stories filed under: "trojans"
by Timothy Lee
Mon, Jan 28th 2008 11:24am
The Wikileaks project is starting to bear fruit, with documents leaked to the site beginning to get a lot of attention. The latest example is correspondence between the German government and a vendor (via Slashdot) that apparently makes software for intercepting Skype calls. Interestingly, the interception technology appears to be pretty primitive and rather expensive. The software has to be installed on the Skype client, and the vendor suggests that this can be accomplished by attaching a trojan to an e-mail or physically entering the premises to install the software on the target machine. And, evidently, only Windows 2000 and XP are supported; Vista support is still in the works. The company charges thousands of euros per target computer. This suggests that Skype's encryption technology is secure against at least the eavesdropping techniques available to the German government. Apparently they haven't found a way to decode encrypted Skype traffic off the wire, so they're forced to resort to these fairly cumbersome attacks on Skype clients -- attacks that are no more convenient for law enforcement than simply bugging the target's office. That suggests that the risk of comprehensive government surveillance of online telephony is still a fair ways off. If you encrypt your online activities, they're probably pretty secure. Of course, it's entirely possible that other government agencies, such as the NSA, have more sophisticated eavesdropping technology that they haven't shared with the Germans. My guess is that any government agencies possessing really sophisticated eavesdropping tools are also less likely to have their private documents show up on Wikileaks.
by Mike Masnick
Thu, Jan 3rd 2008 12:33am
Did It Really Take Over A Year For Security Companies To Realize That Iranian Prez's Blog Installs Trojans?
from the seems-a-bit-slow dept
Someone who apparently prefers to remain anonymous submitted to us the news that Israeli security companies are warning people to stay away from Iranian President Mahmoud Ahmadinejad's blog, as it installs some spyware. What struck me as odd about that story was that this is not news at all. In fact, it was widely reported in the weeks following the launch of Ahmadinejad's blog. The blog watches to see if your IP address is from Israel and then tries to install the spyware (if you're using Windows). So, why is it suddenly being reported in Israel that this is happening, when it was well known about a year and a half ago? Isn't that a little late to try to get the warning out?
by Mike Masnick
Thu, Nov 15th 2007 10:48am
from the no-extra-charge,-either dept
There have been plenty of stories this year about problems with Chinese manufacturing outlets, though, not many of them have touched on the technology industry. Now, however, Seagate is admitting that some of its hard drives that were made in China came with a trojan horse password sniffer pre-installed. It mostly targeted Chinese online games, but the one American game it included was the ever-popular World of Warcraft. On the plus side, the trojan also disables any other password stealing keyloggers that it finds. Seagate is now offering free copies of anti-virus software to customers impacted by this. In the meantime, experts suggest that you might want to format any new hard drives you get, just to be safe.