Quantum teleportation has achieved a new milestone or, should we say, a new ten-milestone: scientists have recently had success teleporting information between photons over a free space distance of nearly ten miles, an unprecedented length. The researchers who have accomplished this feat note that this brings us closer to communicating information without needing a traditional signal, and that the ten miles they have reached could span the distance between the surface of the earth and space.
"Quantum teleportation" is quite different from how many people imagine teleportation to work. Rather than picking one thing up and placing it somewhere else, quantum teleportation involves entangling two things, like photons or ions, so their states are dependent on one another and each can be affected by the measurement of the other's state.
When one of the items is sent a distance away, entanglement ensures that changing the state of one causes the other to change as well, allowing the teleportation of quantum information, if not matter. However, the distance particles can be from each other has been limited so far to a number of meters.
Teleportation over distances of a few hundred meters has previously only been accomplished with the photons traveling in fiber channels to help preserve their state. In this particular experiment, researchers maximally entangled two photons using both spatial and polarization modes and sent the one with higher energy through a ten-mile-long free space channel. They found that the distant photon was still able to respond to changes in state of the photon they held onto even at this unprecedented distance.
However, the long-distance teleportation of a photon is only a small step towards developing applications for the procedure. While photons are good at transmitting information, they are not as good as ions at allowing manipulation, an advancement we'd need for encryption. Researchers were also able to maintain the fidelity of the long-distance teleportation at 89 percent— decent enough for information, but still dangerous for the whole-body human teleportation that we're all looking forward to.
Science, 2010. DOI: 10.1038/NPHOTON.2010.87 (About DOIs).
Thursday 20 May 2010
Friday 14 May 2010
Single group did 66% of world's phishing
A single criminal operation was responsible for two-thirds of all phishing attacks in the second half of 2009 and is responsible for a two-fold increase in the crime, a report published this week said.
The Avalanche gang is believed to have risen out of the ashes of the Rock Phish outfit, which by some estimates was responsible for half the world's phishing attacks before fizzling out in late 2008. Driving the success of both groups is their use of state-of-the-art technology for mass-producing imposter websites and distributing huge amounts of crimeware for automating identity theft.
There were 126,697 phishing attacks during the second half of 2009, more than double the number in the first half of the year or from July through December of 2008, the APWG report said. Avalanche, which was first identified in December of 2008, was responsible for 24 percent of phishing attacks in the first half of 2009 and for 66 percent in the second half. From July through the end of the year, Avalanche targeted the more than 40 major financial institutions, online services, and job search providers.
Curiously, Avalanche may turn out to be a victim of its own success.
"During an Avalanche campaign, it was not unusual for the target institutions, the relevant domain name registrar(s), a domain name registry, and other responders and service providers to all be aware of the campaign and working on mitigation at the same time," the report stated. "As a result, Avalanche attacks had a much shorter average uptime than non-Avalanche phishing attacks, and community efforts partially neutralized the advantage of the fast-flux hosting."
White hats briefly shut down the Avalanche infrastructure in mid November, and ever since then phishing attacks generated by the group have dropped precipitously. Last month, the gang launched just 59 attacks, each one with a separate domain.
A PDF of the report is here. ®
By Dan Goodin
The Avalanche gang is believed to have risen out of the ashes of the Rock Phish outfit, which by some estimates was responsible for half the world's phishing attacks before fizzling out in late 2008. Driving the success of both groups is their use of state-of-the-art technology for mass-producing imposter websites and distributing huge amounts of crimeware for automating identity theft.
"Avalanche uses the Rock's techniques but improved upon them, introducing greater volume and sophistication," the report, released by the Anti-Phishing Working Group, stated.
Central to Avalanche's success is its use of fast-flux botnets to host phishing sites. The use of peer-to-peer communications makes it impossible for a single ISP or hosting provider to to pull the plug on the infrastructure. The gang also excels at launching attacks from a relatively small number of domain names that often appear confusingly identical to each other, such as 11f1iili.com and 11t1jtiil.com. Those abilities also fuel the success.There were 126,697 phishing attacks during the second half of 2009, more than double the number in the first half of the year or from July through December of 2008, the APWG report said. Avalanche, which was first identified in December of 2008, was responsible for 24 percent of phishing attacks in the first half of 2009 and for 66 percent in the second half. From July through the end of the year, Avalanche targeted the more than 40 major financial institutions, online services, and job search providers.
Curiously, Avalanche may turn out to be a victim of its own success.
"During an Avalanche campaign, it was not unusual for the target institutions, the relevant domain name registrar(s), a domain name registry, and other responders and service providers to all be aware of the campaign and working on mitigation at the same time," the report stated. "As a result, Avalanche attacks had a much shorter average uptime than non-Avalanche phishing attacks, and community efforts partially neutralized the advantage of the fast-flux hosting."
White hats briefly shut down the Avalanche infrastructure in mid November, and ever since then phishing attacks generated by the group have dropped precipitously. Last month, the gang launched just 59 attacks, each one with a separate domain.
A PDF of the report is here. ®
By Dan Goodin
Thieves Flood Victim’s Phone With Calls to Loot Bank Accounts
A Florida dentist lost $400,000 from his retirement account last year in this manner, and the FBI said the attacks are growing.
A spokeswoman for the Communication Fraud Control Association — a telecom industry organization — told Threat Level that although fraudulent transfers have been halted in a number of cases, the losses are increasing.
“I know it’s in the millions,” said Roberta Aranoff, executive director of the CFCA. “It has exceeded a million dollars easily.”
Last November, Robert Thousand Jr., a semi-retired dentist in Florida, received a flood of calls to several phones. When he answered them, he heard a 30-second recording for a sex hotline, according to the St. Augustine Record.
In December, he discovered that $399,000 had been drained from his Ameritrade retirement account shortly after he’d received the calls. About $18,000 was transferred from his account on Nov. 23, with a $82,000-transfer following two days later. Five days after that, another $99,000 was drained, followed by two transfers of $100,000 each on Dec. 2 and 4. The thieves withdrew the money in New York.
Thousand’s son, who shares his name, received similar harassing calls, though his financial accounts were not touched. Thousand did not respond to a request from Threat Level for comment.
The FBI says the calls were a diversionary tactic, meant to tie up Thousand’s line so that Ameritrade couldn’t reach him to authenticate the money transfer requests. FBI spokesman Bryan Travers said AT&T, Thousand’s phone carrier, contacted the agency’s New Jersey office to help investigate the matter. The agency has since seen at least 16 similar cases since November, most of them occurring in the last few weeks.
In some cases, the victims simply heard dead air when they answered their phone or heard a brief advertisement or other recorded message. Some victims had to change their phone numbers to halt the harassing calls.
The perpetrator who targeted Thousand created a number of VoIP accounts, which were used with automated dialing tools to flood the dentist’s home, business and cellphone with calls.
Generally in these cases, Travers said, the thief obtains the victim’s account information through some other means — perhaps through a phishing attack or other method — and then contacts the financial institution to change the victim’s contact information. In this way, the institution will call the thief instead of the victim to verify a money transfer request.
Many banks, however, now contact customers at their previous phone number when contact information on their account has changed.
But with these attacks, the institution’s calls are prevented from reaching the victim, whose phone is tied up with a flood of diversionary calls.
AT&T spokesman Marty Richter told Threat Level that the perpetrators then generally contact the financial institution posing as the victim to complain that a requested money transfer hasn’t gone through. When the institution discloses that it tried unsuccessfully to contact the victim to authenticate the transfer, the perpetrator says he’s been having phone troubles and verifies that the transfer should proceed.
Richter says that other telecommunication companies have been alerted to the problem and are warning customers when they call to complain about harassing calls that the issue may be related to their financial accounts. The victims are warned to place fraud alerts on their financial and credit bureau accounts and block any electronic fraudulent money transfers that may be in the works.
“This may appear to some people that they’re just having a connect issue with their phone carrier,” he said, “and we want to alert them that this may not be the case.”
Travers said that in most cases so far, the victims have acted quickly enough to prevent money from being drained from their accounts, but he says there may be many other cases that haven’t yet been reported to the FBI. He urged consumers who may have been victims to contact the FBI.
Read More http://www.wired.com/threatlevel/2010/05/telephony-dos/#ixzz0nt0tgdrn
By Kim Zetter
Thursday 13 May 2010
German court orders wireless passwords for all
BERLIN (AP) -- Germany's top criminal court ruled Wednesday that Internet users need to secure their private wireless connections by password to prevent unauthorized people from using their Web access to illegally download data.
Internet users can be fined up to euro100 ($126) if a third party takes advantage of their unprotected WLAN connection to illegally download music or other files, the Karlsruhe-based court said in its verdict.
"Private users are obligated to check whether their wireless connection is adequately secured to the danger of unauthorized third parties abusing it to commit copyright violation," the court said.
But the court stopped short of holding the users responsible for the illegal content the third party downloads themselves.
The court also limited its decision, ruling that users could not be expected to constantly update their wireless connection's security - they are only required to protect their Internet access by setting up a password when they first install it.
The national consumer protection agency said the verdict was balanced.
Spokeswoman Carola Elbrecht told the German news agency DAPD it made sense that users should install protection for their wireless connection and that at the same time it was fair of the court not to expect constant technical updates by private users.
The ruling came after a musician, who the court did not identify, sued an Internet user whose wireless connection was used to illegally download a song which was subsequently offered on an online file sharing network.
But the user could prove that he was on vacation while the song was downloaded via his wireless connection. Still, the court ruled he was responsible to a degree for failing to protect his connection from abuse by third parties.
About 26 million homes in Germany have wireless Internet access, according to Bitkom, the German Association for Information Technology, Telecommunications and New Media.
© 2010 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.
Internet users can be fined up to euro100 ($126) if a third party takes advantage of their unprotected WLAN connection to illegally download music or other files, the Karlsruhe-based court said in its verdict.
"Private users are obligated to check whether their wireless connection is adequately secured to the danger of unauthorized third parties abusing it to commit copyright violation," the court said.
But the court stopped short of holding the users responsible for the illegal content the third party downloads themselves.
The court also limited its decision, ruling that users could not be expected to constantly update their wireless connection's security - they are only required to protect their Internet access by setting up a password when they first install it.
The national consumer protection agency said the verdict was balanced.
Spokeswoman Carola Elbrecht told the German news agency DAPD it made sense that users should install protection for their wireless connection and that at the same time it was fair of the court not to expect constant technical updates by private users.
The ruling came after a musician, who the court did not identify, sued an Internet user whose wireless connection was used to illegally download a song which was subsequently offered on an online file sharing network.
But the user could prove that he was on vacation while the song was downloaded via his wireless connection. Still, the court ruled he was responsible to a degree for failing to protect his connection from abuse by third parties.
About 26 million homes in Germany have wireless Internet access, according to Bitkom, the German Association for Information Technology, Telecommunications and New Media.
© 2010 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.
Subscribe to:
Posts (Atom)