Posts Tagged virtual world

Web tool oversees Afghan election (BBC)

By Jonathan Fildes
Technology reporter, BBC News

Kabul campaign posters (AP)

Crowd-sourcing information on the election could ensure its fairness

Any attempt to rig or interfere with Afghanistan’s election could be caught out by a system that allows anyone to record incidents via text message.

The Alive in Afghanistan project plots the SMS reports on an online map.

Citizens can report disturbances, defamation and vote tampering, or incidents where everything “went well”.

Their reports feature alongside those of full-time Afghan journalists to ensure the election process and reporting of it is as “free and fair” as possible.

“We hope to enable people to report on what is going on in the country,” explained Brian Conley, who helped set up the project.

“In the rural areas there are not going to be monitors, and it is questionable how much international media coverage there will be in these areas.”

Additional text and video reports will be added by a network of 80 reporters from the Afghan Pajhwok news agency, he said.

Some will be willing not to eat that evening [in order to be able] to tell the international community what is going on in the country
Brian Conley
Alive in Afghanistan project

Mr Conley said that he hoped the results would be used by national and international media along with members of the international community.

In addition, he said, they may also be sent to the Electoral Commission if there are reports of tampering or rigging.

Content of crowds

The system relies on two established open-source technologies to gather the election reports.

The text messages are collected via a free-platform known as FrontlineSMS, developed by UK programmer Ken Banks.

The system was originally developed for conservationists to keep in touch with communities in national parks in South Africa and allows users to send messages to a central hub.

It has previously been used to monitor elections in Nigeria, and has now been combined with a “crowd-sourced, crisis-mapping” tool known as Ushahidi, which plots the reports on a freely-accessible map.

The system was developed in Kenya when violence erupted following the disputed presidential elections between Mwai Kibaki and Raila Odinga.

Since then, the platform has also been used to document anti-emigrant violence in South Africa and problems in the Democratic Republic of Congo.

Duplicate Afghan voting cards (FEFA)

Thousands of duplicate voting cards were discovered in an investigation

Together they allow reports to be gathered from any part of the country with mobile phone coverage.

Mr Conley hopes “hundreds of thousands of people” will use the system, which has been promoted by distributing “thousands of leaflets” and radio reports.

“I am confident that because of Pajhwok’s support we will see a good amount of content coming in,” he said.

However, he added, the project had to be “realistic about what is possible”.

“In a lot of parts of the country – for whatever reason – people don’t use SMS,” he said. “It is still a developing technology.”

In addition, he said, each text message is relatively expensive, costing the equivalent of two minutes of talk time.

“Even though that is the same amount of money it costs to buy bread for your family people have told me that some will be willing not to eat that evening [in order to be able] to tell the international community what is going on in the country.”

‘Government pressure’

Any content that is sent to the service is cross-checked, he said, to ensure its authenticity.

Reports that are not verified will be marked as such.

In addition to the citizen reports, the map will be populated by reports form a network of journalists from Pajhwok, he said.

The reporters would report “every aspect of the election, good and bad,” he said.

The National Security Council of Afghanistan has asked all domestic and international media agencies to “refrain form broadcasting any incidence of violence during the election process”.

The Foreign Ministry has reportedly told Afghan media organisations that any domestic group defying the ban will be shut down.

“There is lots of pressure from the government not to cover these things,” said Mr Conley.

, , ,

No Comments

Google Gmail Passes AOL, Becoming Third Most Popular E-mail (Information Week)

ByThomas Claburn
InformationWeek

With its growth rate climbing, Gmail is on track to pass Microsoft’s Hotmail in the first quarter of 2010.

Google’s Gmail has surpassed AOL as the third most visited e-mail service in the U.S. and is poised to pass Windows Live Hotmail in about seven months.Between July 2008 and July 2009, Gmail’s number of unique monthly visitors in the U.S. increased from 25.3 million to 36.9 million, according to ComScore.

Gmail’s rate of traffic growth has been increasing, too. In the July 2008 to July 2009 period, Gmail grew at a rate of 46%, up from 39% during the period between September 2007 and September 2008.From July 2008 to July 2009, AOL’s monthly visitor total declined by 19%, from 45.1 million to 36.4 million. Windows Live Hotmail, which lost 4% of its visitors between September 2007 and September 2008, managed to eke out a 3% gain during the July 2008 to July 2009 period.

But with 47.1 million monthly visitors, Windows Live Hotmail is more or less where it was in September 2007, when its monthly visitor share stood at 46.2 million.

If current trends continue, Gmail should surpass Hotmail by the end of February next year and take second place in visitor traffic behindYahoo Mail. The release of Windows 7, however, may contribute to renewed interest in Microsoft services like Hotmail and may delay Gmail’s move to second place.

Yahoo Mail, the leading free e-mail service, has been doing better lately. Its visitor traffic, 106.1 million last month by ComScore’s count, grew at a rate of about 11% in 2008 and at a rate of 22% between July 2008 and July 2009.

There are of course other metrics by which one can measure the popularity of e-mail services, like the number of registered accounts. Online traffic however can be correlated with active usage.

Gmail’s torrid growth coincides with a period of aggressive innovation. Google has delivered new Gmail features and capabilities every week, more or less, since the opening of Gmail Labs in June last year.

Google has also been encouraging businesses to start using Google Apps, which includes Gmail as well as online applications like Google Docs, Google Calendar, Google Sites, and Google Video.

Google did not immediately respond to a request to confirm ComScore’s figures.

, , ,

1 Comment

US man ’stole 130m card numbers’

Credit card

The card details were allegedly stolen from three firms, including 7-Eleven

US prosecutors have charged a man with stealing data relating to 130 million credit and debit cards.

Officials say it is the biggest case of identity theft in American history.

They say Albert Gonzalez, 28, and two un-named Russian co-conspirators hacked into the payment systems of retailers, including the 7-Eleven chain.

Prosecutors say they aimed to sell the data on. If convicted, Mr Gonzalez faces up to 20 years in jail for wire fraud and five years for conspiracy.

He would also have to pay a fine of $250,000 (£150,000) for each of the two charges.

‘Standard’ attack

SQL INJECTION ATTACK
This is a fairly common way that fraudsters try to gain access to consumers’ card details.
They scour the internet for weaknesses in companies’ firewalls, which is simply a security wall designed to block unauthorised access to a computer network.
Once they find a weakness, they insert a specially designed code into the network that allows them to access card details.
There is little consumers can do to protect themselves from the effects of this type of attack.
The general advice to cardholders is to check bank statements carefully and report any suspicious transactions immediately.

Mr Gonzalez used a technique known as an “SQL injection attack” to access the databases and steal information, the US Department of Justice (DoJ) said.

Edward Wilding, a fraud investigator, told the BBC that this method was “a pretty standard way” for fraudsters to try to access personal data.

It “exploits any vulnerability in a firewall and inserts a code to gather information,” he explained.

However, he added that this case probably “involved extremely well researched, especially configured codes, not standard attack codes downloaded from the internet”.

Mr Wilding said there was little consumers could do to protect themselves against this kind of fraud.

“The real vulnerability [for cardholders], I suspect, is internet and telephone transactions. But this is a failure in the configuration of [corporate] firewalls,” he said.

Michelle Whiteman, from anti-fraud organisation Financial Fraud Action UK, said that consumers must check their bank statements regularly and flag up any suspicious transactions to their bank.

She said that online, telephone and mail order fraud were on the increase, along with fraud committed abroad on UK cards, according to figures released in March.

But she stressed that any victim of fraud would “always be refunded in full”.

Further charges

FROM THE TODAY PROGRAMME

Mr Gonzales’ corporate victims included Heartland Payment Systems – a card payment processor – convenience store 7-Eleven and Hannaford Brothers, a supermarket chain, the DoJ said.

According to the indictment, the group researched the credit and debit card systems used by their victims, attacked their networks and sent the data to computer servers they operated in California, Illinois, Latvia, the Netherlands and Ukraine.

The data could then be sold on, enabling others to make fraudulent purchases, it said.

Mr Gonzalez, who had once been an informant for the US Secret Service helping to track hackers, is already in custody on separate charges of hacking into the computer systems of a national restaurant chain and eight major retailers, including TJ Maxx, involving the theft of data related to 40 million credit cards.

Mr Gonzales is scheduled to go on trial for these charges in 2010.

This latest case will raise fresh concerns about the security of credit and debit cards used in the United States, the BBC’s Greg Wood reports.

, , , ,

No Comments

Twitter tweets are 40% ‘babble’ (BBC)

Screengrab of Twitter page, PA

Micro-blogging site Twitter has some high profile user

A short-term study of Twitter has found that 40% of the messages sent via it are “pointless babble.”

Carried out by US market research firm Pear Analytics, the study aimed to produce a snapshot of what people do with the service.

Almost as prevalent as the babble were “conversational” tweets that used it as a surrogate instant messaging system.

The study found that only 8.7% of messages could be said to have “value” as they passed along news of interest.

Message stream

To get an idea of what Twitter was being used for, Pear Analytics dipped into the Tweet stream every 30 minutes between 11:00 and 17:00 on weekdays for a fortnight.

…a source for people to share their current activities that have little to do with everyone else
Ryan Kelly, Pear Analytics

In total it grabbed 2,000 messages and then put each message it grabbed into one of six categories; news, spam, self-promotion, pointless babble, conversational and those with pass-along value.

Conversational tweets were those that bounced back and forth between two users, and those dubbed “pointless babble” were of the “I’m eating a sandwich” type.

When Pear Analytics started its short-term study, it assumed that most of the tweets would be either spam or self-promotion. This belief, it said, was driven by the growing number of firms starting to use Twitter as a tool to drum up sales.

Instead, it found that 40.5% could be classified as pointless babble, 37.5% as conversational and 8.7% as having pass-along value. Self promotion and spam stood at 5.85% and 3.75% respectively.

“With the new face of Twitter, it will be interesting to see if they take a heavier role in news, or continue to be a source for people to share their current activities that have little to do with everyone else,” said Ryan Kelly, founder of Pear Analytics, writing about its analysis.

Pear Analytics intends to repeat its study every quarter to track trends in usage.

, ,

1 Comment

Alarm sounded over game futures (BBC)

By Daniel Emery
BBC technology reporter, Edinburgh

Screenshot from Tiger Woods PGA Tour Online, EA

EA is experimenting with novel ways for players to pay for games

A stark warning about the finances of the games industry has been aired at the Edinburgh Interactive conference.

The sector had suffered “significant disruption” to its business model, Edward Williams, from BMO Capital Markets told the industry gathering.

“For Western publishers, profitability hasn’t grown at all in the past few years and that’s before we take 2009 into account,” he said.

By contrast, he said, Chinese firms were still seeing improved profits.

What makes the difference between Western firms and Chinese developers was the way they went about getting products to players.

Western publishers, said Mr Williams, still relied on the traditional develop methods of putting a game on a DVD and then selling that through retail channels.

Chinese developers focussed primarily on the PC market and used direct download, rather than retail stores, to get games to consumers.

Those Chinese developers were also helped by the low number of console users in South East Asia which meant developers there did not have to pay royalties to console makers.

Future models

Three factors, said Mr. Williams, were forcing the operating costs of Western firms to spiral upwards:

• Games are getting larger, which meant longer development time and larger staff costs.

• After its release in the 1990s the PlayStation accounted for 80% of the market. Today the console space is very fragmented, so developers have to work on many platforms at any one time.

• The cost of licensing intellectual property or gaining official sports body endorsement (such as FIFA or FIA) has gone up.

These factors, said Mr. Williams, explained the stagnation in overall profitability despite sales in the games sector increasing by $30bn (£24.17bn) over the past four years.

Recent figures suggest sales are also coming under pressure. US game sales fell by 29% in the last 12 months suggest statistics from research group NPD.

PS2 console, AP

The PlayStation no longer dominates pushing up costs for game makers

Speaking to the BBC, Peter Moore – president of EA Sports – said that while the Chinese and Western markets were still very different, he expected to see some significant changes in the way Westerners buy games in the future.

“In China, PC and mobile platforms will continue to dominate,” he said. “There isn’t the necessity to buy other pieces of hardware and it is our job to service that.”

“In Europe we are going to see more content that’s delivered electronically, be that through Steam, Xbox Live or whatever.”

Mr Moore added that while this may have some impact on retailers, the future of the high street shop was still bright, especially if you factor in sales of hardware, peripherals and game-time cards.

“The release of Tiger Woods online as a free to play experience will be the real test of the Western consumer’s appetite for digital downloading,” he said.

The game, scheduled for release in late 2009, has a segment which gamers can play for free online but can also pay for additional content as required.

Now in its sixth year, the Edinburgh Interactive Conference brings together industry figures, developers, publishers and the media to discuss issues facing the interactive game sector and to try to promote creativity.

, , ,

1 Comment

‘Many hurricanes’ in modern times (BBC)

By Richard Black
Environment correspondent, BBC News

Street in New Orleans

A New Orleans street battens down as Hurricane Gustav approaches

Hurricanes in the Atlantic are more frequent than at any time in the last 1,000 years, according to research just published in the journal Nature.

Scientists examined sediments left by hurricanes that crossed the coast in North America and the Caribbean.

The record suggests modern hurricane activity is unusual – though it might have been even higher 1,000 years ago.

The possible influence of climate change on hurricanes has been a controversial topic for several years.

Study leader Michael Mann from Penn State University believes that while not providing a definitive answer, this work does add a useful piece to the puzzle.

The levels we’re seeing at the moment are within the bounds of uncertainty.
Julian Heming, UK Met Office

“It’s been hotly debated, and various teams using different computer models have come up with different answers,” he told BBC News.

“I would argue that this study presents some useful palaeoclimatic data points.”

Washing over

Hurricanes strike land with winds blowing at up to 300km per hour – strong enough to pick up sand and earth from the shore and carry it inland.

In places where there is a lagoon behind the shoreline, this leads to “overwash” – material from the shore being deposited in the lagoon, where it forms a layer in the sediment.

Researchers have studied eight such lagoons on shores where Atlantic hurricanes regularly make landfall – seven around the US mainland and one in Puerto Rico.

Over time, Dr Mann’s team believes, the number of hurricanes making landfall on these sites will be approximately proportional to the total number of hurricanes formed – so these zones provide a long-term record of how hurricane frequency has changed over the centuries.

Hurricane Dean from space

Wind shear at altitude can prevent a tropical storm’s structure developing

The last decade has seen an average of 17 hurricanes and tropical storms in the Atlantic – earlier in the century, half that number were recorded.

But current levels were matched and perhaps exceeded during the Mediaeval Climate Anomaly (also known as the Mediaeval Warm Period) about 1,000 years ago.

“I think if there’s one standout result (from this study), it’s that the high storm counts we’ve seen in the last 10 to 15 years could have been matched or even exceeded in past periods,” commented Julian Heming, a tropical storm specialist from the UK Met Office who was not involved in the new research.

“So it’s worth feeding into the debate about whether what we’re seeing now is exceptional or something related to multi-decadal or even multi-centennial variability; and it does tell us that the levels we’re seeing at the moment are within the bounds of uncertainty.”

Different strokes

Dr Mann’s team also used a pre-existing computer model of hurricane generation to estimate activity over the same 1,500-year period.

The model includes three factors known to be important in determining hurricane formation: sea surface temperature in the tropical Atlantic Ocean, the El Nino/La Nina cycle in the eastern Pacific, and another natural climatic cycle, the North Atlantic Oscillation.

This analysis suggests, Dr Mann argues, that the hurricane peak 1,000 years ago and the current high activity are not produced by identical sets of circumstances.

Then, he says, an extended period of La Nina conditions in the Pacific – which aid hurricane formation – co-incided with relatively warm conditions in the Atlantic.

Now, the high number is simply driven by warming waters in the Atlantic – which is projected to increase in the coming decades.

“Even though the levels of activity are similar (between 1,000 years ago and now), the factors behind that are different,” said Dr Mann.

“The implication is that if everything else is equal – and we don’t know that about El Nino – then warming of the tropical Atlantic should lead to increasing levels of Atlantic tropical cyclone activity.”

, , ,

No Comments

Major US cities hail crime reduction (BBC)

By Claire Prentice
BBC News, Washington

A Washington DC police officer consults his in-car computer

In-car computers are helping DC police reduce crime rates

It is mid-morning and, despite being several hours into his shift, Officer Frank Buentello of the District of Columbia Metropolitan Police Department has not received a single call for assistance.

It was a different story when he started his police career in Washington DC 20 years ago.

“The city has really cleaned up. Even 10 years ago this street here was a crime hotspot,” he said, pointing towards bustling Columbia Road.

The murder rate in the District of Columbia is down 22% this year, with 84 murders so far in 2009.

The district is on track to have fewer killings than in any year since 1964.

It is a remarkable turnaround for an area which, as recently as 1991, was dubbed “the murder capital of the United States”.

New technology

And DC is not alone. Across America, major cities have experienced a significant drop in violent crime, a definition which includes murder, rape, robbery and aggravated assault.

They include once-notorious crime hubs like New York and Los Angeles, both of which are on track for their lowest homicide rates in 40 years.

Chicago, Boston, San Francisco, Las Vegas and Minneapolis are among other cities seeing notable reductions in murders.

Mr Buentello and DC Police Chief Cathy Lanier say a return to beat policing combined with the introduction of sophisticated new crime fighting technology are responsible for slashing DC crime rates.

We are using our pooled expertise to gain a better understanding of crime and to more precisely target the perpetrators of violent crime
Cecil Thomas
Policing expert

Inside Mr Buentello’s patrol car, a small computer, or Mobile Data Terminal, receives minute-by-minute updates of all emergency calls coming into the department along with any new information on cases under investigation or crimes taking place in the area.

Commanders also receive regular updates on their mobile phones.

On the roof of his vehicle, Mr Buentello points out a “Tag Meter” which automatically scans licence plates and identifies vehicles which are stolen or are suspected of being used in a crime.

The DC police force also uses Shot Detectors to monitor activity in parts of the city associated with gun crime.

This information is then sent electronically to officers patrolling the area.

“All of these things add up to a powerful crime fighting weapon,” said Officer Buentello. “They help us solve cases and act as a powerful deterrent.”

In New York, police send a mobile data unit to murder scenes, allowing police there to listen to emergency calls and search databases listing everyone in a certain building who is on parole.

Cincinnati police have in-car computers which allow them to use surveillance cameras to zoom in on everything happening within a known trouble area.

In New York, murder has dropped 8.8% over the last two years, and 77.2% since 1993.

It is a similar story in Los Angeles, where murder is down 20.8% in the last two years.

PhD policing

Some experts warn that police departments may be celebrating prematurely, however.

“I’m sceptical about the claim that violent crime is down because policing has got better,” says Andrew Karmen, a criminologist at the John Jay College of Criminal Justice in New York and author of New York Murder Mystery.

“The truth is that not all violent crimes are down in all cities.”

Baltimore, Denver and Dallas are among cities experiencing a higher number of homicides compared with last year.

According to experts factors contributing to a rise in crime include poverty, unemployment, the size of the police force, the efficiency of the local criminal justice system in identifying and locking up repeat offenders and whether there is an entrenched gang, drug and gun culture.

Despite some regional discrepancies, most observers agree, however, that the drop in violent crime in many cities is significant.

The trend also cast doubt on the widely-held view that crime increases during times of economic hardship.

Criminologists point out that crime rates were relatively low during the Great Depression compared with the Roaring Twenties, when there was more violence across America.

Policing expert and Cincinnati councilman Cecil Thomas worked for the Cincinnati police force for 27 years.

He said that a greater willingness to pool resources with criminologists, the FBI, other police departments and crime fighting bodies has led to more effective policing.

“We all used to be very territorial but what you are seeing now is ‘PhD policing’ – we are using our pooled expertise to gain a better understanding of crime and to more precisely target the perpetrators of violent crime,” said Mr Thomas.

Chief Lanier stresses that new technology alone cannot fight crime.

She has introduced a number of initiatives aimed at building relationships with the community, including All Hands On Deck, whereby every police officer in DC goes out simultaneously on foot patrol.

The introduction of these measures has led to a greater volume of tip-offs from the public.

“We’ll never kick back and relax and think we’ve done our work,” said Chief Lanier. “We can always do better.”

, , , ,

No Comments

Defending virtual borders (BBC)

By Mark Cieslak
BBC Click

The risk to government networks and major financial institutions from cyber warfare is increasing every day but what is being done to defend national borders?

Globe

“Cyber war” is an emerging global security risk

Estonia is an online savvy state and champion of so called ‘e-government,’ a paperless system with many government services online. The population can even vote via the web.

In 2007 a large number of Estonian government and financial websites were brought to a standstill as they came under sustained online attack.

On 4 July 2009, US and South Korean government websites and those of certain banks and businesses ground to a halt as they came under denial of service assaults. In the United States, the Pentagon and the White House were also targeted.

These cyber attacks were all initially thought to be orchestrated by countries unfriendly to Estonia, South Korea and the US and to date have been the highest profile examples of so-called cyber warfare.

Digital battlefield

Conventional warfare relies on tanks, troops, artillery, aircraft and a whole gamut of weapons systems. Cyber warfare requires a computer and an internet connection.

Professor Sommer

Professor Sommer claims that most of the attacks are over the internet

Rather than sending in the marines, the act of typing a command on a keyboard can have a devastating effect on computer systems and networks.

According to Clive Room of Portcullis Computer Security: “It is possible to bring an entire state to a standstill theoretically and we’ve seen it done on a small scale practically, so the threat ahead of us is very big indeed.”

From criminal gangs trying to steal cash, to foreign intelligence services trying to steal secrets, the threat of cyber warfare is now very real.

Nato suspects that along with the tanks and troops involved in the conflict in Georgia in 2008, Russian forces also engaged in cyber attacks against Georgian government computer systems.

Professor Peter Sommer of the London School of Economics explained that cyber warfare should just be seen as a part of modern warfare in general:

“[Carl Von] Clausewitz said war is diplomacy conducted by other means. What cyber warfare gives you is a whole range of new types of technologies which you can apply.”

Zombie machines

These international attacks are not isolated instances. Everyday government and corporate websites fend off thousands of attempts to infiltrate hack and cause disruption.

Twitter, Facebook and other high-profile sites have recently been brought to their knees by similar attacks.

The popular weapon of choice in cyber warfare is the directed denial of service attack or DDOS. Unknown to their owners, infected computers become zombie machines digitally press-ganged to do the bidding of hackers, this is known as a botnet.

My experience of doing investigations of all sizes is that very often the initial diagnosis is wrong
Professor Sommer, London School of Economics

In their thousands these zombie machines attempt to log on to a particular website, forcing it to fail or collapse under the sheer weight of data it is receiving.

The threat of cyber warfare is being taken seriously by Western governments and Nato. Online assets are being deployed to bolster national and international digital defences.

NATO has set up a cyber defence facility in Estonia codenamed K5. The American government has launched a national cyber security strategy and the UK has responded by creating two organisations, the Office of Cyber Security and the Cyber Security Operations Centre based at GCHQ in Cheltenham.

However the amount of people involved is still small, said Clive Room.

“The government’s own reckoning is about 40. About 20 people within each of those two offices.”

In comparison he estimates that there are about 40,000 people “listening in to us in China” and “working round the clock.”

For Professor Sommer, the UK has had a response to cyber warfare in place for 10 years, but “it’s been pretty hidden so far.”

“You tended to get to know about it if you were an academic or you moved in certain sort of technical circles,” he said.

“More recently because the problems got bigger and because of greater public alarm and interest they have decided to make it more public.”

Misdiagnosis

If defending against cyber warfare is tough, trying to pin point, track back and identify the origin of an online attack can be a near impossible task.

Computer mouse and keyboard

PCs inside a botnet can be forced to carry out instructions

In the case of the Estonian attacks, initial reports suggested that Russia was to blame. These allegations have been strongly denied by Russian authorities, and to date only one individual, an ethnic Russian student living in Estonia, has been fined as a result of the attacks.

For Professor Sommer, misdiagnosis is easy: “All too quickly people say they know where the attack is coming from.”

“My experience of doing investigations of all sizes is that very often the initial diagnosis is wrong.”

“If you look at the recent Korean attacks it seems, at a political level, a reasonable supposition that it originated in North Korea because they’re the people that are most active at the moment.

“On the other hand, some of the reports say at a technical level they seem to have originated here in the United Kingdom, which makes no sense. So diagnosis is quite difficult.”

However, one thing is certain: cyber warfare is here to stay.

, , , ,

1 Comment

Web attack ‘aimed at one blogger’ (BBC)

Facebook icon

Facebook was not taken completely offline by the attack

A “massively co-ordinated” attack on websites including Google, Facebook and Twitter was directed at one individual, it has been confirmed.

Facebook told BBC News that the strike was aimed at a pro-Georgian blogger known as Cyxymu.

The attack caused a blackout of Twitter for around two hours, while Facebook said its service had been “degraded”.

Google said it had defended its sites and was now working with the other companies to investigate the attack.

“[The] attack appears to be directed at an individual who has a presence on a number of sites, rather than the sites themselves,” a Facebook spokesman told BBC News.

“Specifically, the person is an activist blogger and a botnet was directed to request his pages at such a rate that it impacted service for other users.”

Botnets are networks of computers under the control of hackers.

The machines were used to mount a so-called denial-of-service (DOS) attack on Thursday.

DOT.LIFE BLOG
‘Up is down, left is right and black is white,’ a chief security researcher told me. ‘These attacks do not make sense’

DOS attacks take various forms but often involve a company’s servers being flooded with data in an effort to disable them.

“Attacks such as this are malicious efforts orchestrated to disrupt and make unavailable services such as online banks, credit card payment gateways and, in this case, Twitter, for intended customers or users,” wrote Twitter co-founder Biz Stone on his blog.

Writing on his blog, Graham Cluley of security firm Sophos said: “This raises the astonishing thought that a vendetta against a single user caused Twitter to crumble, forcing us to ask serious questions about the site’s fragility.”

Silencing tactic

It is still not known who perpetrated the attack or why they may have targeted Cyxymu and his accounts.

However, in an interview with the UK’s Guardian newspaper, the blogger blamed Russia.

Twitter status screenshot

Twitter updated users via a status page

“Maybe it was carried out by ordinary hackers but I’m certain the order came from the Russian government,” he said.

The blogger has previously criticised Russia over its conduct in the war over the disputed South Ossetia region, which began one year ago.

A previous statement by Facebook said that the attack on the websites where he held accounts was “to keep his voice from being heard”.

Other sites such as Live Journal, where Cyxymu has his blog, were also targeted in the attack on Thursday.

Only Google seems to have escaped unscathed from the attack.

“Google systems prevented substantive impact to our services,” the company said in a statement.

The company has not confirmed which services were targeted in the attack, but it is thought that its e-mail service Gmail and video site YouTube were under fire.

“We are aware that a handful of non-Google sites were impacted by [an]… attack this morning, and are in contact with some affected companies to help investigate this attack,” the company said.

Protest tool

All of the affected services were keen to stress that users’ data had not been put at risk in the attacks.

“Please note that no user data was compromised in this attack,” wrote Twitter’s Biz Stone.

Twitter CEO Evan Williams on BBC Two’s Newsnight

“This activity is about saturating a service with so many requests that it cannot respond to legitimate requests thereby denying service to intended customers or users.”

Twitter has had a meteoric rise since its launch in 2006.

A ComScore study suggests that Twitter had about 45 million users worldwide as of June 2009.

However, as many users interact with the service through mobile phones or third-party software, the actual number of users is likely to be higher.

However, that pales in comparison to Facebook, which claims to have 250m active users worldwide.

Both sites recently garnered worldwide attention when they were used by Iranians to co-ordinate demonstrations following the disputed election of Mahmoud Ahmadinejad as president.

Many protesters believed there was electoral fraud and that opposition leader Mir Hossein Mousavi should have won.

Twitter chose to delay upgrade work during the protests to allow communication to continue.

In a BBC interview, co-founder Evan Williams denied the move had been a response to a US state department request.

, , ,

No Comments

China’s computers at hacking risk (BBC)

By Jonathan Fildes
Science and technology reporter, BBC News

Screen grab of blocked website
The system reportedly blocks legitimate as well as banned content

Every PC in China could be at risk of being taken over by malicious hackers because of flaws in compulsory government software.

The potential faults were brought to light by Chinese computer experts who said the flaw could lead to a “large-scale disaster”.

The Chinese government has mandated that all computers in the country must have the screening software installed.

It is intended to filter out offensive material from the net.

The Chinese government said that the Green Dam Youth Escort software, as it is known, was intended to push forward the “healthy development of the internet” and “effectively manage harmful material for the public and prevent it from being spread.”

“We found a series of software flaws,” explained Isaac Mao, a blogger and social entrepreneur in China, as well as a research fellow at Harvard University’s Berkman Center for Internet and Society.

For example, he said, tests had shown that communications between the software and the servers at the company that developed the program were unencrypted.

Mr Mao told BBC News that this could allow hackers to “steal people’s private information” or “place malicious script” on computers in the network to “affect [a] large scale disaster.”

For example, a hacker could use malicious code to take control of PCs using the software.

“Then you have every computer in China potentially as part of a botnet,” Colin Maclay, also of Harvard, told BBC News.

A botnet is the name given to a network of hijacked computers that can then be used to pump out spam or launch concerted attacks on commercial or government websites.

No one from Jinhui Computer System Engineering, the company that developed Green Dam, was available for comment.

‘Naked pig’

The software has also caused a backlash amongst privacy experts, academics and some Chinese citizens. It has also raised the scorn of the blogosphere inside the country who feel the system is no match for tech-savvy teenagers.
internet bar in Beijing on June 3, 2009
Every new computer in China will have the software installed

One blogger posted a screenshot of the software purportedly blocking an attempt to visit a porn site using Microsoft’s Internet Explorer.

But, he said, there was no problem accessing the site using the Firefox web browser.

Others have reported that the system only runs on Microsoft Windows, allowing Mac and Linux users to bypass the software.

It is thought that at least 3m computer users have already downloaded the software, opening them up to potential security problems.

Another formal study by the Open Network Initiative into the risks posed by the software is expected soon. However, many people in China who have been forced to use the software are already reporting other problems.

For example, the system reportedly blocks legitimate as well as banned content. It is designed to identify the proportion of skin colour in a picture to determine whether it is pornography.

But comments on a bulletin board run by the software company that designed the system, suggest the system does not work perfectly.

Once you’ve got government-mandated software installed on each machine, the software has the keys to the kingdom
Professor Jonathan Zittrain

“I went on the internet to check out some animal photos. A lovely little naked pig was sent onto the black list. Pitiful little pig!,” read one comment.

“I was curious, so I looked up some photos of naked African women. Oh, they were not censored!”

Another message read: “We were ordered to install the software. So I have to come to this website and curse. After we installed the software, many normal websites are banned.”

The forum was taken down after it was seemingly flooded with complaints. A message on the site said says it is being “upgraded”.

Mr Mao told BBC News that they believed there was a new guideline from the country’s central propaganda department “to comb all media and online forums to block critics and discussion over the issue.”

Firewall flaw

The government may be keen to shut down discussion to quell rumours that the system could be used to monitor its citizens.

“Once you’ve got government-mandated software installed on each machine, the software has the keys to the kingdom – anything can be logged or affected,” said Professor Jonathan Zittrain, also of Harvard’s Berkman Center.

Virtual Police

Virtual police patrol China web

“While the justification may be pitched as protecting children and mostly concerning pornography, once the architecture is set up it can be used for broader purposes, such as the filtering of political ideas.”

In particular, the system could be used to report citizens’ web habits.

“It creates log file of all of the pages that the users tries to access,” Mr Maclay told BBC News.

“At the moment it’s unclear whether that is reported back, but it could be.”

A twitter user in China claims that the software transmits reports to Jinhui – the maker of the software – when the user tries to access blacklisted websites.

However, Zhang Chenmin, general manager of the developer of Green Dam, told the China Daily newspaper last year: “Our software is simply not capable of spying on internet users, it is only a filter.”

Although many countries around the world routinely block and filter net content, China’s regime is regarded as particularly severe.

“There is no transparency about what they are blocking,” said Mr Maclay.

Free speech campaigners are concerned that the list could be tweaked to suits the government’s aims.

Recently, there has been a web black out across China in advance of the 20th anniversary of the Tiananmen Square massacre.

Website such as Twitter and the photo-sharing site Flickr were blocked in an attempt by the government to prevent online discussion on the subject.

However, some users were able to bypass the filters to distribute pictures and commentary including links to photos of plain-clothes policemen blocking the lenses of foreign journalists with their umbrellas.

The country is able to take action like this because it already has a sophisticated censorship regime, including the so-called Great Firewall of China. However, it is known to have some flaws.

A 2007 study by US researchers showed that the system was much more porous than previously thought.

It found that the technology often failed to block content banned by the Chinese government, allowing web users to browse unencumbered at least some of the time.

Filtering and blocking was “particularly erratic”, they said, when large numbers of people were online in China.

Despite the failures, the researchers said, the idea of the firewall was more effective than the technology at discouraging talk about banned subjects.

This kind of social pressure was also key to another tactic used by the Chinese government to make sure its citizens only use sanitised portions of the web.

In 2007, the government introduced virtual policemen that pop-up onscreen when web surfers visit many of China’s popular website to remind them to stay away from illicit content.

In addition, the government expects internet service providers in China to actively monitor and censor published content, such as blogs.

Experiments have suggested that this approach is hit-and-miss, with some organisations more proactive than others.

However, these systems, combined with the new software, will allow the Chinese government to sanitise the web for most of the 300m of China’s population of 1.3bn have access to the net.

“I think this is intended as a sort of belt-and-braces approach, said Professor Zittrain.

, , ,

1 Comment