IBM security research has found that people are using the so-called dark net to launch cyber attacks, force ransomware demands on punters and make distributed denial-of-service (DoS) attacks.
The dark net, accessed via Tor, is often tagged as a threat. The IBM X-Force Threat Intelligence Quarterly 3Q 2015 report identifies a spike in bad traffic and leads with a warning.
The report introduces Tor as the network that takes people to the dark net. We might start calling it the ferryman and the passage across the river Styx, but things are complicated enough.
IBM said that Tor is used by “non-malicious government officials, journalists, law enforcement officials” and bad people alike. It is the latter that should concern us.
“This latest report reveals that more than 150,000 malicious events have originated from Tor in the US alone thus far in 2015,” the report said.
“Tor has also played a role in the growing ransomware attack trend. Attackers have evolved the use of encryption to hold data hostage and demand payment/ransom for the decryption code.”
We have been here before, and ransomware has been a feature of many a security alert this year already. We heard, courtesy of Bitdefender, that ransomware charges start at £320, and are a real pain to deal with. We also heard that it is Android mobile users in the UK who get the worst of the hackers’ grabbing-for-money treatment.
Back at the IBM report, and we find IBM X-Force on the issue. X-Force, which is nothing like X-Men, said that hackers push internet users who are easily fooled by flashy online advertisements into installing the new cyber nightmare. Ransomware, it warns, will separate you from your cash.
“A surprising number of users are fooled by fake/rogue antivirus [AV] messages that are nothing more than animated web ads that look like actual products. The fake AV scam tricks users into installing or updating an AV product they may never have had,” it explains, adding that in some cases people pay the money without thinking.
“Afterward, the fake AV keeps popping up fake malware detection notices until the user pays some amount of money, typically something in the range of what an AV product would cost.”
This establishes the subject as a mark, and the hackers will exploit the opportunity. “Do not assume that if you are infected with encryption-based ransomware you can simply pay the ransom and reliably get your data back,” said IBM.
“The best way to avoid loss is to back up your data. Regardless of whether your backup is local or cloud-based, you must ensure that you have at least one copy that is not directly mapped visibly as a drive on your computer.”
Tor nodes in the US spewed out the most bad traffic in the first half of this year, according to the report, adding up to about 180,000 attacks. The Netherlands is second with around 150,000, and Romania is third with about 80,000.
The bulk of this negative attention lands at technology and communications companies. You might have assumed the financial markets, but you were wrong. IBM said that ICT gets over 300,000 Tor thwacks every six months, manufacturing gets about 245,000, and finance gets about 170,000.
IBM said that the old enemy, SQL injection attacks, is the most common Tor-led threat to come at its customers. Vulnerability scanning attacks are also a problem, and IBM said that the use of the network as a means for distributed DoS attacks should “Come as no surprise”. It doesn’t.
“These attacks combine Tor-commanded botnets with a sheaf of Tor exit nodes. In particular, some of the US-based exit nodes provide huge bandwidth,” explained the report.
“Employing a handful of the exit nodes in a distributed DoS orchestrated by the botnet controller and originating at dozens or hundreds of bot hosts can impose a large burden on the targeted system with a small outlay of attacker resources, and generally effective anonymity.”
There is a lot more. The bottom line is that bad things happen on the dark net and that they come to people and businesses through Tor. IBM said that concerned outfits should just block it and move on, which is along the lines of something that Akamai said recently.
“Corporate networks really have little choice but to block communications to these stealthy networks. The networks contain significant amounts of illegal and malicious activity,” said Akamai.
“Allowing access between corporate networks and stealth networks can open the corporation to the risk of theft or compromise, and to legal liability in some cases and jurisdictions.”
That sounds fine to us, but won’t someone give a thought to those non-malicious government officials out there?
Facebook Inc is testing a personal digital assistant called “M” within its Messenger service that is capable of answering questions with live human help and performing tasks such as buying gifts online and making restaurant reservations.
M is “powered by artificial intelligence that’s trained and supervised by people,” David Marcus, vice president of Messaging products, wrote on his Facebook page on Wednesday.
Rival services like Apple Inc’s Siri, Google Inc’s Google Now and Microsoft Corp’s Cortana rely entirely on technology to answer questions.
M is a hybrid backed by a team of Facebook employees with customer service backgrounds, called M trainers, who can also make travel arrangements and appointments, Marcus wrote.
Facebook has introduced several functions inside Messenger, which boasts more than 700 million users, to transform it into a standalone platform. Earlier this year, it rolled out games exclusively on Messenger and launched products for businesses to directly connect with consumers.
The online retailer is expanding Prime Now, its one- and two-hour service, to Seattle, where the company is headquartered, and offering alcohol deliveries there.
Amazon Prime, the company’s $99 per year shopping membership program, offers free two-day delivery on millions of items. It is a key testing ground for the retailer’s new services, ranging from TV and on-demand video to fast delivery.
Amazon has said it has “tens of millions” of Prime subscribers. Analysts estimate the program to have around 40 million users worldwide.
The company has steadily expanded Prime Now since it launched the service in New York City last year. It facilitates integration of the retailer’s grocery delivery service, Amazon Fresh, which has been slower to expand to new markets.
On-demand grocery delivery is a growing and competitive market in the United States. Instacart, a grocery delivery company, announced on Tuesday that it had expanded to Indianapolis, its 17th city. Other startups, like Postmates, which focuses on meal delivery, also deliver personal care goods and alcohol for customers using a network of couriers.
Prime Now customers can order using an app available on both iOS and Android devices. Orders are shipped from smaller warehouses, or hubs. An Amazon spokeswoman said the company opened two facilities in Seattle and Kirkland, Washington, to handle Prime Now deliveries.
Intel has teamed up with OpenStack distribution provider Mirantis to push adoption of the OpenStack cloud computing framework.
The deal, which includes a $100m investment in Mirantis from Intel Capital, will provide technical collaboration between the two companies and look to strengthen the open source cloud project by speeding up the introduction of more enterprise features as well as services and support for customers.
The funding will also bring on board Goldman Sachs as an investor for the first time, the firm said, alongside collaboration from the companies’ engineers in the community on OpenStack high availability, storage, network integration and support for big data.
“Intel is actually providing us with cash, so they’ve bought a co-development subscription from us. Then, in addition, we’ve strengthened our balance sheet by putting more equity financing dollars into the company. So overall the total funds are at $100m,” said Mirantis president and co-founder Alex Freedland.
“With Intel as our partner, we’ll show the world that open design, open development and open licensing is the future of cloud infrastructure software. Mirantis’ goal is to make OpenStack the best way to deliver cloud software, surpassing any proprietary solutions.”
Freedland added that the collaboration means that there’s nothing proprietary in the arrangement that it is flowing directly into open source. No intellectual property is going to Intel.
“All this is community-driven, so everyone will be able to take advantage of it,” he added.
The move is part of the Cloud for All initiative announced by Intel in July.
Intel is becoming increasingly involved in OpenStack. The company said at the OpenStack Summit in May that it is making various contributions, including improving the security of containerised applications in the cloud using the VT-x extensions in Intel processors.
Other big companies are also backing the open source software. Google announced in July that it had joined the OpenStack Foundation as a corporate sponsor in a bid to promote open source and open cloud technologies.
Working closely with other members of the OpenStack community, Google said that the move will bring its expertise in containers and container management to OpenStack while sharing its work with innovative open source projects like Kubernetes.
Relevant tweets will appear in desktop results for queries performed in English. The search doesn’t need to include the term “twitter” or twitter hashtags — if there are tweets that Google thinks are relevant, it will surface them anyway.
Last Friday, for instance, a search for “President Obama” returned recent tweets from Obama’s Twitter account near the top of the page, below a few news articles.
The tweets that appear will include photos and links that may have been contained in the tweet.
Google has provided links to tweets in its search results for a long time, but showing the actual tweets could potentially give a boost to Twitter at a time when it’s struggling to add new users.
Google noted the expansion on Friday in an update to its earlier announcement around the mobile rollout.
The company has said it will make the feature available in other languages besides English.
Samsung is working on a huge Android-based tablet that could be used in living rooms, offices, or schools, presumably as a coffee table.
According to Sam Mobile the SM-T670, codenamed ‘Tahoe’, is an Android 5.1 Lollipop-based tablet with an 18.4-inch display.
It will have a TFT LCD screen with a resolution of 1920 x 1080 pixels and be powered by an octa-core 64-bit 1.6GHz Exynos 7580 processor. It will have a rather low 2GB RAM, 32GB internal storage, a microSD card slot and a 5,700 mAh battery. Face it though a tablet this big is not going to spend a lot of time being carried about or needing a battery.
Apparently it will have an 8-megapixel primary camera and a 2.1-megapixel secondary camera. It will be 451.8 mm wide, 275.8 mm tall, and 11.9 mm thick. Strangely no one has mentioned the things weight.
Samsung is also said to be working on a Windows 10-based tablet with a high-resolution 12-inch display, a 13nm Intel Core M chipset, 4GB RAM, and an S Pen.
The Biel, Switzerland-based company is competing with Apple and other watchmakers in the budding smartwatch market.
“Our product is called Touch Zero One and that gives enough room for Zero Five, Zero Nine,” Nick Hayek was quoted as saying by Switzerland’s Tages-Anzeiger newspaper. “The Touch Zero One is not the end of the progression.”
Hayek told the paper Swatch would launch Touch Zero Two at next year’s Olympic Games in Rio de Janeiro.
The Swiss company’s strategy appears primarily to revolve around including individual tech features in different models rather than going head to head with Apple to create all-in-one smartwatches combining many functions.
On top of its Touch Zero One, which can track the distance the wearer travels and help beach volleyball players measure the power of their hits, Swatch is planning to launch watches with an embedded “near field communication” chip this year.
The early returns on Edge not only hint at Microsoft’s failure to get the earliest adopters to rely on the new browser, but also question Mozilla’s contention that Windows 10′s setup will result in defections from its own Firefox, or by association, other non-Microsoft browsers.
During July, Edge accounted for just 0.14% of all browsers tracked by California-based Net Applications. With Windows 10′s user share standing at 0.39% for July — and because Edge works only on Windows 10 — the browser was run by about 36% of its potential users (0.14% divided by 0.39%).
Net Applications measures user share using visitor tallies to its customers’ websites. The result is a rough estimate of the percentage of the world’s online users who run a specific browser.
Data from StatCounter, an Irish metrics vendor, also showed that Edge was far from the universal browser of choice among people who have upgraded to Windows 10.
Over the first 16 days of August, Edge’s global average daily usage share was 0.7%, far below the 4.4% average daily share of Windows 10. In other words, StatCounter pegged Edge as accounting for about 16% of the online activity of all Windows 10 owners.
The low percentages of Windows 10 users currently running Edge signaled that Microsoft has not made its case for the new browser, at least among those who have jumped on the OS and its free upgrade. That’s troubling, since Microsoft has positioned Edge as its browser of the future, and put in considerable effort to making it more compliant with standards, while relegating Internet Explorer (IE) in general, IE11 specifically, to a legacy support position.
The cylinder-shaped router, named OnHub, can be pre-ordered for $199.99 at online retailers including the Google Store, Amazon.com Incand Walmart.com.
The router comes with in-built antennas that will scan the airwaves to spot the fastest connection, Google said in a blog post.
With the router, users will be able to prioritize a device so that they can get the fastest Internet speeds for data-heavy activities such as downloading content or streaming a movie.
The router can be hooked up with Google’s On app, available on Android and iOS, to run network checks and keep track of bandwidth use among other things.
Google said OnHub automatically updates with new features and the latest security upgrades, just like the company’s Android OS and Chrome browser.
The router is being manufactured by network company TP-LINK, Google said, hinting that ASUS could be the second manufacturing partner for the product.
The product launch comes days after Google restructured itself by creating Alphabet Inc, a holding company to pool its many subsidiaries and separate the core web advertising business from newer ventures like driverless cars.
Making products for the smart home is one such venture.
Google last year bought Nest, a smart thermostat maker, for $3.2 billion, aiming to lead the way on how household devices link to each other and to electricity grids.
The global market for “Internet of Things”, the concept of connecting household devices to the Internet, will nearly triple to $1.7 trillion by 2020, research firm International Data Corp said in June.
The non-profit organization has unveiled an easy-to-use app for Android devices, called Webmaker, that allows users to create Web pages and simple apps from their smartphones, which are quickly becoming the predominant technology used to use the Internet, especially in less wealthy countries.
“We want the next two billion people coming online to understand that the Web is theirs to read, write, and participate in,” said David Ascher, Mozilla’s vice president of products.
Currently, about 40% of the world’s population — or a little over 3 billion people – enjoys Internet access. Webmaker was designed to give these usersa way to create their own presence online. Webmaker also could set the stage for bringing more local content on the Web, Ascher said.
While social networking sites such as Tumblr and Instagram offer the ability to create content for mobile devices, Webmaker was designed to provide more flexibility in terms of how users can present information, by not locking them into a single format.
The foundation says it designed the software to be as easy to use as possible.
After signing in, users are provided with a blank page and the ability to add text, images or photos. Additional pages can be then be added. A user is given a map to stitch together pages in a way that best fits their needs.
When the app is finished, it is stored on the Webmaker.org site, where it can be accessed from either a phone or a computer browser.
Webmaker can run on smartphones with Android 4.0 or newer. Initially, Webmaker is available in four languages, Bengali, Brazilian Portuguese, English and Indonesian. Additional languages will be supported in future releases.
The company plans to test the device in the U.S., according to several messages posted on Twitter by the Project Ara team. Neither the exact location nor precise timing of the tests was given.
“We are looking at a few locations in the U.S.,” one tweet said.
The Project Ara smartphone is designed to let users easily swap out its components.
The idea is that users purchase the hardware modules, like processors and sensors, themselves and snap them together to create a customized smartphone. In so doing, users could improve their device on their own terms, rather than buying a new phone outright.
Google had planned to commence initial testing in Puerto Rico this year, though those plans were scrapped as part of a ”recalculation,” announced last week.
The hastag #Yeswearelate was affixed to one of the tweets on Monday.
Google did not immediately respond to comment further.
Billions of mobile phone users are at risk from a signalling flaw that allows hackers to intercept all voice calls and track locations.
Australian TV program 60 minutes is claiming the scoop, showing in a special report how hackers were able to record the mobile phone conversations of a prominent politician and track his movements from a base thousands of miles away in Germany.
This is because of a flaw in the architecture of the signalling system, known as SS7, which is used to enable mobile phone roaming across telecoms providers, according to the programme.
A hacker can use this information to listen in to any mobile phone conversation by forwarding all calls to an online recording device and then re-routing the call back to its intended recipient, a so-called man-in-the-middle attack.
It also allows the movements of a mobile phone user to be tracked on applications such as Google Maps, and 60 Minutes claimed that it throws the security of SMS verification used by banking apps, for example, into doubt.
“Verification by SMS message is useless against a determined hacker with access to the SS7 portal because they can intercept and use the SMS code before it gets to the bank customer,” the report said.
It’s worth noting, however, that the German hackers who carried out the demonstration, in which they intercepted and recorded a conversation between a 60 Minutes reporter and independent Australian senator Nick Xenophon, were given legal access to SS7 by the government, something most hackers won’t have.
Even so, the disclosures have led to calls for an immediate public inquiry in Australia, amid concerns that the security and intelligence services have long been aware of the SS7 security vulnerabilities.
Senator Xenophon said in response to the report: “This is actually quite shocking because it affects everyone. It means anyone with a mobile phone can be hacked, can be bugged, can be harassed.
“The implications are enormous and what we find shocking is that the security services, the intelligence services, they know about this vulnerability.”
What’s more, security outfit Adaptive Mobile said that such flaws should be taken seriously, as attacks can be launched anywhere in the world on any individual connected to the global SS7 network.
The firm published a blog post following the high-profile attack on Hacking Team when it first became concerned about SS7.
“Security in the SS7 network has become of paramount importance for the mobile community, so knowing how these surveillance companies regard and use SS7 is essential,” Adaptive Mobile said.
“Based on the information that has become available, it seems that there is a wider group of commercial entities selling systems that allow surveillance over SS7, and that these systems are for offer today.”
Oracle has added more allegations to its court filing against Google, claiming that it has “destroyed” the market for Java.
The case stems from the use of Java libraries in the original Android operating system design. While these are open source, a clueless judge ruled that the APIs allowing third parties to use the libraries are subject to copyright and it is those libraries which Google is accused of infringing.
As regular readers will know, we have labelled this what in journalistic circles we like to refer to as ‘a heap of old horse shit’ that sets a dangerous precedent for the whole industry. However, Oracle is continuing to glove-slap for satisfaction.
The latest papers filed, which Google is yet to contest the addition of, work best if dictated with a single violin playing somberly in the background.
“Although all of these new Android versions are dependent upon the infringing Java code, applications written for these new Android versions are not compatible with the Java platform, because they do not run on the Java platform or on devices implementing the Java platform,” the filing said.
“Similarly, applications written for the Java platform do not run on the versions of Android made available since October 2010. Accordingly, given the widespread dominance Android has achieved with its continued unauthorized use of the 37 Java API packages over the past few years, Android has now irreversibly destroyed Java’s fundamental value proposition as a potential mobile device operating system by breaking the ‘write once, run anywhere’ principle on which Java was built.
“Google’s increasing domination of the mobile device market with Android, and its continuing failure and refusal to make Android compatible with the Java platform, has destroyed the potential value of a licensed derivative version of the Java platform in the mobile device market.”
Cutting to the chase, what Oracle is basically saying is that Google used them, then spat them out, leaving them unappealing to others, which makes them sound like a fallen woman in a Thomas Hardy novel.
The defense is likely to be that Java is an ageing, exploit-ridden system that has to be regularly patched up, and that forking from it was the best thing to do for customers. But, as ever with these epic battles, it’s going to be down to who has the best lawyers. Or the biggest yacht.
Oracle argues that the meteoric rise of the Android platform, and its market dominance, based on thousands of lines of Java code and yielding billions in ad revenues, means that the Ellison yachting fund is due a top-up.
Google has consistently claimed that, even if the APIs are copyright-able, ‘fair use’ is at play. Twice the court has sided with Google, and twice the decision has been overturned on appeal by old men who probably smoke cigars but think that the World Wide Web gives you cancer.
The company is testing updates to private browsing in Firefox designed to block website elements that could be used by third parties to track browsing behavior across sites. Most major browsers, Firefox included, have a “Do Not Track” option, thoughmany companies do not honor it.
Mozilla’s experimental tool is designed to block outside parties like ad networks or analytics companies from tracking users through cookies and browser fingerprinting.
It’s available in the Firefox Developer Edition on Windows, Mac and Linux, and Firefox Aurora on Android, Mozilla said.
The tool is in pre-beta, although it might be incorporated into future versions of Firefox’s main browser.
The tool might cause some data-hungry websites to not load properly, Mozilla said. Users can unblock specific websites if they wish.
The enhancements also better identify unsafe browser add-ons that could install malware or collect user information.
“We’ve worked with developers and created a process that attempts to verify that add-ons installed in Firefox meet the guidelines and criteria we’ve developed to ensure they’re safer for you,” Mozilla said in a blog post.
Web tracking provides fuel to the lucrative business of targeted ads. A recent report showed that the usage of ad-blocking software is on the rise, costing publishers billions of dollars.
Other browser extensions designed to block tracking and targeted ads include Ghostery and AdBlock Plus.
The Electronic Frontier Foundation, meanwhile, is trying to develop a new standard for the “Do Not Track” browser setting to make it more effective.
That smartphone you might be using may not be as secure as you thought, according to security research.
The doomsday prophet here is Trend Micro, which said that big name providers are not taking your arm armory seriously. We’ve heard HP wax lyrical on this as well.
Trend Micro apparently took its study seriously, and measured the preventative efforts on hardware including the Apple Watch, Motorola 360, LG G Watch, Sony Smartwatch, Samsung Gear Live, Asus Zen Watch and the Pebble.
Devices were all upgraded to the latest OS versions for the study, and each was paired with its related device: an iPhone 5, Motorola X or Nexus 5.
Physical protection has something like a wet paper bag ranking, and Trend Micro said that the obvious weaknesses will become apparent should a wearable be pinched. Apple seems to do the best work here, and is credited with using a timeout function to prevent easy bad man activation.
However, the Apple device contains the biggest chunks of user data, the firm said, which could cause problems if someone managed to break their way into the Watch and a partnered iPhone.
“Across all of the smartwatches that were tested, it is clear that manufacturers have opted for convenience at the expense of security,” Bharat Mistry, cyber security consultant at Trend Micro, commented.
“On the surface, a lack of authentication features can make devices appear easier to operate, but the risk of having personal and corporate data compromised is much too big an issue to forget about.”
The security company has some top-line, high-concept advice for hardware firms, including the suggestion that “simple security features” should be adopted.
“Manufacturers must ensure that simple security features, such as limited password attempts, are enabled on devices by default,” said Mistry.
“This considerably reduces the likelihood of data breaches. Smartwatch manufacturers must be cognizant of the fact they can slash data breaches by employing this best practice.”
It is estimated that wearables, and the security losses associated with them, will contribute to a criminal cost to the industry of a whopping $2tn by 2019.