Mikko H. Hypponen of F-Secure publishes an email he claims is from a scientist with the Atomic Energy Organization of Iran (or AEOI), which details a new "cyber attack" wave against Iranian nuclear systems.
Mikko can't validate the email or the tale therein, and neither can we, but if it's true? Heh.
* The 'shoop above is mine, not the hackers'. Read the rest
Iranian President Mahmoud Ahmadinejad inspects centrifuges at a uranium enrichment plant.
Reporting for the New York Times, David Sanger confirms what internet security researchers suspected all along: Stuxnet, the worm that targeted computers in Iran's central nuclear enrichment facilities, was a US/Israeli project and part of an expanded effort at cyberweaponry by the Obama administration. Read the rest
A finance technology manager named Khosrow Zarefarid discovered a critical flaw in Iran's online banking systems. He extracted 1,000 account details (including card numbers and PINs) and emailed them to the CEOs of 22 Iranian banks along with detailed information about the vulnerability. A year later, nothing had been done. Zarefarid extracted 3 million accounts' details from the bank's systems and posted them to ircard.blogspot.ca. Many Iranian banks have now frozen their customers' accounts and are only allowing PIN-change transactions at ATMs. Some banks have texted their customers to warn them of the breach. The Central Bank of Iran has published an official notice of the breach, but the notice does not say that the underlying vulnerability has been fixed, or even whether it is being addressed. Zarefarid is said to have left Iran, though his whereabouts are not known, at least to Emil Protalinski, who wrote about the breach for ZDNet:
Read the rest
It does not appear as if Zarefarid stole money from the accounts; he merely dumped the account details of around 3 million individuals, including card numbers and PINs, on his blog: ircard.blogspot.ca. I found the link via his Facebook account, along with the question “Is your bank card between thease 3000000 cards?”
...Zarefarid previously worked as a manager at a company called Eniak, which operates the Shetab (Interbank Information Transfer Network) system, an electronic banking clearance and automated payments system used in Iran. The company also manufactures and installs point of sale (POS) devices. In other words, Zarefarid worked for a firm that offered services to Iranian banks for accepting electronic payments.
Iran's governing elite have been making noises for years now about the construction of a "Halal Internet," a kind of national intranet with its own email service, microblogging, search tools, etc. Now a leaked Persian-language "Request for Information" from the Research Institute for ICT in Tehran, which consults on technology for Iran's Ministry of ICT suggests that the plan has evolved into a more ambitious version of the existing national censorship regime. In Ars Technica, Cyrus Farivar analyzes the proposal:
Collin Anderson, the researcher who found the document, said this RFI shows an unexpected shortcoming of the Iranian government to capitalize on its own domestic ability and recent deals with Chinese telecom companies such as Huawei and ZTE.
Huawai said late last year it was pulling out of Iran. ZTE, meanwhile, has previously sold millions of dollars of telecom and surveillance equipment to the Islamic Republic.
"I believe this clearly demonstrates that the Iranian government does not intend on cutting off access to the external Internet time soon," Anderson told Ars on Tuesday, explaining that the acquisition of a censorship system would not be necessary if Iran was trying to create a highly restricted whitelist or completely cut itself off from the Internet.
"This might suggest that the government has not been able to acquire the services of foreign companies for planning and optimizing an infrastructure," he added.
"This is surprising for those, including me, who believe that much of the censorship software and hardware was being developed internally. The RFI seems to imply the desire to move beyond blacklisting sites and keywords, to a more intelligent system of detecting and blocking ‘immoral’ content, such as pornographic or culturally offensive material."
PHOTO: Technicians monitor data flow in the control room of an internet service provider in Tehran February 15, 2011. REUTERS/Caren Firouz
There's an AFP item today on Iran's denial of online reports that it plans to shut off access to the Internet this August, replacing that access with a "national intranet." Snip:
The reports derived from a supposed interview with Communications Minister Reza Taghipour published on April 1 that was in fact a hoax, the ministry said in the statement on its own site www.ict.gov.ir -- which itself was not accessible outside of Iran. “The report is in no way confirmed by the ministry” and is “completely baseless,” the ministry statement said.
The hoax report quoted Taghipour saying that Iran would from August launch a “clean internet” that would block popular services like Google and Hotmail and replace them with government-sponsored search engines and e-mail services. The ministry statement slammed the false report as serving “the propaganda wing of the West and providing its hostile media with a pretext emanating from a baseless claim.”
At Hacker News, a user named "Sara70" posts:
I'm writing this to report the serious troubles we have regarding accessing Internet in Iran at the moment. Since Thursday Iranian government has shutted down the https protocol which has caused almost all google services (gmail, and google.com itself) to become inaccessible. Almost all websites that reply on Google APIs (like wolfram alpha) won't work. Accessing to any website that replies on https (just imaging how many websites use this protocol, from Arch Wiki to bank websites). Also accessing many proxies is also impossible. There are almost no official reports on this and with many websites and my email accounts restricted I can just confirm this based on my own and friends experience. I have just found one report here. The reason for this horrible shutdown is that the Iranian regime celebrates 1979 Islamic revolution tomorrow.
Jake Appelbaum and the Tor Project folks confirm that Iran is partially blocking encrypted network traffic, and they are trying to help ensure free and safe access for activists (and everyone else inside the country).
PHOTO: Iranian schoolgirls chat online at an internet cafe which is exclusively for females, near the city of Karaj, 60km (38 miles) west of Tehran, May 24, 2007. REUTERS. Read the rest
Dominic Girard from the Canadian Broadcasting Corporation sez,
It's one thing for Iran to arrest an American and sentence him to death for being a spy. It's a whole other thing when you say the spy made video games as propaganda for the CIA. Yet that's precisely one of the charges Iranian-American Amir Hekmati confessed to on Iranian television in December. (Let's remember that Iran routinely accuses foreigners of being spies, and there's no way of knowing exactly what methods were used to get Hekmati to read out his confession).
Hekmati did once worked with Kuma Games - a New York based game developer. Iran believes Kuma Games are CIA propagandists, that the company makes video games to disseminate a pro-USA message internationally. Some of Kuma Games' offerings are playable scenarios of real-world events. You can be a rebel trying to track down Gadhafi in Libya. You can join Team Six and kill Osama bin Laden. You can also be a soldier inserted in Iran, trying to sabotage their nuclear weapons program. But does that necessarily mean they're a CIA front? This short CBC Radio documentary tries to sort out if the CIA would ever consider such an idea, and if it would even be worth the effort.
A soldier carries ammunition on a naval ship during the Velayat-90 war game on Sea of Oman near the Strait of Hormuz in southern Iran December 31, 2011. Iran test-fired a new medium-range missile, designed to evade radars, on Sunday during the last days of its naval drill in the Gulf, the official IRNA news agency quoted a military official as saying. (REUTERS/Fars News/Hamed Jafarnejad - IRAN) Read the rest
RanTek, a Danish company, is reportedly supplying Iran with censor/spyware technology, which was part of a larger effort that was used to identify a dissident journalist who was arrested and tortured.
Eksperter: Dansk firma hjælper med iransk overvågning (Danish)
Until he was arrested, he worked for Mehr, the official Iranian news agency. He received information from all over the country about protests and demonstrations, information too controversial to be used in the news agent's official work. Instead he published it through other channels, e.g. Facebook. However, after the elections in June 2009, when people took to the streets in protest against Ahmadinejad's election victory, it was clear to the Iranians that the Internet is in no way safe.
Nearly 4000 people were arrested solely on the basis of monitoring of their private internet traffic«, says Farahani.
Now it seems that the Danish company RanTek helps the Iranian regime with the monitoring of the Iranian population. The day before Christmas the Bloomberg news agency reported that the Danish IT company re-packages and sells surveillance equipment to Iran. Ironically, the equipment originally comes from the Israeli manufacturer Allot Communications, which means that the Israelis through a Danish intermediary have helped their mortal enemies.
(Thanks, Henrik!) Read the rest
Zahra's Paradise, a new book from FirstSecond, collects in one volume the serialized (and brilliant) webcomic, written by two pseudonymous Iranian dissidents. It's the gripping story of a Medhi, a young man kidnapped by Iran's secret police during the election-season demonstrations of 2009, and it is a heart-rending tale of loss, hope, technology, revolution, politics, bravery and resilience. Told form the point of view of Medhi's blogger brother (who has previously been arrested for publishing political material), it features an in-the-round look at the power and limits of technology to effect revolution. Its cast includes bloggers, secret policemen, brave copy-shop/Internet cafe owners, influence peddlers, disgraced bourgeois, broken prisoners and a family devastated by loss.
And while Zahra's Paradise is an informative (if fictionalized) account of the Iranian election uprising and a vivid condemnation of the stern, joyless Khomeniest version of Islam, it is also a fantastic story, a graphic novel that races to its conclusion. The webcomic was serialized in 12 languages (including Farsi and Arabic) and the print edition is available in a dozen countries from today.
Electronic Frontier Foundation staff technologist Peter Eckersley has a good, in-depth analysis of the revelation that Iranian hackers acquired fraudulent SSL certificates for Google, Yahoo, Mozilla and others by spoofing Comodo, a major Certificate Authority. CAs are companies that are allowed to sell cryptographically signed certificates that browsers use to verify their network connections; with these spoofed certs, the hackers could undetectably impersonate Yahoo and Google (allowing them to read mail even if it was being read over a secure connection), the Mozilla certificate would allow them to slip malicious spyware onto the computer of anyone installing a Firefox plugin.
It appears that the fraud was detected before any harm could be done, but Eckersley explains how close we came to a global security meltdown, and starts thinking about how we can prepare for a more successful attack in the future.
Most Certificate Authorities do good work. Some make mistakes occasionally,2 but that is normal in computer security. The real problem is a structural one: there are 1,500 CA certificates controlled by around 650 organizations,3 and every time you connect to an HTTPS webserver, or exchange email (POP/IMAP/SMTP) encrypted by TLS, you implicitly trust all of those certificate authorities!Read the rest
What we need is a robust way to cross-check the good work that CAs currently do, to provide defense in depth and ensure (1) that a private key-compromise failure at a major CA does not lead to an Internet-wide cryptography meltdown and (2) that our software does not need to trust all of the CAs, for everything, all of the time.
Iranian blogging pioneer temporarily released from prison Canadian/Iranian blogfather Hoder faces death penalty; will Canada ... GoDaddy blocks friends of jailed Iranian blogger "Hoder" from ... Iran: blogger Hossein "Hoder" Derakshan confirmed in prison ... Persian blogger Hoder on how to build a blogosphere - Boing Boing Hoder on Bam earthquake and Iran's goverment - Boing Boing Stuart Hughes' audio chat with Hoder about blogs + Iran - Boing Boing Search Engine video podcast: Free Hossein Derakhshan, even if he's ... Read the rest