Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Electronic Frontier Foundation

DOJ Often Used Cell Tower Impersonating Devices Without Explicit Warrants 146

Via the EFF comes news that, during a case involving the use of a Stingray device, the DOJ revealed that it was standard practice to use the devices without explicitly requesting permission in warrants. "When Rigmaiden filed a motion to suppress the Stingray evidence as a warrantless search in violation of the Fourth Amendment, the government responded that this order was a search warrant that authorized the government to use the Stingray. Together with the ACLU of Northern California and the ACLU, we filed an amicus brief in support of Rigmaiden, noting that this 'order' wasn't a search warrant because it was directed towards Verizon, made no mention of an IMSI catcher or Stingray and didn't authorize the government — rather than Verizon — to do anything. Plus to the extent it captured loads of information from other people not suspected of criminal activity it was a 'general warrant,' the precise evil the Fourth Amendment was designed to prevent. ... The emails make clear that U.S. Attorneys in the Northern California were using Stingrays but not informing magistrates of what exactly they were doing. And once the judges got wind of what was actually going on, they were none too pleased:"
Networking

Misconfigured Open DNS Resolvers Key To Massive DDoS Attacks 179

msm1267 writes with an excerpt From Threat Post: "While the big traffic numbers and the spat between Spamhaus and illicit webhost Cyberbunker are grabbing big headlines, the underlying and percolating issue at play here has to do with the open DNS resolvers being used to DDoS the spam-fighters from Switzerland. Open resolvers do not authenticate a packet-sender's IP address before a DNS reply is sent back. Therefore, an attacker that is able to spoof a victim's IP address can have a DNS request bombard the victim with a 100-to-1 ratio of traffic coming back to them versus what was requested. DNS amplification attacks such as these have been used lately by hacktivists, extortionists and blacklisted webhosts to great success." Running an open DNS resolver isn't itself always a problem, but it looks like people are enabling neither source address verification nor rate limiting.
Google

Submission + - Fraudulent Certificate for Google Domains Found After Mistake by Turkish CA (threatpost.com)

Trailrunner7 writes: Google has pushed out an update that blocks an intermediate digital certificate for *.google.com after discovering that a Turkish certificate authority had mistakenly issued intermediate certificates to two organizations that should only have gotten normal SSL certificates. That error gave those two organizations the power to issue certificates that carried the same authority as the CA itself and allowed one of the organizations to issue the fraudulent wild card certificate for Google. One of the groups that obtained the intermediate certificate is a Turkish government agency.

The problem was discovered by Google security personnel just before Christmas and the Google team quickly found that it was a Turkish CA named TURKTRUST that had issued the intermediate certificate. That mistake essentially granted the company with the intermediate certificate the ability to issue certificates for any domain it chose.

Microsoft and Mozilla also have revoked trust in the two bad intermediate certificates. Neither Google nor Microsoft has said whether the wild card certificate was used in any actual attacks, but the implications of the mistake by TURKTRUST are huge. With an intermediate certificate in hand, an attacker would have the ability to issue a valid certificate for any domain she chose. The attacker then would be able to represent to a user's browser that the domain is legitimate, thereby fooling the user into trusting the site. Using such an attack to impersonate a bank or shopping site could lead to a major payday for an attacker, but using it to impersonate a Google service such as Gmail could create an entirely separate set of problems.

Google

Submission + - Turkish CA Issues Fraudulent Certificate for Google.com (securityweek.com)

wiredmikey writes: Google said that late on Christmas Eve, they detected and blocked an unauthorized digital certificate that was created for the "*.google.com" domain that was linked back to Turkish certificate authority, TURKTRUST.

“TURKTRUST told us that based on our information, they discovered that in August 2011 they had mistakenly issued two intermediate CA certificates to organizations that should have instead received regular SSL certificates,” Adam Langley, Software Engineer at Google wrote in a blog post on Thursday.

Microsoft on Thursday issued a security advisory on the incident and took measures to protect customers.

Because Intermediate CA certificates have the full authority of the CA, an attacker could use it to create a certificate for any website they want to impersonate. “The fraudulent certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against several Google web properties,” Microsoft’s advisory said. “This issue affects all supported releases of Microsoft Windows.”

Google said that it may also take additional action after looking into the issue further.

Android

Submission + - Google Q2: 550k Android activations/day, 250k apps (phandroid.com)

alostpacket writes: "Many of the Android sites and blogs are reporting some highlights from Google's Q2 earnings call: Android is now up to 550,000 activations per day. This comes just two weeks after they hit the 500k milestone. Adding to the big number news: 250,000 apps, 6 billion downloads, and $9 billion in revenue ($2.5b net) for Google overall. Apple still maintains the high score in the mobile app game though. They recently reported 15 billion downloads and 350,000 apps. And even may be regaining momentum from developers."
The Internet

Submission + - 23,000 file sharers targeted in the latest suit (wired.com)

wiedzmin writes: Subpoenas are expected to go out this week to ISP's in what could be a biggest BitTorrent downloading case in U.S. history. At least 23,000 file sharers are being targeted by the U.S. Copyright Group for downloading "Expendables". Company appears to have adopted Righthaven's strategy in blanket-suing large numbers of defendants and offering an option to quickly settle online for a moderate payment. The IP addresses of defendants have allegedly been collected by paid snoops capturing IP addresses of all peers who were downloading or seeding Sylvester Stallone's flick last year. I am curious to see how this will tie into the the BitTorrent case ruling made earlier this year, indicating that an IP address does not uniquely identify the person behind it.

Slashdot Top Deals

If you would know the value of money, go try to borrow some. -- Ben Franklin

Working...