Pavla Tolonen reports on the DDOS attacks that have crippled Twitter, the micro-blogging service.

Micro-blogging site Twitter crashed today leaving 24 million visitors without access to the website. Twitter was hit by numerous denial-of-service attacks (DDOS) at 3 PM (GMT), and while the website reappeared active for a time, it failed to allow users to log-in.

Described by The Guardian as the technological equivalent of ringing a door bell and draining the person who answers of a huge chunk of energy, the attack seems almost too harmless to be true.

It seems evident that hitting Twitter with such a vast amount of DDOS attacks would prepare a hacker, or indeed a team of hackers, for another coup, on another website which has far more valuable information. The age-old blackmailing technique is another DDOS attack favourite, shutting down whole websites before key events or fundraisers, and demanding a considerable fee to cease attacks.

Twitter has never been hit before, but perhaps it was just a matter of time since the company has grown exceptionally in the past year. London, according to Ofcom, is the most Twitter-subscribed city in the world with 2.4 million users.

Image Credit:barnoid

Clueless or cunning -  it’s hard to tell with Gary McKinnon. Pavla Tolonen weighs out all the elements.

The ever-important task of changing your passwords regularly may seem tedious, but this delicate task could easily be the most important thing you do in terms of online security - especially if you are the US government.

After being arrested in Britain in 2002, indicted for eight computer-related crimes in the US, and losing several British and European High Court appeals, Glasgow-born Londoner Gary McKinnon may now face a 70-year prison sentence for hacking into US government intelligence.

The 43-year-old, who has Asperger’s syndrome, claimed he was looking for the truth about Unidentified Flying Objects (UFOs), and could not resist the temptation of breaking into US governmental files after discovering clear loopholes in their security system. Many officials, he said, had simply ignored the need to change their default passwords – a classic rookie mistake.

McKinnon told the BBC in 2005: “I found out that the US military use Windows and having realised this, I assumed it would probably be an easy hack if they hadn’t secured it properly.” More recently he said he was on a “moral crusade”, leaving messages behind insulting the US security system. Clearly he was not concerned about disguising himself as he used his personal email address.

The US government has cited $800,000 (£487,000) worth of damage occurred between 2001 and 2002 because of McKinnon’s hacking – a figure which he disputes. The American authorities are particularly sensitive about the time proximity of the breech to the 11 September 2001 New York bombings.

McKinnon’s Asperger’s syndrome, a rare form of autism comprising of an obsessive nature and naivety regarding logical thinking, like consequential thinking, has been keenly noted by the press. Celebrities such as Trudy Styler and Sting have protested for his release on the grounds of him not being able to cope with prison like a “normal” person.

Although McKinnon has lost his final appeal against extradition, campaigners speaking on his behalf say Home Secretary Alan Johnson could use his clout with the American officials to influence the outcome. Johnson has denied this possibility, saying that this would be against the US-UK extradition laws. He’s probably right, as long as he can guarantee McKinnon will not be tried as a terrorist.

A website demanding he be tried in Britain, instead of the US, where his family and friends believe he will be treated like a terrorist and possibly sentenced for 70 years in prison, has been set up as www.freegary.org.uk. The Home Secretary told The Daily Telegraph that McKinnon would clearly not serve any sentence in a “supermax” prison.

Image credit: www.freegary.org.uk

The temptation to snoop online might be strong for some but it comes with a price. John Hillman on the latest celebrity malware vector

The internet provides opportunities to indulge our curiosity like never before; unfortunately this includes our capacity for snooping around in other people’s private lives, a less than admirable human trait.

Cyber criminals, never slow to recognise an opportunity, are more than aware of this fact and happily use our inherent nosiness to exploit gullible people into downloading malware with the simple promise of a video containing a naked celebrity.

It beggars belief that such a crude system actually works but even in 2009 it seems that there are still thousands of you out there who just can’t resist a click, no matter how unlikely the promise sounds to a rational mind.

Over in the US this has been emphasised by the recent appearance of a video reportedly showing an ESPN reporter called Erin Andrews cavorting around in her hotel room with no clothes on. Erin Andrews is apparently quite attractive – a sort of Hollywood version of Gabby Logan.

As you can imagine this caused quite a stir with US “sports” fans, so much excitement in fact that some of them actually awoke from their beef-and-cola comas long enough to start trawling the internet looking for said video.

What happened next? Malware, lots and lots of malware, downloaded via a link that promises the content once you have installed a video player. Many people (well, men probably) have been fooled by the use of a web page that looks like it belongs to CNN, lulling them into a false sense of security.

The lesson here is a very simple one: promise of naked celebrity + free video download = broken computer. You have been warned.

—————————————–

Image Credit: Robert.Montalvo

With more and more hotels offering free Wi-Fi services you may be tempted to take your laptop with you on holiday, but beware when using open networks, says. John Hillman

Free Wi-Fi is great, lounging around in your hotel room or on the beach, you can upload photos onto Facebook, give all your friends a real-time commentary on how much fun you’re having while they’re stuck waiting for a bus in the rain, and keep updated with sports without having to pay 3 Euro for an abridged copy of a dodgy newspaper.

But there are dangers when you log onto an open network, especially as hacking is now such big business and large open networks such as the ones found in hotels are a fertile hunting ground for hackers looking for personal information.

For extra safety whilst on holiday McAfee’s Tracy Mooney recommends taking the following precautions:

PC users

1. Make sure you have a current subscription to an anti-virus program and that it has a Firewall which McAfee Total Protection does have.
2. Make sure banking/financial passwords are different from any other passwords. Don’t save passwords so it automatically logs in
3. Before you log on, look for/ask for the exact name of the Wi-Fi you want to connect to so you don’t connect to a hacker instead.
4. Turn off automatic connection to a network so your computer doesn’t connect without your knowledge. (It also saves battery life.)
5. Only log on to bank/financial sites when you are on a secure connection such as at home.

Mac Users

1. Make sure banking/financial passwords are different from any other passwords. Don’t save passwords so it automatically logs in!
2. Check your settings:
• Go to network Preferences > By Default > join “preferred networks”. Edit your preferred network SSID’s to include only trusted sources.
• Next click “Options,” and make sure “ask before joining an open network” is selected.
• Check the “Require Administrator Password to change networks” box, and deselect the option to automatically add new networks to the preferred list.

——————————————————————————

Image Credit: pink fish13