Why would Big Brother bother watching you if he can get his best buddies to keep tabs on your activities for him? While a recent announcement that eight major ISPs would voluntarily implement measures to combat cybersecurity threats seems relatively benign enough (and probably even downright helpful), those same ISPs will start policing their pipes another way by July 12; by then, most Internet service providers are becoming a copyright rent-a-cops for the RIAA and MPAA. What ever happened to the dumb tubes idea?
Even as Microsoft’s busy pulling the curtain back on its upcoming Windows 8 operating system, somebody’s trying to shove Linux, the open-source OS alternative, into a bag and toss it into a river. A couple of weeks ago, we reported that kernel.org, a Linux source code repository, fell victim to a hack attack that compromised users of the site (but not the Linux source code itself). Now, other Linux websites find themselves under assault, too.
The LulzSec ship may have sailed off into the sunset, but Anonymous lives on and continues hitting government and corporate targets while flying the flag of the #AntiSec movement. After laying the smack down on the Arizona police and IRC Federal last week, Anonymous' hit the servers of military contractors Booz Allen Hamilton. In an stunning display of jackassery that proves that Anon does not, in fact, support our troops, the group released a torrent containing 90,000 military email addresses and passwords that it swiped from BAH's databases.
Another day, another hacking story. If you thought the recent disbanding of LulzSec meant an end to the daily exploit updates, you thought wrong; plenty of other groups are wrangling for Lulzsec's crown as king of the headache-causing chuckleheads. Today's facepalm-inducing report involves a group called Inj3ct0r Team, who claim to have sneaked into a backup NATO server while waving the flag of Operation AntiSec, an anti-security movement popularized by LulzSec and Anonymous.
When lulz-seeking hackers aren't busy reincarnating Tupac on PBS and taking down government websites worldwide, they always seem to turn their attention to videogame companies. We're not quite sure what the grudge is, but Sony, Nintendo, Minecraft, Bethesda, Sega, BioWare and scads of other gaming targets have been hacked in one way or another. Pretty much the only major player unaffected thus far has been Microsoft. In fact, the company's even profited from the rash of attacks as gamers bailed the PlayStation in droves. So what does Microsoft think of all the recent troubles from its seat on the sidelines?
It wouldn’t be another week without some sort of Facebook privacy snafu. This time it’s all about facial recognition, and Facebook’s apparent assumption that you wanted it turned on. The facial recognition technology was announced last year, but did not roll out to all users. Now the option is turning on for many users around the world, and it defaults to “enabled”.
Microsoft’s story is the NSA helped Microsoft with the “Security Compliance Management Toolkit.” The toolkit, which rolled out after Windows 7, allows enterprises, government agencies, and large-scale organizations the ability to manage levels of security risk beyond those of regular users. The NSA is a happy partner in such ventures because of its concerns for cybersecurity.
But there lurks behind the story the NSA’s need for gathering intelligence, which a backdoor into an OS would greatly aid. Cisco, for example, has built into it’s products, such as its Internetworking Operating system (ISO) and VoIP lines, lawful intercept capabilities. (Which require a court order.) It’s not a big leap to conclude that perhaps Microsoft might have done the same.
Some have questioned the wisdom of Microsoft’s working with the NSA, including Marc Rothenberg, the executive director of the Electronics Privacy Information Center (EPIC). Said Rothenberg: “The key problem is that NSA has a dual mission, COMPUSEC, computer security, now called cyber security, and SIGINT, signals intelligence, in other words surveillance.” He added that it might be tough for any company, even Microsoft, to turn down an NSA “suggestion” for a backdoor.
Roger Thompson, chief research officer of AVG, sides with Microsoft. “I can't imagine NSA and Microsoft would do anything deliberate, because the repercussions would be enormous if they got caught,” said Thompson.
For now, Microsoft says it isn’t there. Whether that curbs your paranoia or not is another matter entirely.
President Obama on Friday announced plans to develop a cybersecurity office in the White House to combat against cyber threats. As part of the plan, the President said he would himself name a "cyber czar" to head up the operation.
"A lot of the things that were discussed [Friday] morning have been said before, but it is a very big deal when the President says them," said President Larry Clinton of the Internet Security Alliance.
Citing a recent survey, President Obama said that cyber crime has cost Americans more than $8 billion over the past years, with the worldwide cost of stolen intellectual property estimated to be in the vicinity of $1 trillion. He also talked about hackers gaining access to campaign computers when he was running for President.
"It's not clear this cyber threat is one of hte most serious economic and national security challenges we face as a nation," Obama said. "We're not as prepared as we should be, as a government or as a country."
You can view the 16 minute video of what President Obama had to say right here.