How NSA Spied on Americans

Recent media reports released a few top secret documents about how the US National Security Agency illegally spied on its citizens, thousands of times per year. It turned out that most of the May 2012 audit was a catalogue of cock-ups where the agency collected information by accident, blaming analyst and programming errors. However, in one situation the phone records of over 3,000 American citizens were collected despite the fact that the agency had been ordered to erase them by a surveillance court.

Overall, the audit reported 2,776 cases where the National Security Agency violated its own privacy rules. In one case, the spooks confused the US area code (202) with the international dialing code for Egypt and snooped on domestic US phone calls. In another situation, the agency mixed domestic and foreign emails collected from tapping into a fibre-optic cable passing through the country. The NSA wanted to store the emails and claimed to the Foreign Intelligence Surveillance Court that they simply couldn’t filter out which emails belonged to the US citizens. In response, the court ruled that the email collection effort must stop, because it was “deficient on statutory and constitutional grounds”.

The audit in question appears to have been provided to the mass media several months ago by famous Edward Snowden and was initially supposed to be seen by the NSA’s top brass and no politicians ever saw it. Although Snowden made promises to not reveal any secrets while he is staying in Russia, more information of what he had passed to the media earlier is expected to be released soon. It is known that Glenn Greenwald, the Guardian reporter who has published the most NSA secrets based on Edward’s leaks, keeps working on a pile of them. According to his tweets, he will be releasing more data soon.

Book about Hacking Collectives Released

The security forces all over the globe have been desperately trying to reveal the identities of LulzSec and Anonymous hackers, while journalist Parmy Olson obtained extraordinary access to the hacking groups and wrote a book.

Everyone remembers how in 2010 a new global superpower emerged, which was acting in unorthodox ways, was unaccountable and yet of the people – nameless, faceless and Anonymous. The group was created online and acted most decisively and effectively when it saw threats to the Internet itself. For example, its most successful operations were carried out after infamous WikiLeaks released the embassy cables and lots all sources of funding because major payment systems refused to take donations on its behalf under the pressure of the government.

You can learn from Parmy Olson, a reporter with Forbes and the author of “We Are Anonymous”, that it was WikiLeaks attacks that turned Anonymous political. Olson managed to create a clear, coherent narrative from lots of confusing detail, tracing Anonymous’ origins to the 4Chan site. Her book details the chronology of the group’s evolution, although everyone, including the media, police and even the hackers themselves, had their own opinions of what it really was.

The book also mentions LulzSec, a small group of talented hackers and activists, recognized as the most wanted cyber-criminals in the world, who easily hacked the CIA and the British Serious Organized Crime Agency. Good sense of humor they had – after PBS criticized WikiLeaks, LulzSec hacked into its server and published a story claiming that Tupac Shakur had been found alive and well in New Zealand. In addition, the hackers took down the Sun’s front page to replace it with another, saying that Rupert Murdoch had died in his famous topiary garden.

Everything is described in the book, which was written a year ago, as the author befriended the key members of the group before their identities were disclosed by the authorities. As you know, the FBI picked up one of the band members and turned him into an informer, and then the arrests followed. The review, posted by the Guardian, admits that “We Are Anonymous” has only one substantive flaw, which is even not the author’s fault – it is at the moment out of date because of the numerous legal issues surrounding the trials – so it contains no updates on the sentencing and nothing on the significance of the PRISM leaks by Snowden.

Software Defined Networking

New Networking technology which opening up inner resource to upper Application，supporting software programmable control

SDN’s key features

Separation of control plane and data plane

make  SDN-based infrastructure networks more flexible, intelligent and adaptive to changes.

Network resource openness

enable infrastructure network providers to make new revenue through opening their networks to third party service providers in a win-win collaboration.

Decoupling of hardware and software

make it much easier to introduce new technologies to infrastructure networks and make network equipment more affordable to help boost the widespread  deployment of broadband networks.

 

Is this the happiest flower in the world ;~)

Is this the happiest flower in the world? Ophrys apifera is a hardy species of orchid found commonly in the Mediterranean region. Referring to that dark red monobrow it has there, 'Ophrys' derives from the Greek word 'ophrys', meaning "eyebrow", while the Latin word 'apifera' refers to the bee-shaped lip. For this reason, the flower is often called the bee orchid.

Oracle CEO Supported NSA Spying

Oracle Chief Executive Officer Larry Ellison was seen expressing the enthusiastic support for the NSA’s global surveillance of the worldwide web and everyone on it. Ellison claimed that some things said about the NSA were misleading – for example, information was already being collected long before the agency was seeing it. Moreover, such organizations as credit card companies had all this information long before the National Security Agency.

However, it is obvious that there is some difference between a credit card company building a file on its customer and the most powerful government of the world potentially keeping records on everyone. For instance, credit card companies normally have no power to arrest people and lock them up in solitary for a lifetime. The critics also can’t think of a single time a failed card application confiscated someone’s passport.

Larry Ellison claimed that he has never heard of data being misused by the government. Perhaps, he has never heard of the Foreign Intelligence Surveillance Court, where the Fourth Amendment protections of a US citizen were violated at least once. Via collusion with other allies, including the UK, the US can get around irritating technicalities like Amendment protections – as such, in all likelihood it was many more.

In the meanwhile, the NSA is not transparent at all, and most details about the spying programs are classified for “national security” and therefore would have never been revealed if not for Edward Snowden. Still, Larry Ellison believes that surveillance is essential, citing the need to minimize terror attacks like in Boston. He misses the fact that the blanket surveillance of citizens failed to stop that tragedy from happening, with the FBI admitting that snooping couldn’t have flagged the Boston bombers.

Although Ellison admitted he was a bit concerned about the possibility of the technology being used for political targeting rather than terrorism, he insisted that the government would never do so. Perhaps, he is so supportive of the spying program simply because Oracle is a top tech supplier for the NSA. Aside from the NSA, the company also solicits other defense contracts and recently signed a $680 million deal with the Defense Information Systems Agency, for example.

জাকারবার্গের ফেইসবুক অ্যাকাউন্ট ‘হ্যাকড’

• 

সোশাল নেটওয়ার্ক জায়ান্ট ফেইসবুকের সিইও মার্ক জাকারবার্গের ফেইসবুক অ্যাকাউন্ট হ্যাক করা হয়েছে। সম্প্রতি দৈনিক পত্রিকা টাইমস অফ ইন্ডিয়া এক প্রতিবেদনে জানিয়েছে, খলিল নামের একজন ফিলিস্তিনি ‘হোয়াইট হ্যাট হ্যাকার’ এ কাজটি করেছে।

     

সাধারণত হোয়াইট হ্যাকাররা কোনো সাইটের নিরাপত্তা ত্রæটি খুঁজে বের করে তা কর্তৃপক্ষকে জানায়। খলিলও ফেইসবুকে একটি ত্রুটি আবিষ্কার করে। এ ত্রুটির সুযোগ নিয়ে হ্যাকাররা যে কোনো ব্যক্তির ফেইসবুক ওয়ালে লেখা বা কন্টেন্ট পোস্ট করতে পারবে। খলিল বিষয়টি ফেইসবুক কর্তৃপক্ষকে জানালেও তারা বিষয়টি আমলে নেয়নি।

পরে খলিল এ ত্রুটির সুযোগ নিয়ে স্বয়ং জাকারবার্গের ফেইসবুক ওয়ালে পোস্ট করে।

খলিল জানিয়েছেন, তিনি এভাবে হ্যাক করার জন্য আন্তরিকভাবে দুঃখিত। কিন্তু ফেইসবুক কর্তৃপক্ষের কাছে বিষয়টি প্রমাণ করতেই তাকে এ পথ অবলম্বন করতে হয়েছে।

ফেইসবুক অবশেষে এ নিরাপত্তা ত্রুটি সংশোধন করেছে বলে জানিয়েছে টাইমস অফ ইন্ডিয়া।

৪৪ মিনিটে ইন্টারনেট স্ক্যান

• 

কিছুদিন আগ পর্যন্ত সম্পূর্ণ ইন্টারনেট স্ক্যান করতে প্রচুর সময় ব্যয় হত। কিন্তু নতুন এক প্রযুক্তির সাহায্যে এখন মাত্র ৪৪ মিনিটেই স্ক্যান করা যাবে সম্পূর্ণ ইন্টারনেট। সংবাদমাধ্যম ওয়াশিংটন পোস্ট এক প্রতিবেদনে জানিয়েছে, ইউনিভার্সিটি অফ মিশিগানের গবেষকরা জেডম্যাপ নামের নতুন প্রযুক্তির এ টুলটি তৈরি করেছেন।

     

এর আগে ইন্টারনেট স্ক্যানে ব্যবহৃত হত এনম্যাপ। কিন্তু ইন্টারনেটে কোটি কোটি অ্যাড্রেস থাকায় কাজটি করতে অনেক সময় লাগত।

উদাহরণ হিসেবে বলা যায়, ইলেকট্রনিক ফ্রন্টিয়ার ফাউন্ডেশন ২০১০ সালে একবার ইন্টারনেট স্ক্যান করেছিল। স্ক্যানের সম্পূর্ণ প্রক্রিয়াটিতে তাদের সময় লেগেছিল প্রায় তিন মাস।

সম্প্রতি গবেষকরা ইউসনিক্স সিকিউরিটি কনফারেন্সে জেডম্যাপ বিষয়ে আনুষ্ঠানিক ঘোষণা দেন এবং টুলটি প্রদর্শন করেন। অনুষ্ঠানটিতে তারা জেডম্যাপ টুলটি দিয়ে একটি সাধারণ সার্ভারের সাহায্যে সব ইন্টারনেট অ্যাড্রেস মাত্র ৪৪ মিনিটে স্ক্যান করে দেখান। গবেষকরা জানিয়েছেন, জেডম্যাপের কার্যক্ষমতা এনম্যাপের চেয়ে প্রায় এক হাজার গুণ বেশি।

TOR Recommended to Stay Away from Windows

TOR is warning Internet users to abandon Windows after it was revealed that American spooks were spreading malware on the popular anonymizing network exploiting Firefox zero-day vulnerability. The latter allowed the FBI to use JavaScript code in order to harvest crucial identifying data on PCs visiting some services using The Onion Router network.

TOR developers suggest users to simply switch away from Windows. The matter is that the malicious Javascript which exploited zero-day vulnerability was created to target Windows PCs running Firefox 17 ESR, a version customized to view websites through TOR.

In the meantime, people using Linux and OS X remained unaffected. Although there’s nothing to stop the spooks writing a version of the code targeting Linux and OS X, it is still less likely to happen. It seems that the fake Javascript was planted on services where the attacker was interested to see who visited. It collected the hostname and MAC address of a user’s PC and sent it to a remote computer. This exploit was targeted specifically to unmask people using Tor Browser Bundle without really installing any backdoors on their host.

The TOR developers also recommended peoples to turn off Javascript by clicking the blue "S" by the green onion within the TOR browser. They explained that disabling JavaScript may reduce users’ vulnerability to other attacks similar to the last one. However, disabling JavaScript would make some online services not work like users expect. A future version of the browser will have an easier interface to allow people to configure their JavaScript settings. Although Mozilla has already patched the hole in Firefox, some users may still be using the earlier versions of the TOR Browser Bundle.

EFF Claimed War on Patent Trolls

The Electronic Frontier Foundation has recently issued a statement, saying that it was leading a group of entities and law schools to start a new online resource called Trolling Effects. The idea is to crowdsource information, including demand letters, in order to help people fight patent trolls.


According to EFF activist Adi Kamdar, patent trolls should no longer manage to hide under a cloak of legal darkness. The new service is expected to shine a light on entities which abuse the patent system to shake down innovators. The problem is that patent trolls use the threat of expensive and lengthy patent litigation in order to extort settlements from innovators of any size. However, most of these threats never evolve into lawsuits, so most of the threatening letters never show up in public dockets.
The new service is going to provide transparency and allow recipients of demand letters to publish the documents on the Internet, find letters received by other victims, and find out who is really behind the threats. The website also offers comprehensive guides to the patent system as well as a blueprint for patent reform. The third parties, including journalists, academics, and policy makers, may also find the website a very useful resource for researching the patent system.
EFF confirms that there was a difference between a company which asserts their patents in attempt to protect a product and a company which does this solely to extort money via threats of litigation. There is always a chance that the claim you have received is fully legitimate, so Trolling Effects can come in handy – users will be able to search its database by sender or patent number in order to find out whether there have been any claims similar to theirs. At the moment, trolls tend to distribute their patents among a network of shell companies to make it hard to track who owns what.

No Google Glass behind the Wheel in Britain

Unsurprisingly, the UK Department of Transport revealed that it favors a ban on Google Glass behind the wheel. Its representative claimed that drivers need to give their full attention to the road, so they can’t behave in a way which may stop them from observing what is happening on the road.

The UK Department of Transport is aware of the impending rollout of Google Glass and is currently in discussion with the police forces to make sure that people don’t use it while driving. The authority views Google Glass as something from the category of “careless or distracted driving”.

In the meantime, lawmakers across the pond are pondering the same problem. Nevertheless, since the United States cares about personal freedoms, banning normally doesn’t go down well with the public, particularly in parts of the country where you are able to purchase a confederate flag at any petrol station.

In response, Google told that it’s just “early days” for Google Glass and that there are careful thoughts about how to design the technology, because it keeps raising new issues. However, it is doubtful that looking at what’s in front of the car while driving can be regarded as a “new issue”.

Google used to say that Google Glass and driving isn’t a dangerous combination, because there are possibilities that developers could come up with applications that help drivers rather than distract them. For example, head-up displays have been in fighter jets for many years now and they are also offered as pricey options in some high-end cars. It’s only up to drivers how to use the technology – to get directions or tweet about the weather while driving.