DXPG

Total Pageviews

Wednesday, June 12, 2013

Google Says It Has Uncovered Iranian Spy Campaign

Google said Wednesday that it had uncovered a vast Iranian spy campaign that had been targeting tens of thousands of Iranian citizens over the past three weeks.

“These campaigns, which originate from within Iran, represent a significant jump in the overall volume of phishing activity in the region,” the company said in a blog post. “The timing and targeting of the campaigns suggest that the attacks are politically motivated in connection with the Iranian presidential election on Friday.”

The company said that thousands of its users inside Iran had been the targets of a sophisticated e-mail phishing campaign in which attackers send users a link that, when clicked, sent them to a fake Google sign-in page where the attackers could steal log-in credentials.

The surveillance campaign is just the latest evidence that political groups are increasingly using digital means to keep tabs on their opposition. During elections last April in Malaysia, security researchers at the University of Toronto’s Citizen Lab found evidence that servers in Malaysia were running FinSpy, a surveillance tool sold to governments by the British surveillance firm Gamma Group. According to security researchers, the targets appeared to be members of Malaysia’s opposition party.

Google would not say how it had traced the current spy campaign to Iran because it did not want to tip off attackers. It did say, however, that it was confident the attackers were the same ones behind a sophisticated attack in 2011 on DigiNotar, a Dutch company that sells certificates that validate the security of a Web site. By compromising the certificate authority, the attackers were able to intercept users’ Web traffic and compromise their computers.

Security researchers who analyzed the DigiNotar attack believe the company was compromised by Iran or hackers working on its behalf. By tying the latest Iranian phishing campaign to Iran, Google’s findings on Wednesday seemed to confirm that Iran was also behind the DigiNotar attack.

Of the DigiNotar attack, Phil Zimmermann, a pioneer of encryption software said, “There are thousands of Iranian dissidents in prison today because of that.”

Compared with the public uproar that followed Iran’s 2009 elections, the run-up to this week’s elections has been tightly controlled. Many leaders of the 2009 opposition have fled the country, been silenced or jailed The two main presidential challengers in those elections, Hussein Moussavi and Mehdi Karroubi, remain under house arrest.



Google Offers Some Detail About How It Transfers Data to the Government

Google has offered a few more details about how it shares user data with the government, including in response to national security requests.

As The New York Times reported on Tuesday, when Google is legally required to hand over data about its users, it usually delivers it using a file-transferring technology called secure FTP, David Drummond, Google’s chief legal officer, said in an interview on British television.

FTP is a simple way to upload and download files sent between parties â€" like an online file folder. Either party can operate the FTP server that the files flow through. In an interview on PBS NewsHour, Mr. Drummond indicated that the FTP server is on the government’s machines and not on Google’s.

“We deliver it to them, we push it out to them,” said Mr. Drummond, who was speaking from Amsterdam. “They don’t come access it through any machines at Google.”

The New York Times reported on Friday that the National Security Agency‘s secret Internet surveillance program, Prism, involved electronically transmitting data â€" though not automatically or in bulk â€" in compliance with the Foreign Intelligence Surveillance Act. While the government asked the companies to make a secure lockbox, the article said, the companies responded in different ways.

Mr. Drummond’s statement on Tuesday provides some clarity on how Google electronically transfers data in response to government requests, including national security requests.

Some lawyers who respond to national security requests for tech companies described the systems as nothing more than a 21st-century way to transfer files. Every government request is reviewed by a person, they said, but once it is time to hand over the data, it is more efficient to use the Internet than to print pages and mail them or burn a CD, for instance. (FTP, however, is hardly new, having existed in some form for about four decades.)

Mr. Drummond spoke publicly about the issue for the first time as part of a day of damage control to quell the criticisms after the Prism revelations.

Though Google and the other tech companies have repeatedly said they do not provide the government with direct access to their servers and only comply with lawful government requests, many questions remain about how the government surveillance program works.The companies have said they are restricted from saying more by government gag orders.

“There are a lot of misimpressions that are out there,” Mr. Drummond said on British television. “We feel very strongly that we’ve got to set the record straight.”

He also published a letter on Tuesday asking the government for permission to reveal more information about the number and scope of national security requests, and Microsoft and Facebook followed suit.

The delivery mechanism, people at tech companies have said, is not as important as the data that governments ask the companies to turn over, which is why they asked to reveal more information about the data requests.



Google Offers Some Detail About How It Transfers Data to the Government

Google has offered a few more details about how it shares user data with the government, including in response to national security requests.

As The New York Times reported on Tuesday, when Google is legally required to hand over data about its users, it usually delivers it using a file-transferring technology called secure FTP, David Drummond, Google’s chief legal officer, said in an interview on British television.

FTP is a simple way to upload and download files sent between parties â€" like an online file folder. Either party can operate the FTP server that the files flow through. In an interview on PBS NewsHour, Mr. Drummond indicated that the FTP server is on the government’s machines and not on Google’s.

“We deliver it to them, we push it out to them,” said Mr. Drummond, who was speaking from Amsterdam. “They don’t come access it through any machines at Google.”

The New York Times reported on Friday that the National Security Agency‘s secret Internet surveillance program, Prism, involved electronically transmitting data â€" though not automatically or in bulk â€" in compliance with the Foreign Intelligence Surveillance Act. While the government asked the companies to make a secure lockbox, the article said, the companies responded in different ways.

Mr. Drummond’s statement on Tuesday provides some clarity on how Google electronically transfers data in response to government requests, including national security requests.

Some lawyers who respond to national security requests for tech companies described the systems as nothing more than a 21st-century way to transfer files. Every government request is reviewed by a person, they said, but once it is time to hand over the data, it is more efficient to use the Internet than to print pages and mail them or burn a CD, for instance. (FTP, however, is hardly new, having existed in some form for about four decades.)

Mr. Drummond spoke publicly about the issue for the first time as part of a day of damage control to quell the criticisms after the Prism revelations.

Though Google and the other tech companies have repeatedly said they do not provide the government with direct access to their servers and only comply with lawful government requests, many questions remain about how the government surveillance program works.The companies have said they are restricted from saying more by government gag orders.

“There are a lot of misimpressions that are out there,” Mr. Drummond said on British television. “We feel very strongly that we’ve got to set the record straight.”

He also published a letter on Tuesday asking the government for permission to reveal more information about the number and scope of national security requests, and Microsoft and Facebook followed suit.

The delivery mechanism, people at tech companies have said, is not as important as the data that governments ask the companies to turn over, which is why they asked to reveal more information about the data requests.



As Putin Tries to Charm World Expo Voters, Protesters March Again in Moscow

Video of protesters calling for the release of opposition activists in Moscow on Wednesday.

As the Kremlin continued its campaign “to show as many people as possible that Russia is a normal country,” by winning the right to host yet another international event, thousands of distinctly off-message protesters marched through Moscow on Wednesday, calling for the release of political prisoners, and a “Russia Without Putin.”

Away from the noisy streets of the capital, Russia unveiled its bid to host the 2020 World Expo in the city of Yekaterinburg with a personal appeal recorded by the nation’s president, Vladimir Putin.

Speaking in English, Mr. Putin assured delegates of the International Exhibitions Bureau that Russia would make the event “a priority national project,” and offered to pay all expenses for 90 developing nations, enabling them “to freely participate in the Expo, completely free of charge.”

Mr. Putin has had success with similar pitches in the past, helping to sway the delegates who awarded Russia the 2014 Winter Olympics, the 2016 Ice Hockey World Championship and the 2018 World Cup.

Yekaterinburg, sometimes transliterated Ekaterinburg, was known during the Soviet era as Sverdlovsk, for the Bolshevik revolutionary who commanded the 1918 assassination in the city of Czar Nicholas II and his family.

Video posted online by Novaya Gazeta, the newspaper that once published reports by Anna Politkovskaya â€" a fierce critic of Mr. Putin’s rule, who was murdered in 2006, on the Russian president’s birthday â€" showed that the protesters also chanted “Putin’s a Thief!” during the march.

Video of Wednesday’s protest in Moscow posted online by Russia’s Novaya Gazeta.



Love and Hate for Apple’s New Mobile Software

Apple this week unveiled a major redesign for iOS, the mobile software system running on iPhones and iPads. The software, called iOS 7, adopts a “flat” design principle that simplifies the look, while introducing thin typography and a vibrant color palette.

After Apple demonstrated iOS 7, Twitter lit up with reactions from designers, Apple fans and even some former Apple employees. The responses were polarized: Some loved the new design, while others despised it.

Here’s a sampling of tweets from notable people in the technology industry.

Andrew Borovsky, a former Apple designer who now works at Square, said the operating system was not designed for everyday people.

John Gruber, owner of Daring Fireball, an influential Apple fan blog, could not begin to fathom why anyone would dislike iOS 7.

Khoi Vinh, a former design director for The New York Times who is now an app developer, suggested that Scott Forstall, Apple’s former head of mobile software who was fired last year, did not have much to worry about.

Matt Gemmell, an Apple app developer, didn’t like some elements of the operating system, but he was otherwise positive about the overall improvements.

Sebastiaan de With, chief creative officer of DoubleTwist, the maker of a music app for mobile devices, disliked the icons and the typography of the system.

Josh Brewer, a designer at Twitter, wondered whether Apple had thoroughly tested iOS 7 before going with this approach.



Facebook Adds Hashtags to Organize Public Conversations

Facebook has joined the hashtag revolution, introducing a tool on Wednesday that allows users to add the # symbol before a word to signify its topic. The topic would then be easily searchable by other users of the social network.

Of course, anyone who has used the microblogging service Twitter is familiar with hashtags, which have long been used there to organize public conversations. Right now, for example, #manofsteel is a popular hashtag on Twitter because of the coming Superman movie. Search for that hashtag on Twitter and you can see the global conversation about the topic.

Tumblr, Pinterest and other social networks also use hashtags, and Google announced last month that it was adding hashtags to its Google Plus service.

In a blog post, Facebook said it, too, wanted to make it easier for its users to participate in a common conversation.

“Every day, hundreds of millions of people use Facebook to share their thoughts on big moments happening all around them. Whether it’s talking about a favorite television show, cheering on a hometown sports team or engaging with friends during a breaking news event â€" people on Facebook connect with their friends about what’s taking place all over the world,” Greg Lindley, a Facebook product manager, wrote in the blog post. “To bring these conversations more to the forefront, we will be rolling out a series of features that surface some of the interesting discussions people are having about public events, people and topics.”

Starting Wednesday, users can click on a hashtag in Facebook and see a feed of what other people and organizational users are saying about that event or topic.

Facebook said users would also be able to click on hashtags that originated on other services, like Instagram, a photo-sharing service owned by Facebook that already uses the tool.

The new hashtag service is immediately available to about 20 percent of Facebook users, with the rest getting it gradually over the coming weeks.

The company said it would roll out additional features, including trending hashtags, in the near future.



Daily Report: Google, Facebook and Microsoft Ask to Reveal U.S. Data Requests

Google, Facebook and Microsoft on Tuesday asked the government for permission to reveal details about the classified requests they receive for the personal information of foreign users, Claire Cain Miller reports in The New York Times.

They made the request after revelations about the National Security Agency’s secret Internet surveillance program, known as Prism, for collecting data from technology companies like e-mail messages, photos, stored documents, videos and online chats. The collection is legally authorized by the Foreign Intelligence Surveillance Act, which forbids companies from acknowledging the existence of requests or revealing any details about them.

Google for the first time publicly acknowledged it had received FISA requests and said it had complied with far fewer of the requests than it received. Facebook and Microsoft did not go as far as discussing requests they had received but, like Google, said it wanted to be able to publish information on the volume and scope of the government requests.

Many questions remain unanswered after the leak of N.S.A. documents about Prism, including precisely how the tech companies and the government cooperated. Prism refers to an automated system for electronically exchanging information regarding FISA requests, according to people briefed on how it works. On Tuesday, David Drummond, Google’s chief legal officer, said in an interview on British television that Google hands over the information to the government in person or by using a file-transferring technology called secure FTP.

But the companies say they are frustrated that they are unable, because of a government gag order, to give more details of sharing user data with the government. That gap in information has fed speculation that is untrue, Mr. Drummond wrote in a letter on Tuesday to Eric H. Holder Jr., the attorney general, and Robert S. Mueller, the director of the F.B.I.



Daily Report: Google, Facebook and Microsoft Ask to Reveal U.S. Data Requests

Google, Facebook and Microsoft on Tuesday asked the government for permission to reveal details about the classified requests they receive for the personal information of foreign users, Claire Cain Miller reports in The New York Times.

They made the request after revelations about the National Security Agency’s secret Internet surveillance program, known as Prism, for collecting data from technology companies like e-mail messages, photos, stored documents, videos and online chats. The collection is legally authorized by the Foreign Intelligence Surveillance Act, which forbids companies from acknowledging the existence of requests or revealing any details about them.

Google for the first time publicly acknowledged it had received FISA requests and said it had complied with far fewer of the requests than it received. Facebook and Microsoft did not go as far as discussing requests they had received but, like Google, said it wanted to be able to publish information on the volume and scope of the government requests.

Many questions remain unanswered after the leak of N.S.A. documents about Prism, including precisely how the tech companies and the government cooperated. Prism refers to an automated system for electronically exchanging information regarding FISA requests, according to people briefed on how it works. On Tuesday, David Drummond, Google’s chief legal officer, said in an interview on British television that Google hands over the information to the government in person or by using a file-transferring technology called secure FTP.

But the companies say they are frustrated that they are unable, because of a government gag order, to give more details of sharing user data with the government. That gap in information has fed speculation that is untrue, Mr. Drummond wrote in a letter on Tuesday to Eric H. Holder Jr., the attorney general, and Robert S. Mueller, the director of the F.B.I.