Tag Archive: web traffic


Government Internet Surveillance in the USA

Filed Under: Internet
Dec.05, 2009

Surely, this doesn’t happen, I mean people monitoring ordinary peoples web browsing in the USA.  Well if you don’t believe me I’d like to tell you briefly about a room, and not just an ordinary room – this room has sparked a scandal.

In case you’ve never heard of this infamous room, I’ll tell you briefly about it.  It has quite an unremarkable name, it’s simply called room 641A and is probably the most famous room in San Francisco for many people.  The room sits in a building owned by AT&T, which was primarily an internet switching centre.  This centre is an important part of the internet backbone and a huge amount of internet traffic flows through the network infrastructure housed here.

At this point it is necessary to introduce Mr Mark Klein, who was a technician employed by At&T for many years.  He witnessed the setting up of room 641A and slowly realised what he had seen, he also obtained documents detailing this facility.   These documents Mr Klein bravely passed onto the press and the Electronic Frontier foundation.

So what did he witness, what was so important about this single small room?   Well I’ll tell you it was set up by the NSA (National Security Agency) and the entire internet feed that passed through this facility was split and a copy sent to this room.  We are talking huge amounts of data, your web traffic and mine, from all over the world.  In this room there existed the equipment to analyse and intercept.

Here was the evidence that covert surveillance (or spying if you prefer) was being undertaken over general internet traffic.  That is all our traffic, not just suspects but ordinary internet citizens of the world.  How did they filter, what did they do with this traffic – who knows?

What is likely that all across the US and in fact the world there are many, many room 641As. If you think you have some anonymity on the internet, I’d think again.

Tags: , , , , , , , , , , , , , ,
read more

Protection for Mac and Linux computers: genuine need or nice to have?

Filed Under: Computers
Nov.02, 2008

The current threat

The sheer number of desktops, laptops, and servers running Windows makes them an easy and readily available target for malware writers and spammers. Assessment of an organization’s requirements for protection against viruses, spyware, Trojans, and worms has therefore tended to concentrate on the Windows environment. Meanwhile, the network security risk arising from unprotected non-Windows computers has sometimes been downplayed or overlooked altogether.

The need to protect the gateway from malicious code – whatever the operating system – is pretty well accepted. However, acceptance is not clear-cut over endpoint protection, as most malware continues to target Windows platforms, with only a tiny proportion being created specifically for Mac and Linux platforms.

The fact that most malware continues to be written for Windows computers encourages the argument that investment in protection for non-Windows computers at the endpoint is unnecessary. So why, then, is it important for organizations to protect non-Windows computers?

Essentially there are four reasons:

Although there are comparatively few non-Windows viruses, the ones that do exist represent real threats.

Linux servers are a target for hackers who use them as a means of connection to attached Windows computers.

Non-Windows computers can and do harbor and deploy the much more widespread Windows malware.

Government and industry regulations increasingly oblige organizations to put anti-malware protection on all computers, whether or not that organization agrees there is a risk.

Non-Windows malware

Vulnerabilities on any platform are liable to exploitation. This is increasingly true as virus writers, spammers, and hackers join forces to steal data and money from unsuspecting businesses through spyware, phishing, and similar attacks. Vendor-issued security patches to eliminate system vulnerabilities are as likely to be published for Mac and UNIX operating systems as they are for Windows. While these might currently be issued less in response to an actual exploitation of vulnerability and more as a proactive measure, the need for patching illustrates the fact that non-Windows operating systems do exhibit vulnerabilities. These can be – and have been – exploited.

The fact that most malware continues to be written for Windows computers encourages the argument that investment in protection for non-Windows computers at the endpoint is unnecessary

So the risk of infection on non-Windows platforms is not to be dismissed out of hand. The relatively low number of viruses, Trojans, worms, and spyware attacks on non-Windows environments does not reflect an inability to create viruses for these operating systems, rather a greater interest in targeting Windows with its vast user base.

However, as the following examples show, there is real interest from some in targeting Mac and Linux platforms:

OSX/Leap-A The first piece of malware for Mac OS X arrived in February 2006 and uses the iChat instant messaging system to spread itself to other users – in a similar way to an email or instant messaging worm on Windows.

Linux/Rst-B This virus was first detected in February 2002, and is the virus that Linux users are most likely to encounter today, as it replicates on up-to-date distributions. It infects hacking tools used to gain access to Linux servers. During a recent three-month period, about 70% of hacking tools downloaded by hackers to one honeypot was found to be infected with Linux/Rst-B.1

OSX/RSPlug-A This Trojan, the first piece of financially motivated malware for Mac, changes DNS server settings to gain control of HTTP traffic with the aim of redirecting web traffic to malicious sites. It was first detected in November 2007.

OSX/Hovdy-A Discovered in June 2008, this Trojan can steal passwords, open firewalls to give hackers access, and disable security settings on Mac OS X computers.

The attraction of Linux servers

Hackers target servers as a means to gain control over a network of computers, and it is very common for Windows networks to include a server running UNIX or Linux. Vulnerabilities, such as a weak SSH password, can allow hackers to convert a Linux server into a botnet controller, and install malware that will compromise desktop Windows computers. These botnets of hijacked, zombie computers are then used to steal information, send spam – indeed, 90% of spam comes from botnets – or to launch Denial

Tags: , , , , , , , , , , , , ,
read more
Powered by Wordpress and Motion by 85ideas.