Press "Enter" to skip to content

Posts tagged as “NSA”

Chrome Eavesdropping, Balkanized Internet & More…

FOSS Week in Review

Sixteen-year-old wrote the code for Target breach

TargetMiamiThe press calls him a “nearly seventeen-year-old” and he’s reported to be one of the people behind the malware used to compromise credit card data at Target and other locations. By our way of counting, “nearly seventeen” means he is sixteen or, like the show tune says, “sixteen going on seventeen.” He lives in Russia and is said to be the author of the BlackPOS malware that was used against Target and might have been used against Neiman Marcus.

This info comes from Los Angeles based cyber-intelligence firm IntelCrawler, which says it’s also traced six additional breaches to BlackPOS. As noted on MarketWatch, despite authoring the malware, the kid is just a small fry in this affair.

Is Red Hat Working for the NSA?

On Friday, Roy Schestowitz posted an article on Techrights which seems to accuse Red Hat of being in cahoots with the NSA. According to the article, the company has been building back doors into RHEL for the spy agency. However, the article appears to be long on accusations and short on proof.

I like both Techrights and Schestowitz. Both are controversial and that’s part of what I like about them. However, before making accusations it’s nice to have at least a few facts to back them up.

Red Hat logoThe article attempts to make the case for using CentOS over RHEL. Indeed, many of us who’re short on bucks and can’t afford Red Hat’s expensive support subscriptions are already using CentOS in server environments. We use it here at FOSS Force to serve web pages? Why? Because not only does CentOS have an extremely capable development team, the distro is in most ways a clone of Red Hat, which means the CentOS development team is able to leverage Red Hat’s research and development and incorporate it into their distro.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

Troll Sues FTC, Net Neutrality Dead & More…

FOSS Week in Review

NSA spying not as effective as claimed

Claims from the Obama White House and the NSA about the effectiveness of the NSA’s dirty tricks evidently aren’t true, according to a report from the New America Foundation. Since the Snowden revelations began, we’ve heard that something like 50 terrorist attacks have been averted as a result of the NSA monitoring Americans’ phone records and such.

However, Mashable tells us that according to this report, the effects of the NSA’s cyber spying has been minimal.

“‘Our review of the government’s claims about the role that NSA “bulk” surveillance of phone and email communications records has had in keeping the United States safe from terrorism shows that these claims are overblown and even misleading,’ said the research team, led by Peter Bergen, a reporter specialized in national security who also interviewed Osama Bin Laden in 1997.

“‘Traditional investigative methods, such as the use of informants, tips from local communities, and targeted intelligence operations, provided the initial impetus for investigations in the majority of cases, while the contribution of NSA’s bulk surveillance programs to these cases was minimal,’ they added.

The report goes on to claim that the spy agencies wholesale collection of phone data only had an impact in 1.8% of cases. The figures for PRISM’s impact is 4.4%.

Blackberry Trolls, Coke in Patent Suit & More…

FOSS Week in Review

India drops deal with Google over spying fears

Since the Snowden leaks revealed that Microsoft has allegedly built back doors into Windows for the NSA, we’ve been saying that the spy agency’s actions are going to hurt the U.S. tech industry’s business abroad. Well, it’s started to happen. On Thursday, Reuters reported that India has decided to drop out of a planned partnership with Google designed to help voters access information.

“…the plan was opposed by the Indian Infosec Consortium, a government and private sector-backed alliance of cyber security experts, who feared Google would collaborate with “American agencies” for espionage purposes.”

cokeadThere’s even been more digital security news from the EU, where there’s been a scramble to address privacy and security issues since the NSA scandal began. On January 3, phoneArena.com reported that European phone makers have been coming out with pricey phones designed for the security conscious.

Mark our words. This is only the beginning.

Cloud Based LibreOffice, Facebook Reads PMs & More…

FOSS Week in Review

In 2013, Linux hits grand slam

Now that companies are closing-out their books on the old year, it’s becoming evident that Linux devices were a big hit in 2013.

On Friday, CNET’s Brooke Crothers reported that Chromebooks, those nifty laptops running Google’s Chrome OS that let the cloud do the heavy lifting, accounted for 21% of all laptop sales last year. As impressive as that may be, the numbers get even better when Android tablets are added to the mix. According to market research company NPD Group, January to November saw 1.76 million Chromebooks and Android tablets sold, up from only 400,000 during all of 2012.

The OEMs, of course, are paying attention and are readying new Linux devices for the market.

2013 — That Was the Year That Was

Now that the celebrating is out of the way, I thought it might be time to take a look at some of the stories we covered on FOSS Force this year.

1. The NSA. The biggest story to come down the wire this year undoubtedly had to do with Edward Snowden’s revelations about the National Security Agency’s bag of dirty tricks. Even those of us who have long understood that the Internet isn’t necessarily a place to expect privacy were surprised at how deeply the NSA has managed to reach into the Internet. Odds are, if you’ve been using social networks, everything you’ve posted is now on file with the NSA. What’s worse, every email you’ve sent probably has a copy resting on a NSA server somewhere.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

New Temp Patent Head, Amnesty for Snowden & More…

FOSS Week in Review

Credit card breach at Target affects over 40 million

Merry Christmas. Your bank account has been drained.

This week’s holiday cheer was marred for millions as they learned that their banking information might be in the hands of hackers.

Target has announced that over 40 million customer credit card transactions have been hijacked since Black Friday. The data was stolen from transactions at the retailer’s brick and mortar stores. Online transactions are evidently not affected. All information contained in a credit card’s magnetic stripe has been compromised, enough information to make counterfeit cards.

The story was originally made public on Wednesday by security expert Brian Krebs on his site KrebsonSecurity. This afternoon, Krebs wrote in an update that information pilfered from Target was making its way to the black market.

Android On Nokia, SCOTUS On Patents & More…

FOSS Week in Review

FreeBSD rethinks encryption after Snowden leaks

Only three months after the Snowden leaks on NSA snooping began, we learn from Ars Technica that the developers at FreeBSD have decided to rethink the way they access random numbers to generate cryptographic keys. Starting with version 10.0, users of the operating system will no longer be relying solely on random numbers generated by Intel and Via Technologies processors. This comes as a response to reports that government spooks can successfully open some encryption schemes.

Linux 2K, Troll University & More…

FOSS Week in Review

New FCC Chairman a bad omen for net neutrality?

There might be some changes upcoming to the FCC’s position on net neutrality according to an article by Jon Brodkin posted Wednesday on Ars Technica. It seems as if the new Chairman, Tom Wheeler, wouldn’t necessarily cry “foul” if ISPs decided to take money from the likes of Hulu or Netflix for fast lane access.

“Wheeler (a former lobbyist for the cable and wireless industries) spoke positively about the [Open Internet] order but said he wouldn’t mind if Netflix has to pay for a faster lane to consumers while answering questions Monday after a policy speech at Ohio State University.

“‘I am a firm believer in the market,’ he said. ‘I think we’re also going to see a two-sided market where Netflix might say, “well, I’ll pay in order to make sure that you might receive, my subscriber receives, the best possible transmission of this movie.” I think we want to let those kinds of things evolve. We want to observe what happens from that, and we want to make decisions accordingly, but I go back to the fact that the marketplace is where these decisions ought to be made, and the functionality of a competitive marketplace dictates the degree of regulation.’

“Wheeler’s comment implies that he believes the Open Internet Order already allows such arrangements or that he wants to change it.”

Linux Worm, Bad Patent Good & More…

FOSS Week in Review

Good news & bad on the patent front

This week we received some good news and bad on the continuing patent wars.

First the bad news.

Down in the northeast Texas town of Marshall, an eight person jury has found that online retailer Newegg infringed on a patent held by TQP Development because they mixed the use of SSL and RC4 on their websites. The jury awarded $2.3 million, less than half of the $5.1 million that TQP’s damage expert had thought due.

Even though Newegg had a strong case, it’s not that much of a surprise that they lost, not in Marshall, where juries are infamous for siding with the plaintiffs on patent cases. Often these judgments are overturned on appeal. Make no mistake about it, Newegg’s attorney Lee Cheng plans to appeal. He made that very plain to Joe Mullin who covered the trial for Ars Technica:

Hacked by the NSA

The Internet has become a neighborhood infested with cockroaches.

On Saturday, the Dutch newspaper NRC reported that the NSA has infected over 50,000 computer networks with malware designed to steal sensitive data. The allegation arises from examination of documents supplied by Edward Snowden and “seen by” NRC reporters.

“The malware can be controlled remotely and be turned on and off at will. The ‘implants’ act as digital ‘sleeper cells’ that can be activated with a single push of a button. According to the Washington Post, the NSA has been carrying out this type of cyber operation since 1998.”

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

Breaking News: