Hacking and Anonymous surfing

It took just three days for The Pirate Bay to collect the $25,000 it needed for the editing of the TPB: Away from Keyboard documentary.

While critics would suggest that a story about three computer addicts who revolutionized the world of online piracy is better suited for the big screen and the Hollywood red carpet, it is unlikely that any of the big production companies would want to spread the black plague of their industry even more. No problem, after all The Pirate Bay’s distribution system is much more efficient in reaching viewers.

The Pirate Bay: Away From Keyboard is going to be in documentary format directed by Simon Klose. Klose, whose career is unlikely to be helped by this venture, says that he believes in alternative ways in rewarding culture. Three hackers joined up to give people free access to copyrighted software, cracked video games, scanned PDF books, camera captured or DVD-ripped Hollywood blockbusters, and of course ripped music CDs.

Tomorrow’s WikiLeakers may have to be sneakier than just dumping military docs onto a Lady Gaga disc. The futurists at Darpa are working on a project that would make it harder for troops to funnel classified material to WikiLeaks — or to foreign governments. And that means if you work for the military, get ready to have your web, email and other network usage monitored even more than it is now.

Darpa’s new project is called CINDER, for Cyber Insider Threat. It’s lead by a legendary hacker-turned-Darpa-manager. CINDER may have preceded Pfc. Bradley Mannings’ alleged disclosure of tens of thousands of documents about the Afghanistan war from Defense Department servers. But the idea is to find someone just like him. By hunting for poker-like “tells” in people’s use of Defense Department computer networks, Darpa hopes to find indications of indicate hostile intent or potential removal of sensitive data. “The goal of CINDER will be to greatly increase the accuracy, rate and speed with which insider threats are detected and impede the ability of adversaries to operate undetected within government and military interest networks,” according to the defense geeks’ request for contractor solicitations on the project.

Ever wonder what IT resource is the easiest for hackers to exploit? According to a survey of attendees of the annual DEFCON security conference, the answer is misconfigured networks.

The survey was conducted by Tufin Technologies, and polled 101 attendees at DEFCON 18 in July. Seventy-six percent named misconfigured networks as the easiest IT resource to attack.

Fifty-seven percent of those surveyed said network misconfiguration was caused by IT staffers not knowing what to look for when assessing the security posture of the network. Another 18 percent believe misconfigured networks are the result of insufficient time or money for audits, while 14 percent felt compliance audits that fail to capture security best practices are a factor. The rest do not think security can keep up with the threat landscape.

A temporary ban on the sale of the PS Jailbreak device, a USB stick that overrides PlayStation 3 security and allows game discs to be copied, has been extended until Friday, September 3 when a Federal Court hearing will take place.

PS Jailbreak overrides the PlayStation 3’s notoriously tight security setup and lets users rip games from their retail discs, installing them directly on the console’s hard drive.

Though this allows for faster loading times, it also opens the machine up to the threat of widespread piracy, depriving game developers of a financial return on their work, in the same way that the PS Jailbreak manufacturers are threatened by the expected emergence of copycat gizmos, should the crack remain unpatched by Sony.

Apple has announced that it will provide a public, live stream of Wednesday’s keynote, which will be made available via the company’s HTTP Live Streaming open standard to Mac and iOS device users.

The Cupertino, Calif., company made the announcement as a media alert Tuesday evening. The live video stream will be available when the keynote begins Wednesday at 10 a.m. Pacific Time, 1 p.m. Eastern, at apple.com.

“Apple will broadcast its September 1 event online using Apple’s industry-leading HTTP Live Streaming, which is based on open standards,” the company said. “Viewing requires either a Mac running Safari on Mac OS X version 10.6 Snow Leopard, an iPhone or iPod touch running iOS 3.0 or higher, or an iPad.”

Many high-technology companies have run afoul of the US’ Export Control System, which regulates the overseas sales of items that can be put to use for military or intelligence-gathering purposes. Given the pace of innovation, hardware and software that was once the domain of the military or spy agencies can rapidly wind up in the hands of consumers, meaning that the system for tracking what’s restricted needs to be nimble and user-friendly. Unfortunately, it was anything but, and that has led to a new effort to reform the system in a way that would increase the opportunity for US companies to sell goods overseas.

The impact of export controls on the high-tech industry have caused problems for everyone from browser makers—who once ran up against restrictions on their encryption software, despite its wide availability outside the US—to hardware makers; Apple once advertised that its G4 processor fell under export control due to outdated definitions of what constituted a supercomputer. But they also affect more mundane items. In the announcement that outlines the reform efforts, the White House notes that the brake pads for the army’s M1A1 tank are essentially identical to those used in fire trucks, but only the former ends up under export controls; “Under our current system, we devote the same resources to protecting the brake pad as we do to protecting the M1A1 tank itself.”

Internet service providers often tell their clients that they offer “bullet-proof hosting.” Whistle-blower organization Wikileaks, it seems, will settle for nothing less than “bomb-proof.”

Some portion of Wikileaks’ servers have been moved to the “Pionen” White Mountains data center owned by Swedish broadband provider Bahnhof, as first reported by Norwegian news site VG Nett last Friday. That data center will store Wikileaks’ data 30 meters below ground inside a Cold-War-era nuclear bunker carved out of a large rock hill in downtown Stockholm. The server farm has a single entrance and is outfitted by half-meter thick metal doors and backup generators pulled from German submarines–fitting safeguards, perhaps, for an organization that raised the ire of several powerful military forces last month when it released thousands of classified Afghanistan war documents.

Earlier in August the copyright-flouting Swedish Pirate Party began hosting Wikileaks’ IT operations, and it’s not clear exactly why it’s chosen to move Wikileaks’ servers to the Pionen facility. The threat of law enforcement physically seizing or destroying the organization’s equipment, after all, is much less likely than a legal attempt to gain direct access to Wikileaks’ data. Last year the Swedish government put a crack in the country’s strong free speech protections when it passed a controversial law allowing surveillance of Internet traffic by the FRA, a law enforcement agency.

A computer scientist who exposed serious vulnerabilities in India’s electronic voting machines was released on bail over the weekend after seven days in police custody.

Hari Prasad – who is the technical coordinator of a group called VeTA, short for Citizens for Verifiability, Transparency and Accountability in Elections – was arrested at his Hyderabad home on August 21 on charges he stole an EVM belonging to the Indian government. He was transported to Mumbai some 14 hours drive, where police questioned him about the person who provided the device used in a research paper published in April claiming the machines were vulnerable to flaws that could be exploited to rig Indian elections.

Indian news agency PTI reported that the metropolitan court magistrate hearing the case observed that “no offence was disclosed with Hari Prasad’s arrest and even if it was assumed that EVM was stolen it appears that there was no dishonest intention on his part …. he was trying to show how EVM machines can be tampered with.”

THE RUMOUR MILL has spun out a yarn claiming that Cisco is about to buy the Voice over IP outfit Skype.

This is unexpected as Skype is getting set to go public. For Cisco to succeed in a bid it will have to write the cheque before that happens. However TechCrunch claims it has a reliable source for this rumour and is standing by it.

Of course since Skype is about to go public it will not answer any questions about this and Cisco is not going to want to push up the perceived value of the company with loose talk. However, for Cisco to buy Skype it will have to write a cheque with lots of zeros. The company is reportedly shooting for a net worth of $5 billion when it goes public.

The Commonwealth Bank of Australia has blamed a “critical security change” on its systems for ATM and EFTPOS outages that left some customers unable to access their funds yesterday.

The bank yesterday apologised for problems with its systems that left some customers unable to withdraw cash from Commonwealth Bank ATMs or use EFTPOS at retailers equipped with CBA EFTPOS systems.

“The Commonwealth Bank made a critical security change to its systems this morning,” the bank said in a statement to ZDNet Australia yesterday. “As a consequence, merchants using CBA terminals have intermittently had valid MasterCard, Visa or other scheme debit card transactions declined at the point of sale.” “There has also been some intermittent issues with our ATM network, which has resulted in some machines place limits on cash withdrawals.”