EU privacy body wants changes to Google Street View
February 26, 2010
Source: REUTERS

BRUSSELS: EU data protection authorities have urged US Internet search giant Google to shorten the period it stores images from its controversial Street View web service because of privacy concerns. Launched in San Francisco in 2007, Street View allows users to navigate around a 360-degree view of city streets, buildings, traffic and people, using pictures taken by Google's camera vehicles.

Now available in many countries, critics of the service accuse Google of failing to obscure sensitive images and setting its cameras in a way that allows them to peer over fences, hedges and walls into private property. Google, which now keeps the images for a year should halve this period, privacy authorities wrote in a letter to the company's global counsel, Peter Fleischer.

"The Working Party believes that a maximum retention of six months for the unblurred copies of the images would strike the right balance between the protection of privacy and the ability to eliminate false positives," the letter, which has a Feb. 11 dateline, said.

The Working Party, which is made up of privacy supervisors from European Union countries, advises the European Commission on data protection rules. European Justice Commissioner Viviane Reding said she would monitor data protection issues closely. "In Europe, we have high standards for data protection. I expect that all companies play according to the rules of the game," she said in a statement.

Microsoft uses law to cripple hacker spam network
February 26, 2010
Source: ET AGENCIES

SAN FRANCISCO: Microsoft on Thursday said it combined technology with an "extraordinary" legal maneuver to cripple a massive network of hacked computers that had been flooding the Internet with spam.

The software titan's Digital Crime Unit got clearance from a US judge to virtually sever the cyber criminals' command computers from hundreds of thousands of machines worldwide infected with a Waledac virus.

"We decided the best tactic would be to literally build a wall between the bot-herder, the command computer, and all of the other computers -- effectively cutting the umbilical cord," said Microsoft attorney Richard Boscovich.

Microsoft got a US judge to grant an ex parte temporary restraining order that let the firm erect the cyber blockade without warning bot-herders, masters of the "botnet."

"It was of crucial importance that when we went out to sever the connection between the bot herder and the bots, that severing had to be done without him knowing," said Boscovich, who works in the digital crime unit.

Microsoft drafted a complaint that made a case to the court that the damage to computer owners worldwide, and to the software firm, was major enough to warrant "this rather extraordinary order," Boscovich said.

The mission to take down one of the ten largest botnets in the United States was referred to internally at Microsoft as "Operation b49."

Waledac is estimated to have infected hundreds of thousands of computers worldwide, letting its masters mine machines for information or secretly use them to fire off spam email.

Hackers typically infect computers with malicious codes by tricking owners into clicking on booby-trapped email messages or Internet links that plant viruses.

Bot-herders are then free to hire out botnets for nefarious tasks such as spewing spam or overwhelming legitimate websites with myriad simultaneously requests in what are known as distributed-denial-of-service attacks.

The Waledac botnet was believed to be capable of sending more than 1.5 billion spam email messages daily.

During a three week period in December, Waledac-infected machines sent approximately 651 million spam email messages to users of Microsoft's free Hotmail service, according to the software firm.

The spam included messages pitching online pharmacies, knock-off goods, and penny stocks.

"Three days into the effort, Operation b49 has effectively shut down connections to the vast majority of Waledac-infected computers, and our goal is to make that disruption permanent," a Microsoft lawyer said in a release.

"But the operation hasn't cleaned the infected computers and is not a silver bullet for undoing all the damage we believe Waledac has caused."

Computer users are advised to purge their machines of viruses and make sure their programs and security software are up to date.

US courts allow for hearings to decide whether temporary restraining orders should be made permanent, setting up an unlikely scenario in which bot-herders would argue for their right to reconnect with their machine minions.

China's military warns Washington, denies hacking
February 26, 2010
SOURCE: REUTERS

BEIJING: China's military warned the United States on Thursday to "speak and act cautiously" to avoid reigniting tensions between the two powers, denying the People's Liberation Army played a part in Internet hacking.

Huang Xueping, spokesman for the Chinese Ministry of Defence, said his government would not reverse its decision to suspend "bilateral military plans" with Washington after it said in late January that it would sell $6.4 billion of arms to Taiwan, the self-ruled island Beijing claims as its own.

In January, the giant Internet search company Google Inc threatened to pull back from China after complaining of censorship and hacking attacks on it and other companies. Analysts said those attacks were sophisticated operations, possibly overseen or abetted by the Chinese military.

The hacking dispute has added to tensions with Washington over quarrels ranging from trade and the Chinese currency to a meeting last week between US President Barack Obama and exiled Tibetan leader the Dalai Lama, who China reviles as a "separatist" for demanding self-rule for his homeland.

Huang's remarks, reported by the official Xinhua news agency, shed no new light on how China plans to act on its threats to punish US companies involved in arms sales to Taiwan. But his comments indicated China has not entirely put aside public ire with Washington, despite allowing a US aircraft carrier to visit Hong Kong last week. "China demands that the US speak and act cautiously, to avoid causing further damage to relations between the two countries and their militaries," said Huang.

"Linking Internet hacking activities to the Chinese government and military is totally unfounded and utterly irresponsible," he said. "This is stirring up a fuss for ulterior motives." The Internet hacking dispute made fresh headlines recently after reports that the attacks had been traced to two schools in China, and that the writer of the spyware used had been identified as a Chinese cyber-security consultant. The prestigious Shanghai Jiaotong University and the previously little-known Lanxiang vocational college, a high-school level institution, have both denied any role.