A new internet watchdog has been launched to help protect children from "harmful" web content, such as cyber-bullying and violent video games.

The UK Council for Child Internet Safety (UKCCIS) brings together social networking sites and technology firms.

It aims to teach children about web dangers, target harmful net content and establish a code of conduct for sites featuring material uploaded by users.

Gordon Brown said the move was a "landmark" in child protection.

'Minimum restrictions'

The prime minister said the growing importance of the internet in young people's lives meant the task for government and society was to strike a balance between safety and freedoms on the web.

"The challenge for us is to make sure young people can use the internet safely and do so with the minimum of restrictions but the maximum of opportunities," he said.

He went on to say the internet offered "a world of entertainment, of opportunity and knowledge" to children.

Read Full Story

Children suffering abuse will soon be able to contact the NSPCC's ChildLine via text messages and the internet.

The NSPCC hopes to reach more at-risk children by making use of the technology that youngsters are comfortable and familiar with.

Early trials by the NSPCC show that boys and girls seek help with family problems in very different ways.

The improved access to ChildLine - 0800 1111 - comes as the NSPCC bids to recruit more people to answer calls.

Helping hand

Although thousands of people contact the NSPCC via ChildLine every day the organisation still struggles to answer every call. Currently about 67% of calls get answered and just 40% of children who need counselling receive it.

"At the moment, we've got a real problem about not being able to reach every child who wants help," said Dame Mary Marsh, director and chief executive of the NSPCC which took over ChildLine in 2006.

"The rate that children can get through is just not good enough, so part of the process is to give different channels of access so there is going to be some way they can get some help," she said.

Help to expand the NSPCC services is coming from Microsoft in the shape of a £1.3m donation of software and services from Microsoft. Also included in the donation is space on the MSN homepage through which children will be able to contact ChildLine.

Read Full Story

London taxi passengers have left more than 60,000 hand-held devices in the back of black cabs during the past six months, a survey has found.

Some 55,843 mobile phones and 6,193 other devices, such as laptops, were forgotten, Credant Technologies found.

The data protection company, which surveyed 300 taxi drivers, warned users to password-protect equipment amid rising fears of identity theft.

Fraud experts said such devices could give criminals crucial data.

New devices - including mobiles, MP3 players and memory sticks - have the capacity to store tens of thousands of documents or pictures and millions of contacts and emails, making them a target for identity theft criminals and hackers.

A survey by credit reference agency Equifax in April suggested 16% of its customers put PIN numbers on their mobile devices while 24% recorded birthday dates.

Read Full Story

Nation not secure

By Dan Goodin

Posted in Security, 17th September 2008 23:26 GMT

Internet addresses corresponding to recent bank mergers are already being hoarded and sold online.

In "cybersquatting", likely addresses are bought cheaply in the hope of selling to the businesses involved, or as a medium for advertising.

Domain names for the merged Bank of America/Merrill Lynch as well as for Lloyds TSB/HBOS have been snapped up.

In one case, the domain name has already been listed on eBay, with the site directing visitors to the auction.

As reports of Lehman Brothers' intent to sell itself first surfaced last Friday, cybersquatters had already spotted Barclays, HSBC and Bank of America as potential buyers.

Accordingly, barclayslehman.com, hsbclehman.com, hsbclehmanbrothers.com and bofalehman.com had been acquired.

With the acquisition of Merrill Lynch by Bank of America this week, cybersquatters registered bankofamericamerrilllynch.com and bofaml.com.

Read Full Story

European court clears injunction, washes hands of hacker case.

The European Court of Human Rights has refused to intervene in preventing the US extradition of accused Pentagon hacker Gary McKinnon.

The ruling by the seven judge court, made Thursday, kills off McKinnon's last hope to avoid extradition to the US to face charges of hacking into US military and NASA systems, following the rejection of his appeal by the House of Lords last month.

McKinnon's lawyers appealed to the court on the grounds that his condition of detention if extradited and convicted in the US would be degrading. However, the court decided on Thursday not to allow the case to proceed, clearing an injunction that prevented McKinnon's extradition.

Read Full Story

More evidence that the intertubes are fundamentally broken has been served up by Wired.com in an article laying out a technique to surreptitiously hijack huge chunks of the internet and monitor or even modify unencrypted traffic before it reaches its intended destination.

The exploit of the routing protocol known as BGP, short for Border Gateway Protocol, is akin to the poor man's traffic intercept employed by intelligence agencies throughout the world. Like the recently discovered domain name system cache poisoning bug, the exploit is notable because it highlights weaknesses in some of the net's core underpinnings.

Read Full Story

Anyone who has a blog has probably seen blog spam; comments to the blog that simply try to entice people to go to some other site. Most of the time the site being advertised is simply trying to boost its search engine rankings to generate more ad revenue.

The more links there are to a site, the more popular the search engines figure it is, and the higher up in the search results it ends up. Blog spam, therefore, is frequently thought to be a good way to boost the search engine rankings. In some cases this turns malicious. Some sites engage in wholesale intellectual property theft to boost their rankings.

A few of weeks ago, however, I started noticing something far more insidious. I moderate all comments to my blog. This is something I started years ago to keep the blog somewhat family friendly, and to avoid propagating malicious content. Recently I also completely disabled trackbacks to avoid boosting the search engine rankings for sites that steal my work. This means I see every comment that comes into my blog. The other day I noticed one that contained nothing more than a link to a fake Google site: google-images.google-us.info/index.html.

Read Full Story

The Mobile Marketing Association has published its guidelines for advertising pushed over Bluetooth connections, and considers anyone who hasn't opted out to be fair game for spammers.

The guidelines are now available for public review until 26 September, and take a distinct step beyond the UK's Direct Marketing Association (DMA) rules in that they consider any handset left in "discoverable" mode to be implicitly giving permission for pushed adverts - something the DMA explicitly rejects.

The document (pdf) has been produced by the "Proximity Committee", a part of the Mobile Marketing Association (MMA), and is mostly concerned with an explanation of what Bluetooth is and how it can effectively be used. It says that IMS Research reckons that in the US more than 60 per cent of handsets sport Bluetooth and 70 per cent in Europe, making it an attractive channel for pushed advertising.

Read Full Story

A computer virus is alive and well on the International Space Station (ISS).

Nasa has confirmed that laptops carried to the ISS in July were infected with a virus known as Gammima.AG.

The worm was first detected on earth in August 2007 and lurks on infected machines waiting to steal login names for popular online games.

Nasa said it was not the first time computer viruses had travelled into space and it was investigating how the machines were infected.

Read Full Story

eBay and PayPal have linked up with Gmail to roll out technology designed to block fraudulent emails and phishing attacks.

DomainKeys and DomainKeys Identified Mail (DKIM) email authentication technology is being used to prevent the delivery of bogus messages posing as emails from eBay and PayPal into Gmail users' inboxes.

DomainKeys technology is designed to verify both the DNS domain of an email sender and the integrity of a message. DKIM is an enhanced protocol that also adds aspects of Identified Internet Mail to the mix.

Both approaches are geared to uncover spoofing of source addresses in emails, a tactic commonly used by phishers.

However, there are limitations. If an email messages comes from an eBay or PayPal domain and fails to include a proper signature, then the message will not be delivered. Additionally, PayPal scams that claim to come from other domains may fall though the net.

Read Full Story

The mobile web has reached a "critical mass" of users this year, according to a report by analysts Nielsen Mobile.

The US is the most tech savvy nation with nearly 40 million Americans - 16% of all US mobile users - using their handset to browse on the move.

The UK and then Italy come a close second and third in the 16 countries surveyed by the analyst firm.

Indonesia has the lowest take-up with just 1.1% of mobile subscribers using their handsets for surfing the web.

The firm believes the growth of the mobile web is a combination of increasing numbers of user friendly handsets, higher speed networks and unlimited data packages.

"The adoption and the experience are improving at an impressive rate," said Nic Covey, Nielsen Mobile's director of insights.

Read Full Story

Businesses are missing out on the huge potential that social networks present, a leading information technology company has warned.

Researchers for Gartner found that huge opportunities for improving the management of large firms exist.

"Businesses which harness how employees use these sites stand to increase savings, productivity and profits," said Gartner researcher Jeffrey Mann.

He told the BBC the challenge was how to apply this to the corporate world.

The Gartner survey discovered that social networking sites, instant messaging email, chat and file sharing are attracting significant levels of interest online.

Their work was undertaken across 18 countries and territories between October and December of last year. It found that 38% of more than 4,000 PC and mobile phone users connect to sites like MySpace and Facebook via PCs.

Read Full Story

Hackers have turned the harvesting of personal information from Monster.com and other large US jobsites into a lucrative black market business

A Russian gang called Phreak has created an online tool that extracts personal details from CVs posted onto sites including Monster.com, AOL Jobs, Ajcjobs.com, Careerbuilder.com, Careermag.com, Computerjobs.com, Hotjobs.com, Jobcontrolcenter.com, Jobvertise.com and Militaryhire.com. As a result the personal information (names, email addresses, home addresses and current employers) on hundreds of thousands of jobseakers has been placed at risk, according to net security firm PrevX.

Phreak has begun selling its "identity harvesting services" to fraudsters, charging $600 for data that might be applied to targeted phishing attacks, ID fraud or other nefarious purposes. Would-be clients are able to contact the gang on ICQ. For a fee the gang will filter its database for entries that refer to a particular country or particular employer.

Jacques Erasmus, director of research at PrevX, explained that he came across adverts for the tool in an underground forum. The PHP-based utility uses built-in recruiter IDs to trawl jobsites and return results in a handy web form, he explained.

"This is way beyond email harvesting tools. The utility is quite sophisticated and attempts to make sense of the data format found in CVs, extracting only useful information," Erasmus told The Register. "Phreak is selling its services to people running higher-end [targeted] spear phishing attacks."

Jobsites have been a target for data sniffing attack for some time. PrevX said the latest attack is distinct from one carried out by a Trojan horse program last year.

This time around the attack affects far more sites than Monster.com alone. Also the attack involves a harvesting engine, rather than the use of malware.

Job sites might be able to guard against the latest assault on user data by limiting the number of searches a "recruiter" can carry out or by applying CAPTCHAs, Erasmus explained.

A CAPTCHA is a type of challenge-response test designed to distinguish between requests from an automated program and a human. The approach typically asks a user to identify the letter in an image before allowing a request, such as an attempt to sign up to a web-mail service.

Read Story Here

Surfing the web unprotected will leave the average web user with 70 spam messages each day, according to an experiment by security firm McAfee.

It invited 50 people from around the world, including five from the UK, to surf without spam filters.

The experiment revealed that UK residents are most likely to be targeted by the infamous Nigerian e-mails and "adult" spam.

One UK participant received 5,414 spam e-mails during the month-long trial.

But the US still tops the global spam league.

Participants in the US received a total of 23,233 spam e-mails during the course of the experiment compared to 15,856 for the second most spammed country - Brazil.

In the UK, the five participants racked up 11,965 spam messages during the course of the experiment. Germany attracted the least spam, with just 2,331 junk messages.

Read Full Story

The websites of two of the net's most critical oversight organizations were hijacked by Turkish hackers who sent visitors to rogue pages that challenged the overseers' authority.

Some of the official domains for the Internet Corporation for Assigned Names and Numbers (ICANN) and the Internet Assigned Numbers Authority (IANA) were temporarily under the control of a group that calls itself NetDevilz, according to zone-h, which tracks hijackings of individual websites. Specific domains that were hijacked included "icann.com," "icann.net," "iana.com" and "iana-servers.com."

People who tried to visit the sites were greeted with a message that read: "You think that you control the domains but you don't! Everybody knows wrong. We control the domains including ICANN! Don't you believe us?"

This may have come as something of a shock to the principals of IANA and ICANN, which have authority over some of the most the net's most critical functions. IP address allocation, management of the domain name system's root zone servers and oversight over the way domain names are registered and maintained are just a few of them.

Read Full Story Here

A security attack that damages embedded systems beyond repair was demonstrated for the first time in London on Wednesday.

The cyber-assault thrashes systems by abusing firmware update mechanisms. If successful, the so-called phlashing attack would force victims to replace systems.

The attack was demonstrated by Rich Smith, head of research for offensive technologies and threats at HP Systems Security Lab, at the EUSecWest security conference in London on Wednesday. Smith told Dark Reading that such as "permanent denial of service" attack could be carried out remotely over the internet.

Theoretically the attack could be both more effective (as the damage caused would be harder to recover from) and cheaper than conventional denial of service attacks, which typically rely on hackers paying to rent control of a network of compromised PCs.

The PhlashDance approach relies on exploiting frequently unpatched vulnerabilities in embedded systems, such as flaws in remote management interfaces, to get access to a system. That alone wouldn't be enough, but because firmware updates are seldom secured, the possibility exists of making an update that effectively trashes a system.

Smith is calling on vendors to authenticate the mechanism as one way of defending against such attacks. He is demonstrating a tool to search for vulnerabilities in firmware, as well as an attack mechanism to corrupt vulnerable firmware at EUSecWest.

There's no record of such an attack even occurring and other security watchers are sceptical over whether crackers could make money - the main motive for denial of service attacks - from such an approach. Both H D Moore of Metapolit fame and the Hack a Day blog reckon that exploiting vulnerabilities to plant malware in firmware is a far more insidious and dangerous type of attack than simply destroying systems.

Another presentation at EuSecWest will demonstrate a proof of concept rootkit capable of covertly monitoring and controlling Cisco routers. The Cisco IOS rootkit software was developed by Sebastian Muniz, of Core Security.

Read Story Here

Almost half the websites pushing malware are hosted by just 10 networks, according to a new report that adds new support to the growing argument that a relatively few number of actors are responsible for most of the net-based threats.

The report (PDF) from StopBadware.org also showed a dramatic rise in China's role in the malware epidemic. Six of the 10 networks were internet service providers or backbone providers based in China and hosted more than 41 percent of the malicious websites.

Not that US companies weren't also contributing to the problem. Three American companies also made the list, including Google, whose blogs hosted 4,261 sites, or about 2 percent of the booby-trapped destinations.

The findings come a few weeks after anti-spam outfit Knujon released a separate report that found that almost 75 percent of spam sites were signed up by just 10 registrars. Once again, the three biggest offenders were located in China and included Xinnet Bei Gong Da Software, BEIJINGNN and Todaynic.

In many cases, owners of sites found pushing counterfeit watches, Viagra and other merchandise touted in spam failed to include correct contact information when registering the sites, as required. In an attempt to crack down on abusers, Knujon has begun reporting offenders to ICANN, which requires all website owners to be listed in a whois director. The sheer volume of the complaints has in some cases put a strain on ICANN's servers.

Read Full Story

A group of software and online payment companies are teaming up to find a better way than passwords to protect, and prove, your identity online.

Problems with passwords are well known - people require ever more passwords which means they either get forgotten, or people use the same word for several different services which is a security risk. The new group will seek to find open standards to make it easier to prove your identity online without using dozens of passwords and usernames.

Equifax, Google, Microsoft, Novell, Oracle and PayPal will work together to create "Information Cards" - online cards like those in your wallet. Different cards can contain different levels of information and can be used to log in to different websites instead of using a username and password. Some may contain just a user name and password, others address information.

Other information - such as whether or not the browser is over 21 years old - could also be verified by the website by sending a query to the independent third party. In theory this should be safer - your information will not have to be stored by several different websites.

The group hopes to extend its reach beyond consumers to identifying users of enterprise networks too.

The Information Card Foundation has applied be a working group of Identity Commons which is also trying to create an open, independent identity layer for the internet.

The difficulty for such groups is convincing the market that it is truly independent, and not just promoting the agenda of its most powerful members.

Read Full Story

New guidelines for how internet service providers should combat spam have been published.

The advice, from the Messaging Anti-Abuse Working Group (MAAWG) recommends ISPs use separate servers for received and forwarded e-mails.

It also recommends ISPs block the port - known as port 25 - through which spam travels.

Richard Cox from UK anti-spam group Spamhaus believes the guidelines could be implemented within the year.

Forwarding spam

"These are very significant recommendations and they are coming from a well-respected body so there is not much excuse for not following them," he said.

It is estimated that over 90% of all e-mail is spam.

Even if the guidelines are taking up by a majority of ISPs, experts admit it is unlikely that people will see a drastic reduction in spam any time soon.

"Some ISPs will always remain wide open even if we succeed in closing port 25," said Matt Sergeant, a senior anti-spam technologist with security firm MessageLabs.

"But that doesn't mean that it isn't worth doing. If we don't do it spam volumes will increase," he said.

The first of MAAWG's recommendations calls for a separation between original e-mails and those that are forwarded on.

"When mail is forwarded it is often the case that spam and viruses are also forwarded," said Mr Sergeant.

Making a distinction will make stop those sending e-mail from being associated with spam.

"It will give recipients the ability to recognise spam and reject it," Mr Cox added.

Botnets

The second looks at the issue of so-called botnets - networks of computers that have been taken over by hackers to send malicious software and spam.

MessageLabs estimates that over 90% of spam is sent via botnets.

The idea of blocking port 25 is not a new one but it will gain new impetus now it has been officially outlined by MAAWG, thinks Mr Cox.

A number of ISPs in the US - from where historically the majority of spam originates - are already implementing the block.

But Mr Sergeant thinks spammers are bound to stay ahead of the attempts to limit their influence.

"They will have fewer ISPs to use but they will simply develop faster engines," he said.

Read Full Story

A complete overhaul of the way in which people navigate the internet has been given the go-ahead in Paris.

The net's regulator, Icann, voted unanimously to relax the strict rules on so-called "top-level" domain names, such as .com or .uk.

The decision means that companies could turn brands into web addresses, while individuals could use their names.

A second proposal, to introduce domain names written in Asian, Arabic or other scripts, was also approved.

"We are opening up a new world and I think this cannot be underestimated," said Roberto Gaetano, a member of the Internet Corporation for Assigned Names and Numbers (Icann).

The organisation said it had already been contacted about setting up domains in the Cyrillic script - used in many Eastern European countries.

"This is a huge step forward in the development of the internet - it will unblock something that has prevented a lot of people getting online," said Emily Taylor, director of legal and policy at Nominet, the national registry for .uk domain names.

"At the moment, there are one-and-a-half billion people online and four-and-a-half billion people for whom the Roman script just means nothing."

Dr Paul Twomey, chief executive of Icann, described passing the resolution as a "historic moment".

Read Full Story

And DDoS a ticket barrier

The Internet has created borderless societies worldwide changing how information is shared, said the Department of Communications in a statement on Tuesday. H.E. Minister of Communications Dr Ivy Matsepe-Casaburri added that there was a need to protect and empower consumers online by ensuring secured online transactions.

In South Africa, the Electronic Communications and Transactions Act provided for the appointment of cyber inspectors, but "there is a need for building a culture of security in the face of rapid technological and socioeconomic changes and illiteracy levels particularly in developing countries is urgent," she added.

At international level, initiatives such as the ITU's High Level Expert Group aimed to develop strategies and guidance to countries in dealing with cybercrime. International Multilateral Partnership Against Cyber-Terrorism would contribute to forging partnerships and collaborations geared towards combating cyber crime, thus building confidence in the use of Internet. The outcomes would assist countries to draft their legislative framework and to develop strategies to address the challenges of cyber threats and cybercrime.

Read full story

More information about the ITU's High level Expert Group of the Global Cybersceurity Agenda can be found here

A social networking site has deleted most of its users over the age of 36 because it claims older users pose a danger of sex offending. It claims to be forced into the action by the Government, but the part of a law it cites is not yet in force. Faceparty has deleted what it describes as "a huge number of accounts" from its social networking site in recent weeks. It lists 'over 36 years old' as one of its reasons for deletion. "We understand that only a minority of older users are sex offenders, but you must understand that we cannot tell which," it says in its explanation of the deletion of accounts. "New government legislation means we need to check older users on the sex offenders list," says its notice. "This legislation is based upon checking email addresses against a government provided list. Faceparty has never insisted on validated email addresses and can therefore not participate in this new scheme." A new law was passed earlier this month, the Criminal Justice and Immigration Act, which contains provisions for the Secretary of State to require sex offenders to register their email addresses or other information. That, though, is not currently part of the law and would require a ministerial order to become law. Read Full Story

Social networking sites have become the new front in the war against spam, according to security watchers.

In the six months leading up to March 2008, social networking sites saw a four-fold growth in the amount of spam on their network. At several major social networking sites, 30 per cent of new accounts created are automated fraudulent 'zombie' accounts, designed to be used for spam and other malicious attacks, according to anti-spam firm Cloudmark.

JF Sullivan, VP of marketing at Cloudmark, said the type of spam advertised through social networks is the same type as that advertised by email spam and punted by much the same people. "There's an implicit trust in social networking. People don't think they're going to be attacked with spam," Sullivan told El Reg. "People don't trust email anymore. Spammers are following peoples' online habits."

Read Full Story

Seven Nato nations have backed a new cyber defence centre in Estonia, which last year blamed Russia for weeks of attacks on its internet structure.

Germany, Slovakia, Latvia, Lithuania, Italy and Spain will staff and fund the hub in the Estonian capital Tallinn.

Estonia came under cyber attack in 2007 after its decision to remove the bronze statue of a Red Army soldier from the centre of Tallinn.

Moscow denied involvement in the flood of data which crashed computers.

"We have seen in Estonia that a cyber attack can swiftly become an issue of national security," Nato spokesman James Appathurai said after a signing ceremony in Brussels.

"Cyber attacks can cripple societies."

The US will initially send an observer to the project, which will have some 30 staff when fully operational in August.

The centre will provide research, consultation and training on the development of cyber defences for participating national governments.

Read Story