Subscribe to:

Subscribe to :: ::

Will Linux See Growth Next Year?

May 9, 2012 by  
Filed under Computing

Canonical has said it expects Ubuntu to ship on 18 million PCs next year.

Having just launched Ubuntu 12.04, Canonical is bullish about its future, with Chris Kenyon, its VP of sales and business development forecasting that the firm’s operating system will ship on 18 million machines in 2013. According to Phoronix, Kenyon claimed that will amount to five per cent of worldwide PC shipments.

Kenyon’s prediction represents more than double the number of PCs shipped currently with Ubuntu and while that might seem optimistic the firm has been on a roll when it comes to OEM support. Prior to Canonical’s launch of Ubuntu 12.04 it announced certification for HP Proliant servers, and yesterday it revealed that it has been working with Dell on an Ubuntu image for Dell’s headline XPS 13 ultrabook.

Although Kenyon mentioned PC unit sales, it is unlikely to forecast a similar growth in servers pre-installed with Ubuntu despite the firm’s certification for some Proliant servers.

Kenyon believes that most firms buy bare metal servers and load their own tweaked images. He said, “As a point of fact the vast majority of this [Ubuntu on servers] is not sold pre-installed. […] Pre-install in the server market is just irrelevant, it is not how the market works. Even when something gets pre-installed an enterprise will wipe it because they will have their own image. [OS pre-installation] is a distraction [for servers, but] it’s a very applicable question in the client world.”

While Kenyon has a valid point regarding server adoption, there is a certain cachet and seal of approval if servers ship with Ubuntu, even if customers wipe the drives and load customised images. Nevertheless, Canonical is right to focus on PC sales targets, as Ubuntu is one of the most polished and consumer friendly Linux distributions available.

Microsoft’s biggest advantage over Linux distributions isn’t its Windows operating system but the way Microsoft has got just about every OEM to ship machines with Windows, meaning users have to find, download and then install alternative operating systems. If Canonical manages to get Ubuntu pre-installed on five per cent of all PCs shipped in 2013, then it will start to rival the popularity of Apple’s Mac OS X, a pretty impressive feat.




Hackers Goes After Finland Over Pirate Bay

January 10, 2012 by  
Filed under Computing

Anonymous apparently has declared war on Finland after the country began blocking access to the filesharing web site Pirate Bay.

Yesterday we reported that the large Finnish ISP Elisa, had begun blocking the web site at the order of Finland’s High Court. This news was not taken well by Anonymous, which responded by hacking its ‘enemy’.

“TANGO DOWN Copyright Information & Anti-Piracy Centre In Finland | And We’ll keep it down as long as We want \o/,” wrote the Anon_Finland account on Twitter.

The cause caught the attention of the wider Anonymous hacktivist collective, and the Anonymous Finns got its support.

“Finland is apparently just begging for some sweet, sweet Anonymous action. We shall oblige them. #Elisagate ^_^” wrote Youanonnews.

Anonymous Sabu, one of the more vocal members of the group also took an interest. “Ladies and gents: today we will focus on Finland. and every country like it who has begun a campaign of censorship. First steps to Cyberwar,” he tweeted, adding, “To the Finnish government: Stop censorship or deal with the consequences.”

Elisa is appealing the decision and is calling its block a temporary one. It also said that it installed the block to avoid a fine. It added that it did not make the decision, but the High Court.


Will Anonymous Retaliate If SOPA Is Passed?

December 23, 2011 by  
Filed under Computing

Anonymous has said it will respond if the controversial Stop Online Piracy Act (SOPA) is passed into law in the US.

The group has posted a statement in which it reiterated its attitude towards SOPA and its plans to create an internet police state.

“The goal of the so-called ‘Stop Online Piracy Act’ SOPA is to empower litigious U.S. corporations to police the internet, with the ability to act as judge, jury and executioner,” it says.

“SOPA tramples civil rights laws, fair use, freedom of press and freedom of speech. Under SOPA an average person could be arrested, fined, sued and spend time in a federal prison for so little as uploading a video to YouTube or even linking to one. This law further proves the reality of corporate rule and totalitarianism.”

The vote on SOPA has been delayed due to opposition, according to the post, and is not likely to happen until next year. However, the hacktivists suggest that it will be delayed only as long as it takes for the media to lose interest.

“In a democracy this should be enough to defeat the bill, however, in the U.S. it only means that the vote will get delayed until the media loses interest and the backing corporate lobbyists have enough time to ‘influence’ [read: bribe] the vote to their favour,” they warn.

“However, it has been clandestinely moved forward in an attempt to fast track the law under the radar of a culture drunk on materialistic obsession – as such The House Judiciary Committee is reconvening on the 21st of December. In short, we were lied to.”

The hacktivist group said that it would react to this, and react strongly. “Our reaction will not be little,” it warns.

Anonymous wants to spread awareness and increase opposition to SOPA while it is still up for debate, and called on fellow Anons are asked to carry out points of action, the first being to hack into and replace the front page of “every website we can” with a protest page.

“Encourage friends, businesses, organizations, social media to take a stand along side us in the same way,” it says. “Use/distribute the OpBlackOut material we’ve provided for this purpose, or make your own (but please try to be concise and indict SOPA specifically so the message is clear, unanimous and omnipresent). Get this image and message everywhere online. Plant the seeds of dissent where ever they can grow.”

As well as acting online, Anonymous said that supporters should physically protest through stickering and tagging billboards, signs and advertising.

“Get people talking. Put the truth not only where it can be seen, but where it cannot be avoided,” it adds. “This is something everyone can do. We are legion, this is our voice, people are listening, we will be heard.”



Hasbro Plans To Sue Asus

December 22, 2011 by  
Filed under Computing

Asus is being sued by Hasbro over the Transformer Prime because of its name.

The toymaking company has filed a lawsuit in Los Angeles asking for an injunction banning the device as well as payment of damages. Hasbro markets the Transformer action toys, one of which is called Optimus Prime. It claims that Asus is violating its trademark.

Hasbro told Paid Content, “Hasbro continues to aggressively protect its brands and products and the specific actions we are taking today against Asus underscores yet again Hasbro’s willingness to pursue companies who misappropriate our intellectual property for their own financial gain.”

The Transformer Prime is a follow-up device to the Transformer, which Asus launched in May. Hasbro never bothered to take any action over that tablet so we’re surprised that it has taken it this long.

There’s a chance that Hasbro will lose the lawsuit because the products are so different and therefore it’s hard for a consumer to get confused between them.

The Transformer Prime isn’t available in the UK yet. If Asus is forced to withdraw the device from the market this will no doubt disappoint large numbers of customers who have pre-ordered the tablet or are planning to splash out on one next year.




Hackers Plan To Go After Fox News

November 1, 2011 by  
Filed under Computing

Anonymous plans to take out the Fox news network because of its coverage of the Wall Street Protests.

Dubbed “Operation Fox Hunt”, Anonymous announced the plans on YouTube to attack the Fox News website on the anniversary of Guy Fawkes Day. Anonymous is also planning to target former Fox News personality Glenn Beck as well as current Fox News representative Sean Hannity and Bill O’Reilly during “Operation Fox Hunt”.

Anonymous said that it has had a gutsful of “right wing conservative propaganda” and “belittling the occupiers” of the Occupy Wall Street demonstrations. Anonymous recently a distributed denial-of-service attack against the Oakland police department’s website after a 24-year-old wounded Marine home from serving two tours in Iraq was critically injured in the Occupy Oakland protest. Police allegedly threw an object that fractured the marine’s skull landing him in the hospital.

Inspiration for Anonymous members, Guy Fawkes is most commonly known as the only person to enter Parliament with an honest intention. He wanted to blow up the House of Lords on November 5 in the year 1605 as part of a Catholic uprising.




Stuxnet Computer Worm Sibling (DuQu) Is Out In The Wild

October 19, 2011 by  
Filed under Around The Net

The STUXNET computer worm that crippled an Iranian nuclear fuel plant last year now has a sibling called Duqu that’s already in place on European computers, according to a detailed report by an anonymous research lab.

The virus, named after the DQ prefix it adds to files it creates, is reportedly “very similar to Stuxnet”, according to security firm Symantec, which gained access to the report and samples of the virus. “Parts of Duqu are nearly identical to Stuxnet, but with a completely different purpose. Duqu is essentially the precursor to a future Stuxnet-like attack.”

Symantec revealed that the the Duqu virus is designed to gather industrial control system data, including keystrokes from engineers, in an effort to compile information for a possible further attack some time in the future.

The difference between Duqu and Stuxnet is that the former is mainly a remote access trojan, designed to steal information, and the virus does not self-replicate. Stuxnet, however, affects industrial control systems much more directly, so much so that it can alter their operations in an effort to cause extreme damage, which many experts believe is what happened to Iran’s nuclear fuel enrichment systems.

“The creators of Duqu had access to the source code of Stuxnet,” Symantec said, according to Reuters. It is widely believed that the US or Israel was behind development of the Stuxnet worm, which means that this could be a follow-up monitoring attempt or perhaps a response from Iran to try to find a rival target to sabotage.

The US Department of Homeland Security said that it is aware of the virus, has issued a public alert, and is working to analyze the worm.




Anonymous Goes After PayPal Again

October 19, 2011 by  
Filed under Around The Net

Anonymous is launching a second round of protests against online payment service Paypal, which could see thousands of people closing their Paypal accounts.

Anonymous member and spokesperson Sabu told some 25,000 supporters on his Twitter page, “If you haven’t already – close out your paypal accounts. Transfer your money to a credit union. Small steps we need to take for big picture.”

Another tweet that is making the rounds on Twitter is, “Today is #OpPayPal round two. Close out your paypal accounts. Inform your family//peers. Email companies that rely on PP to use alts. RT!”

For those who want to continue making online payments without using Paypal, Sabu suggested using an “anonymous prepaid visa card”, which can bought from many local shops.

However, users might encounter problems with online payments, as many online retailers use Paypal for everything, even normal credit card purchases. This means that those who do buy a prepaid credit card could be forced to use it through Paypal anyway.

In response to this concern Sabu said, “Might have to start emailing companies to use alternative payment systems. If enough people communicate this point: win.”

There are no recent tweets about Paypal on the Anonymous Twitter page, but it’s likely only a matter of time before the news starts appearing on multiple accounts associated with the group.

This latest round of Paypal protests appears to be in response to Paypal’s decision to freeze donations to the independent social networking project Diaspora. Paypal refused Diaspora’s appeal and has failed to provide an explanation of what it alleges Diaspora did wrong. It can hold Diaspora’s money, which is around $45,000, for up to six months. Diaspora is now using Stripe in place of Paypal.




Will Anonymous Join The Wall Street Protest?

October 4, 2011 by  
Filed under Around The Net

Anonymous has said that it is joining in the anti-Wall Street Protests in New York.

Despite low press coverage the Occupy Wall Street protests gaining traction around the US and now the hacking collective known as Anonymous issued a statement about a planned attack for the financial district. It said that it would specifically target the New York Stock Exchange on October 10 and claims to “erase” the NYSE from the Internet on that day.

Operation Invade Wall Street is likely to be a Distributed Denial of Service (DDoS) attack on the New York Stock Exchange website. The message was included in a video uploaded to YouTube that’s designed to recruit more hackers to the Operation Invade Wall Street cause.

A one-day DDoS attack would be a nuisance for the officials of the NYSE, it’s unlikely to cause any significant damage. However, there are fears that Anonymous will attack to disrupt the exchange and attempt to harm trading on October 10.

So far Anonymous targets the New York City police department which has been doing its best to kill off any good will it might have gained during September 11, by battering harmless protesters and innocent bystanders. Anonymous has released personal information in regards to the officer using the pepper spray such including his phone number, home address and names of relatives.





Hackers went after CIA, MI6 and Mossad

September 6, 2011 by  
Filed under Uncategorized

Diginotar released a list of over 500 fraudulent certificates issued by the hackers who broke into the company’s infrastructure last month. Some of them are for the domains of the CIA, Mossad and the British Secret Intelligence Service (SIS).

The Diginotar breach was discovered a week ago when a rogue * certificate issued by the certificate authority (CA) was used in attacks against Gmail users in Iran. The company admitted suffering an intrusion back in July which resulted in fraudulent certificates being issued for a number of domains.

The browser vendors reacted promptly by removing the Diginotar CA root certificate from their products, but kept the one for Diginotar’s PKIoverheid sub-CA, which was used to sign Dutch government certificates.

The investigation into the incident is ongoing, but the security lapses identified are so serious that the Dutch minister of internal affairs announced in an urgent press conference at 1:15am on Saturday that the PKIoverheid sub-CA should no longer be trusted either.

Ever since the company’s first public statement about the incident, the security community has wondered how many rogue certificates were issued and what domains were targeted. The Dutch government has now shed some light on this by releasing a list of 531 fraudulent certificates associated with Diginotar.

From the looks of it, the hackers didn’t just target big internet services from Google, Yahoo, Facebook, Microsoft, and so on, but intelligence agencies as well, with, and, allegedly being among the targeted domains.

Furthermore, the hackers tried to use their access to issue rogue root certificates for other CAs like Comodo, Equifax, Verisign and Thawte. These certificates would have allowed them to bypass security features like certificate pinning.

Certificate pinning is built into Chrome and restricts the number of CAs that can sign a certificate for a particular domain. For example, only Gmail certificates signed by a couple of CAs will be trusted by the web browser.

The hackers also managed to issue what are known as wildcard certificates for *.*.com and *.*.org. This would have allowed them to spoof any SSL-protected second-level domain under those TLDs.

They probably failed to issue certs for *.com and *.org directly due to restrictions built into the system. But even so, the *.*.com one would have allowed spoofing successfully, for example.

The implications of this attack are huge and will probably lead to changes in the way public key infrastructure (PKI) works in the long run. It’s clear at this point that the CA-based model is flawed and the compromise of a single CA can have too much of an impact on online trust.

“The attack on Diginotar doesn’t rival Stuxnet in terms of sophistication or coordination. However, the consequences of the attack on Diginotar will far outweigh those of Stuxnet. The attack on Diginotar will put cyberwar on or near the top of the political agenda of Western governments,” said Roel Schouwenberg, senior antivirus researcher at Kaspersky labs.

Mozilla has already announced that it will also remove PKIoverheid from the list of trusted certificates following the Dutch government’s assessment. It also stressed that the removal of all Diginotar root certificates is final and not temporary. Other browser vendors are taking a similar stance, so this most likely means the end for the company in the SSL CA business.

It seems that Diginotar’s biggest mistake was its failure to communicate with vendors and affected parties immediately after learning about the compromise. “The integrity of the SSL system cannot be maintained in secrecy. Incidents like this one demonstrate the need for active, immediate and comprehensive communication between CAs and software vendors to keep our collective users safe online,” said Johnathan Nightingale, Mozilla’s director of Firefox engineering.


Courtesy-TheInq by Lucian Constantin

The Linux Kernel Home Got Hacked

September 1, 2011 by  
Filed under Computing

Servers that are part of the Linux infrastructure were affected during a recent intrusion where attackers managed to gain root access and plant Trojan scripts.

According to an email sent out to the community by chief administrator John Hawley, known as warthog9, the incident started with the compromise of a server referred to as Hera. The personal colocated machine of Linux developer H Peter Anvin (HPA) and additional systems were also affected.

“Upon some investigation there are a couple of boxes, specifically hera and odin1, with potential pre-cursors on demeter2, zeus1 and zeus2, that have been hit by this,” Hawley wrote.

The intrusion was discovered on 28 August and according to preliminary findings attackers gained access by using a set of compromised credentials. They then elevated their privileges to root by exploiting a zero-day vulnerability that the administrators have yet to identify.

Fortunately, logs and parts of the exploit code were retained and will help the investigation. A Trojan was added to the startup scripts of affected systems, but gave itself away through Xnest /dev/mem error messages.

According to the admins, these error messages have been seen on other systems as well, but it’s not clear if those machines are vulnerable or compromised. “If developers see this, and you don’t have Xnest installed, please investigate,” the administrators advised.

The good news is that the exploit failed on systems running the latest Linux kernel version, 3.1-rc2, which was released two weeks ago. This is possibly the fortunate consequence of one of the bugfixes it contains.

All of the affected boxes were taken offline following the incident and will be reinstalled. The official Linux kernel source code is also being analysed for unauthorised changes, however, these should be very easy to spot thanks to the security measures built into the git repository.

Furthermore, over four hundred users will be forced to change their credentials and SSH keys as a precaution. The project’s security policies will also be reviewed and improved.This is not the first time that a major open source project has had to deal with such an intrusion.

Last December, Savannah, the collaborative development platform maintained by the Free Software Foundation was taken offline after hackers managed to break in through an SQL injection vulnerability. And in September 2009 the infrastructure team of the Apache Software Foundation took several mirrors offline after the main staging server was compromised using a stolen SSH key.



Courtesy-TheInq by Lucian Constantin


Is Anonymous Going After Wall Street?

August 26, 2011 by  
Filed under Uncategorized

Anonymous has called on its followers to descend on Wall Street next month and occupy it.

The group has joined an existing campaign that is being promoted by Adbusters and Culture Jammers under the S17 banner, and has asked its followers to attend with tents and portable kitchens so that it can set up a barricade.

The date for the occupation is 17 September, and on its poster Anonymous said that it had one simple demand, which is “Bring Tent”. We expect it will have others to make of Wall Street itself however.

Adbusters was pleased by the groups joining and welcomed it on its own web site. The flood of attention could also help it carry out other ‘occupations’ in other major cities.

“Simultaneous occupations of financial districts are now being planned in New York City, Madrid, Milan, London, Paris and San Francisco. With a bit of luck, this list of participating cities will grow,” it wrote.

“If we can pull together just the right mix of nonviolence, tenacity and strategic smarts, S17 could be the beginning of the global revolution we’ve all been dreaming about for so long … wouldn’t that be lovely.”

Anonymous announced its support earlier this week with a video, but has increased the campaign with a poster as the event draws closer.
 by Dave Neal

Oracle Suffers Loss

August 8, 2011 by  
Filed under Computing

Over the weekend, researchers at Defcon highlighted how easy it is for would-be ‘hackers’ to get employees of large companies to divulge information that could be used in attacks. The technique, known as social engineering, essentially results in sensitive information being acquired through subterfuge rather than stolen.

Reuters reports that in one case, a contestant taking part in a Defcon competition pretended to work for a company’s IT department and got an employee to hand over information on what PC she was using. Chris Hadnagy, one of the Defcon organisers told Reuters, “A lot of this could facilitate serious attacks if used by the right people.”

Hadnagy said that Oracle’s employees handed over more data than those of any other company targeted in the competition. Other targets included Apple, AT&T, Symantec, United Airlines and Verizon.

Social engineering is a well known tactic of acquiring information from people. The application of social engineering in computer hacking became widely known following the 2002 publication of The Art of Deception by legendary hacker Kevin Mitnick following his release from prison.

What the security researchers have highlighted is that firms need to spend a great deal more time and money on training front line staff to be aware of such tactics. Although information given out through social engineering might on its own seem inconsequential, in some cases it can provide the ‘in’ that hackers are looking for.

Courtesy-TheInq by Lawrence Latif

Lulzsec’s Accused Ringleader Out On Bail In England

August 2, 2011 by  
Filed under Around The Net

HackersThe accused Topiary’, whose name is Jake Davis, was charged on Sunday and bailed by the courts yesterday. He was charged with five offences: Unauthorised access to a computer system, Encouraging or assisting offences, Conspiracy with others to carry out a Distributed Denial of Service Attack on the website of the Serious and Organised Crime Agency, Conspiracy to commit offences of Section 3 Computer Misuse Act 1990, and Conspiracy with others to commit offences of Section 3 Computer Misuse Act 1990 contrary to Section 1 of the Criminal Law Act 1977.

According to a report at the Guardian, his bail conditions are that Davis must wear an electronic tag, not access the internet, and not leave his house between 10pm and 7am.

Davis, who appeared outside court wearing sunglasses and holding a copy of “Free Radicals: The Secret Anarchy of Science” by Micheal Brooks and who allegedly authored the Rupert Murdoch is dead story that appeared on the hacked web site of the Sun newspaper, has already gained support on the internet in general and especially on Twitter.

“After a life full of efforts and diligence, courage and patience, incitement and cyber victory, generosity and charity, expatriation and travels, advice and good planning, wisdom and sophistication, the life of the Garden Hedge came to an end during this specific era. His blood, words, attitudes, and his ending are to remain a longcat running within the junctions of Anonymous generation after generation,” reads a message posted to Pastebin and described as being to and about the teenage hacker.

“His message was this poetic verse: ‘You cannot arrest an idea.’ Topiary – may you fly always over the horizon.”


Courtesy-TheInq by Dave Neal


Coming Soon: Hacker’s Awards Ceremony

July 27, 2011 by  
Filed under Around The Net

The computer hacking community is getting ready for its own version of the annual Oscars, with two notorious “hacktivist” groups and industry heavyweight WikiLeaks among those vying for the top award.

Sony Corp and EMC Corp’s RSA Security division will also be recognized at next week’s award ceremony, for the dubious distinction of having fallen victim to hackers.

While the Pwnies may be tongue-in-cheek, the awards represent a serious attempt to acknowledge the people and events that have made the biggest impact on the hacking community over the past year, said Dino Dai Zovi, one of the organizers of the event.

He is one of several Pwnies judges who will pick the winners from a list of candidates nominated through the organization’s website.

Pwnies is pronounced like “ponies” and refers to the hacking slang term Pwned, which means “owned” or controlled by a hacker.

Winners will receive a Hasbro Inc “My Little Pony” figurine, painted gold, at a ceremony on August 3 during the Black Hat hacking conference in Las Vegas.

Hacktivists Lulz Security and Anonymous are among those nominated for “Epic 0wnage” — delivering the most damaging, widely publicized, or hilarious hack of the past year.

Both groups are wanted by cyber police around the globe.

LulzSec is nominated for “hacking everyone,” according to the Pwnies website. Victims include Fox News, Nintendo, the NHS, the U.S. Senate and the CIA.

Anonymous was nominated for hacking into the email accounts of security firm HBGary Federal, then publishing the emails of its executives on the Web.

They are competing with the virus Stuxnet, which security experts say was designed to attack an nuclear enrichment facility in Iran.