Friday 3 July 2009, 5:27 PM
Nasa hacker petition presented to Number 10
Sting's wife Trudie Styler and Janis Sharp have presented a petition to Number 10 calling for Nasa hacker Gary McKinnon not to be extradited to the US.
Styler, and Sharp, who is McKinnon's mother, presented the petition to Sarah Brown, the Prime Minister's wife, on Friday. The petition was signed by 4,338 people, and called on the government to provide protection against extradition for people with autism. McKinnon has been diagnosed with Asperger's Syndrome, a condition on the autism spectrum.
"As a mother myself, I am 100 percent behind Janis's tireless fight to protect her son," said Styler in a statement. "Gary's actions were clearly misguided. However extraditing him seven years after the event and subjecting him to lengthy prison sentence thousands of miles away from his family is an unnecessarily cruel and undignified way to treat anyone, let alone someone with his condition."
Styler and Sting have supported McKinnon for approximately six months. In March they contacted Director of Public Prosecutions Keir Starmer, calling for Gary to be tried in this country. They also sent a hamper to McKinnon and his family, with a note, later in March.
McKinnon enjoys support from a wide range of people, including Jane Asher, Terry Waite, Boris Johnson, The Proclaimers, Dave Gilmour, and Julie Christie. Politicians including Conservative shadow minister for justice David Burrowes also support McKinnon's cause.
McKinnon stands accused of the "biggest military hack of all time" by US prosecutors. McKinnon's legal team maintain that should McKinnon be found guilty by a US court, he runs the risk of being imprisoned for up to sixty years. However, the Law Lords rejected that possibility, and found that he would be likely to be improsoned for 8 to 10 years.
The next stage in McKinnon's seven year legal battle is a high court hearing on 14 July. The appeal judges will consider McKinnon's application for a judicial review to decide whether he could be tried in the UK.
Wednesday 24 June 2009, 12:00 PM
UK to appoint cyber-sec tsar?
The UK is to appoint a cyber security tsar along the lines of the US, according to a story in the Telegraph this morning.
The story is similar to one that appeared in the Guardian ten days ago.
There is a press briefing at the Cabinet Office this afternoon. Perhaps this is a subject that may be discussed there.
Monday 22 June 2009, 5:32 PM
Nokia Siemens denies Iran web snoop
Nokia Siemens has denied providing deep packet inspection capabilities to the Iranian authorities, following an article in the Wall Street Journal on Monday.
The WSJ published the article which claimed Nokia Siemens had provided internet monitoring capabilities to the Iranians, "at least in part", and quoting Nokia Siemens head of media relations Ben Roome.
"If you sell networks, you also, intrinsically, sell the capability to intercept any communication that runs over them," Roome told WSJ.
However, Roome told ZDNet UK on Monday that Nokia Siemens had in no way provided deep packet inspection capabilities to the Iranian regime, and that the company had provided what is known as 'lawful intercept' for voice.
"We provided purely voice monitoring -- phone call wiretapping, it used to be called," said Roome.
Roome also published a blog post on Monday, saying that Nokia Siemens provided "lawful intercept" capabilities to Iranian carrier TCI.
"To clarify: Nokia Siemens Networks has provided lawful intercept capability solely for the monitoring of local voice calls in Iran," wrote Roome. "In most countries around the world, including all EU member states and the U.S., telecommunications networks are legally required to have the capability for lawful intercept and this is also the case in Iran."
According to the BBC, the Iranians use a Nokia Siemens product called "Monitoring Centre". A cached version of a Nokia Siemens promotion for Monitoring Centre said that the product:
"is a remarkably versatile combination of interoperating software and hardware modules, and is designed to perform all tasks related to lawful interception in an absolutely secure, auditable, reliable and verifiable manner in accordance with ETSI LI standards. Its unique modular front-end and back-end architecture allows the monitoring and interception of all types of voice and data communication in all networks, i.e. fixed, mobile, Next Generation Network (NGN) and the internet."
However, Roome told ZDNet UK that Nokia Siemens had only provided "limited capability" to TCI, and that the "monitoring centre" technology had since been sold on.
"We provided the limited capability in the second half of 2008, and the technology was sold at the end of March," said Roome.
That part of Nokia Siemens technology was sold to Perusa Partners Fund LLP, a German holding company, on 31 March.
Monday 22 June 2009, 10:56 AM
Does offshoring or outsourcing increase the data privacy challenge?
Last week’s IDG Research Services survey commissioned by RSA highlighted the lack of strategy in place in most organisations for outsourcing business services and information to the cloud. It is a reminder that offshoring and outsourcing present a real challenge to data privacy and data protection but is the risk any more than the risk of data that is not outsourced or offshored?
There are many risks associated with offshoring and outsourcing. The information security risk combined with operational risks including the risk of vendor concentration should determine the direction and pace of the offshoring strategy. Information security professionals must apply industry standard confidentiality (integrity, availability) principles in a risk assessment to ensure that corporate data is not exposed to unnecessary and unforeseen risk. For those professionals working in multi-national organisations, the topic of cross border data movement and data protection zones are not new. However, if data is made accessible to third party vendors or other combined legal entities (captives), the involvement of Legal professionals is paramount to understand processing and disclosure principles and policy.
The offshoring and outsourcing risk assessment may then reveal that existing cross border and service provider policies and standards are inadequate even for existing business processes. Thus confirming that outsourcing does not increase risk, but can actually reduce risk, by improving internal controls.
For Firms and organisations with a complex mix of environments and vendors, control “edge” solutions can be developed for the handling of data, based on “need to know” and “least privilege” principles, delivering sensitive data at the very last minute in the process, and linked to pre-defined and agreed data disclosure rules.
Offshoring and outsourcing programmes may increase the complexity of the environment, and can also increase the burden of supervision but do not increase information security risk. There is no hype with offshoring and outsourcing, rather basic control principles apply.
Alessandro Moretti, CISSP, Member of the ISC)2European Advisory Board and Executive Director, UBS Investment Bank, IT Security Risk Management.
Wednesday 17 June 2009, 8:47 PM
Small Business: Is Your Company Biker Friendly?
Small Business: Is Your Company Biker Friendly?
Author: Eric Everson
It’s that time of year again when motorcycles are out in full force. Whether you’re in the U.S. or the U.K. bikers are enjoying the warm weather after a long winter pause. For entrepreneurs and business managers alike, making concessions for motorcycle riders can greatly improve your business.
Though I am the innovative technologies blogger “Mobile Tech” my other great passion is motorcycling. Motorcycles have been a driving force in my life for as long as I can remember. All of my life, everything else stands still around me when a motorcycle comes into view. I’ve recently learned to harness my moto-obesssion in the form of BikerAwareness.com, so I’m staying professionally connected to what I love.
As a motorcycle rider I’ve seen an increasing number of businesses begin to recognize the buying power of the riding community. The reality is that the old U.S. Motorcycle Safety Foundation adage is actually true, “Motorcycles are Everywhere.” While this means you should look for us on the road, you might also do your small business a world of good by catering to us too. Recently I’ve seen parking roped off or especially designated for motorcycles in some very interesting places. From mega-malls to Main Street, businesses are making it easier for motorcyclists to access their businesses.
The good news is though the term “biker” often conjures up negative rough-and-tumble images, that perception is rarely the reality. In fact bikers are some of the nicest and most generous people you’re likely to meet. Add to that, bikers are a very tight knit community so when we find a local business that caters to us we’re quick to spread the word. If your small business could use a summer boost and you’re looking for a good way to differentiate from your competitive market, perhaps it’s time to consider that “Bikers Welcome” signage.
While I’ve got your attention, remember to look twice for motorcycles! If we could all get just one person to look twice for bikes, we could make a world of difference to preserve biker lives!
Cheers,
Eric Everson – aka: The Mobile Tech
Monday 15 June 2009, 3:17 PM
Nasa hacker petition tops 4,000
Over 4,000 people have now signed a petition that people with Asperger's Syndrome should not be extradited, directed at the Prime Minister's Office.
The petition directly refers to Gary McKinnon, the man accused by US prosecutors of "the biggest military hack of all time." McKinnon was diagnosed with Asperger's, a condition on the autism spectrum, last summer, and faces extradition to the US to face hacking charges.
McKinnon's mother, Janis Sharp, told ZDNet UK last week that McKinnon was "stressed out of his head".
"It's a scary thing when you are dragged away from your own country," said Sharp.
The petition has had a number of deadlines extended -- the latest one is the 22 June.
Wednesday 10 June 2009, 2:46 PM
PM calls on Berners-Lee in open-government drive
Gordon Brown is bringing in the inventor of the web, Sir Tim Berners-Lee, to help open up government data.
Brown made the announcement in Prime Minister's Questions on Wednesday, during a speech on constitutional reform.
"So that Government information is accessible and useful for the widest possible group of people, I have asked Sir Tim Berners-Lee who led the creation of the World Wide Web, to help us drive the opening up of access to Government data in the web over the coming month," Brown said in his speech.
Berners-Lee is a strong proponent of citizens having secure control over their own data, and has criticised the UK government for seemingly condoning the use by ISPs of techniques such as deep-packet inspection.
Wednesday 10 June 2009, 4:57 AM
Microsoft, Internet Pirates and Web 2.0+
Microsoft needs to do something truly pro-active to rid the Internet of Windows zombies. The programming design of Windows from the beginning has been flawed. Consider the resulting bot-net zombies to be car-jacked vehicles on the “Information highway”. Now consider the manipulative digital sociopathic “car-jackers” that control the botnets as practicing a true form of piracy. Bot-net piracy is potentially more economically damaging than anything the movie industry in Hollywood and the RIAA could conceive of.
Beyond the easy to appreciate theft of massive distributed CPU cycles while riding on millions of users' computers, the bot-nets also consume tremendous chunks of Internet bandwidth with their email spam, malware and server crashing behavior. Overall the cost to the entire Internet consumer market probably exceed all the payouts to date made to the Somali pirates.
Microsoft Windows project managers over the years obviously have focused their programming staff on goals other than operating system security. Microsoft owns the software on 90% of the desktops, probably approaching 50% of all the various servers and an untold percentage of all the applications running behind the pathetic software firewalls on various forms of Windows. Yet outside of Windows Updates and/or Microsoft Updates, there is no real mechanism for even an informed user to be able to repair his/her system after becoming Internet roadkill and a menace to all the other Internet users.
Outside of shackling the typical user's computer with third-party anti-malware software, there is no real security product that addresses the real issue of the operating system, the code itself. In this regard, most Internet users truly have been shafted by their vendor - Microsoft. Users should be able to buy an off-the-shelf computer with an operating system product that is secure and able to fend off intrusion or at the very least report to Microsoft that it has been infected. Why bother to put in Remote Assistance with a Microsoft logon user if it doesn't do anything useful?
The typical Windows user who has had his/her hardware compromised can't really be considered the cause of the bot-nets. The typical Windows user hasn't a freaking clue that his system has been snatched by a pirate and is running as a part of a DDOS or has begun vomiting email spam. Worse, the user even if aware doesn't know what to do to fix the infestation.
Even if the user were inclined and technically savvy-enough to do everything possible to prevent the home system from being subverted, most users are thwarted from regaining control of their system outside of wiping the drive and re-installing the exact same (or worse - an earlier service pack) version of the operating system!
What is really scary is that these same Microsoft programmers and project managers in congregate are writing operating system code that either starts or ends up as code in server applications. One day this same code will begin floating around on the vaporous flotillas of real and virtual “cloud” servers. What's to keep the digital-sociopaths from planting their Jolly Roger on those systems as well?
Putting Windows Defender into Visaster is good but its still an reactive, “after-the-fact” add-on, not an intrinsic and secure means of actively preventing the operating system from getting snagged in the first place by a pirate.
The solution is easy. Outlaw the EULA. Do not allow Microsoft to duck its responsibility for the chaos they have indirectly created on the Internet. Force Microsoft to operate a free service to wipe its operating systems on Internet connected desktops clean.
If Microsoft wants to get into “Web 2.0 cloud services”, a truly wonderful and extremely useful service would be a “Wipe-Clean Windows” website. The user connects up and the system is scoured clean remotely. If Microsoft doesn't want to operate the site then for a fee paid by Microsoft, McAfee, Symantec and Zone Labs might. A few years or decades spent paying for wiping clean millions of computers will provide the economic incentive Microsoft seems to need to get the job done right.
Think of it as getting rid of the Tribbles as on Star Trek! Even the Linux users on the Internet would approve of that!
Wednesday 3 June 2009, 4:02 PM
BSA launches two-month crackdown
The Business Software Alliance is to launch a two-month campaign against businesses in London that haven't paid software licence fees.
BSA will be phoning 1,000 businesses at random, to ask them to fill in a self audit form, to see if they are using unlicensed software. BSA is already investigating several companies in the London area for using unlicensed software, it said in a release.
"The current downturn in the economy does not negate the need for businesses to keep the software they are using up-to-date and legal," said Alyna Cope, spokesperson for the BSA country committee, in a statement. "We want to promote the value of software and educate businesses in the capital on how it should be better managed, helping to save them money at a time when it is most needed and reducing the risk of facing legal action further down the line."
Let me just point out here that the legal action Cope is talking about would come from BSA itself.
Tuesday 2 June 2009, 1:55 PM
Reports: Smith to resign as home secretary
There are various reports that Jacqui Smith is to resign as home secretary in the wake of the MPs expenses scandal.
Smith, who has presided over Home Office-led IT projects, including the plan to log all internet data traffic, and who has pushed forward government plans for a National Identity Register, is to go in a Cabinet reshuffle next week, according to various news articles.
A Home Office spokesperson declined to comment to ZDNet UK immediately, saying that this was a "personal and political matter" for the home secretary.
Smith has been criticised both for claiming her sister's home as her main residence for expenses purposes, and for claiming expenses for two pornographic films viewed by her husband.
The BBC is reporting that Smith is to quit the Cabinet, but will defend her Redditch seat at the next election. The Guardian is saying that Smith's resignation, along with other MPs in the scandal, could lead to a radical shake-up of Brown's Cabinet after the European elections on Thursday.
The Telegraph has posted an op-ed piece saying that her resignation is an "ignominious end to an inglorious career".
The expenses scandal has rocked parliament in the past weeks. The latest high profile figures whose futures are in doubt are Geoff Hoon and Alistair Darling, who have both agreed to pay back some of their expenses claims.
Previous
