Computer expert says US behind Stuxnet worm.

LONG BEACH, California (AFP) – A German computer security expert said Thursday he believes the United States and Israel's Mossad unleashed the malicious Stuxnet worm on Iran's nuclear program.
"My opinion is that the Mossad is involved," Ralph Langner said while discussing his in-depth Stuxnet analysis at a prestigious TED conference in the Southern California city of Long Beach.
"But, the leading source is not Israel... There is only one leading source, and that is the United States."
There has been widespread speculation Israel was behind the Stuxnet worm that has attacked computers in Iran, and Tehran has blamed the Jewish state and the United States for the killing of two nuclear scientists in November and January.
"The idea behind Stuxnet computer worm is really quite simple," Langner said. "We don't want Iran to get the bomb."
The malicious code was crafted to stealthily take control of valves and rotors at an Iranian nuclear plant, according to Langner.
"It was engineered by people who obviously had inside information," he explained. "They probably also knew the shoe size of the operator."
Stuxnet targets computer control systems made by German industrial giant Siemens and commonly used to manage water supplies, oil rigs, power plants and other critical infrastructure.
"The idea here is to circumvent digital data systems, so the human operator could not get there fast enough," Langner said.
"When digital safety systems are compromised, really bad things can happen -- your plant can blow up.
Most Stuxnet infections have been discovered in Iran, giving rise to speculation it was intended to sabotage nuclear facilities there. The worm was crafted to recognize the system it was to attack.
The New York Times reported in January that US and Israeli intelligence services collaborated to develop the computer worm to sabotage Iran's efforts to make a nuclear bomb.
Russia called on NATO in January to launch an investigation into the computer worm that targeted a Russian-built Iranian nuclear power plant, saying the incident could have triggered a new Chernobyl.
Russia's envoy to NATO in January said Stuxnet caused centrifuges producing enriched uranium at the Bushehr plant to spin out of control, which could have sparked a new "Chernobyl tragedy," the 1986 nuclear meltdown in Ukraine.
"The operators saw on their screens that the centrifuges were working normally when in fact they were out of control," Dmitry Rogozin told reporters after meeting with ambassadors from the 28-nation Western alliance.
Russia is helping Iran build a nuclear power plant in the southern city of Bushehr for civilian use.
Langner said the Stuxnet code was designed to trick human operators by showing them recorded readings indicating machinery is running normally while behind the scenes they are heading for destruction.
"It's definitely hard-core sabotage," Langner said of Stuxnet. "It's like in the movies where during a heist the security camera is running pre-recorded video showing nothing is wrong."
Iran's envoy to the International Atomic Energy Agency has denied that the Stuxnet attack effected the country's nuclear program, including Bushehr.
A terrifying aspect of Stuxnet, according to Langner, is that it is a generic attack that would work well in factories, power plants, or other operations plentiful in the United States.
"It's a cyber weapon of mass destruction," Langner said. "We'd better start preparing right now."
StuxNet Worm

Republican Lawmaker Promises New Online Privacy Legislation.

A senior Republican member of the U.S. House of Representatives will soon introduce legislation designed to give Web users more control of their personal data and to give the U.S. Federal Trade Commission power to enforce voluntary privacy standards developed with Internet companies, he said Friday.
Representative Cliff Stearns, a Florida Republican and senior member of the House Energy and Commerce Committee, said he plans to introduce online privacy legislation soon. The bill's focus will be on allowing Web users to know what personal information Internet companies are collecting about them and to control how it's used, said Stearns, co-author of past online privacy bills.
The bill would encourage Web-based companies to develop industry standards for privacy but would give the FTC some enforcement power, Stearns said during a speech at a Technology Policy Institute (TPI) forum on privacy.
Finding the right balance between privacy and online commerce is a "tough issue," but consumers are demanding more privacy protections. "We are at a tipping point where we have to come to grips with the information that's being collected," he said.
Still, Stearns suggested that online advertising could be hurt if regulations go too far. Online tracking to deliver behavioral, or targeted, ads is a legitimate practice if companies notify consumers what information is collected and allow them to turn off the collection, he said.
"Online advertising ... supports much of the commercial content, applications and services that are available today," he said. "We do not want to disrupt a well-established and successful business model."
Stearns' approach to online privacy would likely be different from a bill introduced in February by Representative Jackie Speier, a California Democrat. Speier's bill would direct the FTC to create standards for a nationwide do-not-track mechanism that would allow Web users to opt out of online tracking and the sharing of consumer data among online businesses.
The FTC, in a report released in December, called for the technology industry to create more do-not-track tools. Mozilla, Microsoft and Google all announced do-not-track features for their browsers shortly after the FTC report.
The U.S. Department of Commerce called for a privacy bill of rights for Web users in its own December privacy paper.
But William Kovacic, a Republican commissioner at the FTC, questioned what agencies would enforce new privacy standards and whether lawmakers and privacy advocates would stop pushing for more privacy protections if Internet companies met current demands. "Do you believe the promises of the regulators and others that if you do X, they will be satisfied?" he said at the TPI event. "Or is X a revise-and-resubmit process ... in which you never ultimately satisfy the referees?"
The FTC and Commerce reports, as well as some legislative proposals on online privacy, are "very fuzzy" on details on whether there should be strong regulations or voluntary compliance with industry privacy standards, he added.
Before new privacy regulations are created, lawmakers should look at the potential impact on Internet commerce, added Thomas Lenard, president at TPI, an antiregulation think tank. "More privacy generally means less information available" on the Internet, he said.
But Daniel Weitzner, associate administrator at the Department of Commerce's National Telecommunications and Information Administration (NTIA), disagreed, saying recent studies suggest that Internet-based companies that give users more control over their personal data can build loyalty and advertising click-through rates at the same time. Giving consumers greater control over their privacy doesn't necessarily mean that online companies will lose access to all that data, he said.
"We really see no evidence that there's some trade-off" between privacy and e-commerce, Weitzner said.
 Privacy Law

Intel Hopes to Boost Cloud Gaming With Ray Tracing.

A new technology from Intel called ray tracing could bring lifelike images and improved 3D effects to games on tablets and other mobile devices.
The chip maker is creating chips and rewriting games to use ray tracing, which generates accurate images by tracing paths of light and could lead to console-like gaming via the cloud, the company said in a podcast this week.
At some point in the future, after a new Intel chip is released, mobile device users will be able to play complex 3D games over the cloud using real-time ray tracing, which demands a lot of computing power, Intel said. Clusters of power servers with multiple CPUs and vector processing units could process tasks in parallel, with accurate images then being delivered to tablets and smartphones.
Tablets and smartphones are mostly used for casual gaming, but increasingly sophisticated hardware is making the devices capable of handling higher-resolution graphics. Apple's iPad 2 tablet, which was announced this week, has improved graphics capabilities compared to its predecessor, while LG's Optimus 2X smartphone can render 1080p video. A tablet using Nvidia's upcoming mobile chip called Kal-El was demonstrated playing an Xbox 360 game at last month's Mobile World Congress show.
Intel has rewritten the first-person shooter game "Wolfenstein," which looks more realistic with ray-tracing technology, said Daniel Pohl, an Intel researcher, in the podcast.
"We have a red car sitting at a courtyard, which has a very shiny reflective surface. That can be rendered very good ... because ray tracing can do very physically [accurate] modeling of reflections," Pohl said.
For example, ray tracing will let gamers use reflections off the car's surface as a mirror to see if snipers are approaching from the rear, Pohl said. Ray tracing could also add more visual detail such as shadows, which could help enhance 3D effects in a game.
Modern device screens employ millions of pixels and millions of rays are sent out for every pixel, which creates a challenge as a lot of processing power is needed, said John Owens, associate professor of Electrical and Computer Engineering at University of California at Davis, during the podcast.
Billions of rays may need to be continually bounced off objects to accurately sample the changing scenes in a game. Modeling becomes even more complex if a game has a lot of moving objects and changing scenes.
"The reason [ray tracing] isn't pursued in your normal graphics cards today or that most of your games aren't done through it is that actually doing that computation is very challenging," Owens said.
Intel is trying to address the challenge through an experimental server chip called Knights Ferry, which is based on the company's new MIC (many integrated core) architecture. The chip, which was announced in May at the International Supercomputing Conference, is designed for intensive graphics and high-performance computing.
The chip has 32 x86 cores with corresponding 512-bit vector processing units. The cores operate at a clock speed of 1.2GHz, and the chip supports OpenCL and Microsoft's DirectX, which are frameworks that include tools for parallel programming.
Knights Ferry also implements elements of the now defunct Larrabee chip, which was to be Intel's first graphics processor. The chip maker showed Larrabee's ray-tracing capabilities on-stage at the Intel Developer Forum in 2009 in a game titled "Enemy Territory: Quake Wars," but many audience members were underwhelmed by the limited scope of the demonstration.
The first commercial product based on MIC architecture will be a chip called Knights Corner, which the company said will include more than 50 cores. Intel will release the chip in the first half of next year, an Intel executive said on a podcast in late February. Use of ray tracing for mobile gaming hinges on that chip's release.
Cloud Gaming 

Roger Ebert’s Inspiring Digital Transformation.

With the help of his wife, two colleagues and the Alex-equipped MacBook that he uses to generate his computerized voice, famed film critic Roger Ebert delivered the final talk at the TED conference on Friday in Long Beach, California.
Prefacing his remarks with a scene from Stanley Kubrick’s 2001: A Space Odyssey, Ebert opened by telling the audience that he “became operational on June 18, 1942. [And] like HAL 9000, I also speak with a computerized voice” -- the same remarkably realistic computerized voice he shared with the world on Oprah last year.
From there, Ebert and friends took the audience on his inspiring journey, from the near-death experience in 2006 that left him without a voice to his search for the technology that creates Ebert-sounding text-to-speech to his present-day prolific use of social media for sharing his commentary on both movies and life with the world.
Ebert credited a life-long love affair with technology for giving him the inspiration to both find his “voice” and continue his career on the Internet. “I joined Compuserve when it had fewer users than I have followers on Twitter,” he joked.
“For me, the Internet began as a useful tool and now has become something I rely on for my actual daily existence... [if this had happened before], I’d be isolated as a hermit; I’d be trapped inside my head. Because of the digital revolution, I have a voice, and I do not have to scream.”

That's not to say Ebert's existence is not without significant physical and social struggle. In one of the more moving moments of his talk, Ebert's wife Chaz choked up while reading his words aloud, saying, "People talk loudly and slowly to me... sometimes they assume I am deaf. There are people that don’t want to make eye contact. It is human nature to look away from illness; we don’t enjoy a reminder of our own fragile mortality... that’s why writing on the Internet has been a life saver for me."
Meanwhile, the technology that enables Ebert to “speak” continues to see improvements -- for example, adding more realistic inflection for question marks and exclamation points. In a test of that, which Ebert called the “Ebert test” for computerized voices, the critic closed by telling the audience a joke, saying, "If the computer can successfully tell a joke as well as Henry Youngman, then that’s the voice I want.”
Judging by the laughter, tears and standing ovation from the crowd that followed as Ebert left the stage, it would seem that voice may have already arrived.
Read More. 

South Korean websites come under further attack.

SEOUL, South Korea – Unidentified attackers targeted more than two dozen South Korean government and private websites Saturday, a day after two waves of similar attacks, but officials reported no serious damage.
A total of 29 websites were hit Saturday in so-called "denial of service" attacks, in which large numbers of "zombie" computers try to connect to a site at the same time in an attempt to overwhelm the server, the Korea Communications Commission said.
Commission official Lee Sang-kug said the attacks were "so weak that no actual damage was detected so far." Lee said the commission would keep a close watch on the situation in coming days, but that the fallout was likely to remain limited because the government and computer security companies were well prepared.
Saturday's attacks on sites including South Korea's presidential office, the Foreign Ministry, the Defense Ministry, some financial institutions and U.S. Forces Korea followed two rounds Friday in which damage was also limited.
Lee said that 40 websites were originally targeted Friday, though only 29 came under actual attack. A total of 29 were targeted Saturday, he said.
The National Police Agency said the attacks originated from 30 servers in 18 foreign countries or territories including the United States, Israel, Russia, Hong Kong, Taiwan, Thailand, Japan, India, Brazil and Iran.
"We may find more servers behind this attack as it is only the beginning of the investigation," said Jung Suk-hwa, head of the agency's Cyber Terror Response Center. "Generally, there is someone else who controls all of these servers and we are working to figure out who it is."
In 2009, some government websites in South Korea and the U.S. were paralyzed by a similar type of attack that South Korean officials believed was conducted by North Korea. But U.S. officials have largely ruled out North Korea as the origin, according to cybersecurity experts.
South Korean media have previously reported that North Korea runs an Internet warfare unit aimed at hacking into U.S. and South Korean military networks to gather information and disrupt service.
Park Kun-woo, a spokesman for South Korean computer security company AhnLab, said Friday that China is also pointed to as a source of cyberattacks because a large amount of malware, or malicious software, originates from there.
Full Article