FOSS Week in Review
Just because Christmas week is supposed to be a slow news week doesn’t mean it’s a no news week…
Good news, bad news on the phishing front
First the good news. According to security company Websense, the amount of phishing attempts we’re finding in our email dropped remarkably this year, from 1.12% of all email volume down to 0.5%. Now, the bad news. The folks doing the phishing are getting better at targeting their attempts, so they don’t need to send as many emails to hook their prey.
According to an article published Sunday by PCWorld, it appears as if the phishing industry has discovered a host of plausible subject lines that are able to fool a good number of recipients to click away.
“The top ones experienced by Websense (which sells email filtering gateways) were
- Invitation to connect on LinkedIn
- Mail delivery failed; returning message to sender
- Dear customer
- Comunicazione importante
- Undelivered Mail Returned to Sender”
Websense says that the country originating the most phishing attempts is China, followed by the United States, Germany, the United Kingdom, Canada, Russia, France, Hong Kong, The Netherlands, and Brazil.
Earlier this year, Techworld reported that the Anti-Phishing Working Group (APWG) had noted a 20% drop in phishing emails from the fourth quarter of last year and this year’s first quarter.
“‘While fluctuations in these statistics can be common, the drastic decrease likely indicates that cybercriminals are utilizing the servers they compromise not for phishing attacks, but rather for more malware or distributed denial of service attacks,’ said Internet Identity President and APWG Trends Report contributor, Rod Rasmussen.”
What’s not clear is for how long this trend will continue.
Spain hits Google with massive anti-privacy fine
Last week the BBC reported that Google was hit with a fine of 900,000 euros ($1.24 million U.S.) for breaking Spanish data privacy laws. The fine is the maximum allowed.
“Google changed its privacy policy in March 2012 and began the process of combining the data that people surrendered when they used its many services…
“Google collected information across almost 100 services, said the Spanish data protection agency, but had not obtained the consent of people to gather information nor done enough to explain what would be done with the data.”
Google has indicated it’s waiting to study the full report before deciding what action to take. In addition to Spain, the Netherlands and France are both believed to be contemplating levying fines against the search company over the same issue.
Google fires back at Rockstar
We also learned this week that Google has taken its first actions in response to Rockstar Consortium’s suit filed on Halloween against Google and a group of Android device manufacturers. According to a report posted Christmas Eve on Gigaom, Google has returned fire by filing a lawsuit against Rockstar.
“In a complaint filed Monday in San Jose, Google claims that Rockstar’s patent campaign is taking aim at hundreds of California tech companies and that the litigation has ‘placed a cloud on Google’s Android platform,’ threatening Nexus devices in particular…
“The complaint also states that Rockstar’s trolling campaign has targeted more than 100 companies, and that Rockstar’s CEO has said that Facebook, LinkedIn and every other tech company is infringing the old Nortel patents.”
Google is also asking the court to rule that its Nexus line of products doesn’t infringe on patents held by Rockstar or MobileStar, another patent troll “formed for litigation one day before Rockstar filed its lawsuits against Google’s customers.” The move is seen primarily as a stalling tactic to buy the search company time to get its legal ducks in a row.
The Rockstar Consortium, jointly owned by Apple, Microsoft, Blackberry, Ericsson and Sony, holds patents acquired for $4.5 billion in 2011 from bankrupt Canadian telcom Nortel Networks Corporation.
Canadian spies make “deliberate decision to keep the court in the dark”
The CBC has reported that Judge Richard Mosley has ruled the Canadian Security Intelligence Service (CSIS), the Canadian spy agency, was less than honest with the courts in a case dating back five years. As a result, Canadians abroad were put at risk.
The agency had sought warrants pertaining to two Canadian citizens that would apply while they were out-of-country. At the time, the CSIS assured the court that the data intercepts would only take place from within Canada and would involve only Canadian personnel. However, after warrants were granted in January, 2009, aid was sought from intelligence agencies in other countries without notifying the court.
“‘It is clear that the exercise of the court’s warrant issuing has been used as protective cover for activities that it has not authorized,’ Mosley wrote in redacted reasons.
“The failure to disclose that information was the result of a deliberate decision to keep the court in the dark about the scope and extent of the foreign collection efforts that would flow from the court’s issuance of a warrant.”
Mosley is also the judge who issued the original warrant in 2009. Also implicated in the case is the Communication Security Establishment of Canada (CSEC), referenced by the CBC as “Canada’s top secret eavesdropping agency.”
Codebreaker Alan Turing pardoned posthumously
In another item from the BBC, published Tuesday, we learn that Alan Turing, a computer pioneer and a codebreaker who’s skills aided Allied efforts to read German messages encrypted with the Enigma machine, has posthumously been granted a pardon. The pardon is for his 1952 conviction for homosexuality, for which he was chemically castrated and lost his security clearance. His death in 1954 from cyanide poisoning was officially ruled a suicide, a finding that’s been disputed by many.
The pardon came in response to a request by Justice Minister Chris Grayling.
“‘His later life was overshadowed by his conviction for homosexual activity, a sentence we would now consider unjust and discriminatory and which has now been repealed,’ said Mr Grayling.
“Turing deserves to be remembered and recognised for his fantastic contribution to the war effort and his legacy to science. A pardon from the Queen is a fitting tribute to an exceptional man.'”
Vint Cerf, known in the U.K. as the “father of the Internet,” applauded the pardon and indicated it was long overdue.
“‘The royal pardon for Alan Turing rights a long-standing wrong and properly honours a man whose imagination and intellect made him legendary in our field,’ he told the BBC.”
In addition to his efforts to decipher messages encrypted by use of the Enigma machine, it was revealed in 2012 that Turing also wrote papers on the theory of code breaking.
LinuxDevices content back online
The founder of the now defunct LinuxDevices website, Rick Lehrbaum, has reported on LinuxGizmos that twelve years worth of LinuxDevices content has been returned to the Internet, now available on LinuxGizmos.
“QuinStreet acquired LinuxDevices.com in Feb. 2012 through its purchase of a group of websites from publisher Ziff Davis Enterprise. After the acquisition, LinuxDevices remained frozen in time for about a year before vanishing in May, shortly after I launched LinuxGizmos.com. Following a constructive discussion about possibilities for bringing the LinuxDevices content back online, QuinStreet generously offered to license LinuxGizmos to host the LinuxDevices Archive on our site, as a ‘holiday present to the Linux community.'”
Lehrbaum started LinuxDevices in 1999. In 2007, Ziff Davis acquired full ownership of the site.
Here’s hoping everybody’s holiday season has been great so far. Have a happy and safe New Year. And until next time, may the FOSS be with you…