7/30/2008

Speculation over back door in Skype

Filed under: — Aviran Mordo

According to reports, there may be a back door built into Skype, which allows connections to be bugged. The company has declined to expressly deny the allegations. At a meeting with representatives of ISPs and the Austrian regulator on lawful interception of IP based services held on 25th June, high-ranking officials at the Austrian interior ministry revealed that it is not a problem for them to listen in on Skype conversations.

This has been confirmed to heise online by a number of the parties present at the meeting. Skype declined to give a detailed response to specific enquiries from heise online as to whether Skype contains a back door and whether specific clients allowing access to a system or a specific key for decrypting data streams exist. The response from the eBay subsidiary’s press spokesman was brief, “Skype does not comment on media speculation. Skype has no further comment at this time.” There have been rumours of the existence of a special listening device which Skype is reported to offer for sale to interested states.

There has long been speculation that Skype may contain a back door. Because the vendor has not revealed details of its proprietary Skype protocol or of how the client works, questions as to what else Skype is capable of and what risks are involved in deploying it in an enterprise environment remain open.

Dell tests music player to renew iPod battle

Filed under: — Aviran Mordo

In recent months, personal computer maker Dell Inc., has been testing a digital music player that could go on sale as early as September, the Wall Street Journal newspaper said, citing several Dell officials.

Dell’s new foray would put it into an Apple-led market that has defied assaults.

Companies like Microsoft Corp and Sony Corp have tried — and failed — to make a dent in the market dominated by Apple’s iPod players and iTunes store, the Journal said.

The music player which Dell has been testing features a small navigation screen and basic button controls to scroll through music play lists, the Jornal reported.

It would connect to online music services via a Wi-Fi Internet connection, and Dell would likely price the model at less than $100, the Journal said. Dell’s first foray into the music market in 2003 was a huge disappointment. It withdrew from the music-player market after its DJ Ditty player failed to make major inroads.

China spying on Olympics hotel guests

Filed under: — Aviran Mordo

China has installed Internet-spying equipment in all the major hotel chains serving the 2008 Summer Olympics, a U.S. senator charged on Tuesday.

“The Chinese government has put in place a system to spy on and gather information about every guest at hotels where Olympic visitors are staying,” said Sen. Sam Brownback.

The conservative Republican from Kansas, citing hotel documents he received, added that journalists, athletes’ families and others attending the Olympics next month “will be subjected to invasive intelligence-gathering” by China’s Public Security Bureau. He said the agency will be monitoring Internet communications at the hotels.

The U.S. senator made a similar charge a few months ago but said that since then, hotels have come forward with detailed information on the monitoring systems that have been required by Beijing.

Brownback refused to identify the hotels, but said “several international hotel chains have confirmed the existence of this order.”

Exploit Reveals the Darker Side of Automatic Updates

Filed under: — Aviran Mordo

A new exploit called Evilgrade can take advantage of automatic updaters to install malicious code on unsuspecting systems, and your computers could be more vulnerable than you think.

Evilgrade is designed as a modular framework that accepts plug-ins capable of mounting attacks on a variety of software packages that employ their own auto-update procedures. Currently-supported targets include the Java browser plug-in, WinZip, Winamp, OpenOffice.org, the LinkedIn Toolbar, iTunes, and Mac OS X, among others. Still more plug-ins are liable to be developed in coming months.

The exploit works by pretending to be a genuine upgrade site and sending malicious code when your software was expecting a patch. The code might be anything, from a Trojan horse to a keylogger that intercepts passwords and user accounts.

Making use of the exploit isn’t quite as easy as just pressing a button. It requires a pre-existing “man in the middle” condition, in which an attacker sets up a fake Web host that can intercept traffic traveling between a client and a genuine server. But while ordinarily that might be pretty tricky to achieve, the recently-disclosed DNS security flaw leaves many sites wide open.

China to censor Internet during Games

Filed under: — Aviran Mordo

Foreign reporters will not have complete access to the Internet during the Beijing Olympics, Games organisers said Wednesday, reversing a pledge to bring down the Chinese firewall of censorship.

Sites linked to the banned Falungong spiritual movement and other unspecified ones would remain blocked for the thousands of foreign reporters covering the Games, organising committee spokesman Sun Weide told AFP.

“During the Olympic Games we will provide sufficient access to the Internet for reporters,” said Sun Weide, spokesman for the organising committee.

However “sufficient” access falls short of the complete Internet freedoms for foreign reporters that China’s communist authorities had promised in the run-up to the Games, which begin on August 8.

The head of the International Olympic Committee’s press commission, Kevan Gosper, told AFP that he would take the matter up with Chinese authorities.

“I have heard that there are some limitations on access,” said Gosper.

“I will speak with the Chinese authorities to advise them of the restraints and to see what their reaction is.”

Australian Olympic team chief John Coates, who is also an IOC member, expressed frustration with the decision to continue to censor the Internet, pointing out that China had gone back on one of its “key” Olympic promises.

Comcast, NetZero agree to block Internet child porn

Filed under: — Aviran Mordo

Internet service providers (ISPs) Comcast Corp and United Online Inc’s NetZero have agreed to block access to child pornography, the New York Attorney General’s office said on Tuesday.

The announcement comes a week after New York Attorney General Andrew Cuomo threatened to pursue legal action against Comcast Cable Communications LLC if it did not agree to reforms.

Several other ISPs, such as Verizon Communications Inc and Sprint Nextel Corp agreed in June to block Internet bulletin boards and websites nationwide that disseminate child porn.

Fifth of TV viewers watching online: survey

Filed under: — Aviran Mordo

A fifth of U.S. television viewers are putting down their remote controls and clicking on a mouse instead to watch primetime programs online — particularly professional women, according to a new survey.

It showed that 50 percent of people viewing TV on the Web are watching programs as they become available and “appear to be beginning to use the computer as a substitute for the television set,” Integrated Media Measurement Inc. (IMMI), which conducted the poll, said.

The other half are using the Internet to watch programs they have missed, or to re-watch segments or episodes they have already seen, IMMI, a company which links media exposure to consumer action, added.

“This is the first study to show there are a significant amount of people watching primetime shows online who are not watching some portion of those shows on television,” Amanda Welsh, head of research for IMMI, said in a statement.

The report showed that the largest group of online TV viewers are white, affluent, well educated, working women aged 25 to 44.

Powered by WordPress