UN Security Council 'unfit for purpose': Amnesty

LONDON, United Kingdom - The UN Security Council has failed to match the courage shown by protesters around the world and is increasingly "unfit for purpose," Amnesty International said in its annual report Thursday, May 24.

The rights group called for the signing of a strong treaty on the global arms trade when the United Nations meets on the issue in July, saying it would be an acid test for world leaders to place rights over profits.

Amnesty highlighted the failure to end the bloodshed in Syria and said repeated vetoes by major arms exporters Russia and China had left the UN's top security body "looking redundant as a guardian of global peace."

The report also singled out emerging powers India, Brazil and South Africa, saying they were "complicit through their silence" on key rights issues.

"You've had people standing up, putting their lives on the line," Amnesty's Secretary General Salil Shetty told AFP.

"Unfortunately that has been met by a complete failed leadership both at the national and global level," he told AFP.

Shetty said that in the 21st century the UN Security Council was "simply not fit for purpose. If they do not change the way in which they behave, I think there are going to be increasing questions about the relevance of the body."

In its 50th annual report, Amnesty said the vocal support by many global powers in the early months of the Arab Spring in 2011 had not translated into action, with many international leaders now looking the other way.

Yielding to Syria

In Syria the group said there was a "clear and compelling case" for alleged crimes against humanity by Bashar Al-Assad's regime to be referred to the International Criminal Court.

"The determination of some UN Security Council members to shield Syria at any cost leaves accountability for these crimes elusive and is a betrayal of the Syrian people," said Shetty.

Russia and China have vetoed two Council resolutions which condemned Assad, and they fiercely oppose UN sanctions.

"Two countries that are among the top six arms dealers in the world, who are permanent members of the Security Council, may have been voting much more with their pocket in mind," said Widney Brown, senior director of international law and policy at Amnesty.

Amnesty said it was the conference on a global treaty limiting the arms trade in July that would really show whether UN member states were willing to take on serious challenges.

The conference is set for July 2-27 in New York. It follows an agreement in 2009 by most of the world's major weapons exporters, including the United States, to seek a treaty that strengthens controls on the trade.

"The UN meeting to agree an Arms Trade Treaty in July will be an acid test for politicians to place rights over self-interest and profit," the Amnesty report said.

"Without a strong treaty, the UN Security Council's guardianship of global peace and security seems doomed to failure; its permanent members wielding an absolute veto on any resolution despite being the world's largest arms suppliers."

The UN General Assembly passed a resolution in 2006 calling for such a treaty, but the United States, the world's biggest exporter of weaponry, voted against it, the only country to do so.

The report also focused on other areas, including:

- China, which Amnesty said had thrown the "full weight" of its security apparatus into suffocating protests.

- Russia, where civic activism grew amid the biggest protests since the Soviet Union, but opposition voices were "abused and systematically undermined."

- Myanmar, where the government allowed Nobel Peace Prize winner Aung San Suu Kyi to stand in elections and freed hundreds of political prisoners, although fighting with ethnic groups and fresh detentions showed "limits to the reform." - Agence France-Presse

View the original article here

Read More

Swaziland: Security forces tear-gas students

MBABANE, Swaziland — Security forces and protesters clashed in two towns Wednesday during a week of planned protests demanding an end to Swaziland's absolute monarchy.

Trying to track the IHOP gun's path from China Find out where 9/11's Bob Beckwith is now Bloomberg: 'The terrorists lost' GOP debate is when great expectations meet reality What to watch in tonight's debate How 9/11 and Geraldo changed my life World Blog: James Murdoch could be called back to testify

About 1,000 university students started pelting stones at security forces, who reacted by firing tear gas and beating demonstrators around the head in Mbabane, capital of the southern African mountain kingdom.

In eastern Siteke town, trade union leaders said police fired rubber bullets and tear gas at unarmed and peaceful protesters.

Muzi Mhlanga, general secretary of the Swaziland National Association of Teachers, said the trouble started when police prevented visiting leaders of the Congress of South African Trade Unions from addressing hundreds of people at a demonstration.

The Congress of South African Trade Unions, known as COSATU, said Swazi union leaders were beaten up and South African ones are being deported.

Swaziland is in a financial crisis fueled by corruption and declining customs revenue that has led to widespread shortages of medication.

The government is freezing civil servant salaries and cutting other costs including student allowances.

Protesting Swazis say the king should instead slash his lavish lifestyle and that of his 13 wives and all their offspring.

King Mswati III has ruled the nation of about 1.2 million since 1986, the last absolute monarch in sub-Saharan Africa.

South Africa last month agreed to give Swaziland a 2.4 billion rand ($354 million) loan contingent on economic and political reform. It was roundly criticized.

"The South African government has sent less that 20 million rand to help those starving in the Horn of Africa and yet it is willing to grant a 2.4 billion loan to Swaziland's corrupt regime," complained the South Africa-based Swaziland Democracy Campaign. "This loan will only sustain an unsustainable system and perpetuate the continued oppression and suffering of the people of Swaziland."

Protesters are demanding, among other things, the unbanning of political parties and trade unions, elections to create a democratic multiparty state and a free media.

Copyright 2011 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

View the original article here

Read More

Hackers issue bogus security certificates for CIA

AMSTERDAM — Hackers who broke into a web security firm issued hundreds of bogus security certificates for spy agency websites including the CIA as well as for Internet giants like Google, Microsoft and Twitter, the Dutch government said Monday.

Information Technology experts say they suspect the hackers were probably cooperating with the Iranian government, and hundreds of thousands of private communications between Iranian Internet users and Google were likely monitored in August.

Roel Schouwenberg of Internet security firm Kaspersky said Monday night that the incident could have a larger political impact than Stuxnet — a computer worm discovered in July 2010 which targeted Siemens industrial software and equipment running on Microsoft Windows.  (Msnbc.com is a joint venture of Microsoft and NBCUniversal.)

"A government operation is the most plausible scenario" he added.

The latest versions of browsers such as Microsoft's Internet Explorer, Google's Chrome and Mozilla's Firefox are now rejecting certificates issued by the firm that was hacked, DigiNotar.

In a statement Monday, the Dutch government released findings that greatly expand the scope of the hacking attack that DigiNotar first acknowledged last week. External IT experts reviewing DigiNotar's computer systems said the hack may have begun in June, not July as DigiNotar had previously asserted.

The experts said it had affected access not only to Google, but included 531 fake certificates for some 344 domains including sites operated by Yahoo, Facebook, Microsoft, Skype, AOL, Mozilla, TorProject, and WordPress, as well as spy agencies including the CIA, Israel's Mossad and Britain's MI6.

DigiNotar is one of many companies that sell the "SSL" security certificates widely used to authenticate websites and guarantee that communications between a user's browser and a website are secure.

In theory, a fraudulent certificate can be used to trick a user into visiting a fake version of a website, or used to monitor communications with the real sites without users noticing.

But in order to actually pass off a fake certificate, a hacker must be able to steer his target's Internet traffic through a server he controls. That's something that only an Internet service provider can easily do — or a government that commands one.

The external review by Fox-IT — A Dutch company, with offices in Aruba and Great Britain — found that one fake certificate for Google.com was used 300,000 times between its activation Aug. 4 and when it was revoked on Aug. 29. Almost all usage came from Iran.

"The list of domains and the fact that 99 percent of the users are in Iran suggest that the objective of the hackers is to intercept private communications in Iran," it concluded.

The hack of DigiNotar closely resembles one in March of the U.S. security certificate issuer Comodo Inc., which was also attributed to an Iranian hacker. The Fox-IT report said that the hackers erased some evidence of their break-in but purposefully left behind at least one message in one script: "My signature as always, Janam Fadaye Rabhar," which means "I will sacrifice my soul for my leader" in the Farsi language spoken by Iranians.

The same signature line was used by the Comodo hacker, apparently in reference to Iran's religious leader Ayatollah Ali Khamenei.

In a blog posting, U.S. security firm Trend Micro described the attack as "massive," writing that according to its data "Internet users in more than 40 different networks of ISPs and universities in Iran were confronted with rogue SSL certificates issued by DigiNotar."

Gervase Markham, a Mozilla developer who has been involved in the response to the DigiNotar failure, warned Iranian Internet users to update their browsers, "log out of and back into every email and social media service you have" and change all passwords.

Ot van Daalen of Dutch online civil liberties group Bits of Freedom said he believed the DigiNotar incident will ultimately lead to a reform of authentication technology.

Although no users in the Netherlands are known to have been victimized directly by the hack, it has caused a major headache for the Dutch government, which relied on DigiNotar for authentication of many of its websites.

Interior Minister Piet Hein Donner announced in the early hours of Saturday morning that the safety of websites including the country's social security agency, police and tax authorities could no longer be guaranteed.

The Dutch government took over management of DigiNotar, a subsidiary of Chicago-based Vasco Inc., but kept the websites operating as it scrambles to find replacement security providers.

Donner said Monday he has reached a deal with Microsoft under which it won't block some of the web certificates in the Netherlands for the next week in order to prevent a widespread disruption of government services, which might prove worse than any potential hacking.

"The entire Internet is not a phenomenon that lends itself well to government rules," Donner said at a press conference.

Copyright 2011 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

View the original article here

Read More

Disable Security Settings Check In Internet Explorer

19th August 2011 - Browsers, Customization, Internet Explorer, Windows, Windows 7, Windows Vista, Windows XP

Type GPEDIT.MSC in start menu search box or run and press enter.

Navigate to:

Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer

Double-Click on Turn off the Security Settings Check feature.

Select Enabled.

Click OK.

Read More

Disable “Open File – Security Warning” Message

19th August 2011 - Customization, Windows, Windows 7, Windows Vista, Windows XP

Type intercpl.cpl in start menu search box or run and press enter.
Select the Security tab.
Click Custom Level… Select Enable (not secure) under Launching applications and unsafe files.
Click OK.Click Yes
Click OK.

To disable the Your current security settings put your computer at risk message in Internet Explorer, check this link.

View the original article here

Read More

Security Guard Tries Out for ‘Pilipinas Got Talent’

He was on the set of “Pilipinas Got Talent” when it had one of its auditions, but only as a security guard.

Mark Galido thought there was no harm in trying and so he stepped on the PGT stage and became an official auditionee for season three. Will he surprise the judges with his talent or will he be better off with his current job?

Watch Mark tonight (July 31), 8:30 PM in the country’s number one talent-reality show. Mark is only among the many Filipnos who tried their luck to be the next winner of “Pilipinas Got Talent.” This season, PGT went to almost 80 cities and municipalities in search for distinct, world-class Pinoy acts. Will he make it through the next round?

Find out this Sunday (July 31) in “Pilipinas Got Talent,” hosted by Luis Manzano and Billy Crawford, airing every Saturday, 9PM, and Sunday, 8:30 PM on ABS-CBN.

View the original article here

Read More

Apple releases another security update for iPhone, iPad

 Apple

Not even two weeks have passed since Apple issued a security fix for iOS devices and we're already being prompted to update our gadgets again. The latest software download, iOS 4.3.5, is a minor update which fixes yet another rather pesky security vulnerability.

While Apple's description of the security update is a bit vague — it simply explains that if you don't download iOS 4.3.5, "an attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS" — the folks at Kaspersky Labs were able to clarify things a bit:

[T]he description implies that an attacker who has already compromised a machine on a given network and has the ability to see and identify SSL sessions might be able to decrypt the traffic and modify it. This kind of man-in-the-middle attack is quite common and would require the attacker to already have a foothold on the network in order to execute it.

In plainer words: Someone could intercept your web-surfing session and steal data — but only if he or she already has access to the network you're using.

You can get the update which will foil any plots to compromise your security in such a manner by plugging your iOS device into your computer and hitting the "check for updates" button in iTunes.

Do note that the 4.3.5 version is intended for the AT&T iPhone 4, the iPhone 3GS, the iPad 2, the iPad as well as third and fourth generation iPod Touch devices. Folks who own a Verizon iPhone 4 will find an update labeled 4.2.10instead — but it'll offer the same fix.

Related stories:

Rosa Golijan writes about tech here and there. She's obsessed with Twitter and loves to be liked on Facebook. Oh, and she can be found on Google+, too.

View the original article here

Read More