A Week in the News: Metadata, Zero Days, MH 370 Phishing and More

Last week was something of a slow week for those of us that spend our days writing about computer security news. However, while there may not have been an abundance

Last week was something of a slow week for those of us that spend our days writing about computer security news. However, while there may not have been an abundance of news events, there were a small handful of noteworthy stories that emerged.

In brief, the security firm White Hat has released its internal Web browser, which focuses on security and privacy, for use on Windows machines; U.S. President Barack Obama called for an end to NSA metadata collection; scammers used lost Malaysian Airlines flight MH 370 as bait in phishing scams, and another Microsoft zero day emerged.

The Aviator Browser

Internet security and privacy is as fashionable as ever, thanks, in no small part, to revelations over the last year that the United States’ National Security Agency has the capacity to spy on essentially whomever they want. However, securing Web sessions and ensuring that they remain as private as possible is tough work, especially for users who lack the technical understanding or – perhaps more importantly – the time to really get to the bottom of their favorite browser’s settings.

Thus, our friends over at White Hat Security decided to release their Aviator browser to the public (for Mac – at least) a few months ago. They’ve been using the browser internally for a few years now. Earlier this week, they released the Windows variety, making the browser available for a far larger audience.

Aviator is built on the Chromium code base, which is very similar in feel and look to Google’s Chrome browser. However, Aviator is designed to optimise user privacy, security, and anonymity. By default, the browser disallows Web tracking for and by advertisers. DuckDuckGo is the default browser, which doesn’t collect user search history or present ads or track users in any way.

In all, the browser doesn’t simply block ads in the way that a number of popular extensions on the big three browsers do, but rather, it doesn’t make any connections to ad networks at all. Not only does this prevent pervasive corporate tracking, but it also protects users from potentially malicious advertisements. The company says that an added benefit of all this is that the browser actually ends up performing faster than most other browsers.

Obama Calls for an End to Metadata Collection

Almost a year ago, it emerged that the NSA was gathering and holding onto the communications metadata of nearly anyone with a mobile phone or computer. Of all the secret information made public by former NSA contractor Edward Snowden – and it’s a long list of damning allegations against the U.S. spying apparatus – blanket metadata collection seems to have been the revelation that has gained the most traction with the U.S. audience. This is particularly odd because most people didn’t even know what metadata was two years ago, but also because – in retrospect – metadata collection is a bit modest in comparison to some of the other things the NSA has been caught doing.

Any progress is good progress though, and the White House has apparently decided it wants to end the intelligence agency’s collection and storage of phone records. Under the current system, the NSA stores phone record information for five years. Under the new rules, the NSA wouldn’t store metadata at all. It would instead remain with the various service providers who would only be required to retain such information for 18 months.

In fact, just now, as I write this very article, the White House has made public its plan to end the bulk collection of metadata as was permitted under section 215 of the controversial PATRIOT ACT.

Phishing MH 370

As you’re likely aware, some three weeks ago, a Malaysian Airlines flight travelling from Kuala Lumpur to Beijing vanished bizarrely and seemingly without a trace with more than 200 people onboard. At the time of writing, it’s been determined that that flight ended in tragedy. Yet, still there has been no concrete evidence of the flight’s whereabouts, other than that it likely crashed into the Indian Ocean somewhere.

Like other mysterious events and unexplainable disappearances, the saga of MH 370 – despite what was always likely to be a terrible tragedy – has generated a laundry list of absurd and ridiculous conspiracy theories, many of which have been perpetuated by shameless media coverage.

Just as shamelessly (albeit less shockingly because now we’re talking about criminals and not people that call themselves journalists), hacking groups have taken to the Internet to exploit MH 370 for financial and informational gain as well.

More than a few social media click scams emerged, suggesting that MH 370 had been found. Users were prompted to click on a link purporting to contain a news story. This old-fashioned link phishing scam pops up nearly any time anything gathers public attention (celebrity deaths, international sporting events, natural disasters, the list goes on). However, there was also a more sophisticated and targeted spear phishing campaign in which attackers disseminated emails related to the flight with malicious attachments to government officials in the U.S. and Asia Pacific.

Microsoft Word Zero Day

Finally, on Monday, the tech giant Microsoft announced on its Technet blog that it had seen targeted attacks in the wild going after a zero-day vulnerability in Microsoft Word 2010. While the attacks they saw were targeting Microsoft Word 2010, the company said that the vulnerability also affected Word 2003, 2007, 2013 and 2013RT, as well as Office for Mac, Office Web Apps 2010 and 2013, and Word Viewer. They created a fix-it tool for the bug and should have a patch available sometime in the next couple of weeks.