Security Octopus

Well, Big Brother’s ambitions are just astonishing. These days FBI Director Robert Mueller made an interesting statement. As it turns out, he is going to strive for the idea that the US providers should log the Internet history of their users. At the same time the data storage term (attention!) should be two years. Besides that the providers should submit this data to the authorities at their first request, literally, without any court decisions, etc.

It is clear that it means the record of IP addresses, domains, web sites the user visits, etc. This data should be accessible, according to Mueller’s idea, to federal authorities, state and local authorities. Shortly speaking, with the corresponding desire any authority representative can penetrate into a private Internet life of any American and dig out whatever stuff he wants.

The argument provided by Mueller is as follows: before the Internet appeared, FBI had access to any information about telephone calls of the US citizens. As of today a bigger part of personal communication between people has shifted to the Internet and there is no chance to track it down there because there is no corresponding law.

Do you know why FBI needs all that? Correct! To fight child pornography. If it’s not the case of Al-Qaeda, then it’s child pornography. And the issues of national security are also mentioned here.

Fortunately it’s too early to speak of a global logging – the corresponding laws were not adopted. But if they are … Americans (and it also concerns us to a certain extent) should start reading or re-reading Orwell, his “1984”.

Copyright (c) SmartHide Security Octopus

One of the biggest sites for open source software developers SourceForge.net was blocked for users from “banned locations”, as Arab Crunch reports. The black list includes Cuba, Iran, Syria, Libya, Sudan and North Korea.

The paragraph informing that users from the mentioned above countries were included into the black list appeared in resource ToS. Besides that the residents of these countries are blocked from the access to GoogleCode. These bans initiated by the US government authorities in fact put the developers from “black list” countries in the dark, not allowing them to contribute to open source development.

It’s worth mentioning that the event took place almost simultaneously with the US secretary of State Hillary Clinton’s speech about Internet freedom where she reported that “all of humanity has equal access to innovations, knowledge and ideas”. Just to remind you, the US is currently in active contradiction with China about Google freedom. According to some analysts, the whole story was made up with a special purpose – to allow Hillary make a great speech for her US secretary job position anniversary. To put it simply – it was necessary to create an enemy image, exactly to the date January 21^st.

Thus we can see that nobody cancelled double standards of American politics. However this time it involves the programming: the blocking of developers from “banned locations” contradicts to the idea of open source software creation itself and makes it not really open now.

As you all know SmartHide’s goal is not only making people have the ability to communicate without a fear of repression or third party listening to their conversations, but also allowing people to use their democratic rights for freedom of speech and Internet, no matter what country they live in.

We support the words of Hilary Clinton, saying that “all of humanity has equal access to innovations, knowledge and ideas”, but we don’t have double standards…

Unlock SourceForge with SmartHide for Free!

Security Octopus

Copyright (c) SmartHide Security Octopus

France’s parliament on Tuesday, 22.09.09 adopted a new Internet anti-piracy law, known as “Hadopi 2″, allowing authorities to cut off repeat illegal downloaders’ Internet access. The opposition swiftly announced that it would appeal the decision in court.

REUTERS - France’s disputed Internet piracy law, which will allow authorities to disconnect repeat illegal downloaders, was finally approved in parliament on Tuesday but the opposition immediately announced a fresh court challenge.

The bill, revised after France’s top constitutional court overturned an earlier version voted in June, cleared its last parliamentary hurdle when it was passed in the joint legislative committee of the two houses by 258 votes to 131.

The opposition Socialists, who took the previous version of the so-called “Hadopi” law to the constitutional court, said they would mount a second challenge.

French President Nicolas Sarkozy has thrown his weight behind the law and has been backed by the recording and film industries, which say they have lost millions of euros through illegal Internet downloads.

Culture Minister Frederic Mitterrand, who steered the second version of the bill through parliament, said the law would prevent “pillage” of works of art by “demagogues” who say that works of art should be free just because they were on the web.

“Freedom is not free licence, liberalism isn’t the jungle,” he told the committee.

But the law, which will set up a new regulatory body with the power to investigate suspected illegal downloaders and recommend sanctions, has also been heavily criticised by consumer groups as well as the opposition.

They say it will be ineffective in combating determined pirates and will impose unduly harsh punishment on ordinary Internet users.

The previous version of the law was watered down after the constitutional court rejected a text that would have created a body with the power to cut Internet access for those found guilty of illegal downloads.

The constitutional court ruled that the new body could only have the power to issue warnings and that any disconnections could only be ordered by a judge after two written warnings from the new authority.

The sanctions imposed by a judge could also include fines of up to 30,000 euros ($44,420).

The law will also oblige anyone with a wi-fi connection to block non-authorised users from using the connection.

Mitterrand said he expected the main effect of the law to be dissuasive and he expected actual sanctions to be rare.

France’s attempt to curb Internet piracy has attracted wide interest outside the country as the media industry worldwide has struggled to come up with a response to the challenge to traditional record and film sales posed by the Internet.

Easy access to the Internet is becoming headily popular all over the world, being therewith extremely insecure. Our company has prepared a list of rules and recommendations concerning Wi-Fi security and computers protection from virus software while working via open Wi-Fi access points.

It’s summer. More and more people prefer to work in the open air instead of sitting in stuffy offices. At times you can see many people in a city park relaxing on a bench, by a fountain together with a laptop.

Your confidential information is in danger.

And, actually, it does not matter what exactly they are doing – working with the e-mail or your internet-banking, uploading pictures, using blogs or simply surfing the web.

All of them are connected to the Internet using Wi-Fi access. Every day more and more hotspots become available to users and practically every large city offers such access points.

From the perspective of any software developer who deals with information security issues, there is no secure access to the Internet in the street. Wi-Fi architecture cannot boast of any real security whereas the encryption and access isolation algorithms used here possess weak cryptographic strength and can be easily cracked.

According to the recent ABI Research the number of Wi-Fi hotspots all over the world is steadily growing.

The number of free Wi-Fi Hotspots is rapidly growing.

According to 2008 research results, the largest number of hotspots was found in Europe. For several consecutive years the UK has been the leader in the total amount of hotspots.

The most significant growth in the number of hotspots was recorded in France, Germany and Russia. Today we can easily say that open Wi-Fi access technology exists almost in every major city in Europe and even in the Middle East.

The leading computer security specialists believe that one of the worst types of the threat is the so-called “man in the middle” attack.

This expression is frequently used in cryptography and describes a situation when an intruder can read and modify messages of other correspondents so that neither of the parties will notice the presence of the intruder.

”An attacker may be connected to the same network, is able to constantly control your Internet connection and replace Internet-pages waiting for the moment when you give him your confidential information into his hands”.

Anti-virus researchers add:

”No matter what goals you pursue connecting to the insecure Wi-Fi network, we advise you to use only the protected HTTPS protocol to access the webmail. We highly recommend to avoid using the sites which require personal data entry, such as Internet-banking service.”

It’s not that hard to protect yourself from undesired consequences as it may seem. You should simply introduce a set of changes to your software security policy.

There are several principal security threats while using free Wi-Fi hotspots:

• The possibility to intercept your personal data which you enter to access various servers, payment systems or bank terminals. The networks set up by hackers resemble legitimate Wi-Fi free access points.
• An attack of a computer connected to the same hotspot with the help of an unknown malware, which is absent in virus signatures’ base.
• Sniffing – the interception and analysis of your Internet traffic by attackers may lead to the loss of confidential information.
• Data leakage through the “man-in-the-middle-attack”.

By means of practicing the simple rules below you can prevent such attacks and ensure your Wi-Fi security:

• Use SmartHide technology to connect to the Internet. It’s best to access the web through SmartHide tunnel set up in your network.
• Use only secure protocols, such as HTTPS and POP3s to access the e-mail.
• Disable confidential and personal data transfer through protocols which are not protected by secure data encryption algorithms.
• Avoid using Internet-banking through public Wi-Fi networks unless you are under SmartHide Service potection.
• Make sure that you’ve set up the firewall and antivirus software to block the incoming traffic, updated the virus signatures’ base and activated the extended heuristic analysis mode.

Copyright (c) SmartHide Security Octopus

Peter Sunde, one of the four co-founders of The Pirate Bay, said Monday he is abandoning ship.

Sunde, the BitTorrent tracker’s spokesman, and his fellow colleagues each are facing a year in prison following their spring convictions for facilitating copyright infringement. They remain free pending the outcome of an appeal of their Stockholm convictions.

The departure of Sunde, known online as “brokep,” perhaps is the strongest indication to date that the proposed $7.7 million sale of The Pirate Bay to a Swedish software concern is to be completed within weeks as planned.

Global Gaming Factory, its buyer, claims the 5-year-old Pirate Bay will become a legitimate, pay-to-play site for media such as movies, software, music and games. The goal, however lofty it sounds, is to convert the site’s 20 million pirates into fee-paying consumers.

“Today marks the end of a small era for me, but I am simply leaving a role in order to be a person instead,” Sunde said.

He said, “a book is waiting to be finalized and many more books are waiting to be read.”

If he loses his appeal, he’ll have plenty of time to write that book.

The Dutch anti-piracy outfit BREIN has won its court case against The Pirate Bay. The Amsterdam court today ruled that the site must cease all operations in The Netherlands within 10 days, or else pay penalties of 30,000 euros ($42,300) a person, per day.

In an Amsterdam court last week, BREIN’s lawyer argued that The Pirate Bay is responsible for millions of copyright infringements every day, and that the site should therefore be blocked to visitors from The Netherlands.

Interestingly, the news came as a total surprise to Fredrik, Gottfrid and Peter who said they received no official summons and were not aware of the case. In a counter move, the three sent a letter to the Amsterdam court, asking it to dismiss the case and impose damages against BREIN instead.

Today, the verdict was made public and The Pirate Bay has lost the case. The judge ruled that The Pirate Bay has to stop all of their activities in The Netherlands within ten days. If they don’t comply all defendants will be ordered to pay 30,000 euros ($42,300) per day in penalties up to a maximum of 3 million euros ($4,231,000) total.

The court argued that BREIN had done enough to inform the three defendants about the court case, although they were never officially summoned. In a letter to the court the defendants had indicated that if they had know, they wouldn’t have the financial means to attend the hearing. Because of this the court issued a default judgment and gave in to BREIN’s demands.

Pirate Bay spokesman Peter Sunde, who is one of the defendants told TorrentFreak that they will appeal the decision, and that they are currently looking for legal representation.

Interestingly, the verdict claims that The Pirate Bay doesn’t have a registered owner, but holds the three accused responsible for it. However, as we’ve reported previously the site is in fact owned by a company called “Reservella” and not any of the defendants named in the case.

In addition to the three founders, GGF, the intended buyers of the Pirate Bay were also ordered to pay 30,000 euros ($42,300) per day in penalties if they continue to operate the site as it is after the deal is closed.

Legal experts informed TorrentFreak that the current ruling can be largely attributed to the lack of defense, and the fact that the defendants failed to show up. With this ruling in hand, it is not unlikely that BREIN will put pressure on Dutch ISPs if the Pirate Bay doesn’t block Dutch visitors within 10 days.

Source: torrentfreak.com

We were shell-shocked when Global Gaming Factory X AB, a Swedish software corporate, announced it was acquiring The Pirate Bay for $7.8 Million. The Pirate Bay, the world’s epicenter for torrents and illegal P2P file distribution, sold to a company that intended to give it a new, legal business model? It sounded too insane to be possible.

I guess we shouldn’t be shocked then to learn that The Pirate Bay acquisition may not happen after all. Multiple sources are reporting that the acquisition may be canceled in one week’s time if Global Gaming X AB can’t provide investor guarantees. It doesn’t help that the major studios are suing it, either.

Just a strange series of events

The basic story is this: after Global Gaming made the deal public, it hired Wayne Rosso, the former head of Grokster, to negotiate with music and film giants to get legal licenses to their content. He specifically told CNET that he doesn’t think that Global Gaming even has the funds to make the deal happen, and that the Global Gaming hasn’t been straightforward with him. Thus, he’s left Global Gaming:

“I and my colleagues have very strong doubts that the funding is in place,” Rosso said. “And there are other issues regarding Mr. Pandeya’s credibility that trouble us greatly.”

The second nail in the coffin is a lawsuit that nearly a dozen studios have filed to shut The Pirate Bay down, including Disney and Paramount. Their claim is that The Pirate Bay hasn’t stopped their activities after being sentenced to prison. There’s also a separate lawsuit already in progress by the four major music labels.

Combine the lawsuit with losing Rosso and apparent funding problem and you can see why the Pirate Bay acquisition is in doubt. The Pirate Bay saga is just keeps getting stranger.

Are your surprised? Let us know in the comments.

Source: mashable.com

Acording to reddit.com AT&T is now blocking all access to img.4chan.org, effectively blacklisting /b/ and censoring the internet.

From what I can tell, this is only a confirmed issue in Southern California at the moment, but seems to be wider than just a regional problem. Those who have contacted AT&T representatives were told that the site is in fact blocked, so this isn’t a technical problem, and all the other 4chan subdomains work fine.

SmartHide users may not worry. Everyone who is smart enough to use SmartHide enjoys the freedom of Internet 24 hours a day, 7 days a week.

The technology of Internet-traffic protection from the unauthorized access is developing alongside with protected traffic interception technology. Non-encrypted user traffic interception and access to it is no longer a difficult task, even for an ordinary user. Practically everybody knows the word “sniffer”. In theory, it’s impossible to intercept secure  SSL/TSL connections. But is it really so?

Actually, not really. Yes, encrypted traffic is practically impossible to decrypt, but in reality, if one has a strong desire and the necessity, even the encrypted traffic can be decrypted once a key is found. But in order to do that, great resources are required. In this case the decryption makes sense only on the level of government or military interests.

When working over secure connections (the easiest example –  HTTPS) all the traffic between the interacting points in the Net is encrypted on the sender’s side and decrypted on the recipient’s side. Traffic is encrypted in both directions. In order to encrypt and decrypt the traffic you need a pair of keys (asymmetric cryptography). The public key is used for encryption and is sent to the data receiver, while the private key is used for decryption and is kept by the sender. In this way, hosts with SSL-connection between them exchange public keys. Further on, to improve the performance a single key is created, which is sent already encrypted and is used for both encryption and decryption on both ends (symmetric encryption).

And how do they do it? Usually, through the same channel which will be used to transfer the secure traffic after that. At the same time the key exchange takes place in an open mode. In case of HTTPS, the server key is connected with the certificate, which the user is suggested to look through and accept. And exactly this certificate can be intercepted by any intermediate server through which the certificate is transferred in an open mode (proxy, router).

In order to “read” all of the user’s traffic, the intermediate server substitutes this certificate by its own. That is it connects to the client with its certificate and at the same time connects to the remote server. The client receives a wrong certificate from the server-intruder and the browser informs the user about danger (such certificates never have signatures). The user has a choice: to accept the certificate and work with the site or reject it, but then it’s impossible to work with that site at all. Sometimes users ignore the content of certificates and automatically accept any data transferred by them.

If the user accepts the false certificate, the traffic will be transferred according to the following scheme:

Client<=SSL-connection=>server-wiretap<=SSL-connection=>destination server

That means that the intermediate server will receive all of your “secure” traffic in an open mode. It should be also noted that the certificate transmission takes place in the beginning of each HTTPS session.

In case of secured SSH, during the first connection with the server, the server key remains on the client side and the client’s key on the server. These keys are transmitted between the given client and the server only once, at the time of the first connection. If someone tries to intercept SSH-traffic in this case, both the client and the server will reject the connection because of keys mismatch. Since keys can be transferred between the client and the server through alternative ways (through a secure channel or on an external device), this connection method is relatively secure. It can only be blocked, making the user work openly.

It should be noted that the so-called “Enterprise information security solutions” which intercept the complete traffic transferred through an office proxy-server and “read” it have been sold for a long time already. The programs search for specific phrases or information of certain type in the data flow from browsers, e-mail programs, ftp-clients, office workers’ messengers. Besides, such programs can identify and process correctly different types of communication with servers. Particularly, they check secure SSL-traffic by certificates substitution. I had an almost first-hand experience in one of such systems development.

Anyhow, there are ways to escape such a total tracing. It is possible to direct any necessary traffic via installed SSH connection, which will be transferred from the SSH-server in an open mode to the destination recipient. This method is called SSH-tunneling. This way the traffic transfer through the unprotected channel can be secured, but this approach makes sense only when there is a trustworthy server with the set up and tunneling customized daemon. And it’s rather simple to organize it. The SSH-client connects to the server, configures to wiretap any specific port on the local computer. Such a client will provide SOCKS5-proxy service, i.e. its usage can be set up in any browser, e-mail program, IMs, etc. Packets get to the server through the SSH-tunnel and then transferred to the target server from it. The scheme is as follows:

[localhost: client<=>proxy] <== SSH-connection==> server<=> target server

Another way to protect traffic is a VPN-channel. It is easier and more convenient to use than SSH-tunneling, but it’s more complicated in the initial installation and setup. The main convenience is that you don’t have to write a proxy in programs. Some of the software doesn’t support proxy at all, consequently only VPN will be suitable.

However, if you are not familiar with the technical back-end of the methods above,  there is another easy-to-use and effective solution to encrypt your traffic. The Hide IP software SmartHide is able to solve all the issues connected with the traffic encryption with a single click of a mouse button and thus help to stay protected from any unauthorized access. Consider purchasing our Hide IP software to secure your information and behavior in the Net for the future.

Copyright (c) SmartHide Security Octopus

The political crisis in Iran, which is gaining momentum these days, showed to the whole world not only the tough aggression of the repressive regime towards its “lieges”, but also how it is possible to control the network activity of the whole country with the help of modern technologies. I won’t go into political details – it’s neither the right place, nor the right time, and frankly speaking, I am not the right person to evaluate all the facts and arguments adequately and sort the wheat from the chaff. Even more in a situation when I am absolutely not familiar with the language of the country. We are speculating on a topic which is much closer to us – the censure, blocking people Worldwide who still do not use SmartHide Service from accessing their favorite web-resources.

On June 22nd the highly regarded “The Wall Street Journal” (further on WSJ) published a very interesting article where journalists report about an ultra-modern Internet traffic deep packet inspection system used in Iran. It was not hard for Iranians as well as for foreign observers to understand what “the government reads” – since the time when thousands of people went out on the streets to protest against the rigged elections, the Internet speed dropped significantly in the country. Bloggers as well as journalists who encounter difficulties with information transfer through the Net witness this. It is obvious that nobody would ever drop the transfer capacity without any reason. That was when the WSJ decided to dig deeper into the core of the story and found an interesting contract, signed in 2008 by the government of Iran, owning the monopoly on all kinds of the communication within the country (mobile connection, Internet, television, radio) and a joint venture of Finnish Nokia Corp. and German Siemens AG – Nokia Siemens Networks, for ultra-modern mobile phone networking equipment delivery, and as it became known later, for the complete national traffic analysis. We’ll start from where it should be started – from preceding events.

In the second half of 2008 Nokia Siemens Networks provided Iran with the special equipment according to the agreement “On Lawful Interception of Information and Internet content filtration”. One can’t say that there is something fantastic in that – the government of every country tries to protect its users from child pornography, web terrorism and other knowingly unlawful actions of criminals. As the official representative of the company Ben Roome reports:

“If you sell networks, you also, intrinsically, sell the capability to intercept any communication that runs over them”.

The “Monitoring Center”, installed by the joint venture of two communication giants, was a part of a big contract that included mobile phone and networking technologies. It should be noted that during the last 10 years the number of optical fiber miles in Iran grew by 50 times – the necessity of a “control” tool in such a situation is out of question. Nothing to be surprised with: a Muslim country, living according to its rules, it’s not anything like France or Sweden.

The Iranian government had experimented with the equipment for brief periods in recent months, but the filter or interception had not been used extensively. Nobody worried, life was going on. It continued until one fatal day: June 13, 2009 when all the network and mobile traffic practically stopped in the country.

Today Iranian network engineers say that

“nobody ever thought that the government is capable of such a level of control. We knew that there was some equipment, but now we know that it is a very powerful, modern and complex technical facility allowing almost complete tracking of the network”.

The method used in the Iranian data center is called deep packet inspection. All the flow of online data whether an online-data packet or a telephone call, SMS, a digital image – anything is deconstructed, examined for keywords, after that it’s reconstructed and reaches the recipient. It’s done within millseconds. But unlike China, where the same scheme is used by the provider and it is decentralized, in Iran the whole thing is done at a single location. The digital life of the whole country is filtered in a single room, to put it simple, and that’s why the Internet speed slowed down to less than a tenth of normal speed.

The reasons for such a behavior from the part of Iranian conservative government are again obvious. While they can still easily keep people misinformed/blocked from the information by means of national TV channels and radio stations, nobody will tell the “false truth” on the Internet. Today we are all familiar with the Twitter functionality in exposing any details – that’s what happened in the “Tibetan history”, with Moldova and now the same thing is taking place in Iran.

The government is trying to intrude deep into the network situation and it is doing that just perfectly. Bradley Anstis, the director of technical strategy with the American provider Orange says:

“This looks like a step beyond what any other country governed by the “regime” is doing, including China”.

China, however, has 300 million of Internet users, unlike Iran with “only” 23 millions, but actually, it doesn’t change the essence of the problem.

People are beginning to protest – consumers are writing angry letters to Siemens and Nokia saying that they destroyed their mobile phones and will recommend to do the same to people they know. It’ll last until the company “can make the right ethical choices”. However, Mr. Roome comments: ”Every company does have a choice whether to do business in a certain country.” Even if Nokia Siemens Networks could suggest that their equipment will be used for censure, being European democrats they could scarcely foreknow that mass espionage against country’s own citizens is possible. I believe that those people who made such a decision thought very deeply to find ways to justify themselves saying that communication interception and monitoring technology inevitably goes together with the equipment. It’s a normal situation in many quite civilized countries and in some of them it is even a standard requirement to the equipment, for example in Great Britain. During its existence (in March the company sold its communication business to a German investment company), Nokia Siemens Networks sold such data centers to the governments of 150 countries. However, official representatives say that neither China, nor Burma, nor any other country with such a tough censure policy are on the list.

However, one shouldn’t think that Iran and China are the only countries which feel easy to involve in such practices. In the already mentioned Great Britain, for example, there is a list of completely blocked sites, and the German government bought such equipment not long ago. In the USA, during the government of George Bush’s administration, such equipment appeared with the National Security Agency within the framework of the “Terrorist Surveillance Program”. However, we do not know if it’s still being used. The Australian government is still experimenting with Web content filtering systems. The Russian Federation… might also have modest desire to follow the example of its colleagues, especially now when the Internet is so widely spread.

Probably the safest way to protect yourself, your personal data and ensure your correspondence security is traffic encryption with services like Arovax SmartHide, that help you to encrypt all your internet traffic and protect your personal data and identity. Nobody will spend money, time and resources to analyze this kind of data. But it’s another story.

The following materials were used in the article: The Wall Street Journal, Wired (1, 2), Gizmodo, Mashable, Textually.

Copyright (c) SmartHide Security Octopus