A bit of old news, the Sykipot trojan has been modified by Chinese hackers to steal sensitive information off DoD networks by stealing the authentication information from DoD smart cards. The cards are commonly used to allow access to DoD networks using certificates and PIN’s for a more secure authentication. This Sykipot variant has been upgraded with a keylogger to steal the PIN’s, then use the certificate associated with the card to access protected networks. The hackers used a spearphishing campaign to deliver the trojan.
Tuesday, January 24, 2012
Monday, January 23, 2012
A Colorado woman has been ordered by a judge to decrypt her laptop so that prosecutors can use the files on it against her. Judge Robert Blackburn said “I conclude that the Fifth Amendment is not implicated by requiring production of the unencrypted contents of the Toshiba Satellite M305 laptop computer.”
Apparently the fact that there was a jailhouse recording of the defendant, Ramona Fricosu, led the judge to believe there was evidence that there was information on the laptop that the prosecution was looking for. I understand that Assistant U.S. Attorney Patricia Davies, says that if the judge did not force her to give up her password that the terrorists would win. She didn’t actually say that. She said, “a concession to her and potential criminals (be it in child exploitation, national security, terrorism, financial crimes or drug trafficking cases) that encrypting all inculpatory digital evidence will serve to defeat the efforts of law enforcement officers to obtain such evidence through judicially authorized search warrants, and thus make their prosecution impossible.”
I just think that it is a leap to say that if the judge does not require Fricosu to give up her password that all of the bad people would immediately encrypt all of their information and that it would thwart our ability to prosecute them. Would it make it more difficult in some cases? Sure. But that is why it is the prosecutions job to have enough evidence to convict and not the defendants job to hand over any proof of wrong doing.
This is what the 5th Amendment was geared for and the judge is making a huge mistake. A mistake that favors the prosecution and government. How strange?
I would still encrypt your drives. Most OS’s now make it easy and if you don’t want to use the built-in tools you can always use TrueCrypt.
Tuesday, January 17, 2012
Hackers who claim to be from Israel, and Saudi Arabia have been taking swings at the stock exchange and financial hubs of each others countries. In the most recent hack pro-Israel hackers took the stock exchanges of Saudi Arabia and UAE offline for hours. The cyberattacks continue to escalate and it will be interesting to see where this ends, whether in more severe hacks or more tit for tat.
