State Blamed in LiveJournal Attack

LiveJournal Russia, the country's main platform for uncensored political discussion, recovered Tuesday from its biggest-ever hacker attack — which bloggers said could not have been staged without state resources.
The Cyrillic segment of the blogging service, which numbers 4 million Russian-language users, was first hit by a cyber attack last Wednesday.
Hackers used computers infected by malware, mostly in Asian and Eastern European countries, to flood the servers with requests, paralyzing them for seven hours. A second wave followed Monday, again rendering LiveJournal.com inaccessible in Russia.
Initial speculation suggested that the attacks had targeted individual bloggers, possibly Kremlin critics. Such incidents have taken place before. But LiveJournal management reported that the whole site had been targeted.
"The attack targeted dozens of top bloggers and communities" indiscriminately, said Ilya Dronov, development director with the site's owner, SUP.
"The reason for attack is more than clear in this case — someone wants LiveJournal to disappear as a platform," he said Tuesday in a post on his own LiveJournal blog, Igrick.
The hackers sought to leave the Russian blogosphere without a single stable platform to operate on, dispersing them to other social networks where "it's easier to fight individual users," Dronov wrote.
He stopped short of naming any names, predicting only that more attacks would follow. SUP will have to ship more powerful equipment to Russia to resist further attacks, Dronov said.
The company "doesn't exclude a lawsuit option," Svetlana Ivannikov, head of LiveJournal Russia, said late Monday in a statement. But she also identified no suspects.
Bloggers, however, minced no words, naming the Kremlin as the only power capable of staging such a large attack.
Anton Nosik, a prominent LiveJournal blogger and former director of SUP, wrote on Snob.ru that massive attacks require considerable administrative and "financial support."
He admitted that it was hard to estimate the attack's cost, but said the pro-Kremlin Nashi movement might be behind it because it was in the past accused — though not convicted — of hacking the blogs of opposition activists and of a cyber attack on the Estonian government's site.
Alexei Navalny, a popular blogger and anti-corruption activist, said the attacks were a start for the Kremlin's "counter-propaganda plan" ahead of the upcoming State Duma vote and presidential race.
The Kremlin has not commented on the accusations, while Nashi spokeswoman Kristina Potupchik said by telephone Tuesday that they were "some person's groundless assumptions."

 http://www.themoscowtimes.com/news/article/state-blamed-in-livejournal-attack/434552.html

US domain seizures disable 84,000 websites

Thousands of legitimate websites were apparently accidentally taken offline last week, when the US Departments for Justice and Homeland Security seized the domains of websites allegedly hosting counterfeiting and child sexual abuse content (also reported here and here).
It appears that the DHS unknowingly targetted the dynamic DNS service afraid.org, which provides URLs for 84,000 websites under subdomains of mooo.com. As a result, thousands of innocent website owners found their homepages replaced with the following message:

The seizure of mooo.com was reversed last Sunday, but at the time of writing the DHS is yet to publically acknowledge its mistake.
Domain seizures have become a subject of controversy in the US, where copyright-related seizures have become increasingly commonplace. Critics claim that the practice violates the First Amendment of the US Constitution by placing a “prior restraint” on speech.
The practice is likely to re-ignite long-standing international concerns about the US government’s privileged relationship with ICANN. Foreign governments, especially those in the Middle East under pressure from a populace newly empowered by the Internet, will draw attention to the contrast between this US action to enforce its own laws and its support for unrestricted free speech abroad.
On the other side of the Atlantic, Nominet is consulting on its own domain deletion policies. The US mistake will give Nominet reason to be very careful about adopting procedures that give an unbalanced assumption of authority to law enforcement complaints.

https://publicaffairs.linx.net/news/?p=2866

Operation Iran

The hacking collective Anonymous is planning to launch distributed denial-of-service (DDoS) attacks against Iranian government websites tomorrow (Feb. 11).
Anonymous "Operation Iran" is set to begin at 1:00 p.m. local time and is an online protest of what the group called in a press release "chains of oppression, tyranny and torture." The DDoS attacks coincide with a day of physical demonstrations set to occur in Iran tomorrow, ostensibly to commemorate the 32nd anniversary of the revolution but which last year were usurped by anti-government protesters.

A YouTube video created by the group shows violent scenes of revolt and government oppression, while a digitally-modified voice details Anonymous 'mission:
"To the noble people of Iran: We know how great you are. You have been killed, jailed, tortured and silenced by the illegal regime which has hijacked your country for the past 32 years, and yet you still rose up last year against a force that you knew meant ill harm. They may kill one person every eight hours but they can't kill your fighting spirit, they can't kill your freedom. Know that we support you. Know that you are not alone. We are Anonymous, we are legion. We do not forgive, we do not forget. Expect us."


In an Anonymous chat room on MiBBiT.com today (Feb. 10), a participant using the screen name "arash" expressed the public sentiment in Iran that is behind the need for a government upheaval similar to the ones occurring in Tunisia and Egypt. (Anonymous hackers launched DDoS attacks on government websites in both countries last month).
"They are the most uncivilized regime in the world, worst [sic] than north korea [sic] and all the Iranians hate them," arash wrote.
This batch of DDoS attacks comes at what could be considered a precarious time for Anonymous. Today (Feb. 10), a federal grand jury in San Jose, Calif., began collecting evidence -including computers and mobile phones - seized in multistate raids on suspected members of Anonymous.

http://www.cbsnews.com/8301-501465_162-20031428-501465.html

Mubarak, Obama the KIll Switch..... and some Humour

A “kill switch” bill that grants President Barack Obama the power to shut down the entire nation’s Internet during a national crisis will soon resurface in the Homeland Security and Governmental Affairs Committee.

The legislation, which has bipartisan support, floated through the Senate committee in December but expired with the new Congress early January.

After Senate leaders announced Jan. 27 that Sen. Susan Collins (R-Maine), who introduced the bill, will continue to serve as the ranking member of the Senate committee, Collins indicated that she will bring the bill to the table again.

The planned introduction also follows the Internet blackout in Egypt on Jan. 27 in response to the nationwide protests to remove Egyptian President Hosni Mubarak, who has been in office since 1981.

Collins said that the bill would not give Obama the same level of power as the Egyptian president and is only designed to prevent damage from “significant” cyberthreats, according to Wired magazine.

“My legislation would provide a mechanism for the government to work with the private sector in the event of a true cyber-emergency,” Collins told Wired. “It would give our nation the best tools available to swiftly respond to a significant threat.”
An aide to the Senate committee explained to the magazine that the bill will not permit the shutting down of the entire Internet but only allow the president to deny access to certain websites when the government detects a possible cyber-attack.

The aide added that there will not be one “kill switch” that can take down the entire network but a central system that is connected to servers in different regions.

Critics and organizations such as the American Civil Liberties Union, American Library Association, Electronic Frontier Foundation, and Center for Democracy and Technology are skeptical of the legislation and said in an open letter that the legislation could be used to censor the Internet.

The groups pointed out that the bill is ambiguous about what can be declared as a cyber-attack, and the bill itself can be flexible enough to be manipulated to censor the Internet or limit free speech, which is a violation of the constitution’s First Amendment, according to The Hill.

"Those in Congress who have proposed an 'Internet Kill Switch' for the United States should realize the danger of their proposal now that Egyptian President Mubarak has flipped such a switch to stifle dissent in Egypt," Berin Szoka, president of TechFreedom told The Hill.

The details of the bill and its reintroduction are currently unavailable, but a Senate aide told The Hill that the committee is considering taking the more popular aspects of the proposed legislation and attaching them to other bills.


http://www.theepochtimes.com/n2/content/view/50379/