Posts Tagged ‘Hacking’


How “omnipotent” hackers tied to NSA hid for 14 years—and were found at last | Ars Technica

“Equation Group” ran the most advanced hacking operation ever uncovered.

U.S. Embedded Spyware Overseas, Report Claims | NYTimes.com

The United States has found a way to permanently embed surveillance and sabotage tools in computers and networks it has targeted in Iran, Russia, Pakistan, China, Afghanistan and other countries closely watched by American intelligence agencies, according to a Russian cybersecurity firm.

In a presentation of its findings at a conference in Mexico on Monday, Kaspersky Lab, the Russian firm, said that the implants had been placed by what it called the “Equation Group,” which appears to be a veiled reference to the National Security Agency and its military counterpart, United States Cyber Command.

Equation Group: The Crown Creator of Cyber-Espionage | Kaspersky Lab

Surprise! America Already Has a Manhattan Project for Developing Cyber Attacks | WIRED

世界で最も高度かつプロのサイバー攻撃集団The Equation Group–その正体は | ZDNet Japan

Read Full Post »


[英国の GCHQ:The Guardian

世界最大のスパイ組織[米 NSA と英 GCHQ]がすでに SIM カードの暗号化キーを入手済みだというなんともショッキングなニュース。

Snowden 文書の中でも超弩級のニュースではないか・・・

The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle | The Intercept

     *     *     *

SIM カードの暗号化キーが盗まれた

NSA[米国家安全保障局]の内部告発者 Edward Snowden が The Intercept に提供した極秘文書によれば、米国と英国のスパイ組織が世界最大の SIM カードメーカーのコンピュータネットワークに侵入して、携帯通信のプライバシーを保護する暗号化キーを盗みだしたという。

American and British spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden.

     *     *     *


NSA と英国の GCHQ[Government Communications Headquarters:英政府通信本部]が共同でこのハッキングを実行した。2010 年の GCHQ 秘密文書によれば、これら諜報機関は世界の携帯通信(データ通信および音声通信)の大部分を秘密裡にモニターすることが可能になるという。

The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data.

     *     *     *



With these stolen encryption keys, intelligence agencies can monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments. Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider’s network that the communications were intercepted. Bulk key theft additionally enables the intelligence agencies to unlock any previously encrypted communications they had already intercepted, but did not yet have the ability to decrypt.

     *     *     *

NSA と GCHQ の標的とされたオランダの会社「Gemalto」は世界最大の SIM カードメーカーだという。年間 20 億枚の SIM カードを製造、AT&T、T-Mobile、Verizon、Sprint をはじめとする世界の 450 のワイヤレスネットワークサービスプロバイダが顧客で、世界 85 か国で営業を展開する。


5000 語を超える長文の記事は、これまで存在さえ知られていなかったハッキングチーム Mobile Handset Exploitation Team(MHET)の活動からそのもたらす影響まで詳細にわたっている。

ウェブでは個人はまる裸だと痛感していたが、SIM カードの暗号化キーまでハッキングされているとなると、これはもういかなる個人といえども監視の目を逃れることは不可能だということではないか・・・

Read Full Post »


【サイト運営者必見】脅威のサイト丸ごと盗用プログラム現る!その手口と対策、受けた被害についてまとめました | アナザーディメンション

パクリブログ問題がようやく一定の解決。「WP-Ban」による報復対策を実行 | アナザーディメンション


ブログ丸パクリ騒動続報。グーグルとのDMCA侵害に関するメールの詳細と対応の難しさからくる絶望 | アナザーディメンション

ブログが丸ごとパクられました。「http://www.advieshoreca.nl/6s/csctccase.asp」は偽物です | アナザーディメンション

Read Full Post »



Meet the Man Who Finds Your Stolen Passwords | Popular Mechanics

Everyone can see most of the internet, Holden says, but only some people can find the rest, the so-called Deep Web that’s not searchable by Google. The Deep Web is hundreds, perhaps thousands, of times larger. Much of it is benign—private company sites and such. “And then there is the black part of the Internet,” says Holden—the Dark Web, or Darknet. He enters it on a browser that makes him anonymous and untraceable.

“I’m gonna show you a hacker forum from the inside out,” he says, scooting in his chair. He calls up a discussion board, types in two passwords, and gains administrator status, meaning he can move godlike through the forum and read private conversations. […]

Read Full Post »


右往左往の挙句、ソニーはThe Interviewをクリスマスに一部劇場で公開する | TechCrunch


Congrats, Sony, on the most cunning Marketing campaign a film has ever seen:

Sony Releases ‘The Interview’ Online | WSJ

Google, which is offering the movie through its YouTube and Google Play stores, and Microsoft, which is using its Xbox Video Store, were the only companies willing and able to offer it on Dec. 24. Sony talked to Apple Inc., which is a dominant No. 1 in online movie sales and rentals with its iTunes Store, and Amazon.com Inc., which is No. 2, but neither were willing to immediately join the effort, according to the person with knowledge of the talks.

Spokesmen for Apple and Amazon declined to comment.


Apple reportedly didn’t have time to put The Interview on iTunes. I don’t buy that now.

Read Full Post »



ソニー映画The Interview』をめぐる空騒ぎのなかで、David Carr の書いたものがいちばん腑に落ちるような気がする。


How the Hacking at Sony Over ‘The Interview’ Became a Horror Movie | NYTimes.com

     *     *     *



It was a remarkable and disorienting turn of events: a tiny, failing state that lacks the wherewithal to feed its own people was deciding which movies we can and cannot see, while the industry it had attacked watched silently from the sidelines, and the president of the United States felt compelled to step into an international confrontation catalyzed by a lowbrow comedy. […]


The threats and subsequent cancellation will become a nightmare with a very long tail. Now that cultural discourse has become the subject of online blackmail, it is hard to imagine where it will end. Documentaries, which have become increasingly important sources of news and information, could suddenly be in jeopardy. […]

     *     *     *


2011 年にソニーの PlayStation がセキュリティ攻撃に晒されたとき、当時 CEO だった Howard Stringer と話す機会があったが、3日間の間彼は蜂の巣箱に身を隠しているように思えた。そのソニーがハッカー攻撃のターゲットにされないような何らかの有効な方策をその後講じなかったことは不可解だ。

Sony I happened to be with Howard Stringer, then chief executive of Sony, during a vast security attack on its PlayStation platform in 2011 — he looked as if he had been living inside a beehive for three days. That Sony did not harden as a target in a meaningful way afterward is inexplicable.

大胆で独創的なアイデアは歓迎だが、それにしても実際に現存する主権国家の支配者がおバカな暗殺者に吹き飛ばされるコメディなんてほんとうに重要な意味があるのだろうか? 無慈悲な支配者を風刺するのであれば、いくらでも方法はある。チャーリー・チャップリンが『独裁者』(The Great Dictator)でヒットラーを余すところなく(名指しにはしないで)やっつけたように・・・

And while I am all for bold creative choices, was it really important that the head being blown up in a comedy about bungling assassins be that of an actual sitting ruler of a sovereign state? If you want to satirize a lawless leader, there are plenty of ways to skin that cat, as Charlie Chaplin demonstrated with “The Great Dictator,” which skewered Hitler in everything but name.

     *     *     *


じゃあ正しい対応策とは何なのか? — アメリカ人はソファに座ってあらゆる事象を見るのが得意だ。だからその衝動を抑えつけなければいいのだ。

So what is the right response? Americans are good at sitting on a couch and watching all kinds of stuff, so why not harness that impulse? […]

The Interview』を Hulu で公開すればいい。iTunes でも、Google Play でも、NBC やあらゆる放送網で、そして Showtime などあらゆるケーブルテレビで・・・あらゆるところで誰でもボタンひとつで「同時に」見れるようにすればいい。そうすればみんなが見るので、誰をターゲットにしていいか分からなくなり、検閲への決め手となり得るのだ。

[…] Put “The Interview” on Hulu, on iTunes, on Google Play, on Netflix, on NBC and all the broadcast networks, on Showtime and all the cable stations, put it anywhere and everywhere that people can push a button and watch at the same time. Ubiquity and the lack of a discernible target would trump censorship.


Play the movie.

     *     *     *

本質を衝いた David Carr の視点にはいつも頷かされる。

発表当初さまざまな疑問が提示された iPad について、「姿を消すガジェット」としての本質を見事に言い得たのが彼だった。

The Interview』ハッキングについての様々な偽善的論議を David Carr は厳しく糾弾する。


こんな記者の存在こそが NY タイムズのような大手メディアの強みだろう・・・

なお The Globe and Mail 紙の David Carr 論もたいへん興味深い。

Read Full Post »


[『The Interview』の封切り中止:NYTimes.com


まずソニー・ピクチャーズがハッカー攻撃に屈して(?)、発端となったコメディー映画『The Interview』のクリスマス封切りを諦めた。




ハッキングにより Torrent サイトに流出した映画は、この他にも『Annie』、『Fury』、『Mr. Turner』、『Still Alice』、『To Write Love on Her Arms』などがある。

話題性という点では『The Interview』がダントツか・・・





Read Full Post »

Older Posts »