Search & Filter Tips: Typing an exact match of Tag/Keywords into the Search bar will automatically
add the filter. Also, when looking for an exact headline, try "wrapping it with double-quotes."
Removing double-quotes and all words with any special characters might help too.
Internet attack defense: License and registration please... This past Tuesday (Jan. 26) I posted the story about China’s view of the attack and break-in that occurred at Google. The attack was widespread, similar to Ghostnet. I had indicated this was the beginning of a new Arms race, which has been underway for several years. The events which occurred in China affected Google, Adobe and others, has created the final catalyst needed to build the next defensive hardware and applications required and be used on computers and smart devices connected to the internet.
The tools used to attack any target, whether it be an individual or organization, an activist or military institution are sophisticated, difficult to detect and clearly with several goals in mind. Some attacks will be focused, others will attempt to collect as much data as possible for real-time or long term digestion to prepare its agenda subscribers. With this in mind, the programmers and designers will have very unique sets of challenges to overcome and be an intense creative process in which several intelligence techniques need to be understood or its ability to be used as a defense is weakened. This is in a league where the goal is beyond just a science fiction writer’s novel or blogger’s commentary, it’s going to affect every internet user with real consequences. Adobe’s reputation is vulnerable and will recover - this time. What the future holds for the company will demand new thinking and approaches to how it designs its products. (ZDNet)
Driver’s Licenses for the Internet? -- Today’s idea: Let’s have “driver’s licenses” for the Internet to counter online fraud, hackers and espionage, a Microsoft executive suggests. Maybe on your busy junket to the World Economic Forum in Davos last week you missed the panel where Craig Mundie, Microsoft’s chief research and technology officer, offered up the Internet licensing proposal above. Barbara Kiviat of the Curious Capitalist blog was there, and summarizes the idea thusly:
What Mundie is proposing is to impose authentication. He draws an analogy to automobile use. If you want to drive a car, you have to have a license (not to mention an inspection, insurance, etc.). If you do something bad with that car, like break a law, there is the chance that you will lose your license and be prevented from driving in the future. In other words, there is a legal and social process for imposing discipline. Mundie imagines three tiers of Internet I.D.: one for people, one for machines and one for programs (which often act as proxies for the other two). (New York Times)
Pentagon Will Help Homeland Security Department Fight Domestic Cyberattacks The Obama administration has adopted new procedures for using the Defense Department’s vast array of cyberwarfare capabilities in case of an attack on vital computer networks inside the United States, delicately navigating historic rules that restrict military action on American soil.
The system would mirror that used when the military is called on in natural disasters like hurricanes or wildfires. A presidential order dispatches the military forces, working under the control of the Federal Emergency Management Agency.
Under the new rules, the president would approve the use of the military’s expertise in computer-network warfare, and the Department of Homeland Security would direct the work. (New York Times)
Cyber Attack Strikes FreedomWorks A mysterious cyber attack apparently struck the computer servers at the pro-tea party group FreedomWorks this morning, just as it launched a major fund-raising drive.
FreedomWorks officials are investigating, but they suspect they were attacked deliberately, perhaps by a political opponent seeking the thwart its fund-raising efforts.
The attack crippled the site at about 9:45 a.m. just when the fund-raising drive was publicized on the radio by conservative talk show host Glenn Beck. The group estimates it lost about $80,000 in potential donations as it struggled to bring its site back online.
An “autopsy” showed a highly sophisticated hacker struck at 6:55 a.m., the group said, setting the stage for the eventual meltdown. The server was wiped out, though group officials said no data was lost or stolen. (Wall Street Journal)
Stuxnet Analysis Supports Iran-Israel Connections A Symantec researcher filled in more critical details about the Stuxnet worm here, demonstrating the worm's ability to take control of programmable logic controllers (PLCs) by Siemens Inc. and disable machinery connected to them.
Liam O'Murchu of Symantec, speaking at the Virus Bulletin Conference here, provided the first detailed public analysis of the worm's inner workings to an audience of some of the world's top computer virus experts. O'Murchu described a sophisticated and highly targeted virus and demonstrated a proof of concept exploit that showed how the virus could cause machines using infected PLCs to run out of control.
O'Murchu said that Symantec analysts were able to reverse engineer the virus's code and now understand exactly what Stuxnet does. However, without understanding what types of machinery the targeted logic controllers were connected to, it is impossible to know what harm the worm caused on infected industrial control systems - if any. (Threat Post)
Was Stuxnet Built to Attack Iran's Nuclear Program? A highly sophisticated computer worm that has spread through Iran, Indonesia and India was built to destroy operations at one target: possibly Iran's Bushehr nuclear reactor.
That's the emerging consensus of security experts who have examined the Stuxnet worm. In recent weeks, they've broken the cryptographic code behind the software and taken a look at how the worm operates in test environments. Researchers studying the worm all agree that Stuxnet was built by a very sophisticated and capable attacker -- possibly a nation state -- and it was designed to destroy something big.
Though it was first developed more than a year ago, Stuxnet was discovered in July 2010, when a Belarus-based security company discovered the worm on computers belonging to an Iranian client. Since then it has been the subject of ongoing study by security researchers who say they've never seen anything like it before. Now, after months of private speculation, some of the researchers who know Stuxnet best say that it may have been built to sabotage Iran's nukes. (PC World)
Air Force manual describes shadowy cyberwar world A new Air Force manual for cyberwarfare describes a shadowy, fast-changing world where anonymous enemies can carry out devastating attacks in seconds and where conventional ideas about time and space don't apply.
- Responsibility for civilian and government cybersecurity is less clear. Congress is debating between giving more power to the Homeland Security Department or the White House and the National Institute of Standards and Technology.
Homeland Security and the National Security Agency announced this month they would cooperate to strengthen the nation's cybersecurity.
Much of the 62-page manual is a dry compendium of definitions, acronyms and explanations of who reports to whom. But it occasionally veers into scenarios that sound more like computer games than flesh-and-blood warfare.
Enemies can cloak their identities and hide their attacks amid the cascade of data flowing across international computer networks, it warns. (Washington Post)
Cold Front: Hurricane Debate Shatters Civility Of Weather Science --
Worsened by Global Warming? Spats Are So Tempestuous, Sides Are Barely Talking
-- Charge of 'Brain Fossilization' The 2,000-plus scientists at this week's annual meeting of the American Meteorological Society had plenty to talk about, from last year's droughts to flash floods and wildfires. But the biggest question at the meeting in Atlanta -- why last hurricane season was the worst since recordkeeping began 151 years ago -- was almost too hot to handle.
William Gray, America's most prominent hurricane scientist and an ardent foe of the belief that global warming has worsened hurricanes, was supposed to join a panel discussing the storms. So was Greg Holland of the National Center on Atmospheric Research -- who disagrees with Dr. Gray. But the organizers withdrew the invitations after deciding the dispute had grown so nasty it was too risky to put the two in the same room.
"It was looking like it would totally dominate everything else," says Joe Schaefer, a planner and the director of the National Weather Service's Storm Prediction Center. (Wall Street Journal)
Curry: The Backstory By now, many people must be wondering of Judith Curry: what’s her story? How did the respected Georgia Tech climate scientist go from global warming = more intense hurricanes to darling of climate skeptics? How did she go from staunch IPCC booster to harsh IPCC critic?
And why, in heaven’s name, is Curry engaging in multiple conversations about the credibility of climate science on a blog?
Well, the quick answer to that last one is that it all started last week, when Curry agreed to a Q & A for this site, which then morphed into a rollicking dialogue that is still going on. (Collide-a-Scape)
Some Thoughts on Uncertainty: Applying Lessons to the CCSP Synthesis and Assessment Products CCSP emphasizes “reducing uncertainty”
“Reducing uncertainty” is probably not the appropriate goal; we should instead focus on “increasing credibility”
Is the assessment process and “science for policy” (as interpreted by climate scientists) torquing climate science in a direction that is fundamentally less useful for both science and policy?
The answer to this question is probably “yes”, and both the root of the problem and its eventual solution lies in how scientists and decision makers deal with the issue of uncertainty. (Judith Curry)
Heresy and the creation of monsters I’m having another “Alice down the rabbit hole” moment, in response to the Scientific American article, the explication of the article by its author Michael Lemonick, Scientific American’s survey on whether I am a dupe or a peacemaker, and the numerous discussions in blogosphere. My first such moment was in 2005 in response to the media attention associated with the hurricane wars, which was described in a Q&A with Keith Kloor at collide-a-scape. While I really want to make this blog about the science and not about personalities (and especially not about me), this article deserves a response.
The title of the article itself is rather astonishing. The Wikipedia defines heresy as: “Heresy is a controversial or novel change to a system of beliefs, especially a religion, that conflicts with established dogma.” The definition of dogma is “Dogma is the established belief or doctrine held by a religion, ideology or any kind of organization: it is authoritative and not to be disputed, doubted, or diverged from.” Use of the word “heretic” by Lemonick implies general acceptance by the “insiders” of the IPCC as dogma. If the IPCC is dogma, then count me in as a heretic. The story should not be about me, but about how and why the IPCC became dogma. - What happened? Did the skeptics and the oil companies and the libertarian think tanks win? No, you lost. All in the name of supporting policies that I don’t think many of you fully understand. What I want is for the climate science community to shift gears and get back to doing science, and return to an environment where debate over the science is the spice of academic life. And because of the high relevance of our field, we need to figure out how to provide the best possible scientific information and assessment of uncertainties. This means abandoning this religious adherence to consensus dogma. (Judith Curry)
Why I Wrote About Judith Curry In trying to fulfill our mission to explain climate science to the public, Climate Central creates nonpartisan, nonadvocacy multimedia content for our own website and for outside media partners. When we do the latter, we normally just flag the publication or broadcast so our followers know about it.
In the just-published November issue of Scientific American, however, we’ve published a story that calls for a bit more explanation. It’s a profile of Judith Curry, the Georgia Tech researcher who’s been stirring up powerful feelings in the climate-science community by questioning the integrity of the U.N. Intergovernmental Panel on Climate Change (IPCC) and of individual scientists, and by befriending outsiders who are even more critical than she is. Some people see Curry as a whistleblower; others (including many climate scientists) think she’s a bit of a crank. (Climate Central)
Climate Heretic: Judith Curry Turns on Her Colleagues -- Why can't we have a civil conversation about climate? In trying to understand the Judith Curry phenomenon, it is tempting to default to one of two comfortable and familiar story lines.
For most of her career, Curry, who heads the School of Earth and Atmospheric Sciences at the Georgia Institute of Technology, has been known for her work on hurricanes, Arctic ice dynamics and other climate-related topics. But over the past year or so she has become better known for something that annoys, even infuriates, many of her scientific colleagues. Curry has been engaging actively with the climate change skeptic community, largely by participating on outsider blogs such as Climate Audit, the Air Vent and the Blackboard. Along the way, she has come to question how climatologists react to those who question the science, no matter how well established it is. Although many of the skeptics recycle critiques that have long since been disproved, others, she believes, bring up valid points—and by lumping the good with the bad, climate researchers not only miss out on a chance to improve their science, they come across to the public as haughty. “Yes, there’s a lot of crankology out there,” Curry says. “But not all of it is. If only 1 percent of it or 10 percent of what the skeptics say is right, that is time well spent because we have just been too encumbered by groupthink.”
She reserves her harshest criticism for the Intergovernmental Panel on Climate Change (IPCC). For most climate scientists the major reports issued by the United Nations–sponsored body every five years or so constitute the consensus on climate science. Few scientists would claim the IPCC is perfect, but Curry thinks it needs thoroughgoing reform. She accuses it of “corruption.” “I’m not going to just spout off and endorse the IPCC,” she says, “because I think I don’t have confidence in the process.” - The uncertainty lies in both the data about past climate and the models that project future climate. Curry asserts that scientists haven’t adequately dealt with the uncertainty in their calculations and don’t even know with precision what’s arguably the most basic number in the field: the climate forcing from CO2—that is, the amount of warming a doubling of CO2 alone would cause without any amplifying or mitigating effects from melting ice, increased water vapor or any of a dozen other factors.
Things get worse, she argues, when you try to add in those feedbacks to project likely temperature increases over the next century, because the feedbacks are rife with uncertainty as well: “There’s a whole host of unknown unknowns that we don’t even know how to quantify but that should be factored into our confidence level.” One example she cites is the “hockey stick” chart showing that current temperatures are the warmest in hundreds of years. If you are going to say that this year or that decade is the hottest, you had better have a good idea of what temperatures have actually been over those hundreds of years—and Curry, along with many skeptics, does not think we have as good a handle on that as the scientific community believes. (Scientific American)
End the War on Pot I dropped in on a marijuana shop here that proudly boasted that it sells “31 flavors.” It also offered a loyalty program. For every 10 purchases of pot — supposedly for medical uses — you get one free packet.
“There are five of these shops within a three-block radius,” explained the proprietor, Edward J. Kim. He brimmed with pride at his inventory and sounded like any small businessman as he complained about onerous government regulation. Like, well, state and federal laws.
But those burdensome regulations are already evaporating in California, where anyone who can fake a headache already can buy pot. Now there’s a significant chance that on Tuesday, California voters will choose to go further and broadly legalize marijuana.
I hope so. Our nearly century-long experiment in banning marijuana has failed as abysmally as Prohibition did, and California may now be pioneering a saner approach. Sure, there are risks if California legalizes pot. But our present drug policy has three catastrophic consequences. (New York Times)
What the Feds Can Do About Prop 19: The attorney general will have a tough decision to make if California legalizes marijuana. Assume for a moment that California voters approve Proposition 19 on Nov. 2. The state will have just enacted a process for legalizing, regulating, and taxing marijuana use that no one else in the world has ever attempted. But Attorney General Eric Holder, President Obama’s top law-enforcement officer, has said the administration will “vigorously enforce” federal drug laws in the country’s most populous state regardless of the vote. For all the trails that approving Prop 19 would blaze, much of its impact would depend on the extent to which Holder follows through on that threat.
The attorney general has shown some willingness to scale back on marijuana enforcement; his Justice Department ended Bush-era crackdowns on medical pot dispensaries in California. Of course, the post–Prop 19 world would be different. California cities could license businesses that grow and sell marijuana on a large scale. Drug dealers in other states would surely head to California’s “coffee shops” (as weed retailers are called in Amsterdam), buy some California-grown product, and illegally transport it back home. It’s arguable that pot smokers and presumably some dealers can do that today, but they at least need a doctor’s permission and a state-issued ID card, which provides cover for authorities, however easily those cards may be obtainable. With that cover removed, Holder, whose department includes the Drug Enforcement Administration, could hardly ignore such a blatant violation of federal drug law. (Newsweek)
Coast Guard checks on discolored water near La. The Coast Guard said Saturday that an area of discolored water near a Mississippi River pass south of New Orleans appears to be an algae bloom, but another spot 10 miles away could be oil.
Jeff Hall, spokesman for the Unified Area Command, said tests could determine if the suspected oil is from the BP spill.
The Coast Guard sent two flights over the West Bay area near Venice on Saturday. Two boats also went out to check the waters. (Associated Press)
Why 'Mad Men' is TV's most feminist show Historians are notorious for savaging historical fiction. We're quick to complain that writers project modern values onto their characters, get the surroundings wrong, cover up the seamy side of an era or exaggerate its evils -- and usually, we're right. But AMC's hit show "Mad Men," which ends its fourth season next Sunday, is a stunning exception. Every historian I know loves the show; it is, quite simply, one of the most historically accurate television series ever produced. And despite the rampant chauvinism of virtually all its male characters (and some of its female ones), it is also one of the most sympathetic to women. (Washington Post)
The Chamber of Commerce's Agenda: Killing Net Neutrality and Censoring the Internet The U.S. Chamber of Commerce's attempt to throw next week's elections is cause for widespread alarm -- their agenda includes privatizing social security, undoing worker and consumer rights, blocking environmental protections, keeping banking regulations loose, and stymieing important health care reforms.
You can help Demand Progress fight back by signing on to our campaign that calls on local chambers of commerce to disaffiliate from the U.S. Chamber. The movement's already begun, with one New Hampshire chapter breaking off, and several others publicly distancing themselves from the national's shenanigans. - 2. The Chamber supports the Internet Blacklist bill that we told you about last month -- the Combating Online Infringement and Counterfeits Act (COICA). COICA vastly expands the government's ability to block access to certain websites -- in ways that run roughshod over due process rights and violate the First Amendment. (Huffington Post)
High alert in U.S. after suspicious package found in UK Two packages found abroad that were bound for Jewish organizations in the United States contained a massive amount of explosive material that would have triggered a powerful blast, a source close to the investigation has told CNN.
U.S. officials believe that al Qaeda in the Arabian Peninsula, commonly referred to as AQAP, is behind the plot.
President Barack Obama confirmed that the packages -- intercepted in the United Kingdom and the United Arab Emirates -- originated in Yemen, the stronghold of al Qaeda in the Arabian Peninsula. (CNN)
Oregon county decriminalizes heroin, meth, cocaine and shoplifting, among others It's crunch-time for many municipalities across the United States, but for one county in Oregon, that means a little more than in most.
The district attorney in Multnomah County, the state's most populous area with over 710,000 residents, announced recently that it can no longer prosecute dozens of crimes thanks to an ever-shrinking budget.
Caught with small amounts of heroin, cocaine or methamphetamine? It's a ticket. So's a hit-and-run accident. Small-time shoplifting? You'll still get arrested, but it's still just a violation. (The Raw Story)
Former surgeon general calls for marijuana legalization Former U.S. Surgeon General Joycelyn Elders told CNN Sunday she supports legalizing marijuana.
The trend-setting state of California is voting next month on a ballot initiative to legalize pot, also known as Proposition 19. The measure would legalize recreational use in the state, though federal officials have said they would continue to enforce drug laws in California if the initiative is approved.
"What I think is horrible about all of this, is that we criminalize young people. And we use so many of our excellent resources ... for things that aren't really causing any problems," said Elders. "It's not a toxic substance." (CNN)
Cyberwar Cassandras Get $400 Million in Conflict Cash Coincidences sure are funny things. Booz Allen Hamilton — the defense contractor that’s become synonymous with the idea that the U.S. is getting its ass kicked in an ongoing cyberwar — has racked up more than $400 million worth of deals in the past six weeks to help the Defense Department fight that digital conflict. Strange how that worked out, huh?
Everyone in the Pentagon from Defense Secretary Bob Gates on down says that the military needs to cut its reliance on outside contractors. But few firms are as well-connected as Booz Allen, the one-time management consultancy that today pulls in more than $2.7 billion in government work. And few firms sound the alarm as loudly about a crisis that they’re in the business of fixing. Back in February, for instance, former National Security Agency director and Booz Allen Hamilton executive vice president Mike McConnell declared that “the United States is fighting a cyber-war today, and we are losing.” The White House’s information security czar is one of many experts who calls such rhetoric overheated, at best. That hasn’t stopped Booz Allen from pocketing hundreds of millions of dollars from Washington to wage those battles. (Wired)
Cyberwar Doomsayer Lands $34 Million in Government Cyberwar Contracts ast month, the former Director of National Intelligence Michael McConnell boldly took to the Senate floor and the Washington Post’s editorial page to declare “The United States is fighting a cyber-war today, and we are losing.”
Thankfully for the American people, his company -- the giant defense contractor Booz Allen Hamilton -- has now landed the contract to build the Pentagon’s cyberwar control center. For a measly $14.4 million in taxpayer money, the outfit will help build a new cyberwar bunker for the U.S. Cyber Command. (Wired)
Booz Allen snares $700M FAA NextGen contract: Contractor will assist in transition to new air traffic system Booz Allen Hamilton will assist the Federal Aviation Administration in implementing its Next Generation Air Transportation System under a 10-year contract that has a potential value of more than $700 million.
The contract will support FAA’s evolution to NextGen, which is part of the agency’s efforts to improve safety and bring greater efficiencies to the nation’s airspace system, a June 30 Booz Allen announcement stated.
The contract, which covers NextGen and the current National Airspace System (NAS) infrastructure, calls for a broad range of systems engineering, investment and business case analysis. The contractor also will provide planning, forecasting and business, financial and information management support services. (Washington Technology)
Unlocking the national cybersecurity initiative The cybersecurity initiative launched by the Bush administration earlier this year remains largely cloaked in secrecy, but it’s already clear that it could have a major and far-reaching effect on government IT operations in the future.
Everything from mandated security measures and standard desktop configurations across government to a recast Federal Information Security Management Act (FISMA) could influence the way agencies buy and manage their IT.
Overseeing all of this will be a central office run by the Homeland Security Department, the first time that the government’s efforts in cybersecurity will run through a single office tasked with coordinating the work of separate federal cybersecurity organizations. (Federal Computer Week)
Synergy in Security: The Rise of the National Security Complex In his January 17, 1961 farewell address, President Dwight D. Eisenhower cautioned: “In the councils of government, we must guard against the acquisition of unwarranted influence, whether sought or unsought, by the military-industrial complex.”
Five decades later, this complex, which Eisenhower defined as the “conjunction of an immense military establishment and a large arms industry,” is no longer new. And while Eisenhower’s warning is still pertinent, the scale, scope, and substance of the complex have changed in alarming ways. It has morphed into a new type of public-private partnership—one that spans military, intelligence, and homeland-security contracting, and might be better called a “national security complex.” (Dollars and Sense)
CONTRACTS Booz Allen & Hamilton, Inc., Herndon, Va., was awarded an $8,925,518 contract which will develop innovative cyber security capabilities and network defense for Air Force information systems. At this time, $164,682 has been obligated. 55 CONS/LGCD, Offutt Air Force Base, Neb., is the contracting activity (SP0700-98-D-4002, Delivery Order 0410). (US Department of Defense)
Bush Lets U.S. Spy on Callers Without Courts Months after the Sept. 11 attacks, President Bush secretly authorized the National Security Agency to eavesdrop on Americans and others inside the United States to search for evidence of terrorist activity without the court-approved warrants ordinarily required for domestic spying, according to government officials.
Under a presidential order signed in 2002, the intelligence agency has monitored the international telephone calls and international e-mail messages of hundreds, perhaps thousands, of people inside the United States without warrants over the past three years in an effort to track possible "dirty numbers" linked to Al Qaeda, the officials said. The agency, they said, still seeks warrants to monitor entirely domestic communications.
The previously undisclosed decision to permit some eavesdropping inside the country without court approval was a major shift in American intelligence-gathering practices, particularly for the National Security Agency, whose mission is to spy on communications abroad. As a result, some officials familiar with the continuing operation have questioned whether the surveillance has stretched, if not crossed, constitutional limits on legal searches.
"This is really a sea change," said a former senior official who specializes in national security law. "It's almost a mainstay of this country that the N.S.A. only does foreign searches." - The White House asked The New York Times not to publish this article, arguing that it could jeopardize continuing investigations and alert would-be terrorists that they might be under scrutiny. After meeting with senior administration officials to hear their concerns, the newspaper delayed publication for a year to conduct additional reporting. Some information that administration officials argued could be useful to terrorists has been omitted. (New York Times)
Obama's National Cybersecurity Initiative: Privacy and Civil liberties are Damned -- Puts NSA in the Driver's Seat On March 2, the Obama administration issued a sanitized version of the Comprehensive National Cybersecurity Initiative (CNCI), releasing portions that discussed intrusion detection systems on federal networks.
The announcement was made by former Microsoft executive Howard A. Schmidt, appointed cybersecurity coordinator by President Obama in December. The partial unveiling came during the RSA Security Conference in San Francisco, an annual industry conference for security professionals.
CNCI's 2008 launch was shrouded in secrecy by the Bush administration. Authority for the program is derived from a classified order issued by President Bush. However, the contents of National Security Presidential Directive 54, also known as Homeland Security Presidential Directive 23 (NSPD 54/HSPD 23) have never been released for public scrutiny.
"Virtually everything about the initiative is highly classified," the Senate Armed Services Committee wrote in a 2008 report, "and most of the information that is not classified is categorized as 'For Official Use Only.'" (Global Research)
Senators introduce bill that would allow US to disconnect the Internet en. Joe Lieberman (I-CT), along with one Republican and Democratic senator, introduced a bill late last week that would allow the President to effectively disconnect the internet by emergency decree.
The Protecting Cyberspace as a National Asset Act would allow the President to disconnect Internet networks and force private websites to comply with broad cybersecurity measures.
Future US presidents would have their Internet "kill switch" powers renewed indefinitely.
The bill was introduced by Lieberman, Sen. Susan Collins (R-ME) and Sen. Tom Carper (D-DE). A parallel bill was drafted last year by Sen. Jay Rockefeller (D-WV) and Sen. Olympia Snowe (R-ME) which would allow the federal government to unilaterally "order the disconnection" of certain websites. (The Raw Story)
Apple patents 'anti-sexting' technology Apple has patented technology that could be used by parents to prevent their kids from sending sexually explicit text messages -- or "sexting."
The technology, which has not been commercialized, would let a phone's administrator block an iPhone from sending or receiving texts with certain words.
Messages containing blocked material either would not be received or would have the objectionable content redacted. Unlike other text blockers, Apple's version would also be able to filter content based on a child's grade level and claims to filter abbreviated words that maybe missed by other programs. (CNN)
Do We Need a New Internet? Two decades ago a 23-year-old Cornell University graduate student brought the Internet to its knees with a simple software program that skipped from computer to computer at blinding speed, thoroughly clogging the then-tiny network in the space of a few hours.
The program was intended to be a digital “Kilroy Was Here.” Just a bit of cybernetic fungus that would unobtrusively wander the net. However, a programming error turned it into a harbinger heralding the arrival of a darker cyberspace, more of a mirror for all of the chaos and conflict of the physical world than a utopian refuge from it.
Since then things have gotten much, much worse.
Bad enough that there is a growing belief among engineers and security experts that Internet security and privacy have become so maddeningly elusive that the only way to fix the problem is to start over.
What a new Internet might look like is still widely debated, but one alternative would, in effect, create a “gated community” where users would give up their anonymity and certain freedoms in return for safety. Today that is already the case for many corporate and government Internet users. As a new and more secure network becomes widely adopted, the current Internet might end up as the bad neighborhood of cyberspace. You would enter at your own risk and keep an eye over your shoulder while you were there. (New York Times)
6 reasons to worry about cybersecurity: As new technology opens enterprises to more sophisticated threats, old exploits are getting smarter The threats from increasingly professional cyber criminals, spies and hackers are evolving to address the adoption of new technologies and platforms by government and private-sector enterprises.
“Obviously, the same old stuff is still a problem,” said Patricia Titus, chief information security officer at Unisys Federal Systems and former CISO at the Transportation Security Administration. Botnets continue to proliferate, and known worms such as Zeus continue to bounce back. “Zeus 2.0 is getting ready to hit the streets,” she said.
Attackers are also becoming more sophisticated, doing a better job of covering their tracks, splitting exploits among multiple vulnerabilities to make detection more difficult, and using new platforms such as social networking not only as vectors for delivering malware but also as resources for targeting attacks at high-value victims.
“The bad guys are going to target where the people are, and millions of people are on the social networking sites,” Titus said. (Government Computer News)
Urban model for cybersecurity ed: San Diego A Slovakian antivirus company with its American headquarters in San Diego is trying to make good cybersecurity just as much a part of the local fabric as good beaches and Chargers football.
Eset launched the Securing Our eCity program with the San Diego Chamber of Commerce two years ago to offer free workshops to consumers and small businesses on how to stay safe online. Today it has become a model for similar initiatives being launched in Malaysia, Buenos Aires, and London. And it helped with the creation of the Stop Think Connect campaign launched last week as part of National Cyber Security Awareness month.
"San Diego is the first community to implement the messaging in a complete awareness campaign," with billboards, public service announcements, and radio and print ads, Darin Andersen, chief operating officer at Eset, told CNET in an interview this week. (CNET News)
Senate Homeland Security Committee approves cybersecurity legislation The Senate Committee on Homeland Security and Governmental Affairs approved a comprehensive cybersecurity bill on Thursday after amending it to limit the president's authority in the event of a cyber emergency.
The bill, co-sponsored by Sens. Joe Lieberman (I-Conn.), Susan Collins (R-Maine) and Tom Carper (D-Del.) would make the Department of Homeland Security responsible for protecting civilian networks in the government and private sector. The bill will now head to the full Senate for a vote, where it will likely be merged with other competing pieces of cybersecurity legislation.
"These cyber attacks are increasingly more sophisticated, more persistent and more successful," Carper said. "In short -- the status quo is simply not enough."
The original bill gave the president indefinite emergency authority to shut down private sector or government networks in the event of a cyber attack capable of causing massive damage or loss of life. An amendment passed Thursday limits that authority further, requiring the president to get Congressional approval after controlling a network for 120 days. (The Hill)
Bond Hatch Introduce Cyber Security Bill - U.S. Senators Kit Bond (R-MO) and Orrin Hatch (R-UT) today introduced legislation to protect our nation from the silent threat that could devastate our country--cyber attacks.
“After the failed Christmas Day and Times Square attacks, every American is aware of the threat from a terrorist with a bomb, which could take out a city block or bring down an airplane, but there is a silent threat that could devastate our entire nation--cyber attacks,” said Bond, the Vice Chairman of the Senate Intelligence Committee. “Our enemies won’t wait for us to do our homework, solve our turf battles, or modernize our laws before using our networks as a deadly weapon; in fact, the attacks have already started. We don’t have another day to waste, and our bill is the best solution to address this threat.” - The legislation Bond and Hatch introduced today, the National Cyber Infrastructure Protection Act of 2010, will put our nation on the right path to securing our networks. The bill is based on three principles: first, Congress must set lanes in the road to protect our nation’s cyber security, but leave flexibility for the private sector and Government to adapt to changing threats. Next, there must be one person who has real authority to coordinate our cyber security efforts across the federal government. The Bond-Hatch bill puts an end to the current authority gap and designates a Senate-confirmed individual, who is accountable to both Congress and the American people and reports directly to the President, to coordinate these efforts. Learning from past Congressional failures, the Senators’ bill gives the new Cyber Director the clout needed to do the job, including clear input into cyber budgets across all federal agencies.
Third, the Bond-Hatch bill creates a voluntary, public-private partnership, the Cyber Defense Alliance, to facilitate the flow of information about cyber threats and the latest technologies between the private sector and government. The Senators pointed out that since the private sector is often on the front lines of cyber attacks, encouraging their sharing of information with the government—and the government’s sharing of information with them—will make all our networks more secure. (Kit Bond)
Cybersecurity Act of 2010 Passes Senate Committee This year's version of the Cybersecurity Act was approved by the Senate Committee on Homeland Security and Governmental Affairs after amending it to limit the president's authority in the event of a cyber emergency, reported The Hill.
The bill, sponsored by Sens. Joe Lieberman (I-Conn.), Susan Collins (R-Maine), and Tom Carper (D-Del.), is an update to a bill from last year that was also worked on by Senator Jay Rockefeller (D-West Virginia) and Senator Olympia Snowe (R-Maine). At that time, people were concerned about reports that it would give the President a "kill switch" to shut down the Internet, though the technical details of exactly how a single switch could shut down the Internet were not specified.
"Giving government, especially the president, unprecedented control over America's trunk line of information, over electronic free speech and over business activities simply invites suspicions about whether it would be used politically to frighten people at election time—as did the color-code alerts—and to trample on constitutional rights like the Patriot Act did," wrote the Idaho Mountain Express, noting that Lieberman said he had modeled that aspect of the bill on governmental rights in Communist China. (Daniweb)
Internet 'Kill Switch' Would Give President Power To Shut Down The Web A new Senate bill, sponsored by Senator Joseph Lieberman, proposes to give the president the authority "to seize control of or even shut down portions of the Internet," according to CNET.
The authority granted to the government in the bill, known as the Protecting Cyberspace as a National Asset Act (PCNAA), has been likened to an Internet "kill switch."
The bill would require that private companies--such as "broadband providers, search engines, or software firms," CNET explains--"immediately comply with any emergency measure or action" put in place by the Department of Homeland Security, or else face fines.
It would also see the creation of a new agency within the Department of Homeland Security, the National Center for Cybersecurity and Communications (NCCC). Any private company reliant on "the Internet, the telephone system, or any other component of the U.S. 'information infrastructure'" would be "subject to command" by the NCCC, and some would be required to engage in "information sharing" with the agency, says CBS4. (Huffington Post)
Rogue ad hits New York Times site The New York Times' Web site is grappling with problems created by an "unauthorized advertisement," but it is unknown how the ads managed to appear on the site and whether the site had been compromised.
The rogue ad warns readers that their computer may be infected with a virus and redirects them to a site that purports to offer antivirus software, according to a note posted to the newspaper's Media & Advertising section:
Some NYTimes.com readers have seen a pop-up box warning them about a virus and directing them to a site that claims to offer antivirus software. We believe this was generated by an unauthorized advertisement and are working to prevent the problem from recurring. If you see such a warning, we suggest that you not click on it. Instead, quit and restart your Web browser. (CNet News)
Drudge Report accused of serving malware, again For the second time in less than six months, visitors to the Drudge Report say they got malware in addition to the Web site's usual sensational headlines.
Matt Drudge denied that his site was infecting visitors, however it's likely that the malware is coming from ads delivered by a third-party ad network and not the site itself.
"I can personally vouch for disinfecting my mom's desktop yesterday after visiting this Web page, even taking a screenshot after beginning remedial steps to address the attempted infection," a CNET reader wrote in an e-mail early on Tuesday. "I'm an IT professional in South Carolina so I know and understand the technology involved."
The screenshot the reader provided to CNET shows a pop-up warning the viewer that the system is infected with malware and looks like a typical fake antivirus warning that criminals use to scare people into paying for software they don't need.
The reader, who asked to remain anonymous, said he did not know exactly where on the site his mother had clicked before the fake warning appeared. (CNet News)
Microsoft: Keep internet healthy by isolating infected PCs Computers infected with malware should be disconnected from the internet to prevent them posing a risk to the rest of the online community, a top security executive at Microsoft has urged. - In a paper delivered to the ISSE 2010 computer security conference in Berlin on Wednesday, Scott Charney, Microsoft's vice president of Trustworthy Computing, proposed the move as part of a re-think of global IT cybersecurity along public-health lines. Quarantining infected PCs would help prevent malware from spreading and could help battle botnets, he said.
"If a device is known to be a danger to the internet, the user should be notified and the device should be cleaned before it is allowed unfettered access to the internet, minimising the risk of the infected device contaminating other devices," Charney said. (ZD Net)
Microsoft's PC Quarantine Plan A plan by Microsoft Security Chief Scott Charney would place infected or unsecured PCs in an Internet isolation ward. And block users from Internet access.
How might this work? Let's try this potential scenario.
Hello this is your ISP. We regret to inform you that your system has been quarantined and will not be allowed to access the Internet. We have detected that your system may be infected with malware and that you are not running the approved and certified security software to protect your system. Please remove the malware and update your security software (how you can do this without an Internet connection is your problem). Sorry about any important emails, business opportunities, emergency notices and VOIP-based phone calls that you are now missing. Have a nice day. (Information Week)
Poland Says “No” to H1N1 Vaccine Of the world’s 193 recognized sovereign states, only Poland refused the H1N1 vaccine because of safety fears and distrust of the pharmaceutical companies producing the injections. The decision by Prime Minister Donald Tusk and Health Minister Ewa Kopacz had broad public support, even though Poland has reported 145 deaths from H1N1 flu as of mid-January. Poles saw the vaccine rejection as a praiseworthy act of defiance against pharmaceutical manufacturers, a sentiment bolstered by a growing anti-vaccine movement.
“We are making this decision only in the interest of the Polish patient and the taxpayer,” Tusk said. “We will not take part because it’s not honest and it’s not safe for the patient.” The anti-vaccine movement claims that the H1N1 inoculation is untested or contains unsafe ingredients, such as the preservative thimerosal. The World Health Organization disagrees and points out that more than 150 million people in 40 nations have been vaccinated and suffered no abnormal or dangerous reactions. (Alter Group)
India halt vaccine programmes after the deaths of four children Vaccine programmes grind to a halt in India once more, when four children died after they received the measles vaccination in Lucknow. The four children were reported to have fainted soon after they were vaccinated and witnesses reported seeing the children's eyes roll back as they began to have seizures. All of the children were under the age of two years of age, with the youngest being just six months. Sadly the children died before medical aid workers could reach them.
As news of the deaths spread, immunization drives in 41 villages have been halted until further investigations have taken place.
The Indian Express stated in their article 4 children die within minutes of vaccination - www.indianexpress.com that-
"The immunisation programme was being conducted as part of the government's Jachha Bachha Suraksha Abhiyan launched on August 15. Minutes after vaccination, the children started gasping for breath." (Blitz)
FAIR USE NOTICE:
This site contains copyrighted material the use of which has not always been specifically
authorized by the copyright owner. We are making such material available in our efforts to advance
understanding of criminal justice, political, human rights, economic, democracy, scientific, and
social justice issues, etc. We believe this constitutes a 'fair use' of any such copyrighted material
as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107,
the material on this site is distributed without profit to those who have expressed a prior interest in
receiving the included information for research and educational purposes. For more information go to:
If you wish to use copyrighted material from this site for purposes of your own
that go beyond 'fair use', you must obtain permission from the copyright owner.
A bibliography for the alternative media. This site is a completely free research tool used to collect and organize as much important documentation as possible,
largely mainstream sources referenced by alternative media and interesting films.
Please collaborate by suggesting related document links here...