Beautiful pictures of a nature
Wednesday 18 January 2012
China to extend controls over internet microblogs
China says it plans to compel more users of internet microblogs - similar to Twitter - to register with their real names.
The internet regulator, Wang Chen, said pilot schemes in five Chinese cities would eventually be extended.
Name verification would become standard for new users, he said, and would be required of existing users later.
China's microblogs often highlight official misconduct, but the government says some spread malicious rumours.
Critics say real-name registration is an attempt to deter negative comments about the government and to make it easier to trace the authors of such postings.
Microblogs quadrupled
Twitter - along with Facebook - is banned in China, and the internet is strictly controlled to block content that the authorities deem offensive or politically unacceptable.
But microblogs, or weibo - short-message services similar to Twitter - have become hugely popular. The number of microblog users quadrupled in 2011, according to a think-tank report, with nearly half of China's 513 million internet users accessing weibo sites.
In December 2011 several Chinese cities, including Beijing and Shenzhen, began requiring weibo users to register with their real names before posting comments online.
The December regulations affected millions of microbloggers using the largest weibo companies, Sina, Sohu and Tencent, which are based in those cities.
Wang Chen, the minister in charge of the State Council Information Office, told reporters in Beijing that real-name registration would be extended to other areas once the pilot programmes had proved successful.
Name verification would be standard for new users, he said, while existing users would be required to register later.
'Harmful information'
"On the one hand, microblogs can reflect the social situation and public opinion, and broadcast a positive public voice," Mr Wang was quoted as saying by Reuters news agency.
"At the same time, microblogs... can make it easy to disseminate a few irrational voices, negative public opinion and harmful information."
In 2011, events such as the Wenzhou high-speed train crash and mass protests in Dalian and Wukan quickly achieved national prominence through weibo, where messages and images can be forwarded thousands of times.
Analysts say the Communist authorities in Beijing have become increasingly concerned about the speed with which weibo can spread information not controlled by official media.
Advocates of free speech have described the latest measures as an attempt to inhibit online discussion as China embarks on a year of political transition in 2012.
Tuesday 17 January 2012
Facebook Koobface worm 'hacker gang named'
Alleged cybercriminals behind an internet worm, which spread via Facebook and other social networks, have been named.
The suspected gang were tracked down to St Petersburg after an investigation by Facebook and cybersecurity researchers.
The worm gave the gang control of hundreds of thousands of computers.
While not the largest such network of hijacked machines or "botnet", the so-called Koobface worm is notable for its targeting of social networks.
The security company Sophos published details of an extensive investigation into Koobface on its blog.
The report, based on work by independent researcher Jan Dromer, and the firm's Dirk Kollberg, details how the suspects were tracked down.
Graham Cluley, a senior technology consultant at Sophos, told the BBC he believed they had identified the right people: "We're pretty confident. I mean obviously we have to assume these people are innocent until proven guilty
"It's very difficult to be 100% certain of these things. Of course it's always possible that someone could be trying to frame these people, but the evidence feels pretty strong to us. Certainly there's enough evidence to investigate these people."
None of the alleged gang members have been arrested or charged with offences connected to Koobface.
The BBC attempted to contact members of the group via a business linked to the gang but was unsuccessful.
Security researchers say Koobface became active in 2008.
The worm spread through social networks, presenting users with bogus links to online videos.
The links encouraged users to install a copy of the Koobface malware masquerading as a Flash update.
The worm was even able to create fake social networking profiles able to propagate the malware.
"It can create Facebook accounts and then use those accounts to start sending links to people," Mr Cluley said.
Researchers believe that up to 800,000 machines could have been infected by the worm.
Facebook is expected to share details of the gang with security and internet companies later.
Mr Cluley is aware that publishing details of the suspects will affect the inquiry into their activities: "These sort of investigations can take years. I think in an ideal world then these identities wouldn't have become public knowledge. But the cat is out of the bag now and we have to take a different tactic.
"We've been sharing this information now for a couple of years with law enforcement agencies in the USA, UK and Germany who've been working with their Russian colleagues. What we really need now is some way to stop them [the gang] taking advantage of people," he said.
Money trail
Clues discovered on the server used to control machines hijacked by the Koobface worm helped researchers track the gang down.
The Sophos report suggests that, far from maintaining a low-profile, the alleged cybercriminals were able to hide in plain sight. Researchers were even able to closely follow the cybercriminals movements via social networking sites according Mr Cluley: "They are all over the internet. We were able to track them on the likes of Foursquare so we could actually track some of them hour by hour."
The company estimates the gang was making in the region of $2m every year. But Mr Cluley says that the cybercriminals' desire to keep an eye on their earnings assisted the researchers.
"They were receiving daily SMS updates on how much money they were making, because we saw that - we could also see their phone numbers."
He says there is some frustration at the slow response of the authorities: "It's pretty well known who they are now, we just need the Russian police to go and investigate this and stop them."
Facebook was not available for comment, however speaking to the New York Times, Joe Sullivan the firm's chief security officer said people who engaged in this type of cybercrime "need to know that their name and real identity are going to come out eventually".
Yahoo co-founder Jerry Yang resigns from its board
Jerry Yang, the co-founder of Yahoo!, has resigned from its board.
Mr Yang founded the online company in 1995 with David Filo and was its chief executive from June 2007 until January 2009.
His resignation comes two weeks after the company hired former PayPal executive Scott Thomson to be its new chief executive.
Mr Yang annoyed some shareholders by turning down a $47.5bn (£31bn) takeover offer from Microsoft in 2008.
The company's current market value is about $20bn.
Mr Yang has also resigned from the boards of Yahoo Japan and Alibaba Group and said in a statement: "The time has come for me to pursue other interests outside of Yahoo!".
He also expressed support for the company's current management.
"I am enthusiastic about the appointment of Scott Thompson as Chief Executive Officer and his ability, along with the entire Yahoo! leadership team, to guide Yahoo! into an exciting and successful future," he said.
Yahoo! shares rose 3.4% in after-hours trading.
Some analysts had seen Mr Yang as an impediment to the sale or restructuring of the business.
"This is clearly a positive. It provides a more objective and unemotional approach to strategic alternatives," said Brett Harriss at Gabello & Co.
"It's also good for the new CEO. He has one less entrenched legacy board member to resist his vision."
In addition to leaving the board, Mr Yang is also giving up his title of "Chief Yahoo".
"While I and the entire board respect his decision, we will miss his remarkable perspective, vision and wise counsel," said Yahoo! chairman Roy Bostock.
Monday 16 January 2012
Hackers spread malware via children's gaming websites
according to a leading anti-virus firm.
Avast says it detected malware threats at more than 60 sites that contained "game" or "arcade" in their title, in the 30 days running up to 12 January.
It says the pages tried to download Javascript infections, redirectors and potentially unwanted software.
The Czech company says that young children are often less careful than adults about what they click on.
"These are sites with mini-games, including flash applications and simple online apps - one example is software that allows girls to dress and change the clothes of characters," Ondrej Vlcek, the firm's chief technical officer, told the BBC.
Avast says the most visited site affected - cutearcade.com - had generated more than 12,600 infection reports from its protection software as of last week.
The company says a Trojan on the site had redirected users to linuxstabs.com, a known distribution point for malware.
Cutearcade.com's owner Two Point Oh, registered to the British Virgin Island of Tortola, did not respond to requests for comment.
At the time of writing the site no longer triggered a malware warning.
The webmaster of one of the other sites flagged up by the study said he believed that third-party adverts might have been to blame.
"I have checked my site in and out for malware and have none," said Eric Smith, webmaster of hiddenninjagames.com.
"I have also checked Google Webmaster tools and it shows no malware. I'm not sure why my website has been targeted for this, I am assuming there may have been malware in the Google Adsense advertisement on my site when Avast checked it. That's the only thing I can think of."
Exploit packs
Avast says it believes most of the sites affected are legitimate businesses that have fallen victim to hackers, and had not been deliberately created to spread malware.
It bases this judgement on the fact that affected pages had been online for months or years before its anti-virus software began detecting threats.
The company believes that hackers have taken advantage of "active components" used to run the sites' forums or chat facilities to spread their malware.
It notes that "exploit packs" are sold online, meaning the hackers responsible might not have needed advanced coding skills.
"I believe that children's computers are more vulnerable to attacks because they are usually in worse shape - in other words the owners are less likely to have the latest security updates installed," said Mr Vlcek.
"The child may also be less suspicious that something wrong is happening than an adult would be. For example if a spam-bot infects the computer and keeps sending out spam emails for a long time a young child might not notice it going on."
Parental supervision
In October last year Security News Daily reported a similar problem affecting children's games on more than half a dozen Chinese websites.
Avast's research suggests the problem has become more prevalent since then.
"This report highlights the need for children and young people to be made aware of the potential security risks associated with free online gaming sites," said Dr Joanne Bryce from the cyberspace research unit at the University of Central Lancashire.
"Whilst it is unclear whether these sites for young people are being deliberately targeted, the possibility of computers being infected with viruses or malware may not be something of which young people are fully aware.
"This is an issue that parents should discuss with their children, and also highlights the need for them to ensure that they regularly update the anti-virus and other security software on their children's computers."
Subscribe to:
Posts (Atom)