Rick Zeman writes "According to a headline article in the New York Times, they admit to being hacked by the Chinese, and covers the efforts of Mandiant to investigate, and then to eradicate their custom Advanced Persistent Threats (APT). This was alleged to be in reaction to an article which details the sleazy business dealings of the family of Wen Jiabao, China's newest Prime Minister. China's Ministry of National Defense said in denial, 'Chinese laws prohibit any action including hacking that damages Internet security.'" Update: 01/31 15:00 GMT by T : The Times used Symanetic's suite of malware protection software; Symantec has issued a statement that could be taken as slightly snippy about its role in (not) preventing the spyware from taking hold.
First time accepted submitter DiscountBorg(TM) writes "An employee of the Canada Revenue Agency lost his job after releasing a humorous game in which the player answers customer service calls for the Agency, usually leading to his termination. In an email National Revenue Minister Gail Shea said: 'The Minister considers this type of conduct offensive and completely unacceptable. The Minister has asked the Commissioner (of Revenue, Andrew Treusch) to investigate and take any and all necessary corrective action. The Minister has asked the CRA to investigate urgently to ensure no confidential taxpayer information was compromised.'"
itwbennett writes "Now that the ridiculous phone unlocking law is a done deal, and we all understand exactly what that means (i.e., 'fines of up to $500,000 and imprisonment of up to five years'), you might be left wondering what can you do about it. Well, you could start by lending your John Hancock to this petition at the White House's 'We The People' platform. It's already over halfway to the number of signatures required to get a response from the executive branch."
First time accepted submitter 3seas writes in about DMVs across the country learning textspeak in order to keep vulgar acronyms off the road. "You can have txtspeak on your plate in Arizona, but only if you keep it clean. 'ROFLMAO' is a no-go. Arkansas, however, seems to be a little slower on the uptake. 'ROFLMAO' doesn't appear on the state's prohibited list. That doesn't necessarily mean the plate would pass DMV scrutiny should someone request it."
redletterdave writes "According to the 30-count indictment released by the Central District of California, 27-year-old hacker Karen 'Gary' Kazaryan allegedly hacked his way into hundreds of online accounts, using personal information and nude or semi-nude photos of his victims to coerce more than 350 female victims to show him their naked bodies, usually over Skype. By posing as a friend, Kazaryan allegedly tricked these women into stripping for him on camera, capturing more than 3,000 images of these women to blackmail them. Kazaryan was arrested by federal agents on Tuesday; if convicted on all 30 counts, including 15 counts of computer intrusion and 15 counts of aggravated identity theft, Kazaryan could face up to 105 years in federal prison."
An anonymous reader writes with news that the first successful case was brought before the copyright tribunal under NZ's three strikes law. From the article: "The first music pirate stung under new file-sharing laws has been fined $616 but 'didn't realise' the actions were illegal. The Recording Industry Association of New Zealand (RIANZ) — which represents music studios — took an unnamed offender to the Copyright Tribunal last year for sharing songs on the Internet — a track by Barbadian pop-star Rihanna on two occasions and the other by Nashville band Hot Chelle Rae. In a decision released today, the tribunal found in RIANZ's favor and ordered the offender ... to pay a penalty $616.57." Torrent Freak has a slightly different perspective: a lack of evidence and pushback from the tribunal resulted in much smaller fines than the RIANZ wanted.
Lasrick writes "This article starts with an interesting anecdote: 'In 1998, President Bill Clinton read a novel about biological warfare that deeply disturbed him. In fact, the story reportedly kept him up all night. It’s one of the reasons that Clinton became personally invested in protecting the United States from bioterrorism threats. The book was The Cobra Event (Preston, 1998), a sci-fi thriller by journalist and novelist Richard Preston that told of a mad scientist who brewed a lethal, genetically engineered virus in his New York City apartment. Preston’s tale highlighted the potential ease with which individuals or small groups with access to advanced bioweapons capabilities could launch attacks on major US cities.1 After reading The Cobra Event, Clinton called several advisory meetings and ordered classified assessments and simulation exercises to examine the threat depicted in the story. As a result of these deliberations, by the end of his administration Clinton had increased funding for biodefense preparedness efforts fourfold, to more than $400 million per year.' The article goes on to describe the two trajectories of bioweapons threats, and puts them both in perspective. It may or may not calm everyone who's ever spent a sleepless night after reading one of the many bioterrorism novels"
redletterdave writes "Mozilla announced on Tuesday that it has been named the 'Most Trusted Internet Company For Privacy' in 2012, according to a new independent study released by the Ponemon Institute early this morning (PDF). Ponemon Institute surveyed more than 100,000 adult-aged consumers over a 15-week period ending in December 2012; of the 6,704 respondents, representing 25 different industries, Mozilla was ranked the top Internet and social media company. While this is a great achievement for Mozilla, especially considering this was their first year making the list, Mozilla's team took note of the fact that 'Internet and social media' was still the least trustworthy sector out of the 25 total industries listed. 'It means we as an industry all have a lot more work to do,' Mozilla wrote on its blog."
Okian Warrior writes with word that, as of Monday evening, multiple police agencies and the military were "conducting training exercises over Miami and elsewhere in the county. The exercise includes military helicopters firing machine-gun blanks while flying over highways and buildings. This YouTube video shows helicopters strafing highways with blank rounds near the Adrian Arts center. There are reports of similar actions in Houston From the Houston article: 'if you see the helicopters or hear gunfire, it's only a drill.'" Note: this time, it's not in The Onion.
hydrofix writes "On Thursday TorrentFreak broke the story (verified by BBC) that the government of Antigua and Barbuda, a tiny island nation on the Caribbean, was planning to launch a legal 'pirate' website selling movies, music and software without paying a penny to U.S. copyright holders. Now, the World Trade Organization has given its final approval for the Antigua government to launch the website. The decision follows from long-running trade dispute between the countries, related to online gambling, which was ruled in Antigua's favor in 2005. After the United States refused to compensate, the WTO granted Antigua the right to 'suspend' U.S. copyrights for up to $21 million annually." From the article: "The Antiguan government further reiterated today that the term 'piracy' doesn’t apply in this situation, as they are fully authorized to suspend U.S. copyrights. It is a legal remedy that was approved by all WTO members, including the United States."
tukang writes "According to a report in the Massachusetts Lawyers Weekly, State prosecutors had planned to let Swartz off with a warning and Swartz would not have faced any criminal proceedings or prison time had it not been for the decision of Carmen Ortiz's office to intervene and take over the case." Although the CNET article focuses on Aaron Swartz's particular case, the original article calls attention to general abuse of power within the DOJ: "It seems never to have occurred to Ortiz, nor to the career prosecutors in her office in charge of the prosecution, Stephen Heymann and Scott Garland, that there is something wrong with overcharging, and then raising the ante, merely to wring a guilty plea to a dubious statute. Nor does it occur generally to federal prosecutors that there’s something wrong with bringing prosecutions so complex that they are guaranteed to bankrupt all but the wealthiest. These tactics have become so normal within the Department of Justice that few who operate within the bowels of this increasingly corrupt system can even see why it is corrupt. Even most journalists, who are supposedly there to tell truth to power, no longer see what’s wrong and even play cheerleader."
Sparrowvsrevolution writes with news of some particularly insecure security cameras. From the article: "Eighteen brands of security camera digital video recorders are vulnerable to an attack that would allow a hacker to remotely gain control of the devices to watch, copy, delete or alter video streams at will, as well as to use the machines as jumping-off points to access other computers behind a company's firewall, according to tests by two security researchers. And 58,000 of the hackable video boxes, all of which use firmware provided by the Guangdong, China-based firm Ray Sharp, are accessible via the Internet. Early last week a hacker who uses the handle someLuser found that commands sent to a Swann DVR via port 9000 were accepted without any authentication. That trick would allow anyone to retrieve the login credentials for the DVR's web-based control panel. To compound the problem, the DVRs automatically make themselves visible to external connections using a protocol known as Universal Plug And Play, (UPnP) which maps the devices' location to any local router that has UPnP enabled — a common default setting. ...Neither Ray Sharp nor any of the eighteen firms have yet released a firmware fix."
Nerval's Lobster writes "All your Tweets are belong to us... with a court order. Twitter's second transparency report reinforces what many already know: governments want online user data, and to yank select content from the Internet. Twitter's first two transparency reports cover the entirety of 2012, so there's not a deep historical record to mine for insight. Nonetheless, that year's worth of data shows all types of government inquiry—information requests, removal requests, and copyright notices—either on the increase or holding relatively steady. Governments requested user information from Twitter some 1,009 times in the second half of 2012, up slightly from 849 requests in the first half of that year. Content-removal requests spiked from 6 in the first half of 2012 to 42 in the second. Meanwhile, copyright notices declined a bit, from 3378 in the first half of 2012 to 3268 in the second."
snydeq writes "Security pros and government officials warn of a possible cyber 9/11 involving banks, utilities, other companies, or the Internet, InfoWorld reports. 'A cyber war has been brewing for at least the past year, and although you might view this battle as governments going head to head in a shadow fight, security experts say the battleground is shifting from government entities to the private sector, to civilian targets that provide many essential services to U.S. citizens. The cyber war has seen various attacks around the world, with incidents such as Stuxnet, Flame, and Red October garnering attention. Some attacks have been against government systems, but increasingly likely to attack civilian entities. U.S. banks and utilities have already been hit.'"
Frequent contributor Bennett Haselton writes "With the announcement of Verizon's "six strikes plan" for movie pirates (which includes reporting users to the RIAA and MPAA), and content companies continuing to sue users en masse for peer-to-peer downloads, I think it's inevitable that we'll see the rise of p2p software that proxifies your downloads through other users. In this model, you would not only download content from other users, but you also use other users' machines as anonymizing proxies for the downloads, which would make it impossible for third parties to identify the source or destination of the file transfer. This would hopefully put an end to the era of movie studios subpoenaing ISPs for the identities of end users and taking those users to court." Read below for the rest of Bennett's thoughts.