‘Trojan Horse’ Bug Lurking in Vital US Computers Since 2011

A destructive “Trojan Horse” malware program has penetrated the software that runs much of the nation’s critical infrastructure and is poised to cause an economic catastrophe, according to the Department of Homeland Security.

National Security sources told ABC News there is evidence that the malware was inserted by hackers believed to be sponsored by the Russian government, and is a very serious threat.

The hacked software is used to control complex industrial operations like oil and gas pipelines, power transmission grids, water distribution and filtration systems, wind turbines and even some nuclear plants. Shutting down or damaging any of these vital public utilities could severely impact hundreds of thousands of Americans.

DHS said in a bulletin that the hacking campaign has been ongoing since 2011, but no attempt has been made to activate the malware to “damage, modify, or otherwise disrupt” the industrial control process. So while U.S. officials recently became aware the penetration, they don’t know where or when it may be unleashed.

DHS sources told ABC News they think this is no random attack and they fear that the Russians have torn a page from the old, Cold War playbook, and have placed the malware in key U.S. systems as a threat, and/or as a deterrent to a U.S. cyber-attack on Russian systems – mutually assured destruction.

The hack became known to insiders last week when a DHS alert bulletin was issued by the agency’s Industrial Control Systems Cyber Emergency Response Team to its industry members. The bulletin said the “BlackEnergy” penetration recently had been detected by several companies.

DHS said “BlackEnergy” is the same malware that was used by a Russian cyber-espionage group dubbed “Sandworm” to target NATO and some energy and telecommunications companies in Europe earlier this year. “Analysis of the technical findings in the two reports shows linkages in the shared command and control infrastructure between the campaigns, suggesting both are part of a broader campaign by the same threat actor,” the DHS bulletin said.

The hacked software is very advanced. It allows designated workers to control various industrial processes through the computer, an iPad or a smart phone, sources said. The software allows information sharing and collaborative control.


World on a string: Breakthrough fiberoptic cable 2,500X faster than fastest internet

Imagine downloading your favorite flick in 31 thousandths of a second. Such insane internet speeds are now a reality, with researchers rolling out a 255 terabits per second fiberoptic network which could transport the entire Internet on a single cable.

The cable, the joint effort of Dutch and US scientists, is 2,550 times faster than the fastest single-fiber links in commercial operation today.

In real terms, it could transfer a 1 GB movie in 0.03 milliseconds or the entire contents of your 1 terabit hard drive in about 31 milliseconds.

At this speed, a single fiber optic cable could theoretically carry the all the data on the internet at peak times.

But how does it work?

Researchers from Eindhoven University of Technology and the University of Central Florida employed a well-known but still cost-prohibitive technology; multi-mode fiber.

Normal fibre optic cables contain thousands of strands of glass or plastic fibre which are slightly thicker than the thread of a needle. These fibers can, in essence, only carry the light for a single laser.

The multi-mode fiber used by the researchers in contrast, has seven distinct cores in a hexagonal shape which are able to carry just as many distinct signals at one time. What’s more, they are squeezed down into the size of the same kind of fiber optic cables used to support the current transatlantic internet cables.

In layman’s terms, it is something akin to a one way road being stretched out into a seven lane highway. This seven lane highway is then stretched into a multi-tier freeway, much like the so-called LA ‘Stack’. Except in this case, it’s like a seven lane, multi-story drag race, with all the power from the individual vehicles being directed into a single source.

Researchers said that this new type of optical fibre is like “allowing 21 times more bandwidth than currently available in communication networks,” which is 4-8 Terabits per second standard.

Moreover, the researchers have introduced “two additional orthogonal dimensions for data transportation – as if three cars can drive on top of each other in the same lane.”

In their test, the researchers managed to reach speeds of 5.1 terabits for each of the seven carriers. Then, by using wavelength division multiplexing (WDM), which allows a number of optical carrier signals onto a single optical wire, they managed to cram 50 carriers down the seven cores, reaching the massive 255 terabit per second speed.

Measuring less than 200 microns in diameter, the new fiber does not take noticeably more space than conventional fibres already deployed, Dr. Chigo Okonkwo who led the work explained.

“These remarkable results, supported by the European Union Framework 7, MODEGAP, definitely give the possibility to achieve petabits per second transmission, which is the focus of the European Commission in the coming seven-year Horizon 2020 research program,” Okonkwo said.

Research results were recently published in the journal Nature Photonics.

While the technology for multi-mode fiber is in place, the price tag on replacing the millions of miles of existing cables could put the upgrade off for decades.

But with the mind-blistering implications of a world wide web operating at thousands of times its current maximum speed, the cost of holding off on the upgrade for too long may be incalculable.


The Dark Web: haven for drugs, guns, sex slavery

Drugs, guns, and counterfeit cash are all for sale in the so-called Dark Web, a secret and sinister part of the internet that’s flourishing despite a massive crackdown. The Dark Web is the subject of an historic trial that begins in November in New York City.

First some semantics. The Dark Web: what is it? It’s a part of the Internet that cannot be accessed by search engines like Google. It’s hidden on purpose. You need a special web browser to access it, and it’s designed to be used anonymously — no tracing. But this year, the light has shined very harshly on the Dark Web. A high-profile criminal case goes to trial next month. At the center of that case is a Dark Web site called Silk Road.

The U.S. government says Ross Ulbricht is behind one of the largest drug and crime rings in history. The man seen in a video on the “Free Ross” website certainly does not look like a worldwide menace, an Internet mobster.

In a video on the site, his mother, Lyn Ulbricht, said Ross “Is the most peaceful, non-violent, positive compassionate person I’ve ever met.”

Ulbricht was arrested last fall on charges of running Silk Road, a Dark Web site akin to Amazon or eBay with buyers, sellers, user and product reviews, except the product in Silk Road’s case is usually drugs.

Ulbricht’s family began a legal defense fund at the freeross.org.

After Ulbricht’s arrest, Silk Road was shut down. But now somebody has launched a new version.

“People did studies on Silk Road and found that the customer satisfaction level was remarkably high,” said Greg Virgin, whose day job is running RedJack, a company that keeps businesses and government agencies safe from hackers.

We asked him to use his knowledge to take us inside the Dark Web. To access it, we used the free TOR browser. Virgin said “TOR” stands for “the onion router.”

“So, it’s a network of servers that relay your traffic across one another so nobody can figure out who you are, where you are,” he said.

Our first stop, Virgin took us to a site that is essentially a Dark Web directory. Without listings like these, the sites would be impossible to access unless we knew the exact addresses.

“People have estimated that more than 70 percent of the activity on the Dark Net is illegal,” Virgin said.

A lot of that illegal activity revolves around money; fake money, in some cases. We saw listings for euros, PayPal accounts, cloned credit cards with PINs, and more.

One ad offered corporate account numbers for sale. Another showed off stacks of counterfeit $20 bills; 10 bills cost $80. And users offered advice on how to spend it: “I’ve finally ordered 10 bills and found a way of spending them at nightclubs. I just ask random drunks for change. 100% success rate.”

On almost every site, it was easy to find ads for electronics, such as new, unlocked iPhone 6 smartphones for sale. Plenty offered fake passports and IDs.

One site seeks donations to recruit jihadists in the United States “to establish a new Islamic front both in the United States and around the world.”

Murder does seem to be big business on the Dark Web. One site seeks to crowd fund assassinations. Another website says it’s easy to obtain high-powered firearms. Of course, no questions are asked. No pesky background checks are undergone.

The currency — as with most things on the Dark Web — is bitcoin.

“Bitcoin is a virtual currency that obscures the people doing the transaction, so the buyer and the seller,” said Bruce Upbin, a managing editor for Forbes. “It’s a piece of code that’s shared between two parties to replace currency.”

Anyone can buy bitcoin, but it’s not cheap. One bitcoin is about $300, although it’s been as high as $1,000.

And then, there is what Greg Virgin said is most disturbing about the Dark Web.

“There are a number of atrocious child exploitation sites,” he said.

In his spare time, Virgin works with the International Justice Mission to find and rescue children being sold on the Dark Web as sexual slaves. He said because of his work, he believes arrests are coming in the near future.

“We believe we’ve found dozens of victims, that there’s a strong possibility for rescue,” he said.

Shawn Henry spent 15 years leading cyber investigations around the world for the FBI before retiring as an executive assistant director.

“Imagine from a law enforcement perspective the challenge in identifying people who have never gotten together physically, who live in five separate countries,” Henry said, adding that the Dark Web is a nightmare for law enforcement.

It is also the source of all the high-profile hacks we’ve seen this past year. Target, Home Depot, Chase, Neiman Marcus have all been broken into. Even the U.S. government database holding personal information for employees with sensitive security clearance was breached.

“Can you protect the network from being breached? That’s out the window now,” Henry said. “We need to change the paradigm here and it needs to be: how soon after an adversary makes access do we detect them.”

His biggest fear is hackers, working through the Dark Web’s anonymity, going after power plants and financial systems; cyber terrorism.

“There are actually terrorist groups that are calling for electronic jihad,” Henry said. “What if the lights go out for a week, two weeks, a month? How do we handle that as a nation?” He said he believed it “absolutely” possible.

So, where did this come from? It may be hard to believe but TOR, the software that makes this anonymous and so hard to track and makes much of what you’ve just seen possible, was created by the United States Navy. Part of the goal was help people in oppressed nations have Internet freedom. So the Dark Web is not all bad.

“For us in America we live in a free society, for the most part, but there’s plenty of people in the world who don’t, who live in oppressive regimes, where they control the Internet,” Upbin of Forbes said.

Whether it’s pro-democracy protests in Hong Kong or the Arab Spring, the Dark Web’s anonymity helps makes it possible by letting organizers spread the word.

That brings us back to Silk Road and the criminal case pending against Ross Ulbricht.

Julia Tourianski, a blogger from Toronto, said she believes internet freedom in the U.S. rests on the outcome of the Silk Road case.

“This is about the future of our Internet freedom,” she said. “If Ross Ulbricht loses then I think what will happen is anybody who uses TOR networks or anonymous systems will be considered a criminal by default.”

Tourianski is a supporter of Ulbricht’s mother, who said the U.S. government is trying to rewrite law.

Lyn Ulbricht has traveled the country to raise awareness about the Silk Road case and has become something of an Internet star. She would not agree to an interview with us, but we caught her speech at Liberty Fest in Brooklyn. She believes the outcome of the case could lead to a world where everyone’s activities on the web are monitored.

Of course, Edward Snowden showed us last year the NSA is already collecting information about phone calls and emails.

“It’s something far more dangerous than any website could be and that is what our government has become and how they operate,” Lyn Ulbricht said at Liberty Fest.

Tourianski said the Dark Web’s dark side is worth living with.

“Most people are inherently good, and just because a small percentage of people may or may not commit a crime, we shouldn’t police everybody,” Tourianski said. “And if we do, that’s not a world anybody wants to live in.”

Ross Ulbricht has pleaded not guilty to all charges. His trial is set to begin November 10. No matter the outcome for him, the Dark Web seems to continue defying law enforcement despite their pledge to crack down.

Ulbricht’s lawyer and the U.S. attorney prosecuting the case declined to comment for our story.

If Ulbricht is convicted of the most serious charges he faces a maximum sentence of life in prison.


FBI director: iPhones shields pedophiles from cops


Apple’s new privacy features protect kidnappers, pedophiles and terrorists, according to FBI director James Comey.

In an interview on CBS’ “60 Minutes” on Sunday, Comey said Apple’s encryption standards for iPhones and iPads “put people beyond the law.”

Apple (AAPL, Tech30) recently took measures to enhance user privacy. Now, only users have the key to unlock text messages, photos and emails on their device. As such, iOS 8 will shield your data from anyone — including police.

Here’s how it works: You send a text message that’s encrypted on your device. It passes through Apple servers as jumbled code nobody can crack. And it can only get decrypted by your friend’s iPhone passcode.

Google (GOOG) has announced it’s doing the same for its Android devices.

The FBI director isn’t pleased.

“The notion that people have devices… that with court orders, based on a showing of probable cause in a case involving kidnapping or child exploitation or terrorism, we could never open that phone? My sense is that we’ve gone too far when we’ve gone there,” Comey told CBS.

Comey compared selling iPhones to selling “cars with trunks that couldn’t ever be opened by law enforcement with a court order.”

But there are two things that are wrong with that statement:

1) The FBI can still get your phone data. Now, they can’t do it secretly by going to Apple or Google. Agents must knock on your front door with a warrant in hand — the way it’s always been.

If you don’t give the FBI access to your phone, it can ask a federal judge to force you. If you refuse, the government can throw you in jail and hold you in contempt of court.

The FBI and Apple did not respond to requests for comment.

Joel Kurtzberg is a New York lawyer who specializes in First Amendment cases (in which journalists often refuse court orders to disclose sources). He said the biggest difference now is that the FBI can’t be covert when it wants your data.

“This is going to make it harder for law enforcement. Now, they’ll have to tip off their target,” he said. “And it will result in instances where someone will destroy evidence.”

But even for the most dangerous cases, there are still workarounds. Video surveillance — the classic kind — can spy on someone as they type their passcode. And the NSA has technology to slip device-controlling malware into phones anyway.

iPhone 6 vs. Galaxy Alpha: Cost to make

2) Opening devices to law enforcement means opening them to hackers. When it comes to data, possession of a key is everything. If your passcode is the only thing that unlocks your digital life, then it doesn’t matter if the FBI presents Apple or Google with a warrant — or if hackers break into the company’s servers. They won’t get anything useful.

The FBI wants companies to keep a backdoor into your life. That’s a problem, because as Comey himself has said in the past, everyone is under attack by hackers.

As Comey said in a previous episode of 60 Minutes: “There are those who’ve been hacked by the Chinese and those who don’t know they’ve been hacked by the Chinese.”

Related: Kmart says payment systems hacked

“You can’t have it both ways,” said David Oscar Markus, a Miami defense attorney with expertise in police searches and seizures. “If there’s a backdoor, it can be exploited. The government shouldn’t get to pick and choose what’s protected.”

CNNMoney is investigating recent hacks. Have you had money stolen from your bank account? Has someone stolen your identity? Share your story.

Related: Snapchat isn’t private. Period.

Related: How safe are you? CNNMoney’s cybersecurity Flipboard magazine



The Internet is broken

Reports of Internet bugs like like Heartbleed and the recent shellshock are growing more frequent and the problems they pose are increasingly more dangerous.

Why? For two reasons that aren’t going to change anytime soon.

The Internet was never meant for this. We use the Internet for banking, business, education and national defense. These things require privacy and the assurance that you are actually who you say you are.

The Internet, as it was designed, offers neither. When the Worldwide Web was built 25 years ago, it existed as a channel for physicists to pass research back and forth. It was a small, closed community. The scientists at Stanford trusted the researchers at the University of California – Los Angeles.

Related: Shellshock bug could let hackers attack through a lightbulb

In 2014, it’s still standard to send Internet communication in plain text. Anyone could tap into a connection and observe what you’re saying. Engineers developed HTTPS nearly 20 years ago to protect conversations by encrypting them — but major email providers and social media sites are only now enabling this. And sites like Instagram and Reddit still don’t use it by default.

How hackers beat the Heartbleed bug

The Internet was also built on set of rules that requires every packet of sent information to have a valid address, kind of like a phone number — but the rules aren’t strict about validating the source. So, it can be spoofed. As a result, hackers can fake a return address. When millions of fraudulent packets are “returned to sender” all at once, a website can get shut down by a flood of illegitimate traffic — known as a Denial of Service attack.

“When the Internet evolved, the climate was friendly. That’s not true now,” said Paul Vixie, who was instrumental in developing how we connect to websites today. “A trusted network of academics is not a global network for all of humanity.”

Software is a hodgepodge of flawed Lego blocks. The big, ugly secret in the world of computer science is that developers don’t check their apps closely enough for bugs.

Today, software is so profitable that developers are under intense pressure to churn out apps as quickly as possible.

Related: Heartbleed Part 2: The handshake bug

When developer Peter Welch wrote a frightening essay revealing the sausage-making process, he explained how modern day developers rapidly stack together building blocks of code — without reviewing it for mistakes or ensuring the whole thing won’t collapse or let in a hacker.

“People will start cutting corners and speeding up,” Welch said in an interview. “It’s less about understanding the academic value of code and more about producing the product. We’ve lost some safety for speed.”

Sometimes, that flawed code becomes widespread. Most of the world relies on open-source software that’s built to be shared and maintained by volunteers and used by everyone — startups, banks, even governments.

There’s an illusion of safety. The thinking goes: So many engineers see the code, they’re bound to find bugs. Therefore, open-source software is safe, even if no one is directly responsible for reviewing it.

Nope. Last week’s shellshock bug is the perfect example of that flawed thinking. Bash, a program so popular it’s been placed on millions of machines worldwide, was found to have a fatal flaw that’s more than 20 years old. Eyes were on it, but no one caught it until now.

“It’s not Toyota having a recall,” explained Scott Hanselman, a programmer and former college professor in Oregon. “It’s like tires as a concept have been recalled and someone says, ‘Holy crap, tires?! We’ve been using tires for years!’ It’s that level of bad.”


Inventor of World Wide Web warns of threat to internet

London (AFP) – The British inventor of the World Wide Web warned on Saturday that the freedom of the internet is under threat by governments and corporations interested in controlling the web.

Tim Berners-Lee, a computer scientist who invented the web 25 years ago, called for a bill of rights that would guarantee the independence of the internet and ensure users’ privacy.

“If a company can control your access to the internet, if they can control which websites they go to, then they have tremendous control over your life,” Berners-Lee said at the London “Web We Want” festival on the future of the internet.

“If a Government can block you going to, for example, the opposition’s political pages, then they can give you a blinkered view of reality to keep themselves in power.”

“Suddenly the power to abuse the open internet has become so tempting both for government and big companies.”

Berners-Lee, 59, is director of the World Wide Web Consortium, a body which develops guidelines for the development of the internet.

He called for an internet version of the “Magna Carta”, the 13th century English charter credited with guaranteeing basic rights and freedoms.

Concerns over privacy and freedom on the internet have increased in the wake of the revelation of mass government monitoring of online activity following leaks by former US intelligence contractor Edward Snowden.

A ruling by the European Union to allow individuals to ask search engines such as Google to remove links to information about them, called the “right to be forgotten”, has also raised concerns over the potential for censorship.

“There have been lots of times that it has been abused, so now the Magna Carta is about saying…I want a web where I’m not spied on, where there’s no censorship,” Berners-Lee said.

The scientist added that in order to be a “neutral medium”, the internet had to reflect all of humanity, including “some ghastly stuff”.

“Now some things are of course just illegal, child pornography, fraud, telling someone how to rob a bank, that’s illegal before the web and it’s illegal after the web,” Berners-Lee added.


‘You are not a product’: Privacy-friendly ad-free ‘anti-Facebook’ network Ello explodes

A mostly obscure, privacy-orientated social network – an ‘anti-Facebook’ of sorts – has recently undergone meteoric growth. It poses itself as an advert-free enterprise which is not going to become a tool to manipulate its users.

‘Anti-facebook’ network Ello kicked off in July as an invite-only social network seeking to have an advert-free user-orientated role rather than becoming a profit-generating enterprise, according to itsmanifesto.

“Your social network is owned by advertisers. Every post you share, every friend you make and every link you follow is tracked, recorded and converted into data,” it points out.

Screenshot from ello.co

Screenshot from ello.co

Ello pledges that it will never sell user data to advertisers, forfeiting the one source of income keeping afloat online giants like Facebook and Google. Instead it attempts to cover expenses by selling premium features, such as managing several accounts from a single login – a service that appeals to privacy-focused users.

“We believe a social network can be a tool for empowerment. Not a tool to deceive, coerce and manipulate — but a place to connect, create and celebrate life. You are not a product,” Ello calmly states.

This ‘social network with a conscience’ approach appears to be filling a large gap in the market given Facebook’s ever-changing privacy policy and targeted advertisements.

According to the latest data from the Pew Research Centre, 71% of adults who use the internet use Facebook – an enormous proportion. However, while Ello is still undergoing beta testing, recent weeks have seen a mass-influx of users to the site – users who are apparently becoming increasingly dissatisfied with Facebook.

For months, the network remained small and grew slowly as word-of-month brought in new users. The likely driver for the explosive growth of Ello is the LGBT community, The Daily Dot points out.

Facebook had a falling out with the LGBT community due to the company’s strict ‘real name’ policy, thereby meaning drag queens couldn’t go under assumed titles.

While the giant’s desire to have as accurate as possible profiles of its users is understandable, considering that it is the profiles that make the money, the enforcement of the real name policy offends those who prefer to keep their identity private, often for safety reasons.

In what The Daily Dot, one of the first big news outlets to report Ello’s sudden rise, called a “queer mass exodus,” LGBT folk apparently fled Facebook. And newcomer Ello’s core team didn’t fail to notice the influx.

READ: Facebook takes down drag queens’ profiles

Artists, bloggers, people who are concerned about privacy, people who have had problems with stalkers, celebrities, and members of the LGBTQ community sometimes choose not to use their real names — out of personal preference, or to protect themselves,” Paul Budnitz, a toy maker by profession and one of the Ello creators told BetaBeat.

“All these people are being kicked out of Facebook.”

Since going viral, requests to join Ello went to over 27,000 per hour. Twitter overflowed with invite requests while eBay spurred an enormous black market for them. Ello briefly suspended new invites and experienced a website crash, which is understandable for a website that’s technically still in beta mode.

The Ello team also had to address new users’ concerns, pledging a zero-tolerance policy toward “hate, trolls, spamming, stalking, impersonating others, threats and abusive behavior toward anyone.” At the request from erotic artists and sex workers it changed posting rules to allow porn material (once NSFW tagging is rolled out) – as long as it isn’t something illegal, like child pornography.

Between fighting technical glitches, developing new features like making a profile private, and dealing with the unexpected scale-up, Ello say they will be true to their manifesto. Many wonder whether its black, eyeless smiley logo may one day become as ubiquitous as the white-on-blue word “Facebook,” or will sink back into obscurity once the fad passes.

Those who are more skeptical suspect that Ello is just a case of clever niche marketing that is bound to become as bad as the big players it criticizes.

However, it is currently remaining defiant in the face of such suggestions. While sales of the features – which will go for an estimated $1 or $2, Ello is relying on the fact that it will be inexpensive to maintain such a website.

In the “coming soon” section, the site says that its users can expect audio integration – such as soundcloud, the ability to ‘block’ other users, and video integration, among other things.


Pirate Bay fools the system with cloud technology

Despite years of persecution, the world’s most notorious pirated content exchange continues to flout copyright laws worldwide. The Pirate Bay team revealed how cloud technology made their service’s virtual servers truly invulnerable.

Two founders of The Pirate Bay (TPB) file exchange are in prison, but their creation continues to receive millions of unique visitors daily and remains among the 100 most popular websites worldwide.

Today The Pirate Bay has 21 “virtual machines” (VMs) scattered around the globe with cloud-hosting providers, and the new setup works just fine, reported TorrentFreak, having anonymously questioned the Pirate Bay team. The cloud technology made the site more portable, eliminated the need for any crucial pieces of hardware and therefore made the torrent harder to take down. Costs have decreased and better uptime is now guaranteed.

True geeks cannot follow up hardware and server setup anymore, but the advantages of the new tech set-up for the notorious torrent site outweigh any inconveniences.

After operating ‘in exile’ in Guyana and Peru without much luck, two years ago The Pirate Bay team made a landmark decision and decided to move away from operating physical servers and switched all of their operations to the cloud.

Reuters/Susanne Lindholm/Scanpix Sweden

Reuters/Susanne Lindholm/Scanpix Sweden

Two years ago there were just four VMs, but the increased traffic has heralded a five-fold growth of virtual machines.

Out of 21 VMs, eight are busy serving web pages. Six machines are processing the searches, while TPB’s database is being run on two VMs. The remaining five VMs are needed for load balancing, statistics, torrent storage, the proxy site on port 80 and controller functions.

The system operates using 182 GB of RAM and 94 GPU cores, with total storage capacity of 620 GB, which are not used in full, actually. Considering the scale of The Pirate Bay website, these characteristics are quite modest.
One of the secrets of the modern day TPB is that the commercial cloud providers hosting the torrent site have no idea that the PTB is among their clients. The load balancer VM that funnels all the traffic to other TPB virtual servers masks their activities, which means none of the IP-addresses of the cloud hosting providers are publicly linked to TPB. This makes the new TPB virtually ‘raid-proof’ and very hard for police to track it down. There are no more physical servers to be seized, too, as happened in 2006, when Swedish police raided TPB’s hosting company, seizing everything from servers to fax machines and blank CDs.

Despite occasional difficulties that hit the service from time to time, there have been no major breakdowns recently and no agency has attempted to shut the torrent site down.

It is true that cloud servers can be disconnected like any physical server, but even in that case restoration of the operation is much easier than before and services can be restored from a different provider relatively quickly.

Still, The Pirate Bay remains The Pirate Bay, and this name is widely known among registrars as the root of evil, burning through five separate domain names the last year alone. But that doesn’t dampen the spirits of the TPB team, as operators have dozens of alternative domain names waiting in the wings.

Pirate Bay co-founders Fredrik Neij (L), Gottfrid Svartholm (C) and Peter Sunde leave the city court after the last day of argument's in their copyright trial in Stockholm March 3, 2009. (Reuters/Bob Strong)

Pirate Bay co-founders Fredrik Neij (L), Gottfrid Svartholm (C) and Peter Sunde leave the city court after the last day of argument’s in their copyright trial in Stockholm March 3, 2009. (Reuters/Bob Strong)

Two of TPB’s original founders, Gottfrid Svartholm and Peter Sunde, are currently serving terms in prison and TPB has posted a banner asking visitors to send their support to the site’s founders.

“Show your support by sending them some encouraging mail! Gottfrid is only allowed to receive letters, while Peter gladly receives books, letters and vegan candy.”

When Svartholm and Sunde are out of jail, they’ll find that the rules of the pirate game have changed – and most probably in their favor.


Governments spy on journalists with weaponized malware – WikiLeaks

Journalists and dissidents are under the microscope of intelligence agencies, Wikileaks revealed in its fourth SpyFiles series. A German software company that produces computer intrusion systems has supplied many secret agencies worldwide.

The weaponized surveillance malware, popular among intelligence agencies for spying on “journalists, activists and political dissidents,” is produced by FinFisher, a German company. Until late 2013, FinFisher used to be part of the UK-based Gamma Group International, revealed WikiLeaks in the latest published batch of secret documents.

FinFisher’s spyware exploits and monitors systems remotely. It’s capable of intercepting communications and data from OS X, Windows and Linux computers, as well as Android, iOS, BlackBerry, Symbian and Windows Mobile portable devices. Three back-end programs are required for the spy program to operate. FinFisher Relay and FinSpy Proxy programs are FinFisher suite components that route and manage intercepted traffic, redirecting it to the FinSpy Master collection program. The spyware can steal keystrokes, Skype conversations, and even connect to your webcam and watch you in real time.

The whistleblower has a list of FinFisher surveillance software buyers. Among the German malware developer’s clients are intelligence agencies and police forces from Australia, Bosnia, Estonia, Hungary, Italy, Mongolia, the Netherlands, Pakistan and Qatar.

According to WikiLeaks’ estimates, FinFisher has already earned about 50 million euros in sales.

“FinFisher continues to operate brazenly from Germany selling weaponized surveillance malware to some of the most abusive regimes in the world,” the founder and editor-in-chief of Wikileaks, Julian Assange, said.

Earlier this year, the tapping of Chancellor Angela Merkel’s mobile phone by the American National Security Agency (NSA) created a scandal that rocked the German political establishment: a revelation made thanks to documents exposed by the former NSA contractor and whistleblower Edward Snowden.

Yet, despite all this, FinFisher continues its activities in Germany unhindered.

“The Merkel government pretends to be concerned about privacy, but its actions speak otherwise. Why does the Merkel government continue to protect FinFisher?” Assange asked.

Assange is calling for an ‘antidote’ to the German-made FinFisher FinSpy PC spyware, saying a tool is needed to repel such activities and expose those who do the surveillance by tracking down spying command and control centers.

WikiLeaks has made newly indexed FinFisher breach material public via torrents, “including new brochures and a database of the customer support website, that provide updated details on their product line and a unique insight into the company’s customer-base.”

“In order to make the data more easily accessible and consumable, all the new brochures, videos and manuals are now available organized under the related FinFisher product name. The database is represented in full, from which WikiLeaks compiled a list of customers, their eventual attribution, all the associated support tickets and acquired licenses, along with the estimated costs calculated from FinFisher’s price list,” the WikiLeaks memo said.

After the scandal that followed revelations of mass NSA spying worldwide, Germany and France came up with an idea to build a trustworthy data protection network in Europe to avoid data passing through the US.

The US slammed such plans to construct an EU-centric communication system, designed to prevent emails and phone calls from being swept up by the NSA, warning that such a move is a violation of trade laws.


High Speed Click Fraud: Over One Third Of All Internet “Traffic” Is Fake

“When you bundle bots, clicks fraud, viewability and the lack of transparency [in automated ad buying], the total digital-media value equation is being questioned and totally challenged,” warns one advertising group executive as theWSJ reports about 36% of all Web traffic is considered fake, the product of computers hijacked by viruses and programmed to visit sites. This means, simply put, that marketers, who are pouring billion of dollars into online advertising, are confronting an uncomfortable reality: rampant fraud… and the fraud is only going to get worse…

Via WSJ,

Spending on digital advertising—which includes social media and mobile devices—is expected to rise nearly 17% to $50 billion in the U.S. this year. That would be about 28% of total U.S. ad spending. Just five years ago, digital accounted for 16%.

The big question is whether attitudes will change if signs of fraud increase.

Billions of dollars are flowing into online advertising. But marketers also are confronting an uncomfortable reality: rampant fraud.

About 36% of all Web traffic is considered fake, the product of computers hijacked by viruses and programmed to visit sites, according to estimates cited recently by the Interactive Advertising Bureau trade group.

So-called bot traffic cheats advertisers because marketers typically pay for ads whenever they are loaded in response to users visiting Web pages—regardless of whether the users are actual people.

The fraudsters erect sites with phony traffic and collect payments from advertisers through the middlemen who aggregate space across many sites and resell the space for most Web publishers. The identities of the fraudsters are murky, and they often operate from far-flung places such as Eastern Europe, security experts say.

Big advertisers are in “crisis”

Chief Executive Vivek Shah, the chairman of the Interactive Advertising Bureau, said at the group’s annual conference last month that Internet advertising was facing a “crisis.”

“The clients we work with would love to spend more money in digital,” says Quentin George, a co-founder of ad-technology consulting firm Unbound. “But until we give them more control and transparency on how the money is being spent, they will continue to have questions and hold money back.”



“We’re aware of the concerns within the industry about ad fraud and are working to address those concerns as they pertain to our business,” a GM spokeswoman says.

One wonders just how “valuable” all those social media companies really are if the bots and fraud was removed? This isn’t the first time we have discussed this, but it seems even the advertisers are now doubting the new word order of “social” and “mobile” as the panacea for ad spend.