Chinese Hackers Go After Dissidents

The “Comment Crew,” a group of China-based hackers whose outing earlier this year in major media outlets caused a conflict with the U.S., have resumed their attacks against dissidents.

FireEye, a security vendor that specializes in trying to stop sophisticated attacks, has noticed attackers using a fresh set of tools and evasion techniques against some of its newer clients, which it can’t name. But Rob Rachwald, director of market research for FireEye, said in an interview Monday that those clients include an organization in Taiwan and others involved in dissident activity.

The Comment Crew was known for many years by security analysts, but its attacks on The New York Times, described in an extensive report in February from vendor Mandiant, thrust them into an uncomfortable spotlight, causing tense relations between the U.S. and China.

Rachwald said it is difficult to determine if the organizations being targeted now were targeted by the Comment Crew previously, but FireEye said last month that the group didn’t appear to be hitting organizations they had compromised before.

Organizations opposing Chinese government policies have frequently been targeted by hackers in what are believed to be politically motivated surveillance operations.

The Comment Crew laid low for about four months following the report, but emerging clues indicate they haven’t gone away and in fact have undertaken a major re-engineering effort to continue spying. The media attention “didn’t stop them, but it clearly did something to dramatically alter their operations,” Rachwald said in an interview.

“If you look at it from a chronological perspective, this malware hasn’t been touched for about 18 months or so,” he said. “Suddenly, they took it off the market and started overhauling it fairly dramatically.”

FireEye researchers Ned Moran and Nart Villeneuve described the new techniques on Monday on FireEye’s blog.

Two malware samples, called Aumlib and Ixeshe, had been used by the Comment Crew but not updated since 2011. Both malware programs have now been altered to change the appearance of their network traffic, Rachwald said.

Many vendors use intrusion detection systems to spot how malware sends data back to an attacker, which helps determine if a network has been compromised. Altering the method and format for how the data is sent can trick those systems into thinking everything is fine.

In another improvement, encryption is now employed to mask certain components of the programs’ networking communication, Rachwald said. The malware programs themselves, which are designed to steal data and log keystrokes, are basically the same.

Mandiant’s report traced the hacking activity to a specific Chinese military unit called “61398.” The company alleged that it waged a seven-year hacking spree that compromised 141 organizations.

Rachwald said it is strongly believed the Comment Crew is behind the new attacks given its previous use of Aumlib and Ixeshe. But the group has also re-engineered its attack infrastructure so much over the last few months that it is difficult to say for sure.

Source

Amazon Goes To Court

Amazon is suing Daniel Powers, its ex VP in charge of global sales for Amazon Web Services because he joined Google in a cloud role.

Taking the new job, asserts Amazon, violates Powers’ non-compete agreement with Amazon, which let Powers go this summer with a reasonable severance package.

There is a risk that Powers could take important information that he learned about the Amazon web services business to its rival, Google, and that is what the firm is seeking to stop.

According to Geekwire Amazon wants an injunction against Powers to prevent him from “engaging in any activities that directly or indirectly support any aspect of Google’s cloud computing business”.

A court filing claims that Amazon has an agreement with Powers that says he will not join a rival for a “limited time following the termination of his employment”.

Powers, it warns, is a veteran who knows the cloud business from “top to bottom”, adding that he has “acquired and currently possesses extensive knowledge of Amazon’s trade secrets and its highly confidential information”.

The complaint says that he has extensive and detailed information about Amazon Web Services’ prospects, business, potential business partners, pricing strategies and goals.

Amazon has not provided us with further comment.

Source…

I.T. Spending On The Rise

Worldwide IT spending remains on track to increase by 6% in 2012 despite the grim economic conditions in Europe, thanks to strong software, storage, smartphone and tablet sales, according to IDC.

While 2012 has been a tough year for many IT vendors, they have done better overall than many expected in the first half of the year, IDC said.

For example, software spending has been robust, even in parts of the world where the economy has been weakest, as businesses hope software tools and applications will help them implement cost-reduction strategies.

The 6% growth compares to a 7% increase in worldwide IT spending last year. IDC expects 6% growth in 2013.

Software, storage, enterprise network and mobile device markets have offset weaker sales in servers, peripherals and PCs. However, the launch of Windows 8 during the fourth quarter should help the PC market recover next year, IDC said.

U.S. IT spending will grow by 5.9% in 2012, compared to 8.5% last year. However, the strength of the dollar during the first six months of the year means that IT spending in dollar terms will grow just 4% for the full year.

Source…

Oracle Wants More Money From SAP

Oracle is appealing the damages awarded from SAP that it was granted and is pushing for more.

The news has disappointed SAP, according to a German newspaper, and the firm is worried that the appeal will draw out the five year long legal battle even longer.

“We are disappointed that the lawsuit Oracle pulls further out,” said a SAP spokesman to the German newspaper Mannheimer Morgen.

“We had agreed on a sensible arrangement, because we believe that this case has gone on long enough. We remain committed to bring this dispute to an end.”

Neither firm has commented yet, but the appeal follows SAP’s admission of liability in the Tomorrownow affair.

SAP pleaded guilty last year and acknowledged that its Tomorrownow subsidiary had done wrong. Tomorrownow was accused of downloading information belonging to Oracle, including software and customer information related to Peoplesoft users.

Oracle was initially awarded $1.3bn in damages but this was knocked down to $306m by a judge who told it that it had two options, accept that sum or take SAP back to court.

Source…

Chase Building 1/2 Billion Dollar Data Center

The enthusiastic backer of Enron and serial over charger of  mortgage payers, JPMorgan Chase has just splashed out on a new $500 million data center.

CEO Jamie Dimon announced the move which practically everyone in the IT industry finds a bit strange. While Chase is the US’s largest bank, the new facilities are a little big by anyone’s standard. It is about the same about of money that Google and Microsoft in their largest data centres for their cloud networks.

Dimon cited the figure as one of the advantages of being a big size. It can afford to invest cash in this way. Size lets Chase build a $500 million data centre that speeds up transactions and invest billions of dollars in products like ATMs and apps that allow your iPhone to deposit cheques, he enthused.

JPMorgan Chase operates two large data centres in Delaware and a 400,000 square foot facility. It also acquired data centres in its deals for distressed rivals Bear Stearns and Washington Mutual in the early days of the 2008 financial crisis. So why it needs a huge new one is anyone’s guess.

Source…

Artificial Photosynthesis Developed

Panasonic said on Monday it has created a new system for artificial photosynthesis that can remove carbon dioxide from the air almost as well as plants do, as part of the company’s entry into an industry-wide trend toward greener tech.

The company said its system uses nitride semiconductors, which are widely used in LEDs (light-emitting diodes) to convert light to energy, and a metal catalyst to convert carbon dioxide and water to formic acid, which is widely used in dyes, leather production and as a preservative.

Carbon dioxide is a major pollutant and considered to be a main cause of the “greenhouse effect,” which most climate scientists believe causes global warming.

Panasonic has struggled with its traditional electronics business and has made eco-friendly products and practices the key element in its turnaround plan. The company is hoping to leverage its large rechargeable battery and solar businesses, while joining the industry in embracing technologies that are friendlier to the environment. The issue is an important one with customers, as demonstrated by the the outcry earlier this month when Apple was forced to rejoin a green standards program when clients complained about its earlier withdrawal.

Panasonic said the system can convert carbon dioxide and water to formic acid with an efficiency of 0.2 percent in laboratory conditions, which is similar to the conversion rate for green plants. The efficiency refers to the portion of the incoming light energy stored in materials produced during the process.

Source…

Spray-On Battery Coming To The Office

Researchers at Rice University in Houston have created a prototype spray-on battery that could allow engineers to rethink the way portable electronics are developed.

The rechargeable battery boasts similar electrical characteristics to the lithium ion batteries that power almost every mobile gadget, but it can be applied in layers to almost any surface with a conventional airbrush, said Neelam Singh, a Rice University graduate student who led a team working on the technology for more than a year.

Current lithium ion batteries are almost all variations on the same basic form: an inflexible block with electrodes at one end. Because they cannot easily be shaped, they sometimes restrict designers, particularly when it comes to small gadgets with curved surfaces, but the Rice prototypes could change that.

“Today, we only have a few form factors of batteries, but this battery can be fabricated to fill the space available,” said Singh.

The battery is sprayed on in five layers: two current collectors sandwich a cathode, a polymer separator and an anode.

“It was difficult optimizing the components in the form of a paint,” said Singh. Initial versions were sensitive to moisture and would peel off, but the addition of a polymer and a heat-sealing step solved this problem.

The result is a battery that can be sprayed on to plastics, metal and ceramics.

.

Source…

Google Tweaks It’s Search Engine

Google is changing the way it handles searches in the United States to give users quick access to answers without leaving the page, the company said.

The new search process is based on what Google calls the “knowledge graph” — meaning that it tries to pinpoint faster the context surrounding its users’ keyword searches.

“Over the years, as search has improved, people expect more,” said Amit Singhal, vice president of engineering at Google and the head of search, in an interview. “We see this as the next big improvement in search relevance.”

The redesign, which for now affects only U.S.-based English language users, is gradually being rolled starting Wednesday on desktop, mobile and tablet platforms. Google plans to eventually expand the new search features outside the U.S., Singhal said, without specifying when.

Many of the results will carry more graphical elements, compared to standard lists of search results, such as maps and pictures of related results, often in separate pop-ups. The idea is to let users easily discover what related material interests them and click through to it, Singhal said.

Source…

Cisco Lends A Hand In Fighting Fraud

Cisco released an API at the Interop 2012 Conference this week for its branch routers designed to enable third-party developers to write applications to beef up the security of phone calls over the router network.

The Cisco UC Gateway Services API is a Web-based programming interface that allows customers and developers access to call information over a Cisco ISR G2 router at the edge of a voice network, such as signaling and media. This information can be used to detect and help prevent malicious activity such as social engineering and identity theft scams, contact center account takeover fraud, unauthorized network and service use, and denial-of-service attacks.

Applications written to the API can then apply appropriate action to terminate, redirect or record the call.

Cisco, citing data from the Communications Fraud Control Association, says global telecom fraud losses are estimated to be $40 billion annually.

Source…

Jury Finds Google Liable

A jury has found Google liable for copyright infringement in its use of Java in Android, but so far has not decided whether that infringement was protected by rules governing “fair use.”

The verdict, delivered Monday after a week of deliberations by the jury, is a partial victory for Oracle in its lawsuit against Google. But Oracle will have to wait longer — possibly for a retrial — to see whether Google will escape liability by claiming fair use.

Google’s attorney, Robert Van Nest, immediately told the judge that Google would file for a mistrial. Google’s argument will be that the same jury must decide both the copyright infringement and fair use issues.

The jury also decided that Sun’s public statements about Java might have suggested to Google that it did not need a license for Java.

But in another setback for Google, it decided there was insufficient evidence to show that Google relied on that information.

Source…

« Previous Page — Next Page »