sunnuntai 4. heinäkuuta 2010

YouTube Hacked, Justin Bieber Videos Targeted...




















In the past hour it appears YouTube has become the target of a hacker attack, specifically targeting videos of pop singer Justin Bieber.
Videos relating to the star have been hit with a redirect hack with a number of different payloads. We’ve seen one redirect to an infamous, explicit “One Man One Jar” video while another covers the screen in the words “OMG Faggot”. A Twitter search confirms that the problem is widespread. Some users are reporting seeing a banner claiming that Bieber is dead.

So, what’s causing this? Coder Richard Cunningham writes on his Posterous blog that it relates to video comments.

“It looks like they are deliberately using malformed HTML to get past YouTube’s checks for HTML sanitisation in the comments. The comment I’ve seen is using the long forgotten marquee tag and a javascript alert, though in principle it could be expanded to support XSS type flaws.”

YouTube appears to be deleting or blocking comments on many video pages. The attack comes on the same day as an apparent iTunes App Store hack came to light. We’ll update with more information as we get it.
UPDATE: Discussions on the notorious 4chan bulletin board site point to members of its community being to blame. We won’t link to the site (the link would be unlikely to last long if we did) so here’s a screenshot of one such message.


UPDATE 2:
Reports on 4chan say that YouTube has blocked the script that hackers were using:



UPDATE 3:
An update via Slashdot:
Several hours ago, someone found an HTML injection vulnerability in YouTube’s comment system, and since then sites such as 4chan have had a field day with popular videos. The bug is triggered by placing a

What to do??? That is the question…

Ok, lately i have been looking for a job and i have been in couple of interviews also. The fact is that there are not that many IT jobs available here in the north finland. The interviews that i have been in are basically IT-sales jobs, i do not want to work in the sales, i want to work with computers, programming and networking...

I know that there are some jobs available in south-finland but the fact is that i cant move there, because my wife has one more year left in the university here.

Do you guys have any ideas on how the get a job from the north-finland???

Google is building their datacenter in Finland now, maybe i can get a job from them…

lauantai 3. heinäkuuta 2010

Apple, What the hell are you doing???

Apple has been in the headlines lately, because of iPhone 4. This time the news is not good, it seems to be that there is a problem with the antenna of the phone. Apple is usually known from their very high quality in their devices. A phone this expensive should not have this kind of problem. Apple also gave some guidelines on how to use the new iPhone, " Do not cover the left bottom corner of the phone." I mean what the fuck is this now. My opinion is that if there is this kind of problem, they need to recall all the iPhones and fix the issue. If they can't provide a real working solution for this issue, otherwise this might hurt Apple's reputation…I just know that i'm not getting one before it is 100% functional.


check out the video made while the new iPhone 4G was in finnish operator (sonera) network
check out the video here

perjantai 2. heinäkuuta 2010

Finland has become the first country in the world to make broadband a legal right for every citizen

Finland is in international headlines again, this time it is positive news. As most of you already know or may not know, Finland is now the first country in the world that has made broadband a legal right for every citizen. This is a huge step-up for finland's digital age. Also Finland is once again pulling the technology train forward.




I found an article from BBC concerning this matter and here it is:


Finland has become the first country in the world to make broadband a legal right for every citizen.
From 1 July every Finn will have the right to access to a 1Mbps (megabit per second) broadband connection.
Finland has vowed to connect everyone to a 100Mbps connection by 2015.
In the UK the government has promised a minimum connection of at least 2Mbps to all homes by 2012 but has stopped short of enshrining this as a right in law.
The Finnish deal means that from 1 July all telecommunications companies will be obliged to provide all residents with broadband lines that can run at a minimum 1Mbps speed.
Broadband commitment
Speaking to the BBC, Finland's communication minister Suvi Linden explained the thinking behind the legislation: "We considered the role of the internet in Finns everyday life. Internet services are no longer just for entertainment.
"Finland has worked hard to develop an information society and a couple of years ago we realised not everyone had access," she said.
It is believed up to 96% of the population are already online and that only about 4,000 homes still need connecting to comply with the law.
In the UK internet penetration stands at 73%.
The British government has agreed to provide everyone with a minimum 2Mbps broadband connection by 2012 but it is a commitment rather than a legally binding ruling.
"The UK has a universal service obligation which means virtually all communit
Making broadband a legal right could have implications for countries that plan tough action on illegal file-sharing.
Both the UK and France have said they may cut off or limit the internet connections of people who persistently download music or films for free.
The Finnish government has adopted a more gentle approach.
"We will have a policy where operators will send letters to illegal file-sharers but we are not planning on cutting off access," said Ms Linden.
A poll conducted for the BBC World Service earlier this year found that almost four in five people around the world believed that access to the internet is a fundamental right.

(http://news.bbc.co.uk/2/hi/technology/10461048.stm)

keskiviikko 30. kesäkuuta 2010

Apple's history in 2 minutes…

tiistai 29. kesäkuuta 2010

Google to compete against Facebook in social media with Google Me…

I found this from the internet and i thought to post it here because i think that many people might be interested to read this…

Yesterday, Digg CEO Kevin Rose tweeted that he’d heard a “huge rumor” that Google was planning to launch a Facebook competitor called “Google Me”, sparking off a wave of speculative reports (Rose has since removed the tweet). NowAdam D’Angelo, who was Facebook’s CTO for years and is now founder of hot Q&A service Quora, is weighing in with more details. And from what he’s hearing, Google Me is indeed very real, and it’s gunning for Facebook.
D’Angelo shared his thoughts as an answer to one of the questions on Quora. Here’s his response:
    Here is what I’ve pieced together from some reliable sources:
  • This is not a rumor. This is a real project. There are a large number of people working on it. I am completely confident about this.
  • They realized that Buzz wasn’t enough and that they need to build out a full, first-class social network. They are modeling it off of Facebook.
  • Unlike previous attempts (before Buzz at least), this is a high-priority project within Google.
  • They had assumed that Facebook’s growth would slow as it grew, and that Facebook wouldn’t be able to have too much leverage over them, but then it just didn’t stop, and now they are really scared.
You can read more responses to the question on the Quora thread here.
This obviously has the potential to be huge, and Facebook needs a strong competitor. But even if Google has an amazing site in the pipeline, creating the next Facebook is going to be easier said than done — nearly 500 million people already have their content stored on Facebook, and despite what Facebook has claimed about being open, I doubt they’ll make it easy for anyone to jump into the arms of a competitor. Not to mention the fact that Google has had shortcomings with its social sites like Buzz, Wave, and Orkut. This could be a very interesting battle.

The new Nokia N9 leaked…



From the video above you can see the assumed new Nokia N9 flagship phone...It is not 100% sure that this really is the actual phone, but this matter has been on finnish media lately. From the video you can also see some of the technical features of the phone, for example that it has 8mp camera and hdmi-port....

maanantai 28. kesäkuuta 2010

NOKIA gives up SYMBIAN on the N-series

Nokia has just announced that they are giving up the symbian operating system on their N-series phones, in the future the N-series will come with Meego. Meego is a joint project that Nokia has been conducting with Intel.

I have to say that this is a good news from Nokia, users of Nokia has for a long time now demanded that Nokia changes their Operating system to something more advanced and stable. Maybe now we can stop pulling the batteries from our Nokia phones to make it work.

Here is some info of Meego for all of you who are interested…


"MeeGo is a Linux-based open source mobile operating system project which was announced at Mobile World Congress in February 2010 by Intel and Nokia in a joint press conference. Its aim is to merge the efforts of Intel on Moblin and of Nokia on Maemo into one project. It is hosted by the Linux Foundation. According to Intel, MeeGo was developed because Microsoft did not offer comprehensive Windows 7 support for the Atom processor.
Harmattan, originally slated to become Maemo 6, is now considered to be a MeeGo instance (though not a MeeGo product), and Nokia is giving up the Maemo branding for Harmattan and beyond (Fremantle and previous will still be referred to as Maemo instances).

MeeGo is intended to run on a variety of hardware platforms including handhelds, in-car devices, netbooks and televisions. All platforms share the MeeGo core, with different UX (User eXperience) layers for each type of device.
MeeGo provides support for both ARM and Intel x86 processors with SSSE3 enabled  and uses btrfs as the default file system." (http://en.wikipedia.org/wiki/MeeGo)
(http://www.reuters.com/article/idUSLDE65N14720100624)

sunnuntai 27. kesäkuuta 2010

Apple iPhone 4G or Motorola Droid X???

Lately i've been thinking that what will be my next phone, i basically have 2 choices iPhone 4G and Droid X. Both of the phones are very good and the choosing the right phone will be difficult. Currently i have iPhone 3G and it is currently the best phone i ever had.

To be honest i am getting more interested of the Droid X, it has a better camera, bigger screen and it has Android 2.1 with Motoblur.
So technically Droid X is more advanced than iPhone 4 but iPhone is always iPhone.

Getting Droid X in finland will not be easy because this is Nokia land. Well i can always get it from Sweden or from middle europe.

Which one would you buy?

perjantai 15. tammikuuta 2010

FIRST FINN BUYS TICKETS INTO SPACE


Finland’s first space tourist has booked a flight on Virgin Galactic’s commercial spacecraft. The traveller shelled out some 140,000 euros for the ticket into space.
Virgin Galactic has already sold trips to some 300 fledgling astronauts around the world, says Area, the company’s sales agent in Finland. The tourist spaceship is scheduled to begin test flights next year.
The company's commercial spaceflights depart from New Mexico in the United States and Kiruna in Sweden.
During the two-hour flight astronauts get a glimpse of space at 115 kilometres above earth and experience weightlessness for five minutes.
Confidentiality clauses prevent Area from releasing the identity of the Finnish space tourist.

Nasa photographs 'trees' on Mars




The "trees" are really trails of debris caused by landslides as ice melts in Mars's spring Photo: NASA
The images appear to show rows of dark "conifers" sprouting from dunes and hills on the planet surface. But the scene is actually an optical illusion.
The photographs actually show sand dunes coated with a thin layer of frozen carbon dioxide, or dry ice, less than 240 miles from the planet's north pole.
The "trees" are really trails of debris caused by landslides as ice melts in Mars's spring. You can even see a cloud of dust, just to the left of centre of the picture, where an avalanche is caught happening.
The photograph was taken from orbit around Mars by HiRISE, the most powerful camera sent to another planet.
NASA's Candy Hansen told The Sun: "The streaks are sand, dislodged as ice evaporates, which slide down the dune. At this time of the Martian year the whole scene is covered by CO2 frost."
Last month Nasa announced a new telescope had detected five planets outside the solar system. The observatory, which was launched last year to find other Earths, made the discoveries in its first few weeks of science operations.
Although the new worlds, called exoplanets, are all bigger than Neptune, Nasa said their discovery showed that the planet hunting telescope was working well.

Welcome to DarkMarket – global one-stop shop for cybercrime and banking fraud • Personal data and tutorials in hacking offered online • Founder of site traced to London internet cafe


Renukanth Subramaniam, 33, is accused of being a key figure in running DarkMarket, a website where criminals exchanged information on stolen credit cards and other data. Photograph: Serious Organised Crime Agency/AP
To the casual observer, there was little to distinguish the Java Bean internet cafe in Wembley from the hundreds of others dotted around the capital. But to surveillance officers staking it out month after month, this unremarkable venue was the key to busting a remarkable and sophisticated network of cyber criminals.
From the bank of computers inside, a former pizza bar worker ran an international cyber "supermarket" selling stolen credit card and account details costing the banking industry tens of millions.
Renukanth Subramaniam, 33, was revealed today as the founder and a major "orchestrator" of the secret ­DarkMarket website, where elite fraudsters bought and sold personal data, after it was infiltrated by the FBI and the US Secret Service.
Membership was strictly by invitation. But once vetted, its 2,000 vendors and buyers traded everything from card details, obtained through hacking, phishing and ATM skimming devices, to viruses with which buyers could extort money by threatening company websites.
The top English language cybercrime site in the world, it offered online tutorials in account takeovers, credit card deception and money laundering. Equipment – including false ATM and pin machines and everything needed to set up a credit card factory – was available.
It even featured breaking-news-style updates on the latest compromised material available, while criminals could buy banner adverts to promote their wares.
So vast was its reach, with members in the UK, Canada, US, Russia, Turkey, Germany and France, the UK's Serious Organised Crime Agency (Soca), which helped bust it, said it was "impossible" to put a figure on how much it cost banks worldwide.
Subramaniam, who used the online soubriquet JiLsi, was remanded in custody at his own request at Blackfriars crown court today after pleading guilty to conspiracy to defraud and five counts of furnishing false information. Judge John Hillen warned it was "inevitable" he faced a "substantial custodial sentence".
A Sri Lankan-born British citizen, Subramaniam was a former member of ShadowCrew, DarkMarket's forerunner, which was uncovered by the US Secret Service in 2004. "JiLsi was one of the highest in cybercrime in this country with what he managed to achieve setting up a forum globally. No JiLsi, no DarkMarket," said one Soca investigator.
Its 2,000 members never met in real life. Quality, not quantity, was the key. DarkMarket was fastidious in banning "rippers" who would cheat other criminals. Honour among thieves was paramount.
It operated an "escrow" service, with payments and goods exchanged through a third party – "like a PayPal for criminals", the judge observed, and an arbitration service resolved disputes. To keep off the radar, the rules were strict: no firearms, drugs or counterfeit currency.
Built on a pyramid structure, administrators decided who joined, moderators ran specific site sections, and reviewers vetted wannabes – each demanding 5% or £250 per transaction as a fixer's fee.
To get on, criminals had to present details of 100 compromised cards free of charge - 50 to one reviewer, 50 to another. Reviewers would test the cards and write an online review of customer satisfaction – just like eBay customers. "If the cards did what they were supposed to … they would be recommended. If not they weren't allowed in," said the investigator.
Payment was via accounts on WebMoney, or E-Gold. "It was the QuickTime method of sending money anywhere."
Subramaniam was one of the top administrators. He kept his operating system on memory sticks. But when one was stolen, costing him £100,000 in losses and compromising the site's security, he was downgraded to reviewer. Surveillance officers caught him logging on to the website as JiLsi unaware the fellow criminal MasterSplyntr he was talking to was, in fact, an FBI agent called Keith Mularski.
Considerable money was exchanged, though actual transactions took place away from the site for security reasons. One buyer spent £250,000 on stolen personal information in just six weeks.
Described as "a very quiet man", Subramaniam worked at Pizza Hut and as a dispatch courier. "He owned three houses but was largely itinerant," said Sharon Lemon, Soca deputy director. "The key to investigations of this sort is finding the evidence to connect the online persona with a living, breathing person."
Harendra de Silva QC, defending Subramaniam, said the "evidence was unchallenged" but said the "question of interpretation does arise in certain areas" and there would be submissions on "nuance" of the fraud in so far as it applied to his client. He is charged alongside John McHugh, 66, known as Devilman, also a site reviewer who has pleaded guilty to conspiracy to defraud and at whose Doncaster home officers found a credit card-making factory. The two will be sentenced later.
But the battle against cybercrime continues. "This was one of the top 10 sites in the world, but there are more than 100 we know of globally, and another 100 we don't yet know of," said the investigators.

In the DarkMarket

DarkMarket price listTrusted vendors on DarkMarket offered a smorgasbord of personal data, viruses, and card-cloning kits at knockdown prices. Going rates were:
Dumps Data from magnetic stripes on batches of 10 cards. Standard cards: $50. Gold/platinum: $80. Corporate: $180.
Card verification values Information needed for online transactions. $3-$10 depending on quality.
Full information/change of billing Information needed for opening or taking over account details. $150 for account with $10,000 balance. $300 for one with $20,000 balance.
Skimmer Device to read card data. Up to $7,000.
Bank logins 2% of available balance.
Hire of botnet Software robots used in spam attacks. $50 a day.
Credit card images Both sides of card. $30 each.
Embossed card blanks $50 each.
Holograms $5 per 100.

torstai 14. tammikuuta 2010

IT UNDERWORLD


Google hack hit 33 other companies

The plot thickens. According to iDefense Labs, the recent Internet attack that has so upset Google affected 33 other US tech and defence firms and is directly related to an Adobe Reader-based attack of last July.
The US flaw-hunting specialist said that the attack was an attempt to steal source code on an industrial scale and was, in many cases, probably successful. If correct, this might explain why Google has by its own normally quite restrained standards gone ballistic to the extent of threatening to quit China.
"Two independent, anonymous iDefense sources in the defense contracting and intelligence consulting community confirmed that both the source IPs and drop server of the attack correspond to a single foreign entity consisting either of agents of the Chinese state or proxies thereof," said the iDefense press statement, confirming what the world already knows.
It now turns out that Adobe itself was targeted in the latest alleged Chinese attacks, http://blogs.adobe.com/conversations/2010/01/adobe_investigates_corporat... ">as a statement on its own website explains.
"Adobe became aware on January 2, 2010 of a computer security incident involving a sophisticated, coordinated attack against corporate network systems managed by Adobe and other companies."
The note goes on to say that in Adobe's case, the attack was not successful in stealing any data.
More embarrassingly, a flaw in Adobe software has been implicated in the new attacks. iDefense has forensically linked these to last July's attacks, which involved exploiting zero-day flaws in Adobe Reader 9.1.2 and Adobe Flash Player 9 and 10 to send specially-crafted PDFs.
As well as using the same emailed PDF technique to drop Trojans, the two attacks used the same HomeLinux DynamicDNS provider, pointed to the same virtual private server host owned by US-based Linode, and had IP addresses on the same subnet within a very similar address range.
"Considering this proximity, it is possible that the two attacks are one and the same, and that the organizations targeted in the Silicon Valley attacks have been compromised since July," says iDefense.
In fact, it is also possible that exploits go back further since the flaws used in last summer's attack pre-date the known attack by some months.
Whatever the details, that China is targeting the US technology firms, the government and military is nothing new, as a Northrop Grumman report of last October made clear. It now looks as if the latest cycle of attacks could take US firms, and perhaps even the US government itself, beyond breaking point.

Cooing


Little humor for this uncertain age…

Alleged China attacks could test U.S. cybersecurity policy…

The attacks on Google and more than 30 other Silicon Valley companies by agents allegedly working for China is focusing renewed attention on the issue of state-sponsored cyber attacks and how the U.S. government should respond to them.

The U.S. has no formal policy for dealing with foreign government-led threats against U.S. interests in cyberspace. With efforts already under way to develop such a policy, the recent attacks could do a lot shape the policy and fuel its passage through Congress.

In a revelation that was surprising for its boldness, Google on Tuesday said that agents possibly working on behalf of the Chinese government had hacked into its computers -- and those of more than 30 other multi-national companies. Also hit: Adobe .

This is not the first time Beijing has been accused of state-sponsored espionage. Over the past five years, China has been implicated in dozens of attacks involving U.S. commercial, government and military targets. The most sensational of these involved a Chinese hacking group called Titan Rain , which in the early 2000s is believed to have stolen U.S. military and nuclear information.

For the most part, the official U.S. response to the attacks amounted to little more than expressions of outrage and protest by lawmakers. On Tuesday, Secretary of State Hilary Clinton released a statement asking the Chinese government for an explanation for the attacks, which raised "very serious concerns and questions." On Wednesday, Sen. Joseph Lieberman (I-Conn.), the chairman of the Senate Homeland Security and Governmental Affairs Committee, said that attacks like the one against Google must be confronted "aggressively and with all available means."

"The official response will be, 'We are highly upset about this and we demand you stop it,'" said Ira Winkler, president of the Internet Security Advisors Group. (Winkler is also the author of Spies Among Us and a Computerworld columnist.) "The reality of the situation is we are screwed. The political reality is that China, in large part, is funding the U.S. deficit. We have no leverage.

"We just can't cut China off," he said.

Articulating a response to government-led cyber attacks isn't easy.

"We have to keep one thing in mind -- it is extremely difficult to attribute a cyber attack to a foreign government," said Greg Nojeim, senior counsel at the Center for Democracy and Technology (CDT), a Washington-based think tank. "There is often a lack of certainty in that regard that makes it really difficult to decide what kind of response to make."

And even if the evidence is there, it's futile to launch any kind of cyber-retaliation, he said. "That's something that should be off the table. You don't want to have a cyberwar where you fight fire with fire. That could burn the whole house down."

Instead, what's needed is a measured diplomatic response, where the issue is raised with China when it wants U.S. cooperation on other matters, he said. "The State Department has to make it clear that these attacks are so serious they warrant a diplomatic response. I am not sure that level of commitment has been demonstrated yet," Nojeim said.

Any victories gained from cyber-retaliation are likely to be temporary, at best, Winkler said. "If you can identify the systems that are attacking us and make sure you are attacking the right systems, theoretically, that might work" to head off another attack, he said. "But that's like throwing sand in the eyes of somebody who is beating you up." It can be effective -- but only for a while, he said.

That doesn't mean, nothing can be done. U.S. organizations that are targets of attacks from China first need to bolster their defenses, said Amit Yoran, former director of the U.S. Department of Homeland Security's National Cyber Security Division. The continuing success Chinese agents have in penetrating U.S. networks points to ineffective security -- and sophisticated attackers, Yoran said.

"Companies such as Google have very, very sharp security teams, but the technologies they rely on are inadequate," said Yoran, who is currently CEO of security vendor NetWitness Corp. "We have developed a technology base in modern computing that is indefensible against modern threats."

What's needed is a security approach that focuses on continuous monitoring of networks and data, not one based solely on prevention.

"Whining about this won't stop it," said Alan Paller director of research for the SANS Institute, a Bethesda, Md.-based security institute. "Cyber-based military espionage and economic espionage are radically effective programs for the Chinese government," and it's unlikely that policy statements are going to do any good, he said. "There are simply too many attackers with too many motives to think that a policy of deterrence would be more than minimally effective."

At the federal government level, at least, "it is [security] skills with good tools that allow organizations to defend themselves," Paller said. "Sadly, these skills are in radically short supply."

The U.S government has fewer than 1,000 people with the advanced skills needed to fight in cyber space at "world-class levels," he said. What's needed are between 20,000 and 30,000 cybersecurity warriors. "Our competitors have even more."

Companies outsourcing work to China, or doing business there or in other developing nations such as India, also need to be aware of the heightened risks to their intellectual property, Winkler said. "Companies need to look at things much more strategically," he said. While it may be cheaper to outsource manufacturing in countries such as China and India, the long term costs could be high if they're not careful.

"Many are not looking at the strategic risks of a rival stealing their technology and selling counterfeit goods," he said.

As for official government cyber policies, just because the U.S doesn't have an official policy for handling attacks doesn't mean it's sitting on its hands, said one analyst who asked not to be named. "One reason why the U.S might not have come up with any rules of the road is because the NSA and other intelligence agencies are involved in the same kind of activity," he said.

Security experts say Google cyber-attack was routine



The cyber-attack that made Google consider pulling out of China was run of the mill, say security experts.

Google revealed its move following attempts to hack Gmail accounts of human rights activists.

The search giant said analysis showed that the series of attacks originated from inside China.

"This wasn't in my opinion ground-breaking as an attack. We see this fairly regularly. said Mikko Hypponen, of security firm F-Secure.

"Most companies just never go public," he added.

"Human-rights activists are the biggest target," said Mr Hypponen. "Everyone from Freedom for Tibet to Falun Gong supporters and those involved in Liberation of Taiwan are hit."

F-Secure has been monitoring such attacks against Chinese human-rights activists since 2005.

Google has operated in China since 2006 and has now said it was no longer willing to censor results on its Chinese search engine as the government required.

China has responded to Google and said that foreign firms were welcome to trade in the nation "according to the law". The spokesman added that the net was "open" in China.

Other victims

Of the attacks, Google said only two Gmail accounts were accessed and that hackers got very limited information. This included when the account was set up and the subject line rather than content of e-mail messages.

The company said that the accounts of dozens of US, China and Europe-based users who are advocates of human rights in China had been routinely accessed by third parties.
The cyber-criminals broke in using a tactic known as "phishing" where a legitimate e-mail is sent claiming to come from someone the user knows and trusts.

Typically these e-mail messages have a booby-trapped attachment that, once opened, places malware on a computer.

Once an e-mail account is compromised, attackers can piggyback on it to get access to confidential files and systems throughout an organisation.

"The attacker really did their homework finding out first who to attack, who the key people were in the organisation and how to attack them," said Mr Hypponen.

Google has said publicly that another 20 companies were hit. Adobe is the only other company to go public with this information.

But many security experts say the figure is much higher.


"We know of at least 40 companies that were attacked. For the most part they were in the US," said Chris Day, chief security architect of IT services firm Terremark.

"This goes on all the time. Of the Fortune 100 companies, all 100 are under some sort of attack all the time."

Mr Day told the BBC a host of those targeted were technology and software companies based in Silicon Valley.

Google has revealed that finance, chemical and media firms were hit.

Blame game

Questions are now being asked about who orchestrated the attacks.

"We are not saying one way or another these attacks were state sponsored or done with the approval of the state," said David Drummond, Google's chief legal officer.

"We do know they were highly organised and we believe the attacker came from China."
The inference being drawn across the security community is that the Google attack and those on other US companies were sanctioned by government.

"Sources indicate that they believe the attack is the work of actors operating on behalf of or in the direct employ of official intelligence entities of the People's Republic of China," said iDefense Labs in an e-mail to the BBC.

iDefense also revealed that this incident resembles one that took place in July 2009 against nearly 100 IT-focused companies.

"A nation state getting into the business of hacking companies is a really big shift," said Dan Kaminsky, director of penetration at security firm IOActive.

"The question now is are we going to see a significant increase or decrease in these kinds of attacks?"

Safe and secure

Google has stressed that users have nothing to fear about the security of the information it holds.
"The fact that they have come out and are transparent about what has happened is good for user trust," said Terremark's Mr Day.


"I have seen far worse things happen and I think larger organisations, and even individuals, should take this as an object lesson that no-one is immune to these attacks."

General security advice for all users is have a strong password that is changed regularly and includes letters, numbers and symbols.

All security patches should be up-to-date and users should never open attachments unless they know the person they are being sent by and are expecting them.

Haiti earthquake survivors await global aid effort


BBC correspondents say the situation is increasingly desperate, with no coordinated rescue plan so far and aid only trickling in.
The search for survivors continues but rescuers have little lifting equipment and are often using their bare hands.
Tens of thousands are feared dead and up to three million affected.
Aid groups say there is a race against time to find survivors under the rubble of the collapsed buildings - the first priority of the rescue effort.
Heavy lifting gear and sniffer dogs are desperately needed to seek out trapped victims, with medicine, food and water also in short supply.
Elisabeth Byrs of the UN's Office for the Coordination of Humanitarian Affairs, said: "The priority is to find survivors. We are working against the clock."
The head of Medecins du Monde, Olivier Bernard, told AFP news agency that aid had to arrive by Thursday evening.
"To save lives, surgery must be available ideally within the first 48 hours."
A few US aid planes and a 50-strong Chinese rescue team with sniffer dogs have landed at the airport serving the capital, Port-au-Prince.
Other plane-loads of rescuers and relief supplies are said to be on the way from the EU, Canada, Russia and Latin American nations.
A British rescue team with heavy lifting gear and dogs has landed in the Dominican Republic and will be in Haiti later on Thursday.
International Development Secretary Douglas Alexander said: "This is a tragedy on a massive scale. Britain is playing its part in the huge international response."
US President Barack Obama said the "people of Haiti will have the full support of the United States" in an "aggressive" aid campaign.
Secretary of State Hillary Clinton has cancelled a trip to Asia to deal with the crisis. Her husband, Bill Clinton, the UN special envoy for Haiti, told the Washington Post the quake was "one of the great humanitarian emergencies in the history of the Americas".
The USS Carl Vinson aircraft carrier will arrive on Thursday. The USS Bataan, carrying a Marine expeditionary unit, is also on its way. The Pentagon said it was "seriously considering" sending thousands of marines.
The World Bank is funding $100m of emergency aid.
The World Food Programme is working on supplying 15,000 tonnes of food and the Red Cross has begun a $10m appeal.
The help is desperately needed as there is no coordinated rescue at present.
Doctor's assistant Jimitre Coquillon told Associated Press: "This is much worse than a hurricane. There's no water. There's nothing. Thirsty people are going to die."
Haitian President Rene Preval could not give an official estimate of the dead, saying: "I don't know... up to now, I heard 50,000... 30,000."
He spoke of how he stepped over dead bodies and heard cries of those trapped in the parliament building.
Singing hymns
Haiti is the poorest country in the western hemisphere and correspondents say it simply does not have the infrastructure to manage a rescue operation.
One Chilean UN peacekeeper told Reuters: "We just don't know what to do. You can see how terrible the damage is. We have not been able to get into all the areas."
The UN peacekeepers, who played a key role in maintaining public order in Haiti even before the quake, have been deployed to control any outbreaks of unrest as reports come in of looting.
The UN says 16 personnel are confirmed dead and more than 100 staff are still unaccounted for. They include UN mission head Hedi Annabi.
Medical aid agency Medecins sans Frontieres reported a "massive influx" of casualties at its makeshift clinics, many of them with severe injuries.
Patients with "severe traumas, head wounds, crushed limbs" have been streaming into MSF's temporary structures but the agency is only able to offer them basic medical care, spokesman Paul McPhun told reporters.
Thousands of Haitians spent a second night in the open on Wednesday, too scared to sleep inside damaged buildings. Many sang hymns to keep up their spirits.
The BBC's Matthew Price visited the grounds of one hospital and spoke of seeing about 100 bodies - but there were many people bedding down for the night to sleep among the dead.
The 7.0-magnitude quake, Haiti's worst in two centuries, struck at 1653 local time (2153 GMT) on Tuesday, just 15km (10 miles) south-west of Port-au-Prince and close to the surface.
Meanwhile, the Red Cross has set up a web site at www.icrc.org/familylinks on which people in Haiti and overseas can register the names of missing relatives.

keskiviikko 13. tammikuuta 2010

Finnish Organisations Plead for Haiti Aid


The Finnish Red Cross (SPR) has pledged 200,000 euros to help Haiti, whose capital Port-au-Prince has been devastated in a massive earthquake. The government and the Evangelical Lutheran Church have also promised to send emergency aid.
In addition to the immediate funds, the SPR is asking for the public to make donations using its website (site in Finnish and Swedish only). It is also asking the Foreign Ministry to fund a mobile hospital clinic to be sent to the country as quickly as possible.
A team of health care professionals in Tampere is awaiting the green light from the International Red Cross. The IRC will take a few days to make a full assessment and whether it is useful to send teams and equipment all the way from Finland. SPR communications officer Taina Keinänen notes that it's much cheaper to send help from units closer to the disaster area.
Government and Church to Send Aid
Meanwhile, the Foreign Ministry says it's prepared to donate aid as well, but is waiting for official requests from aid organisations.
Finn Church Aid, the charitable unit of the Evangelical Lutheran Church, has also earmarked 150-thousand euros for emergency relief. Thousands of people are feared dead in Haiti, and thousands more are still trapped in the rubble.
The Finnish Foreign ministry says that no Finns were injured in the quake. Only one Finn was known to be in Haiti at the moment. Both he and the 200-or-so Finns in the neighbouring Dominican Republic are all alive and well.

Haiti Chief Says Thousands May Be Dead


PORT-AU-PRINCE, Haiti — The wailing of survivors pierced the air in pockets of this devastated city on Wednesday as people dug desperately through the rubble of collapsed buildings and piled bodies of the dead on roadsides under white sheets.
Huge swaths of the capital, Port-au-Prince, lay in ruins, and thousands of people were feared dead in the rubble of government buildings, foreign aid offices and shantytowns. Limbs protruded from piles of disintegrated concrete, and muffled cries emanated from deep inside the wrecks of buildings, as this impoverished nation struggled to grasp the grim, still unknown toll from its worst earthquake in more than 200 years.

Scenes of destruction defined the city. Concrete homes collapsed on hillsides. Hospitals overflowed with victims. The Canape Vert hospital was surrounded by collapsed buildings.

With the electricity and phone service out and supplies of fresh water dwindling, The United Nations secretary general, Ban Ki-moon, said Haiti was facing a “major humanitarian emergency.” With 14 United Nations peacekeepers confirmed dead and more than 100 workers missing, the organization was in mourning and flying its own flag at half-staff.
When staff members tried to travel by car “they were mobbed by crowds of people,” Mr. McPhun said. “They just want help, and anybody with a car is better off than they are.” Contaminated drinking water is a longstanding and severe problem in Haiti, causing high rates of illness that put many people in the hospital. Providing sanitation and clean water is one of the top priorities for aid organizations, to try to avert outbreaks of dysentery.Some roads had been torn apart in the quake or were blocked by debris, making it more difficult to transport fresh water, food and first aid supplies, and hospitals were overwhelmed by the injured. In a place where there are constant blackouts, the electricity remained out during the early hours Wednesday, and telephones were not working.

More than 30 significant aftershocks of a 4.5 magnitude or higher rattled Haiti through the night and into the early morning, according to Amy Vaughan, a geophysicist with the United States Geological Survey. “We’ve seen a lot of shaking still happening,” she said.

Bob Poff, a Salvation Army official, said in a written account posted on the Salvation Army’s Web site how he had loaded injured victims — “older, scared, bleeding and terrified” — into the back of his truck and set off in search of help. In two hours, he managed to travel less than a mile, he said.


The account described how Mr. Poff and hundreds of neighbors spent the night outside, in the playground near a children’s home run by the group. Every tremor sent ripples of fear through the survivors, providing “another reminder that we are not yet finished with this calamity,” he wrote.

“And when it comes, all of the people cry out and the children are terrified,” he wrote.

Louise Ivers, the clinical director of the aid group Partners in Health, said in an e-mail to her colleagues: “Port-au-Prince is devastated, lot of deaths. SOS. SOS . . . Temporary field hospital by us at UNDP needs supplies, pain meds, bandages. Please help us.”

A hospital collapsed in Pétionville, a hillside district in Port-au-Prince that is home to many diplomats and wealthy Haitians, a videographer for The Associated Press said. Photos from Haiti on Wednesday showed a hillside scraped nearly bare of its houses, which had tumbled into the ravine below.

Immigration officials at the Port-au-Prince airport refused to allow incoming journalists into the terminal, fearing that it could collapse; instead they were taken a side exit of the airport, where taxis began showing up late Wednesday morning.


Tequila Minsky, a photographer who was in Port-au-Prince, said a wall at the front of the Hotel Oloffson had fallen, killing a passer-by. A number of nearby buildings had crumbled, trapping people, she said, and a Unibank bank building was badly damaged. People were screaming.

“It was general mayhem,” Ms. Minsky said.

Haiti’s many man-made woes — its dire poverty, political infighting and history of insurrection — have been worsened repeatedly by natural disasters. At the end of 2008, four hurricanes flooded whole towns, knocked out bridges and left a destitute population in even more desperate conditions.



The Haitian president, René Préval, told The Miami Herald that the toll was “unimaginable” and estimated that thousands had died. Among those feared dead were the chief of the United Nations mission in Haiti and Msgr. Joseph Serge Miot, the archbishop of the capital, Port-au-Prince.

The quake struck just before 5 p.m. Tuesday about 10 miles southwest of Port-au-Prince, ravaging the infrastructure of Haiti’s fragile government and destroying some of its most important cultural symbols. The domed white presidential palace and the cathedral collapsed, the Ministry of Justice was destroyed, and the country’s national prison suffered extensive damage, a United Nations spokesman said.

“Parliament has collapsed,” Mr. Préval was quoted as saying. “The tax office has collapsed. Schools have collapsed. Hospitals have collapsed. There are a lot of schools that have a lot of dead people in them.”

“All of the hospitals are packed with people,” he added. “It is a catastrophe.”


The earthquake left the country in a shambles, tangling efforts to provide relief to an estimated 3 million people who the International Federation of Red Cross and Red Crescent Societies said had been affected by the quake.
President Obama promised that Haiti would have the “unwavering support” of the United States.

Mr. Obama said United States aid agencies were moving swiftly to get help to Haiti and that search-and-rescue teams were already en route. He described the reports of destruction as “truly heart-wrenching,” made more cruel given Haiti’s long-troubled circumstances. Mr. Obama did not make a specific aid pledge, and administration officials said they were still trying to figure out what the island needed. But he urged Americans to dig into their pockets and to go to the White House’s Web site, www.whitehouse.gov, to find ways to donate money.

“This is a time when we are reminded of the common humanity that we all share,” Mr. Obama said, speaking in the morning in the White House diplomatic reception room with Vice President Joseph R. Biden Jr. at his side.

Aid agencies said they would open their storehouses of food and water inside Haiti, and the World Food Program was flying in nearly 100 tons of ready-to-eat meals and high-energy biscuits from El Salvador. The United Nations said it was freeing up $10 million in emergency relief funds, the European Union pledged $4.4 million, and groups like Doctors Without Borders were setting up clinics in tents and open-air triage centers to treat the injured.

Supplies began filtering in from the Dominican Republic, as charter flights were restarted between Santo Domingo and Port-au-Prince.


But efforts to administer emergency services and distribute food and water were halting, and in some places, seemingly nonexistent. A few S.U.V.’s driven by United Nations personnel plied streets clogged with rubble, pedestrians and other vehicles. Fuel shortages emerged as an immediate concern as motorists sought to find gas stations with functioning fuel pumps.

Hundreds of people camped under the shade of trees in the prime minister’s office compound, while others milled about in open spaces, hesitant to return to their homes after the powerful earthquake that struck Tuesday afternoon, followed by seemingly endless aftershocks.

"This is the worst tragedy I have seen in Haiti in my 54 years," said Lubini Hermano, a driver employed by a hotel in the hills above the capital. The hotel, Villa Creole, was deeply damaged but still a focal point, as doctors tended to a flow of injured people who appeared at its gate.

Some aid groups with offices in Haiti’s capital were also busy searching for their own dead and missing.

Five workers with the United Nations mission in Haiti were killed and more than 100 more missing after the office’s headquarters collapsed in one of the deadliest single days for United Nations employees. The Tunisian head of the group’s Haitian mission, Hedi Annabi, and his deputy were among the missing, said Alain LeRoy, the United Nations peacekeeping chief.

Earlier Wednesday, the French foreign minister, Bernard Kouchner, said in radio interviews that Mr. Annabi had been killed in the collapse.

The Brazilian Army, which has one of the largest peacekeeping presences in Haiti, said that 11 of its soldiers had been killed in the quake and seven had been injured, with seven more unaccounted for.

In addition to the human toll, the heavy damage sustained by Haiti’s presidential palace and the United Nations headquarters were a blow to the two major symbols of authority in the country.

“The palace was like something out of a fairy tale in a country that had nothing,” said Johanna Mendelson Forman, a former adviser to the United Nations mission, who now works at the Center for Strategic and International Studies in Washington. “It had red carpets and gold ropes. It was a symbol of one of the few institutions that works there, and that’s the presidency.”

On Wednesday the palace looked like a collapsed wedding cake, with its column-lined facade crumpled and its white domed roof caving in.

During a driving tour of the capital Wednesday, Bernice Robertson, an analyst with the International Crisis Group, said she saw at least 30 dead bodies, most covered with plastic bags or sheets. She also witnessed heroic recovery efforts. “There are people digging with their hands, searching for people in the rubble,” she said in an interview by Skype. “There was unimaginable destruction.”

Paul McPhun, operations manager for Doctors Without Borders, described scenes of chaos.

tiistai 12. tammikuuta 2010

Iranian Cyber Army hacks China's Baidu search engine

The group known as the Iranian Cyber Army, which attacked Twitter in December, has defaced another high-profile website, according to security firm Sophos.
This time the group has targeted China's biggest search engine, Baidu. The site's home page briefly displayed a message declaring the site had been hacked by the Iranian Cyber Army.
"It is not presently clear whether Baidu's site itself was compromised or, as in the case with the Twitter attack, its DNS records," said Graham Cluley senior technology consultant at Sophos.
If the website's DNS records were breached then the hackers would have been able to redirect visitor to web server under their control, he said in a blog post.
The Baidu website appeared to be back to normal in two hours, indicating that the motive for the attack was political rather than financial, said Cluley.
But it would have been easy for the hackers to create a cloned version of the main Baidu web page, he said, complete with an invisible link to a software exploit or piece of malware.

"Attacks like this are a reminder to everyone that you always need to have security scanning every webpage you visit, even if it is an established legitimate website," said Cluley.