WHO ARE THEY?

By:Abbas Saghali

A professional  group of hackers which calls itself "Iranian Cyber Army"   carried out two high profile cyber attack in the world during last December and January. At first attack in December 17 this unknown group hacked twitter by redirection of twitter users to a web page which was followed by this message:

Iranian Cyber Army
THIS SITE HAS BEEN HACKED BY IRANIAN CYBER ARMY
iRANiAN.CYBER.ARMY@GMAiL.COM

U.S.A. Think They Controlling And Managing Internet By Their Access, But THey Don’t, We Control And Manage Internet By Our Power, So Do Not Try To Stimulation Iranian Peoples To….

NOW WHICH COUNTRY IN EMBARGO LIST? IRAN? USA?
WE PUSH THEM IN EMBARGO LIST ;)

Take Care.

The considerable point in their message was their writing style which apparently and consciously had  joked with English grammar such as what e.e.commings,us great poet, did in his poetry by grammar rules and capital words.
For second time this group hacked china's most popular search engine,Baidu.Hackers again had redirected users to a web page displaying a message claiming that the same group had blocked access to that site.It should be suggested that hackers of Iranian Cyber Army have attacked to some Iranian leading opposition web sites and blogs during last months after cheating in Iranian presidential election.
Now question is: Really these kind of group-hackers  are going to  drive globe to
world cyber war 1?what will happen in the future? 

E-GOVERNMENT IN UK

By:Abbas Saghali

According a recent survey in 2010, south  Korea has been able to lead E-Government issues in the world. In this ranking ,UK is placed after Australia,Canada and USA .The other countries which are  between top 10 nations which have provided online services for their citizens in terms of E-Government are Netherlands,Norway,Denmark, Spain and France.
Although E-Government can accelerate a great amount of services for government members and people,somebody believes it is not always systematically effective.Micheal Cross in Guardian point outs that  E-Government is not a financial cure-all. In addition ,he writes that the current buzzword is smarter government  while prime minister of UK and the chancellor of Exchequer put on emphasis of cost reduction of E-Government services more than its quality.

FUTURE OF ONLINE PRIVACY

PRIVACY POLICY IN FACEBOOK

By:Abbas Saghali

Facebook updated its privacy policy in April 22,2010.Last revision has eight sections including introduction, information facebook receives,information members share with third parties,sharing information on facebook,how members use their information,how facebook share information,how members can view,change or remove information,and how this popular social network protect information.
Facebook has announced if anybody has question about their privacy policy can contact with their team through  their help page .This page also has been provided for somebody who has complaints about their privacy issues.They have provide  the other page by the name of TRUSTe for those members which are not satisfied with their team's responses. 
There are some links such as :

statement of rights and responsibilities
facebook site Govenance
privacy settings
requesting deletion for non-user
reporting and blocking third party applications

which are completely helpful in this regard.

WORLDWIDE COMPUTER CRIME

By:Abbas Saghali

According one official report in USA which was published in 2008,among 300 million internet users in all of the globe more than one million were involved with computer crime.These crimes included fraud,vandalism,disposal of stolen goods,and embezzlement.It should be interesting to know that distributed denial of service is the most reported computer crime in the world.As well as digital world has a great deal of global advantages,crimes by internet also cannot be limited geographically.Financial networks are mostly target by internet criminals and control of online fraud sometimes is extremely difficult.Online child pornography is another e-crime that FBI launched its "innocent images" prob to track it down in 1995.This effort by more than 200 convictions resulted in 1999.

TRADEMARK CONFLICT WITH DOMAIN NAME

BY:Abbas Saghali

We can define a trademark as a name,symbol,motto and design which  legally introduces a company and is representative for its products and services.But from the first days that  domain name was improved in cyber space,stakeholders of companies had a conflict with it.The Ninth Circuit U.S. Court of Appeals recently ruled that a firm in  business  must use its domain name to sell products  and its services.this is accomplished in order to have a protection on  the name.In other words ,just reserving a domain name cannot be sufficient for a company and they should use their trademark in terms of domain name.

Fortunately, it's easy to register your domain name as a trademark:

Conduct a trademark search  helps to find any trademarks that conflict with those type of names that you want to use as domain name.At this point,the notorious conflict between trademark and domain name users can be decreased.Although regarding of using famouse trademarks for some individuals and groups, Conduct a trademark search is not full stop for the conflict. 
ALL BUSINESS
 

A KINDE OF SPOOFING PROBLEM

A new attack is threatening to increase the potential for attackers to compromise enterprise servers and the critical data on them. Solutions are available, and they will require action by company officers .

“SSLStrip” and related attacks1 were among the highlights of the July 2009 Black Hat show in Las Vegas. Researcher Moxie Marlinspike3 combined a number of separate problems, not all related to SSL, to create a convincing scenario in which users attempting to work with secure web sites were instead sent to malicious fake sites. One of the core problems described by Marlinspike is the ability to embed null characters in the common name field of a certificate, designating a domain name. This can be used to trick software, web browsers.SSLStrip attack could be used against server-server communications with the potential for mass-compromise of confidential data.

This spoofing problem is solved by correct use of Extended Validation (EV) SSL certificates for authentication. Moving certificate-based enterprise authentication to EV SSL would therefore protect an organization against this form of attack.

Posted by Leila Pishro at 9:01 PM 0 comments