Tag: Brazil

Microsoft lifts its kimono for Brazilian conspiracy nuts

brazilSoftware king of the world Microsoft is going to show its source code to the Brazilian government to re-assure conspiracy nuts that it has no back doors which allow US spooks to spy on people.

Vole opened a centre in Brazil where officials can inspect its programming code, in an attempt to allay suspicions in the region that its software programs are vulnerable to spying.

It is the fourth ‘Transparency Centre’ that Vole has established and it is only a little bit transparent. It has reinforced walls and the sort of strict security settings a bank would be proud of.

Experts from Latin American and Caribbean governments can see the source code of its products.

To be fair, Edward Snowden revealed that the United States had been spying on Brazilian communications including those of former Brazilian President Dilma Rousseff.

Microsoft prevents anyone from copying the massive amount of coding on display – as much as 50 million lines for its email and server products. Viewers inspect copies of source code on computers connected only to local servers and cut off from the internet. The copies are later deleted.

Viewers can use software tools to examine the code, Microsoft said, but it was not immediately clear whether experts would be able to run deep code analysis necessary to uncover back doors or other bugs.

 

Brazilian coders create platform friendly malware

brazilBrazilians are a friendly bunch and now its hackers are starting to design malware on Java JAR files which can play nicely on all three major platforms, Mac, Linux, and Windows.

Virus vendor Kaspersky has spotted a few families of Java executables in the wild which don’t really care what operating system you use.

By packing malware as a JAR file, crooks are practically making sure their content will be executed on all targets, regardless of operating system.

True the Java engine needs to be installed on each victim’s computer for the malware to run, but given it is installed on 70-80 percent of computers that is pretty much a no-brainer.

According to Kaspersky, Brazil’s criminal underground seems to be the first one that has taken this step. At the moment they are running spam campaigns and banking trojans.

Right now, infections with these three malware families that use JAR files are popping up mainly in Brazil, but a large number of victims was also recorded in China and Germany, where Kaspersky says that local cyber-crime gangs are also experimenting with the same JAR-packing techniques.

Facebook executive locked up in Brazil

brazilSocial notworking site Facebook is furious that the Brazilian government has dealt with the fact that it ignored a court order by locking up its vice president for Latin America.

The Brazilian coppers wanted Facebook to co-operate with judicial orders related to a its messaging service Whatsapp, which operates separately from the Facebook platform. The case involved drug trafficking.

However it appears that the court felt that Facebook was not taking its court orders seriously and decided to lock up Diego Dzodan to focus the companies attention a little better.

Facebook called the detention of its vice president for Latin America “extreme and disproportionate measure.”

“Facebook has always been and will be available to address any questions Brazilian authorities may have,” the company said in an emailed statement.

 

Smart ID cards show flat growth

French revolutionary playing cardsGovernment investment in ID cards has been slow over the last two years and showed a somewhat flat growth of 2.4 percent in 2014.

According to ABI Research, only 10 million units shipped worldwide, with several governments canning the projects they’d projected.

Russia and Japan put their smart national ID card projects on ice while France decided to can smart driver licences and after being challenged by human rights activists, also decided not to issue a smart national ID card. Brazil also put a similar programme on hold.

ABI senior analyst Phil Sealy said the market for government smart ID cards will rely on renewals with flat growth expected this year and next.

Sealy said that from a vendor perspective, forecasting revenues is getting to be more difficult.

“Politics plays a major role in the overall success or failure of any project, further exacerbated by the majority of projects which are non-mandated and specific to one country which can ultimately be delayed or even cancelled at any given time.”

Sealy said that vendors need to be patient.

Brazil’s coppers don’t know what internet freedom means

It seems that Brazil’s coppers have not received the memo about the country’s much trumpeted internet privacy law.

Due to a secret lawsuit by the judiciary against Radio Muda, the oldest independent radio station working in Brazil, Saravá’s main server was confiscated this week.

Sarava is a research group that for the past 10 years has offered gratis technological infrastructure, political thinking and autonomous and secure communication resources to research groups and social movements.

Radio Muda has had its equipment confiscated once before and Prosecuting Attorney Edilson Vitorelli Diniz Lima from the Public Prosecutor’s Office has now signed a request for the server aiming for the radio’s site data that might identify its members.

But as Sarava pointed out, the server has no record that could identify its users as part of its Privacy Policy and even if it didn’t isn’t the server seizure against the internet privacy law?

The Marco Civil Internet Bill has just passed and Brazil is basking in the attention it received for standing up to US spooks and setting up its own internet privacy meeting. Brazil is even hosting a World International Internet Meeting.

Yet it seems that while Brazil is implementing state-of-the-art legislation towards Internet privacy, freedom and security, its government is attempting to steal data, undermining the privacy of research projects and free access to information –  just like the US.

Sarava says on its site that the decision of breaking the confidentiality of its communications following the Public Prosecutor’s Office lawsuit is disproportionate.

“We demand that the police attacks against the server of Saravá Group and its users’ data be brought to an immediate halt,” the site said.

What a pity there is not an internet privacy law to protect them — like the one Brazil has… oh. 

Brazil creates web user bill of rights

Brazil’s Congress passed an Internet privacy law which is similar to a web-user’s bill of rights.

The move follows the news that the US had been spying on Brazil’s president Dilma Rousseff for no other reason than it could.

The bill sets out principles, guarantees, rights, and duties for internet users, and internet service providers and aimed at balancing freedom of expression and the web-users’ rights to privacy and protection of personal data.

The legislation, dubbed Brazil’s “Internet Constitution,” has been hailed by experts, such as the British physicist and World Wide Web inventor Sir Tim Berners-Lee, for balancing the rights and duties of users, governments and corporations while ensuring the internet continues to be an open and decentralised network.

The legislation protects freedom of expression and information, establishing that ISPs will not be liable for content published by users, but they must comply with court orders to remove offensive or libellous material.

The bill also limits the gathering and use of metadata on internet users in Brazil.

What was interesting was that the law stopped short of what many in the US feared – namely that companies like Google and Facebook would have to store local users’ data in Brazilian data centres.

Instead, the bill says companies such as Google and Facebook will be subject to Brazil’s laws and courts in cases involving information on Brazilians, even if the data is stored on servers abroad.

Rousseff has spoken out forcefully against cyber-snooping revealed by US intelligence whistleblower Edward Snowden. The US eavesdropping targeted her staff’s communications and those of others at Petrobras, the state oil giant.

She was so piqued by the snooping that she cancelled a state visit to Washington scheduled for October and pushed for a UN resolution aimed at protecting “online” human rights. 

Brazil invests in robot security guards

While the country might be broke, Brazil is investing a fortune into the 2014 Fifa World Cup and is now spending $7.2 million to buy robot security guards.

The games will have a bit of a problem with security, partly because they will be a magnet for terrorists, but mostly because many people in Brazil are miffed that the government is spending so much dosh on the games.

According to IBTimes, more than 30 military grade robot security guards will help if things go pear-shaped.

The bots have been built by iRobot, a US-based company that makes domestic robots for consumers, as well as defence and security robots for the military.

They look a bit like Short Circuit’s Johnny Five and the versions ordered, the PackBot are one of the most successful battle-tested robots in the world.

Weighing just under 18kg, the remote-controlled robot fits in a backpack and comes with built-in flippers that rotate 360 degrees, so that the robot can climb stairs and rough terrain including rubble, rocks and logs.

It can survive two metre falls, be submerged in up to one metre of water and travels at a top speed of nine km/h.

The PackBot can perform different types of bomb disposal tasks and provide real-time video and other crucial information while performing surveillance of a life-threatening situation.

Apparently the Brazilians will be using them during all Fifa football matches to examine suspicious objects and to provide additional surveillance. 

UK businesses are pants when it comes to cyber security

The UK approach to cyber security is so rubbish that even the Americans beat us, according to a new survey from BT. BT doesn’t have a great track record on security, it must be noted.

The research was carried out by Vanson Bournem but commissioned by BT shows that Brits stick their hands in their ears and shout la la la when security is mentioned, despite recent government initiatives to boost awareness of the need for cyber security.

Only 17 percent of UK IT decision makers said cyber security was a major priority for their organisation, compared with 41 percent in the US.

Brazil, where 52 percent of respondents reported that their organisation is treating cyber attacks as a major threat is the best.

UK companies also spend less per year on training decision makers and increasing awareness around cyber risk and most of the time get turned over by their own employees.

Organised crime is seen as a cyber-threat by 53 percent of those who responded to the survey, while 45 percent fear cyber espionage from governments and nation states. Thirty-nine percent perceived cyber terrorism to be a risk to their organisation. Some 65 percent of respondents worldwide reported that non-malicious insider threats such as accidental loss of data were the biggest cyber threat.

Mark Hughes, CEO of BT Security (sic),  said that the research provides a fascinating insight into the changing threat landscape and the challenge this poses for organisations globally.

“The massive expansion of employee-owned devices, cloud computing and extranets, have multiplied the risk of abuse and attack, leaving organisations exposed to myriad internal and external threats – malicious and accidental.” 

Google has to hand over Street View data

The accountants at Google must be sweating in their boots after Brazilian judges ordered them to hand over private data collected through its Street View program.

So that Google gets the message how serious the judges are, it has been told that they will face a daily fine of $50,000, up to a maximum of $500,000 if they do not do what they are told.

Google pays more than $500,000 a day on stocking the vending machines at the Goolgeplex so it is not as if the outfit can’t afford to drag its feet on the order.

According to France 24, it looks like Google has a right to be stroppy about the court order too.

A few years ago, Google got into hot water over software in its Street View cars which were sniffing wi-fi data. That ended up in court and Google ended up paying a lot of money to make various court cases go away. It appeared to learn its lesson and swore never to do that again.

Now there is a complaint from the Brazilian Institute of Computer Policy and Rights (IBDI), Google is using car-borne software to access private wi-fi networks and intercept personal data and electronic communications.

IBDI pointed to similar occurrences in other parts of the world and demanded that Google reveal if it had engaged in such practices. You would think this is old news, and wonder why it took so long for the IBDI to get the case to court.

However, it turns out that this case is based on the recent outrage of NSA spying in Brazil. Targets included President Dilma Rousseff’s communications, those of state-run energy giant Petrobras and emails and telephone calls of millions of Brazilians.

Google has denied any link to the US electronic snooping, mainly conducted by the powerful National Security Agency (NSA) but Snowden revealed that Google’s fibre optic cable was being hacked.

The IBDI seems to think that Google’s street view is part of a plot by the NSA to snoop on Brazilians now.

Google told the court the debate on data collection took place in several countries ages ago and the case was now closed. 

Brazil's President calls for web freedom from USA dragnet

Fed up with US internet spying, Brazil says that it will set up a local internet and divorce itself from the world wide web.

President Dilma Rousseff ordered a series of measures aimed at greater Brazilian online independence and security on the internet.

She is miffed that the NSA intercepted her communications, hacked into the state-owned Petrobras oil company’s network and spied on Brazilians who entrusted their personal data to Facebook and Google.

According to Time magazine, analysts are worried that such moves are the beginning of the Balkanisation of the internet.

Sascha Meinrath, director of the Open Technology Institute was quoted as saying that the global backlash is only beginning and will get worse in coming months.

Brazil wants internet data to be stored locally.  But Meinrath said if that happens, it could break popular software applications and services and endanger the internet’s open structure.

It could be costly and encourage repressive governments to seek greater technical control over the internet to crush free expression.

Generally it is the countries advocating greater “cyber-sovereignty” wanting such control, with Western democracies led by the United States and the European Union in opposition. Of course the repressive nations can now say that is simply making it easier for Western countries to spy on them.

US digital security expert Bruce Schneier warned that moves from Brazil are likely to embolden “some of the worst countries out there to seek more control over their citizens’ internet. That’s Russia, China, Iran and Syria”.

Rousseff wants to build a underwater fibre optic cable directly to Europe and also link to all South American nations to create what it hopes will be a network free of US eavesdropping.

The reason for this is that there is a “common understanding” between Brazil and the European Union on data privacy, and “negotiations are underway in South America for the deployment of land connections between all nations”.

Other plans include building more internet exchange points to route Brazilians’ traffic away from potential interception.

Brazil’s postal service plans to create an encrypted email service that could serve as an alternative to Gmail and Yahoo.