Hackers May Use Home Routers for DDoS Attacks

According to security experts, the well-known hacking group Lizard Squad may have been using hacked home routers in order to run its LizardStresser service. The latter helps launch DDoS attacks to take online portals offline. The hackers started their LizardStresser a few weeks ago, shortly after their own attacks affected Sony’s PlayStation Network and Microsoft’s Xbox Live services over Christmas.

The LizardStresser online service charges anyone between $6 and $500 to start their own attacks against any websites and services they want. The high-profile console attacks work as a large marketing scheme for the hackers’ commercial ambitions.

The industry experts believe that LizardStresser can run because many Internet users don’t change their default passwords on home routers. Apparently, the service draws on the bandwidth from the cracked home routers all over the world, because many of them are not protected by anything else except for factory-default usernames and passwords.

The security researchers point out that the malware used by the hackers with the purpose to build its network of “stresser bots” has been operating for about a year now, and is able to affect commercial routers at educational institutions and businesses, let alone households.

In the meantime, the security experts point out that aside from turning the infected host into attack zombies, the malware uses the infected system to scan the web for other devices that could allow access through the default credentials, like “admin/admin” or “login/password”. In other words, all infected hosts keep trying to spread the malware to other home Internet routers and other devices that are able to accept incoming connections (through telnet) with default settings.

A group of the researchers who desired to remain unnamed is currently cooperating with the law enforcement officials and Internet service providers in order to help take infected systems down. Their ultimate goal is to disrupt the LizardStresser botnet entirely.

While they are on their way to achieve their goal, all Internet users are recommended to make sure they changed the default credentials on their home broadband router, such as the username and password. In addition, it will appear useful to also encrypt the connection in case of using a wireless router.

Transatlantic Cyber War Games Are to Start Soon

The UK and US intelligence agencies are going to conduct transatlantic cyber “war games” in order to test their resilience to the global cyber attacks. The heads of the two countries have started negotiations on the topic and will announce that a simulated attack will target banks in the City of London and Wall Street later in 2015.

The simulated “war game” against the financial sector will be carried out with the help of specialists of the Bank of England and other financial institutions and coordinated by a new joint “cyber-cell” of the two countries. The latter will be created by agents from GCHQ and MI5 on the UK side and the NSA and the FBI on the US side.

The US and UK leaders do not underestimate the threat of Islamist extremists in Syria, Iraq and in Europe and the dangers represented by cyber-warfare. Obama pointed to the “urgent and growing danger” posed by cyber attacks, and the example was a recent attack on 

Sony

 Pictures. Previously, the president spoke of the need for a “shared mission” with the participation of the government and the private sector. Considering that most of the “critical infrastructure” of the United States is owned by the private sector and runs on networks connected to the Internet, the conclusion can be made that neither the government nor the private sector can defend the nation alone.

Cooperation between the US and the UK is supposed to pool their effort and allow them stay one step ahead of those who seek to attack. The heads of the states believe that the joint exercises and training of the next generation of cyber experts may ensure that the countries have the capability required to protect critical sectors like energy, transport and financial infrastructure from the potential threats.

In the meantime, David Cameron has some questions to ask Obama and will apparently press him to influence the tech giants, including 

Facebook

 and Twitter, to intensify their efforts in cooperating with the intelligence agencies, which want to monitor the communications of suspected terrorists. David Cameron has announced his plans a few days ago to build a stronger legal framework that would allow intelligence agencies to break into encrypted communications of the suspects, but he needs support of the US-based companies, including the largest social media websites.

New Design Google Glass is arriving soon

আলোচিত ‘গুগল গ্লাস’ প্রকল্প নিয়ে আবারও মাঠে নামছে ওয়েবজায়ান্ট গুগল। তবে এবার পুরো ডিভাইস ডিজাইন করা হবে নতুন করে। প্রকল্পের নেতৃত্ব দেবেন টনি ফ্যাডেল।

মার্কিন টেক জায়ান্ট অ্যাপলের সাবেক সিনিয়র ভাইস প্রেসিডেন্ট ও আইপড বিভাগের প্রধান টনি ফ্যাডেলের নেতৃত্বে ‘গুগল গ্লাস’ একেবারে নতুন করে ডিজাইন করা হচ্ছে বলে জানিয়েছে মার্কিন দৈনিক নিউ ইয়র্ক টাইমস।

গুগল গ্লাসের প্রথম সংস্করণটির বিক্রি ও নির্মাণ বন্ধ করে দেওয়া হয়েছে জানুয়ারি মাসে। এবার পুরো নির্মাণকাজ সম্পূর্ণ হওয়ার পরই বাজারজাত করা হবে ওই স্মার্টগ্লাস।

২০১১ সালে উন্মোচন করা হলেও ‘গুগল গ্লাস’ প্রযুক্তি জগতে আলোড়ন সৃষ্টি করে ২০১২ সালের মাঝামাঝি সময়ে। ডেভেলপার্স কনফারেন্সে স্মার্টগ্লাসটির সম্ভাব্য কার্যক্ষমতার প্রদর্শনী করে ডেভেলপার আর প্রযুক্তিভক্ত উভয় পক্ষের কাছ থেকেই ইতিবাচক সাড়া পেয়েছিল গুগল।

ডিভাইসটির দুর্বল পারফর্মেন্স আর সম্ভাব্য নেতিবাচক প্রভাব নিয়ে ব্যাপক সমালোচনার মুখে মূল নির্মাতাদের অনেকেই প্রকল্পটি ত্যাগ করেন বলে জানিয়েছে নিউ ইয়র্ক টাইমস। তবে টনি ফ্যাডেল প্রকল্পটির হাল ধরায় আবারও আলোচনায় ফিরেছে ডিভাইসটি। প্রযুক্তিপণ্যের বাজারে ‘ফাদার অফ আইপড’ নামেই বেশি পরিচিত তিনি।

অ্যাপল ছাড়ার পর থার্মোস্ট্যাট নির্মাতা প্রতিষ্ঠান নেস্ট ল্যাবস প্রতিষ্ঠা করেন ফ্যাডেল। গুগল ২০১৪ সালের জানুয়ারি মাসে নেস্ট ল্যাবস কিনে নেওয়ার ফলে গুগলে যোগ দেন তিনি।

370 Russian Bloggers Registered Under New Law

Back in 2014, Russia enforced a new “bloggers” law, which requires bloggers and social media users who have over 3,000 daily visitors to register with the government. As a result, Intel had shut down its Russian forums and blogs. Despite the fact that the law was enforced quite a lot of time ago, only less than 370 blogs and social media accounts have currently registered.

When asked why bloggers would want to register, Russian authorities claimed that registering could help attract more advertising dollars. In the meantime, the blogger law is intended to improve the quality of Russian blogging, by lowering the amount of profanity, unverified information, and libel. However, the critics believe that the law is aimed at silencing criticism.

Another interesting fact is that 3 of the 370 blogs on the registry contain the word “fuck” in their names: one of them is the community “Fuckbet,” a sports analysis website, another is “Fuck_Humor”, a group specializing in amusing memes.

Back in 2014, Russian officials threatened to block social networks like Twitter and 

Facebook

 for not cooperating with the new registry plans. The most hilarious move of the authorities was the following: since Twitter fails to cooperate on the registry requirement, Russian Twitter users were asked to post screenshots of their analytics page to show that they're getting too many visitors. This doesn’t seem to help, because the 10 Twitter users who are currently on the blogger registry are pro-Kremlin media figures and Internet celebrities.

At the moment, it remains unknown what Russia will do with bloggers who have failed to register. Anyway, the bloggers law is still concerning for supporters of free speech.

Silk Road Trial Started

Ross William Ulbricht is accused of murder-for-hire, with the Silk Road trial finally starting for a San Francisco man charged with operating an Internet black market where drugs were traded.

US district judge overruled defense objections, concluding that prosecutors could provide evidence about 6 murder plots into the trial. In respond, prosecutors claim that Ulbricht operated an underground online portal known as Silk Road, where over 100,000 customers purchased hundreds of kilograms of cocaine, heroin and other drugs. Ross Ulbricht has pleaded not guilty and denies that he was known as “Dread Pirate Roberts” online.

The government alleges that Ross Ulbricht tried to protect his illegal business by asking others to kill people who posed a threat to the Silk Road. The judge admitted that the evidence was prejudicial to the defendant and injects an element of violence into the case, but that prejudicial effect was reduced by the government’s stipulation that no actual murders happened.

In the meantime, the judge added that the charges in the case were very serious, because Ross Ulbricht was charged not with just taking part in drug distribution conspiracy, but with creating and running an Internet criminal entity of a huge scale, which could bring him tens of millions of dollars in fees. This means that evidence that Ross was trying to protect this sprawling business by soliciting murders-for-hire is therefore not unduly prejudicial.

Silk Road operator was arrested by FBI more than a year ago at a public library, where agents seized his computer. According to the government, Ross launched an online black market four years ago, claiming that he wanted to design a place for people to buy anything anonymously. The government pointed out that a spreadsheet found on Ulbricht’s computer listed “sr inc” as an asset worth $104 million.

Ross William Ulbricht was charged in Manhattan with conspiring to commit drugs trafficking, as well as with conspiring to commit computer hacking and money laundering. The prosecution claims that this scheme has been working for two and a half years. Ulbricht is also charged in federal court in Baltimore.

The industry observers admit that if convicted in both cases, Ross could face up to life sentence.

Internet in Australia Gets Slower

Australia was supposed to develop its broadband infrastructure further, along with other developed nations, but the country somehow found itself dropping well in terms of Internet speeds.

The country’s average connection speeds is only on the 44 place, down 4 lines from the 2013 report which estimated online connection speeds and broadband uptake worldwide. Some believe that the drop-off is the result of delay, indecision and policy change on the national broadband network, which is the fibre optic network implemented nationally. The observers complain that each policy change with respect to the national broadband network resulted in a 2-year delay in infrastructure being rolled out.

With the Labor government, the initial intention was to create a fibre-to-the-node network, but then the plans changed to fibre-to-the-premise broadband. Since the national network couldn’t use Telstra’s copper network, it had to build its own network, and this could take another four years. However, when the country had a change of government, the approach to Internet also changed to the initial plan.

In the meantime, the creators of the national network and the government also face pressure from the United States that pushes to change the definition of broadband. The definition of broadband Internet was suggested to change from 4Mbps download and 1Mbps upload to 25Mbps down and 3Mbps up. This change would raise more doubts if the network is not engineered correctly.

To help Australia to move its broadband rankings to at least the top 10, the country needs to get on and do it, because any more delay would have just the opposite effect. In the meantime, many industry observers are critical of the initial approach, saying that copper could slow broadband connection speeds by up to 50%.

Google Received 345m Takedown Notices in 2014

The tech giant was required to take down 345 million links to copyrighted material last year, which is almost double the amount requested the year before. Over 17% of those requests came from the British Phonographic Industry (BPI), the collective body for the British music business – this entity submitted over 60 million notices.

According to the media reports, most of those notices were honored, and the requested links have been removed from Google’s search results. But not in all cases – sometimes Google takes no action if it decides that the links do not lead to any copyright infringement or they have already been taken down.

According to the statistics, most takedown notices were provided for three domains: rapidgator.net, 4shared.com, and uploaded.net – each of them accounted for over 5 million requests.

Google admitted that online piracy still remains a challenge, and the company takes it seriously, developing and deploying anti-piracy solutions. In response, the BPI claims that when people search for music or video, they should get legal results and nothing else. The agency insists that Google’s efforts should guide more consumers to such legitimate services as Spotify, Deezer and iTunes, not to fraudulent torrent or hosting services. In this case, such efforts would represent a step forward for musicians, labels and other content creators. This is why the British Phonographic Industry will continue negotiations with the search engines and government to make sure such measures bring result. However, the anti-piracy outfit recognized that Google does realize the need to take further action.

Apparently, the entertainment industry believes that Google goes not far enough, because it refuses to automatically delist such illegal services as The Pirate Bay.

Netflix Can’t Block VPN Users

Apparently, Netflix appeared to have hefty financial incentive not to block members using VPN services. The matter is that over 30 million of its subscribers live in countries where Netflix is actually unavailable if not for the use of location-masking software. This is how many people have to opt for the technological loophole in order to watch material not licensed for their country.

According to statistics, the streaming video provider has over 20m users in China alone, although Netflix has not yet launched in that country. This means that all those users have to connect via VPNs. However, not every Netflix “user” is a subscriber to the service, because many people watch it at a friend’s house or share a username with others. A few months ago, Netflix had 16 million international members, which is far less than the total number of users of the service. Anyway, the service won’t block considerable levels of traffic coming from outside their official countries, as it still earns money from it.

And Netflix has already denied the claims that it has changed its policy on VPN, though it can’t officially welcome VPN users either, because its fraught relationship with content providers hinges on them enforcing international restrictions. People who had troubles with accessing the service via VPNs were told that nothing has changed in Netflix policy.

In the meantime, the recent hack of the Sony Pictures movie studio showed just how much Hollywood studios care about VPN usage, because emails from 2013 showed a Sony executive complaining that Netflix fails to closely monitor where some of its subscribers are registering from. Beside, Netflix was accused of taking no steps to tackle circumvention websites that allow users to subscribe illegally. Australia and South Africa were mentioned as countries with high Netflix penetration despite absence of legal Netflix services. The statistics show that 5% of online users in those nations used Netflix in December 2014.

It is believed that accessing better entertainment content is the most common reason for using virtual private networks. Besides, accessing social networks is big in such regions as China. Finally, quite a lot of people use them to hide their identity, especially in France, Germany and the United Kingdom.

iOS Developers Criticized Apple

The new app of the digital rights group EFF was released only for Android smartphones, because its developers criticized the terms of Apple’s developer agreement. The Alerts app of the Electronic Frontier Foundation will show news on its campaigns and encourage users to take action by sharing it online or emailing politicians.

The EFF developers claimed they could not agree to the outrageous terms in Apple’s Developer Agreement and the company’s DRM requirements, as they are bad for developers and users alike.

For example, the EFF disagrees with Apple’s bar on app makers making public statements about the terms, its ban on reverse engineering and the fact that Apple must approve any releases and can remotely disable applications. What the EFF didn’t like most was the requirement to include digital rights management in its iPhone app. Apparently, most of developers just have to sign the agreement because the Apple App store is a huge market and can hardly be ignored.

At the moment, Apple has over 9 million registered developers for its Mac and iOS platforms and 1.3m apps available on iOS’ App Store. The iOS developers have earned over $20bn so far, with iOS users spending over $10bn on apps and in-app purchases in 2013 alone. But now Apple faces more public criticism of its policies, with the iOS developers pointing to “the rapid decline of Apple’s software”.

In the meantime, other developers went public over approval issues with features in their iOS applications, sparking wider discussion about how the tech giant enforces its App Store policies. Apparently, the EFF continues this debate, being keen to pinpoint the individual clauses that may infringe developers’ digital rights.

4/5 of “Dark Net” Traffic Is to Child Abuse Portals!!

According to a study of Tor “hidden services” portals, over 80% of the “dark net” online traffic comes from sites that offer child-abuse content. For over 6 months, the researchers have analyzed traffic to websites through Tor’s technology, which is normally used to hide their addresses from search engines.

According to the findings, while sites with pedophile content make up only 2% of the estimated 45,000 hidden services websites on the Internet, they account for 83% of visits without considering automated “botnet” traffic. The research focuses on online portals that used Tor’s technology to hide themselves, not on the online behavior of individual Internet users who use Tor, as they don’t spend 84% of their time visiting child-abuse services.

It turned out that less than 1/6 of hidden services websites have been online for all six months of the study, which shows a short average lifetime for such online services. In the meantime, drug-related websites like Silk Road and Agora made up almost a quarter of the hidden service websites but 5% of overall traffic. As for whistleblower websites like SecureDrop and Globaleaks, they made up 5% of websites but less than 0.1% of website visits.

In response, Tor questioned the accuracy of the findings of the study, pointing out that the results may include visits to pedophilia sites from law enforcement and anti-abuse groups, along with DDoS attacks from hackers. Tor also emphasized that hidden services websites only account for 2% of total traffic with Tor’s anonymizing technology. In other words, you should not confuse websites hiding themselves with individual users who use Tor to surf the Internet anonymously.

One should admit that there are important uses for hidden services – for example, when human rights activists use them to visit Facebook or to blog anonymously. Some also suggest that the habits of people searching for child-abuse content on the Internet may also be a factor.

So, the findings of this recent research bring up new questions for Tor about how it could try to shut down the abusive websites and track their owners. The researchers have pointed out that Tor might be able to block access to such illegal services, but it is unknown whether Tor operators would bother doing this.