Turkish Forum English

Category: UK

Hackers steal SSL certificates for CIA, MI6, Mossad

Criminals acquired over 500 DigiNotar digital certificates; Mozilla and Google issue ‘death sentence’

By Gregg Keizer

Computerworld – The tally of digital certificates stolen from a Dutch company in July has exploded to more than 500, including ones for intelligence services like the CIA, the U.K.’s MI6 and Israel’s Mossad, a Mozilla developer said Sunday.

The confirmed count of fraudulently-issued SSL (secure socket layer) certificates now stands at 531, said Gervase Markham, a Mozilla developer who is part of the team that has been working to modify Firefox to blocks all sites signed with the purloined certificates.

Among the affected domains, said Markham, are those for the CIA, MI6, Mossad, Microsoft, Yahoo, Skype, Facebook, Twitter and Microsoft’s Windows Update service.

“Now that someone (presumably from Iran) has obtained a legit HTTPS cert for CIA.gov, I wonder if the US gov will pay attention to this mess,” Christopher Soghoian, a Washington D.C.-based researcher noted for his work on online privacy, said in a tweet Saturday.

Soghoian was referring to assumptions by many experts that Iranian hackers, perhaps supported by that country’s government, were behind the attack. Google has pointed fingers at Iran, saying that attacks using an ill-gotten certificate for google.com had targeted Iranian users.

All the certificates were issued by DigiNotar, a Dutch issuing firm that last week admitted its network had been hacked in July.

The company claimed that it had revoked all the fraudulent certificates, but then realized it had overlooked one that could be used to impersonate any Google service, including Gmail. DigiNotar went public only after users reported their findings to Google.

Criminals or governments could use the stolen certificates to conduct “man-in-the-middle” attacks, tricking users into thinking they were at a legitimate site when in fact their communications were being secretly intercepted.

Google and Mozilla said this weekend that they would permanently block all the digital certificates issued by DigiNotar, including those used by the Dutch government.

Their decisions come less than a week after Google, Mozilla and Microsoft all revoked more than 200 SSL (secure socket layer) certificates for use in their browsers, but left untouched hundreds more, many of which were used by the Dutch government to secure its websites.

“Based on the findings and decision of the Dutch government, as well as conversations with other browser makers, we have decided to reject all of the Certificate Authorities operated by DigiNotar,” Heather Adkins, an information security manager for Google, said in a Saturday blog post.

Johnathan Nightingale, director of Firefox engineering, echoed that late on Friday.

“All DigiNotar certificates will be untrusted by Mozilla products,” said Nightingale, who also said that the Dutch government had reversed its position of last week — when it had asked browser makers to exempt its DigiNotar certificates.

“The Dutch government has since audited DigiNotar’s performance and rescinded this assessment,” Nightingale said. “This is not a temporary suspension, it is a complete removal from our trusted root program.”

On Saturday, Piet Hein Donner, the Netherlands’s Minister of the Interior, said the government could not guarantee the security of its websites because of the DigiNotar hack, and told citizens not to log into its sites until new certificates had been obtained from other sources.

The DigiNotar breach is being audited by Fox-IT, which told the Dutch government that it was likely certificates for its sites had been fraudulently acquired by hackers.

Several security researchers said the move by browser makers puts an end to DigiNotar’s certificate business.

“Effectively a death sentence for DigiNotar,” said Jeremiah Grossman, CTO of WhiteHat Security, in a Friday tweet.

Mozilla was scathing in its criticism of DigiNotar.

Nightingale ticked off the missteps that led Mozilla to permanently block all sites signed with the company’s certificates, including DigiNotar’s failure to notify browser vendors in July and its inability to tell how many certificates had been illegally obtained. “[And] the attack is not theoretical,” Nightingale added. “We have received multiple reports of these certificates being used in the wild.”

Markham went into greater detail on the hack and its ramifications. “It has now emerged that DigiNotar had not noticed the full extent of the compromise,” said Markham in a Saturday post to his personal blog. “The attackers had managed to hide the traces of the misissuance — perhaps by corrupting log files.”

Because the Google certificate that prompted DigiNotar to acknowledge the intrusion was obtained before most of the others, Markham speculated that there had actually been two separate attacks, perhaps by different groups.

“It is at least possible (but entirely speculative) that an initial competent attacker has had access to [DigiNotar’s] systems for an unknown amount of time, and a second attacker gained access more recently and their less-subtle, bull-in-a-china shop approach in issuing the [hundreds of] certificates triggered the alarms,” he said.

Last week, Helsinki-based antivirus company F-Secure said it had found signs that DigiNotar’s network had been compromised as early as May 2009.

Mozilla will update Firefox 6 and Firefox 3.6 on Tuesday to permanently block all DigiNotar-issued certificates, including those used by the Dutch government.

On Saturday Google updated Chrome to do the same.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg’s RSS feed . His e-mail address is gkeizer@computerworld.com.

www.computerworld.com, 4 September 2011

September 5, 2011
Full text of a CIA document indicating UK role in rendition of a terror suspect

We are aware that your service has been cooperating with the British to effect Abu Munthir’s removal to Tripoli’

“Our service has become aware that last weekend LIFG deputy Emir Abu Munthir and his spouse and children were being held in Hong Kong detention for immigration/passport violations. We are also aware that your service has been cooperating with the British to effect Abu Munthir’s removal to Tripoli, and that you had an aircraft available for this purpose in the Maldives.

Our understanding is that the Hong Kong special wing (SW) originally denied permission for your aircraft to land in Hong Kong to enable you to assume control of Abu Munthir and his family. However, we believe that the reason for the refusal was based on international concerns over having a Libyan-registered aircraft land in Hong Kong. Accordingly, if your government were to charter a foreign aircraft from a third country, the Hong Kong government may be able to coordinate with you to render Abu Munthir and his family into your custody.

If payment of a charter aircraft is an issue, our service would be willing to assist financially to help underwrite those costs. Please be advised that if we pursue that option, we must have assurances from your government that Abu Munthir and his family will be treated humanely and that his human rights will be respected; we must receive such assurances prior to any assistance being provided.

For your information, the Hong Kong special administrative region is governed by a variety of legal constraints regarding deportation and custody of aliens. Accordingly, we believe that you will need to provide significant detail on Abu Munthir (eg, his terrorist/criminal acts, why he is wanted, perhaps proof of citizenship). It is also our understanding that Hong Kong officials have insisted that prior to turning Abu Munthir over to your custody, they must receive clear assurances from your government that Abu Munthir and his family will be treated humanely and in accordance with human rights.”

guardian.co.uk, 4 September 2011

September 5, 2011
BBC plan film on Tory links of vice girl in George Osborne ‘cocaine’ pictures

By SIMON WALTERS and STEPHEN MOYES

The BBC has had talks with a self-confessed prostitute and drug user who was pictured posing with George Osborne in front of an alleged line of cocaine.

A member of the flagship Panorama investigative team met Natalie Rowe, 47, with a view to making a film about her links with the Chancellor and former Downing Street spin doctor Andy Coulson.

The meeting was part of a new BBC probe into claims about phone hacking on the News of the World when Mr Coulson was editor.

Embarrassing: A young Osborne with Natalie Rowe in 1994 and, next to the yellow vase, the alleged line of cocaine

Ms Rowe, who is said to have specialised in sado-masochism, has had similar discussions with Australian TV station ABC and American magazine Vanity Fair.

The BBC was investigating Mr Osborne’s support for Mr Coulson’s successful bid to become David Cameron’s head of communications after he was forced to quit as News of the World editor over the phone-hacking scandal. Mr Coulson’s paper published a strong denial by Mr Osborne of allegations that he had taken drugs with Ms Rowe.

Subsequently, Mr Osborne was instrumental in persuading Mr Cameron to recruit Mr Coulson as his spin doctor.

Ms Rowe is suing the News of the World after being told by police that her phone was hacked by the paper when claims were made of drug-taking by senior Conservatives. Mr Osborne has been told by police that his phone was also targeted by the News of the World as part of its investigation into his links with Ms Rowe.

Well-placed sources say Ms Rowe, who is represented by media lawyer Mark Lewis, is threatening to make explosive revelations about her former clients in the upper echelons of the Conservative Party.

Mr Osborne was severely embarrassed in 2005 by the publication of a picture of him as a 22 year-old Oxford student, smoking a cigarette with his arm draped around Ms Rowe. According to some claims, cocaine and rolled-up papers, allegedly for snorting the drug, could be seen in the picture taken at a party.

Mr Osborne confirmed he knew Ms Rowe, who ran an agency called Black Beauties supplying prostitutes to clients paying from £350 an hour.

He said he came into contact with her through a friend who had a relationship with her and went on to become a drug addict.

But he strenuously denied that he took cocaine with her, saying the allegations were ‘defamatory and completely untrue’.

A BBC spokesman said: ‘Panorama is continuing to look into the phone-hacking story and we have been pursuing a number of lines of inquiry, of which this was one element. However, there are no immediate plans for a programme.’

A spokesman for Ms Rowe said: ‘She declines to comment.’

www.dailymail.co.uk, 4 September 2011

September 4, 2011
BP sued by Halliburton over Gulf oil disaster

About five million barrels of oil spilled into the Gulf of Mexico

US energy services giant Halliburton is suing BP for defamation and negligent misrepresentation over the disastrous 2010 oil spill in the Gulf of Mexico.

Halliburton claims BP gave inaccurate information to the US company before it did work lining the well with cement.

An official inquiry found that faulty cementing contributed to the disaster, which killed 11 oil rig workers.

BP said it was aware of the lawsuit and, should it come to court, they would “vigorously contest the claims”.

The amount of damages Halliburton is seeking has not been disclosed.

‘Diverting attention’

Halliburton said in a statement that it has “filed claims against BP in Texas state court for negligent misrepresentation, business disparagement and defamation” related to the Deepwater Horizon disaster.

“Halliburton has learned that BP provided Halliburton inaccurate information about the actual location of hydrocarbon zones in the well.

“The actual location of the hydrocarbon zones is critical information required prior to performing cementing services and is necessary to achieve desired cement placement,” Halliburton said.

“Halliburton remains confident that all the work it performed… was completed in accordance with BP’s specifications for its well construction plan and instructions, and that Halliburton is fully indemnified under the contract,” the company said.

But BP said: “We believe this lawsuit is the latest attempt by Halliburton to divert attention from its role in the Deepwater Horizon tragedy and its failure to meet its responsibilities, and to deflect all blame to BP.

“Investigations published so far have concluded that multiple parties contributed to the incident, including Halliburton.

“We have accepted responsibility for our role in the disaster, and are paying costs and compensation. In contrast Halliburton has refused to take any responsibility or accountability at all.”

Some 4.9 million barrels of oil had gushed out of the runaway underwater well before the leak was capped, causing severe environmental damage in the Gulf of Mexico.

www.bbc.co.uk, 2 September 2011

September 4, 2011
MI5 former chief decries ‘war on terror’

Lady Eliza Manningham-Buller uses BBC lecture to criticise ‘unhelpful’ term, attack Iraq invasion and suggest al-Qaida talks

Richard Norton-Taylor

MI5's former director general Lady Eliza Manningham-Buller during her 2011 BBC Reith lecture. Photograph: Jeff Overs/BBC/PA

Lady Eliza Manningham-Buller, the former head of MI5, delivered a withering attack on the invasion of Iraq, decried the term “war on terror”, and held out the prospect of talks with al-Qaida.

Recording her first BBC Reith lecture on the theme, Securing Freedom, she made clear she believed the UK and US governments had not sufficiently understood the resentment that had been building up among Arab people, which was only compounded by the war against Iraq.

Before an audience which included Theresa May, the home secretary, she also said the 9/11 attacks were “a crime, not an act of war”. “So I never felt it helpful to refer to a war on terror”.

Young Arabs, she said, had no opportunity to choose their own rulers. “For them an external enemy was a unifying way to address some of their frustrations.”They were also united by the plight of Palestinians, a view that the west was exploiting their oil and supporting dictators. “It was wrong to say all terrorists belonged to al-Qaida,” added Manningham-Buller.

Pursuing a theme which some in the audience may have been astounded to hear from a former boss of MI5, she said terrorist campaigns – she mentioned Northern Ireland as an example – could not be solved militarily. She described the invasion of Iraq as a “distraction in the pursuit of al-Qaida”. She added: “Saddam Hussein was a ruthless dictator but neither he nor his regime had anything to do with 9/11.” The invasion, she said, “provided an arena for jihad”, spurring on UK citizens to resort to terror.

September 11 was a “monstrous crime” but it needed a considered response, an appreciation of the causes and roots of terrorism, she said later in answers to questions. She said she hoped there were those – she implied in western governments – who were considering having “talks with al-Qaida”.

Some way must be found of approaching them, she suggested, though she said she did not know how, at the moment, that could be done.

Manningham-Buller, who retired in 2007, attacked the invasion of Iraq in an interview with the Guardian in 2009. However, she has never before expressed such antipathy towards the prevailing policies and rhetoric of the government which she had to endure when she was in office. The lecture is to be broadcast on Radio 4 on 6 September, and entitled Terror.

www.guardian.co.uk, 2 September 2011

September 4, 2011
Ex-MI5 chief admits Iraq was no threat

Paddy McGuffin, Home Affairs Reporter

Iraq posed no threat when Tony Blair led the country into war in 2003, Britain’s former top spy admitted at the weekend.

Former MI5 boss Dame Eliza Manningham-Buller made the comment in an interview with the Radio Times before the broadcast of a series of BBC lectures this week.

It is not the first time that the former MI5 chief has spoken out about the conflict.

In evidence to the Chilcot inquiry in 2010 she said she had warned senior government figures that the war had the potential to increase radicalism at home and abroad.

The invasion of Iraq “undoubtedly” increased the terrorist threat in Britain, she said.

In her most recent interview, she said: “Iraq did not present a threat to the UK.

“The service advised that it [the war] was likely to increase the domestic threat and that it was a distraction from the pursuit of al-Qaida.”

She added that it was “for others to decide” whether the war was a mistake.

“Intelligence isn’t complete without the full picture and the full picture is all about doubt. Otherwise, you go the way of George Bush.”

Stop the War Coalition convener Lindsey German said: “It may well be that, in advance of Chilcot, which is due to publish its findings in the autumn, various people are distancing themselves from the decision to go to war.

“I’m glad she has said what she has as it is a vindication of the anti-war campaign but the decision to go to war was a failure not just of Blair but the whole Establishment including the security services and Parliament itself.

“There was no serious attempt by any of them to stop Blair. The only attempt came from the streets.”

Elsewhere in the interview, Ms Manningham-Buller defended MI5 against suggestions that it could have prevented the July 7 bombings.

“In intelligence, you can know of someone, without knowing exactly what they are going to do.

“The next time there is an attack, the same could be true – though I hope it won’t be.”

Regarding the likelihood of further bombings in Britain in the future, she said: “I assume there will be. This isn’t a ‘war’ you win in a military sense, and you can’t anticipate everything.”

paddym@peoples-press.com

www.morningstaronline.co.uk, 28 August 2011

September 1, 2011