Nokia gives in to Black Mail

It has been reported that Nokia had given into a hacker’s black mail and paid a huge sum of ransom to a hacker who threatened disclosure of an encryption key for the Symbian OS.

Report:

The incident reportedly took place back in 2007, when Nokia was still one of the world’s biggest handset manufacturers with a market share of around 50%, and Symbian was the main operating system for its devices. It’s not known how the blackmailer got hold of the key, but if it was made public, Nokia risked a huge security headache with the potential there for hackers to write malware for the OS.

The ransom paid is reported to be of the order of several million Euros.

The incident highlights the cost of security weaknesses in big corporates. Many times the mistakes would have been committed by one of the employees and the nature of the mistake could be very silly. however the consequences could be disastrous. A Good corporate management should therefore consider investment in security as a non negotiable aspect.

Those companies including major Banks in India who state in their security policy that “We shall follow such security practices as are commercially feasible” will have to understand that they are taking risks that may one day kill their organizations.

Naavi

Share Button
Print Friendly

US Supreme Court disallows Business Method Patents

In a major and welcome move, the Supreme Court of US has disallowed “Business Method Patents”.

Refer Here

The decision which holds the subject patent “a method for reducing the risk that the parties to a transaction will not pay what they owe” invalid for patent, opens up a debate on several other vague patents which have been granted in the past.

Though the decision states that it should not affect software patents, many software patents may also get challenged in the process.

The development is interesting and could be beneficial to the community in the long run.

Naavi.org has in the past discussed how IPR is often misused both under Copyright and Patent laws and argued for a more saner implementation. Perhaps the subject decision will help in rationalizing the IPR concept in the coming days.

Naavi

Share Button
Print Friendly

New Security Risk..data stolen through mobiles just with electromagnetic waves

A new Cyber Threat that is far ahead of the Stuxnet threat has been reported by security researchers.

Ref: here

This threat works through a mobile phone which is near a computer. The electro magnetic waves emanated by the phone and the computer during their regular operations establish a contact with which a malware is first introduced into the computer and then the computer transmits the data through FM frequency to the mobile and later sent through the mobile network to the hacker.

This means that no mobile phones can be allowed near a sensitive computer if this threat need to be eliminated.

 

Naavi

Share Button
Print Friendly

Loans Through SMS-Fraud Site Confirmed?

Naavi.org had brought to the notice of the public a website http://www.cgtmse-govt.in/ through its article http://www.naavi.org/wp/?p=1728.

We had remarked as follows:

There is an interesting website on the cyber space which promises all kinds of loans for which application can be made through SMS.

The site sports photographs of all Congress leaders including Mrs Sonia Gandhi, Dr Man Mohan Singh, Mr Pranab Mukherjee etc and claims to be a site of the Government of India.

Applications are sought through SMS at 09748643575

An investigation is required to find out if this is a fraudulent website and if so who is behind this fraud. The site is registered by a person in Siliguri and freely uses all Government symbols for promotion. It is possible that this could be another scam in which some of the politicians are involved.”

Subsequently several people have submitted comments. The most recent one is reproduced below since it is of interest to all.

vinod at wrote:

Hi, I am shocked,when I had call to CGTMSE Govt Head Office at Bandra.They told me our Govt site is http://www.cgtmse.in and we dont know about this site or schemes.We are inviting application through Bank only. I want to aware to all of you who are applied online to this site.Dont waste time and money. Its a fake site.I dont know intenstion of scammer.I search each and ever address which is mentioned in site there are no any office. The Officers contact nos are not receive call ever.So be aware and alert. Thanks”

I hope that all readers take note of this. I thank Mr Vinod for his efforts.

In the meantime I request the Government of India to take appropriate action to ensure that the scam if any is unearthed and perpetrators are brought to book.

Naavi

Share Button
Print Friendly

A Test for the Modi Government

Followers of this site are aware of the mission like pursuance of the undersigned regarding the activation of Cyber Judiciary system in the country which was paralyzed during the previous regime of Mr Kapil Sibal.

During the last three years of deliberate in-action by the Ministry of Communications and Information Technology (MCIT) many cyber crime victims have lost faith in the system. Even I have been unable to enthuse them despite several attempts with the Human Rights Commission and High Court.

Now Mr Modi has indicated his preference of E Governance as well as better Governance and hence we expect things to turn around for the Cyber Crime victims of India.

After posting an open letter through this site earlier, I have today sent an email to the Minister in charge of the MCIT. Whether this mail will be responded by the Minister (at the e-mail pace) or not will be a test of E Governance to the new administration.

The officials of the department remain the same as were under the administration of the previous regime and hence we need to keep our fingers crossed if there would be any positive change in the administration even after Mr Modi is the Prime Minister and the Ministers have been given freedom to operate. However, unless Ministers are able to exercise their individual acumen and control, changes will not be effective.

Let’s wait and watch if there is any change in the MCIT.

In the past, MCIT officials were deployed more to watch critical comments made by Netizens on Twitter, Facebook and Blogs and I suspect that this site was also under  watch.  We understand that the new dispensation may not be  “Fascist” as the previous regime and hence may fail to watch this site for criticism. But I hope they do watch for constructive suggestions. The request for quick attention on CAT is one such suggestion and I am watching the speed of response if any.

Naavi

Share Button
Print Friendly

Agenda for the new IT Minister

To

Mr Ravishankar Prasad

Minister of Communications and Information Technology

Delhi

 

Dear Sir,

I would like to place before him an action agenda for immediate implementation. 

1. The Cyber Apppelate Tribunal (CAT) which is the apex Cyber Judiciary body supervising 28+adjudicators all over India has been kept dysfunctional since June 2011 by the previous regime without appointing a chair person. This has shut off Cyber Judiciary in India from all Cyber Crime Victims.

I would request the new Minister to attend to this immediately. 

2.In order to effectively handle the Cyber Judicial requirements across the country there is a need for 

a) Immediate training of Adjudicating officers (who are IT secretaries in different State Governments) 
b) Setting up of “Roving and Regional Adjudicating Officers” who hold sittings in different cities of a State or a group of states. 
c) Setting up one or more of separate Magisterial Courts for Cyber Crime trials in each State or Union Territory

3. Introduction of “Cyber Crime Insurance” as a mandatory provision for Net Banking and for addressing E Commerce and E Governance frauds . Must be made mandatory for new Banking licenses.

4. Review of National Cyber Security Policies and its implementation mechanism 

5. Making necessary changes in ITA 2008 for safer Internet use and prevention of misuse by Police and curbing genuine freedom of speech.

6. Providing “Digital Signature ID” for all citizens of the country so that they can undertake legally valid online interactions including participating in national referendum on key citizen issues, filing of online FIRs etc 

7. E Consumer Protection through appropriate amendment of ITA 2008 and setting up of a National Netizen Rights Commission. 

8. Setting up of National and State level online open schools.

9. Guaranteed Internet access to all under affordable cost 

Many of the above thoughts have been expanded by the undersigned some times on this site and otherwise on other resources.

Looking forward to some positive and quick action from your end.

Regards

Naavi

Share Button
Print Friendly