Tony Naggs | 1 Jun 12:39 2012

Re: Data collection in government

There are companies offering tools & services for managing corporate mobile phones, logging such things as phone calls & text messages.

These records can then be used as input for billing (e.g. for technical, legal or medical advice) or retained for compliance purposes, e.g. logging a stock trader's contacts with clients.


On 31 May 2012 16:25, Ian Batten <igb <at> batten.eu.org> wrote:
Does any know what the source is for the logged copies of all the text messages between Jeremy Hunt and assorted members of his circle?  Is the government logging all text messages from ministers, Spads and so on?

ian



John Wilson | 1 Jun 18:44 2012
Picon

Re: Data collection in government

Apparently the texts were still on Hunt's phone
http://www.guardian.co.uk/media/2012/jun/01/jeremy-hunt-texts-leveson

John Wilson

Chris Salter | 1 Jun 20:31 2012

President Obama Ordered Stuxnet and More Attacks on Iran (June 1, 2012)

  --President Obama Ordered Stuxnet and More Attacks on Iran (June 1, 2012)

(By Gautham Nagesh, CQ Executive Briefing on Technology)

The New York Times has a bombshell this morning: President Obama began
ordering cyberattacks on Iran within days of taking office. The story,
which is a must-read, finally confirms what many cybersecurity experts
have suspected: the Stuxnet worm, which disabled industrial equipment
in Iran and Europe, was originally designed by Israel and the U.S. to
slow down Iran's nuclear enrichment plant. The virus' escape from Iran's
Natanz plant and subsequent discovery in Germany in 2010 was a mistake
that U.S. authorities blamed on Israel. Former CIA chief Michael Hayden
also acknowledged to the Times that Stuxnet is the first major
cyberattack intended to cause physical destruction (to Iranian
centrifuges). "Somebody crossed the Rubicon," he said.

The article includes a history of the classified cyberweapons program,
dubbed "Olympic Games," which began under President Bush, and includes
details of how President Obama decided that digital attacks were
preferable to a potential military conflict between Iran and Israel. But
the bottom line is that President Obama (and his predecessor) ordered a
sophisticated campaign of cyberattacks against Iran's nuclear program,
and has either attacked or considered attacking networks in China,
Syria, and North Korea as well. The Obama administration previously
acknowledged that it might respond to cyberattacks with physical force,
but the report makes it clear that even as the U.S. was making those
threats, it was perpetrating cyberattacks on the very nations it accuses
of targeting its networks.

In doing so, the White House has seemingly opened a Pandora's box.
Administration officials have placed a greater emphasis on cybersecurity
and the threat to our nation's networks that any previous
administration, doubtless because they had first-hand knowledge of just
how much damage sophisticated cyberattacks are capable of causing. Those
officials might have also feared reprisals from nations that were
targeted by Stuxnet and other digital attacks from the U.S. The
revelation also sheds some light on the Pentagon's reluctance to outline
its cyberwarfare policies in detail, since doing so might have involved
disclosing to Congress that the U.S. already was fully engaged in online
battle.

Having taken such an aggressive stance on deploying Stuxnet, it will be
very difficult for the U.S. to keep casting itself as the innocent
victim of unprovoked attacks by countries looking to steal our economic
and military secrets. Today's report makes it clear that the White House
long ago decided to embrace digital warfare, and puts the onus squarely
back on the administration to clearly explain its rules of engagement
online. But the greatest impact may be internationally, where hostile
nations now have confirmation the U.S. could be targeting their
networks. If hackers in those countries weren't already attempting to
take down U.S. critical infrastructure, they probably are now.

http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?_r=1&pagewanted=all
or
http://preview.tinyurl.com/d9snhb9

The above is extracted from SANS NewsBites Vol. 14 Num. 44 (Newsletter) 
which also had the following preface:

FLASH: The New York Times reported this morning that President Obama
(and his predecessor) ordered a sophisticated campaign of cyberattacks
against Iran's nuclear program, and has either attacked or considered
attacking networks in China, Syria, and North Korea as well.  Because
the publication of this story is likely to herald substantive and
far-ranging changes in the way cybersecurity is managed in the US and
in many other countries, we have included an analysis by Gautham Nagesh.
Under normal circumstances, his thoughtful, in-depth analyses are
available only to paid subscribers to CQ Roll Call "Executive Briefing
on Technology."  This is an abnormal circumstance.  There is great value
in the security community understanding that the game has changed, and
what it means.

                                           Alan

PS Another very valuable piece of cybersecurity reporting will appear
on the front page of the Washington Post on Sunday or Monday and then
be discussed on National Public Radio (the Diane Rehm show) on Monday
morning.

+++++

Please feel free to share this [newsletter] with interested parties via 
email, but no posting is allowed on web sites. For a free subscription, 
(and for free posters) or to update a current subscription, visit
http://portal.sans.org/

--

-- 
Chris Salter
http://www.originalthinktank.org.uk/
http://www.post-polio.org.uk/

Adrian Midgley | 3 Jun 11:55 2012
Picon

Re: President Obama Ordered Stuxnet and More Attacks on Iran (June 1, 2012)

Should we regard Windows as the first shot in a cyberwar?

--

-- 
Adrian Midgley   http://www.defoam.net/

Chris Edwards | 6 Jun 17:32 2012

Re: Data collection in government

On Thu, 31 May 2012, Ian Batten wrote:

> Does any know what the source is for the logged copies of all the text 
> messages between Jeremy Hunt and assorted members of his circle? 

Sort-of related:

 http://amberhawk.typepad.com/amberhawk/2012/06/do-all-conservative-ministers-use-personal-emails-and-texts-to-avoid-foia.html

Martin Hepworth | 14 Jun 10:14 2012
Picon

latest plans to monitor internet use in the UK

http://www.bbc.co.uk/news/uk-politics-18434112

Currently the "How it would work" seems to be 404-ing..

Also on Radio 4 Today Program interview with Home Secretary and David Davies just after 7.30am News in case you missed it.

Interesting was quoted as saying 500,000 such requests where made in 2010 for fixed and mobile phone data, but no mention of that how much of that 500,000 lead to prosecutions.


http://www.guardian.co.uk/world/2012/jun/13/online-privacy-legislation-internet-phone-data

saying Home Office will pay for the equipment at ISPs, but can't see anything as to who will control the equipment.

Still lots of privacy concerns about lack of court issued warrants from many people though


 
--
Martin Hepworth, CISSP
Oxford, UK
Marcus Williamson | 14 Jun 10:20 2012

Re: latest plans to monitor internet use in the UK


On Thu, 14 Jun 2012 09:14:51 +0100, you wrote:

>Currently the "How it would work" seems to be 404-ing..

Here's the link:
http://www.bbc.co.uk/news/uk-18434232

Roland Perry | 14 Jun 13:53 2012

Re: latest plans to monitor internet use in the UK

In article

<CAGDKor+Mgr=p+9Zk6YsDb7ULnFuo2v6188CGoyOWiJ5Y57AMZg@...>, 
Martin Hepworth <maxsec@...> writes
>Interesting was quoted as saying 500,000 such requests where made in 
>2010 for fixed and mobile phone data, but no mention of that how much 
>of that 500,000 lead to prosecutions

Most of those are reverse-DQ, and each investigation might involve 
hundreds of them. So I think we need a more sophisticated metric 
regarding the "hit rate", and specifically concentrate on the minority 
of requests which aren't reverse-DQ.
--

-- 
Roland Perry

Tom Thomson | 14 Jun 14:33 2012
Picon

RE: latest plans to monitor internet use in the UK

The met commissioner says this will help them conduct a war on crime, but I suspect he means a war on civil liberties.

> On Thu, 14 June 2012 09:21, Marcus Williamson wrote:
> 
> >Currently the "How it would work" seems to be 404-ing..
> 
> Here's the link:
> http://www.bbc.co.uk/news/uk-18434232

Ian Batten | 15 Jun 10:01 2012

Re: latest plans to monitor internet use in the UK


On 14 Jun 2012, at 09:14, Martin Hepworth wrote:

Still lots of privacy concerns about lack of court issued warrants from many people though

Draft legislation here:


ian

Gmane