Week in tech: hacktivism, Slowloris, warrantless spying, and insecure keys
From encryption to darknets: As governments snoop, activists fight back: Governments around the world routinely track and monitor cell phones and Internet use. Activists—some funded by the US government—are fighting back with secure communications tools that can be had on the cheap.
High Orbits and Slowlorises: understanding the Anonymous attack tools : Putting the Low-Orbit Ion Cannon behind them to better protect themselves from being tracked down, members of Anonymous have put together a package of DDoS tools and security best practices that aims to make them more effective and less of a target for law enforcement.
Canada wants warrantless Internet spying, says critics support child porn: The Canadian government has introduced legislation that would force telecom providers to turn over Internet subscriber information without a warrant. Public safety minister Vic Toews says critics can "either stand with us or with the child pornographers."
Crypto shocker: four of every 1,000 public keys provide no security: Almost 27,000 certificates used to protect webmail, e-commerce, and other sensitive online services provide no cryptographic benefit due to a lack of randomness in the factors used to generate them. One of the mathematicians who made the discovery calls it "startling."
Tor's latest project helps Iran get back online despite new Internet censorship regime: Tor network connections, which people in Iran use to avoid Internet censorship, plummeted from 50,000 a day to nearly zero last week. But Iranians are getting back online, due in part to a new obfuscated bridge built by Tor.
Major Bitcoin exchange shuts down, blaming regulation and loss of funds: TradeHill, the world's second-largest Bitcoin exchange, shut down Monday, citing "increasing regulation." We talk to a legal expert about how money-laundering laws might apply to businesses that deal in Bitcoins.
Copyright enforcement and the Internet: we just haven't tried hard enough?: Is effective Internet copyright enforcement even possible? "We won't know," writes blogger Kevin Drum, "until we try." But Congress has been "trying" for two decades, with ever-larger costs to consumers and taxpayers.
Breaches galore as Cryptome hacked to infect visitors with malware: A hack that caused the information repository to attack its visitors is one of at least six breaches reported to hit high-profile sites and services. Other victims include Microsoft, Dutch ISP KPN, Ticketmaster and websites belonging to Mexico and the state of Alabama.
Police: download a file, go to jail for 10 years and pay an "unlimited" fine: The UK's Serious Organized Crime Agency (SOCA) spent Valentine's Day busting up a music download site and monitoring the world's reaction on Twitter, while threatening all site visitors with the possibility of massive fines and a decade in jail.
Nortel Networks hackers had "access to everything" for years: The once-thriving telecom firm, a maker of switches and other gear that runs much of the internet, did little to close the breach other than to change seven compromised passwords belonging to its CEO and other executives, The Wall Street Journal reports.