Cybercrime Can Be Reported by Mouse Click in Australia

According to the government program that is expected to be unveiled soon, reporting online crime could be as easy as clicking a mouse. The reports are that the national police information agency called Crimtrac is finishing the scheme dubbed the Australian Cybercrime Online Reporting Network, or Acorn.

The statistics said that cybercrime affects about 5.4 million Australians annually, and the losses incurred amount to $1 billion. It is not a secret that the criminals become more and more sophisticated and increasingly use global networks.

A few days ago, CrimTrac CEO told a parliamentary inquiry that the new Acorn scheme, which is expected to be launched “shortly”, is supposed to complement the work already done by the agency. At the moment, the agency holds, on behalf of all police forces, the national fingerprint and DNA collections, along with an 8.7 million-record police report database and national child offender records.

The Australian Cybercrime Online Reporting Network will enable the Aussie citizens to securely report cybercrime online, via a website form. There are many types of matters that people can report to the agency: suspicious texts, emails or phone calls that may trick them into giving away their personal or banking information, a computer virus attack or even online bullying. The agency will also be possible to report the discovery of unauthorized, banned or “objectionable” material on the Internet.

It will be up to the police to determine which particular matters to investigate. The support with intelligence gathering will be provided with the Australian Crime Commission, while the consideration is also being given to a “tech crime offenders registry”.

The Untouchables Worried about Phones They Can’t Search

The FBI seems to be worried about Apple and Google’s smartphones that can’t be searched. According to James Comey, the Federal Bureau of Investigation director, the agency is “concerned” over Apple and Google marketing smartphones as they cannot be searched by law enforcement. This would force the FBI to investigate criminals like the old days. 

James Comey claimed that both Apple and Google are marketing their products expressly to allow people to place themselves beyond the law. The FBI confirmed that the bureau has contacted both companies to find out “what they’re thinking and why they think it makes sense”.

It is weird that the FBI can’t grasp that the phone makers have moved to encryption following the NSA leaker Edward Snowden’s revelations about mass surveillance from the National Security Agency. For example, Apple announced the enhanced encryption for its new iOS 8, saying that the new operating system makes it impossible for the company to decrypt a locked device – even under the law enforcement request.

Android’s encryption was optional, but it actually works in a similar manner. Google has also announced that in its upcoming Android L release, the encryption will be enabled by default. However, it is clear that the real ability for the tech giants to keep the spooks out of communication is rather limited. Google and Apple store data on the cloud, and the information can be obtained using a court order. The security experts point out that in most cases, encryption can only protect users from individuals trying to snoop in on a stolen or resold device, but the Federal Bureau of Investigation can easily get a warrant for data on anyone’s phone or for data stored in the cloud connected to anyone’s account.

76m Households Suffered from JP Morgan Data Breach

JP Morgan Chase bank, one of the largest financial institutions in the United States, announced last week that a massive computer hack affected the accounts of about 76 million households plus 7 million small businesses. This number of people and businesses suffered made it one of the largest hacks ever discovered.

The bank admitted that the attack lasted for almost a month before it was discovered in the middle of summer. The event was disclosed two months ago, and JP Morgan estimated at the time that about 1 million accounts had been compromised. However, the estimations proved wrong, as it turned out that the attack was much more serious than expected.

JP Morgan pointed out that the financial data didn’t leak, and that there had been no breach of login information, including account or SSNs, passwords or dates of birth. The hackers stole the names, email addresses, addresses and phone numbers of account holders.

Thus far, no unusual customer fraud using the leaked data has been recorded, and the bank clients won’t be liable for unauthorized transactions on their account, if they promptly alerted the bank. The largest bank in the United States by assets is cooperating with the Federal Bureau of Investigation and the American secret service to find the hackers.

This hack, one of the largest ever, occurred after a series of massive data breaches at various American institutions – for example, on Target and Home Depot. The latter has recently confirmed that its payment systems were breached in an attack which affected 56 million payment cards. As for Target, the last year attack has impacted about 40 million payment cards, while compromising the personal details of almost 70 million customers.

Nevertheless, the industry observers point out that the JP Morgan hack is much more serious, because the bank holds far more sensitive data than retailers. A few months ago, media reports accused Russian hackers of hacking JP Morgan and stealing gigabytes of sensitive data.

Apparently, the hack started in June and went unnoticed until July, so the criminals managed to access the accounts of over 90 servers. The suggestions were that the hackers originally entered JP Morgan’s systems after hacking into the computer of one of the bank’s employees. JP Morgan’s stock fell 0.89% in after hours trading following the news.

Google Changes Its Search Algorithm to Fight Piracy Added: Monday, October

Google is going to introduce some changes in its search engine. They are supposed to make sure that some of the piracy services are less likely to appear in the results of searches for music, movies and other copyrighted material.

This is not the first time the search giant was going to change the way it targets piracy. Two years ago Google made the similar promise, which has since proved controversial. Entertainment industries were regularly claiming that Google did not follow through on that promise. Now the company says the results will be noticeable.

Google explained that it has now refined the signal in ways it expects to visibly affect the rankings of some of the illegal websites. However, the tech giant didn’t provide details on which websites were being demoted, or how it will affect their rankings. Apparently, the attribute showing how close to the top of its results a website appears when relevant keywords are searched.

In addition, the company claimed that it has been testing new ad formats which show links to legitimate digital music and video services when such keywords as “download”, “free” and “watch” are used; as well as removing terms from its autocomplete feature in the case when they “return results with many DMCA demoted websites”.

Google provided some statistics, saying that it had received just over 224 million takedown requests for search results last year, and the average time spent on dealing with them was less than 6 hours. The tech giant ultimately removed 222 million links, which means that only less than 1% was rejected or reinstated after review for various reasons: for example, because the company needed additional information, was unable to find the page, or came to a conclusion that the content was not infringing.

This was all about individual links to infringing content, but the latest change to Google’s search algorithm will focus on entire websites. The ones most likely to be affected are mentioned in Google’s online transparency report. The company ranked websites by the number of takedowns received: RapidGator, 4Shared and Dilandau were the most often mentioned last year – each of them accounted for over 7 million DMCA notices.

The BPI appeared the most active takedown-sender last year, submitting over 43 million notices to Google. The British anti-piracy outfit admitted that it would like to see other search engines, including Bing and Yahoo, follow the suit. The BPI is also pressing for Google to delist entirely websites that have been ruled against the law by the courts. They include portals blocked by British Internet service providers: The Pirate Bay, Kickass Torrents, H33T, Fenopy, and another 21 websites. However, Google may push back against this pressure from the British outfit, claiming that it would be inappropriate to remove entire websites instead of certain links.

Finally, the BPI demands Google to be faster at removing “pirate applications” from Android’s Google Play store.

Amazon Will Open Physical Store?

The online retailer is going to open its first physical store for Manhattan (perhaps temporarily) ahead of the holiday shopping season. According to the publication in the Wall Street Journal from a few days ago, the largest e-commerce retailer in the United States will set up a store in Manhattan for the holiday shopping season. The journal cited anonymous sources close to the company and familiar with the matter.

Amazon didn’t comment on the issue, so it remains unclear whether the store will be permanent or open just for a holiday. According to the article, the store could act as Amazon warehouse and a showcase for inventory.

It is known that the giant online retailer has never opened brick-and-mortar stores. However, the company has installed pick-up lockers in the largest cities. The company was seen investing huge money in the rapid fulfillment of orders. For example, Amazon added 6 new distribution centers and 15 sorting centers ahead of the holiday season. At the moment, company operates forty total distribution centers in the United States.

Despite the article in the Wall Street Journal, Seattle-based Amazon claimed that it has made no announcements about a new location in Manhattan.

The Natural and Beautiful Tension Between Innovation and Standards

On the one hand, standards can drive an entire industry forward on a common basis and offer market economies of scale. Where would we be without common standards on the web or agreed audio andvideo standards or dedicated slices of spectrum that can be used globally with our mobile phones?

Standards are like four lane motorways down which lots of users can drive and benefit. Of course, before that motorway is built, someone has to do the initial trailblazing. But after the motorway is built, how do we keep innovation thriving and leverage an existing foundation to develop a new generation of standards from which we can all benefit? How do we find the balance between, on the one hand, stability and, on the other hand, constant innovation?

The answer may be found in a 45 year old biological theory that may offer a paradigm helping us to understand the symbiotic interplay of standards and innovation. The theories are from the biologist Stuart Kauffman who has studied the origin of life and behaviour of molecular self-organization. Kauffman argues that complex systems spontaneously self-organize into entities that are far more than the sum of their parts (which is also a key topic in the emerging discipline of network science).

Specifically, Kaufman argues that biological and other types of networks tend to both self-organize and attempt to expand into what he calls “the adjacent possible” to increase the diversity of what can happen next. He notes that if they try to expand too fast, they destroy their own internal organization. And if they try too slowly, they fail to adapt. In other words, there may be a natural law that this expansion happens only as fast as they can get away with it.

How does this relate to standards? Well, if Kaufmann’s law of the adjacent possible is a reasonable paradigm to accept, it makes it easier to understand that there can be little innovation without standards nor can there be standards without innovation. Standards and innovation are intertwined in a symbiotic relationship. The trick is figuring out how to innovateas fast as we can get away with it.

On that topic, the ITU Telecommunication Standardization Sector (ITU-T) recently  created a Focus Group entitled Bridging the Gap: From Innovation to Standards. I’m sure they’ll be exploring some of these issues at their first meeting to be held 19-21 March 2012 at ITU. The meeting includes a workshop on ICT Innovations, particularly as it relates to what is happening in developing countries. It’s an open workshop so do consider participating and hear about some of the amazing innovations taking place in developing countries in the ICT space.

Google Offers Encyclopedia Entries in Search Results

Recent update places results pulled from the company’s Knowledge Graph under small popup panels next to search results. Knowledge Graph is Goggle’s database which contains encyclopedia entries on over 570 million concepts, relationships, facts and figures.

Google’s software engineers announced they strive to help users learn more about the websites they see in search results, and therefore now everyone can see more information about them directly on the results page. You can access the panels through a small clickable link located on the 2nd line of applicable search results.

Although Google believes this update is likely to enhance search for users, it can cause problems for those website owners who appear in search results with the added data panels. The matter is that such popup will add up to 3 more links to the search result which don’t lead to your website. In case this becomes a popular feature with the Internet users, it could lead some to click away from the actual site that is included in the initial search results.

Nevertheless, Google has already started this small trial, and is planning to continue expanding the number of websites which bring search results with Knowledge Graph entries included. The latest update is based on the largest change to the search algorithm the company had made in 3 years (“Hummingbird”). The latter focused on Knowledge Graph and natural language interpretation to make the core search better at answering longer, more complex and spoken queries.

US Accused Russia of Spying

After it became known that the United States has been spying on everyone in the world, it looks like the country feels the need to warn the world that the Russians are doing the same thing. One of the American cyber security companies said that it has collected evidence that the Russian government spied on American, European and Asian companies.

This is the first time Russia has been linked to cyber attacks for alleged economic gains. Maybe they finally run out of money with their Sochi Olympics? Cybersecurity experts made a statement that the victims of Russian spying included energy and technology companies, some of which have lost valuable intellectual property. The experts claimed that the cyber attacks have been motivated by the Russian government’s interest in helping domestic industries in key areas of national importance.

Actually, governments have been electronically spying on each other for over three decades under surveillance programs conducted by almost every nation. But it is only in the last ten years that some countries have started using online espionage for gaining information to help promote their own economic interests.

The US cyber security firm pointed out that the snooping has been carried out by Russian group of hackers known as “Energetic Bear” for 2 years already. The experts think that it is the Russian government behind the campaign, due to some technical indicators and analysis of the targets chosen and the information stolen. They admitted that the Russians copied the Chinese play book, as cyber espionage is very lucrative for economic benefit to a country.

Almost 1/3 of the World Care about Online Privacy

This significant uptake in anonymity tools must be explained by the gathering crisis of trust around consumer online services along with the fallout from Edward Snowden’s revelations. Netizens continue their battle with censorship and efforts to assert their right to web privacy.

56% of Internet users around the world feel that the worldwide web is eroding their personal privacy, with 415 million people or 28% of the entire online population using privacy tools to disguise their identity or location. 11% of Internet users prefer Tor, recognized as the most high profile for anonymizing access to the web. It means that Tor could be regularly used by over 45 million people, mostly in Indonesia (21% of users), Vietnam (18%) and India (15%).

By the way, Indonesia showed the highest penetration of general anonymity instruments among its citizens: 42% of them use proxy servers or VPNs. They are followed by 34% of the Chinese, hiding from 2 million of “Internet analysts” hired by the local government to block “inappropriate” content. 60% of people using VPN or proxies say they want to access YouTube, and 55% say they want to access Facebook and Twitter. This means that China’s Facebook and Twitter userbase could be much larger than first thought. For example, China’s VPN-using audience alone could account for 160 million people, most of whom are incorrectly identified as located somewhere in the US. In the meantime, the location of IP address is normally used to deliver relevant regional advertising and offer version of the site in the local language.

VPN is used by 38% of the online population in Vietnam, 36% in Brazil and Thailand, 34% in Mexico, India and China, 32% in the UAE and Argentina, 17% in the US, UK, Germany and Ireland, and 5% in Japan.

It should also be noted that the recent research underscores the shift from text messaging to mobile messaging clients like WeChat, with 20% of its users being in China. Facebook remains the most popular social network with 1.1 billion active users, and the company’s $1bn acquisition of Instagram proved a sound bet. The most common activity on Facebook includes sharing content, instant messaging and comments. Finally, MySpace languishes at the bottom of the charts, because it hasn’t integrated sharing with other networks.

Speech Recognition Feature in Chrome Exploited by Spies

Cyber attackers have found a way to use the speech recognition feature in Chrome to spy on ordinary users of the worldwide web. They managed to switch on a microphone using bugs in the Google Chrome browser. The exploit was discovered by one of the developers, who found it when working on a popular JavaScript Speech Recognition library. This allowed the developer to find many bugs in the browser and to come up with an exploit which combines all.

The developer was quick to report the exploit to Google’s security team in private back in September 2013. In less than a week, Google’s engineers have found the bugs, suggested fixes, and in the next five days a patch was ready. By the way, the developer’s find was nominated for Chromium’s Reward Panel.

The strange thing was that as time passed, the fix wasn’t released. When asked why, Google’s team answered that there was an ongoing discussion within the Standards group, to agree on the best course of action. In other words, the company couldn’t decide what to do, though there were not many options.

It’s 2014 already, but Google is still waiting for the Standards group to agree on the correct behavior, while leaving Chrome browser vulnerable. Indeed, all it takes is a user to visit a website exploiting speech recognition to offer some interesting new functionality.