Google unveils 10% One Pass fee

16 February 2011 Last updated at 15:11 ET

Google has launched a new payment system that allows users to subscribe to online content for a 10% commission fee.

The move comes after rival Apple was criticised over its payment system which takes 30% of the sale price.

One Pass will work on tablets and smartphones, as well as Google-related websites.

One Pass will launch initially in the UK, Canada, France, Germany, Italy and Spain.

The announcement came just one day after Apple announced new rules for publishers selling subscriptions on its iOS platform.

Apple says companies must now offer users the option to buy directly through an iTunes account, handing 30% of the price to Apple.

Previously, vendors were allowed to simply direct customers to an external website, keeping all of the profits.

On a Google blog posting, Lee Shirani, the company's director of business product management wrote: "Publishers can customise how and when they charge for content while experimenting with different models to see what works best for them."

Anonymous victim goes to ground

16 February 2011 Last updated at 13:33 ET

The computer security company hacked by members of activist group Anonymous has gone to ground as further revelations about its activites leak online.

HBGary has cancelled its appearances at public events, saying that members of staff had been threatened.

It follows the release of internal documents which appear to show the firm offered to smear Wikileaks' supporters.

HBGary officials said the online messages could have been altered prior to publication.

The company's founder, Greg Hoglund had been scheduled to give a talk at the RSA Security conference in San Francisco this week, but pulled out at the last minute.

The company also withdrew from an associated exhibition.

"In an effort to protect our employees, customers and the RSA Conference community, HBGary has decided to remove our booth and cancel all talks," it said in a statement posted on its website.

According to e-mails that Anonymous claims to have taken from HBGary's servers, the company had proposed a plan to undermine Wikileaks.

At the time, the whistleblowing website was planning to release documents relating to Bank of America.

The leaked emails also suggest that HBGary had discovered evidence that US officials were attempting to monitor visitors to websites affiliated to al Qaeda.

These messages have been posted online via the Anonymous-supported site Anonleaks.ru.

Government payload

Continue reading the main story

What is Anonymous?

<!-- pullout-items--> <!-- pullout-body-->

'Anonymous' describes itself as an 'internet gathering'. The term is used to describe a collective of people who come together online, commonly to stage a protest.

The groups vary in size and make-up depending on the cause. Members often identify themselves in web videos by wearing the Guy Fawkes masks popularised by the book and film V for Vendetta.

Its protests often take the form of disrupting websites and services.

Its use of the term Anonymous comes from a series of websites frequented by members, such as the anarchic image board 4Chan.

These allow users to post without having to register or provide a name. As a result, their comments are tagged "Anonymous".

In the past, groups have staged high-profile protests against plans by the Australian government to filter the internet and the Church of Scientology.

Many Anonymous protests tackle issues of free speech and preserving the openness of the net.

<!-- pullout-links-->

In a message to colleagues, dated 16 November 2009, Mr Hoglund allegedly wrote that he had obtained a document taken from a jihadist website.

"I think it has a US govvy payload buried inside," the e-mail said.

The note also urges colleagues not to open the programme unless they were in a locked-down environment.

"Don't let it fone (sic) home unless you want black suits landing on your front acre," it adds.

In e-mails from early January 2011, it is claimed that Mr Hoglund sent out proposals to develop a spying program, known as a rootkit, that would run on Windows-based computers.

"There isn't anything like this publicly," the proposal stated. It would be "almost impossible to remove" or detect.

Penny Leavy, the president of HBGary said the volume of messages published online made it impossible to verify whether any of the content had been changed.

Highly suspect

"We do have e-mails that were changed and posted," she told BBC News. "Given that Anonymous has had these e-mails for days I would be highly suspect of them."

Members of Anonymous hacked into HBGary's corporate systems after discovering that Aaron Barr, the chief executive of a subsidiary, HBGary Federal, had been threatening to reveal the identify of some of the group.

The hackers were able to access sensitive business systems, including its e-mail, and take over the company website, as well as some personal Twitter accounts.

Continue reading the main story

"Start Quote

Given that Anonymous has had these e-mails for days I would be highly suspect of them"

End Quote Penny Leavy HBGary

Thousands of e-mails which the group claimed came from HBGary were then published on peer-to-peer networks.

The fallout from the affair will be difficult to overcome, said Graham Cluley of rival security firm Sophos.

"The damage to HBGary's reputation from this incident is, quite frankly, enormous," he said.

"No company deserves to be on the sharp end of a hacking attack like the one which hit HBGary, but it's particularly damaging when the victim is a specialist in the field of computer security," he added.

"You brought this upon yourself," Anonymous said in a statement detailing its actions.

"Let us teach you a lesson you'll never forget: don't mess with Anonymous."

Anonymous, which has its roots in the notorious 4Chan internet messageboard, has been involved in campaigns against the Church of Scientology and in support of Wikileaks.

Powered By WizardRSS

Cyber war exaggerated says expert

16 February 2011 Last updated at 04:21 ET By Maggie Shiels Technology reporter, BBC News, Silicon Valley

The threat of cyber warfare is greatly exaggerated, according to a leading security expert.

Bruce Schneier claims that emotive rhetoric around the term does not match the reality.

He warned that using sensational phrases such as "cyber armageddon" only inflames the situation.

Mr Schneier, who is chief security officer for BT, is due to address the RSA security conference in San Francisco this week

Speaking ahead of the event, he told BBC News that there was a power struggle going on, involving a "battle of metaphors".

He suggested that the notion of a cyber war was based on several high profile incidents from recent years.

They include blackouts in Brazil in 1998, attacks by China on Google in 2009 and the Stuxnet virus that attacked Iran's nuclear facilities.

He also pointed to the fall out from Wikileaks and the hacking of Republican presidential candidate Sarah Palin's e-mail.

"What we are seeing is not cyber war but an increasing use of war-like tactics and that is what is confusing us.

"We don't have good definitions of what cyber war is, what it looks like and how to fight it," said Mr Scheier.

His point of view was backed by Howard Schmidt, cyber security co-ordinator for the White House.

"We really need to define this word because words do matter," said Mr Schmidt.

"Cyber war is a turbo metaphor that does not address the issues we are looking at like cyber espionage, cyber crime, identity theft, credit card fraud.

"When you look at the conflict environment - military to military - command and control is always part of the thing.

"Don't make it something that it is not," Mr Schmidt told a small group of reporters on the opening day of the conference.

A report last month by the Organisation for Economic Cooperation and Development also concluded that the vast majority of hi-tech attacks, described as acts of cyber war, do not deserve the name.

Tanks and bombs

The issue is likely to receive a lot of attention at RSA this week as a number of panels seek to define what is and what is not cyber warfare.

"Stuxnet and the Google infiltration are not cyber war - who died?", asked Mr Schneier.

"We know what war looks like and it involves tanks and bombs.

"However all wars in the future will have a cyber space component.

"Just like we saw in the Iraqi war we [the US] used an air attack to soften up the country for a ground offensive.

"It is probably reasonable you will see a cyber attack to soften up the country for an air attack or ground offensive," he added.

Mr Schneier claimed that the heated rhetoric is driving policy in ways that might not be appropriate.

"The fear is that we are going to see an increased militarisation of the internet," he said.

Recently the FBI and Department of Defence squared off over who got to control defence in cyber space and the multimillion dollar budget that goes with the job.

Mr Schneier said that battle was won by the Defence Department.

He also claimed there was a worrying trend of politicians who try to introduce legislation as a way to deal with the issue as nothing short of knee jerk politics.

Continue reading the main story

"Start Quote

Stuxnet and the Google infiltration are not cyber war - who died?"

End Quote Bruce Schneier Security analyst

Last week the Cybersecurity Enhancement Act was introduced in the Senate, following confirmation by oil companies and Nasdaq officials that their computer systems were repeatedly hacked by outsiders

"My worry is these ill thought-out bills will pass," said Mr Schneier.

Treaty talk

Talk of drawing up the equivalent of a Geneva Convention for cyber space has been gaining attention.

The proposal was raised by international affairs think-tank, the EastWest Institute at a security conference in Munich last week.

Mr Schmidt said he is sceptical because he does not believe every country will sign up to an agreed set of norms or standards.

"I don't know that a treaty is going to solve anything at this juncture.

"Not everyone thinks about this unilaterally around the world. We can't do this by ourselves," he said.

Industry commentator Declan McCullagh, who is chief potlicial writer for online news site CNET.com, believes the idea of doing nothing is untenable.

"Before we get to the stage of having to launch a cyber war, and that will eventually come, lets have a public discussion about what this involves," he said.

"A Geneva Convention for cyber war makes sense at least to start that discussion.

"What that would do is put certain types of attacks off the table like you are not going to target the enemy's hospitals or certain types of civilian systems that innocents depend on for their livelihood.

"I don't think everyone is going to respect it, and maybe the US won't respect it at times, but at least it starts the discussion and will probably have a positive effect," said Mr McCullagh.

This year marks the 20th anniversary of the RSA event, which began as a purely technical cryptography conference and has evolved into a broader forum that includes issues of policy and governance as well as technology.

Powered By WizardRSS

US defends Twitter data request

15 February 2011 Last updated at 18:31 ET

The US has defended its request for the personal details of three Twitter users, as part of its inquiry into Wikileaks.

At a court in Virginia, the justice department said it was seeking the account information of three associates of Wikileaks founder Julian Assange.

The trio are fighting the request, arguing it is an invasion of privacy.

A justice department lawyer told the court the request was a standard investigative measure.

US prosecutors say the request forms part of their ongoing investigation into the Wikileaks site, which released thousands of confidential diplomatic cables online.

The trio appealing against the request - Icelandic MP Birgitta Jonsdottir, Dutch hacker Rop Gonggrijp and US computer programmer Jacob Appelbaum - all know, or have worked with, Wikileaks founder Julian Assange.

Lawyers representing the trio appeared before the US district court in Alexandria, Virginia, on Tuesday to argue against the release of their private information.

"What's at stake here is the ability to use the internet freely and privately, without the government looking over their shoulder," said Aden Fine, of the American Civil Liberties Union.

Mr Fine, who is representing Birgitta Jonsdottir, spoke on behalf of all three plaintiffs in court.

The trio say the demand for this information "intrudes upon important First Amendment rights" and "will not directly further the government's purported interests".

Mr Fine said he had also asked the judge to reveal whether similar orders for information had been issued to other websites, such as Facebook and Google.

On Monday, Mr Assange said the order was "an outrageous attack by the Obama administration on the privacy and free speech rights of Twitter's customers".

'Investigative measure'

The order calling on Twitter to release account details, IP addresses, user names and sign-up information was made by District Judge Theresa Buchanan in December 2010.

The order, only made public earlier this month, also requested details of the general Wikileaks Twitter account, thought to be run by Julian Assange, and that of Bradley Manning, the army intelligence analyst suspected of leaking the documents to Wikileaks.

A justice department spokesman said the terms of the request had since been narrowed to data from 15 November, 2009, to 1 June, 2010, and to four accounts - those belonging to Mr Appelbaum, Mr Gonggrijp and Ms Jonsdottir and the official Wikileaks account.

The US government is allowed to ask for the communication records of service providers up to 180 days in the past.

Appearing at the hearing on Tuesday, Assistant US Attorney John Davis said the government was seeking routine data, no different to phone records or credit card bills.

"This is an investigative measure used in criminal investigations all over the country, every day," Mr Davis said.

A justice department spokesman stressed the government was "not seeking any content" and that this was a routine part of its investigation.

The judge did not rule on the appeal made by the three, and will issue a written ruling at a later date.

&#39;Nuclear virus&#39; targets uncovered

15 February 2011 Last updated at 08:51 ET By Jonathan Fildes Technology reporter, BBC News

A powerful internet worm repeatedly targeted five industrial facilities in Iran over 10 months, ongoing analysis by security researchers shows.

Stuxnet, which came to light in 2010, was the first-known virus specifically designed to target real-world infrastructure, such as power stations.

Security firm Symantec has now revealed how waves of new variants were launched at Iranian industrial facilities.

Some versions struck their targets within 12 hours of being written.

"We are trying to do some epidemiology," Orla Cox of Symantec told BBC News. "We are trying to understand how and why it spread."

Repeated attacks

The worm first grabbed headlines late last year after initial analysis showed that the sophisticated piece of malware had likely been written by a "nation state" to target Iran's nuclear programme, including the uranium enrichment centrifuges at the Natanz facility.

Russia's Nato ambassador recently said the virus "could lead to a new Chernobyl," referring to the 1986 nuclear accident.

Although speculation surrounds which countries may have been involved in its creation, the origins of the worm still remain a mystery.

Continue reading the main story

"Start Quote

One organisation was attacked three times, another was targeted twice"

End Quote Orla Cox Symantec

Iranian officials have admitted that the worm infected staff computers. However, they have repeatedly denied that the virus caused any major delays to its nuclear power programme, although its uranium enrichment programme is known to have suffered setbacks.

The new research, which analysed 12,000 infections collected by various anti-virus firms, shows that the worm targeted five "industrial processing" organisations in Iran.

"These were the seeds of all other infections," said Ms Cox.

The firm was able to identify the targets because Stuxnet collected information about each computer it infected, including its name, location and a time stamp of when it was compromised.

This allowed the researchers to track the spread of the virus.

Symantec declined to name the five organisations and would not confirm whether they had links to the country's nuclear programme.

However, Ms Cox, said that previous research confirmed that the worm could disrupt the centrifuges used to enrich uranium.

The five organisations were targeted repeatedly between June 2009 and April 2010, she said.

"One organisation was attacked three times, another was targeted twice," she said.

These waves of attacks used at least three different variants of the worm.

"We believe there was also a fourth one but we haven't seen it yet," she said.

Analysis of the different strains and the time it took between the code being written and it making its first infection suggested that the virus writers had "infiltrated" targeted organisations, she said.

The researchers drew this conclusion because Stuxnet targeted industrial systems not usually connected to the internet for security reasons.

Instead, it infects Windows machines via USB keys - commonly used to move files around and usually plugged into a computer manually.

The virus therefore had to be seeded on to the organisation's internal networks by someone, either deliberately or accidentally.

The virus could have been spread between the organisations by contractors that worked for more than one of them, she said.

"We see threads to contractors used by these companies," she said. "We can see links between them."

Big picture

Once on a corporate network, the worm is designed to seek out a specific configuration of industrial control software made by Siemens.

The code can then reprogram so-called PLC (programmable logic control) software to give attached industrial machinery new instructions.

Previous analysis suggests that it targeted PLCs operating at frequencies between 807 and 1210Hz, a range that includes those used to control uranium enrichment centrifuges.

Subverting PLCs requires detailed knowledge and, although security researchers had raised concerns about exploits in the past, had not been seen before Stuxnet.

Ms Cox said the firm's analysis revealed incomplete code in Stuxnet that looked like it was intended to target another type of PLC.

"The fact that it is incomplete could tell us that [the virus writers] were successful in what they had done," she said.

The novelty of the virus, combined with attack mechanisms that targeted several previously unknown and unpatched vulnerabilities in Windows, have led many to describe Stuxnet as "one of the most sophisticated pieces of malware ever".

However, research by Tom Parker from security firm Securicon says that elements of it were "not that advanced at all".

"I've compared this less advanced code to other malware and it does not score very highly," he said last year.

Ms Cox agrees that elements of the code and some of the techniques it uses are relatively simple. But, she says, that misses the bigger picture.

"If you look at the sum of its parts, then it is certainly very sophisticated," she said.