Oracle issues patch for Java loopholes
posted by Keito
2012-09-02 14:12:04'Oracle has issued a patch for loopholes in its Java program that was being actively abused by cyber-thieves.
The software giant took the unusual step of issuing the patch well before the usual date for security updates.
The patch closes loopholes that together left users of almost every operating system vulnerable to infection by viruses.
Tens of thousands of machines are believed to have been infected by viruses that exploit the bugs.
Oracle typically issues security patches for Java every quarter but it tore up the usual schedule because the bugs were being increasingly abused.
Security firms said code to exploit the loopholes had been recently added to the popular Blackhole crimeware kit. This software package is an all-in-one computer crime kit that makes it easy for those with little technical knowledge to become cyber-thieves.
Adding code to the kit would hugely boost the numbers of malicious hackers trying to compromise computers running Java.
Java is a widely-used programming language designed to let developers write programs once that can then be run, with minimal changes, on any computer. Oracle claims Java is used on more than one billion desktop computers.
Some sites use it to add extras to their webpages that can be used via a browser add-on or plug-in. Some games, including Runescape and Minecraft, are built around Java.
Security expert Brian Krebs said the safest way to avoid any trouble was to remove it from a computer system.
"If you don't need Java, uninstall it from your system," he wrote in a blogpost about the security updates.'
RAP NEWS X: #Occupy2012 (feat. Anonymous & Noam Chomsky)
posted by Keito
Why I ♥ Linux
posted by Keito
Oil Producer Saudi Aramco Reveals Cyber Attack Hit 30,000 Workstations
posted by Keito
2012-08-29 20:53:43'Saudi Aramco, the world's biggest oil producer, has resumed operating its main internal computer networks after a virus infected about 30,000 of its workstations in mid-August.
Immediately after the Aug. 15 attack, the company announced it had cut off its electronic systems from outside access to prevent further attacks. Saudi Aramco said the virus "originated from external sources" and that its investigation into the matter was ongoing. There was no mention of whether this was related to this month's Shamoon attacks.
“The disruption was suspected to be the result of a virus that had infected personal workstations without affecting the primary components of the network,” Saudi Aramco said over Facebook.
“We would like to emphasize and assure our stakeholders, customers and partners that our core businesses of oil and gas exploration, production and distribution from the wellhead to the distribution network were unaffected and are functioning as reliably as ever,” Saudi Aramco’s chief executive, Khalid al-Falih, said in a statement.
However, one of Saudi Aramco’s websites which was taken offline after the attack - www.aramco.com - remained down yesterday. E-mails sent by Reuters to people within the company continued to bounce back.
Supposed hacktivists have claimed the hit on the oil giant, saying they would hit the company again tomorrow. The group said it was “fed up of crimes and atrocities taking place in various countries around the world”, in a post on Pastebin. They said they were targeting the House of Saud, the ruling royal family of Saudi Arabia, and targeted Aramco as it was “the largest financial source for Al-Saud regime”.
The group, calling itself the ‘Cutting Sword of Justice’, claimed to have hacked Aramco systems in several countries before sending a virus across 30,000 computers achieving a 75 percent infection rate of all the company’s systems. It refuted suggestions that a nation state was behind the attack.
Symantec, one of the world’s largest internet security companies, said on the day after the Saudi Aramco attack that it had discovered a new virus that was targeting at least one organisation in the global energy sector, although it did not name that organisation.
“It is a destructive malware that corrupts files on a compromised computer and overwrites the MBR (Master Boot Record) in an effort to render a computer unusable,” Symantec said in a blog posting about the virus, which it called W32.Disttrack. “Threats with such destructive payloads are unusual and are not typical of targeted attacks.”
Saudi Aramco’s al-Falih said in his statement yesterday: “Saudi Aramco is not the only company that became a target for such attempts, and this was not the first nor will it be the last illegal attempt to intrude into our systems, and we will ensure that we will further reinforce our systems with all available means to protect against a recurrence of this type of cyber attack.”'
How the US and Israeli justice systems whitewash state crimes
posted by Keito
2012-08-29 20:41:50'Courts are supposed to check the abuse of executive power, not cravenly serve it. But in the US and Israel, that is now the case.
The US military announced on Monday that no criminal charges would be brought against the US marines in Afghanistan who videotaped themselves urinating on the corpses of Taliban fighters. Nor, the military announced, would any criminal charges be filed against the US troops who "tried to burn about 500 copies of the Qur'an as part of a badly bungled security sweep at an Afghan prison in February, despite repeated warnings from Afghan soldiers that they were making a colossal mistake".
In doing so, the US military, as usual, brushed aside demands of Afghan officials for legal accountability for the destructive acts of foreign soldiers in their country. The US instead imposed "disciplinary measures" in both cases, ones that "could include letters of reprimand, a reduction in rank, forfeit of some pay, physical restriction to a military base, extra duties or some combination of those measures". Both incidents triggered intense protests and rioting that left dozens dead, back in February this year.
Parallel to that, an Israeli judge Tuesday dismissed a lawsuit against the Israeli government brought by the family of Rachel Corrie, the 23-year-old American student and pro-Palestinian activist who was killed by a military bulldozer in 2003 as she protested the demolition of a house in Gaza whose family she had come to befriend. Upon learning of the suit's dismissal, Corrie's mother, Cindy, said:
"I believe this was a bad day, not only for our family, but for human rights, humanity, the rule of law and also for the country of Israel."
Despite Corrie's wearing a bright orange vest, Judge Oded Gershon, in a 62-page decision, ruled that the bulldozer driver did not see her and her death was thus an accident. He went on to heap blame on Corrie for her own killing, arguing that, contrary to what "any reasonable person would have done", she "chose to put herself in danger" by trying to impede "a military activity meant to prevent terrorist activity".
The commonality in all three of these episodes is self-evident: the perversion of the justice system and rule of law as nothing more than a weapon to legitimize even the most destructive state actions, while severely punishing those who oppose them. The US and its loyal thinktank scholars have long demanded that other states maintain an "independent judiciary" as one of the key ingredients for living under the rule of law. But these latest episodes demonstrate, yet again, that the judiciary in the US, along with the one in its prime Middle East client state, is anything but "independent": its primary function is to shield government actors from accountability.
The US military has continuously imposed pitifully light "punishments" on its soldiers even for the most heinous atrocities. The wanton slaughter of two dozen civilians in Haditha, Iraq and the severe and even lethal torture of Afghan detainees generated, at worst, shockingly short jail time for the killers and, usually, little more than letters of reprimand.
Contrast this tepid, reluctant wrist-slapping for the brutal crimes of occupying soldiers with what a UN investigation found was the US government's "cruel and inhuman treatment" of Bradley Manning before he was convicted of anything. Manning has been imprisoned for more than two years now without having been found guilty of any crimes – already longer than any of the perpetrators of these fatal abuses in Iraq and Afghanistan. He faces life in prison at the age of 23 for the alleged "crime" of disclosing to the world overwhelming evidence of corruption, deceit and illegality on the part of the world's most powerful factions: disclosures that helped thwart the Obama administration's efforts to keep US troops in Iraq, and which, as even WikiLeaks' harshest critics acknowledge, played some substantial role in helping to spark the Arab spring.
Notably, the first disclosure for which Manning was allegedly responsible – the videotape of an Apache helicopter gunning down unarmed Reuters journalists and then the rescuers who came to help the wounded, including two young children – resulted in zero accountability: the US military exonerated everyone involved. Instead, it is Manning, the person accused of exposing these crimes, who is punished as the real criminal.
And herein lies the real function of the American justice system, clearly revealed time and again. It is to protect high-level actors from accountability even for the most egregious of crimes, while severely punishing those who reveal or take a stand against those crimes, thus deterring and intimidating any future opposition.
That is the mentality that has led the Obama department of justice to aggressively shield all Bush officials from any and all accountability for their torture and surveillance crimes, while launching an unprecedented persecution campaign against whistleblowers. As always in US justice, the "real" criminals are those who alert the world to high-level crimes, not those who commit them. That is why the only person to suffer any repercussions from the Bush NSA eavesdropping scandal was Thomas Tamm: the mid-level DOJ lawyer who learned of the illegal program and alerted the New York Times about it. Those who authorized those crimes have been fully shielded from any form of punishment.
It is this same mentality that has led the US federal judiciary to produce the most disgraceful political fact of the last decade. Not a single victim of America's "war on terror" abuses – even those now acknowledged by the US government to have been completely innocent – have been allowed even to have their cases heard in an American court on the merits. They've all had the courthouse doors slammed shut in the faces by courts that have accepted the US government's claims that its own secrecy powers and immunity rights bar any such justice. Crimes committed by the state or in advancement of its agenda are simply immune from the rule of law in the US.
The same exploitation of the justice system is glaringly evident in the Rachel Corrie travesty. As the Guardian's former Israel (and now Washington) correspondent Chris McGreal writes, the dismissal of this suit is simply a by-product of the "virtual impunity for Israeli troops no matter who they killed or in what circumstances". That's because Israeli courts, like American courts, have submissively accepted the supreme fiction of both governments: anyone impeding government actions is a terrorist or terrorist-enabler who gets what they deserve, while the actions of the state, no matter how savage, can never be anything other than legitimate.
Cindy Corrie, Rachel's mother, said after the verdict that Israel "employed a 'well-heeled system' to protect its soldiers and provide them with immunity". Indeed, the Israeli "investigation" into Corrie's death has been such a laughable whitewash that even the US ambassador to Israel last week told the Corrie family that he "did not believe the Israeli military investigation had been 'thorough, credible and transparent', as had been promised by Israel." All of this, writes McGreal, shows how "covering up the truth about the killings of innocents, including Corrie, became an important part of the survival strategy because of the damage the truth could do to the military's standing, not only in the rest of the world but also among Israelis."
As I noted on Sunday, it is expected, inevitable, that those who wield political power will abuse it for corrupt and self-serving ends. That is why there are institutions designed to check and combat that abuse. The rule of law, and an independent judiciary applying it, is ostensibly one of those institutions. But – like establishment media outlets and most academics – this justice system now does the opposite: it is merely another weapon used to legitimize crimes by the powerful and crush those who oppose them.
All three of this week's travesties, in the US and in Israel, are hardly surprising. To the contrary, they are the inevitable by-products of societies that recruit every institution in service of defending even the most wanton abuses by the state.'