Saturday, 1 March 2014
The German computer security and antivirus detection company G Data Security has alleged that the Russian government is behind the newly detected malware known as "Uroburos."
G Data bases its case for Russian government involvement on the complexity of the malware and the presence of Cyrillic words in the malware sample. G Data blog author "MN" points to file names, encryption keys, and behavior of Uroburos as evidence that the Russian government played a role in the creation of the malware.
Another key component, said MN, is that Uroburos looks for a previous piece of malware that's been tied to Russia, but not its government conclusively.
"Uroburos checks for the presence of Agent.BTZ and remains inactive if it is installed," said MN. Agent.BTZ is extremely damaging malware linked to a severe attack against the Pentagon in 2008.
Just yesterday, at the TrustyCon conference for trustworthy technology, Mikko Hypponen, the chief technology officer at security firm F-Secure, said there are few governments actively involved in writing and distributing malware.
"Ten years ago this would've been science fiction," he said. Arguably the most famous example of government-sourced malware is the Stuxnet worm, which targeted a specific kind of software that controls nuclear facilities. The United States and Israel have been implicated in the creation and distribution of Stuxnet.
Uroburos is a rootkit made of two files, "a driver and an encrypted virtual file system," that can "take control of an infected computer, execute arbitrary commands, and hide system activities." The malware is highly dangerous, MN alleges, because its structure is "modular" and "flexible," meaning that new malicious functions can be added to it easily.
"Uroburos' driver part is extremely complex and is designed to be very discrete and very difficult to identify," MN said. In the Uroburos sample discussed by G Data, the malware is designed to steal files and monitor network traffic.
The malware name is a variant spelling for Ouroboros, the ancient Greek symbol of a snake or dragon eating its own tail.
GData says that Uroburos is "one of the most advanced rootkits we have ever analyzed" and pegs its origins to 2011, the earliest year that its driver was compiled. It works on both x86 and x64 Windows computers.
According to G Data, it operates by commanding one infected computer with an Internet connection to infect other networked computers, even those without a direct connection to the Internet. Uroburos gathers whatever data it's been instructed to collect, then surreptitiously sends it back to the malware authors using the same method of hopping from machine to machine until it finds one with an Internet connection.
"This malware behavior is typical for propagation in networks of huge companies or public authorities. The attackers expect that their target does have computers cut off from the Internet and uses this technique as a kind of workaround to achieve their goal," said MN.
Neither G Data nor the Russian consulate in San Francisco returned requests for comment. CNET will update the story when we hear back.
Yahoo has named Alex Stamos, current chief technology officer for security firm Artemis and co-founder of TrustyCon, as its next chief information security officer, Recode's Arik Hesseldahl is reporting based on sources familiar with the matter.
The company's last CISO, Justin Somaini, left Yahoo more than a year ago. Stamos, a well-known member of the industry and frequent face on the stage of prominent security conferences, will be filling the role starting March 10 and reporting directly to CEO Marissa Mayer. His position at Artemis remains unclear at this time.
On February 27, Stamos and a group of fellow security industry leaders held a counter-conference in San Francisco to protest the RSA Conference taking place there this week. TrustyCon -- for the Trustworthy Technology Conference -- was aimed at rebelling against RSA's involvement with the National Security Agency, which was first revealed by Reuters last year.
The event, which organizers say must continue as the privacy issues encapsulating the security industry evolve, featured numerous speakers who withdrew from the RSA Conference in protest. It focused mainly on discussions of building trust, both in the industry and in the relationships companies and government have with the public.
Yahoo's re-energized push for security involvement at the executive level comes at a dire time for the Web giant's reliability reputation. A far-reaching ad-related malware attack first reported last month put 2 million PCs and Yahoo users' personal data at risk, and Yahoo has been going to great lengths of late to match the security efforts of competitors like Google by sending searches on its home page and other outbound traffic from its services through secure servers.
But perhaps most relevant to Yahoo's new appointment is the startling news from yesterday, revealed in documents from Edward Snowden, that the GCHQ, with help from the NSA, intercepted and stored images of millions of users of Yahoo's Webcam chats without the technical ability to differentiate between US and UK citizens and with no legal restrictions barring that collection of foreign Webcam images. Yahoo, speaking to The Guardian, called Optic Nerve, as the program was code-named, "a whole new level of violation of our users' privacy."
Rejoice, sausage lovers, or maybe not. Spanish researchers trying to create a healthier meat product may have found their answer inside a baby's diaper.
Using six strains of bacteria -- three from the baby poop of healthy infants up to 6 months old, and three from commercial probiotics -- the researchers whipped up fermented pork sausage, and found that the meat made using one strain of the tot excrement contained the most microbes -- "enough to produce health-promoting effects to people."
"The two kinds of bacteria used most often in probiotics, Lactobacillus and Bifidobacterium, are far more abundant in infant poop than in adult excrement," food microbiologist Anna Jofré of Catalonia's Institute of Food and Agricultural Research told Live Science.
The researchers published their study, titled "Nutritionally enhanced fermented sausages as a vehicle for potential probiotic lactobacilli delivery," in the February issue of the journal Meat Science.
A growing body of scientific evidence suggests that probiotics carry health benefits such as lowering inflammation, preventing urinary tract infections, and assisting with digestive health.
Bacteria are already used to make fermented sausage, though they generally come from microorganisms already found in the raw meat. The sausages made by the food researchers were low-fat, low-salt versions of fuet, a cured, dry pork sausage popular in Spain that resembles the pork sausage chorizo. Professional tasters reported that the sausages tasted like regular fuet. "All the final products recorded a satisfactory overall sensory quality without any noticeable off-flavor, and with the characteristic sensory properties of low-acid fermented sausages." In other words, they tasted good. Or at least OK.
While more research is needed to prove that the baby-poop bacteria can produce the array of probiotic effects, no companies have decided as of yet to sell the sausages commercially. Which is probably good, since we're not sure we're ready for a poop-sausage and mushroom pizza quite yet.
Last year, I shared how to use the Whitepages Current Caller ID app to easily track blocked calls and texts. Now, Whitepages has added the ability to spot many of today's spam/scam numbers, along with some other convenient features.
If you don't have the app already, there's no time like the present to get a copy. Current Caller ID is available for Android 2.2 and up.
The UI for the app has received a makeover, sporting lighter colors and better organization for its features. For example, the previous version of the app had two tabs for your call log -- one Recent and the other Frequent -- but now there's just one tab with a toggle for the two choices. The Blocked calls/texts menu has also moved to the row of icons along the bottom.
(Credit:
Whitepages)
When a phone number is part of an area code that has a high spam
score, an alert will be shown on the Whitepages info window when making
or receiving a call. According to Whitepages, their app can identify
over 21,000 different scam numbers. Additionally, they will keep
updating their spam directory to maintain the accuracy of flagged
numbers.
(Credit:
Whitepages)
Right before the update that enables you to spot spam calls,
Whitepages added a smart contacts feature to the Current Caller ID app.
This allows you to see not only numbers that are stored in your address
book, but also those identified by the app in the past. You can also
link your Facebook and LinkedIn accounts to gain access to profile
information your connections have shared. If you download the official Whitepages app,
which Current Caller ID can access through the search feature, you can
easily look up numbers for people and businesses listed in their
directory. There's even a built-in dialer, so you can just tap on a
number to make a call.
Current Caller ID is an app that has improved with each update. The new UI, ability to spot spam numbers, and quick access to numbers are just a few of the reasons why nearly 5 million people have this app on their Android device.
If you don't have the app already, there's no time like the present to get a copy. Current Caller ID is available for Android 2.2 and up.
The UI for the app has received a makeover, sporting lighter colors and better organization for its features. For example, the previous version of the app had two tabs for your call log -- one Recent and the other Frequent -- but now there's just one tab with a toggle for the two choices. The Blocked calls/texts menu has also moved to the row of icons along the bottom.
Avoid spam calls
(Credit:
Whitepages)
Find numbers faster
(Credit:
Whitepages)
Current Caller ID is an app that has improved with each update. The new UI, ability to spot spam numbers, and quick access to numbers are just a few of the reasons why nearly 5 million people have this app on their Android device.
With the private social network fad in the rearview mirror, Facebook appears motivated to remind us that not only did it think in smaller sizes long before it was cool, but it has quietly grown its private spaces audience to 500 million people over the years.
That Facebook has an astonishing number of people -- nearly 41 percent of the network's total audience -- cornering themselves off into nooks and crannies isn't surprising. Groups have long been a convenient way to converse in closed circles. Rather, the unexpected thing here is that Facebook is choosing to just now draw attention to Groups, a product that it rarely talks about publicly, and one that's not particularly representative of Facebook's new mantra of being a mobile-first company.
Speculation, kicked off by a Bloomberg profile of Facebook chief Mark Zuckerberg, would have it that the company is readying the release of some type of standalone mobile application for group communication. Indeed, plenty of clues point in that direction. But Facebook isn't ready to commit to that vision -- at least publicly.
"I don't think we've necessarily made any plans, one way or another, around breaking it off as its own individual experience," Facebook Groups product manager Jimmy Chen told CNET. "I think it's a core use case that Facebook, the company, should be really good at. The tactics for how we do that are still up in the air."
And, yet, Facebook is being oddly outspoken about Groups, the private social network that predates the once-trendy Path and other mobile apps like Everyme and Couple, which seem destined for future obscurity.
Not Groups. During Facebook's most recent earnings call, Zuckerberg boasted uncharacteristically about the success of Groups, even calling it a "core product."
The company never reveals anything it doesn't want you to know, nor does it offer up stats about its singular products, save for purchases like Instagram and WhatsApp. Facebook, for instance, still hasn't shared how many people use Messenger, a much more talked about product with its own standalone app.
Why, then, does Zuckerberg want to draw attention to Groups?
The most probable answer is that Groups are good for advertisers, an audience that Facebook needs to keep happy should it wish to continue to make billions every quarter. Affiliating yourself with a pact of people, especially if related to a hobby, is a stronger signal of your tastes than a "like" or a follow. That Facebook is sitting on affinity data for 500 million people is a powerful message not lost on advertisers.
Company-watcher Brian Blau, Gartner's research director of consumer technology, suspects that Facebook's sudden revelation was meant to remind advertisers that they can target their ads against Groups, which are likely representative of members' true interests.
Currently, advertisers can only reach group members through right-hand column placements inside groups. Facebook does not target ads based on Group membership, a company spokesperson said. That's not to say Facebook won't go in that direction eventually. And Altimeter Industry analyst Rebecca Lieb concurs with Blau's view.
"Groups are self-identified target audiences," Lieb said. "[Facebook] has been looking at so much data -- big data, third-party data, ad-network data -- but other advertisers just want to reach specific people who like specific things. It's much simpler than the data, actually."
The groups-are-good-for-advertisers theory matches up against Facebook's recent statements on the product and its newly unveiled intention of pointing people toward even more groups they might like.
Chen said that Facebook believes that sharing in closed spaces should be a core principle of the network. "As a person in society, you're a member of all sorts of different types of social groups, be they clubs, or teams, or societies, or an alumni group, or a neighborhood, or a fan group. And we think that Facebook should be the place where you go to share with those types of people."
The new discovery page for Facebook Groups.
(Credit:
Facebook)
"The more groups that I belong to, the more I'm demonstrating my preferences and my affinities to Facebook, and the more data Facebook has about me," Lieb said.
An alternate theory is that Groups, like WhatsApp and Messenger, promote private communication, making it an essential tool in the social network's strategy to reach another billion people. It's yet another product that the company can pitch to people disinterested in the public realm of sharing. And maybe it's one of the applications that Facebook will eventually let people use anonymously.
"One theme that should be clear from our work on products like Messenger, Groups, and Instagram is that our vision for Facebook is to create a set of products that help you share any kind of content you want with any audience you want," Zuckerberg said during the fourth-quarter earnings call. "A lot of the new growth we see is coming from giving people the tools to share with different size groups of people."
Whatever the reason, though, one thing is clear: Facebook has a renewed interest in this oft-forgotten product, and we should expect to hear more on Groups in the months ahead. At the very least, Facebook will work fast and furious to make the Groups experience on smartphones, now obscured from view in the mobile app, more than the afterthought it is today. Facebook can't, after all, have what it calls a "core product" be sub par on mobile.
"We haven't invested as fully as we are now," referencing the Groups team's attention to mobile. "We think, to take the next step, we can do a lot better to make this a ubiquitous tool for everyone."
Imagination's graphics chip tech is used in the iPad Mini Retina (above), the iPad Air, and the iPhone 5S.
(Credit:
Apple)
John Metcalfe, executive vice president and COO at Imagination
Technologies, graphics chip supplier to Apple, chatted with CNET for a
few minutes about the future.
Imagination's graphics chip technology -- which must manage, among other things, the millions of pixels on the display -- has been used consistently by Apple in its mobile products, and Imagination's technology appears prominently in the iPad Air, iPad Mini Retina, and iPhone 5S.
I asked Metcalfe in a recent interview about the future of its graphics chips and, by extension, technologies that could appear in future Apple products -- though the latter is obviously only a decision that Apple can ultimately make.
Q: What is your next high-performance GPU and what is the focus?
Metcalfe: The PowerVR Series6XT. The focus of the changes in the 6XT is improving performance per milliwatt or performance per watt.
(Note that performance-per-watt is shorthand for increasing the performance of a chip without increasing -- or without a disproportionately large increase in -- power consumption.)
Why the focus on performance-per-watt?
Metcalfe: High-end smartphones [and tablets to some extent] today are limited. The performance at the start of the day is higher, let's say, than performance after 10 minutes of gaming because the processors get heated up and thermal shutdown occurs and performance has to be throttled because heat can't be dissipated.
And the number of cores is important too, correct?
Metcalfe: Graphics tend to have a lot of parallel workloads. You're processing data that covers millions of pixels. And it's quite easy to packet those workloads up between different [processing] units. And [GPUs] have very good scalability. In other words, you have a unit of performance that you can replicate. " (Scalability in this case means that adding a core or "unit" results in a corresponding, or linear, increase in performance.)
What about the trend toward hybrids? It's not unreasonable to assume that Apple has bigger plans for the A series processors. After all, they have made a big deal out of the "desktop-class" performance of the 64-bit A7 chip.
Metcalfe: We've seen a trend of hybrid tablet PCs. We have our eye firmly on moving higher up the performance ladder. Not only hybrids but full PCs. We would need to get to higher performance than the cores we have currently announced. But we don't have to change the architecture fundamentally in any way.
Imagination's graphics chip technology -- which must manage, among other things, the millions of pixels on the display -- has been used consistently by Apple in its mobile products, and Imagination's technology appears prominently in the iPad Air, iPad Mini Retina, and iPhone 5S.
I asked Metcalfe in a recent interview about the future of its graphics chips and, by extension, technologies that could appear in future Apple products -- though the latter is obviously only a decision that Apple can ultimately make.
Q: What is your next high-performance GPU and what is the focus?
Metcalfe: The PowerVR Series6XT. The focus of the changes in the 6XT is improving performance per milliwatt or performance per watt.
(Note that performance-per-watt is shorthand for increasing the performance of a chip without increasing -- or without a disproportionately large increase in -- power consumption.)
Why the focus on performance-per-watt?
Metcalfe: High-end smartphones [and tablets to some extent] today are limited. The performance at the start of the day is higher, let's say, than performance after 10 minutes of gaming because the processors get heated up and thermal shutdown occurs and performance has to be throttled because heat can't be dissipated.
And the number of cores is important too, correct?
Metcalfe: Graphics tend to have a lot of parallel workloads. You're processing data that covers millions of pixels. And it's quite easy to packet those workloads up between different [processing] units. And [GPUs] have very good scalability. In other words, you have a unit of performance that you can replicate. " (Scalability in this case means that adding a core or "unit" results in a corresponding, or linear, increase in performance.)
What about the trend toward hybrids? It's not unreasonable to assume that Apple has bigger plans for the A series processors. After all, they have made a big deal out of the "desktop-class" performance of the 64-bit A7 chip.
Metcalfe: We've seen a trend of hybrid tablet PCs. We have our eye firmly on moving higher up the performance ladder. Not only hybrids but full PCs. We would need to get to higher performance than the cores we have currently announced. But we don't have to change the architecture fundamentally in any way.
Don't mistake this for something out of the mouth Stephen Colbert's ultra-conservative, Bill O'Reilly-modeled TV persona: The popular funnyman actually believes that former NSA contractor and domestic spying whistleblower Edward Snowden should come back to the US and face trial.
In front of more than 6,000 people at the RSA Conference's closing keynote at the Moscone Center here, Colbert had the audience roaring within minutes over his computer security and encryption jokes.
Colbert described the conference jokingly as a place where the best security experts "gather, talk shop, and breed with each other. That's called exchanging private keys."
He quickly changed the subject to address the petition that demanded that he join the RSA Conference boycott over the conference's parent company colluding with the National Security Agency.
Colbert said that he had signed a contract with RSA that he wasn't going to break, in part because, he was "paid in Bitcoin, from Mt.Gox."
Then he got serious. There was "no evidence in Reuters' story," he said of the original report that broke the news.
"Documents leaked by former NSA contractor Edward Snowden show that the NSA created and promulgated a flawed formula for generating random numbers to create a "back door" in encryption products," wrote reporter Joseph Menn in the story.
Menn then cited two anonymous sources who said they were familiar with the $10 million contract between the NSA and the RSA division that promoted the flawed encryption as the default encryption to use in RSA's BSafe encryption tool.
While RSA denied to Menn and later to CNET in a statement that it "does not design or enable any back doors" in its products, that word choice leaves wiggle room for a weaker or flawed encryption algorithm to be left in place over better encryption choices.
"We the people voted for the Patriot Act. We voted for the people who
reauthorized it, and re-reauthorized it. The American people have
spoken," he said. "You don't change horses in mid-wiretap."
--Stephen Colbert
Colbert interwove jokes about the situation with seriousness. "I hope
RSA took the money. If they didn't, they should have. We all have Uncle
Sam's cameras up our junk. Shouldn't someone be getting paid for it?" he
quipped.
--Stephen Colbert
But he also said over the course of the 45-minute keynote that Americans have proven "time and time again" that they support the policies in the Patriot Act that allowed expanded surveillance of American citizens.
"We the people voted for the Patriot Act. We voted for the people who reauthorized it, and re-reauthorized it. The American people have spoken," he said. "You don't change horses in mid-wiretap."
Colbert joked that the Patriot Act-authorized policies as "enhanced liberty," similar to how "enhanced interrogation" lets you "drink all the water you want."
He didn't have much love for the NSA either, pointing out the ridiculousness that a "sophisticated agency" like the NSA "can get pwned by a 29 year old with a thumb drive."
(Stephen Colbert listened intently to a woman in
the audience and projected on-screen behind him ask about his dislike
of whistleblower Edward Snowden, in San Francisco on Feb. 28, 2014.)
He closed his monologue by saying that he was going to turn his back on the audience for 30 seconds while they cheered. The crowd obliged.
At the following question-and-answer session, Colbert interacted more playfully and more forthrightly than might have been expected for such a popular TV personality.
One woman asked him what the meaning of life was. He replied, "42!" to the delight of Douglas Adams fans in the audience. Another fan set him up by saying that Jon Stewart has had Neil deGrasse Tyson on 10 times, while Colbert has only hosted the popular astronomer 9 times.
"Why do you hate space?" came the fan's punchline.
"I had [Tyson] on first," said Colbert, "but he demoted Pluto, so he's not getting a 10th."
"I hope RSA took the money. If they didn't, they should have. We all
have Uncle Sam's cameras up our junk. Shouldn't someone be getting paid
for it?"
--Stephen Colbert
Some audience members were surprised by Colbert's take on the Snowden situation and asked more serious questions.
--Stephen Colbert
When asked whether is was what Snowden did, or how he did it, that had turned Colbert against him, Colbert was silent for a minute.
When he spoke, he said that his problem was that Snowden released too much top secret information to the world about how the US conducts its spying practices.
"Why, if Snowden was concerned with letting us know how we are spied on, why did he let us know how we spy on other countries? I think we should spy on other countries," Colbert said. Snowden, he said, should be taken to court over the espionage charges.
This wasn't the first time that Colbert has expressed a lack of support for Snowden, but it was his most vocal expression of anti-Snowden sentiment to date.
At the end, Colbert said that the "greatest threat to our security" was not knowing where political money came from, and not voting. But when it comes to doing the right thing for your country, as Snowden has stated was his reason for leaking the NSA documents, Colbert said that you must face the consequences of the law.
It's not often that Colbert stops being satirical, but when he does, he does it to express a closely-held value. Unfortunately for his fans, this is one value that they all might not agree with
Subscribe to:
Posts
(
Atom
)
