Blog

  • Malware inserted on PC production lines, says study

    posted by Keito
    2012-09-13 19:44:47
    'Cybercriminals have opened a new front in their battle to infect computers with malware - PC production lines.

    Several new computers have been found carrying malware installed in the factory, suggests a Microsoft study.

    One virus called Nitol found by Microsoft steals personal details to help criminals plunder online bank accounts.

    Microsoft won permission from a US court to tackle the network of hijacked PCs made from Nitol-infected computers.

    ---Domain game---

    In a report detailing its work to disrupt the Nitol botnet, Microsoft said the criminals behind the malicious program had exploited insecure supply chains to get viruses installed as PCs were being built.

    The viruses were discovered when Microsoft digital crime investigators bought 20 PCs, 10 desktops and 10 laptops from different cities in China.

    Four of the computers were infected with malicious programs even though they were fresh from the factory.

    Microsoft set up and ran Operation b70 to investigate and found that the four viruses were included in counterfeit software some Chinese PC makers were installing on computers.

    Nitol was the most pernicious of the viruses Microsoft caught because, as soon as the computer was turned on, it tried to contact the command and control system set up by Nitol's makers to steal data from infected machines.

    Further investigation revealed that the botnet behind Nitol was being run from a web domain that had been involved in cybercrime since 2008. Also on that domain were 70,000 separate sub-domains used by 500 separate strains of malware to fool victims or steal data.

    "We found malware capable of remotely turning on an infected computer's microphone and video camera, potentially giving a cybercriminal eyes and ears into a victim's home or business," said Richard Boscovich, a lawyer in Microsoft's digital crimes unit in a blogpost.

    A US court has now given Microsoft permission to seize control of the web domain, 3322.org, which it claims is involved with the Nitol infections. This will allow it to filter out legitimate data and block traffic stolen by the viruses.

    Peng Yong, the Chinese owner of the 3322.org domain, told the AP news agency that he knew nothing about Microsoft's legal action and said his company had a "zero tolerance" attitude towards illegal activity on the domain.

    "Our policy unequivocally opposes the use of any of our domain names for malicious purposes," Peng told AP.

    However, he added, the sheer number of users it had to police meant it could not be sure that all activity was legitimate.

    "We currently have 2.85 million domain names and cannot exclude that individual users might be using domain names for malicious purposes," he said.'

    http://www.bbc.co.uk/news/technology-19585433
  • Microsoft Makes Skype Easier To Monitor

    posted by Keito
    2012-07-27 19:51:49
    "New surveillance laws being proposed in countries from the United States to Australia would force makers of online chat software to build in backdoors for wiretapping. For years, the popular video chat service Skype has resisted taking part in online surveillance—but that may have changed. And if it has, Skype’s not telling.

    Historically, Skype has been a major barrier to law enforcement agencies. Using strong encryption and complex peer-to-peer network connections, Skype was considered by most to be virtually impossible to intercept. Police forces in Germany complained in 2007 that they couldn’t spy on Skype calls and even hired a company to develop covert Trojans to record suspects’ chats. At around the same time, Skype happily went on record saying that it could not conduct wiretaps because of its “peer-to-peer architecture and encryption techniques.”

    Recently, however, hackers alleged that Skype made a change to its architecture this spring that could possibly make it easier to enable “lawful interception” of calls. Skype rejected the charge in a comment issued to the website Extremetech, saying the restructure was an upgrade and had nothing to do with surveillance. But when I repeatedly questioned the company on Wednesday whether it could currently facilitate wiretap requests, a clear answer was not forthcoming. Citing “company policy,” Skype PR man Chaim Haas wouldn’t confirm or deny, telling me only that the chat service “co-operates with law enforcement agencies as much as is legally and technically possible.”
    "

    As reported on Slashdot: "Skype has gone under a number of updates and upgrades since it was bought by Microsoft last year, mostly in a bid to improve reliability. But according to a report by the Washington Post, Skype has also changed its system to make chat transcripts, as well as users' addresses and credit card numbers, more easily shared with authorities."

    ***

    'Hacker groups and privacy experts have been speculating for months that Skype had changed its architecture to make it easier for governments to monitor, and many blamed Microsoft, which has an elaborate operation for complying with legal government requests in countries around the world.

    “The issue is, to what extent are our communications being purpose-built to make surveillance easy?” said Lauren Weinstein, co-founder of People for Internet Responsibility, a digital privacy group. “When you make it easy to do, law enforcement is going to want to use it more and more. If you build it, they will come.’’'

    http://www.washingtonpost.com/business/economy/skype-makes-chats-and-user-data-more-available-to-police/2012/07/25/gJQAobI39W_story.html?hpid=z1

    http://www.slate.com/blogs/future_tense/2012/07/20/skype_won_t_comment_on_whether_it_can_now_eavesdrop_on_conversations_.html
  • Richard Stallman Speaks About UEFI

    posted by Keito
    2012-07-21 16:17:20
    "Microsoft demands that ARM computers sold for Windows 8 be set up so that the user cannot change the keys; in other words, turn it into restricted boot. Now, this is not a security feature. This is abuse of the users. I think it ought to be illegal.

    ... if the user doesn’t control the keys, then it’s a kind of shackle, and that would be true no matter what system it is. After all, why is GNU/Linux better than Windows? Not just ’cause it has a different name. The reason it’s better is because it’s freedom-respecting Free software that the users control. But if the machine has restricted boot and the users can’t control the system, then it would be just as bad as Windows."

    http://techrights.org/2012/07/17/rms-on-uefi/