The attack started with the infected laptop at a U.S. base in the Middle East, according to Lynn.

“The flash drive’s malicious computer code, placed there by a foreign intelligence agency, uploaded itself onto a network run by the U.S. Central Command,” his article said. “That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control.”

He continued: “It was a network administrator’s worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary.”

» via CNN

BlackBerry maker Research In Motion is willing to block porn sites and let government spies snoop on users, newspapers reported on Tuesday, following a shock ban on its key services in the Gulf.

The BlackBerry’s coveted secrecy has come under scrutiny since Sunday, when the United Arab Emirates announced plans to ban BlackBerry Messenger, e-mail and Web browser services from October 11.

» via MSNBC

The threat by the United Arab Emirates to shut down mobile services on BlackBerrys like e-mail and text messaging underscores a growing tension between communications companies and governments over how to balance privacy with national security.

While communications companies want to be able to ensure that their customers’ messages are shielded from prying eyes, governments increasingly insist on gaining access to electronic messages to track down criminals or uncover terrorist plots.

» via The New York Times

tingletech:

In its complaint, SkyRiver asserts that OCLC’s business practices violate Section 1 and Section 2 of the Sherman Antitrust Act. The 39-page document provides a lengthy description of SkyRiver’s understanding of OCLC’s activities and argues that these practices amount to illegal anti-competitive monopolies and harm other firms, such as SkyRiver and Innovative Interfaces, involved in the industry.

We’ve been focused on the wrong spies. When 11 Russian sleeper agents were discovered living in the United States—and then sent home in exchange for their counterparts—it was hard to resist the sexy espionage tale with echoes of the Cold War. But while we’ve fixated on Anna Chapman and her cohorts, top diplomats were working on a wonkier but more important advance in spycraft. This month, experts from 15 countries agreed to begin serious negotiations on establishing international norms on cybersecurity. This story is far more significant in the long run because, without basic agreements about cyberspace, cyberattacks, and even cyberwars could become a daily danger.

» via Newsweek

International authorities have arrested a computer hacker believed responsible for creating the malicious computer code that infected as many as 12 million computers, invading major banks and corporations around the world, FBI officials told The Associated Press on Tuesday.

A 23-year-old Slovenian known as Iserdo was snagged in Maribor, Slovenia, after a lengthy investigation by Slovenian Criminal Police there along with FBI and Spanish authorities.

His arrest comes about five months after Spanish police broke up the massive cyber scam, arresting three of the alleged ringleaders who operated the so-called Mariposa botnet, stealing credit cards and online banking credentials. The botnet — a network of infected computers — appeared in December 2008 and infected more than half of the Fortune 1,000 companies and at least 40 major banks.

» via Yahoo! News

U.S. newspapers will completely change they way they report circulation beginning October 1, following changes to circulation rules made by the Audit Bureau of Circulations’ board, Editor & Publisher reported today.

The changes include newspapers now being able to count one subscribers multiple times; for example, a subscriber may be counted once for his print subscription, once for his e-reader subscription, and so on. This also includes online, mobile and other subscriptions. Another major change is that newspapers may include “branded editions” (products published under a different name, such as a commuter daily) in their total average circulation. “The board’s aim is to establish a foundation for the future as more newspapers move to bundled print/digital subscription offers and hybrid publishing plans,” the ABC board announced in a press release.

» via Shaping the Future of the Newspaper

Wal-Mart Stores Inc. plans to roll out sophisticated electronic ID tags to track individual pairs of jeans and underwear, the first step in a system that advocates say better controls inventory but some critics say raises privacy concerns.

Starting next month, the retailer will place removable “smart tags” on individual garments that can be read by a hand-held scanner. Wal-Mart workers will be able to quickly learn, for instance, which size of Wrangler jeans is missing, with the aim of ensuring shelves are optimally stocked and inventory tightly watched. If successful, the radio-frequency ID tags will be rolled out on other products at Wal-Mart’s more than 3,750 U.S. stores.

» via The Wall Street Journal (subscription may be required)

Today we’re excited to announce a new edition of Google Apps. Designed with guidance from customers like the federal government, the City of Los Angeles and the City of Orlando, Google Apps for Government includes the same great Google applications that people know and love, with specific measures to address the policy and security needs of the public sector.

We’re also pleased to announce that Google Apps is the first suite of cloud computing applications to receive Federal Information Security Management Act (FISMA) certification and accreditation from the U.S. government. The FISMA law applies to all information systems in use by U.S. federal government agencies to help ensure they’re secure. The federal government’s General Services Administration has reviewed the documentation of our security controls and issued an authorization to operate, the official confirmation of our FISMA certification and accreditation. This review makes it easier for federal agencies to compare our security features to those of their existing systems; most agencies we have worked with have found that Google Apps provides at least equivalent, if not better, security than they have today. This means government customers can move to the cloud with confidence.

» via The Official Google Blog

The new scheme from Microsoft Research does away with complexity requirements entirely while protecting against both dictionary attacks and statistical guessing. The service simply counts how many times any user on the service chooses a given password. When more than a small number of users pick a password, the password is banned and no one else is allowed to choose it. The scheme can only be used by organizations with millions of users—websites like Microsoft’s Hotmail, for instance.

» via Technology Review

Over time we’ve improved search by deepening our understanding of queries and web pages. The web isn’t merely words—it’s information about things in the real world, and understanding the relationships between real-world entities can help us deliver relevant information more quickly. Today, we’ve acquired Metaweb, a company that maintains an open database of things in the world. Working together we want to improve search and make the web richer and more meaningful for everyone.

» via The Official Google Blog