Lawsuit against Google over Gmail faces hurdle, U.S. judge says

(Reuters) - A U.S. judge on Thursday said some plaintiffs accusing Google of improperly scanning their email faced a significant hurdle in their attempt to move forward with the lawsuit as a class action.

Litigation brought by nine plaintiffs, some Gmail users, some not, was consolidated before U.S. District Judge Lucy Koh in San Jose, California, last year. The plaintiffs maintain Google violated several laws, including federal anti-wiretapping statutes by systematically crossing the "creepy line" to read private email messages in order to profit, according to court documents.

The case is being closely watched as it could alter how tech companies provide email service.
Koh must decide whether the lawsuit can proceed as a class action, which would allow the plaintiffs to sue as a group and give them more leverage to extract a larger settlement. However, at a hearing on Thursday, Koh said plaintiff attorneys faced a "huge hurdle" to show that non-Gmail users were entitled to class action status.

Google argues in court papers that the identity of impacted non-Gmail users can only be ascertained by sending an email notice to all non-Gmail users whose addresses are on file in Google's systems, and then sifting through the responses. That kind of procedure would be unprecedented and unworkable, Google argued.

Koh did not issue a formal ruling on Thursday. A group of media companies, including Reuters, has asked Koh to make public several documents that both sides submitted to the court under seal. Koh has not yet ruled on that request.

The case in U.S. District Court, Northern District of California is In Re: Google Inc. Gmail Litigation, 13-md-2430.

British man charged with hacking Federal Reserve computers

(Reuters) - A British man has been charged with hacking into computer servers belonging to the U.S. Federal Reserve, and then widely disclosing personal information of people who use them.
Thursday's charges against Lauri Love were announced four months after he was arrested in England, and accused by U.S. and British authorities of hacking into various U.S. government computer systems, including those run by the military.

According to the latest indictment, Love, who is in his late-20s, worked with other hackers from October 2012 to February 2013 to infiltrate the Federal Reserve's system.
The Suffolk resident allegedly used a hacking method called a "sequel injection" to access names, email addresses and phone numbers, and then post the stolen information to a website he controlled after a prior hacking.

Prosecutors said Love boasted about his activity in a chatroom under names such as "peace" and "Smedley Butler," once saying he planned to "drop another little federal reserve bomb," meaning he would disclose confidential information.

"Lauri Love is a sophisticated hacker," U.S. Attorney Preet Bharara in New York said in a statement. "We place a high priority on the investigation and prosecution of hackers who intrude into our infrastructure and threaten the personal security of our citizens."
The extent of the theft was not immediately clear.

Last February, the Fed said one of its internal websites had been breached briefly, after a claim that hackers linked to the group Anonymous stole and published personal information on more than 4,000 U.S. bank executives.

Thursday's grand jury indictment charges Love with one count each of computer hacking and aggravated identity theft.

He faces a maximum of 10 years in prison on the hacking charge and another two years on the identity theft charge, if convicted.

A lawyer for Love could not immediately be reached. Jim Strader, a spokesman for the Federal Reserve Bank of Richmond, Virginia, declined to elaborate on the new charges. The U.K. Serious Frauds Office did not immediately respond to requests for comment.

In the earlier case, investigators said Love and three unnamed co-conspirators, including two in Australia and one in Sweden, infiltrated thousands of systems, including those of the Pentagon's Missile Defense Agency, the space agency NASA and the U.S. Environmental Protection Agency.
Criminal charges in that case were filed with the federal court in Alexandria, Virginia. Love has not entered a plea.

The New York case is U.S. v. Love, U.S. District Court, Southern District of New York, No. 14-cr-00126. The Virginia case is U.S. v. Love, U.S. District Court, Eastern District of Virginia, No. 13-mj-00657.

(Reporting by Jonathan Stempel in New York; Additional reporting by Jim Finkle in Boston and Guy Faulconbridge in London; Editing by James Dalgleish and Gunna Dickson)

'Bitcoin' becoming a bit too big; regulators scramble for norms

NEW DELHI: As Bitcoin becomes more popular day by day, regulators are getting worried about potential money laundering risks associated with this digital currency and its possible misuse by fraudsters to lure gullible investors into 'e-ponzi' schemes.

Adding to the challenges posed by Bitcoin before the regulators, this e-currency is already being accepted by some online retailers in countries like the US, China and a few others, for various purposes including pizza delivery.

Hardly three years into existence, Bitcoin has already become the world's most expensive currency with a per unit value of over $1,000 or about Rs 63,000, and it is posing all possible questions to regulators in India — whether to regulate it or not, who should do it, what should be the norms, how to regulate etc.

Those looking at this new phenomenon include almost all financial sector regulators as also agencies mandated to handle economic crimes, such as RBI, Sebi and various agencies under the Finance Ministry, a senior official said.

When contacted, an RBI spokesperson said, "As of now we don't regulate bitcoins, but are observing developments."

While regulators are tight-lipped about their plan of action, a senior official said that one possible way forward can be following the US, where authorities have decided to subject bitcoins to money laundering rules applicable to all other financial transactions in the country.

Regulators are also looking into claims being made by some entities of being registered bitcoin exchange providers, although they might have merely registered as a company with the Registrar of Companies with some generic business purposes.

Sources said that regulatory and enforcement authorities here are very much concerned about potential money laundering risks emanating from growing use of bitcoins. To make the things worse, this virtual currency has become the latest tool adopted by fraudsters who are promoting bitcoins as the next big investment products with unlimited returns.

A few complaints have already poured in about bitcoins being used by some operators in certain new-age and e-versions of multi-level marketing or ponzi schemes.

Regulators fear that this new phenomenon can give rise to a new kind of illegal investment schemes that could be very difficult to track and clamp down. This is because there is almost zero physical activity when dealing in bitcoins and nearly all transactions take place in the electronic format.

Being an 'open source' product, bitcoin can be mined by anyone through a complex computer software through solutions shared on an entire network, although the process is complex and such 'mining' can be done only on very powerful computers.

The huge surge in the valuation of bitcoins, from little over $200 to well past $1,000 during the last month, has certainly added to their investment profile and people are also getting attracted to it in India, which already has a few significant players offering bitcoin exchange service online in lieu of rupee or other currencies.

The collapse of another digital currency operator Liberty Reserve after charges of money laundering, as also the fall of a few other smaller digital currency exchanges in different parts of the world, have added to the concerns of regulators.

The US authorities have charged Liberty Reserve of operating as a global banker for criminals and of laundering over six billion dollar of crime proceeds. Incorporated in 2006, it had over a million users, including about one-fifth in the US.

Bitcoin came into existence in 2009 and the current number of bitcoin units generated so far stands at about 12 million. However, only a small number of bitcoins are being used for real commercial and retail purposes and a vast majority of exchanges are taking place due to speculative investment purposes.

Besides, the US authorities have already come across a few cases of bitcoin being used for illegal activities, including one case of payments for illicit drugs.

The PS4 Hacked? Sony Reacts to Jailbreak Tutorial, Plus Another Feature Hacked

Who knew that before the PS4 even had a full month to breathe in the hands of owners, a hack will come out and bring potential doom and chaos?

This is what the hacker Reckz0r may do if the damage that he did in Pastebin does not get resolved in the next few days.
So what may this exactly be?


It just so happens that Reckz0r seems to be trying to tick off Sony--as well as get back his fans' adoration--after a year of absence in the online hacking world. Now, Reckz0r did one of the unthinkables: hacking the PS4 to play pirated games.

GrahamCluley.com reports that the hacker has published a tutorial on how to jailbreak the PS4, which makes use of Orbis OS (as it is based on FreeBSD, an open source OS). Though Reckz0r does claim that he did not find the vulnerability himself, he is, in fact, the mind behind the PS4 tutorial hack, so much so that even Sony has started to give warnings.

Sony reacts--and it's not a pretty sight
According to the report, Reckz0r and Sony have already had a conversation using direct messaging in the official PlayStation Twitter account.

"No? We're giving you one day, to delete that Pastebin link you have recently posted, alongside with the files if you have uploaded them somewhere. It won't take us long to get you arrested if you're still going to proceed spreading the jailbreak. :) Take the Geohotz scenario as an example."

European Parliament Hit By Man-In-The-Middle Wi-Fi Attack

Public Wi-FI at the EU body shut down after attacks detected

On November 27, 2013 by Tom Brewster 0

The European Parliament has shut off its public Wi-Fi after it detected man-in-the-middle attacks scooping up users’ smartphone communications.

In a notice to workers, the European Parliament said people’s inboxes may have been compromised. Affected users have been contacted and told to change their passwords.

The body has also offered software certificates to users, allowing them to securely access the private European Parliament Wi-Fi network.

MITM attack on European Parliament

Man-in-the-middle (MITM) attacks see attackers sit on the same network as targets, sniffing traffic using tools like Wireshark. Hackers can then determine what software users are running to target vulnerabilities on victims’ devices, potentially allowing them to compromise phones.

“On the medium term the Parliament will take additional measures to further secure the communication to the Parliament,” a notice from the body read.

“This kind of attack can be performed at any place where you are connecting through a Wi-Fi network (hotel lobby, airport, train station, etc.) and it is therefore important that you only accept to connect through known secure Wi-Fi networks.”

A spokesperson from the European Parliament said the attack had taken place and that mailboxes of some MEPs and staff had been compromised.

“The Parliament’s internal IT systems were not hacked… The IT services are currently looking into which measures can further enhance the security of using a public Wi-Fi network for MEPs and staff,” the spokesperson said, in an SMS message sent to TechWeekEurope.

European bodies have been caught up in the Edward Snowden leaks, which revealed attacks on European Union offices and on telecoms supplier Belgacom from the US National Security Agency (NSA) and Britain’s GDCHQ

The European Parliament is carrying out an in-depth inquiry into the alleged widespread surveillance.

Jason Steer, EMEA product manager at security firm FireEye, said attacks over public Wi-FI were “a pretty common attack vector today”. “MITM attacks are becoming more and more popular to harvest user details,” Steer told TechWeekEurope.

“Putting up a free Wi-Fi spot today outside a coffee shop would quickly show people are happy to use any network, secure or not.

“We see cases every week of user credentials harvested using techniques as simple as this to begin the process of social engineering people and then attacks begin.”

Shhh!  Don’t look at our quiz on Whistleblowers and leaks!