Category Archives: Security

Security

EU Forces Hungary to Change Media Censor Law

Leave a comment

Last year’s elections in Hungary brought the right-wing firmly into office with a “super majority”.

They set off making numerous changes to their laws and then on 20 December 2010 their Parliament decided that they should suppress dissent with fines and punishment for all media, including blogs.

The new law imposes restrictions on all public or privately owned media content, whether broadcast, print or web-based.

The National Media and Communications Authority (NMHH), established by the new legislation, has the authority to punish journalists on the basis of vague concepts such as “public interest”, “common morality”, “public order” and the “infringement of the obligation of balanced reporting”.

Media outlets that breach the law face fines ranging from EUR 35,000 to EUR 730,000, or even closure.

There are also concerns about the independence of the NMHH, whose president is appointed by the Prime Minister for nine years. The procedure to appoint the other members of the NMHH does not ensure plurality.

The right-wing shift of the government in Hungary already was a concern for other EU states but this law quickly became the focus of sharp criticism.

A tense [Hungarian Prime Minister] Orbán, sometimes bullish but often on the defensive, faced a two-hour hostile grilling by MEPs, who warned that Budapest was on a collision course with its European partners unless its media law is brought in line with EU values.

Pre-empting the attacks, Orbán warned: “Don’t mix up criticism of Hungarian internal politics with the Hungarian EU Presidency.” He added: “If you mix up, I’m ready to fight.”

This past Monday the Hungarian government showed signs of compromise. They made amendments to the law, but the Organization for Security and Co-operation in Europe (OSCE) says the changes are not enough; the law still violates EU regulations.

The law vests unusually broad powers in the politically homogeneous Media Authority and Media Council, enabling them to control content of all media. The legislation regulates broadcast, print and online media content based on identical principles. It leaves key terms undefined. It requires all media to be registered with the Media Authority. It punishes violations with high fines. It fails to guarantee the political independence of public service media.

The OSCE had sent a list of recommendations and guidance for Hungary to follow, which they also published online. Interesting test of the EU ability to bring a right-wing shift back to the center.

The news reminds me that when I traveled through Hungary very soon after the fall of Soviet rule I saw fresh black swastikas spray painted on many bridges and roads. The symbols of fascism became so prevalent, I was told after I left, that in 1993 the government tried to enact a ban.

Security

Contest Proves Browsers Have Flaws

1 Comment

Actually, I’d like to say that the CanSecWest contest proves again that Stuxnet was not a major engineering effort. But I’ll skip dragging up that controversy again and instead point to the obvious. Researchers have demonstrated that a browser running with superuser rights and no other controls/protections may have a vulnerability.

So make sure you use more controls than just the default browser and OS settings…the usual advice. Yes, it’s still true, software can have a security flaw that takes not much effort for a single engineer to find using fuzzing, debugging and memory analysis. Do not depend on it alone for security.

…it took him about two weeks to find the bug and set out to exploit it.

[…]

Wednesday’s event saw hackers take complete control of a fully patched Sony Vaio and MacBook Air by compromising IE and Safari respectively. Google’s Chrome browser was also up for grabs, but no one stepped forward to try hacking it.

Fully patched, but that’s all.

Wonder if Google is worried about what this says about market share and software adoption. Will they be able to stay above 10%? Recent data suggests IE6 dropped 10% in the past year but is still more common than Chrome.

Attackers used to ignore Apple when it was a small player in the market. Then it rocketed into target territory with several hugely popular products. Google must be frustrated to not have anyone step forward to want to attack them. Even their $20,000 add-on bonus was not enough to gather interest.

History, Security

BBC Journalists Tortured by Libyan Military

Leave a comment

A harrowing first-person account has been published by BBC journalists who were arrested and tortured in Libya. The role of identities in these conflicts is illuminating. Note for example that one of the three journalists, a Palestinian, receives the harshest treatment. The torturer seems to call out bad relations between Libya and Hamas, as well as a hatred for Al-Jazeera:

“He said something bad about Palestinians, a lot of bad things, and he asked his team what they thought about Palestinians and they said the same things. He thought they had helped the Palestinians a lot, but Hamas has given a very bad reaction to Gaddafi. Lots of bad language.

“When I tried to respond he took me out to the car park behind the guard room. Then he started hitting me without saying anything. First with his fist, then boots, then knees. Then he found a plastic pipe on the ground and beat me with that. Then one of the soldiers gave him a long stick. I’m standing trying to protect myself, I’m trying to tell him we’re working, I’m a Palestinian, I have a good impression of the country. He knew who we were [ie journalists] and what we were doing.

“I think there was something personal against me. They knew me and the sort of coverage I had been doing, especially from Tajoura the Friday before. I think they monitored the BBC and had an idea, not just the reports but also DTLs [interviews from the studio with a correspondent in the field]. They don’t like us or Al-Arabiya or Al-Jazeera.”

While in detention they had access to other prisoners and their stories.

…they had been arrested because their phone calls had been intercepted – including ones to the foreign media…

Then after days of beatings and interrogation by the military, they are sent to intelligence headquarters for review.

We were crammed in worse than sardines. The others were so badly beaten, and it was so full, that every time you moved someone screamed. They had mashed faces, broken ribs. We were handcuffed, really tightly, behind our backs.

The intelligence group changes the situation dramatically. The BBC journalists point out that things are cleaner, and more organized. Their description of their oppressors switches, from the above examples of basic and angry brutality, to something far more sinister.

A man with a small sub-machine gun was putting it to the nape of everyone’s neck in turn. He pointed the barrel at each of us. When he got to me at the end of the line, he pulled the trigger twice. The shots went past my ear.

“They all laughed as though it was very funny. There was a whole group of them in plain clothes.”

At this point a man “who spoke very good English, almost Oxford English” interrogates them and then they are released. Another man tells them “sorry it was a mistake by the military”.

It is hard not to notice the flow of identities in this story from an outsider view; a British man is left unharmed and even finds a commonality when facing Libyan intelligence, while an Arab is despised and brutalized. Differences between people obviously have been the source and focus of great tragedy in history, however differences are very relative. Another awful reality is seen here; the fear of espionage and civil war leads oppressors to treat those who we may see as similar to them far more brutally than those who are far more different. The integrity (papers, please) and confidentiality (networking) of communication in Libya today thus are issues of life and death.

Updated to add: below is a video released today of an American Congressman remembering an American 9/11 first responder who died while trying to help rescue people from the North Tower.

Muhammad Hamdani loved his country and sacrificed himself to help other Americans similar to himself, but other Americans have tried to denigrate him and hold his differences in contempt.

After Mr. Hamdani, 23, disappeared on Sept. 11, ugly rumors circulated: he was a Muslim and worked in a lab; he might have been connected to a terrorist group. Months later the truth came out. Mr. Hamdani’s remains had been found near the north tower, and he had gone there to help people he did not know.