Europol ain't gonna take no more... well they won't after the proper legislation gets through.

A ground breaking experiment in “crowd sourcing”, as Wainwright terms it, will soon be necessary as the extent of the continent’s cybercrime problem is often underestimated in the EU.

Speaking in the UK to a House of Lords sub-committee he warned that criminal gangs are becoming more sophisticated in their use of technology, which was spreading into the world of “offline” crime such as drug and people trafficking and VAT fraud, which netted criminals in the €100 billion last year alone.

Wainwright, a former senior official with the UK’s Serious and Organised Crime Agency, said Europol was stepping up its fight against internet-based crime ahead of the opening of a planned cyber crime centre, funded by the European Commission.

Europol already had a “dedicated intelligence project designed to identify the most significant cyber criminals operating in Europe”, Wainwright told the committee.

The BBC reports that he said the next stage was to launch an “internet crime reporting online system”. This initiative, originally conceived by the French Presidency of the EU in 2008, would, for the first time, “collect all internet crime reported online at a national level, in a harmonised way across the EU,” he told the committee. It would have the ability to alert police in the 27 member states to “connections between different investigations”.

“For the first time the EU will have a comprehensive overview of reported cyber crime from within its own borders and this could even include, in the future, a component of direct engagement with the public,” said the Europol chief.

Europol strategic analyst Victoria Baines later explained to BBC News that the organisation was interested in eventually using a form of “crowd sourcing” to gather examples of suspected cyber crime so it could build up a fuller picture of illegal activity.

This would involve concerned net users scouring the net for possible examples of crime and reporting it, possibly through a dedicated website.

Ms Baines said the idea was to raise awareness of crimes such as the “online solicitation of children”, payment card transaction fraud or “social engineering”, in which people are tricked into giving their passwords or other personal details. Then from there, they can “empower citizens not only to look out for themselves but to report criminal activity”.

The crowd sourcing plan is in its embryonic stages, and will depend on the setting up of the European cyber crime centre, which is planned by 2014, if funding can be secured.

However, Wainwright told BBC News he was keen to “scope out” crowd sourcing and saw it as a potentially vital part of the war on cyber crime.

BitDefender said it had detected infections contained in the news feeds of around 20% of Facebook users, though Facebook said it already had steps in place to identify and remove malware-containing links. “Once we detect a phony message, we delete all instances of that message across the site,” the site said in a statement.

BitDefender arrived at its figures by analysing data from 14,000 Facebook users that had installed a security app, called safego, it makes for the social network site. In the month since safego launched, it has analysed 17 million Facebook posts, said BitDefender.

The majority of infections were associated with apps written by independent developers, which promised enticements and rewards to trick users into installing the malware, BitDefender said. According to a BBC report, these apps would then either install malware used for spying on users or to send messages containing adverts to the users’ contacts.

Rik Ferguson, a security researcher for anti-virus maker Trend Micro was cornered for some comment by the Beeb, and he remarked on how social networking sites are being targeted more and more by those producing malware (considering the spammy tweets we got today and yesterday we can well believe him too).

“Because social networks are based on a community of people you trust, they’re an attractive target for malware writers,” said Ferguson, who didn’t however explain the missing ‘c’ in his forename. “You’re more likely to click on a link from someone you trust.”

We would say be more wary, but a lot of these possible cases of malware are blindingly obvious if you have any clues about your friends’ personalities. If the Entombed-loving, gamer you’ve known for 15 years has something like ‘Cutest thing ever’ posted up under their name, with a link to go with it, you can be pretty sure they haven’t made a life choice and this is spam of the highest order instead.

Keep vigilant, and know your mates essentially.

Just when you thought it was safe to go back into Iran’s nuclear power stations…

To be fair, we would have thought that a dangerous piece of software available on the black market would only fall ‘into the wrong hands’. Though maybe there are some charity workers and war heroes operating on the black market as well. Who knows. Anyway… on to the story.

The Stuxnet worm first came to the attention of security experts in the middle of the summer, with many believing it may have been designed to target critical infrastructures and computer systems, such as sanitation plants and food distribution networks.

There is evidence to suggest that the virus has already been used to disrupt Iran’s nuclear power stations. While, there is major fear that the software may be used as part of an attack on banking systems or business-critical systems for financial gain, or to commit acts of terrorism.

Security experts fear that the worm could be used to shut down the 999 emergency system, disrupt hospital systems and equipment, or cause problems with transport networks, banking systems or power plants as well according to a report in today’s Telegraph.

The sheer complexity of the Stuxnet worm has lead some experts to speculate that it could be an act of cyber terrorism, a virus written and sanctioned by one country with the aim of impacting the infrastructure of another. “It is believed to be the first computer virus aimed at causing physical changes in the real world,” added The Telegraph.

Stuxnet can be used to reprogram software to force a computer to carry out different commands. It can be transferred between machines by USB memory stick, which means that even computers that are not connected to the internet for security reasons are still susceptible to it.

However, some security specialists have cautioned that over-emphasising the threat posed by Stuxnet could distract people from current instances of cyber crime. Despite that advice, expect this one to run and run… and stay away from that black market kids.

Spot of bother for Android users ahoy.

The discovery comes courtesy of security expert Thomas Cannon who, instead of playing five-a-side, shooting ducks or collecting antiques in his spare time, used his downtime to investigate his hunch that there may be a significant fault in Android’s armoury. The vulnerability, he said, is present because of a “combination of factors”, and in a recent blog post he listed those factors as follows:

• The Android browser doesn’t prompt the user when downloading a file, for example “payload.html”, it automatically downloads to /sdcard/download/payload.html
• It is possible then, using JavaScript, to get this payload to automatically open, causing the browser to render the local file.
• When opening an HTML file within this local context, the Android browser will run JavaScript without prompting the user.
• While in this local context, the JavaScript is able to read the contents of files (and other data).

Essentially the then browser can run JavaScript and provide read access to the files without letting users know. Then, once the JavaScript has the contents of a file it can post it back to the malicious website.

“This is a simple exploit involving JavaScript and redirects, meaning it should also work on multiple handsets and multiple Android versions without any effort,” says Cannon’s blog post, though he does admit though that the effect may be limited as it’s only possible to retrieve data from the SD card on smartphones if the directory path is already known.

“However, a number of applications store data with consistent names on the SD card, and pictures taken on the camera are stored with a consistent naming convention,” said Cannon. That means hackers can easily access the data.

As The Inquirer notes, though Cannon used Android 2.2 on an HTC Desire smartphone for proof of concept, the exploit will work on any smartphone running any version of Android. However, the flaw runs in the Android sandbox so it’s not a root exploit and thus can’t be used to steal any file from a phone, only those on the SD card.

All will hopefully be sorted out soon, with Cannon revealing that he notified the Android Security Team on 19-Nov-2010 and they responded within 20 minutes and started an investigation into the issue. “They have since updated me to say they are aiming for a fix to go into a Gingerbread maintenance release after Gingerbread (Android 2.3) becomes available. I have been advised that I can also mention an initial patch has already been developed, which is being evaluated,” he said.

However, he does add that a huge number of users may still be left vulnerable. “Not all OEMs are providing Android OS updates to all of their devices, and the ones that are we have seen are not always doing it in a timely fashion,” he said. “There may be legitimate reasons for this but the bottom line is there will still be a great deal of devices exposed for quite some time or perhaps forever.”

Facebook made the announcement over the weekend on its developer blog, in a post written by company engineer Mike Vernal which firstly emphasises that Facebook “has never sold and will never sell” user information, before adding that it has zero tolerance for data brokers “because they undermine the value that users have come to expect from Facebook”.

As Vernal admits, this latest issue comes in the wake of a case where it was revealed that many popular Facebook apps were transmitting user IDs – which can be used to look up a users’ names and, in some cases, the names of the app user’s friends – to at least 25 advertising and data firms.

Vernal statement on the broker matter continued: “To restate our policy, developers may not pass any data from Facebook to data brokers, and we are now including anonymous identifiers in this protected category of Facebook data.

“As we examined the circumstances of inadvertent UID (user identification) transfers, we discovered some instances where a data broker was paying developers for UIDs. While we determined that no private user data was sold and confirmed that transfer of these UIDs did not give access to any private data, this violation of our policy is something we take seriously.

“As such, we are taking action against these developers by instituting a 6-month full moratorium on their access to Facebook communication channels, and we will require these developers to submit their data practices to an audit in the future to confirm that they are in compliance with our policies. This impacts fewer than a dozen, mostly small developers, none of which are in the top 10 applications on Facebook Platform.”

The company added that it has reached an agreement with Rapleaf, the data broker who “came forward to work with” Facebook on this matter, whereby Rapleaf will delete all UIDs in its possession, and won’t “conduct any activities” on the Facebook Platform either directly or indirectly for the foreseeable future.

As Cnet quite rightly adds, the blog post did not indicate whether Rapleaf was the broker involved in the sale of user information, and Rapleaf representatives did not immediately reply to a request for comment.

Facebook has blamed the issue on “referrer URLs,” which tell sites which websites directed internet users to sites, and has proposed a technical solution to prevent future transfers. Facebook also announced it had modified its policy to require developers to use the anonymous identifiers when working with ad networks.

Coming as this does in the wake of other security concerns, you can’t help but have the feeling that something very big, and very damaging to Facebook’s reputation could happen sooner rather than later.

This is exactly what it looks like when Firefox is attacked by malware. Exactly.

The latest critical vulnerability is believed to affect version 3.5 and 3.6 of the Firefox browser, and has already provided opportunity to malware makers.

According to Graham Cluley’s Sophos blog (which TechRadar picked up on), the Nobel Peace Prize website is one of the most notable victims of the problem – and has been propagating a Trojan.

“Security firm Norman reported that the Nobel Peace Prize website was distributing a Trojan horse via the exploit yesterday, although it’s obviously possible that other websites may also be serving up the vulnerability in an attempt to infect visiting users,” said Cluley.

“Mozilla says it is working on a fix, but in the meantime Firefox users might be wise to turn JavaScript off and use the popular NoScript addon.” Mozilla has confirmed that it is hard at work on a solution to what will be an embarrassing and potentially damaging threat.

“Mozilla is aware of a critical vulnerability affecting Firefox 3.5 and Firefox 3.6 users. We have received reports from several security research firms that exploit code leveraging this vulnerability has been detected in the wild,” said Mozilla

Added the Sophos man, “Users who visited an infected site could have been affected by the malware through the vulnerability… the exploit code could still be live on other websites. “We have diagnosed the issue and are currently developing a fix, which will be pushed out to Firefox users as soon as the fix has been properly tested.”

“In fact, by the beginning of this year, the number of Java exploits (and by that I mean attacks on vulnerable Java code, not attacks using JavaScript) had well surpassed the total number of Adobe-related exploits we monitored,” she says. This surge of attacks is focused on three vulnerabilities – however the thing that is really getting under Stewart’s skin is that these weaknesses have already been patched but the general public just aren’t updating their PCs.

“Java is ubiquitous, and, as was once true with browsers and document readers like Adobe Acrobat, people don’t think to update it,” she says. “On top of that, Java is a technology that runs in the background to make more visible components work.  How do you know if you have Java installed or if it’s running?”

TG Daily added that these attacks are going unnoticed as intrusion detection and prevention system companies find it tricky parsing Java code. It’s not easy protecting documents, multimedia and JavaScript, and incorporating a Java interpreter into an IPS engine could have a massive effect on network performance.

A clearly frustrated Stewart added that, “So, the people that we expect to notice increases in exploitation might have a hard time seeing this particular spectrum of light.  Call it Java-blindness.”

Are you fully covered folks?

She really should have seen that coming.

Companies have, for the first time, reported they are losing more through electronic theft of data than physical stealing of assets according to risk consultancy firm, Kroll who published this finding in the company’s annual report on international fraud trends.

Fraud was most often an “inside job” carried out by a company’s own employees, the poll of more than 800 senior executives worldwide showed. Worries over fraud were deterring many companies from expanding in some key emerging markets. Information-based industries particularly financial services had by far the highest level of electronic theft followed by professional services and then technology, media and telecoms.

China appeared the key emerging market with the highest level of fraud, with 98% of businesses affected. This was followed by Colombia with 94% and Brazil with 90%.

The 2010 study showed the amount lost by businesses to fraud rose to $1.7 million per billion dollars sales worldwide from $1.4 million a year earlier, the report said – although this might in part be due to better detection and awareness.

“How much fraud there is depends more on opportunity than anything else,” Tommy Helsby, Kroll chairman for Europe, Middle East and Africa, told Reuters. “Much more work is done electronically, and that creates new opportunities for fraud. It takes time for companies to catch up with that.”

Previous Global Fraud Reports showed physical theft of cash, assets and inventory as the most widespread form of fraud by a considerable margin. This year’s findings showed electronic and information theft at 27.3% of total fraud losses, marginally above physical theft at 27.2%.

Despite the rising numbers it seems the global financial crisis means that enthusiasm for new systems to halt this wave of electronic theft is falling. Only 48% of companies were planning on spending more on information security in the next 12 months, down from 51% last year.

* Don’t worry about those unemployed burglars by the way, they re-skilled and became muggers.

They might like spam, most of us just want rid of it though.

The US is number one on this score according to Sophos, with India second – Ireland meanwhile, comes in at number 50 on the list. Said the report: “Since the second quarter this year, the spam output from the United States has increased significantly from 15.2% to 18.6% of global spam, making the country responsible for nearly one in five junk emails, and meaning that the USA contributes nearly 2.5 times more spam than the next worse offender, India.”

Some of the top spam relaying countries for July to September 2010 are as follows:

1.      United States – 18.6%

2.      India – 7.6%

3.      Brazil – 5.7%

4.      France – 5.4%

5.      UK – 5.0%

6.      Germany – 3.4%

=7.     Russia – 3.0%

=7.     S.Korea – 3.0%

9.      Vietnam – 2.9%

10.     Italy – 2.8%

11.     Romania – 2.3%

12.     Spain – 1.8%

14      Taiwan – 1.73%

15      Canada – 1.71%

16      China – 1.65%

19      Netherlands – 1.47%

25      Australia – 0.92%

29      Singapore – 0.73%

37      Japan – 0.58%

40      Austria – 0.52%

47      Switzerland – 0.35%

50      Ireland – 0.30%

54      South Africa – 0.24%

56      Hong Kong – 0.22%

59      Belgium – 0.19%

67      New Zealand – 0.13%

85      Luxembourg – 0.05%

Those figures show that our neighbours in the UK have dropped down one position since the previous quarter (from fourth to fifth place) and Britain is now responsible for relaying 5% of all spam this quarter. Meanwhile, the top spam-relaying continents, for the period of July – September 2010 is as follows:

Europe:        33.1%

Asia:            30.0%

N America:  22.3%

S America:   11.5%

Africa:          2.3%

Other:           0.8%

Adds Sophos, “Almost all of this spam comes from malware-infected computers (known as bots or zombies) that are being controlled by ‘botherder’ cyber-criminals.” Graham Cluley, senior technology consultant with the company adds, “Spam isn’t just a nuisance, it’s used by cyber-criminals as a means of growing their operations. You should never even be tempted to open a spam message out of curiosity, as it can only take a second to effectively hand over control of your computer to the spammers.  If your computer does become part of a botnet, you’re also inviting further malware infections, which may compromise your personal or banking details.”

Sophos also notes a rise in social networking spam during Q3 2010, with the widely reported ‘onMouseOver’ exploit creating spam tweets on Twitter, and a raft of Facebook scams that have been created by spammers to generate money from survey websites.

“What’s interesting about the Facebook scams is that they exploit human weaknesses to spread – tricking users into filling in a questionnaire if they want to see a shocking picture or video that may not even exist,” added Cluley. “Unfortunately, these scams continue to proliferate, with new ones springing up every day, and Facebook seemingly unable to kill them off permanently.”

One Facebook spammer has, however, recently been fined for using the social network to promote the sale of drugs.  Canadian Adam Guerbuez was fined US$100 for every one of the 4,366,386 spam posts he made, resulting in total fine of US$873.3 million (about €620 million). Guerbuez was able to spam from Facebook users’ accounts after phishing their login details.

Further information about the latest report can be found on Graham Cluley’s blog here.

Instead, the more clued-in software scamps are now using a stronger version of the malware called Bugat which is apparently far harder to detect that the Zeus Trojan… well it is in the sense that companies are now looking out for Zeus more than ever before, while Bugat barely gets a second thought.

As The Inquirer puts it, Bugat does not yet have “rockstar popularity” of the Zeus Trojan and of course that’s part of the problem. Indeed, Bugat was used instead of Zeus to zombify systems and pilfer the personal details of users in a recent Linkedin phishing attack.

Security experts Trusteer said that the popularity of Zeus has led to cyber criminals looking at other attack tools for the job. Bugat has been around the block before but Trusteer is warning punters by saying the latest Bugat versions are part of an “arms race”.

“Criminals are stepping up their malware distribution efforts by continuously updating configurations of well known malware like Zeus, and using new versions of less common Trojans like Bugat, to avoid detection,” said Mickey Boodaei, CEO of Trusteer.

How does it work – well Bugat injects exe data into browsers, specifically Internet Explorer and Firefox, then steals user’s banking information to enable the botnet herders to perform dodgy online banking transactions.

When Bugat was used in recent a phishing scam, Linkedin users received hooky email reminders with a dodgy URL link. Once clicked on, a Java applet installed the Bugat exe.

All very clever if, at this stage, familiar. Be vigilant anyway folks.

Patch Tuesday ahoy.

This is the highest number of vulnerabilities fixed in one Patch Tuesday release; the previous record was 34 holes fixed in August.

According to Cnet, four of the bulletins carry a “critical” rating, 10 are rated “important,” and two are “moderate,” according to the advisory. They affect specifically Windows XP, Vista, Windows 7, Windows Server 2003 and 2008, Microsoft Office XP Service Pack 3, Office 2003 Service Pack 3, Office 2007 Service Pack 2, Office 2010, Office 2004 for Mac and 2008 for Mac, Windows SharePoint Services 3.0, SharePoint Server 2007, Groove Server 2010, and Office Web Apps.

Microsoft did not indicate whether two unpatched Windows holes that are being exploited by the Stuxnet worm will be fixed next week. Microsoft previously patched two other zero-day vulnerabilities in Windows the worm was using and said during last month’s Patch Tuesday release that two more holes being used by Stuxnet needed to be plugged. Stuxnet spreads through the Windows vulnerabilities but was designed to target industrial control and critical infrastructure systems running Siemens software.

Meanwhile, Cnet reports that Microsoft is proposing new ways to address security issues online. Earlier in the week, Microsoft released a paper (PDF) written by Scott Charney, corporate vice president for Microsoft’s Trustworthy Computing, in which he proposes applying public health models to the Internet.

He suggests that computers could be given “health certificates” indicating whether they have the latest software patches, their firewalls are installed and correctly configured, antivirus programs are up-to-date, and that they are free of malware. If the health certificate indicates that something is amiss, an ISP could notify the computer user about the problem, and if the computer is being used in an attack, the bandwidth could be throttled to curb that activity, he said.

Microsoft’s pre-alert advisory can be found here.

Mariogamesplay.com was named as one of the "most infected" game websites out there.

The list of the riskiest sites are as follows:

* Gamefactoryinteractive.com

* Games-digest.com

* Mariogamesplay.com

* anywhere-games.com

* galacticflashgames.com

* towerofdefense.com

“Gamers are at risk for encountering malware as they access and play online titles because they often disengage virus protection as to not slow response time during play or slow content downloads,” added the Avast report. “This ‘unprotected gaming behavior’ is a gamer response to some antivirus programs hogging computer resources and is a completely unnecessary security risk.”

Avast pointed out that the online gaming market is worth an estimated $15 billion, and there are many different types of websites to assist the gamer, including tutorials, downloading sites and community forums.

“Gamers are a susceptible target for hackers because it is assumed that they are preoccupied with the game and not concerned with the security of their computer,” said Ondrej Vlcek, chief technical officer at AVAST Software. “As the gaming industry continues to grow, hackers will inevitably develop more ways to target this massive group.”

The company does offer four tips for online gamers to get some digital peace of mind:

1. Don’t turn off your AV while playing online games. If you’re online, you are vulnerable.

2. Keep computer applications – including your antivirus program – fully updated.

3. Try the gaming function for uninterrupted concentration.

4. Beware of downloading games through ‘warez’ sites. This is a known avenue for spreading malware.

The full blog can be seen here.

Facebook chief Mark Zuckerberg announced yesterday that several alterations are being made to the site, in particular with regards to the Groups system. Zuckerberg revealed there would be “tighter control” over Groups and a dashboard amongst the Facebook privacy interface to show what Facebook applications have access to user’s data.

The company claimed that the changes would make it easier to share information with smaller and more intimate groups of friends. However, Paul Ducklin, Sophos’s head of technology in the Asia Pacific region, argues that the latest changes implemented by the social networking giant, may well simply be another missed opportunity to get the fundamentals right.

“Adding more security-related dashboards, buttons and knobs is a start, I guess,” says Ducklin in a blog post. “But I, and many others, think that Facebook would do better to make a real grassroots change to its security.”

Ducklin wants to see Facebook adopt a completely opt-in model, in which you can sign up as easily as you can today, but can’t do much at all on the site until you have decided to open up each feature.  In a poll conducted by Sophos earlier this year, 93% of those asked said that they would prefer to “opt-in” rather than “opt-out” of sharing their information with others.

“No doubt Facebook shareholders looking forward to the IPO will want to maximise the number of users and the openness and availability of the information posted,” continued Ducklin. “But Facebook is influential enough now, I reckon, to make bigger long-term gains by getting ahead of the regulatory curve than by waiting until legislators force them to change their opt- in/opt-out attitudes.”

What do you make of the changes?

Stock-photo-tastic! I’m guessing the ‘money mules’ didn’t dress like this all the time.

The FBI said the suspects acted as go-betweens or ‘money mules’ by providing bank accounts for an elaborate cyber crime scheme. The arrests were part of what the Bureau called “one of the largest cyber criminal cases we have ever investigated”, and most of those arrested in the US were charged with conspiracy to commit bank fraud and money laundering. Meanwhile, more people were detained in Ukraine and the UK.

“This was a major theft ring,” said Gordon Snow, assistant director of the FBI’s Cyber Division. “Global criminal activity on this scale is a threat to our financial infrastructure, and it can only be effectively countered through the kind of international cooperation we have seen in this case.”

An FBI statement told how hackers in Eastern Europe would use spam email to infect computers of small businesses and individuals in the US with the well-known Zeus virus. The unnamed hackers were then able to access users’ online passwords and bank account details and used them to transfer money to the bank accounts provided by the go-betweens in the US.

Once the money was in their accounts, the mules could either wire it back to their bosses in Eastern Europe, or turn it into cash and smuggle it out of the country. They were paid a commission for their work.

The crime ring attempted to steal around $220 million (just over €160 million), the FBI added. The arrests were the result of an international operation that kicked off in Omaha in May 2009 when FBI agents noticed a row of suspicious bank transactions.

Law enforcement agencies in the US, Ukraine, the Netherlands and the UK were also involved in the investigation. Police in the UK arrested 19 people suspected members of the ring. In Ukraine, police arrested five people suspected of directing the scheme, the FBI said.

Mobile security analyst Nigel Stanley from Bloor Research said practices such as this could prove a boon for hi-tech thieves. “The blanket permissions a user gives on installing an app can give carte blanche to malware and spyware providers to collect as much private data as they want, under the protective nicety of a simplistic warning from the operating system,” he said.

The researchers involved – who are a combination of computer scientists from Intel Labs in Pennsylvania and a team from Duke University in North Carolina – said that app creators should provide more information what will be done with harvested data.

The team chose 30 out of the 358 most popular Android apps that, when installed, ask for permission to get at location, camera and audio data. Information about the data gathering was collected using software developed by the team.

Using an extension to the Android operating system called TaintDroid, created by the team, they logged what the applications did. This revealed that 15 of the apps sent location information to advertisers but did not inform users that data was being shared.

Some apps gathered and dispatched location information even when an application was not running and some sent updates every 30 seconds. The researchers said that while many Android apps ask for permission to gather information they did not do enough to inform users what was going to be done with that data or who it would be shared with.

They criticised the fact that users must “blindly trust” applications to play fair with data that they gather. In a statement, Android creator Google told the Beeb that users necessarily entrusted all computing devices with some of their information. “Android has taken steps to inform users of this trust relationship and to limit the amount of trust a user must grant to any given application developer,” it said. “We also provide developers with best practices about how to handle user data.”

“We consistently advise users to only install apps they trust,” an Android representative added.

Anyone put off buying that HTC you’ve been craving now? On a serious note, considering how much presence in the market Android is set to have over the next few years (it will be the OS of choice for many tablets to start with), such data ‘features’ may need to be cleaned up in the long run lest there be more bad publicity in months and years ahead.

You can check out the full report here.

Quite brilliantly, Anand Pashupathy, general manager of Intel‘s anti-theft services business, describes the technology as a “vulcan grip” that suspends the activity of a notebook.

One thing we really like is the fact that Intel has developed a logo for its Anti-Theft technology, which it reckons will act as a deterrent to casual thieves. Don’t believe them – well in an exercise, 42 out of 100 laptops and netbooks went walkabout when left unattended between a university campus and a variety Wi-Fi hotspots, a figure that shrunk to 12% when the Anti-Theft sticker was displayed.

Amazing how much we respect a bloody sticker isn’t it?

Anyway, according to reports, the new project involved Intel incorporating anti-theft technology into laptops and network chip sets, partnering with developers and hardware companies to do so. Apparently, by placing “crypto keys” in hardware the technology will render a stolen laptop useless even if a thief swaps its hard drive.

As The Register reports, Intel’s anti-theft technology allows system administrators to brick a stolen computer via a “poison pill” message and, in turn, re-activate machines as and when a device is found.

Machines that fail to log in for a specified period of time also get disabled. The latest generation of the technology, introduced at the Intel Developer forum last week, involves placing a GSM receiver in the hardware so that machines can be disabled without first going online.

Intel is partnering with Absolute Software to deliver anti-theft technology to market on laptops and notebooks from HP and Lenovo. The company has also signed up with PGP and WinMagic to offer full-disk encryption. Indeed Intel is also looking to partner with more security software developers and hardware manufacturers to bring the technology to market.

“In the past, energy-efficient performance and connectivity have defined computing requirements. Looking forward, security will join those as a third pillar of what people demand from all computing experiences.”

The Telegraph notes that wih billions of new Internet-ready devices connecting with each other, including mobile and wireless devices, TVs, cars, medical devices and ATM machines, Intel knew there was now a need to marry security with hardware and software.

The “cyber threat landscape” had changed dramatically over the past few years, with millions of new threats appearing every month, said Dave DeWalt, chief executive of McAfee. He said: “We believe this acquisition will result in our ability to deliver a safer, more secure and trusted Internet-enabled device experience.”

Over at ComputerWorld, they spoke to Ruggero Contu, senior research analyst at Gartner who found the acquisition by Intel quite surprising. He added that “other players” in the industry would have been better positioned to integrate McAfee into their operations.

Intel would be wise to continue McAfee’s successful consumer security software business, as it has been bringing in increased revenue, Contu said. In terms of the overall security market, the acquisition is likely to have an impact on Symantec, as it is McAfee’s most direct competitor, he added. “We’ll see how it shakes out,” Contu said.

The info it can get at includes text messages, voice memos, photos, GPS tracking info, and web searches – all of which can be copied in a matter of two minutes.

Thankfully, your call history and emails can’t be half-inched though. Dvice picked up on the nasty little bugger today and their report notes that its makers, Brickhouse Security prefer to think of it as a data recovery tool (why did ye call it ‘Spy Stick’ then lads); but do admit out that it can be used to “catch a cheating spouse” or to “monitor your kid’s iPhone use”.

To use the Spy Stick, you need to connect both the iPhone and the Spy Stick to a Windows PC, and then you can copy away. The current version only works with iOS 3.x, with an iOS 4 version coming in September. It’s available from some US-based sites for $199.

'A likely story...'

The nasty app also attempts to lure people into completing an online survey, for which the scammers are paid money.

Graham Cluley of security form Sophos told the BBC that this was the latest in a series of “survey scams” that included links to a video purporting to show an Anaconda vomiting up a hippo, which to be fair would be hard to resist a look at.

“One thing we commonly see is that the message starts ‘OMG, shocking video’,” he said. “And they appear to come from your Facebook friend, giving it a ringing endorsement.” The dislike button scam prompts people to download an application with the message: “Download the official DISLIKE button now.”

When users click on the link it prompts them to install a rogue application, which does not function as a dislike button. Once a user has given it permission to access their profile, it updates the user’s page with a link and a message: “I just got the dislike button, so now I can dislike all of your dumb posts lol!!!”

Interestingly, Cluley also told BBC News that the surveys appear to be from genuine companies, he said. “As far as we can tell, they appear to be legitimate,” he said. “It could be that the firms are not policing their affiliates properly.”

The scam finally points users towards a Firefox add-on that installs a “dislike” button. Cluley said the add-on also appears to be legitimate, though its makers did not respond to request for comment.

A spokesperson for Facebook said that the site had a “very quick process in place” to make sure that links and rogue applications were taken down quickly. “We always encourage people to not click on links that appear suspicious – even if posted from a friend,” a spokesperson said.

Toshiba says the feature can also be used to securely erase user data prior to returning a leased system or decommissioning a system prior to disposal. The technology is simple enough, though how widespread its usage will be is another matter.

Anyway, the big idea is that when a drive is switched off, Toshiba’s system goes into action and invalidates the security key which was used to encrypt the stored data. While the data is still, technically, in place, there’s no way to access it without the new-erased key – making the data to all intents and purposes gone.

A BitTech report notes that Toshiba is aiming this latest range at manufacturers of printers and photocopiers that feature in-built storage devices in order to prevent cached documents from being leaked when leased systems are returned to their owners or older equipment gets sold off.
Toshiba is positioning the technology as a time-saver for those who already worry about the security of their data and either use overwriting software to scramble the contents of old disks or those who physically destroy drives, rendering them useless for re-use or re-sale.

The first drive to feature Toshiba’s automatic wiping technology is a 7,200 RPM 2.5″ mechanical drive – but if successful, Toshiba is likely to extend the functionality to other drives in its range.

The stats come in a new report from the company, which also contains a sprinkling of bad news for Apple addicts, with McAfee making a point of saying, “For a variety of reasons, malware has rarely been a problem for Mac users. But those days might end soon”.

The evidence? Well, while all of this may just be them just be trying to sell more of their wares to Apple users, the new report does tell how in April this year, McAfee Labs detected a Mac-based Trojan known as ‘OSX/HellRTS’ which “reads or modifies the contents of the clipboard or plays tricks on the user like opening and closing the CD drive”.

The McAfee report added, “We do not want to overstate this threat. But it serves as a reminder that in this age of cybercrime, data theft and identity theft users of all operating systems and devices must take precautions.”

Speaking to Reuters, Mike Gallagher, chief technology officer of Global Threat Intelligence for McAfee said of the overall findings, “our latest threat report depicts that malware has been on a steady incline in the first half of 2010”. The report also noted the unexpected resurrection of two ‘dead’ botnets in ‘Storm Worm’ and ‘Kraken’, both formerly considered as being among the biggest botnets on the planet.

The report also told how cyber-criminals apparently took advantage of the global interest in the World Cup in South Africa by using various methods to promote scams and search-engine “poisoning”.

Globally, the most popular types of spam varied from country to country. Delivery status notifications, or non-delivery receipt spam, were the most popular in United States, Italy, Spain, China, Great Britain, Brazil, Germany and Australia. Malware spam, or anything that comes with a virus or Trojan attachment urging you to visit an infected website, was the most popular in Colombia, India, South Korea, Russia and Vietnam.

“Argentina had the most variety in spam, with 16 different topic areas, ranging from drugs to lonely women to diplomas. Italy came in with the least variety, with just six types of spam,” added a MarketWatch article on the McAfee report.

The file that’s causing a lot of headlines today.

It was widely reported this morning that campaigners who wanted to highlight the “terrifying” privacy policies of Facebook had made the file – which contains the URL of every searchable Facebook user’s profiles, plus their names and unique ID – freely available online. In reality though, nothing of any great magnitude has happened to 20% of the Facebook population at all.

The list itself was ‘leaked’ to the site by Ron Bowles, an online security consultant, who reportedly used a simple piece of code to collect the data from the site. He told the BBC that he published the data to highlight privacy issues.

On Wednesday, the list was rapidly spreading across the internet being distributed and downloaded by more than 1,000 users according to the Beeb. The social networking company has hit back though.

“People who use Facebook own their information and have the right to share only what they want, with whom they want, and when they want,” a spokesman said.

“In this case, information that people have agreed to make public was collected by a single researcher and already exists in Google, Bing, other search engines, as well as on Facebook. No private data is available or has been compromised.”

He added: “It is similar to the white pages of the phone book, this is the information available to enable people to find each other, which is the reason people join Facebook.

“If someone does not want to be found, we also offer a number of controls to enable people not to appear in search on Facebook, in search engines, or share any information with applications.”

Simon Davies, of Privacy International, a campaign group, said: “Facebook should have anticipated this attack and put measures in place to prevent it,” he said.

“It is inconceivable that a firm with hundreds of engineers couldn’t have imagined a trawl of this magnitude and there’s an argument to be heard that Facebook have acted with negligence.”

Did they really though? Overall, this sort of feels like a storm in a teacup – a great way for a security expert to get his name out there without doing that much in reality.

Clubbing together a bunch of ‘personal’ details in a file may have taken a little time but thus far there hasn’t been any reports of anything untoward happening to the supposedly private details leaked in the document.

If someone it outraged by all this; just sort your privacy settings out and you’ll be fine.

67% of respondents mentioned that where tapes are used, they are “generally kept onsite at all times”.

Elsewhere, 15% used disk-based methods, while only 7% have switched to online data backup services. Despite the continued reliance on traditional methods such as tapes, 39 % of respondents admitted to a significant data loss incident. Worryingly, where tapes are employed only 28% “believe them to be encrypted”, meanwhile, 28% of respondents wait for two years before replacing a back-up tape. In addition, 35% did not know how often tapes should be replaced.

Despite the acceptance of the need to back-up data (100% of respondents confirmed they back up, though they would really, wouldn’t they), the data management arrangements within organisations differ widely. For instance, 60% of organisations have data leaving their office in some format on a regular basis while 67% of respondents mentioned that where tapes are used, they are “generally kept onsite at all times”.

“The most significant finding was that while backing up is an accepted principle amongst Irish organisations, traditional methods such as tapes remain popular despite the fact that all too often they simply don’t work”, said Joe Molloy, managed services director with IT Force.  Molloy believes Irish organisations need to embrace new technologies such as online backup services that are “without question more effective in terms of reliability and costs”.

Of those who experienced a data loss incident and had to conduct a restore, one in five admitted to never getting all the lost data retrieved while one in three claimed it took more than a day to get all or some of the data back.

"Some of the apps could make calls and send text messages without the mobile user doing anything."

SMobile Systems said that 20% of the 48,000 apps in the Android marketplace allow a third-party application access to sensitive or private information.

Dan Hoffman, CTO at SMobile Systems warned that just because it’s coming from a known location like the Android market or the Apple App Store that doesn’t mean you can assume that the app isn’t malicious or that it has undergone a proper vetting process.

An Inquirer report on the matter tells how, “Some of the apps could make calls and send text messages without the mobile user doing anything, the report said. Also, more than five% of the apps can place calls to any number and two% can allow an app to send unknown SMS messages to premium numbers. SMobile Systems said that dozens of apps were found to have the same type of access to sensitive information as spyware.”

As the Inquirer notes, a report like this from a company such as SMobile is usually all done to sell more security software but the findings are still interesting nonetheless. Indeed, the area of apps security will be a well trodden subject over the next year to 18 months.

Spanish daily El País reports that the country’s Association for the Prevention and Investigation of Crime, Abuse and Malpractice in Information Technology and Advanced Communications has filed suit in the Police Court of Madrid against the legal representative of Google Spain.

The Register reports that the suggestion is that the company has breached Article 197 of the Penal Code, which provides for between one and four years’ jail for anyone who “intercepts telecommunications, or uses listening, transmission, recording or reproduction devices on any other communication signal”.

When it confessed back in back in May that Street View spymobiles had been “collecting information sent over open Wi-Fi networks”, Google claimed the whole thing was a “mistake”, and later blamed it on a rogue software coder.

This explanation has failed to impress Association president Miguel Angel Gallardo who has insisted that “something which was carefully programmed and has been done in 30 countries can’t be an error”.

The 2007 footage hosted on WikiLeaks.

The BBC reports that 22year-old Manning was detained during a tour of duty in Iraq, and is being held in Kuwait pending further investigations. Famously, WikiLeaks hosted classified helicopter footage which it says shows the US military shooting civilians in Baghdad in 2007, though it’s not officially confirmed if Manning is responsible for handing them this particular piece of footage.

However, former hacker, Adrian Lamo, said he had turned the analyst in out of concern for US national security after he had “boasted” about passing the helicopter video to WikiLeaks. Lamo said Manning also claimed to have leaked video footage showing an air strike in Afghanistan in July 2009. The local authorities said nearly 100 people were killed in that attack at Garani

“A lot of people have labelled me a snitch,” Lamo told BBC News. “I guess I deserve that on this one but not as a generality.”

In a statement, the US army in Iraq said Manning was “placed in pre-trial confinement for allegedly releasing classified information”. WikiLeaks’ organisers said they were given the footage, which they said came from cameras on US Apache helicopters. They said they decrypted it, but would not reveal who gave it to them.

The WikiLeaks site campaigns for freedom of information and posts leaked documents online. The video from Iraq shows a US helicopter strike in July 2007 in which about 12 people died. On the transmission, US soldiers on the ground can be heard establishing that there are two child casualties and agreeing to take them to hospital.

The Pentagon has not disputed the authenticity of the video but has been working to trace the source. At the time, the US military said the helicopters were engaged in combat operations against a hostile force.

Clicking a link to watch the World Cup in 2010 may mean you get clickjacked. You heard me.

The BBC reports that clickjacking occurs when Facebook members see links to subjects such as ‘World Cup 2010 in HD’ or ‘The Prom Dress That Got This Girl Suspended from School’ which their friends appear to have ‘liked’. Clicking the link tricks users into recommending the site on Facebook too.

There’s not too much danger at present though as security experts point out that currently the scam has no malicious intent. However, be warned, it could be adapted to deliver malware.

Graham Cluley, senior technology consultant at Sophos concurred that for the moment the purpose of clickjacking is “trivial” and does not actively result in any malware or phishing attacks.

“The attacks which we’ve seen are more like old-school viruses – written for the heck of it to see how many fans they can get. But our feeling is that it would be fairly easy for the bad guys to introduce some revenue generation for themselves,” he told BBC News, adding that clickjacking works across all operating systems.

The Facebook attack uses iFrames, which essentially places an invisible button over an entire web page, so that wherever the user clicks, they end up hitting the button – in this case a hidden Facebook “like” button.

Sophos have actually coined the phrase ‘likejacking’ for this Facebook case, though we definitely don’t like that.

Facebook seems to have all kinds of privacy worries...

Word comes via CNet that Facebook’s Open Graph API could end up getting the company in even more trouble than its recent privacy kafuffle, which had already combined quite negatively with Facebook CEO, Mark Zuckerburg’s, own views on privacy. Now though, it’s not Facebook’s decision to make Internet Personalisation an ‘active by default’ affair that people should worry about, but the consequences of the rolling out of Facebook’s “like” button to other pages.

The issue now is that the plugin that so very many pages now employ to allow Facebook users to hit the “like” button at the bottom of a particular page also gives Facebook some very interesting, and just a touch worrying, abilities.

Even if users aren’t signed into Facebook, the service can still gather data about that user’s browsing habits, based on other sites that also boast the “like” functionality, and given the fact that so many big sites have already stated their intention to add the “like” button, that becomes a fairly scary prospect.

Of course, Facebook is likely to be more than cautious about the perception of its users privacy after the backlash it’s received recently, over both Open Graph and Zuckerberg’s leaked conversations in which he calls users who trusted the early Facebook “dumb f¨*cks.” We’d imagine the social network will move to quash fears on this one as quickly as it can.

Gotta be more entertaining than ‘Hotel Babylon’ anyway.

The BBC reports that Finnish police are investigating up to 400 cases of theft, with some members reporting the loss of up to €1,000 worth of virtual furniture and other items, according to Detective Sergeant Marko Levonen. “We have done five home searches in five cities in Finland,” he said.

DS Levonen explained that several Habbo Hotel members contacted the police earlier this year, saying their virtual belongings had been stolen, and seeking help from the police.

The Finnish company Sulake, which owns Habbo Hotel subsequently identified several hundred more users who appeared to have been targeted, according to DS Levonen. The online thieves allegedly targeted users with fake web pages to capture usernames and passwords in a phishing scam.

“Habbo as a virtual world is targeted by thieves from all over the world,” said Mikko Hypponen, chief research officer at Finnish internet security firm F-Secure. “We’ve seen Dutch hackers, Italians, Russians and others, and have investigated some of these cases previously with the company that runs Habbo.”

This is not the first time Habbo Hotel, which allows users to meet friends and buy virtual goods, has been targeted. In 2007, a Dutch teenager was arrested for allegedly stealing virtual furniture worth thousands of euros on the site, which is believed to have more than 100 million registered ‘avatars’.

Cutbacks on corporate signage afoot with the German fine on the horizon?

Google, of course, made the embarrassing admission a few weeks back that for the past three years it had wrongly collected information people have sent over unencrypted WiFi networks while collecting data for Google Street View. The delay in delivering the information means Google could face a fine of hundreds of thousands of euros, and comes as it faces increasing pressure from regulators globally for its unauthorised accumulation of 600GB of personal data.

The Financial Times reports that the data protection authority in Hamburg had asked Google to submit the original hard drives containing the “payload” data – such as emails or fragments of web pages being visited by individuals using unsecured wireless networks – by midnight on Wednesday.

Google has asked for more time to consider the legal ramifications of sharing private data with the regulator after being advised that doing so could break German communications law. “We want to co-operate with [the Hamburg information commissioner's] requests … but as granting access to payload data creates legal challenges in Germany which we need to review, we are continuing to discuss the appropriate legal and logistical process for making the data available,” Google said. “We hope, given more time, to be able to resolve this difficult issue.”

Google admitted that it could face a similar conflict between civil investigators and criminal prosecutors in other countries. Prof Dr Johannes Caspar, Hamburg’s data protection commissioner, said he did not accept Google’s argument. He said in a statement that the search company would not face criminal action by handing over the hard drive.

Earlier reports in Germany suggested that Prof Caspar could fine Google €300,000 for missing the deadline. Google last week stopped the global deletion of private WiFi data it has collected following confusion over what it should do with the material.

Google has already deleted the data it collected in Ireland, they know not to mess with us eh… obviously the thought of Minister Eamon Ryan turning up on the company’s doorstep with his angry face got them moving.