Karsten Nohl, a German network security and cryptography expert, announced the discovery of a relatively simple technique of intercepting and decrypting data transmitted over the GPRS protocol.
His team also discovered that many mobile carriers use a low-security variant of GPRS, while some of them disable GPRS traffic encryption altogether.
There can be two reasons behind such ignorant attitude of mobile carriers to the security of their clients’ data:

• An attempt to save on equipment required for proper data protection.
• Deliberate disablement of data encryption for retaining access to clients’ data.

Karsten Nohl claims that his discovery is far from being theoretical: his team was able to capture and decrypt data in T-Mobile, O2 Germany, Vodafone and E-Plus networks. What made matters worse was that they did not have to use cumbersome equipment (they used a reflashed Motorola C-123 phone) or expensive software (they only used publicly available freeware). Even in this case, they managed to capture data in the radius of 5 km.
The details of this technique have not been published yet to avoid damage to the clients of cell phone companies. The research group believes that it’s high time that mobile operators did their homework and configured their GPRS gateways and checked all cryptographic systems, as the methodology they followed will be made public shortly.
However, Russian operators were quick to react: according to “The Big Three” (Beeline, Megafon, MTS), they don’t see how this could jeopardize their clients’ security and suggest using better-protected technologies, such as 3G.

Data mining (deep data analysis) — a collective term used for a set of methods for detecting previously unknown, unusual, interpretable and practically useful knowledge in arrays of data that can be used for making decisions in various fields of human activities.

It’s common knowledge that complete privacy in today’s world is a utopian concept: our names appear in different kinds of lists and reports on a daily basis. We pay for goods and services with credit cards, use mobile phones, buy tickets… And when it comes to the Internet, we leave a colossal number of tracks: from the addresses of visited pages to search engine queries – everything can be intercepted, logged and stored in a single database.

The primary purpose of data mining lies in the analysis of huge amounts of data in such databases (involving special analytical patterns).

For instance, there is nothing suspicious about money being transferred from one account to another. Or about somebody buying a plane ticket to a large city. Or buying a large shipment of fertilizers. Or, let’s say, buying a kitchen timer or several cheap mobile phones from an online store. However, if all of these purchases were made by a single person, the local anti-terror force should definitely take a closer look.

It would seem that combining so many heterogeneous pieces of information is an immensely complex task. However, such a system is absolutely possible and may have been in operation for some time now.

The Total Information Awareness program was developed by the Pentagon from 2002 through 2003 and was aimed at detecting suspicious behavioral patterns. Following a number of public protests, it was renamed to Terrorism Information Awareness (TIA) and became nearly completely confidential. The report of the Department of Homeland Security mentions three active programs of this type. Similar solutions are being developed by other countries as well: China, the United Kingdom, Israel and Germany.

The legitimacy of such analysis is a matter of harsh public debate and none of the parties has been able to decide whether security is more important than privacy (or vice versa). And while the debate is in full swing, data collection and analysis are booming on the Internet – the Law hasn’t fully set foot on this land yet.

We did not announce any changes we made in our programs for a long time while we were releasing new versions. Therefore, today we decided to hold a slight review and recall everything.

One of the most important updates was the development of a module for protecting financial information. This is a special script that automatically searches for lines in the program’s logs that are similar to credit card numbers, and deletes them from the monitoring journal. Screenshots made at that moment are also deleted.

These protective mechanisms work only in cases when this is possible and do not guarantee protection in absolutely all cases. The script is gradually being improved to minimize false alarms and errors. It cannot be turned off since its very existence carries out legislative norms.

For the programs Employee Monitor and Terminal Monitor, due to many requests from the users, a feature was added of configuring log storage in a local or network folder specified by the user.

A lot of work was done to improve the support of the latest versions of internet browsers (Opera, Firefox).

There was an improvement to message monitoring in Facebook, the social network.

The Turkish and Polish languages were added to the program interface.

Not long ago, an Apple notebook owner (Josh Kaufman) had an unfortunate experience. His MacBook was stolen and the police were not interested in investigating. Usually, that would be the end of the story, but in this case something else happened.

Shortly before the robbery, the owner installed a program on his MacBook which secretly tracked the user. It took screen shots, photos from the inbuilt camera and even identified the probable location of the device by using the Wi-Fi network. The software regularly sent all this data to the owner’s email.

The owner of the stolen computer wrote a blog called “This Guy Has My MacBook” and began to publish the screenshots and photographs in the hope of identifying the thief or of getting the police more interested. Fortunately, the thief didn’t wipe the disk or sell the laptop, but kept and used it himself. As a result Kaufman quickly collected a lot of photographs of the thief sleeping, sitting at the computer, driving his car, etc.

A few days later the police arrested the criminal and returned the stolen property to its owner. According to the police, they were able to make the arrest thanks to the photographs provided by Kaufman.

This story has caused a lot of discussion among MacBook owners. Many of them have asked Apple to add an app similar to the already existing services Find My iPhone and Find My iPad for iOS to the next MacOS version.

A scandal ignited on the web today as it turned out that Ant Video Downloader and Player, a Firefox and Internet Explorer plugin for downloading videos, spied on its users.

The plugin does its job really well — until today, it had a 5 out of 5 rating and the number of daily installations reached 7000. Its spy part was also developed by professionals: URL’s of visited sites and other personal information (associated with a unique user identifier) are sent to an unknown address even in privacy mode or when using data encryption mechanisms like Tor.

With a database of 11 million users and their visited pages, hackers can easily identify people and make their life a lot harder — just with this information at hand. It’s not yet known exactly what information was stolen and how it will be used.

Such activity of the plugin was detected by security experts on May 10th, but the plugin is still available for installation in Firefox and Internet Explorer. Unfortunately, there is no efficient way of blocking such spyware and its activities at the moment.

Business owners and managers across the world are steadily growing aware of the necessity of high-quality monitoring of their employees, both for reasons of information security and employee performance. And as the saying goes, demand creates offer.

Engineers from Sony (Japan) и Anybots (USA) found their own solutions for this problem. They suggested using remotely controlled robots for simulating the presence of a manager in an office.

Sony developed a device called Telepresence Balloon — a relatively small airship type device around 3 feet wide that floats through open office spaces using small propellers. The user can control it remotely by watching live webcam streams, while the user’s face is projected onto the surface of the balloon. It probably look somewhat creepy, but it should also produce the desired effect (at least to a certain extent).

Anybots presented a less conceptual and a less frightening product — their robot uses wheels to move around the office and resembles WALL-E, a popular cartoon character, yet with a longer neck. Due to its design, it has one serious weakness — stairs.

Symantec (a leading information security software development company) is warning that one of the most popular networks in the world, Facebook.com, may have been leaking personal information for several years.

Experts believe that advertisers on the social network obtained information not only on customer profiles but also pages containing photo albums and personal correspondence. Moreover, they have the ability to post fake messages.

The social network’s applications also have a problem with personal information security. Experts believe that leaks are possible from over 100 thousand applications.

Facebook management have been informed of these issues and are already taking steps to guarantee users’ security. However, there has so far been no comment from the company.

Pete Warden and Alasdair Allan, British IT experts, have found out that Apple phones and tablets equipped with a 3G module save users’ location details to a hidden file.

This information (similar to GPS logs in GPX or KML formats) is stored in a file called consolidated.db in an open form and is copied to the PC during synchronization or backup.

This function was found in all iOS versions starting from version 4. This way, anyone with access to another user’s PC or phone will also have access to a large database of fairly accurate data about the device owner’s physical locations since June 2010 (when iOS 4 was released).

Warden and Allan created a compact parser for Mac computers that allows users to project the coordinates collected by the device onto a map.

Relative inaccuracy or the logged coordinates proves that they are not collected using a built-in GPS receiver, but are calculated using the coordinates of base stations in GSM networks. Apple has not provided any comments on this situation.

A new wave of extortion viruses in the most popular social network in Russia, VKontakte, uses browser vulnerabilities as well as typical social engineering methods to distribute itself.

As “bait” the user is promised higher ratings in the social network or a certain amount of money in the network’s internal currency.

The user is directed to a phishing website which imitates the social network’s interface and asked to enter their password. The password is then stolen and used to send this offer to the user’s friends, while the user will receive an executable file which copies the contents of the operating system host file.

Then, when the user tries to enter almost any popular russian social network (Vkontakte, Odnoklassniki, Mail.ru), they land on the fraudster’s website, which asks them to send a paid SMS message.

The easiest way to remove such an infection is to manually clean the contents of the file “C:\WINDOWS\system32\drivers\etc\hosts” and check the computer drives with a good quality antivirus program.

The encryption algorithm used in Apple AirPlay was successfully hacked by American security experts. The AirPlay technology is used for broadcasting multimedia content to Apple’s mobile devices.

To date, the encryption key of this algorithm has been used for peaceful purposes only: it was used to enable broadcasting to non-Apple devices, including those based on Windows. The experts used an Apple AirPort Express Wi-Fi station to hack the algorithm.

Thanks to this hack already dubbed ShairPort, users can now stream music from their iTunes libraries to other Wi-Fi enabled computers and devices.