disLEXia

Sunday, 06. July 2003

Spionage und Verhaftungen im Sonera-Skandal

Mittwoch, 27.11.02  05:03 MET 

Ein Skandal rund um Finnlands größtes Telekom-Unternehmen Sonera zeichnet sich ab. Am Dienstag ist der ehemalige Sonera-Chef Kaj-Erik Relander von der finnischen Kriminalpolizei festgenommen worden.

Das Unternehmen steht im Verdacht, in den Jahren 2000 und 2001 in großem Stil die Telefonverbindungen aller Mitarbeiter und einer Reihe von Journalisten überwacht zu haben. Derartige Überwachungen sind in Finnland aber nur der Polizei bei Vorliegen gerichtlicher Genehmigungen gestattet.

Möglicherweise wollte man herausfinden, wer Informationen über unternehmensinterne Meinungsverschiedenheiten weitergibt. In diesem Skandal um die ehemalige Telecom Finnland ist das bereits die sechste Festnahme.  

Finnen empört Der komplett fehlgeschlagene Erwerb einer deutschen UMTS-Lizenz der mehrheitlich staatlichen Sonera [zusammen mit der spanischen Telefonica Moviles] hatte im Sommer sogar die finnische Regierung ins Wanken gebracht. Medien in Helsinki stuften das 3G-Joint-Venture als "größten unternehmerischen Fehler aller Zeiten" ein. Regierung wackelt wegen UMTS-Lizenz

        Zwei derzeitige Manager ebenfalls unter Verdacht Ebenfalls am Dienstag hat ein Gericht in der Hauptstadt Helsinki bestimmt, dass vier der fünf zuvor Festgenommenen weiter in Gewahrsam bleiben.

Als Erstes waren der Leiter der Sicherheitsabteilung bei Sonera, Juha Miettinen, sowie zwei seiner Mitarbeiter hinter Gittern gelandet.

Am Freitag mussten sich schließlich Executive Vice President Jari Jaakkola und Vice President Henri Harmia dazugesellen.

Jaakkola war zum Zeitpunkt der vermuteten Rechtsbrüche Leiter der Abteilung Corporate Communications.    

Finnland will vier Milliarden Euro zurück Der konservative finnische Kommunikationsminister Kimmo Sasi hat sich für die Rückzahlung aller 50,5 Milliarden Euro für UMTS-Lizenzen in Deutschland ausgesprochen. Deutschland lehnt Rückzahlung ab

        Fusion mit Telia nicht in Gefahr Vizepräsident Henri Harmia ist international vor allem durch seine Rolle als Chefunterhändler für die milliardenschwere Fusion der finnischen Sonera mit der schwedischen Telia bekannt geworden.

Diese Fusion ist erst vergangene Woche von den Aktionären durch eine Annahme entsprechender Aktientauschangebote genehmigt worden.

Beide Unternehmen haben bekannt gegeben, dass das Bekanntwerden der Vorfälle die Fusion nicht beeinträchtigen würde.    

Sonera hat etwa 7.400 Mitarbeiter. Weiter gibt das Unternehmen an, etwa 2,4 Millionen Mobilfunkkunden und rund 770.000 Festnetzanschlüsse zu betreuen. Gemeinsamer Name von Sonera und Telia

  [Futurezone / Reuters ]
10:01 | permanent link | mail this

Monday, 25. November 2002

The spy inside your home computer

Your home computer is a pretty dumb device that usually does what it is told. But with the right help this mute machine can become disturbingly "talkative".

So-called "parasite programs" are logging what you do online and, like a nest of busy gossips, sharing the information with anyone who will pay to listen.

Not all spies are so obvious

As concern mounts over these sneaky tactics, privacy experts, cyber watchdogs and many concerned net users have started to compile lists of these programs.

Most parasite programs divide into two categories:

&149; "adware" - programs on your computer that fling pop-up ads at you, install toolbars full of adverts or hijack searches and web use; and

&149; "spyware" - more underhand, these devices surreptitiously watch what you do, steal personal information and despatch it across the web. What they have in common, is that they quietly download onto your computer while you are online.

Sometimes they come attached to software you download from the web - the details are often included in the license agreement small print that most users click through without reading.

And sometimes they don't even need your permission to download, but just hop on your hard drive, totally unannounced, because you are browsing the wrong webpage.

[BBC News Online]
15:48 | permanent link | mail this

Friday, 22. November 2002

Internal Microsoft Server Exposed Sensitive Information To The Internet

A popular Microsoft file server remained partially offline on Thursday after it was discovered that the system exposed confidential internal documents and information on millions of customers, the company confirmed.

Some Microsoft staff apparently didn't realize the server was publicly accessible, Microsoft said.

The FTP (File Transfer Protocol) server is used to allow Microsoft customers to download drivers, software patches, and other files, as well as upload files for analysis by Microsoft tech support, the company said.

The confidential documents were exposed because some Microsoft marketing staff were using the FTP server as a repository, not realizing that the server was open for public access.

As of Thursday, users could upload -- but not download -- files to the server, Microsoft said.

Among the files accessible were confidential company presentations, spreadsheets, internal reports and a 1 GB database of user names and mailing addresses, which was kept in a zip file that was easily opened with freely available password-cracking software.

The FTP server was intended for use only by Microsoft's product support organization, but marketing staff were apparently using the server, unaware that it was accessible from the Internet. The confidential information was available on the server since Nov. 15 or earlier. Microsoft took the server offline on Monday and put it back up when it was cleaned of confidential files, but Microsoft employees then began uploading new confidential files to the server. [TechWeb: Security]

See also: http://www.theregister.co.uk/content/55/28252.html

Microsoft made customer details - along with numerous confidential internal documents - freely available from a deeply insecure FTP server earlier this month.

A well as numerous PowerPoint slides, such as Linux Vs Windows comparisons and .NET strategy papers, Microsoft "published" files an estimated 11 million customer email addresses and seven million snail mail address on the server.

All these confidential files were protected by the same password which was easily defeated by standard password-cracking tools, another point Microsoft would do well to note in reviewing its security policy.
17:11 | permanent link | mail this

Blueprint hacker duped

Dutch police have just disclosed that they searched the house of a computer hacker in Leusden on July 16, at the request of the American authorities.

The 19-year-old man had evidently hacked the network of Hellmuth, Obata & Kassabaum (HOK), an American architectural company involved in renovation work at the US Department of Defence, gaining access to alarm-system and other blueprints of the Pentagon and several FBI buildings.

Reporting on the website WebWereld, the hacker said that he had accepted an offer by the firm of architects to help identify flaws in its network security in exchange for US$3,600, and had subsequently submitted his report.

However, after disclosing his address the hacker found the police on his doorstep. Europemedia.net Nov 23 2002 6:10PM ET [moreover Computersecurity]
00:00 | permanent link | mail this

Thursday, 21. November 2002

Longhorn-Leck angeblich bedeutungslos

Im Internet sind angebliche Alpha-Versionen der nächsten Windows-Version mit Codenamen Longhorn aufgetaucht.

Manchen Computernutzern kann es nicht schnell genug gehen. Seit einem Jahr erst ist Windows XP auf dem Markt und hat sich seitdem als bestes Windows-Betriebssystem aller Zeiten bewährt. Trotz der Stabilität von XP sehnen die Fans bereits das Jahr 2005 herbei, in dem der Nachfolger veröffentlicht werden soll. Im Internet sind jetzt internationalen Medienberichten zufolge erste Versionen des XP-Nachfolgers aufgetaucht, der derzeit unter dem Codenamen Longhorn entwickelt wird. Wie es in den Artikeln heißt, sei derzeit die Build-Version 3683 im Umlauf. Sie sei zwar noch völlig unausgereift, erlaube aber einen ersten Blick auf künftige Funktionalitäten des Betriebssystems. Ein Microsoft-Sprecher versuchte, das Longhorn-Leck herunterzuspielen. Die Build-Version, die derzeit im Umlauf sei, werde bis 2005 noch so viele Änderungen durchlaufen, dass sie mit dem endgültigen Produkt nicht mehr viel zu tun haben werde. Deshalb sei es nicht nur riskant, sondern auch nutzlos, Longhorn auf dem heimischen Rechner zu installieren. [PC-Magazin]
12:55 | permanent link | mail this

Thursday, 29. August 2002

Sabotage in a few clicks: NDS vs. Canal Plus

[Source: A very long and interesting article by David Streitfeld, *Los Angeles Times*, Column One, 29 Aug 2002; PGN-ed] Also, "In 1999, Internet bookseller Alibris paid $250,000 to resolve federal charges that it had unlawfully intercepted thousands of e-mail messages to its customers from online bookseller Amazon.com." [Max <max7531@earthlink.net> via risks-digest Volume 22, Issue 22]
13:10 | permanent link | mail this

Sabotage in a few clicks: NDS vs. Canal Plus

Canal Plus (a maker of smart cards) alleges a rival firm (NDS Group, a competing company largely owned by Rupert Murdoch's News Corp) broke its secret code, then gave it to counterfeiters. (In Italy, for example, 75% of premium-channel viewers are reportedly freeloaders using bogus cards.) Canal Plus is suing for a billion dollars in damages. NDS denies the charges, attributing the suit to "an attempt by an inept competitor to shift the blame for its incompetence." This situation has also played a role in the downfall of Vivendi's Jean-Marie Messier and the auctioning off of Vivendi's Italian satellite system -- purchased by News Corp. "The case marks the biggest and most sensational accusation yet of corporate cybercrime, a shadowy, unsavory and increasingly popular activity." [Source: A very long and interesting article by David Streitfeld, *Los Angeles Times*, Column One, 29 Aug 2002; PGN-ed]

[Max <max7531@earthlink.net> via risks-digest Volume 22, Issue 22]
13:10 | permanent link | mail this

Thursday, 21. March 2002

BT is publishing confidential ex-directory telephone numbers

British Telecom offers, in the UK, a range of discounted telephone services to domestic subscribers under the name "BT Together". One of their exclusions under some such schemes is calls to ISPs.

Go to the following part of their Web site: http://www.bt.com/together/isp_exclusion.jsp ...and follow the "click here to view the full list" link.

This purports to be a list of telephone numbers for ISPs. However, it has been very crudely assembled, and includes several (possibly many) telephone numbers that are actually confidential ex-directory dial-in numbers for various organisations. When I looked, the list contained 4960 numbers in total.

The potential for abuse (especially denial of service) is obvious. I.T. managers in the UK should check whether their dial-in numbers appear on the list. If they do, they should urgently consider having the telephone number changed. [clive-nospam-risks@nsict.org (Clive Jones) via risks-digest Volume 22, Issue 01]
14:56 | permanent link | mail this

Wednesday, 05. December 2001

Judge ordered hack of Interior Department trust fund system

In an extraordinary step approved by a federal judge, a computer expert hacked his way into a government-run, Denver-based financial system last summer, created a false account and later altered yet another account. All this happened without the hacker being detected. Those steps, endorsed by U.S. District Judge Royce C. Lamberth in advance, were revealed Tuesday as part of a court case involving the Interior Department's handling of more than 300,000 trust accounts it is supposed to manage for American Indians. A court-appointed master said the ease with which the government's computer system could be penetrated was "deplorable and inexcusable." In a report ordered released by Lamberth, the special master, Alan Balaran, called on the judge to seize control of the system. [Source: Court-appointed hacker altered Indian accounts, by Bill McAllister <bmcallister@denverpost.com>,

• Denver Post* Washington Bureau Chief, 5 Dec 2001 (http://www.denverpost.com/Stories/0,1002,53%257E254976,00.html; PGN-ed

Monday, 30. July 2001

JDS Uniphase quarterly results hacked? NO!

I saw this interesting aside in an *Ottawa Citizen* article (27 Jul 2001) about JDS Uniphase's latest quarterly results:

"The world's largest maker of fibre optic components was forced to halt the trading of its stock for most of the afternoon yesterday because a hacker broke into its corporate network and stole a draft copy of the company's fourth-quarter results. It had been released before the markets closed yesterday afternoon."

The article is at http://www.ottawacitizen.com/business/010727/5066222.html

The obvious risk here is the consequences of storing very valuable information unencrypted on a network-accessible computer. Nothing new in that lesson. What would be interesting is knowing is *how* JDS Uniphase knew that this break-in had occurred, and what form the break-in took. It sounded like a story we'd all be interested in hearing.

A further article, from the *Globe & Mail* (28 Jul 2001), with the rather convoluted URL of http://rtnews.globetechnology.com/servlet/RTGAMArticleHTMLTemplate/C,C/20010728/wfhack?tf=RT/fullstory_Tech.html&cf=globetechnology/tech-config-neutral&slug=wfhack&date=20010728&archive=RTGAM&site=Technology contains more details. Apparently, there was no 'hacker' or 'break-in'. JDS had placed the release on their Web site. A sharp-eyed surfer noticed that if you type in the exact file name, up pop the results. I suspect that a document-naming convention was apparent from looking at previous financial results.

As to how JSU found out about the 'break-in': the 'hacker' phoned them up and told them.

Dave Isaacs <dave.isaacs@ottawa.com>

[JDS apparently reported a $51 billion loss for the year ending 30 Jun 2001, and 16,000 jobs lost. PGN] [Dave Isaacs <dave.isaacs@entrust.com> via risks-digest Volume 21, Issue 56]
00:00 | permanent link | mail this

Friday, 04. May 2001

Lucent workers charged with selling secrets to Chinese

Federal authorities arrested two Lucent scientists and a third man yesterday, charging them with stealing software associated with Lucent's PathStar Access Server and sharing it with a firm majority-owned by the Chinese government. The software is considered a "crown jewel" of the company. Chinese nationals Hai Lin and Kai Xu were regarded as "distinguished members" of Lucent's staff up until their arrests. The motivation for the theft, according to court documents, was to build a networking powerhouse akin to the "Cisco of China." The men face a maximum five years in prison and a $250,000 fine. (*USA Today*, 4 May 2001 http://www.usatoday.com/life/cyber/tech/2001-05-03-lucent-scientists-china.htm NewsScan Daily, 4 May 2001, written by John Gehl and Suzanne Douglas, editors@NewsScan.com) ["NewsScan" <newsscan@newsscan.com> via risks-digest Volume 21, Issue 38]
00:00 | permanent link | mail this

disLEXia, a research project by Maximillian Dornseif