About us: Webplanet.ru is the leading Russian online daily on Internet business, life and development. You can use our RSS-feed. For contact: info [doggie] webplanet.ru
It was yesterday, August 6th, about 17:30 in Moscow, when we saw Twitter, Livejournal and Facebook went down. So we run a story about it, here on Webplanet.ru. In our report, we suggested it could be a DDoS-attack to commemorate the day when the first American atomic bomb destroyed the Japanese sity of Hiroshima. August 6th, 1945.
Some hours later, Twitter and Facebook confirmed they were DDoS'ed. So the newspapers started to ask security experts what's the reason for these attacks. To our big surprise, no Western security expert knew about Hiroshima!
Lets see: The Guardian talks to Sophos and Symantec. "This seems like far too much to be a coincidence," said Graham Cluley, a senior consultant at IT security firm Sophos.
John Harrison of Symantec is also very "informative": "We're very surprised to see these types of attacks coming. Usually the people behind it want to use it for financial gain, not simply to take services away... It can be as simple as retribution against other hackers. It seems trivial and backwards, but it could be something as simple as that"
Then, PC World quotes Randy Abrams from ESET (wow, he's Director of Technical Education!). Again, the antivirus guy doesn't see the picture:
"Perhaps the bad guys are upset that Twitter has recently started filtering URLs in order to cut back on the amount of malware the user’s experience".
“This kind of stuff happens every day... there’s nothing to indicate there’s anything particularly interesting about the attack from a technical perspective... [blah-blah-blah]... It’s not clear what the motivation is for the attack. One of the most famous, and overblown DDoS attacks was launched against Estonia’s media and governemnt by Russian nationalist hackers and wannabes".
Oh, Russians again? No, wait! This is developed by New York Times to the wildest extreme. They found someone called Bill Woodcock, "a research director of the Packet Clearing House, a nonprofit technical organization that tracks Internet traffic". That clever Bill said the attack "was an extension of the conflict between Russia and Georgia".
"It was not clear who initiated the attack, he said, but likely “one side put up propaganda, the other side figured this out and is attacking them". He said he found evidence that the attacks had originated from the Abkhazia region”, says the paper.
Sounds like Tarantino, huh? One side, the other side... And then, just a year later... both sides suddenly go and kill Twitter on the other side of the Earth! Attacks originated from the Abkhazia? Ok, let's call it Russia for this time! Americans never look at the map anyway.
Hopefully, the reader's comment from Mashable.com makes this theory better: lets talk Iran 'cos everybody talks Iran nowadays. Or Chavez from Venezuela. Big hacker, too.
Sorry but we have to repeat this for you, illiterate / brain-washed / memory-editted Americans: August 6th is The Day You Bombed Hiroshima. The second bomb destroyed Nagasaki three days later, on August 9th.
For last two weeks, Western media including many respectfull newspapers was spreading hysteria about "Russian hackers" who attacked Georgian sites during the fight on the border between Georgia and South Ossetia. No, our Webplanet magazine is not going to tell you "Russia is always right". We just say this story is a perfect situation to tell the difference beetween professional journalism and propaganda dummies. It is true that IT topics are hard for a common journalist. Yet the job of journalist is not about being a passive carier for the media viruses. So next time you want to recall "that story about Kremlin cyber-attacks", please take into account these facts:
(1) The first DDoS-attacks on Georgian sites on 8th of August started more than 12 hours after the Russian military operation started. The botnets used for attacks previously had targeted porn and gambling sites. It's casting doubt on Georgia's claims it was orchestrated as part of Moscow's military offensive. This is recognized even by western press ("Analysis: Russia-Georgia cyberwar doubted" by UPI).
(2) On 8th of August, some Russian and Ossetian sites were DDoS-attacked as well. The biggest Russian news agency RIA Novosti (rian.ru) was down for two days, the problem started with their Georgian project newsgeorgia.ru. Ossetian news sites osinform.ru, cominf.org, tskhinval.ru went down, too. Most western news ignored this fact, or dropped just a couple words about it (Jose Nazario, security researcher for Arbor Networks, told CNET News that "he's seeing evidence that Georgia is apparently fighting back, attacking at least one Moscow-based newspaper site").
(3) The words "fighting back" are wrong - the attacks on both Russian and Georgian sites started the same time and stopped the same time. By the 12th of August (when the most papers cried about it) all the attacked sites mentioned were up and running OK, both Georgian and Russian ones. But all these sites had different hostings, different security. This fact leads us to the conclusion that both waves of DDoS-attacks were orchestrated by the same "third party" as a provocation to make media buzz and create more tensions between Russian and Georgian folks. Later our sources among security experts proved this guess: most of the attacks on Russian and Georgian sites on 8-12 August were started from Ukraine which is now used by many badboys as an "Internet off-shore" for malware.
(4) Neither Russian nor Georgian military get its own serious "cyber-troops" nowadays. But this kind of special units for cyber war are well developed in the USA. Before this conflict, the Georgian army was trained by US military experts in Iraq. The Wired magazine published a good story about it ("Did the U.S. Prep Georgia for War with Russia?"). And its readers recalled the scenario (or should we say "a training guide"?) for this case - Tom Clancy's "Ghost Recon" videogame. The game is about a squad of U.S. Special Forces, with special missions in foreign countries. The game starts in Georgia: "During the first few missions of the game, the Ghosts battle South Ossetian rebels... The Ghosts fight in the forests, on farms, and in villages while assisting their NATO allies in fighting the enemy". Now, the game gets real. Could the US Ghosts bring the same "help" to the cyberworld by assisting NATO-bended ukrainian hackers? Ask Tom Clancy if you don't see the whole picture by yourself.
I would like to bring to your attention the issue of the web site domains Mama.ru and Doktor.ru outlined below. Since June, 2000 I have been employed as a Director at ZAO DOKTOR.RU, a Rambler Holding company. On December, 2007 I was notified of my employment termination, effective January, 2008. As a director of the company, I have been responsible for managing web site properties “MAMA.RU” and “DOKTOR.RU”.
Prior to my employment by ZAO DOKTOR.RU, I owned these web site properties as well as web site domain names. I transferred ownership of domain names “MAMA.RU” and “DOKTOR.RU” to Rambler. As I will no longer be employed by Rambler, I am now seeking transfer of domain ownership of these sites back to me. So far Rambler has not responded my requests and hence I’m seeking your help and guidance.
On , June 1998 I became the owner of two web site domains, “mama.ru” and “doktor.ru”, registered for me by Redcom, a services company that provided technical support for these web sites. In May, 2000 I was approached by representatives of Russian Funds and Orion Capital Advisors, two investment firms that provided first round of funding for Rambler, with a proposal to invest into mutual development of both sites.
As part of the agreement, I was offered employment as well as assured that I will get a share in the about-to-be-opened joint venture that will deal with my websites (offshore company, that was opened eventually without my participation in it), in exchange of transfer of domain ownership rights to Rambler. Note that only ownership of domains “MAMA.RU” and “DOKTOR.RU”, and not the content of these domains, was transferred to Rambler. In addition, the investment firms arranged for funding to be provided by an Internet incubator company NetValue.
Further owners of Rambler disregarded the issue of domain transfer, which I addressed numerous times; nevertheless, they retained me as a director of ZAO DOKTOR.RU.
The challenge of this issue is that the agreement for domain ownership was not properly documented. I currently cannot supply any records of this agreement, that stipulate details of the agreement, or outlines conditions of domain name transfers. The only document that exists is a memorandum of intentions between the first wave of Rambler investors and me.
As there is not a legally binding document outlining domain ownership transfer details, I am having difficulty gaining back ownership of these domain names. I would like to resolve this issue without litigation. Nevertheless, if I don’t get a clear response and Rambler continues using my content on the sites, you will leave me with no other option than to seek legal action.
The history of Mama.ru and Doktor.ru creation can be found in the news archives:
The first versions of these sites, with my copyright, can be found in web.archive.org:
I would like an opportunity to discuss my situation in more detail, and provide you with documents and evidence in support of my case.
The protection system which prevents the multiple automatic registration of fraudulent accounts at GMail is cracked following the same breakage in Yahoo! and Microsoft Live webmail services. The example of spambot work is published by Russian security blog . The bot goes wild with a trojan. After some user's computer is infected, the bot grabs GMail captcha and sends it to a special server where the captcha is recognized and the result is send back to the bot, so it can register a new Gmail account and start spamming.
The address of the spam server is hidden in this example but the authors of the security blog told Webplanet that the bot "is connected to Russian-speaking site".
In January, some group of "Russian researchers" showed how with the recognition rate about 35%. A couple of weeks later Windows Live captcha . These protection systems from Microsoft, Yahoo and Google where considered pretty safe so anti-spammers didn't list these mail services in their "black lists". Now they got a problem: "In the past week or so, Websense antispam filters have gone from blocking fewer than 100 Windows Live accounts per day to a number that's in the thousands". Some people say more spam , too. We are looking forward to see more sophisticated Turing tests on the Web. Or it's about time to use Philip Dick's tests for androids? Google Androids, in this case.
The visit of the Free Software Foundation leader Richard Stallman to Russia in March 2008 could be canceled because of the problems with too-late visa application. A part of the trouble appeared to be Stallman's rejection to get help from Victor Alksnis, the State Duma member and the only Russian politician who helps Free Software and Open Source movements in Russia.
Alksnis promoted Stallman's upcoming visit thru his blog posts, and said he could help with "administrative issues" as well. However, the moderator of linux.org.ru Sergey Udaltsov (who lives in Ireland not Russia) wrote saying Alksnis is a bad guy for Free Software, because of "his fight against the independence of the Baltic countries" in late 80s. Udaltsov also says Alksnis wants to use GNU/Linux for his own political goals including the creation of Russian "National OS" (independent from Microsoft). After this letter, Richard Stallman said he didn't want Alksnis to organize his visit to Russia. Perhaps, Stallman won't come at all.
We at Webplanet.ru think the rout of this problem in not politics but the "language barrier" we already described. Western folks don't know much about Russian IT situation 'cos they don't read Russian. The only information channel for them is "former Russians" who live abroad and speak English - like Irelander Sergey Udaltsov who controls linux.org.ru. But these "foreign Russians" usually get pretty paranoid about their "former motherland" calling it a dictatorship daily (perhaps as an excuse for their departure). So we hope Russian linuxoids find some sane local leaders. No need to marry free software and politicians, it's true. Yet we don't see why Free Software activity in Russia should be killed by some old-fashioned Cold War rhetorics from Ireland.
Intel announced today it is giving 2500 Classmate PC to schools in Russia in terms of Intel World Ahead program. Another 500 arriving at Ukrainian schools and 300 at schools in Kazakhstan.
Last year Intel was seeking Russian government's support for another part of its global initiative, targeting school teachers. Its educational program on how to use technology in study process was presented in June 2006 at the economy forum in St.-Petersbourg. At the same time Intel's ground in Russia was attacked by AMD, which claimed its competitor doubled governmental expends on hardware ever purchased for federal needs.
With 1 mln Asus Eee PC bought for Russian schools last year by Deripaska's charity fund, Intel's Classmate PC action might be either a miserable PR effort or a give-2500-get-a-federal-order demo.
Poor imagination of Russian people often helps them to fight craziness of western civilization. When the plan to open cyrillic domain names was announced last year, it didn't make much noise in Russia. The idea is simple: people want to use Russian web-adresses, but they don't want to mix cyrillic and latin letters in it, because such a mixture would help criminals to make fake web-cites. The solution: domain names in .RU zone will be in latin only, as it was before, because RU suffix is already in Latin. And new cyrillic names will be registered with new domain suffix .RF (spelled in cyrillic only!), so the whole domain name will be in cyrillic letters. Russian critics of this plan say this is nothing but another money-making scheme for the domain registrators.
But West go nuts about it. The Guardian's article "" is the wildest non-science fiction we've seen so far. First, it says "Russian Cyrillic keyboards make it difficult for Russian users to search for domain names using the roman letters" - false, all our keyboards get latin letters (though some get no cyrillics yet). Second, it says "Russian international domain names would use their own root servers" - false again. The root has not been split, ; what is more important, there is no need to split roots to control the traffic, and China proved this already.
Third, cyrillic domains somehow "will put a wall between cybercriminals and their victims... makes it very difficult to track Russian cybercrime", said Guardian's no-one-knows-who experts. Sure they don't see (or don't want to tell?) the whole picture. Look: criminal RBN network moved from Russia to China, music pirate MP3Sparks.com moved to Turkey, same businesses Allofmp3.com and MuzF.ru shut down by Russian authorities. Even Google, the worldwide spy #1 and the worldwide security breach #1, is scared to open its new spy services in our country. Doesn't Russia fight cybercriminals, huh?
So the only clear message we got from The Guardian: western security experts and government agencies want more money. For this purpose, they use media to create Big Enemy Image and start Cold War 2.0. And the worst thing is: the provocation started to work on Russian side. The fake story of "isolated Internet plan" made up by one British newspaper is already picked up by Russian bloggers and press. Some Russian politicians already use it saying the idea is good, and discuss who is to be in charge for this project. Our only hope is that poorness of Russian imagination will save us again, and this crazy British dream won't come true.
Alex Patsay, one of Mac devotees in Russia, has posted an in his blog. He's reasoning of Apple's 'PR fiasco' in Russia and criticizing its overpricing policy. "When the price for the gadgets is 75% higher than it’s in the US, it just looks extremely strange for the locals. Even though Russia has oil and other natural resources, the average salary here is still mere $300 per month", he writes.
Starting with opinionated speech on why Apple should be interested in 'gaining some grounds in the emerging markets', he expectedly came to implying that such unproper policy would be of much interest to the proper institutions. In particularly, he reveals, it might be of RosPotrebNadzor competence (organization similar to Attorney General Office in the US), 'the extremely powerful organization that can forbid operating on the market till the certain conditions are met'.
Patsay distributed his statement to popular online news sites and appealed to the members of Mac-users' LiveJournal community .
Russian web-design studios created less sites in 2007, mostly because of growing prices and demand from serious brands, according to TAGLINE . It says designed 45 sites, half as much as in 2006, scored 10 compared to 40, - 35 compared to 55 a year ago. Along with self-made inflation most studios were targeting business diversification, and the niche leaders (like Flash- or 3D-design) showed the best results in 2007.
Jan,15 Corel Corp. announced it's supplying 1 mln CorelDraw Graphics Suites for all primary and secondary schools desktops in Russia under the terms of the licensing agreement with the Russian Federal Agency of Education (RFAE). Jan,21 Adobe Systems released a press-note in which it says is will suppl the same million licenses both of Suite 3 Production Premium and Creative Suite 2.3 Premium to the same school desktops. The Adobe note emphasized that Corel "rushed to distribute its press-release" creating the "wrong idea" of the contents of software set installed on schools desktops in Russia.
