You Don’t Know What You Can’t See

Once again, the morning headlines are bringing new – if slightly ominous – stories of increased hack attacks.   In today’s case, two different stories: the first, a growing series of Internet hacks designed to fool people about the websites they’re actually visiting, and second, a troubling GPS hack that could affect military relations on the Korean peninsula.  Pretty sober stuff.

But it’s not all gloom.  We also stumbled on something we can only describe as a set of virtual crayons to play with online.  First to the attacks.

Illustration: German Ariel Berra

#1: Eroding Security?

For several months we’ve been tracking the activities of an alleged Iranian hacker seeking retribution for the Stuxnet attack, among other perceived slights against the regime in Tehran.  In March, using machines tracked to Iran, a hacker infiltrated Comodo – a U.S.-based firm that issues those all-important security certificates that supposedly let browsers know if a website is ‘secure’ or not.  That little padlock icon you see in your URL address window?  That’s a sign that the website you’re visiting really is who they say they are.

Except when they aren’t.  Using the name ‘Comodohacker,’ the self-identified (but yet unconfirmed) Iranian citizen issued a series of phony SSL certificates for sites such as Google, Skype and Yahoo – in effect tricking anyone who received them into thinking that they were on those “https secure” websites, when in fact they might have been anywhere, sharing personal information with unknown hosts.

For its part, Comodo quickly acknowledged the attack and fixed the problem, noting nine phony certificates had been issued in a hack they traced to Iran.  More recently, in July, ‘Comodohacker’ took aim at the Dutch security certificate firm DigiNotar and launched a similar attack, allegedly as retribution for the anti-Muslim rhetoric of Dutch politician Geert Wilders.  But the size of this hack has only now come to light – and it was significant.  Internet forensic analysts now say that upward of 500 certificates were stolen and falsified – including those of Facebook, Twitter, and Microsoft, as well as security agencies MI6, the CIA and the Mossad.  ‘Comodohacker’ is still at large, and just this week, Ars Technica‘s Peter Bright posted this piece claiming that he, too, hacked DigiNotar’s security certificate system.  All of this inflates already existing concerns that the Internet is growing less, rather than more secure, and that industry has yet to take these threats seriously.

#2: Knocked Out of the Sky

File image of the RC-7B reconnaissance plane

From cyber-space to outer space.  There’s a new report that North Korea was able to force a U.S. reconnaissance plane from the sky recently by jamming its Global Positioning System, otherwise known as GPS.

The South Korean daily Chosun-Ilbo reports the U.S. military RC-7B plane took off from South Korea March 4th, but was forced to make an emergency landing just 45 minutes later after the plane’s GPS system was disrupted.  The newspaper quotes military sources as saying the jamming signals were tracked to the North Korean cities of Kaesong and Haeju.  Much of modern aviation depends on GPS signals of orbiting satellites to navigate; without it, airplanes, drones, missiles and even other satellites can be rendered unusable.

It’s been known for some time that Pyongyang has been experimenting with devices that can jam GPS signals from as much as 50 kilometers away.  But if the Chosun report is accurate, that range may have now greatly increased.

“The jamming also suggests that North Korea has upgraded its modest electronic warfare capabilities,” writes ‘Spook86’ on his (or her) blog ‘In From The Cold‘. “If the report is accurate, the DPRK may have acquired a more powerful GPS jammer, capable of affecting navigation systems over a wider area, (potentially) impacting a host of activities, from intelligence collection to precision weapons applications.”

In response, the Pentagon is denying that any plane was “forced” from the air.  In a statement released Saturday (September 10), a U.S. military source speaking on anonymity was quoted by Reuters as saying “We have no indication that any aircraft at the time of, or in the vicinity of, this alleged incident was forced to land on an emergency basis.”  A careful read of that statement clearly doesn’t deny jamming took place, or that a plane opted to return to base, mind you.

It’s worth pointing out that, technically, jamming the GPS of another nation’s aircraft is considered an act of war.

#3: Crayons on the Wall

Give an infant a clean white wall and a bright red crayon, and you can guess the result.  Crayon + wall = fun!

But it isn’t just infants who like scribbling.  So for all those frustrated adults just wanting to share their doodles with the public, there’s now a solution.

“Goggles” – not to be confused with “Google Goggles” – is an open-source applet that anyone can add to their browser which will allow them to both read the doodles that others have left behind on public websites as well as add their own.

Created by Synapse Software, “Goggles” is an essentially harmless – and admittedly sophomoric – bit of code that allows people to scribble on the Internet – all without permanently defacing anything.  The ‘doodles’ are only visible to those who have installed the Goggle applet on their browser, and can be erased quickly.  And because everyone has the ability to see and edit what anyone else writes, it’s not exactly a secure means for passing secret messages.

It is, however, a mild distraction that lets the kid with the crayon come out and play a bit.

And now that I have Goggles, I’ll be keeping an eye on the VOA homepage.