Always Free To Place a Hit On Someone
D-Link, TP-Link and Netgear have all been forced to issue emergency patches; attacks in Poland have enabled criminals to intercept traffic between home users and their banks; 300,000 routers have been compromised worldwide by an unknown intruder, according to security firm Team Cymru.Once you’ve gained access to the system, there’s such a complete lack of security measures that you can replace the entire OS that runs on the routersOnce you’ve gained access to the system, there’s such a complete lack of security measures that you can replace the entire OS that runs on the routersUnderlining the threat, Tripwire research has revealed that 80% of small-office/home-office (SoHo) routers have exploitable flaws – yet only half of IT professionals have updated their firmware. The situation is only set to become worse. F-Secure security advisor Sean Sullivan warns: “Once the idea is out there, it will take root and grow.” So what can we do to protect ourselves?Router attacks are serious because they allow hackers to monitor and interfere with communications between you and your online destination, be that PayPal, a bank or your work email.“It’s powerful because you’re sitting at the gateway,” explained a Team Cymru researcher, who asked not to be named for security reasons. “You could easily install malware; start filtering the traffic for logins, then redirecting people and stealing banking credentials.”There’s almost nothing holding back attackers from doing as they please. “Once you’ve gained access to the system, there’s such a complete lack of security measures that you can replace the entire OS that runs on the routers,” noted Tripwire researcher Craig Young.Routers are a valuable target because they typically give attackers access to all the devices in a household.“If you change the DNS settings in a laptop, you’ve only got that one laptop,” said Dr Johannes Ullrich of the SANS Technology Institute.
“If you change them on the router, you have every single system behind that router, and that makes it more attractive – particularly as people use more mobile devices and tablets.”Weak router security is a threat to businesses, too. When an employee works from home, many businesses – be they SMBs or large enterprises – wisely provide VPN access and a work-only laptop. If the router is compromised, however, such security measures are wasted.“A VPN client can be intercepted,” warned Tripwire’s Young. “It can expose the credentials that they’re using to log on to their work email.If you have an employee working from home using a laptop that you’ve provided, you should also consider giving them the wireless access point that you would use in your business environment, since such devices will have been vetted for security.”What’s causing it?The researchers PC Pro spoke to were in agreement as to why router attacks are increasing. Traditional attacks that target laptops and other clients are becoming harder, “forcing the bad guys to explore new avenues”, in the words of Steve Santorelli, director of global outreach at Team Cymru.Routers, conversely, typically have weak security. People don’t change their default passwords, they don’t lock down their settings and they don’t install updates.Nvidia has detailed its new quad-core Tegra 3 chipset, confirming plans to target the laptop market.Nvidia said the new chipset offers five times the processing power and three times the graphics performance of its predecessors.As well as its obvious uses in tablets and smartphones, Nvidia also confirmed its plans to introduce laptops using the new chipset.The chipset, which Nvidia says is the world's first mobile quad-core part, is built on ARM's Cortex A9 architecture - the same design used in Tegra 2, Apple's A5 and the Samsung Galaxy S II - with each core capable of a top speed of 1.4GHz.As well as improving performance across phones and tablets,
… we’ve got a small favour to ask. More people are reading the Guardian than ever, but far fewer are paying for it. Advertising revenues across the media are falling fast. And unlike many news organisations we haven’t put up a paywall – we want to keep our journalism as open as we can. So you can see why we need to ask for your help. The Guardian’s independent, investigative journalism takes a lot of time, money and hard work to produce. But we do it because we believe our perspective matters – because it might well be your perspective, too.If everyone who reads our reporting, who likes it, helps to support it, our future would be much more secure.A Clinton Foundation laptop and a thumb drive used to archive Hillary Clinton’s emails from her time as secretary of state are missing, according to FBI notes released on Friday.
Clinton emails recovered by FBI to be released just before election day
The phrase “Clinton could not recall” litters the summary of the FBI’s investigation, which concluded in July that she should not face charges. Amid fierce Republican criticism of the Democratic presidential candidate, the party’s nominee, Donald Trump released a statement which said “Hillary Clinton’s answers to the FBI about her private email server defy belief” and added that he did not “understand how she was able to get away from prosecution”.The FBI documents describe how Monica Hanley, a former Clinton aide, received assistance in spring 2013 from Justin Cooper, a former aide to Bill Clinton, in creating an archive of Hillary Clinton’s emails. Cooper provided Hanley with an Apple MacBook laptop from the Clinton Foundation – the family organisation currently embroiled in controversy – and talked her through the process of transferring emails from Clinton’s private server to the laptop and a thumb drive.“Hanley completed this task from her personal residence,” the notes record.
The devices were intended to be stored at Clinton’s homes in New York and Washington. However, Hanley “forgot” to provide the archive laptop and thumb drive to Clinton’s staff.In early 2014, Hanley located the laptop at her home and tried to transfer the email archive to an IT company, apparently without success. It appears the emails were then transferred to an unnamed person’s personal Gmail account and there were problems around Apple software not being compatible with that of Microsoft.The unnamed person “told the FBI that, after the transfer was complete, he deleted the emails from the archive laptop but did not wipe the laptop. The laptop was then put in the mail, only to go missing. [Redacted] told the FBI that she never received the laptop from [redacted]; however, she advised that Clinton’s staff was moving offices at the time, and it would have been easy for the package to get lost during the transition period.“Neither Hanley nor [redacted] could identify the current whereabouts of the archive laptop or thumb drive containing the archive, and the FBI does not have either item in its possession.”
Clinton’s use of a private email server while in office has dogged her presidential campaign. The FBI has been criticised by Democrats for taking the rare step of publishing its account of confidential interviews with Clinton and others from the recently closed investigation, which found her to have been “extremely careless” in her handling of classified information. Hopes that this would draw a line under the issue, however, appear to have been dashed.
The FBI identified a total of 13 mobile devices associated with Clinton’s two known phone numbers that potentially were used to send emails using clintonemail.com addresses.The 58 pages of notes released on Friday, several of which were redacted, also related that Hanley often purchased replacement BlackBerry devices for Clinton during Clinton’s time at the state department. Hanley recalled buying most of them at AT&T stores in the Washington area. Cooper was usually responsible for setting them up and synching them to the server.Clinton’s closest aide, Huma Abedin, and Hanley “indicated the whereabouts of Clinton’s devices would frequently become unknown once she transitioned to a new device”, the documents state. “Cooper did recall two instances where he destroyed Clinton’s old mobile devices by breaking them in half or hitting them with a hammer.”The notes also contain a string of admissions by Clinton about points she did not know or could not recall: “When asked about the email chain containing ‘(C)’ portion markings that state determined to currently contain CONFIDENTIAL information, Clinton stated that she did not know what the ‘(C)’ meant at the beginning of the paragraphs and speculated it was referencing paragraphs marked in alphabetical order.”Clinton said she did not pay attention to the difference between top secret, secret and confidential but “took all classified information seriously”. She did not recall receiving any emails she thought should not have been on an unclassified system. She also stated she received no particular guidance as to how she should use the president’s email address.In addition, the notes say:
“Clinton could not recall when she first received her security clearance and if she carried it with her to state via reciprocity from her time in the Senate. Clinton could not recall any briefing or training by state related to the retention of federal records or handling of classified information.”Clinton was aware she was an original classification authority at the state department, but again “could not recall how often she used this authority or any training or guidance provided by state. Clinton could not give an example of how classification of a document was determined.”Nor could she recall any specific briefing on how to handle information associated with special access programme information.“Clinton could not recall a specific process for nominating a target for a drone strike,” the notes say.According to the notes, on 23 January 2009 Clinton emailed her predecessor, Colin Powell, to ask about his use of a BlackBerry. In his response, Powell told Clinton that if it became “public” that she was using a BlackBerry to “do business”, the emails could become “official records[s] and subject to the law”.Powell wrote: “Be very careful. I got around it all by not saying much and not using systems that captured the data.”Clinton told the FBI she understood Powell’s comments to mean that any of her work-related communications would be records of the government and “did not factor” the comments “into her decision to use a personal email account”, the documents say.The release also includes technical details about how the server in the basement of Clinton’s home in Chappaqua, New York, was set up.Clinton’s critics seized on the latest revelations.
Trump’s full statement read: “Hillary Clinton’s answers to the FBI about her private email server defy belief. I was absolutely shocked to see that her answers to the FBI stood in direct contradiction to what she told the American people. After reading these documents, I really don’t understand how she was able to get away from prosecution.”Jason Miller, senior communications adviser to Trump, said: “Hillary Clinton is applying for a job that begins each day with a top secret intelligence briefing, and the notes from her FBI interview reinforce her tremendously bad judgment and dishonesty.“Clinton’s secret email server was an end run around government transparency laws that wound up jeopardizing our national security and sensitive diplomatic efforts.”
He added: “Clinton’s reckless conduct and dishonest attempts to avoid accountability show she cannot be trusted with the presidency and its chief obligation as commander-in-chief of the US armed forces.”The House speaker, Paul Ryan, said: “These documents demonstrate Hillary Clinton’s reckless and downright dangerous handling of classified information during her tenure as secretary of state. They also cast further doubt on the justice department’s decision to avoid prosecuting what is a clear violation of the law. This is exactly why I have called for her to be denied access to classified information.”Reince Priebus, chair of the Republican National Committee, said: “The FBI’s summary of their interview with Hillary Clinton is a devastating indictment of her judgment, honesty and basic competency. Clinton’s answers either show she is completely incompetent or blatantly lied to the FBI or the public.“Either way it’s clear that, through her own actions, she has disqualified herself from the presidency.”The Clinton campaign insisted that it was pleased the notes had been made public. Spokesman Brian Fallon said: “While her use of a single email account was clearly a mistake and she has taken responsibility for it, these materials make clear why the justice department believed there was no basis to move forward with this case.”