Daily Archives: January 22, 2015

WhatsApp adds messaging from Web


The popular mobile messaging application WhatsApp, acquired by Facebook last year for nearly USD 22 billion, has unveiled a new service for sending messages from a Web browser.

WhatsApp, which claims some 500 million users, said its Web service will be a “mirror” and would require an Internet- connected phone to work.

“Our Web client is simply an extension of your phone: the Web browser mirrors conversations and messages from your mobile device – this means all of your messages still live on your phone,” WhatsApp said in a blog post.

The new messaging service currently only works with Google’s Chrome browser and will not be available to iPhone users “due to Apple platform limitations,” according to WhatsApp. Facebook in October completed its buy of WhatsApp in a stock-and-cash deal.

The acquisition highlighted the stunning growth of mobile messaging but also prompted analyst questions on the price paid by Facebook and future plans for the service.


Ranjan Social Services Dy Minister


UNP MP Ranjan Ramanayake has been appointed Deputy Minister of Social Services Welfare and Livestock Development a short while ago.

The Parliamentarian was one of the most vocal critics of the previous regime regarding alleged corruption, but was not appointed in the initial list of appointments.

Meanwhile a Cabinet Minister, a State Minister and three Deputy Ministers were sworn in by President Maithripala Sirisena at the Presidential Secretariat.

The new appointments are: Muslim Religious Affairs Minister Abdul Halim Mohammed Hazim; Mohamed Thumbi Hassan Ali as State Minister of Health; Wasantha Aluwihare as Deputy Minister of Mahaweli Development and Environment, Amir Ali Sahabdeen as Deputy Minister of Housing and Samurdhi Development and Mohammad Shariff Thoufeek as Deputy Minister of Internal Transport.


The Flaws in Obama’s Cybersecurity Initiative

President Obama’s new raft of proposals aim to address the growing concern that America is not taking tough-enough action against the increasing cybersecurity problem of nation-states and criminals (usually criminal gangs) attacking U.S. consumers and organizations. The evildoers’ motivation for doing so is most often money, but intellectual property is also being filched, and the internet is also being used for anything from identity theft to illicit political objectives.

The cornerstones of the proposal are to:

Prohibit the sale of botnets and similar tools
Give the courts the power to shut down networks assembled for cybercrime such as those involved in “distributed denial of service” (DDOS) attacks
Protect companies that share information with the government about computer threats from liability
He also calls for better cooperation between companies and the government when tackling cybercrime.

The problems are certainly real. We are losing on the battleground of cybersecurity. For example, the gains that IT contributed to the GDP of the Netherlands in 2014 were wiped out by the even larger cost of cybercrime. Cybercrime has now become widespread enough to be a drag on growth in many countries. By some estimates, it costs between $500 billion to $1 trillion worldwide. That’s bigger than the GDP of 75 countries combined.

But how much can any government do to address the problem of cybercrime? And will these proposals do anything to fix the situation in the U.S.? Many of the criminal gangs (and certainly nation-states) lurk beyond U.S. jurisdiction – or at least, beyond the capacity of law enforcement to track them down in large numbers. Therefore, criminalizing many of the activities and products associated with cybercrime is likely to have more symbolic value than actual effect.

This is a limitation that would be faced by any country’s government, except perhaps the one where the crooks live. Russia, for example, has an exploding underground cybercrime industry. Trend Micro’s findings are that you can buy a botnet outright for about $700, or rent one for an hour for $2 – enough time to do serious damage. Trojans that let you spy on incoming and outgoing texts will run you $350.

Every country now has its own special wares to peddle. Brazil is apparently the place to go if you’re in the market for some banking malware. China’s gangs have their own special portfolio to sell. In terms of the competition between Russia and the United States, the homes of the biggest criminal hosts, Russia is winning bigtime. In three months in 2012, Russia’s share of malicious hosts rose by around 10%, and the United States lost 10% of its bad boy computers. There’s ample evidence that for every cybercriminal activity that gets squashed in the United States, an offshore competitor takes it – at cheaper rates. And even those rates are falling fast as more players and countries compete for their share of the pie.

In other words, Obama’s proposals are tackling a problem that was already diminishing in the U.S. The bad guys that really cause problems for Americans (and everyone else) are beyond the long arm of the law.

But what of the part about encouraging companies to share information about cyberthreats with the U.S. Department of Homeland Security by offering them “targeted liability protection”? That has to be a good thing, right? Well, the thing is that it’s already happening. In the United States, many company groups already share information – without government involvement – concerning cyberattacks and threats.

Each of these industries is dealing with its own kind of ugly crook, looking to use its specialized expertise to exploit vulnerabilities peculiar to that industry. The Retail Cyber Intelligence Sharing Center has been up and running since last year, when some 30 large retail companies got together and decided to share information on threats with each other. The oil and gas industry are doing something similar through ONG-ISAC (an acronym likely brought to us by the spawn of the same marketing-savvy engineers that coined TCP/IP and PCMCIA). And FS-ISAC does the same thing for the financial services industry, a particularly important sector for Willie Sutton reasons.

It makes sense for companies to form their own cybersafety industry groups to combat their particular threats. Individual companies are also putting great effort into safeguarding their value, though the facts about and nature of their work is often secret.

A bigger issue is that cybercrimes are grossly under-reported and fear of liability is only one part of the problem. Companies just don’t see the governmental resources available to successfully prosecute the kinds of cybercrime they experience, and the track record probably supports that view. Why share information with the government if it won’t help your situation?

There are also hosts of not-so-wacky conspiracy theorists who worry about any governmental involvement with the internet. (Some of them actually think the government is using it to snoop on us!) They also worry that if Congress passes a bill when prompted by a crisis, there are almost always additional consequences: usually giving the government more power than we would like.

Nevertheless, a few things make this part of the proposals much more palatable. First, there are many cybercrimes that aren’t just industry specific. Lots of nasty stuff would simply fall through the cracks if left to individual industries. We might not see innovations and changes that affect all of us, and we not might be as good at communicating new general threats more publicly.

For example, the fastest growing malware targets smartphones. With the right hack, your phone can be used to bug you or see what its camera sees. Not a great sales pitch for a conflicted phone industry. How about cars getting hacked? What about Skype-enabled TVs peering into thousands of homes and the streams being sold on the dark web? We might want companies to share that kind of information with the government – and us – without too much fear of reprisal.

Probably more important than our internet-of-everything gadgets are the power, water, sewage, manufacturing and transportation networks. A surprise, broad attack might put us, if only temporarily, somewhere between now and the Middle Ages. And even though governments are trying hard to protect this infrastructure, we’d probably want any hint of a private breach likely to be correlated with a broad-scale, warfare-like attack shared centrally (sooner rather than later).

In summary, I believe Obama’s proposals are well-intentioned. Information sharing is, on balance, a good thing. They at least start to address a set of problems that will impact the next generation even more than ours and may be the basis for some fundamental research. But I just doubt that they will be very effective in combating cybercrime.

So what is the answer? We know it is a global problem requiring a global solution. We know we need more global cyber capacity to fight cybercrime. International cooperation is critical. Global information sharing is also important – and we are doing some of it. A better understanding of the psychology of how insiders are coaxed, blackmailed, or tricked into sharing access to their computer systems would help organizations defend themselves. Good technology exists and will help, if we use it. Most important is education: Everyone – individuals, employees, companies, and boards of directors – needs to understand the new dangers.

One of the best results of Obama’s initiative may be to put the cybercrime issue a little higher on everyone’s agenda. If it spurs more good guys to learn and focus on the challenges, this second-order effect may have the greater impact.


Sirisena Government Probing Defense Ministry’s Shady Deals

COLOMBO: The Sri Lankan government has ordered investigations into the shady deals of the Ministry of Defense under the stewardship of the former Defense Secretary Gotabaya Rajapaksa, one of the brothers of defeated Lankan President Mahinda Rajapaksa.

Stating this at a media briefing here on Wednesday, cabinet spokesman Rajitha Senaratne said that the discovery of huge caches of sophisticated arms and ammo from a vessel in Galle and at a conference center in Colombo, has revealed that the Ministry of Defense under Gotabaya Rajapaksa may have been involved in unlawful and questionable dealings with a political dimension.

The Military Spokesman said that the vessel and the arms belong to a Lankan Defense Ministry-owned sea security firm Rakna Lanka Ltf (RALL) involved in anti-piracy operations on the East African coast. The firm is not involved in any unlawful activity on land in Sri Lanka, he added. But the Maithripala Sirisena regime suspects that the weapons might have been used for rigging the hard-fought January 8 Presidential election.

Spokesman Senaratne pointed out that RALL had been subcontracting its job to smaller security companies in Sri Lanka, which it was not supposed to do.

Meanwhile, the Police spokesman, Ajith Rohana, said that the number of weapons actually found on the ship and at the Bandaranaike International Conference Hall in Colombo did not tally with the numbers stated in the books of the company. Officials of the company said that they had been issued out. Police are seeking details as to which other parties are involved and as to whether all the weapons are licensed.

TV programs showed foreign men moving about in Galle harbor with arms, when the law says that the arms given to the company cannot be brought to land without express permission.

Senaratne further said that the Defense Secretary should not have put the money his Ministry had earned from the sale of one its properties in Colombo, into a bank account operated by the Ministry. The money should have been credited to the Consolidated Fund of Sri Lanka and withdrawn as and when necessary. What had been done was an irregularity raising several questions, he said.


Sirisena Drops All Charges Against Fonseka

COLOMBO: Sri Lankan President Maithripala Sirisena on Wednesday issued a special order to immediately drop all charges leveled against former Army Commander Sarath Fonseka, and restore his rank as a General, his medals and decorations; as well as his pension and civic rights.

Rendering justice to Fonseka, the hero of Eelam War IV who was victimized by the Mahinda Rajapaksa regime, was one of Sirisena’s pledges in the run up to the January 8 Presidential election.

Fonseka’s Democratic National Alliance (DNA) was a part of Sirisena’s joint opposition National Democratic Front (NDF).

After being hailed as the one of the best military commanders in the world, Fonseka was tried by two Courts Martial and sent to jail for 30 months in one case and three years in another. But he served only two years because of international pressure which reached its high point in 2012 when US Secretary of State, Hillary Clinton, took up the issue of his release with the visiting Lankan Foreign Minister G.L.Peiris.

But the Mahinda Rajapaksa government would not restore Fonseka’s civic rights, his rank, decorations and pension.

Fonseka had begun as a favorite of the Rajapaksa regime, and had a free hand in conducting the 2006-2009 Eelam War IV. But he fell out with President Rajapaksa and his brother Defense Secretary Gotabaya Rajapaksa after the war. Suspecting that Fonseka had plans to stage a military coup, President Rajapaksa relieved him of the command of the army and made him Chief of Defense Staff with no power to command.

But when the Lankan Presidential election came in January 2010, Fonseka resigned and contested the election as a joint opposition candidate. During the campaign, he charged that Defense Secretary Gotabaya Rajapaksa had ordered the killing of a group of LTTE leaders who had come to surrender. This “an anti-national” statement caused his electoral defeat.

However, the Rajapaksa brothers pursued Fonseka even after his defeat. Courts Martial were set up to try him for irregularities in procurement; attempting to stage a coup; using deserters; and making false and anti-national statements.

But in the eyes of the world, these were Kangaroo Courts and calls for Fonseka’s release came thick and fast.

He got a Presidential pardon and was released in May 2012. But his rank, decorations, pension and civic rights remained suspended.

Earlier, in October 2010, Fonseka had to forfeit his seat in parliament after he was sentenced by a Court Martial. Undaunted by defeat in the January 2010 Presidential election, he had contested the 2010 parliamentary elections from Colombo district and won a seat.


%d bloggers like this: