Goodbye, Obamaberry. Hello, Obamadroid.


When President Barack Obama took office in 2009, he pushed to keep his BlackBerry. Instead, he was issued another BlackBerry device—a BlackBerry 8830 World Edition with extra crypto—for unclassified calls and e-mail. Until recently, Obama continued to carry a BlackBerry handset, but mobile device technology shifts have finally caught up with the White House. Sadly, the Obamaberry is no more.

In an appearance on Late Night with Jimmy Fallon, Barack Obama noted that he now carries a secure "smartphone" that is so locked down that he compared it to an infant's toy phone. While Obama didn't mention the type of handset he now carries, there's only one mobile device supported by the Defense Information Systems Agency—the agency that provides the White House with communications services. That phone is a "hardened" Samsung Galaxy S4.

Read 4 remaining paragraphs | Comments

The President is finally taking charge? No, a Facebook phishing attack

A warning to all the Facebook users out there – the scammers are after your login details again, this time by spreading a link which purports to be a video of Barack Obama.

The president is finally taking charge on Facebook

The president is finally taking charge!!
Is this really for real?.

The image used in the message looks like a YouTube video thumbnail, but if you click on the link you are redirected, via a cross-scripting vulnerability on an MIT webpage and then Reddit, to a phoney Facebook login page.

It may look like Facebook, but it’s not the real Facebook. It’s designed to phish your username and password from you.

Incidentally, the page is hosted on an almost identically-named domain to one we’ve previously seen used in a Facebook phishing campaign.

Facebook usernames and passwords are an increasingly valuable commodity for cybercriminals – once they have those, they’ll be able to log into your account, post messages in your name, spread spam and malware and perhaps raid your profile for personal information that they might be able to use for identity theft.

Worst of all, perhaps, they can pose as you and cause tremendous problems for your friends and family.

So, if you think you might have fallen for a scam like this, change your Facebook password immediately and scan your computer with an up-to-date anti-virus product.

If you’re on Facebook and want to learn more about security threats on the social network and elsewhere on the internet, I’d recommend you join the Sophos Facebook page.

Obama: Gary McKinnon’s fate is in the hands of the British legal system

Gary McKinnon and his mother Janis SharpWe’ve written on many occasions on the Naked Security site about the case of British computer hacker Gary McKinnon.

McKinnon, who suffers from Asperger’s Syndrome, was arrested in 2002 after breaking into computers belonging to the US Army, US Navy, US Air Force, Department of Defense and NASA.

The 45-year-old hacker claims that he accessed the computer systems only to hunt for top secret information about anti-gravity propulsion systems and alien technology, which he believed the authorities were hiding from the public.

For their part, the US authorities claim that McKinnon caused some $800,000 worth of damage.

ITV reporter Tom Bradby quizzed Obama and Cameron about whether the leaders had found a solution to the vexing question of whether McKinnon should be extradited to the United States.

As you can see in the following video of what was said, there may be cause for some optimism amongst McKinnon’s many supporters.

Obama, who visited the UK this week on a state visit, told the international media at a press conference held with the British Prime Minister, that the decision as to whether McKinnon should be extradited or not lies with the British legal system.

We have proceeded through all the processes required under our extradition agreements.. It is now in the hands of the British legal system. We have confidence in the British legal system coming to a just conclusion. And so we await resolution, and we'll be respectful of that process."

In 2009, a Sophos poll of 550 IT professionals found that 71% believed that McKinnon should not be extradited to the USA:

Emergency alerts from President Obama on your mobile phone?

Barack Obama mobile phoneMobile phone users could soon find themselves receiving emergency text messages warning them of terrorist attacks and natural disasters, under plans announced in the United States yesterday.

The Federal Emergency Management Agency (FEMA) and Federal Communications Commission (FCC) have announced the “Personal Localized Alerting Network” (PLAN) which will see new handheld devices fitted with special chips to receive the alerts, which will be sent by state and local authorities. The system is designed to supersede all other phone traffic, In an attempt to avoid delays.

According to the FCC, users will be able to opt out of all alerts apart from those sent by the US president.

(What makes messages from the US president so special, I wonder?)

In many ways this can be viewed as a logical progression from the other methods that authorities have used to communicate with their citizens in times of emergency – such as alerts via television and radio broadcasts. The wide adoption of cellphones makes it a natural way to pass on an important official message whether it be about a flood, a fire or a missing child.

But an obvious concern about the PLAN system is this: if it’s an easy way to communicate a message to many people in a particular city or area, could it be abused by cybercriminals?

Our hope is that appropriate measures will be put in place to tightly control and authenticate any messages which are broadcast to cellphone users. But it certainly would be an attractive target for scammers, spammers and mischief-makers.

After all, in 2009 Barack Obama’s own Twitter account was compromised by spammers who posted a message to his many thousands of followers:

Barack Obama's Twitter account compromised by spammers

The phone alert service is to be made available by AT&T, Sprint, T-Mobile and Verizon. New York City and Washington DC seem likely to be amongst the first locations to activate the PLAN network, with plans to have the system in place by the end of 2011. Other cities and network carriers are expected to follow during 2012.

By the way, while writing this article I stumbled across the official Twitter account for the Department of Homeland Security’s National Terrorism Advisory System (NTAS): @NTASAlerts:

NTASAlerts on Twitter, but no tweets

It’s a verified account but I probably won’t be following it.

After all, to date it has managed to post a grand total of zero tweets.