November 18, 2024

Dutch Man Said to Be Arrested in Powerful Internet Attack

While the authorities did not give the full name of the man in a statement published on a Dutch government Web site, they identified him as “S.K.” A source close to the investigation, who was not authorized to speak publicly, confirmed that the arrested man was Sven Olaf Kamphuis, a 35-year-old Dutch man who has been the spokesman of a group that was protesting a European antispam group’s tactics.

Spanish police arrested the man on Thursday at his home in Barcelona, at the request of the Dutch police, and seized his computers and mobile phones. He is expected to be sent to the Netherlands. Wim de Bruin, a spokesman for Dutch national prosecutor’s office, said “S.K.” was suspected of playing a role in a wave of attacks last month.

His arrest came after an investigation by authorities in the Netherlands and other European countries into Mr. Kamphuis’s involvement in one of the largest attacks on the Internet. Mr. Kamphuis has been suspected of starting a distributed denial of service, or DDoS, attack against Spamhaus, the antispam group. Such attacks are a criminal offense under Dutch law.

Mr. Kamphuis calls himself the “minister of telecommunications and foreign affairs for the Republic of CyberBunker.” But many consider him to be the Prince of Spam. He runs CB3ROB, an Internet service provider, and CyberBunker, a Web hosting company that in the past has hosted sites like WikiLeaks and the Pirate Bay, a site accused of abetting digital content piracy.

Antispam groups say they believe CyberBunker acts as a conduit for vast amounts of spam. Last month, Spamhaus, an antispam group based in Geneva, added CyberBunker to its blacklist, which is used by major e-mail providers to block spam.

In the days and weeks after the blacklisting, Spamhaus was targeted with an DDoS attack, which flooded the site with traffic until it fell offline.

After Spamhaus hired a Silicon Valley Internet security firm, CloudFlare, to defend against the attack, the attackers turned their ire on CloudFlare. When efforts to bring down CloudFlare were unsuccessful, the attackers hit back with a far more powerful strike that exploited the Internet’s core infrastructure, called the Domain Name System, or D.N.S.

Their attack quickly reached previously unknown magnitudes, growing to a data stream of 300 billion bits per second, which resulted in slowing Internet traffic for millions of Internet users around the world.

Mr. Kamphuis has denied his role in the attack and said he was only a spokesman for Stophaus, a loose organization set up to take down Spamhaus. Asked about his involvement in the attacks last month, Mr. Kamphuis told The New York Times, “We are aware that this is one of the largest DDoS attacks the world has seen so far, yes.”

But through his Facebook page, Mr. Kamphuis has actively called on hackers to take Spamhaus offline.

“Yo anons, we could use a little help in shutting down illegal slander and blackmail censorship project ‘spamhaus.org,’ which thinks it can dictate its views on what should and should not be on the Internet,” he said on Facebook on March 23.

Dutch prosecutors singled out Mr. Kamphuis because of his vocal role. Greenhost, a Dutch Internet hosting service, said in a blog post that it had found CB3ROB’s digital fingerprints while studying the attack traffic directed at Spamhaus.

Mr. Kamphuis’s arrest in Barcelona was made through the European Union’s judicial collaboration unit, Eurojust.

An anonymous statement was posted to Pastebin, a Web forum for hackers, on Friday, proclaiming Mr. Kamphuis’s innocence and threatening another round of attacks if he is not released. “We demand u to release Sven or we will indeed start the biggest attack u humans have ever experienced toward The Internet, and yourself,” the hacker wrote.

Eric Pfanner contributed reporting.

This article has been revised to reflect the following correction:

Correction: April 26, 2013

An earlier version of the Web summary on this article misstated who had arrested a man believed to be connected to an online attack. Dutch authorities announced the development, but it was Spanish police who made the arrest, they said, not the Dutch.

Article source: http://www.nytimes.com/2013/04/27/technology/dutch-man-said-to-be-arrested-in-powerful-internet-attack.html?partner=rss&emc=rss

Disruptions: Online Voting in U.S., Despite Risks, Should Be Developed

People waiting to vote in Boston.Timothy A. Clary/Agence France-Presse — Getty Images People waiting to vote in Boston.

Last Tuesday, millions of Americans stood in long lines to cast their votes. While they waited, sometimes for several hours, many used their smartphones to pass the time.

Some read articles about the election. Others updated their Twitter or Instagram feeds with pictures of the lines at the polls. And some took care of more private tasks, like sharing health information with their doctors, reading and editing confidential work documents, or paying bills and transferring money using banking applications.

Once in the voting booth, they slipped their phones into their pockets and purses and, in many cases, picked up a pen and a piece of paper to cast their ballot.

So at a time when we can see video shot by a robot on Mars, when there are cars that can drive themselves, and when we can deposit checks on our smartphones without going to a bank, why do most people still have to go to a polling place to vote?

That’s because, security experts say, letting people vote through their phones or computers could have disastrous consequences.

“I think it’s a terrible idea,” said Barbara Simons, a former I.B.M. researcher and co-author of the book “Broken Ballots: Will Your Vote Count?”

Ms. Simons then ran through a list of calamitous events that could occur if we voted by Internet. Viruses could be used to take over voters’ phones; rogue countries like Iran could commandeer computers and change results without our knowledge; government insiders could write software that decides who wins; denial-of-service attacks could take down the Internet on Election Day.

“It’s a national security issue,” Ms. Simons said. “We really don’t want our enemies to be able to determine our government for us — or even our friends for that matter.”

Of course, many of those concerns make sense. None of us want some evil autocrat picking the next president.

But other countries allow citizens to vote via the Internet, or are experimenting with the idea. In 2005, Estonia started testing an online voting system and has since registered more than a million voters who now cast their ballots online. Italy plans to test an online voting system this year.

Not the United States, the land of the free and the home of the smartphone.

Ronald L. Rivest, a computer scientist at the Massachusetts Institute of Technology, said that for now, the best technology out there is the one we’ve been using.

“Winston Churchill had a famous saying that democracy is the worst form of government, except for all those other forms that have been tried before,” Mr. Rivest said. “You can apply the same statement to paper ballots, which are the worst form of voting, but better than all the others that have been tried before.”

Mr. Rivest, who is the R in the name of the RSA encryption system, which is used by government institutions and banks, said that if things went wrong on Election Day, chaos could ensue, because doubts about the results would rattle the foundations of our democracy.

“One of the main goals of the election is to produce credible evidence to the loser that he’s really lost,” he said. “When you have complicated technology, you really do have to worry about election fraud.”

So what’s the solution? Ms. Simons and Mr. Rivest both seemed certain that the best alternative was to stick with a technology that’s a couple of thousand years old. “Paper,” they both said, as if reading from the same script. “Paper ballots.”

Voting by mail, which some cite as an option, lets people avoid the lines, but it is not so easy on the vote counters. In states where this is allowed, envelopes have to be opened and ballots sorted into precincts. Then the signature needs to be matched with that on the voter registration card. None of this is terribly efficient.

So in 10, 20 or 100 years, when our cars have been replaced with self-flying spaceships, robots take our children to school, and our smartphones are chips in our heads, will we still be using a pen and paper to choose our president? I sure hope not.

After Hurricane Sandy disabled power and transportation for many in New Jersey, the state announced that some people would be allowed to vote by e-mail. The entire operation was pulled together in three days. Although there were problems, the system worked for most.

Digital voting could drive more Americans to the polls. According to a report released by the Census Bureau this year, nearly 50 million Americans didn’t vote in the 2008 election. Millions of people said this was because they were out of town, had transportation problems or were too busy to get to the polls. Internet voting could let millions more people take part.

There are, as the security experts point out, a litany of issues to confront before this happens, but it’s not impossible.

Alexander Keyssar, a professor of history and social policy at Harvard and author of the book “The Right to Vote,” added one more issue to the list: voter coercion, in which your boss or someone else bullies you into picking a candidate, perhaps right in front of them. But Mr. Keyssar said people might eventually have the option to vote via the Web.

“I think it’s something that the government should be looking to develop as a down-the-road option,” he said, adding that in Brazil, one branch of a government group called the Federal Election Tribunal has the task of exploring digital voting technologies. “We could have a similar tribunal here,” he said.

In his acceptance speech, President Obama acknowledged the problems of those who had to wait in long lines to vote, saying, “By the way, we have to fix that.”

There are more than twice as many mobile phones in the United States as there are people who voted during this last election. As one option to “fix that,” I’d vote for an app that allows me to cast my ballot from the privacy of my own home, rather than waiting in line to mark a piece of paper with a pen.

E-mail: bilton@nytimes.com

Article source: http://bits.blogs.nytimes.com/2012/11/11/disruptions-casting-a-ballot-by-smartphone/?partner=rss&emc=rss

Bank of America Explains Web Site Problems

With nearly 30 million online banking customers and the nation’s busiest bank Web site, the failures spurred consumer anger, with account holders in some cases unable to pay bills electronically or check their balances.

“Our priority is delivering the speed and functionality our customers expect,” said David Owen, senior vice president and head of online and mobile banking for Bank of America. “We take this very seriously, and this has been very disappointing in terms of not meeting those expectations this week.”

While the site seemed to be functioning normally by Wednesday evening, Mr. Owen was not declaring victory. “We’re taking this day by day,” he said.

The problems first cropped up on Friday, a day after the bank, the nation’s largest, announced it would impose a new $5 a month charge for some debit cardholders. But Mr. Owen insisted the problems were not caused by hackers unhappy with the new fee or by efforts to flood the site with traffic as a protest, a strategy called a denial-of-service attack.

“Everything we know does not point to third-party intervention,” he said. Along with hundreds of internal analysts and technical staff, Mr. Owen said the bank had also been consulting with federal law enforcement officials and outside industry experts to get to the root of the Web troubles.

The problems were at their worst on Friday — the day after the $5 fee was announced — but Mr. Owen pointed to other causes like weekly paydays and federal government disbursements at the beginning of the month for the increase in visitors to the site.

“It’s a series of events that have converged,” Mr. Owen said. Besides the increased traffic, Mr. Owen said the company was in the middle of an effort to replace an old computer system while also offering customers new options when they used the site. The combination of factors made the problem more time-consuming to fix.

As the company identified and fixed individual bottlenecks, he said, other problems would spring up elsewhere, delaying the effort to get the Web site working normally again. “Sometimes, it’s as simple as fixing a box or changing a setting. But that’s not the case in this instance.”

The Bank of America Web site had 24.3 million unique visitors in August, according to data compiled by comScore, several million more than rivals like JPMorgan Chase, Wells Fargo and Capital One.

Article source: http://feeds.nytimes.com/click.phdo?i=fb33d35f3fdaf9e2fefc1647b6cb1e25