Tag: aussie

EFF sues Aussie patent troll

The Electronic Frontier Foundation (EFF) has sued an Australian patent troll which it previously awarded the  “Stupid Patent of the Month: Storage Cabinets on a Computer.”

Last year Global Equity Management (SA) Pty. Ltd. (GEMSA), managed to get an Australian court to order EFF to remove the post, but the EFF told the court to sod off.

In January 2017, Pasha Mehr, an attorney representing GEMSA, further demanded that the article be removed and that EFF pay $750,000. EFF still did not comply.

Instead it filed in federal court in San Francisco on Wednesday, and asks that the American court declare the Australian ruling unenforceable in the US, because the Australian ruling runs afoul of free speech protections granted under the United States Constitution.

GEMSA attorneys have threatened to take this Australian court order to American search engine companies to deindex the blog post, making the post harder to find online.

The EFF’s Stupid Patent of the Month campaign began back in August of 2014.  GEMSA won the title with US Patent No. 6,690,400 (the ’400 patent), claims the idea of using “virtual cabinets” to graphically represent data storage and organisation.

GEMSA is incorporated in Australia and appears to have no business other than patent litigation. The patent began its life with a company called Flash VOS. This company once offered a product that allowed users to run multiple operating systems on personal computers with x86-compatible processors.

In the past year, GEMSA has sued dozens of companies, ranging from Airbnb to Zillow. In each case, it makes the assertion that the defendant’s website infringes the ’400 patent. For example, it simply states that “AIRBNB maintains, controls and/or operates a website with a graphical user interface (“GUI”) at www.airbnb.com that infringes one or more claims of the ‘400 patent”.

In his initial letter to EFF dated August 26, 2016, Mehr dubbed the blog post as “defamatory, false, and malicious slander”.

By October 2016, GEMSA’s director, Schumann Rafizadeh said that if the article was not immediately removed from EFF.ORG, and the defendant otherwise publishes or broadcasts the statements, GEMSA will sustain irreparable damage to its reputation and credibility.

The article’s continued publication and circulation through various common web search engines and other such websites is continuing to damage the reputation and credibility of GEMSA, which it critically relies upon for its negotiations and ongoing discussions for the licensing arrangements and our Intellectual Property (IP), including the referenced patent.

In other words ,if EFF says it is just a patent troll it might make it harder to squeeze money from other companies. Indeed, in a second affidavit, Rafizadeh admitted that its business and legal tactics were meeting some resistance for the first time. US Defendants have joined and instated two lnterparte Proceedings against GEMSA in the United States.

As EFF has made no appearance before an Australian court, GEMSA was likely able to be granted the default judgement against the organization—the removal of the purportedly offending blog post. Six months later, the EFF post remains.

Aussie teen hacker arrested for helping government

An Aussie teen hacker is regretting helping a government website fix a security hole after the company in charge of the site reported him to the fuzz.

Joshua Rogers, a 16-year-old in the state of Victoria, found a basic security hole that allowed him to access a database containing sensitive information for about 600,000 public transport users who bought stuff through the Metlink web site run by the Transport Department.

The site was important because it is the primary site for information about train, tram and bus timetables. The database contained the full names, addresses, home and mobile phone numbers, email addresses, dates of birth, and a nine-digit extract of credit card numbers used at the site.

According to The Age newspaper Rogers contacted the site after Christmas to report the vulnerability but never got a response. He decided to call The Age and when a hack rang the Transportation Department for comment, it reported Rogers to the police.

The paper did not say how Rogers accessed the database, but says it was a doddle. It was probably a SQL injection vulnerability, as this is the tool of choice to breach web sites and gain access to backend databases.

The Aussie police have a history of slapping the cuffs on people who reveal security vulnerabilities. In 2011, Patrick Webster suffered a similar consequence after reporting a website vulnerability to First State Super, an Australian investment firm that managed his pension fund.

Webster was arrested after he wrote a script to download about 500 account statements to prove to First State that its account holders were at risk. First State responded by reporting him to police and demanding access to his computer to make sure he’d deleted all of the statements he had downloaded.

Rogers said that the police have not contacted him and that he only learned he had been reported to the police from the journalist who wrote the story for The Age.

Still he is probably regretting doing the decent thing and reporting the flaw. 

Aussie spooks blow cover on Facebook

Daft Aussie spooks are blowing their cover by announcing what they do for a living on social notworking sites.

While the move might be about getting Pussy Galore, it is proving to be a gold mine for foreign spooks who want to know who to keep an eye on.

A survey by Fairfax Media found that while in the good old days you would not be able to find out what a spook did without a lot of torture, or a honey trap,  more than 200 former and present intelligence officers have disclosed their classified employment in profiles on LinkedIn, other professional networking sites and social media including Facebook and Twitter.

Most of them only said that they are hired by agencies including the top secret Defence Signals Directorate and the Defence Intelligence Organisation, but some have revealed details about their work.

This included work at specific intelligence facilities, overseas postings and liaison with allied intelligence agencies, linguistic expertise indicating particular intelligence targets, and involvement with specific issues and information technology systems. None of them fessed up to wet work, black ops or bumping off men with Golden Guns.

But the security problem does not really stop at Australia. One officer told of his postings to Britain’s Government Communications Headquarters in Gloucestershire and GCHQ’s Composite Signals Station in Cornwall and a posting to the US National Security Agency at Fort Meade, Maryland.

Some have told of their specialist knowledge of counter-terrorism, telecommunications and aerospace.

Lightly clad Aussie woman caught US hacker

Pictures of a half naked Aussie woman led to the arrest of a hacker who broke into law enforcement and government websites in the United States.

Higinio Ochoa III was apparently good at breaking into police websites, but when it came to half-naked Australian women he met his Waterloo.

Ochoa, who was a member of an Anonymous off-shoot, has been charged by the FBI with hacking into the websites of at least four US law enforcement websites

The Sydney Morning Herald said he was caught when a headless photo of a bikini-clad woman in Wantirna South, holding a message taunting US authorities, was published online.

According to the FBI, a Twitter account with the name @AnonW0rmer pointed followers to a website where the information lifted from the law enforcement websites could be found.

At the bottom of the website was a photograph of a woman who was Ochoa’s Australian girlfriend. She was holding a sign saying “PwNd by w0rmer & CabinCr3w <3 u BiTch’s”.

The picture contained data which showed it was taken by an iPhone. The iPhone data contained GPS co-ordinates which showed the Wantirna South street and house where it was taken.

Then there was another link on the Twitter account pointing followers to a website that railed against oppression by police departments around the world.

That featured a picture of a woman with a sign stating “We Are ALL Anonymous We NEVERForgive. We NEVER Forget. <3 @Anonw0rmer”.

The picture was the same woman and the FBI found two references to the pseudonym ”w0rmer” on unconnected internet sites, one of which had Ochoa’s name alongside it.

It was then a matter of putting his apartment under surveillance.

But actually what finally linked it all together was when the FBI found Ochoa’s Facebook page, on which he named an Australian woman as his girlfriend. It turned out that she was the woman in the photo taken in South Wantirna.

She is now in the United States with Ochoa, who will appear in court this week.