegal put themselves on a "slippery slope" that could limit freedom of expression, he said.

"If it's not illegal, it raises a rather interesting question about where you do draw the line," he said.

Mirror image

Mr Cerf's comments come after the UK's Conservative Party floated ideas to curb the access young people have to sites such as YouTube which let them see videos showing extreme or callous violence.

Rather than impose controls centrally, said Mr Cerf, it was far better to put them at the edges of the network where users go online.

For instance, said Mr Cerf, searching for results via Google can be constrained by filters that can be set to be strict or lax.

It was a mistake, said Mr Cerf, to divorce what was seen online from what happens in the real world.

"Most of the content on the network is contributed by the users of the internet," he said. "So what we're seeing on the net is a reflection of the society we live in."

"Maybe it is important for us to look at that society and try to do something about what's happening, what we are seeing

He added: "When you have a problem in the mirror you do not fix the mirror, you fix that which is reflected in the mirror.

"We have a job to do, collectively as a society, to deal with the problems we discover in the network," said Mr Cerf, "but suppressing the knowledge of what's going isn't going to help us.

"We need to face that problem directly."

Google has a policy of removing video content when it has been flagged as offensive by users. But the company has been criticised for not acting swiftly enough
BBC News

How to Detect Spam Email

Anatomy of a spam e-mail
11 October 2006
A daily chore of modern life for many is the morning trawl through a full inbox deleting spam email. But just where does it all come from and why do spammers use bizarre text, names and images in their emails?

To the expert eye a typical spam is laden with clues to its origin. Click on the links below to find out more.

Anatomy of Spam E-mail

SENDER
"Iverson Vernie": An implausible name that sounds human to computers if not people. This helps to offset the "spamminess" of the message. Plus it is in capital letters which also helps to bust the scoring systems often used to spot spam.


E-MAIL ADDRESS
"eieeeyuuyuioeeiiayi@fleetlease.com - Clearly fake. All the letters before the @ sign come from the top line of the keyboard starting at the left. The spammer generated this e-mail addresses by running their finger along that line when putting the spam run together.

However, this could provide useful forensic information when tracing spam campaigns or spam groups. Another clue is given by the fact that the company owning the domain, Fleetlease, rents vehicles - there's no reason to think it is really pushing pills.


SUBJECT
Bad spelling marks it as spam as does the exclamation point. But it avoids mentioning what the message is actually about which might help it sneak past some spam filters.


BODY IMAGE
The body of the message is actually an image rather than text. Again this is another trick to defeat spam filters which find it impossible to view what is in bitmap or jpegs.

This image was called from another computer based in Hungary. The net service offered by this company is free which is probably why it is being used as a source for these images. Spammers hate paying for anything.

It could also be a checking mechanism which records which e-mail address responded. "Live" addresses are much more valuable than ones that never react.


ASSOCIATED WEBSITE
This is apparently linked to a company in Wisconsin, but the details held on the net about it are likely to be fake given that there is evidence the server is physically located in South Africa. The server hosting this site hosts another 90, most of which are touting drugs of one kind or another.

The net address for this site is well-known as a source of spam and is actively blocked by many organisations. It is thought to be one of many used by the Yambo Financials spam gang.


EXTRA TEXT
Spammers regularly use large lumps of text to try to convince filtering systems that a message is legitimate. Extracts from books are popular but random text like this is too. What should be noted is that nowhere in this mail does the text actually mention what the message is about. The only mention of the drugs it is offering for sale is in the image.
BBC News

Thursday, August 30, 2007

Tips To Help You Stay Safe Online

By Mark Ward
Technology Correspondent, BBC News website
7 October 2006


Windows needs help to keep you safe online
There are now thought to be more than 200,000 malicious programs in existence - the vast majority of which are aimed at subverting Windows PCs.

These problem programs can arrive via e-mail, instant messenger, through your internet connection or even your web browser if you visit the wrong website. The threats are so numerous and appear so fast that Windows users must feel under siege.

While there is no doubt that attacks on PC users are getting more sophisticated, it is possible to avoid the vast majority of problems by taking some straight-forward steps and exercising some common sense.

If you are worried about your computer it is possible to scan it via the web to see if it is infected. Companies such as Trend Micro, Kaspersky and Microsoft all offer free scanning services.

Organisations such as the Computer Emergency Response Team (Cert) also offer advice on how to set up a safe net connection.


ANTI-VIRUS
The first piece of security software every PC user needs is some anti-virus software. It must also be regularly updated to ensure it protects you against the latest threats.

One of the ways that virus writers try to catch out anti-virus software is by pumping out enormous numbers of variations of their malicious creations. Good anti-virus programs use heuristic techniques to spot viruses that have not been formally identified but have all the characteristics.

Many PCs now come with anti-virus installed and though an annual subscription can seem expensive, it might be cheap when you consider how much it could save you if it stops your bank details being stolen.

As well as retail versions of anti-virus there are now some free programs that do a good job of protecting you. Avira, Avast and AVG all produce free anti-virus software.

Microsoft now sells a package of security programs but, so far, they are only available to US users.


FIREWALL
A firewall is also an essential piece of security software for PC users. Newer versions of Windows XP have a firewall built in and this will give you protection against nuisance attacks and many of the more serious ones.

However some people feel that the Windows XP firewall is a bit limited in its features. Many anti-virus programs have a firewall bundled with them.

There are free firewalls available too from firms such as Comodo and Zone Alarm.

To block some of the attacks it can also be useful to connect to the net via a hub or router. Often these have a firewall built in and, even if not, will do a good job of blocking a lot of the low level attacks.


SPYWARE
Increasingly simply browsing the web can subject you to all kinds of dangers. Specially crafted websites can initiate so-called "drive-by downloads" that exploit weaknesses in Microsoft's Internet Explorer browser to install programs you never asked for.

At best these will annoy you with pop-up ads, at worst they will let someone else take control of your PC. Anti-spyware software will help stop these taking hold and help you clean up your PC if you do get hit.

There are add-ons for browsers, such as McAfee's Site Advisor that warn you about potentially harmful sites. Also Google has now started warning when you are about to visit a potentially unsafe site. Search sites such as Scandoo will also flag sites loaded with malware.

These days adware tends to be very aggressive and it is far better to avoid an infection than try to clean up afterwards.

Security experts recommend migrating away from Internet Explorer to a browser such as Firefox or Opera. At the very least they say to keep Microsoft's browser up to date with patches.

Anti-spyware activists Suzi Turner and Eric Howes run a website that lists the bogus security products to help you avoid falling victim. Microsoft makes free anti-spyware but there are many other products from firms such as Lavasoft and Spybot.


UPDATE
With Windows it is also important to keep your system up to date. Windows XP now regularly nags people about upgrades and Microsoft produces security patches on a monthly basis.

Microsoft recommends automatic updating so patches are downloaded and applied as soon as they become available. As the time between the announcement of a vulnerability and it being exploited is shrinking, it pays to act quickly.

The other things you can do to stay safe fall into the realm of common sense. To begin with never open an attachment on an e-mail you were not expecting - even if it appears to come from someone you know.

Never reply to spam e-mail messages as that just confirms your address is live and makes it more valuable. Be wary of any e-mailed message about online financial accounts you own. Learn to spot the signs of phishing e-mails.


APPLE
Apple users who feel confident that they are invulnerable to attacks should also take steps to protect themselves.

While virus attacks are virtually unheard of, the platform can be subject to malware and adware.

The firewall on an Apple computer should be switched on and common sense regarding potential phishing attacks should be applied.

STAYING SAFE ONLINE
Use anti-spyware and anti-virus programs
On at least a weekly basis update anti-virus and spyware products
Install a firewall and make sure it is switched on
Make sure updates to your operating system are installed
Take time to educate yourself and family about the risks
Monitor your computer and stay alert to threats
BBC News

Sunday, August 26, 2007

Cyber Criminals

Criminals 'may overwhelm the web'
By Tim Weber
Business editor, BBC News website, Davos
25 January 2007

Criminals controlling millions of personal computers are threatening the internet's future, experts have warned.
Up to a quarter of computers on the net may be used by cyber criminals in so-called botnets, said Vint Cerf, one of the fathers of the internet.

Technology writer John Markoff said: "It's as bad as you can imagine, it puts the whole internet at risk."

The panel of leading experts was discussing the future of the internet at the World Economic Forum in Davos.

Internet pandemic

Mr Cerf, who is one of the co-developers of the TCP/IP standard that underlies all internet traffic and now works for Google, likened the spread of botnets to a "pandemic".

Of the 600 million computers currently on the internet, between 100 and 150 million were already part of these botnets, Mr Cerf said.

"Despite all that, the net is still working, which is pretty amazing. It's pretty resilient" Vint Cerf

Botnets are made up of large numbers of computers that malicious hackers have brought under their control after infecting them with so-called Trojan virus programs.

While most owners are oblivious to the infection, the networks of tens of thousands of computers are used to launch spam e-mail campaigns, denial-of-service attacks or online fraud schemes.

Net resilience

Mr Markoff, who writes for the New York Times, said that a single botnet at one point used up about 15% of Yahoo's search capacity.

It used retrieved random text snippets to camouflage messages so that its spam e-mail could get past spam filters.

"Despite all that, the net is still working, which is amazing. It's pretty resilient," said Mr Cerf.

The expert panel, among them Michael Dell, founder of Dell computers, and Hamadoun Toure, secretary general of the International Telecommunication Union, agreed that a solution had to be found to ensure the survival of the web.

But its members were unsure about feasible solutions, even though they identified operating systems and authentication as key issues.

It was still too easy for net criminals to hide their tracks, several panel members said, although they acknowledged that it was probably not desirable that every individual was definitively identifiable.

"Anonymity has its value, and it has its risk," said Jonathan Zittrain, professor for internet governance at the University of Oxford.

Closing doors

Operating systems like Microsoft Windows, meanwhile, still made it too easy for criminals to infiltrate them, the experts said.

Microsoft had done a good job improving security for its latest operating system, Windows Vista, said Mr Markoff.

"It's a known threat, but the numbers I heard today are staggering" -Tim Weber, BBC News website business editor in Davos

But already pirated copies of Vista were circulating in China, even though the consumer launch of Vista has been scheduled for next Tuesday.

Experience showed that about 50% of all pirated Windows programs came with Trojans pre-installed on them, Mr Markoff said.

Mr Dell said the future might bring "disposable virtual PCs", accessed through the internet, that would minimise the threat of a persistent virus infection.

Mr Toure said that whatever the solution, the fight against botnets was a "war" that could only be won if all parties - regulators, governments, telecoms firms, computer users and hardware and software makers - worked together.

BBC News

Thursday, August 23, 2007

Watching Me, Watching You


Bill Thompson tries not to worry whether the NSA is reading his e-mail

In the late 1970s the US was still recovering from Watergate, the scandal that forced President Richard Nixon to resign after revelations of a dirty-tricks campaign against political rivals which involved illegal surveillance.

Partly in response to the crisis, Congress passed the Foreign Intelligence Surveillance Act (FISA) in 1978, limiting the president's freedom to monitor US citizens without a warrant while providing rather more to bug foreigners or the agents of foreign powers when they were on US soil.

The goal was to strike a balance between people's freedom to go about their daily lives unobserved and the need to investigate serious crime, stop terrorism and keep those same people safe.

Bigger net

Finding the restrictions rather too onerous following the September 2001 attacks on New York and Washington, President Bush allowed the National Security Agency (NSA) to monitor phone calls and other communications from US citizens believed to have a connection to al-Qaeda without going to the trouble of getting a warrant.

And when the legality of this "warrantless wiretapping" was challenged President Bush persuaded Congress to amend FISA by passing the Protect America Act, which became law on 5 August.

It is the latest piece in a jigsaw of new laws, regulations and interpretations of existing laws and even the US Constitution which, taken together, provide a legal basis for the most extensive programme of domestic and international surveillance ever undertaken by a government.

"Perhaps we need to rethink our reliance on the US for our network services, if the government there persists in treating every non-US citizen as a source of intelligence data rather than an individual with their own rights and freedoms" Bill Thompson

And over the years to come its coverage, both electronic and non-electronic, will extend to millions or even billions of people, few of whom will have any real connection to terror or even criminality.

The US is not alone in wanting to collect this sort of information, of course.

EU governments want phone companies and net providers to retain information on customers for months or even years so police and the secret services can look at it when investigating terrorist offences.

But even hardline countries like the UK only want to keep what is called "traffic information", a list of websites visited or e-mails sent and received. Nobody is suggesting that the content of every e-mail or the data entered on every web form should be retained or monitored.

The US authorities will not be so reticent, we can be sure.

Coupled with the vast increases in network speed, data storage capacities and computer processing power, the well-funded NSA will soon be able to read and perhaps even store every e-mail or instant message that crosses over a US-based or owned network.

And the resulting databases will be used for purposes far broader than the stated goal of countering terrorism and keeping the US safe.

Once the data has been acquired and stored and collated there will be so many other useful things to do with it.

Back in 2000 the European Parliament reported that data gathered using the Echelon covert surveillance programme, which incidentally features in the new CIA thriller The Bourne Ultimatum, was being used for industrial espionage by US firms.

We can be sure that new systems will also be exploited for the commercial as well as the political advantage of the US, although the target may in future be China rather than Europe, reflecting the shifting balance of the world's economy.

Cafe culture

In light of the wholesale surveillance of online activities, putting information about my friends and business contacts onto Facebook seems rather tame, but knowing what is going on should encourage us all to take a more cautious approach to what we say and do online.

Reading about the new US laws and the extensions to the UK's Regulations of Investigatory Powers Act induces a state of network paranoia, where I'm convinced that everything I type is being sent to the NSA, and wonder whether the little camera in my laptop is even now secretly transmitting an image of my furrowed brow to the secret police.

But I'll get over it.

As we all know, it is impossible to live in a state of constant suspicion, and we will adapt to this new reality just as we have adapted to the presence of CCTV cameras on the streets and in the shopping malls where we spend so much of our time.

I'm writing this in a cafe, and looking up I can see the clear plastic dome of a camera fixed inconspicuously in the ceiling, watching me type.

My phone is sat next to me, telling anyone with access to the cellular network that I'm here too. And I've just told Twitter where I am so my friends can find me.

It may not seem worth worrying if the NSA, CIA, FBI and every other secret agency in the world wants to join the party.

But it does matter.

I can choose to live without a mobile, avoid cafes that insist on spying on their customers and stop using Twitter. I can campaign against the local authority's decision to install CCTV in my town, argue with my local MP about the limits of the state's right to watch what I'm doing, and influence the debate in this country or even more widely in Europe.

But I have no control, influence or even clear understanding of what the government of a supposedly friendly superpower is doing with the information it gleans from Google, Facebook, Linden Labs, Yahoo!, MSN, Apple and the many other US corporations that service my online life.

Perhaps we need to rethink our reliance on the US for our network services, if the government there persists in treating every non-US citizen as a source of intelligence data rather than an individual with their own rights and freedoms.
Source: BBC News

60 Rumor Spreaders Warned

China arrests or warns 60 for spreading rumors


BEIJING (Reuters) - Police in east China have arrested or warned 60 people for spreading rumors by SMS or on the Internet so far this year and specified the threat of modern communications to society, state media said on Tuesday.

China has an army of cyber-police who patrol the Internet for unfavorable content, but their targets are more often politically sensitive subjects than pornography.

Xia Cunxi, a public security spokesman in the eastern province of Jiangsu, said 60 were accused of spreading rumors, lies or offensive messages, the official China Daily said in its online edition.

"Rumors spread by modern means of communication can be a greater menace to society than those spread by word of mouth," Xia was quoted as saying.

The report did not specify how the cases were dealt with or how many suspects were arrested and charged.

In one case, police in July detained two men who sent text messages to more than 200 relatives or friends, claiming people with AIDS were spreading the disease by using toothpicks at restaurants and returning them to their containers, it said.

An Internet posting alleged that police chased a man riding a motorcycle with his son on the back, causing the death of the son who had won a place in a prestigious university.

In April, police launched an immediate investigation after a posting claimed a school in Jiangsu would be the site of a shooting spree with a death toll exceeding that of the Virginia Tech shootings in the United States just days earlier.
Reuters

Wireless "Piggybackers"

Wireless "piggybackers" beware -- you'll be arrested

By Peter Griffiths

LONDON (Reuters Life!) - If you think it's a clever moneysaver to sneak on to someone else's wireless network for free Internet access in Britain, then be prepared to see a policeman appear on your doorstep.

British police said on Wednesday they had arrested two people and given them legal cautions for "piggybacking", the term coined for using someone else's wireless Internet connection without permission.

The practice, which sharply divides Internet users, has been fuelled by the rapid growth of fast wireless broadband in homes and the average consumer's failure to secure their networks.

On Saturday, a man was arrested after neighbors spotted him using a laptop computer to browse the Internet while sitting in a car outside a home in the central English town of Redditch.

A 29-year-old woman was also arrested in a car in a similar incident in the same area last month.

Both received an official caution, a formal warning one step short of prosecution, for "dishonestly obtaining electronic communications services with intent to avoid payment".

They were among the first to be arrested for piggy-backing in Britain. Gregory Straszkiewicz, from west London, was the first person to be convicted of the offence in 2005. He was fined 500 pounds ($1,005) and give a 12-month conditional discharge.

"Wireless networks don't stop at the walls of your home," said PC Tony Humphreys, of West Mercia Constabulary. "Without the necessary protection, your neighbors or people in the road outside may be able to connect to your network."

There is a lively ethical debate in Internet chatrooms about whether piggy-backing is immoral or harmless.

"If it travels through the air it is open season," wrote one contributor to a Web forum. Another wrote: "If it's out there unsecured and I'm not trespassing, it's fair game."

Up to a quarter of home wireless connections are unsecured, according to a recent survey by the consumer finance Web site www.moneysupermarket.com.

Jason Lloyd, the site's head of broadband, said it left people open to identity theft, fraud and pornography being downloaded using their account.

"The repercussions can be severe," he said. "It's bad enough when your neighbors can use your Internet connection freely, but this becomes far more sinister if someone uses your wireless connection for criminal activity."

Businesses are also at risk. A survey of 320 companies by the London trade show Infosecurity Europe found that a quarter have no wireless security policy.
Reuters