Facebook told to hand over all data on user, including fake account set up by extortionist

Italy’s Data Protection Authority has ordered Facebook to turn over all the data it has on a user, along with data from a fake page that a troll set up in his name and used to extort him.

In addition, the company’s been ordered to hand over details of how the personal data was used, including who it was sent to or who might have obtained knowledge about it.

According to official documents, the user in question had accepted a friend request from an unspecified party.

When the man – kept anonymous in the documents – resisted that party’s extortion attempt, the troll swiped his personal information and photo and set up a phony account in his name.

Then, he or she used the fake account to send pictures and video montages to the man’s contacts. The images were meant to smear his reputation by implicating him in sexual activity, including with a minor.

The man immediately asked Facebook to take down the bogus account and to hand over all the relevant information it had on him, including data and photographs. Facebook then sent him an email explaining how to download his personal data using the standard tool.

But what he downloaded was jibberish, he said: a series of data, unintelligible because it was marked with codes, numbers and symbols. Beyond that, Facebook hadn’t delivered information about his tormentor.

Facebook told him it was taking steps to delete the fake account. But the self-service tool showed him that related conversations, though marked unavailable, hadn’t actually been deleted.

Unsatisfied, seeking information about who set up the account, he took the matter to the Italian data protection authority (DPA).

The DPA agreed with him.

It ordered Facebook to hand over all the data concerning the user: personal information, photographs, and posts, including those entered and shared by the troll. Also, the DPA said that the social network has to hand over information on its “aims, methods and logic of data processing,” as well as on the people communicated with, in an intelligible, non-gobbledygook form.

The case is notable because it’s yet another example of a European data authority telling tech companies they can’t hide inside their “but our headquarters are over here!” jurisdiction argument.

That jurisdiction notion has already failed to hold water in Google’s failed attempts to fight off the EU’s right to be forgotten.

We don’t care if a URL’s got a .fr, a .uk or a .com glued to the end, the French data protection agency told Google in June; if a European makes a legitimate request to be forgotten in search results, make it so on all your search engines in all countries.

The failure of the jurisdiction gambit hit home big-time in October, in the case of the Slovakian-registered company Weltimmo, which was in court over alleged breaches of Hungarian data protection laws.

In that case, a judgment from the EU Court of Justice opened the door for individuals to complain about data protection law breaches to their local data protection authorities, even if they’re complaining about a company headquartered outside their country.

Italy isn’t Facebook’s first loss on the jurisdiction front. It’s repeatedly tried to claim that it only has to answer to data protection authorities in Ireland, where it has its EU headquarters.

The French courts didn’t buy it. Nor did Belgian courts.

facebook· Google Hacking· HACKING

Facebook told to hand over all data on user, including fake account set up by extortionist

Italy’s Data Protection Authority has ordered Facebook to turn over all the data it has on a user, along with data from a fake page that a troll set up in his name and used to extort him.

In addition, the company’s been ordered to hand over details of how the personal data was used, including who it was sent to or who might have obtained knowledge about it.

According to official documents, the user in question had accepted a friend request from an unspecified party.

When the man – kept anonymous in the documents – resisted that party’s extortion attempt, the troll swiped his personal information and photo and set up a phony account in his name.

Facebook told him it was taking steps to delete the fake account. But the self-service tool showed him that related conversations, though marked unavailable, hadn’t actually been deleted.

Unsatisfied, seeking information about who set up the account, he took the matter to the Italian data protection authority (DPA).

The DPA agreed with him.

That jurisdiction notion has already failed to hold water in Google’s failed attempts to fight off the EU’s right to be forgotten.

The French courts didn’t buy it. Nor did Belgian courts.

The US government has dropped a case against Apple that sought to compel the company to provide access to an alleged New York drug dealer's locked iPhone.

The Department of Justice said Apple's help was no longer necessary as the passcode had been obtained.

A similar case involving a phone used by the San Bernardino gunman was dropped when the FBI got help from a third-party to unlock the handset.

The DoJ denied either case was about setting a court precedent.

The cases revolve around cracking the four digital security number that accesses the phone without triggering a security feature that erases all data after 10 incorrect guesses.

Reasonable assistance

The FBI has not revealed who helped it to unlock the iPhone of San Bernardino killer Syed Rizwan Farook - but, last week, it emerged it had probably paid more than $1.3m (£900,000) for the service.

Farook and his wife killed 14 in San Bernardino, California, in December. Both were shot dead by police.

The FBI argued that it needed access to the phone's data to determine if the attackers worked with or were supported by other people and were planning other targets.

Meanwhile, in Massachusetts, Apple has been ordered to help the FBI gain access to data on an iPhone belonging to an alleged Boston gang member accused of shooting a rival.

The judge ordered Apple to give "reasonable technical assistance", but Apple has not complied.

According to Apple, it received more than 5,000 similar requests from the government in the first six months of 2015

Apple OS X· cyber crime· Smart Phone

US government drops another iPhone case against Apple

The US government has dropped a case against Apple that sought to compel the company to provide access to an alleged New York drug dealer's locked iPhone.

Reasonable assistance

Exclusive: Bangladesh Bank hackers compromised SWIFT software, warning to be issued

The attackers who stole $81 million from the Bangladesh central bank probably hacked into software from the SWIFT financial platform that is at the heart of the global financial system, said security researchers at British defense contractor BAE Systems.

SWIFT, a cooperative owned by 3,000 financial institutions, confirmed to Reuters that it was aware of malware targeting its client software. Its spokeswoman Natasha Deteran said SWIFT would release on Monday a software update to thwart the malware, along with a special warning for financial institutions to scrutinize their security procedures.

The new developments now coming to light in the unprecedented cyber-heist suggest that an essential lynchpin ofthe global financial system could be more vulnerable than previously understood to hacking attacks, due to the vulnerabilities that enabled attackers to modify SWIFT’s clientsoftware.

Deteran told Reuters on Sunday that it was issuing the software update “to assist customers in enhancing their security and to spot inconsistencies in their local database records." She said "the malware has no impact on SWIFT’s network or core messaging services."

The software update and warning from Brussels-based Swift, or the Society for Worldwide Interbank Financial Telecommunication, come after researchers at BAE (BAES.L), which has a large cyber-security business, told Reuters they believe they discovered malware that the Bangladesh Bank attackers used to manipulate SWIFT client software known as Alliance Access.

BAE said it plans to go public on Monday with a blog post about its findings concerning the malware, which the thieves used to cover their tracks and delay discovery of the heist.

The cyber criminals tried to make fraudulent transfers totaling $951 million from the Bangladesh central bank's account at the Federal Reserve Bank of New York in February.

Most of the payments were blocked, but $81 million was routed to accounts in the Philippines and diverted to casinos there. Most of those funds remain missing.

Investigators probing the heist had previously said the still-unidentified hackers had broken into Bangladesh Bank computers and taken control of credentials that were used to log into the SWIFT system. But the BAE research shows that the SWIFT software on the bank computers was probably compromised in order erase records of illicit transfers.

The SWIFT messaging platform is used by 11,000 banks and other institutions around the world, though only some use the Alliance Access software, Deteran said.

SWIFT may release additional updates as it learns more about the attack in Bangladesh and other potential threats, Deteran said. It is also reiterating a warning to banks that they should review internal security.

“Whist we keep all our interface products under continual review and recommend that other vendors do the same, the key defense against such attack scenarios is that users implement appropriate security measures in their local environments horse-guard their systems,” Deteran said.

Adrian Nish, BAE's head of threat intelligence, said he had never seen such an elaborate scheme from criminal hackers.

"I can't think of a case where we have seen a criminal go tothe level of effort to customize it for the environment they were operating in," he said. "I guess it was the realization that the potential payoff made that effort worthwhile."

A Bangladesh Bank spokesman declined comment on BAE'sfindings.

A senior official with the Bangladesh Police’s Criminal Investigation Department said that investigators had not found the specific malware described by BAE, but that forensics experts had not finished their probe.

Bangladesh police investigators said last week that the bank's computer security measures were seriously deficient, lacking even basic precautions like firewalls and relying onused, $10 switches in its local networks.

Still, police investigators told Reuters in an interview that both the bank and SWIFT should take the blame for the problems. "It was their responsibility to point it out but we haven't found any evidence that they advised before the heist," saidMohammad Shah Alam, head of the Forensic Training Institute ofthe Bangladesh police's criminal investigation department, referring to SWIFT.

THWARTING FUTURE ATTACKS

The BAE alert to be published on Monday includes some technical indicators that the firm said it hopes banks could useto thwart similar attacks. Those indicators include the IPaddress of a server in Egypt the attackers used to monitor useof the SWIFT system by Bangladesh Bank staff.

The malware, named evtdiag.exe, was designed to hide the hacker's tracks by changing information on a SWIFT database atBangladesh Bank that tracks information about transfer requests, according to BAE.

BAE said that evtdiag.exe was likely part of a broader attack toolkit that was installed after the attackers obtained administrator credentials.

It is still not clear exactly how the hackers ordered the money transfers.

Nish said that BAE found evtdiag.exe on a malware repository and had not directly analyzed the infected servers. Such repositories collect millions of new samples a day from researchers, businesses, government agencies and members of the public who upload files to see if they are recognized asmalicious and help thwart future attacks.

Nish said he was highly confident the malware was used inthe attack because it was compiled close to the date of the heist, contained detailed information about the bank's operations and was uploaded from Bangladesh.

While that malware was specifically written to attack Bangladesh Bank, "the general tools, techniques and procedures used in the attack may allow the gang to strike again,"according to a draft of the warning that BAE shared with Reuters.

The malware was designed to make a slight change to code ofthe Access Alliance software installed at Bangladesh Bank, giving attackers the ability to modify a database that logged the bank's activity over the SWIFT network, Nish said.

Once it had established a foothold, the malware could delete records of outgoing transfer requests altogether from the database and also intercept incoming messages confirming transfers ordered by the hackers, Nish said.

It was able to then manipulate account balances on logs toprevent the heist from being discovered until after the funds had been laundered.

It also manipulated a printer that produced hard copies oftransfer requests so that the bank would not identify the attack through those printouts, he said.

(Reporting by Jim Finkle in Boston. Additional reporting by Serajul Quadir in Dhaka.; Editing by Jonathan Weber and Martin Howell)

Computer Hacking· HACKING· Hacking Attacks

Exclusive: Bangladesh Bank hackers compromised SWIFT software, warning to be issued

BAE said it plans to go public on Monday with a blog post about its findings concerning the malware, which the thieves used to cover their tracks and delay discovery of the heist.

The cyber criminals tried to make fraudulent transfers totaling $951 million from the Bangladesh central bank's account at the Federal Reserve Bank of New York in February.

Most of the payments were blocked, but $81 million was routed to accounts in the Philippines and diverted to casinos there. Most of those funds remain missing.

The SWIFT messaging platform is used by 11,000 banks and other institutions around the world, though only some use the Alliance Access software, Deteran said.

Adrian Nish, BAE's head of threat intelligence, said he had never seen such an elaborate scheme from criminal hackers.

A Bangladesh Bank spokesman declined comment on BAE'sfindings.

THWARTING FUTURE ATTACKS

BAE said that evtdiag.exe was likely part of a broader attack toolkit that was installed after the attackers obtained administrator credentials.

It is still not clear exactly how the hackers ordered the money transfers.

It was able to then manipulate account balances on logs toprevent the heist from being discovered until after the funds had been laundered.

It also manipulated a printer that produced hard copies oftransfer requests so that the bank would not identify the attack through those printouts, he said.

(Reporting by Jim Finkle in Boston. Additional reporting by Serajul Quadir in Dhaka.; Editing by Jonathan Weber and Martin Howell)

New Wi-Fi Technology Can Double Speeds With a Single Antenna: Study

Researchers have developed a novel technology that can double Wi-Fi speeds with a
single antenna, a breakthrough that could revolutionise the field of telecommunications.

This is the first time researchers from Columbia University School of Engineering and
Applied Science have integrated a non-reciprocal circulator and a full-duplex radio on
a nanoscale silicon chip.

The team, led by Associate Professor Harish Krishnaswamy, developed the technology
that needs only one antenna, thus enabling an even smaller overall system.

"This technology could revolutionise the field of telecommunications," said Krishnaswamy,
director of the Columbia High-Speed and Mm-wave IC (CoSMIC) Lab.

"Our circulator is the first to be put on a silicon chip, and we get literally orders of
magnitude better performance than prior work," said Krishnaswamy.

"Full-duplex communications, where the transmitter and the receiver operate at the
same time and at the same frequency, has become a critical research area and now
we have shown that Wi-Fi capacity can be doubled on a nanoscale silicon chip with
a single antenna. This has enormous implications for devices like smartphones and
tablets," he said.

Krishnaswamy's group has been working on silicon radio chips for full duplex
communications for several years and became particularly interested in the role
of the circulator, a component that enables full-duplex communications where the
transmitter and the receiver share the same antenna.

In order to do this, the circulator has to "break" Lorentz Reciprocity, a fundamental
physical characteristic of most electronic structures that requires electromagnetic
waves travel in the same manner in forward and reverse directions.

"We wanted to create a simple and efficient way, using conventional materials,
to break Lorentz Reciprocity and build a low-cost nanoscale circulator that would
fit on a chip," said PhD student Negar Reiskarimian, who developed the circulator.

The traditional way of breaking Lorentz Reciprocity and building radio-frequency
circulators has been to use magnetic materials such as ferrites, which lose reciprocity
when an external magnetic field is applied.

But these materials are not compatible with silicon chip technology, and ferrite
circulators are bulky and expensive.

Krishnaswamy and his team were able to design a highly miniaturised circulator
that uses switches to rotate the signal across a set of capacitors to emulate the
non-reciprocal "twist" of the signal that is seen in ferrite materials.

Aside from the circulator, they also built a prototype of their full-duplex system - a silicon
IC that included both their circulator and an echo-cancelling receiver.

The research was published in the journal Nature Communications.

TECH NEWS