Ad: Manage updates with the Download App

security

Church of Scientology responds to Internet attacks

After several days of Internet attacks by a group calling itself Anonymous, the Church of Scientology has responded with a comment about the posting of one of its videos. A response on Friday evening from the Church of Scientology did not address CNET News.com's specific request for comment on the denial-of-service attacks themselves. Instead, Karin Pouw, public affairs director for the Church of Scientology, focused on the leak of a Tom Cruise video on YouTube earlier in the week. The response reads, in full:

As the Church previously announced, the pirated and edited excerpts of Mr. Cruise were … Read more

Developing story: MySpace security breaches

What's more worrisome than a public MySpace page? A page that the user only thinks is private. I was just alerted to several stories by Kevin Poulsen of Wired News that publicize recent security breaches on MySpace.

Poulsen reported on January 17 about a MySpace Bug that leaks "private" teen photos to voyeurs. He wrote, "A backdoor in MySpace's architecture allows anyone who's interested to see the photographs of some users with private profiles--including those under 16--despite assurances from MySpace that those pictures can only be seen by people on a user's friends list. Info about the backdoor has been circulating on message boards for months."

These message boards include self-described groups of "pedos" who hacked into underage-girls' private MySpace profiles. According to Poulsen, one poster reported successfully pilfering photos from a randomly chosen 14-year-old girl, "It worked and I was shown her pictures. Now lets see some naked sluts."

On January 18, Poulsen updated the story to say that the next day, MySpace quietly fixed that back-door bug, without publicly acknowledging the problem, even though users' profiles had been vulnerable for months. … Read more

Whose Internet is it anyway?

This week we've seen two Internet events that are more alike than dissimilar. On Wednesday, an Estonian court convicted a 20-year Russian for his part in last spring's distributed denial-of-service (DDoS) attacks on that nation. On Thursday, word of mounting DDoS attacks on the Church of Scientology spread. Ultimately, both events could have larger repercussions.

The attack on the Estonian Web sites was prompted by an Estonian government plan to move a statue and grave sites honoring Russian-Estonians who died fighting the Nazis. Gadi Evron of Beyond Security said at last year's Black Hat USA that he … Read more

Technical aspects of the DDoS attacks upon the Church of Scientology

Dr. Jose Nazario of Arbor Networks has been looking at the technical side of the distributed denial of service (DDoS) attacks upon domain registered to the Church of Scientology International. In general he finds that while there have been a lot of DDoS attacks, the early ones were mild. They were, however, stronger than the DDoS attacks upon various Estonian sites last spring. As a protective measure, the Church of Scientology has since moved its domain to a more protected space.

Prior to the move, Nazario found that on January 19, there were 488 DDoS events, all of which appear … Read more

Anonymous steps up its war with Scientology

A group of vigilantes--calling themselves Anonymous, or Anon--are escalating their attacks against the Church of Scientology in what they consider to be Internet censorship by issuing new video challenges. In one video posted to YouTube, Anonymous addresses the many news organizations covering the war, stating that the group has been watching. While the individuals behind the effort generally support the coverage, they also severely fault the media.

"We find it interesting that you did not mention the other objections in your news reporting. The stifling and punishment of dissent within the totalitarian organization of Scientology. The numerous, alleged human … Read more

Microsoft claims Vista more secure than XP, OSX and Linux

After a few days off from blogging it's always nice to see that Microsoft has provided some fodder. Today it's an impressive array of lies, damn lies, and statistics about security. They even made some nice charts!

You don't need my commentary...the Gizmodo guys nailed it:

In every category, Vista is either the lowest, or tied for the lowest. And since your argument seems to boil down to the logic: the less vulnerabilities, the less fixes, the more secure, Vista wins. Of course, from what our tiny brains make of the case, such an argument doesn'… Read more

Anonymous hackers take on the Church of Scientology

A copyright violation claim by the Church of Scientology against the posting of one of its videos to YouTube has prompted a full-on assault by a group calling itself Anonymous.

The video, in which Tom Cruise proclaims, in part, that Scientologists are the only experts on the mind, was pulled by YouTube over the weekend at the request of the Church of Scientology as part of a long-standing effort to keep copyrighted material from appearing on the Internet. Other sites have since posted the Cruise video in full.

In response to the take-down of the Cruise video, a group of … Read more

Winny Trojan author arrested in Japan

On Thursday, Japanese authorities announced the arrest of a college student and two associates who are alleged to have written and distributed a Trojan horse via a popular peer-to-per network.

Because Japan currently lacks computer crime laws, the three (whose names were withheld) were instead arrested on copyright violations. Between October and November of 2007, the author of a Trojan known as Harada used images of a popular anime character to entice users of the Winny P2P network to download the malware.

Computers infected with one strain of Harada displayed a message saying, "You're already dead. Come here. … Read more

First conviction for Estonia's 'cyberwar'

A 20-year-old Russian has been convicted for organizing some of the attacks on Estonia's government sites during spring 2007, the Agence France-Presse reported on Thursday.

"Dmitri Galushkevich is the first hacker to be sentenced for organizing a massive cyberattack against an Estonian Web page," Gerrit Maesalu, spokesman for the regional prosecutor's office in northeast Estonia, told the AFP. Galushkevich was fined 17,500 krooni (about $1,600). He admitted his guilt, said Maesalu.

The distributed denial of service (DDoS) attacks, which some security experts have alternatively called a flash mob or the first-ever cyberwar, was prompted … Read more

Juniper gets by with a little help from its friends

Unlike other tech industry chief executives, Scott Kriens of Juniper Networks is refreshingly candid and pragmatic.

Despite the fact that Juniper revenue exceeds $2 billion annually and the company's market cap is nearly $13 billion, Kriens recognizes that Juniper just can't match Cisco Systems' product depth, global sales reach, and resources. Kriens still believes that Juniper can compete by following a simple formula: 1. Pick the technical battles it can win; 2. Stay ahead of the industry on innovation and performance; and 3. Acquire and/or partner to supplement Juniper's value.

Kriens' business strategy will be in … Read more