The Firesheep plug-in was developed by security researchers to highlight how insecure public Wi-Fi networks can be. Mission accomplished. Unfortunately, the tool works quite well, and its public availability now places a relatively powerful snooping tool that requires virtually no hacking skills or exceptional tech knowledge in the hands of anyone.
Another Firefox plug-in called Blacksheep was developed as a Firesheep alarm. It won’t secure your wireless data, and it won’t prevent your information from being snooped by Firesheep per se, but it will alert you when Firesheep is in use on the network you’re connected to so that you’re aware.
Bottom line, wireless networks are not as secure as their wired counterparts, and Wi-Fi hotspots open to the general public are even less secure. If your laptop can connect to a wireless router 100 feet away, then so can any other device in a 100-foot radius of that wireless router–which is why the router should have encryption enabled and require a password of some sort to gain access.
The issue is mainly a function of public Wi-Fi hotspots which generally have a completely open, and unencrypted wireless network available for patrons to join. In some cases, such as hotels, the Wi-Fi may actually use a password to prevent abuse by users who aren’t actually staying at the hotel, but those are only slightly more secure because the password is shared with everyone who stays there, and is rarely changed so acquiring it is a trivial matter.
Chet Wisniewski, a senior security advisor with Sophos, implored establishments such as Starbucks and McDonald’s to improve security by adopting an encrypted network with a default shared password. The sentiment is admirable, and the solution offered would provide better protection than no encryption at all–and prevent snooping by the current version of Firesheep–but, in the grand scheme it’s not much better.
A comment on the Sophos blog explains, “I’m not really sure “free” as password is a great idea, since a password in WPA2 is nothing but a pre-shared secret, which in turn is then used to create a unique key. The problem is, when everyone uses the same password, everyone will end up with the same key, which will be in intended use client and access point, but if someone else knows the password he will be able to come up with the same key,”
The commenter concludes with, “You might say now it’s better to have some encryption instead of none, but I think that’s even more dangerous, because people now will actually think they are secure, and will therefore feel at ease to do more dangerous stuff, while a black hat will actually have just little more inconvenience to decrypt it first based on the password he knows. In fact, a black hat might even be more attracted to such hot spots because he knows people feel more at ease to do dangerous things there.”
Public hotspots are convenient. It is nice to be able to kick back and surf the Web while sipping a pumpkin spice latte at Starbucks. Just realize that the Wi-Fi is insecure and limit your activities. Go ahead and read the headlines at CNN.com, but don’t check your bank balance, or do anything else that requires entering a username, password, or account number.
If you want or need to do more sensitive tasks over the public Wi-Fi, use a VPN connection of some sort so that there is an encrypted tunnel between your laptop or tablet and the destination you are connecting to.
They could put your mind at ease – or do very much the opposite.
A new arms race is on and it could change everything from the way we parent to how we get our celebrity gossip.
For the technology currently being used by the CIA to ferret out terrorist leaders in the hills of Pakistan is set to arrive in a neighbourhood near you – and there’s nowhere to hide.
Coming to a sky near you? A remote CCTV camera drone circles in the sky during a political rally in Britain last year. Drones are set to play a large part in the future of policing – but could they affect our personal lives also?
Personal drones – smaller, private versions of the infamous Predator – are the next hot technology for people looking to track celebrities, cheating lovers, or even wildlife.
And it could be a dream tool for the paparazzi, named after the Iralian for buzzing mosquitoes.
Now the metaphor is coming to life. Several personal drones are scheduled for completion next year.Â
A police constable in Liverpool tries out the force’s new remote-controlled UAV. Liverpool police have already used such drones to make at least one arrest
The officer can see from the drone’s perspective using a special pair of goggles
Already in the UK police are using drones to track thieves. In February, the Air
Robot was deployed by Merseyside police after officers lost an alleged car thief who had escaped on foot in thick fog.
Using the device’s on-board camera and thermal-imaging technology,
the operator was able to pick up the suspect through his body heat and
direct foot patrols to his location.
It led officers to a 16-year-old youth, who was hiding in
bushes alongside the Leeds-Liverpool canal, in Litherland, Merseyside.
The drone, which measures 3ft between the tips of its four
carbon fibre rotor blades, uses unmanned aerial vehicle (UAV)
technology originally designed for military reconnaissance.
The battery-powered device can have a range of cameras
attached to its main body, including CCTV surveillance or thermal
imaging cameras.
It is designed to hover almost silently above crime scenes and
send live footage to officers on the ground, but the unit can also
‘perch and stare’ from a solid platform, allowing the operator to
capture hours of footage from a hidden vantage point.
Merseyside Police is one of a handful of forces trying out the
devices which, at ÂŁ40,000 each, are far cheaper to use for small-scale
operations than a conventional helicopter.
They have been using the drones for two years, mainly to help
in search and rescue operations, to execute drug warrants and to crack
down on anti-social behaviour.
The Home Office is now exploring how the craft can be used to give back-up to police, ambulance and fire services.
A Predator drone like the ones used to hunt down terrorist leaders in Pakistan (file photo). The military must follow rules of engagement with such technology, but there are no such rules governing private use yet
Spy drones are considered the future of policing, although
critics have voiced concerns that they could be a worrying extension of
Big Brother Britain.
Last month arms manufacturer BAE Systems said it was adapting
military-style UAVs for a consortium of government agencies led by Kent
police. Documents showed the force hoped to begin using the drones in
time for the 2012 Olympics.
But they also indicated that the drones could eventually be
used to spy on the civilian population, by rooting out motorists
suspected of antisocial driving, for covert urban surveillance and to
monitor ‘waste management’ for local councils.
Similar concepts are already being developed in the U.S.
‘If the Israelis can use them to find terrorists, certainly a husband
is going to be able to track a wife who goes out at 11 o’clock at night
and follow her,’ New York divorce lawyer Raoul Felder told the Journal.
The technology is swiftly moving beyond military and even police circles – already unmanned aircraft that can fly predetermined routes cost just a few hundred dollars and can be operated by an iPhone.Â
Massachusetts Institute of Technology professor and former Navy fighter
pilot Missy Cummings is working to develop a ‘Personal Sentry’ drone about the size of a pizza box that warns soldiers if danger is approaching from behind.
But, she said, ‘that military stuff is kind of passe’.
‘It doesn’t take a rocket scientist from MIT to tell you if we can do it for a soldier in the field, we can do it for anybody.’
She told the Wall Street Journal that she could use such technology to follow her young child on the way to school by planting an electronic bug in her lunch box or backpack.
‘It would bring a whole new meaning to the term hover parent,’ she said.
The FAA has not approved the use of personal drones just yet. But a spokesman said the agency is working with private industry on standards that could allow the broader use of drones.Â
Grey areas already exist, however – particularly with the recreational use of drones.
There are no regulations governing recreational drone use. Instead the FAA recommends – emphasis on ‘recommends’ – such drones be flown away from populated areas, from aeroplanes, below a certain altitude and so on.
And if people claim their drones are for personal use, that could theoretically get around many FAA regulations.
So while the military has to follow rules of engagement regarding drone use, there is – as yet – no similar set of rules regarding privacy for domestic use of drones.
‘If everybody had enough money to buy one of these things, we could
all be wandering around with little networks of vehicles flying over our
heads spying on us,’ Ms Cummings said.
‘It really opens up a whole new
Pandora’s Box of: What does it mean to have privacy?’
TORONTO – An electronic bug burrowed deep inside a laundromat in Italy, part of the largest strike yet against the Calabrian ‘ndrangheta, overheard something that stunned police.
A Calabrian crime cell is operating in isolated Thunder Bay in northern Ontario.
The surveillance device in the business owned by the Commisso clan in Siderno, Calabria, overheard Giuseppe Bruzzese, 64, a clan member from the lakehead group.
He was speaking with his ‘ndrangheta overlord about a dispute with a Toronto group, according to a report, Project Crimine, written by Italian magistrates.
The project shows how widespread the ‘ndrangheta is in Canada and that its network is capable of replacing the now weakened Rizzuto clan, which until recently was Mafia royalty.
The recent violence against the once-mighty Rizzuto crime family in Montreal is reverberating in the Toronto area where the Sicilians’ grip on the drug trade is being threatened.
The Calabrians have long been established in the Toronto area and coexisted with the Rizzutos.
But that may now all change.
The ‘ndrangheta is considered by Italian authorities to be more powerful, richer and better able to distribute drugs globally than any Mafia group.
On Thursday, police in Calabria seized the laundromat where Giuseppe “Master” Commisso allegedly operated his empire along with 140 condos and a commercial mall owned by his clan, considered by Italian authorities to be one of the richest in the world.
The seized properties are worth about $280 million, police said.
In July, Project Crimine netted more than 300 members and associates of the ‘ndrangheta.
Along with uncovering the Thunder Bay clan, the report also revealed six Calabrian mobs tied to Siderno that are based in the Toronto area.
The extensive report also identifies the leaders of the Toronto area clans as Vincenzo Tavernese, 44, of Thornhill, and Giuseppe Andriano, 62, of Vaughan; Antonio Coluccio, 41, of Richmond Hill; Cosimo Commisso; Angelino Figliomeni, 48, of Woodbridge, and his brother, Cosimo Figliomeni, of Vaughan; and Vincenzo DeMaria, 56, of Mississauga.
DeMaria, a convicted killer, was arrested in April 2009 for breaching parole and has since been released.
Tavernese was arrested in Italy in July while Coluccio who was wanted on arrest warrants in Italy disappeared.
But Coluccio’s lawyers appealed the warrants and a judge ruled there wasn’t enough evidence to file charges in Italy but he is wanted by Canadian immigration authorities.
The other men, named in the Italian report, aren’t wanted by Canadian police.
The report also looked at the organized crime group’s activities around the world, particularly in Canada, Germany, Switzerland and Australia.
Italian authorities say there are five forms of traditional organized crime in Italy, the Sicilian Mafia, the Calabrian ‘ndrangheta, the Neapolitan Camorra, the Sacra Corona Unita based in areas of Puglia in southern Italy and the Stidda, based in Sicily.
The ‘ndrangheta, derived from the Greek word “andrangetos” meaning a valiant and cunning man, has had a strong presence in the Toronto area for decades, and was dubbed the Siderno Group because most of the families came from the town of Siderno in Calabria.
Police discovered in 1968 the cells in Ontario were governed by a central board called the La Camera di Controllo.
The first board formed by Giacomo Luppino, of Hamilton, in 1962 consisted of Michele Racco, who died in 1980, Salvatore Triumbari who was murdered in 1967, Filippo Vendemini, murdered in 1969, Rocco Zito, Vincenzo Deleo and Cosimo Stalteri.
Authorities now believe the ‘ndrangheta has surpassed the Sicilian Mafia in power and its ability to distribute drugs – including cocaine – around the world.
Police say there are about 160 ‘ndrangheta cells with about 6,000 members in Italy, worth an estimated $61.2 billion in assets.
The ‘ndrangheta’s structure is different than the Mafia.
Its cells are based on family ties and don’t have rigid vertical lines of authority. Cell members don’t always know what other members are doing and the groups allow for freelancing.
The Italian report noted the existing strong ties between ‘ndrangheta cells in Canada and Italy.
“Even today the Commissos of Siderno – through their most illustrious member Giuseppe ‘Master’ Commisso – continues to influence the policy of all the ‘ndrangheta … to settle the criminal issues, even the most distant,” it said.
The criminal case of the alleged Goldman spy is off and running, and it’s shaping up to be a good one. The case seems likely to open a window into the mysterious world of high-frequency trading and to shed some light inside Wall Street’s most notorious powerhouse, Goldman Sachs. But the lawsuit might do something else, too: It could test legal limits related to trade secrets — and cause angst far from the trading world.
The man of the hour is the defendant, Sergey Aleynikov. Aleynikov was a programmer in Goldman’s high-frequency trading group and is accused of taking code in order to help a new employer compete with Goldman. He disputes this and has said he intended to take some code, but not anything secret – just open-source code. The open-source part of that is crucial.
When open-source code is involved, what can be defended as a trade secret? His argument is “going to make it harder for government to prove that what was taken was in fact proprietary to Goldman,” says Brent Cossrow of the Employee Defection and Trade Secrets Practice Group of law firm Fisher Phillips. That could roil the high-frequency trading world, a competitive and controversial business that is transforming the financial markets. Beyond that, any company that has open-source software sitting on its networks, integrated into its digital intellectual property, might have to circle the wagons and figure out what to do.
High-frequency trading relies on algorithms that exploit tiny price differences in the markets. Do that enough, fast enough, and it can lead to big profits. Algorithms that do best have essentially found a niche in the market, and their owners are secretive because they don’t want anyone else muscling in on their niche. The algorithm is the secret sauce.
Goldman purchased its original code in 1999 from Hull Trading, founded by Chicago trader Blair Hull, for $531 million. After that, Goldman presumably had the right to do what it wanted with the code. It could add to it, take away from it, and tinker with it at will. It brought on programmers to do that, including Aleynikov. Programmers are vital in this space, and they’re demanding high pay. After UBS reportedly came calling for Aleynikov, Goldman paid Aleynikov $400,000 a year.
But when programmers write new code to insert into existing code, that can take hours. So sometimes, instead, they use open-source alternatives available for free on the internet. Open-source software is meant to be shared. It’s used in many industries, but Wall Street’s programmers find it particularly useful. In trading, time is money, so speed is prized.
In this case, proprietary and open-source code come head to head. Around the time Aleynikov planned to take a new job, he uploaded some code. Goldman says he stole proprietary code that it and the government claims is a trade secret. But Aleynikov says that he only meant to take open source code, which by definition isn’t secret.
Cossrow says this argument raises several questions. How much of what Aleynikov downloaded was open source? How much of it was proprietary? Those questions are possible to answer — it requires looking at the code and at the metadata (data about data) underlying it. That could mean laying bare Goldman’s code, which would be something between a headache and nightmare for Goldman. The government wants the courtroom closed if that happens.
But there are more questions: as there are hundreds of open-source licenses, what were the terms of the open-source license or licenses associated with the code Aleynikov is accused of taking? And how did Aleynikov use the code in the broader software?
All that leads to the ultimate question: how much open source code, and of what quality, does it take to dilute a trade secret? As Cossrow explains, “if you bake the world’s best brownie, and the recipe is secret, the mere fact that you used water as an ingredient doesn’t mean the whole recipe is diluted.” However the courts haven’t gotten much more specific than that.
For lawyers like Cossrow, this case is turning into a big deal. There’s no telling where this argument could take Aleynikov, but if it works, it could turn out that Goldman’s alleged trade secrets aren’t really secret at all. That could blow up Goldman’s trading profits. It’s all very interesting stuff — and that was just the first day of trial.
Ottawa, Canada (CNN) — Scrupulously silent in public but colorfully candid in person, the former head of Canada’s spy agency didn’t hold back in a meeting with a senior U.S. State Department official in July 2008. It was a meeting that he had assumed would stay private and the content classified.
According to the cable marked “secret,” but now part of the WikiLeaks document dump, Jim Judd admits his spy agency, the Canadian Security Intelligence Service, or CSIS, was “increasingly distracted from its mission by legal challenges that could endanger foreign intelligence-sharing with Canadian agencies.”
According to the cable, he complains about Canadians having an “Alice in Wonderland’ world view and goes on to describe Canadian courts “whose judges have tied CSIS ‘in knots,’ making it ever more difficult to detect and prevent terror attacks in Canada and abroad.”
“The situation, he commented, left government security agencies on the defensive and losing public support for their effort to protect Canada and its allies,” the U.S. cable says.
A Canadian court had earlier that year agreed to release a videotaped interrogation of Guantanamo detainee Omar Khadr, who recently pleaded guilty to murder in a special military hearing at Guantanamo.
Of the video release, the cable states that Judd told the State Department that “a videotaped recording of a tearful Omar Khadr at the military prison at Guantanamo Bay would trigger “knee-jerk anti-Americanism” and “paroxysms of moral outrage, a Canadian specialty.”
Judd is now retired.
The formerly secret WikiLeaks cable has sent Canada into damage control. Canadian Foreign Affairs Minister Lawrence Cannon said at a press conference Monday that “these leaked documents that pertain to Canada are in my view … not something that will harm our relations. I do find it deplorable, though, that documents are leaked in this fashion”
U.S. Secretary of State Hilary Clinton contacted Cannon over the weekend to brief him on the Canadian disclosures in the WikiLeaks documents. WikiLeaks says it has more than 2,000 documents that pertain to Canada, most of which have not yet been released.
Intriguingly, this cable from July 2008 refers to Canada’s spy agency agreeing to open a channel to Iran’s Intelligence service, but added that it was something Judd has not yet “figured out.”
Also in the cable is a reference to Judd saying his spy agency “responded to recent, non-specific intelligence on possible terror operations by ‘vigorously harassing’ known Hezbollah members in Canada.”
Another Firefox plug-in called Blacksheep was developed as a Firesheep alarm. It won’t secure your wireless data, and it won’t prevent your information from being snooped by Firesheep per se, but it will alert you when Firesheep is in use on the network you’re connected to so that you’re aware.
