Govt’s data retention plans “really bad”; Juniper routers at risk; China behind Twitter hack?


By Andrew Collins
Tuesday, 05 February, 2013


Govt’s data retention plans “really bad”; Juniper routers at risk; China behind Twitter hack?

Sir Tim Berners-Lee, widely credited as the inventor of the world wide web, last week said the Australian Government’s proposed data retention laws are “probably a really, really bad idea”.

The government previously outlined plans requiring telcos to store certain data regarding customer internet traffic for up to two years. The plan has met with derision from industry and social commentators.

The UK and US-based Berners-Lee was in Sydney for the launch of the CSIRO’s $40 million Digital Productivity and Services Flagship.

Berners-Lee said that the plan might not help catch criminals, who would use tools like Tor or VPNs to hide their traffic and keep it from entering the proposed logs. Instead, it would create unease in those using the internet for non-criminal uses.

“You’ll produce a world in which a teenager who really needs to go to an online forum, to get some professional advice, or really needs to know whether they’re suffering from a given disease, or really needs to understand something about sexuality, medicine or growing up ... and realise that if they click, they will be branded for the next two years as having gone to that site,” he warned.

The logs could in fact create opportunities for criminals. Berners-Lee warned that the logs essentially created dossiers of sensitive information on private citizens which, if stolen by criminals, could be used to blackmail those citizens.

“Remember that some people share with the web things that they don’t necessarily share with their nearest and dearest. That information is so dangerous,” Berners-Lee said.

Juniper routers at risk

Networking vendor Juniper Networks revealed last week that its routers suffer from a flaw that could allow hackers to crash or reboot the devices simply by sending a TCP packet.

Specifically, the flaw exists in JunOS, the operating system which Juniper routers run.

“By sending a specially crafted transmission control protocol (TCP) packet to a listening port on a Juniper Routing Engine, it’s possible to make the kernel in JunOS crash and cause them to switch over or reboot,” itnews reported.

According to Juniper, versions of JunOS older than 17 January are affected by the flaw. Newer versions contain a fix for the problem.

The company also said it is not aware of any “malicious exploitation” of the vulnerability.

Juniper urged customers to contact its Customer Support Center for more details on the problem and a solution.

China behind massive Twitter attack?

Twitter announced late last week that it had been the target of a hack and that the company’s investigation “has thus far indicated that the attackers may have had access to limited user information - usernames, email addresses, session tokens and encrypted/salted versions of passwords - for approximately 250,000 users”.

Bob Lord, Twitter’s Director of Information Security, made the announcement via blog post. He also said that the company had reset passwords and revoked session tokens for the affected accounts.

“If your account was one of them, you will have recently received (or will shortly) an email from us at the address associated with your Twitter account notifying you that you will need to create a new password. Your old password will not work when you try to log in to Twitter,” he said.

Interestingly, Lord also encouraged users to disable Java in their browsers, leading some to speculate that a Twitter employee’s home or work computer may have been compromised through vulnerabilities in Java, giving hackers a back door into Twitter’s internal systems, ultimately leading to the breach of the 250,000 accounts.

However, as Sophos’s blog points out, Twitter may simply have been “just trying to be helpful and neighbourly, rather than giving advice specific to this latest attack” when talking about Java.

Lord said the attack was extremely sophisticated and was not the work of amateurs.

“We do not believe it was an isolated incident … and we believe other companies and organisations have also been recently similarly attacked.”

Earlier in the blog he mentioned recent attacks on the New York Times (NYT) and Wall Street Journal (WSJ), both of which took place in the preceding couple of weeks. Both the NYT and the WSJ claim their respective hacks were perpetrated by Chinese hackers.

An NYT reporter said the hackers behind the attack on the NYT used “methods that some consultants have associated with the Chinese military in the past”.

Meanwhile, the WSJ said “Chinese hackers believed to have government links” had been spying on its reporters.

Twitter did not identify the source of the attack on its service, but some commentators are taking the mention of the NYT and WSJ attacks in Lord’s blog post as implication that China was behind that attack, too.

But since Twitter has not explicitly pointed the finger at any person or organisation in particular, the China theory can, at this point, only be considered speculation.

Related Articles

Nation-state actors have their sights on the cloud

Prioritising the protection of credentials and adopting robust security measures can better...

Combating financial crime with AI

Rapid digital transformation across Australia and New Zealand has provided cybercriminals with...

Learning from the LockBit takedown

An international taskforce has seized the darknet sites run by LockBit, but relying on law...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd