Archive
One Year Of Lulz (Part II)
Christmas has just gone and here it is my personal way to wish you a Happy New Year: the second part of my personal chart (first part here) of Main 2011 Cyber Attacks covering the time window from August to November 2011 (December is not yet finished, and featuring remarkable events, so expect an update very soon). This memorable year is nearly over and is time, if you feel nostalgic, to scroll down the second part of the list to review the main Cyber Events that contributed, in my opinion, to change the landscape and the rules of the (information security) game. Many events in this period among whom, IMHO, the most noticeable is the one carried on against Diginotar. Since then our trust in conventional authentication models is not (and will not be) the same anymore.
Of course this is my personal selection. Suggestions are well accepted and if you need more details about the cyber events in 2011, feel free to consult my 2011 Cyber Attacks Master Index. As usual after the page break you find all the references…
Mobile Antiviruses: Malware Scanners or Malware Scammers?
Few days ago Juniper Networks has released a report on the status of Android Malware. The results are not encouraging for the Android Addicted since they show a 472% increase in malware samples since July 2011 (see the infographic for details).
This does not surprising: already in May in its annual Malicious Mobile Threats Report, report, Juniper had found a 400% increase in Android malware from 2009 to the summer of 2010. This trend is destined to further grow since the Juniper Global Threat Center found that October and November registered the fastest growth in Android malware discovery in the history of the platform. The number of malware samples identified in September increased by 28%. whilst October showed a 110% increase in malware sample collection over the previous month and a noticeable 171% increase from July 2011.
As far as the nature of malware is concerned, Juniper data show that the malware is getting more and more sophisticated, with the majority of malicious applications targeting communications, location, or other personal information. Of the known Android malware samples, 55%, acts as spyware, 44%, are SMS Trojans, which send SMS messages to premium rate numbers without the user’s consent.
The reason for this malware proliferation? A weak policy control on the Android market which makes easier for malicious developers to publish malware applications in disguise. From this point of view, at least according to Juniper, the model of Cupertino is much more efficient and secure.
Easily predictable Google’s answer came from the mouth of Chris DiBona, open source and public sector engineering manager at Google. According to DiBona, Open Source, which is widely present in all the major mobile phone operating systems, is software, and software can be insecure. But Open Source becomes stronger if it pays attention to security, otherwise it is destined to disappear. In support of this statement he quotes the cases of Sendmail and Apache, whose modules which were not considered enough secure disappeared or came back stronger (and more secure) than ever.
But DiBona’s does not stop here (probably he had read this AV-test report which demonstrates that free Android Antimalware applications are useless): “Yes, virus companies are playing on your fears to try to sell you bs protection software for Android, RIM and IOS. They are charlatans and scammers. IF you work for a company selling virus protection for android, rim or IOS you should be ashamed of yourself.”
From this point of view Google hopes that Ice Cream Sandwich will lead Android Security at the next level even if some features are raising security concerns among Infosec professionals.
August 2011 Cyber Attacks Timeline
Here it is the complete list of Main Cyber Attacks for July: definitively it looks like the Dog Days did not stop the Cyber Attacks, which have been particularly numerous during August.
Following the trail of July, an attack against PCS Consultants, another U.S Government contractor opened this hot month, even if the controversial shady RAT affair monopolized (and keeps on to monopolize) the infosec landscape (and not only during the first half of the month). Easily predictable nearly every endpoint security vendor (and McAfee competitors) tend to minimize the event considering it only the latest example of RAT based cyber attacks with no particular features (see for instance the comment by Sophos, Kaspersky and Symantec).
Analogously the Dog Days did not stop hactivism with the infamous hacking group Anonymous (and its local “chapters”) author of several attacks in different countries and most of all of author of a kind of arm wrestling against BART (Bay Area Rapid Transit), sometimes carried out with questionable methods. Research in Motion was indirectly involved on the Anonymous Campaign during the London Riot, but also Anonymous was hit by (another) defacement attack carried on by Syrian hackers which affected Anonplus, the alternative Social Network.
South Korea was also hit with other massive breaches (involving also Epson Korea) and a defacement against the local branch of HSBC.
According to my very personal estimates, based on the Ponemon Institute indications, the cost for the data breach for which enough information was available, is around $ 126 million mainly due to the impressive Epson Data Breach.
Useful resources for compiling the table include:
And my inclusion criteria do not take into consideration simple defacement attacks (unless they are really resounding) or small data leaks.
Enjoy the complete list!
| Date | Author | Description | Organization | Attack |
| Aug 1 | 
|
Another U.S. Government contractor, PCS Consultants gets hacked by Anonymous & Antisec. Hackers extract website Database and leak it on the internet via Twitter on Pastebin (as usual!). Leaked Data include Admin’s and 110 users emails, plus passwords in encrypted hashes. |
 |
SQLi? |
| Aug 2 | |
Vitrociset
72 hours after the first defacement, Vitrociset, a contractor of Italian Cyber Police, is hacked and defaced again by Anonymous. |
 |
SQLi? Defacement |
| Aug 3 |  |
United Nations (Shady RAT)
In an interview to Vanity Fair (as to say, information Security is a fashion), a McAfee Security Researcher declares UN and other international institutions have been victims of a large scale Remote Access Tool based attack from a Foreign Country. The attack is dubbed shady RAT and suspects are directed to China. |
 |
Remote Access Tool |
| Aug 3 |  |
Colombia
Anonymous and Colombian Hackers shut down the websites of Colombia’s president, the interior and justice ministry, the intelligence service DAS and the governing party. The hacker attack was meant as a protest against government censorship. |
 |
DDoS |
| Aug 3 |  |
The SUN and News Corp. International
Britain’s Rupert Murdoch-owned tabloid The Sun sends a message to readers warning them that computer hackers may have published their data online after an attack on the paper’s website last month. A hacker styled ‘Batteye‘ claims to have posted details taken from The Sun on the Pastebin. |
 |
SQLi? |
| Aug 3 |  |
Front National
As a consequence of the Massacre of Oslo, Anonymous France claims to have hacked a server belonging to Front National, leaking a list of 100 leaders of the party |
 |
? |
| Aug 5 | ? |
Eight weeks after a hacker cracked its credit card database, the company’s credit card unit in Japan, Citi Card, reported in a message to its user base that “certain personal information of 92,408 customers has allegedly been obtained and sold to a third party illegally.” Estimated cost of the breach is about $19.8 million. |
 |
unfaithful outsourcer |
| Aug 6 |   |
Law Enforcement Agencies
After the first attack to Law Enforcement Institutions in July, Anonymous and LulzSec, as part of what they define the ShootingSheriffsSaturday, leak again 10 Gb of Data from the same Law Enforcement Agencies, including private police emails, training files, snitch info and personal info. The attack was made in retaliation for anonymous arrests |
 |
SQLi? |
| Aug 6 |  |
SAPPE (Sindacato Autonomo Polizia Penitenziaria)
Anonymous defaces the Web Site of SAPPE (Independent Union of Prison Guards) and leaves a message on pastebin (here in italian) claiming more rights for detainees |
 |
SQLi? |
| Aug 6 |  |
Policia Federal (Brazilian Police)
LulzSec Brazil hacks Brazilian Police and discloses 8 gb of data from what they defined the Pandora’s Box |
 |
USB Key Stolen? |
| Aug 7 | |
Syrian Ministry of Defense
The Syrian Ministry of defense is hacked by Anonymous which defaces the web site and post a note supporting the Syrian people |
 |
Defacement |
| Aug 9 |  |
Anonplus (Anonymous Social Network)
In retaliation for the defacement of the Syrian Ministry of Defence, a Syrian Group of hackers dubbed Syrian Electronic Army, has defaced (for the third time), Anonplus, the alternative Social Network in phase of deployment by Anonymous, posting several gruesome images. |
 |
Defacement |
| Aug 9 |  |
Research In Motion
As an (in)direct consequence of the London Riots, a crew of hackers called TeaMp0isoN defaces The Official BlackBerry Blog after RIM has indicated to assist London police, who are investigating the use of the messaging service in organizing riots, with a “very extensive monitoring of the BlackBerry Messenger model”. |
 |
SQLi? |
| Aug 9 |
|
Operation Satiagraha
As part of Operation Antisec, LulzSec and Anonymous, release 5gb of documents, photos, audio files and videos, exposing that wich was one of the greatest corruption scandals in the recent history of Brazil |
 |
SQLi? |
| Aug 10 | ? |
University Of Wisconsin Milwaukee
The Social Security numbers of 75,000 students and employees at the University of Wisconsin-Milwaukee arE exposed after hackers planted malware in a campus server.ty-of-wisconsin-server. Estimated Cost of the Breach is $16 million. |
 |
APT |
| Aug 10 | ? |
Hong Kong Stock Exchange (HKEx)
The Hong Kong stock exchange (HKEx) halts trading for seven stocks in the afternoon trading session after its website was attacked during the morning trading session. The seven stocks in question were all due to release sensitive results to the website that could impact the price of their stocks. Initially the attack was believed to have compromised the web site. Later it was discovered to be a DDoS. |
 |
DDoS |
| Aug 12 | Headpuster |
Welt.de
An hacker called Headpuster, to protest against the sale of user data to a third party operator, hacks Welt.de using an SQL Injection (http://boot24.welt.de/index_welt..php?ac =***) and steals a large amount of data including credit card information of 30,264 users from the database He then publishes censored excerpts. Estimated cost of the breach is around $6.5 million. |
 |
SQLi? |
| Aug 12 | ? |
Hong Kong stock exchange (HKEx)
The Hong Kong stock exchange comes under attack for the second day in a row on Thursday. The exchange blamed a Distributed Denial of Service (DDoS) attack against its news web server, hkexnews.hk. A Suspect has been arrested on Aug, the 23rd. |
 |
DDoS |
| Aug 14 | |
Mybart.org
As part of their #OpBART and #Bart-Action in response to a temporary shutdown of cell service in four downtown San Francisco stations to interfere with a protest over a shooting by a BART police officer, Anonymous attacks the myBART.org website belonging to San Francisco’s BART (Bay Area Rapid Transit) system. They perform a SQL injection (SQLi) attack against the site and extract 2,450 records containing names, usernames, passwords (plain text), emails, phone numbers, addresses and zip codes. Estimated Cost of the Breach is $524,300. |
 |
SQLi |
| Aug 15 | ? |
GOMTV.NET
After SK, Another South Korean service provider reports a large-scale data breach of usernames and passwords for subscribers worldwide. This time, it’s the turn of Seoul-based streaming media service GOMTV to suffer a data-spilling intrusion. According to GOM TV, the breach happened early in the morning of Friday 12 August 2011 Korean time; the company sent out a warning email to its subscribers on Sunday 14 August 2011. |
 |
SQLi? |
| Aug 16 | |
Vanguard Defense Industries
Antisec targets Richard Garcia, the Senior Vice President of Vanguard Defense Industries (VDI). During the Breach nearly 4,713 emails and thousands of documents are stolen. The attack has been performed on August the 16th, but, as a consolidated tradtion, the torrent has been released on Friday, August the 19th. |
 |
Vulnerability in WordPress Hosting Platform |
| Aug 16 |  |
Ebay
Hacker group Cslsec (Can’t stop laughing security) leaks some accounts from Ebay and post them on pastebin. |
 |
SQLi? |
| Aug 17 | |
BART Police
A database belonging to the BART Police Officers Association is hacked, and the names, postal and email addresses of officers are posted online. Over 100 officers are listed in the document posted, as usual, on pastebin. Estimated cost of the breach is $21,400. |
 |
SQLi? |
| Aug 20 |  |
A turkish based hacker hacks and defaces the Korean branch of HSBC, the global banking group. |
 |
defacement |
| Aug 21 | pr0tect0r AKA mrNRG |
The developer forum section of Nokia Website is hacked by Indian Hacker “pr0tect0r AKA mrNRG“. He was able to deface the site and access to email records. According to an official statement from Nokia a “significantly larger” number of accounts has been accessed although they do not contain sensitive information. |
 |
SQLi |
| Aug 21 | |
Danish Government
Anonymous Hackers upload a file on Torrent containing the snapshot of the Danish Government database of companies. The snapshot was obtained during the summer of 2011 by systematically harvesting data from the public parts of the cvr.dk website. |
 |
SQLi? |
| Aug 22 | ? |
Epson Korea
Hacking in South Korea: After GOMTV.NET Epson Korea is hit by a massive data breach, involving the personal information of 350,000 registered customers. Hackers break into Epson Korea’s computer systems, and steal information including passwords, phone numbers, names, and email addresses of customers who had registered with the company. Estimated cost of the breach is $74,900,000. |
 |
? |
| Aug 22 | Electr0n |
Libyan domain name registry
Hackers deface the nic.ly website, the main registry which administers .ly domain names (the “.ly” stands for “Libya”) and replace it with anti-Gaddafi message. |
 |
defacement |
| Aug 22 |  |
Allianceforcebiz.com
@ThEhAcKeR12, an admirer of Anonymous acts independently to breach an outsourced provider and steal a customer list with 20,000 log-in credentials. Many on the list were U.S. government employees. Estimated cost of the breach is around $4,280,000. |
 |
SQLi? |
| Aug 22 |
|
UK MET Police As part of the Murder Military Monday, Metropolitan UK Police is hacked for #Antisec by CSL Security using SQL injection Vulnerability and the vulnerable link is also shown on Twitter and pastebin. Other attacked sites include: USarmy.com, GoArmy.com. |
 |
SQLi |
| Aug 23 | |
U.S. Government F-Secure discovers that on 17th of July, a military documentary program titled “Military Technology: Internet Storm is Coming” was published on the Government-run TV channel CCTV 7, Millitary and Agriculture (at military.cntv. While they are speaking about theory, they actually show camera footage of Chinese government systems launching attacks against a U.S. target. |
|
DDoS? |
| Aug 24 | |
Cslsec
Another example of Cyberwars between different hacker crews: TeaMp0isoN hacks Cslsec which claimed to be the new LulzSec |
|
Defacement |
| Aug 25 | ? |
U.S. Military Base
Another example of military emails leaked by hackers. |
|
SQLi? |
| Aug 27 | Division Hackers Crew |
Borlas.net
Division Hackers Crew hacks the Database of Borlas.net (Free SMS Site) and leaks the usernames, Passwords, emails and phone numbers of 14800 registered users. As usual, leaked database has been posted on pastenbin. Estimated cost of the breach is $3,167,200. |
 |
SQLi? |
| Aug 28 |  |
Orange.fr
Anonymous Hacker hacks Orange.fr and uploads the database and Site source code backup on file sharing site. |
 |
SQLi? |
| Aug 29 | Iranian Hackers |
Diginotar
A user named alibo on the Gmail forums posts a thread about receiving a certificate warning about a revoked SSL certificate for SSL-based Google services. The certificate in question was issued on July 10th by Dutch SSL certificate authority DigiNotar. The fake certificate was forged by Iranian Hackers, and revoked immediately. This is the second episode of a MITM attack against Google after the Comodo Affair in May. |
 |
Vulnerability |
| Aug 29 | ? |
Gabia (South Korean domain registrar)
Another Cyber Attack in South Korea: Gabia a South Korean domain registrar is hacked on Saturday Aug 27, according to a report Monday by the Korea Herald. The hack exposed over 100,000 domains and 350,000 users data. The information included names, user IDS, passwords and registration numbers. |
 |
? |
| Aug 29 | |
densetsu.com
Sometimes they come back: one of the lulzsec members seems to have made a quick returning hacking a child porn trading forum and leaking over 7000 accounts. |
densetsu.com | SQLi? |
| Aug 30 |  |
Wikileaks (1) Der Spiegel reports that a WikiLeaks file containing the original leaked US State Department cables has inadvertently been released onto the Internet. The documents have not been edited to protect sources, meaning that the lives of informants could be at risk. |
|
? |
| Aug 30 | ? |
Wikileaks (2) The WikiLeaks website, which contains thousands of U.S. embassy cables, has crashed in an apparent cyberattack. The anti-secrecy organization said in a Twitter message Tuesday that Wikileaks.org “is presently under attack.” |
|
DDoS |
| Aug 30 |  |
swgalaxies.net @neatstuffs leaks over 23,000 emails and passwords from a Star Wars Fan Club, and all the passwords are in clear text…sad isnt it? that a website would store so many users information with no security. |
 |
SQLi? |
The Dangerous Liaisons (Updated)
Did you know that a smartphone might involve as many as 250,000 patent claims? You may easily understand why the $ 4.5 billion auction to buy 6,000 Nortel patents by the consortium formed by Apple, Microsoft, Research in Motion, Sony Ericsson and EMC was so cruel. You may also easily understand why Google, the loser of the Nortel auction, decided to react immediately acquiring Motorola and its patent portfolio made of more than 17,000 approved patents (and another 7,500 patents filed and pending approval) for the large sum of $ 12.5 billion.
Said in few words, the mobile arena is getting more and more agressive and cruel. For this reason, a litte bit for curosity, a little bit for fun, I decided to draw a chart (and a table) showing all the moves of the giant players in this mobile chessboard. Although deliberately incomplete (I did not show in the table the patent saga of NTP Inc. against the rest of the world and the settlement of Motorola vs RIM), it gives a good idea of the dangerous intersections involving partnership, fees, alliances and, most of all, lawsuits… With the strange paradox that some companies (read Apple and Samsung) are enemies before the court, but in the same time business partners.
While visualizing the idea I stumbled upon this similar graph showing the status of the mobile arena on 8 Oct 2010. I decided to use the same layout, omitting some informations, but updating it to the current date. The graph is a little bit confusing, but the confusion of the arrows reflects betten than a thousand words the real situation.
Anyway the war will not stop here: the next targets? Interdigital Inc. with its 8,800 patents which are attracting several bidders such as Apple, Nokia and Qualcomm; and, most of all, Kodak, whose survival depends on the auction of the 10% of its patent portfolio (1,100 patents), valued as high as $3 billion which are vital to compensate the losses estimated in $2.5 billion.
As far as the table is concerned, in order to avoid repetitions, it only shows the status of the lawsuits and alliances from the perspective of Google, Apple and Microsoft. Enjoy your read and the 250,000 patent claims on your smartphone!
| Company | Filed Suit Against | Has technological alliance with | Filed Suite From: |
 |
No one (at least so far!) |  
Of course Google licensees his Mobile OS to HTC and Samsung (in rigorous alphabetical order), and it is the driver for the impressive market share growthof Samsung and HTC.
In an effort to defend Android’s Intellettual Property “to supercharge the Android ecosystem and will enhance competition in mobile computing”, on Aug 15 2011, Google announced the intention to acquire Motorola Mobility with a $12.5 billion deal. Motorola has nearly 17,000 patents. |
Aug 12 2010: Oracle has filed suit against Google for infringing on copyrights and patents related to Java,. Oracle claimed Google “knowingly, directly and repeatedly infringed Oracle’s Java-related intellectual property”. Android uses a light proprietary Java Virtual Machine, Dalvik VM, which, according to Oracle infringes one or more claims of each of United States Patents Nos. 6,125,447; 6,192,476; 5,966,702; 7,426,720; RE38,104; 6,910,205; and 6,061,520. The case is in U.S. District Court, Northern District of California, is Oracle America, Inc v. Google Inc, 10-3561. The lawsuit is still pending and will likely take several months. The trial between Oracle and Google is expected to begin by November and Oracle is seeking damages “in the billions of dollars” from Google. On Aug 1 2011, the judge overseeing the lawsuit Oracle filed over the Android mobile OS has denied Google’s attempt to get a potentially damaging e-mail redacted. |
 |
Mar 2 2010: Apple sued HTC for infringing on ten patents, nine of which involve technologies which apply to the iPhone, while one involves the use of gestures, but only in a specific use case. The suit has been filed in the U.S. District Court in Delaware , alleging twenty instances of patent infringement. The company also petitioned the US ITC to block the import of twelve phones designed and manufactured by HTC. On Jul 15 2011 Apple won a preliminary patent ruling in an early judgment before the US ITC, in which HTC was found to have breached two of 10 patents held by Apple. On Aug 8 2011 ITC announced to have dediced to review Apple’s patent infringement complaint against HTC.
Oct 31 2010: In response to Motorola lawsuit against Apple, Apple sued Motorola and Motorola Mobility for Infringment on several Multi-Touch patents infringments in the Wisconsin Western District Court with two distinct lawsuits. A total of six patents are involved in the two lawsuits. On Nov 23, 2010: US International Trading Commission announced to review Apple patent case against Motorola.
Apr 18 2011: Apple filed suit against Samsung for copying the design of its iPad and iPhone with its smartphones and tablets. Aug 10 2011: European customs officers have been ordered to seize shipments of Samsung’s Galaxy Tab computers after the ruling late on Tuesday by a German patents court. In the last days Apple has been accused of presenting inaccurate evidence against Samsung. Aug 24 2011: Samsung has been banned from selling some galaxy phones in the Netherlands. The ban is set to begin on October 13, but Samsung doesn’t seem to be taking it too hard. |
On Jul 1 2011 the intellectual property of the Canada giant Nortel (in Bankrupt), involving 6,000 patents, was sold for $4.5 billion, in a dramatic auction, to a consortium formed by Apple, Microsoft, RIM, Sony, EMC and Ericsson. Google was the other competitor (and the big looser) for the deal. This event acted as a trigger for the acquisition of Motorola Mobility by Google.
On Aug 3 2011, In a post to the Official Google Blog, Google Senior Vice President and Chief Legal Officer David Drummond said that Apple, Microsoft, Oracle, and others have waged “a hostile, organized campaign against Android” by snapping up patents from Novell and Nortel and asking Google for high licensing fees for every Android device”, accusing them of Patent Bulying.
Curiously, Apple is one of the main technological partners of Samsung for displays and semi-conductors. Samsung produces Apple’s A4 systems-on-a-chip (SoC) and also the two companies collaborate for iPad displays (Apple is moving from LG to Samsung because oof quality issues of the former). Nevertheless the lawsuits between the two companies are compromising their relationships so that Apple is evaluating a new supplier (TSMC) for its A6 nexy generation chipset. |
Oct 22 2009: Nokia sued Apple in Delaware court for infringing on ten patents related to GSM, UMTS, and WLAN standards that Nokia states they established after investing more than EUR 40 billion in R&D over the last 20 years. On Jun 14 2011 Apple agreed to pay between $300m and $600m to cover the 111m iPhones sold since its launch in 2007. Although the exact number was not specified, additional yearly fees could be part of the agreement.
On Jan 2010 Kodak sued Apple and RIM claiming Apple is infringing its 2001 patent covering technology that enables a camera to preview low-resolution versions of a moving image while recording still images at higher resolutions. The cases were filed in U.S. District Court in Rochester, N.Y., as well as the U.S. ITC. On Apr 2010 Apple argues that some Kodak still and video camera products violate two of its patents On Jul 2011: While Kodak’s claim is pending, the commission rules on Apple’s complaint and says Kodak’s digital-camera technology doesn’t violate Apple’s patents.
Oct 6 2010: Motorola sued Apple for patent infringement in three separate complaints; in district courts in Illinois and Florida and a separate complaint filed with the U.S. International Trade Commission. The suits covered 18 different patents, infiringed by Apple’s iPhone, iPad, iPod touch, and certain Mac computers. The Motorola patents include wireless communication technologies, such as WCDMA (3G), GPRS, 802.11 and antenna design, and key smartphone technologies including wireless e-mail, proximity sensing, software application management, location-based services and multi-device synchronization.
Jan 12 2011: Microsoft has motioned for a summary judgment to block Apple from trademarking the phrase “app store,” as it filed with the U.S. Patent and Trademark Office (USPTO) on July 17, 2008. Mar 30 2011: Microsoft filed a second objection to Apple’s enduring pursuit to trademark the phrase “app store hiring a linguist, Dr. Ronald Butters, to go head-to-head against Apple’s own hired linguist, Robert A. Leonard.
On Jul 1 2011 US ITC said Apple has violated two S3 Graphics Co. patents in its Mac OS X operating system, but not in the iOS platform. Although not directly related to Mobile, this ruling is meaningful since S3 has been acquired by HTC on Jul 6 2011 for $300 million in order to use their patents in the fight against Apple. HTC expects final ruling on Apple-S3 graphics case in November.
On Aug 16 2011 HTC filed a new lawsuit against Apple in Delaware’s US District Court, in an escalation of the legal battle between the two smartphone giants. HTC accused Apple to have infringed three of HTC’s patents through its sale of devices including iPads, iPods, iPhones and Macintosh computers. |
|
Oct 1 2010: Microsoft sued Motorola for patent infringement relating to the company’s Android-based smartphones. Microsoft filed its complaint with the International Trade Commission and in a Washington state district court. At issue are nine patents that deal with, among others, sending and receiving e-mail, managing and syncing calendars and contacts, and managing a phone’s memory. Patent dispute will begin from Aug 21 2011, the hearing procedure can take up to 10 days, the judgment procedure is expected to reach the final verdict point only in March 2012.
Nov 9 2010: Microsoft sued again Motorola for charging excessive royalties on network technology used in Microsoft’s Xbox game system. |
 Feb 11 2011: a deal with the Devil, Microsoft and Nokia announce their plansto form a broad strategic partnership that would use their complementary strengths and expertise to create a new global mobile ecosystem.
Besides the alliances with Apple and RIM (see the corresponding cell), on May 12 2011 Microsoft has teamed up with HTC, Nokia and Sony Ericsson in Europe, filing a challenge seeking to invalidate Apple’s trademarks on the phrases “App Store” and “Appstore.” |
Nov 11 2010: Motorola Mobility sued Microsoft with the U.S. District Courts for the Southern District of Florida and the Western District of Wisconsin alleging infringement of sixteen patents by Microsoft’s PC and Server software, Windows mobile software and Xbox products. Motorola Mobility asked for the infringing devices to be barred from importation into the United States. On Dec 21 2010, ITC has agreed to hear the complaint.
|
Riot In Motion
As an (in)direct consequence of the London Riots, a crew of hackers called TeaMp0isoN has defaced the The Official BlackBerry Blog after RIM has indicated to assist London police, who are investigating the use of the messaging service in organizing riots, with a “very extensive monitoring of the BlackBerry Messenger model”.
The availability of BBM (Black Berry Messenger), a closed messaging system for one-to-one or one-to-many (encrypted!) communications at no charge, has made BlackBerry a very popular device among U.K. teens, who are believed to be the major responsible for the riots which have hit British streets. As a consequence BlackBerry Messenger is believed to have played a key role for rioters to organize themselves.
Since the Company decided to support the Police to contain the riot, granting access to BBM data and logs, it did not take so long for a resounding retaliation by the above quoted hacker group.
Curiously shortly after the attack, MP called for BlackBerry Messenger suspension to calm UK riots, and albeit this is claimed as a victory from rioters, I cannot help but notice that it is really a paradox: the whole story is a consequence of the need for authorities to extensively monitor BBM and the same authorities now ask for a complete lockdown of BBM which might be the ultimate remediation to stop the riots).
In my opinion, this hactivism event can be seen from a double perspective: at first glance this is only the last episode of hactivism, whose actions and impacts are nowadays natural extensions in the fifth virtual domain for wars and revolutions crossing the borders of the real world. But a second deeper analysis shows surprising and, somewhat, unexpected consequences.
The event was a consequence of the attempt by authorities to deprive rioters of their weapons, that is mobile technologies. Said in simple words, we are seeing a kind of Consumerization of Riots (the western world equivalent of what I defined Consumerization of Warfare that is the influence played by consumer technologies, mobile and social networks in primis, for spreading the riots in Middle East). Of course with the obvious difference of scopes and geography.
But if the contemporary use of both mobile technologies, for communicating and coordinating, and Social Media for virally spreading information useful for the cause (tweets like weapons), is a (quite) common and consolidated practice whose primary role has been recognized for the revolutions of Maghreb and Middle East, what is completely new is, for the first time, the impact and the price (to be) paid by the technology vendor, in this case RIM, (in)directly involved in the events. As a matter of fact RIM is suffering heavy aftermaths, which will not likely end here.
Not only the Waterloo based company was hacked with a resounding defacement, with huge consequences in terms of image, but also the brand seriously risks to be negatively associated with rioters, which could lead to further negative impacts for the brand, with possible consequences in terms of sells.
Is this maybe the reason why Twitter refused to shut down the accounts of the London rioters, besides the blog post according to which Tweets must always flow?
P.S. From an Information Security Perspective…
Several Information Security blogs were wondering if hackers managed to post on BlackBerry’s blog because of a software vulnerability, or because one of their administrators had his password cracked. In my opinion several tweets from TeaMp0isoN seems to confirm the first hypothesis:
Try to find out how we got in and patch…
(Other) Chronicles Of The Android
I know it is late and I am quite tired after a day of work. Still few seconds (and energies) to comment a new Gartner Report confirming what previously indicated by ABI Research and IDC, according to which, the Google Creature will command Nearly Half of Worldwide Smartphone Operating System Market by Year-End 2012.
Worldwide Mobile Communications Device Sales to End Users by OS (Thousands of Units)
| OS | 2010 | 2011 | 2012 | 2015 |
| Symbian | 111,577 | 89,930 | 32,666 | 661 |
| Market Share (%) | 37.6 | 19.2 | 5.2 | 0.1 |
| Android | 67,225 | 179,873 | 310,088 | 539,318 |
| Market Share (%) | 22.7 | 38.5 | 49.2 | 48.8 |
| Research In Motion | 47,452 | 62,600 | 79,335 | 122,864 |
| Market Share (%) | 16.0 | 13.4 | 12.6 | 11.1 |
| iOS | 46,598 | 90,560 | 118,848 | 189,924 |
| Market Share (%) | 15.7 | 19.4 | 18.9 | 17.2 |
| Microsoft | 12,378 | 26,346 | 68,156 | 215,998 |
| Market Share (%) | 4.2 | 5.6 | 10.8 | 19.5 |
| Other Operating Systems | 11,417.4 | 18,392.3 | 21,383.7 | 36,133.9 |
| Market Share (%) | 3.8 | 3.9 | 3.4 | 3.3 |
Source: Gartner (April 2011)
In my opinion it worths noticing the inevitable fall of Symbian, the slow but inexorable descent of RIM, and the equally slow growth of Microsoft wich will be able to nearly touch the 20% only in 2015.
The android has every reason to celebrate and nothing better do it properly than this video in which an HTC Desire solves a dodecahedron Rubik’s Cube: an HTC desire runs a custom Android app which uses the phone’s camera to take individual images of each of the puzzle’s 12 faces, then processes the information and sends a signal via Bluetooth to the NXT controller,
What if Android Reassembles The Puzzle?
ComScore has just published its Press Release related to February 2011 U.S. Mobile Subscriber Market Share. 69.5 million people in the U.S. owned smartphones during the three months ending in February 2011, up 13 % from the preceding period. As we have become accustomed to a few months, the Android is still on the top, earning 7 percentage points since November 2010, achieving a 33% market share. RIM ranked second with 28.9 percent market share, followed by Apple with 25.2 percent. Microsoft (7.7 %) and Palm (2.8 %) rounded out the top five.
| Top Smartphone Platforms: 3 Month Avg. Ending Feb. 2011 vs. 3 Month Avg. Ending Nov. 2010 Total U.S. Smartphone Subscribers Ages 13+ Source: comScore MobiLens |
|||
| Share (%) of Smartphone Subscribers | |||
| Nov-10 | Feb-11 | Point Change | |
| Total Smartphone Subscribers | 100.0% | 100.0% | N/A |
| 26.0% | 33.0% | 7.0 | |
| RIM | 33.5% | 28.9% | -4.6 |
| Apple | 25.0% | 25.2% | 0.2 |
| Microsoft | 9.0% | 7.7% | -1.3 |
| Palm | 3.9% | 2.8% | -1.1 |
Considering the market share on a per-vendor base, provides a different interpretation, and explains some strategic mobile choices of the Mountain View giant. Among the OEM, Samsung ranked at the #1 with 24.8% of U.S. mobile subscribers, up 0.3 percentage points from the previous three month period. LG ranked #2 with 20.9 percent share, followed by Motorola (16.1 %) and RIM (8.6 percent). Apple saw the strongest gain, up 0.9 percentage points to account for 7.5 percent of subscribers.
| Top Mobile OEMs 3 Month Avg. Ending Feb. 2011 vs. 3 Month Avg. Ending Nov. 2010 Total U.S. Mobile Subscribers Ages 13+ Source: comScore MobiLens |
|||
| Share (%) of Mobile Subscribers | |||
| Nov-10 | Feb-11 | Point Change | |
| Total Mobile Subscribers | 100.0% | 100.0% | N/A |
| Samsung | 24.5% | 24.8% | 0.3 |
| LG | 20.9% | 20.9% | 0.0 |
| Motorola | 17.0% | 16.1% | -0.9 |
| RIM | 8.8% | 8.6% | -0.2 |
| Apple | 6.6% | 7.5% | 0.9 |
I am not new to this kind of considerations (already faced in a previous post in Italian), but it is clear that the Android Landscape is becoming a little bit too much fragmented, and this risks to be a serious issue for the Android, both in terms of consumers’ perception, both in terms of security. As far as the consumer perception is concerned: many vendors are pushing more and more customizations not only on their own Android ROMs, but even on the services provided to consumer (read vendor-dedicated markets and services). This sounds confusing for the consumer who will inevitably ask why should he consider, inside the same platform, different parameters of choice external to the mere features of the devices (and how they map to consumer’s need). Not to mention also the tragedy of software updates: a new major release of the Android may take also one year to be ported in some devices, because of the wide customizations made by the manufacturers on their smartphones.
As far as security considerations are concerned, customization affects platform (in)stability and, inevitably security, if it is true that the same code must be adapted to run on different architectures, and security bugs are always behind the door.
These factors are probably behind the rumors claiming that Google has been demanding that Android licensees abide by “non-fragmentation clauses” that give Google the final say on how they can tweak the Android code, to make new interfaces and add services, and also behind the (not confirmed) rumors of standardizing the ARM Chip for Android 3.0. If we sum up these rumors with the fact the Mountain View will not (at least initially) release the Honeycomb Source Code, it looks clear that Google is running for cover in order to stem the excessive number of fragments in which OEM vendors are reducing its precious Android.
The Android is winning the market share battle against Apple and RIM, and forecasts for the next years show a bright future for the Android, destined to achieve nearly the half of the market in 2015. So far the Mountain View Strategy has shown to be winning, but the only obstacle, in this triumphant ride, could by represented by fragmentation, which might drive consumers to the monolithic models of Cupertino and Waterloo.
Chronicles Of The Android
The title of this post recalls a science fiction novel, but actually summarizes well a couple of news concerning the Android, which bounced in these days. Even if they seem apparently disjoined I decided to insert them in the same post: there is a logical link which connects the commercial success of a platform and the attention it attracts by malicious, and this seems to be the destiny of Android, to which the market share reserves a bright future, which become much less bright if one considers the information security consequences.
Part 1: Smartphone Market Share
This seems to be the right time for predictions as far as the smartphone market is concerned, that is the reason why I really was enjoyed in comparing the projections of ABI Research (released today), with the ones released from IDC a couple of days ago. The results are summarized in the following tables. Even if they are targeted at different years in the near future (respectively 2016 for ABI Research and 2015 for IDC), comparing the two reports is interesting for imaging what the future of the smartphone Operating System will be.
| ABI Research | IDC | |||||
| Operating System | 2010 | 2016 | Operating System | 2011 | 2015 | |
| Android | 23,00% | 45,00% | Android | 39,50% | 45,40% | |
| RIM | 16,00% | 14,00% | RIM | 14,90% | 13,70% | |
| iOS | 15,00% | 19,00% | iOS | 15,70% | 15,30% | |
| Symbian | 36,00% | - | Symbian | 20,90% | 0,20% | |
| Windows Phone 7/Windows Mobile | 0,60% | 7,50% | Windows Phone 7/Windows Mobile | 5,50% | 20,90% | |
| Others | 9,40% | 14,50% | Others | 3,50% | 4,60% | |
Often the providers of market intelligence do not agree on anything, but in this case, if there is one thing that seems to have no doubt, is the scepter of the Android, which seems to be destined, for both reports, to rule the market with nearly one half of the total smartphones shipped after 2015. The data also confirm a stable position for RIM (around 13%-14%), while do not completely agree as far as Apple is concerned, for which ABI research estimates a market share of 19% in 2016 and IDC a market share of 15% in 2015. But were the data are surprisingly different, is on the Windows Phone Market Share. According to ABI Research, Windows Phone will reach the 7% of the market (which become 7.5 adding the market share of its predecessor Windows Mobile). Unfortunately I do not think that, according to Microsoft’s hopes, the number 7 which identifies the mobile operating system series, pertains to the market share in 2016. Last and (unfortunately) least? IDC is more optimistic and foresees a bright future for Redmond in the mobile arena, with its creature ranking immediately behind the Android with the 20% of the market. Will be very amusing to see (in 5 years if we will remember) who was right.
Last and (unfortunately) least, the poor Symbian, sacrificial victim of Nokia and Microsoft agreement, which, in 5 years will remain little more than a romantic remembrance for mobile lovers, while, surprisingly, ABI research foresees a surprising 10% market share for Samsung Bada in 2016.
Part 2: Mobile Malware Market Share
Of course I am an infosec guy so I wonder if also the mobile malware will follow the same trend. This consideration arises from an interesting article I found in the Fortinet blog. Of course data must be taken with caution, but I could not help noticing that when one switches from smartphone market share to mobile malware market share, the ranking positions are reversed: over 50% of mobile malware families detected by the security firm concern Symbian, approximately 15% are Java ME midlets, while the Android approximately suffers only of the 5% of the infections. Of course, as correctly stated on the article, this does not means that Symbian is the less secure. In my opinion the bigger percentage of mobile malware is a simple consequence of the fact that Symbian is still the Operating System with the greater spread. Of course malware writers deserve bigger attention to those platforms which offer the wider attack surface (that is the wider possibility to spread infections). And in this moment, Symbian is an attractive prey from this point of view. My sixth sense (and one half as we say in Italy) says that the Android will not take a long time in order to achieve also the unenviable first position also in the mobile malware market share, not only because it is spreading at an incredible speed, but also because it is becoming an enterprise platform (so the value of the data stored are much more attractive for Cyber Crooks.
As if on purpose, today Symantec discovered yet another malware for Android (Android.Walkinwat), which, at least for this time, tries to discipline users that download files illegally from unauthorized sites. Analogously to some of its noble malware predecessors (Geinimi, HongTouTou, Android.Pjapps), the malware is hidden inside a non-existent version of a true application (in this case Walk and Text) and downloaded from parallel markets from Asia and United States, but instead of stealing private data, simply floods of SMS the contacts.
Hey, just downloaded a pirated App off the Internet, Walk and Text for Android. I am stupid and cheap, it costed only 1 buck. Don’t steal like I did.
At the hand, after sending the SMS (affecting the user’s phone bill) it warns the user with the following message.
Unfortunately downloading malware from Asian parallel market is not new, and it is not a coincidence that the same report from Fortinet indicates that most mobile malware families are implemented by Russian or Chinese coders. This is undoubtely an increasing trend, and I am afraid that Chinese coders will soon shift their Cyber Espionage Operations to mobile devices…
About The Author
Support My Work!
Share:
News
08/13/2011 - My Post on Android Malware Mentioned on Engadget.
04/14/2011 - The Article Smart Grid: L'ultima Frontiera del Cybercrime published on ICT Security Magazine May 2011.
03/14/2011 - Security Summit 2011: Paolo Passeri guest at Round Table "Mobile Security: Rischi, Tecnologie, Mercato"
02/14/2011 - The Article Gears of Cyberwar published on ICT Security Magazine January 2011.
Visitors from…
