How UK banks contain cyber-threats

19 November 2013 Last updated at 19:16 ET By Mark Ward Technology correspondent, BBC News

The UK's banks are regularly being caught out by cybercriminals, BBC research suggests.

Data from three sources indicates that spam, viruses and other malicious messages regularly emerge from machines sitting on banks' corporate networks.

It is likely that the computers were compromised when bank staff and contractors were caught out by booby-trapped email attachments.

They may also have visited sites seeded with code that infected their PCs.

Some of those infected machines are also likely to have been enrolled in a botnet - a large network of hijacked computers that are used by cybercriminals to distribute spam and viruses, attack other websites or as a source of saleable personal data.

But, say experts, banks are doing a better job than most at protecting their machines from malware.

Sending junk

The BBC found that in 2013 there were more than 20 incidents involving UK bank networks indicative of malicious activity. Similar, though lower, numbers were seen in 2012 and 2011. Some incidents involved addresses that have been sending junk for months but others were addresses seen sending spam for the first time.

Continue reading the main story

Botnet basics

For its research project the BBC compiled a list of the internet address blocks used by a dozen of the UK's largest and best known financial institutions.

Everything connected to the net needs one of these addresses, an IP address, to ensure data reaches its destination.

Junk mail or spam is typically routed through a botnet because this helps spammers conceal its true origins and means it is delivered free.

Tracing the source IP address of spam can be a guide to which machines have been compromised.

The BBC asked those running spam databases to see if any bank IP address featured in that corpus of information.

Further analysis revealed that some of the junk was benign in that it was the banks' own marketing messages arriving at email addresses set up to capture spam. In most of the other cases the spam was distributing malware, involved in phishing or "pump and dump" scams or sought to trick people into visiting dangerous sites.

A separate dataset for 2012/13 shows fewer incidents year-on-year but revealed that seven corporate bank networks are regularly sending out junk, five are home to machines that are part of the well known Conficker botnet and eight are regular sources of malicious activity.

In addition, sources inside UK banks told the BBC that they deal with up to a dozen incidents a month of employees' machines getting infected with malware.

James Lyne, global head of security research at security firm Sophos, said evidence of a botnet on a bank network would be "exceptionally concerning".

"It would give attackers a foothold that they can exploit," he said.

The BBC was aided in its research project by an organisation that runs a huge collection of "spam traps" that log the sources of junk mail and also by researchers at Delft University of Technology, in the Netherlands, who study botnets. Anti-spam firm Cloudmark provided corroboration of some of the BBC's findings.

"There should be no spam coming out of these networks," said Prof Michel van Eeten from Delft who leads the team gathering data on botnets, adding that some of the bank networks studied had a "relatively consistent" problem with infections.

He was also worried about the continuing presence of machines that were part of the Conficker botnet because the exploit used to create that network has been known about and fixable for five years.

"If they are vulnerable to that you have to wonder what else they are vulnerable to," said Prof van Eeten. "This might show they can fall victim to a targeted attack more easily because those are much harder to avoid falling into."

One example of the types of targeted attack finance firms have to deal with is malware that only springs to life when it spots that it has infected a machine sitting on a bank network.

"It's a constant battle," said Matt Allen, director of financial crime at the British Bankers' Association, adding that the UK's banks had some of the strongest systems and controls in the world to defend themselves against cybercriminals.

Continue reading the main story

"Start Quote

Complexity is the enemy of security"

End Quote James Lyne Sophos

"The criminal use of cyber-techniques is an integral part of financial crime offending," he said.

Banks' defence mechanisms operated both within and between individual institutions, he said, and involved them pooling information about recent attacks, tactics and methods.

"The challenge in this area is that as banks develop their controls in line with new criminal methodologies, new techniques will emerge," he said.

"We're not complacent," said Mr Allen. "We know it's changing and evolving quickly."

Most of the UK banks and building societies contacted by the BBC about its findings declined to comment. Most said they never talked publicly on security matters to avoid the accidental release of operational details.

Those that did respond said the net addresses appearing to send out spam were on corporate networks isolated from the systems that handled customer data and online banking transactions.

Bank check

Statistics gathered by security firm OpenDNS suggest that up to 900 botnets are active in late 2013. These crime networks typically involve many tens of thousands of machines. The biggest count millions of PCs as victims.

Botnets have become the standard tool of the cybercrime underground, said Mr Lyne from Sophos.

"Botnets used to do something very specific and were just associated with spam," said Mr Lyne. "Now what we are seeing is that from these botnets attackers will jump in and look for other opportunities."

Now compromised machines sitting on botnets tended to be more actively managed, he said. Some botnet owners would probably analyse addresses that machines report in from seeking out high value targets such as banks and government departments.

Often access to compromised PCs sitting on business networks are sold off on underground marketplaces to thieves who specialise in using those machines as a way to delve deeper into a corporate's computer systems.

Mr Lyne added that it was not surprising that banks were regularly having to find and flush out infected machines as they typically ran systems serving tens of thousands of users and a similar number of computers. Defending all those people and PCs against the 250,000 novel malware variants produced every day was a herculean task, he said.

"Complexity is the enemy of security," he said.

Despite finding that UK bank networks were regularly sending out spam, Prof van Eeten from Delft said the data showed that banks were doing a good job of defending themselves.

"Retail ISPs have infection rates that are several orders of magnitude higher," he said. "This is peanuts compared to that."

The BBC would like to thank Michel van Eeten, Hadi Asghari, Qasim Lone and Payam Poursaied from the Delft University of Technology for their help with this research project,

23.34 | 0 komentar | Read More

UK 'let NSA store email addresses'

20 November 2013 Last updated at 19:56 ET

The UK allowed the US National Security Agency to keep the mobile phone numbers and email addresses of ordinary Britons from 2007, reports say.

Channel 4 News and the Guardian said existing rules were modified in 2007 to allow the US to keep information swept up incidentally about Britons not suspected of criminal activity.

The reports are based on documents leaked by whistleblower Edward Snowden.

The Foreign Office said it did not comment on such "speculation".

Under the seven-decade-old UK-US agreement on intelligence sharing, Britain and America's intelligence agencies are not supposed to collect information on each other without permission.

Before 2007, if the US - on one of its other operations - had come across a British mobile phone number or email address, it would not have been able to keep it.

But, according to the documents, after the rules changed, the US was allowed to keep those records to analyse them for the specific purpose of "contact chaining".

That means looking at the connections between different phone numbers or email addresses.

'Questions raised'

BBC security correspondent Gordon Corera said it was not quite the same as reading emails or listening to mobile phone calls, which still requires a warrant.

But he said the documents raised questions about the motive behind the decision and to what extent the public had a right to know about such programmes.

It is also claimed that a 2005 memo raised the possibility of the US carrying out surveillance on British nationals without British permission when it was considered to be in America's national interest.

But it is not clear if that proposal was acted on.

The Foreign Office said in a statement it did not comment on "speculation around intelligence matters".

"If you are a terrorist, a serious criminal, a proliferator, a foreign intelligence target or if your activities pose a genuine threat to the national or economic security of the United Kingdom, there is a possibility that your communications will be monitored," the statement added.

"If you are not, and if you are not in contact with one of those people, then you won't be. That is true, actually, whether you are British, if you are foreign and wherever you are in the world."

Former NSA contractor Edward Snowden fled to Russia in June after leaking details to the media of extensive internet and phone surveillance by American intelligence.

Mr Snowden, who has been granted temporary asylum in Russia, is wanted by the US on espionage charges over his actions.

23.34 | 0 komentar | Read More

PM followed escort agency on Twitter

20 November 2013 Last updated at 12:48 ET

Prime Minister David Cameron appeared to accidentally follow a high-class escort agency on Twitter.

Number 10 told the BBC the account had been followed due to an automated system they had in place in 2009. It said it was in the process of unfollowing "inappropriate" accounts.

Carltons of London's website said it offered the "finest London escorts to gentlemen of distinction".

Downing Street said "following" did not imply the PM's endorsement.

It is the latest embarrassing social media incident that has involved Mr Cameron in recent weeks.

Last month an offensive tweet about foreign secretary William Hague was accidentally "favourited".

That instance was blamed on a mistake made by one of Mr Cameron's aides responsible for helping to run the account.

In relation to the escort agency, Number 10 told the BBC the following was unintentional.

"Prior to 2010, an auto-follow process was used, meaning that @Number10gov automatically followed anyone who followed the account.

"This was common practice at the time for many corporate accounts, but was discontinued in 2009.

"As a result of this legacy, the @Number10gov account follows almost 370,000 accounts and we have taken steps to un-follow as many as possible that are inactive, spam or inappropriate. This work is ongoing."

The BBC could not reach Carltons of London on Wednesday.

However technology news site The Register - which first reported the apparent slip-up - quoted a source at the agency as saying: "I don't know anything about the Prime Minister or Twitter."

23.34 | 0 komentar | Read More

Shorter .uk net domain plan revived

20 November 2013 Last updated at 06:11 ET By Leo Kelion Technology reporter

UK websites will soon be able to use shorter addresses despite concerns the move could cause confusion.

The plan will allow owners to buy a "name.uk" web address to use instead of or in addition to "name.co.uk", "name.org.uk" and other alternatives.

Nominet, the organisation responsible, had previously shelved the idea after acknowledging it would confuse people.

But after making some changes and carrying out a second consultation it said it now planned to proceed.

The decision will affect more than 10 million customers who currently use domains ending in .uk when it begins in the middle of next year.

Nominet's French and German equivalents have already carried out a similar move.

"We think internet users are pretty savvy and will take this in their stride," Nominet's chief executive, Lesley Cowley, told the BBC.

'Low prices'

Many businesses might feel compelled to purchase the new shorter addresses as well as continuing to run their existing ones in order to prevent others buying them to hijack traffic - something that will add to their running costs.

But Ms Cowley played down the scale of the problem.

She noted that the price it would charge to middlemen domain registrars would be £3.50 for single-year contracts and £2.50 a year for multi-year ones. The organisation had originally proposed charging £20 a year for the new addresses.

"Our wholesale prices are among the lowest in the world," she said. "A Starbucks coffee is almost more expensive."

Ms Cowley added that during the most recent consultation, business leaders had been more concerned about the fact they would feel forced to fund address rebrands at a time that might not suit them.

As a consequence Nominet has extended the amount of time its customers have to decide whether they want to pay for a shorter name before it will be offered to others.

The original plan was to offer a six-month "first dibs" window, but the right-of-refusal period will now last up to five years.

Competitive threat

Nominet acknowledges there is still the "theoretical risk" of confusion among the general public.

For example, people might become confused about which domain name to use in emails, leading some messages to be misdirected.

However, it said this was a risk to any change in the internet's naming system. And it noted that another - potentially bigger - change was happening anyway.

Icann (Internet Corporation for Assigned Names and Numbers) is in the process of creating about 1,400 new generic top-level domains (gTLDs). These include creating addresses ending in .camera, .singles and .london. There had previously been only 22, including .com and .net.

Some of the new ones are in non-Latin scripts. Among those already approved are شبكة. - the Arabic equivalent of .web - and 游戏 - the Chinese for .game.

Although Nominet is a non-profit organisation, it was worried that Icann's move meant it would lose business.

"Absent any credible competitive strategy, Nominet would be bound to lose significant market share in the future," the organisation said in a statement.

"We also note that the benefits of maintaining .uk relevance accrue not just to Nominet or its registrars but to all users of the .uk namespace who benefit from the high profile and positive perception of .uk."

One other change to the original plan is that applicants will no longer have to have a verified UK presence in order to qualify.

This had initially been proposed to help ensure consumers had a "high level of confidence" in sites that had switched to the shorter name.

However, fears that this would be too stringent mean the rule has been relaxed, and applicants will now only need to have a physical address in the country that the police or others can use to reach them.

23.34 | 0 komentar | Read More

E-Sports settles Bitcoin hijack case

20 November 2013 Last updated at 06:59 ET

A video games company has agreed to settle a case in which it was accused of hijacking its customers' computers to create Bitcoins.

It had been alleged about 14,000 of its customers' PCs had been used to generate the virtual currency in April.

E-Sports Entertainment has agreed to pay the State of New Jersey $1m (£620,000) to resolve the case.

However, it can avoid handing over $675,000 of that if it does not break the law for 10 years.

Continue reading the main story

Bitcoin is often referred to as a new kind of currency.

But it may be best to think of its units being virtual tokens rather than physical coins or notes.

However, like all currencies its value is determined by how much people are willing to exchange it for.

To process Bitcoin transactions, a procedure called "mining" must take place, which involves a computer solving a difficult mathematical problem with a 64-digit solution.

For each problem solved, one block of bitcoins is processed. In addition the miner is rewarded with new bitcoins.

This provides an incentive for people to provide computer processing power to solve the problems.

To compensate for the growing power of computer chips, the difficulty of the puzzles is adjusted to ensure a steady stream of about 3,600 new bitcoins a day.

There are currently about 11 million bitcoins in existence.

To receive a bitcoin a user must have a Bitcoin address - a string of 27-34 letters and numbers - which acts as a kind of virtual postbox to and from which the bitcoins are sent.

Since there is no registry of these addresses, people can use them to protect their anonymity when making a transaction.

These addresses are in turn stored in Bitcoin wallets which are used to manage savings.

They operate like privately run bank accounts - with the proviso that if the data is lost, so are the bitcoins owned.

New Jersey's acting attorney general said the settlement served as a message that the authorities would protect citizens against anyone who invaded their computer privacy.

"These defendants illegally hijacked thousands of people's personal computers without their knowledge or consent, and in doing so gained the ability to monitor their activities, mine for virtual currency that had real dollar value, and otherwise invade and damage their computers," said John Hoffman in a statement.

E-Sports said that it had fired the employee responsible for the incident and would submit to regular privacy audits by a third party. But it stressed that it had not admitted to breaking the law.

"The settlement that was signed makes explicitly clear that we do not agree, nor do we admit, to any of the State of New Jersey's allegations," it said on its blog.

"The press release issued by the attorney general about our settlement represents a deep misunderstanding of the facts of the case, the nature of our business, and the technology in question."

Bitcoin mining

E-Sports charges gamers a subscription to allow them to play supported games - such as Counter-Strike and League of Legends - against each other safe in the knowledge that it has installed anti-cheat software on their PCs.

New Jersey had alleged the company had generated about $3,500 over a fortnight in April by adding code to its product that created a "botnet" - a network of computers controlled through malware - to generate Bitcoins.

Bitcoins can be created by using a PC's processors to solve complicated mathematical problems in a technique called "mining". This allows Bitcoin transactions to be processed, and acts as an incentive for third parties to provide the necessary computing power.

The matter came to light in May when a user noticed unusually high usage of his PC's graphics processing unit (GPU) at times when he was not using the computer.

E-Sports' co-founder Eric Thunberg initially dismissed the affair as an April Fools joke gone wrong.

However, following a user backlash - he later acknowledged "this is way more shady than I originally thought" and blamed the "unauthorised" use of the Bitcoin mining code on a rogue employee who had acted for "personal gain".

Affected members were subsequently offered a free month's subscription and the company promised to help anyone whose processors might have overheated and been damaged as a result of its software.

23.34 | 0 komentar | Read More

Inflatable 1km solar chimney planned

20 November 2013 Last updated at 08:36 ET By Dave Lee Technology reporter, BBC News

Plans for a 1km (3,280ft) inflatable solar chimney have been outlined by a leading balloon specialist.

Per Lindstrand, who crossed the Pacific in a balloon with Sir Richard Branson in 1991, said the technology could offer more efficient green power generation in remote areas.

It could help in areas with high seismic activity, where maintenance of solid structures is difficult.

He told The Engineer magazine the project could cost about $20m (£12m).

Several companies are experimenting with "solar updraft" technology, which is seen as preferable to flat solar panels. And Lindstrand Tech specialises in developing "lighter than air" technology.

Mr Lindstrand told the magazine there was a need, particularly from research centres based in deserts, to have a cleaner alternative to diesel and gas power, but without the fallibility associated with existing solar technology.

"The problem in this part of the world is the sand is very fine and would very quickly clog up solar panels, so you have a very big cleaning job in a place that has no water," he said.

Making the tower an inflatable structure would bring the cost of the project down dramatically, Mr Lindstrand said, saving hundreds of millions of dollars compared with similar towers made of concrete.

Floating

Research into the technology is being carried out at the Urban Sustainability and Resilience centre at University College London.

While one application is in desert conditions, the team also said it believed building the chimney on water was another option - one which would allow it to support its own weight.

Continue reading the main story

We are daring to think big"

End Quote Patrick Cottam Research engineer

Engineer Patrick Cottam told the BBC that the idea was in its early stages - but work had begun on building a lab-based test model, measuring 3.5m.

"We're getting the first prototype of the floating chimney made by the end of the year," Mr Cottam said.

"I also have some additional funding that will allow me to build another one in the region of 20m tall."

Race to the sky

Using large, thin towers to harvest energy using solar updraft is an idea that is over a century old - a concept first mooted in 1903.

At the base of the tower, a large area of solar panelling collects energy from the Sun's rays. The resulting hot air is sucked up through the chimney, driving wind turbines that generate electricity.

However, the technology has been slow to be develop, thanks in part to the high financial risks in backing a technology that, at scale, might not work.

Past experiences with solar updraft have faced mishaps - one experimental chimney erected in 1982 was decommissioned after cables supporting it were weakened by rust, putting it at risk of falling over.

Ongoing projects include efforts by Australian firm Enviromission, which said it planned to build a tower in Arizona, US.

Mr Cottam said the increasing necessity of developing more efficient renewable energy - coupled with recent super-tall structure success like the Burj Khalifa hotel in Dubai - meant projects such as this could now quite literally get off the ground.

"We are daring to think big," he said. "The financial landscape is changing."

For now, the research is being funded in part by the UK's Engineering and Physical Sciences Research Council.

Mr Cottam has also been awarded money from the 1851 Royal Commission - a body that gives grants to researchers and engineers.

Follow Dave Lee on Twitter @DaveLeeBBC

23.34 | 0 komentar | Read More

LG investigates 'spying' Smart TVs

20 November 2013 Last updated at 09:32 ET By Leo Kelion Technology reporter

LG is investigating allegations that some of its TVs send details about their owners' viewing habits back to the manufacturer even if the users have activated a privacy setting.

It follows a blog by a UK-based IT consultant who detailed how his Smart TV was sending data about which channels were being watched.

His investigation also indicated that the TVs uploaded information about the contents of devices attached to the TV.

It could mean LG has broken the law.

The Information Commissioner's Office told the BBC it was looking into the issue.

"We have recently been made aware of a possible data breach which may involve LG Smart TVs," said a spokesman.

"We will be making enquiries into the circumstances of the alleged breach of the Data Protection Act before deciding what action, if any, needs to be taken."

When the consultant - Hull-based Jason Huntley - contacted the South Korean company he was told that by using the TV he had accepted LG's terms and conditions, and that any remaining concerns should be directed to the retailer who had sold him the screen.

But when the BBC contacted LG, it indicated it was looking into the complaint.

"Customer privacy is a top priority at LG Electronics and as such, we take this issue very seriously," said a spokesman.

"We are looking into reports that certain viewing information on LG Smart TVs was shared without consent.

"LG offers many unique Smart TV models which differ in features and functions from one market to another, so we ask for your patience and understanding as we look into this matter."

Security fears

Mr Huntley said he had first come across the issue in October when he had begun researching how his Smart TV had been able to show his family tailored adverts on its user interface.

Digging into the TV's menu system, he had noticed that an option called "collection of watching info" had been switched on by default, he said.

After switching it off, he had been surprised to find evidence that unencrypted details about each channel change had still been transmitted to LG's computer servers, but this time a flag in the data had been changed from "1" to "0" to indicate the user had opted out.

"That's a terrible implementation of the idea," Mr Huntley told the BBC.

"It still sends the traffic but labels it saying I didn't want it to be sent.

""It's actually worse, I think, than if they'd not offered the optout in the first place since it allows the user to believe nothing is being sent."

He had then attached an external hard drive to the TV's USB slot, expecting that the screen might simply report that he had been watching material from an external device, he said.

Instead he had found the name of each media file stored on the drive - including photos labelled with his children's names - had been sent back to LG.

He had confirmed this had been the case by creating a mock video clip that he had named "midget porn", which had then showed up in unencrypted traffic sent back to LG, he said.

Mr Huntley suggested that even if LG had never inspected the data, it could still pose a security risk as hackers could take advantage of the practice.

"I can't prove that this was being actively logged by LG, but nevertheless it was being transmitted in the clear across the internet's backbone to wherever the servers are located," he said.

A spokesman for LG said the company intended to comment further "shortly".

23.34 | 0 komentar | Read More

NHS electronic prescribing 'patchy'

20 November 2013 Last updated at 21:36 ET

There is wide variation in electronic prescribing in NHS hospitals, putting patient safety at risk through medication errors, research suggests.

A survey of 101 hospitals in England indicated 69% used some form of electronic prescribing, but there was wide variation in the systems used.

Only one of the hospitals used a single system in all of its clinical areas, a University College London team said.

The Department of Health has promised to spend £1bn to replace paper systems.

The study is published in the journal Plos One.

Lead researcher Prof Bryony Franklin, of the University College London School of Pharmacy, said within the UK, most GP prescribing was now done by computer, but prescribing for hospital inpatients generally still required pen and paper, in contrast to many other developed countries.

"The level of variation in the use of electronic prescribing between hospital departments, and the diversity of the systems in place, presents a potential threat to patient safety in the form of medication errors," she said.

"We have demonstrated huge variation in the extent to which electronic prescribing is being used in NHS hospitals, and how it is being used.

"Innovative solutions are now needed, making full use of the government funding available, to manage this diversity and facilitate development of safe, comprehensive, hospital-wide systems in a cost-effective way."

A Department of Health official said: "Earlier this year we announced £1bn in funding will become available to replace outdated paper-based systems for patient notes and expand electronic prescribing.

"This kind of technology can help reduce prescribing errors, enable more efficient administration of medicines and free up staff time to spend with patients - not paperwork."

23.34 | 0 komentar | Read More

Australia sites hacked amid spy row

21 November 2013 Last updated at 00:25 ET

Hackers have attacked the websites of the Australian police and Reserve Bank amid an ongoing row over reports Canberra spied on Jakarta officials.

The row has heightened diplomatic tensions between the allies and sparked protests in Indonesia.

Indonesia has suspended military co-operation with Australia and recalled its ambassador over the allegations.

A top Australian adviser has also come under fire for several tweets critical of Indonesia's handling of the row.

Reports of the spying allegations came out in Australian media from documents leaked by whistleblower Edward Snowden.

The leaked documents showed that Australian spy agencies named Indonesian President Susilo Bambang Yudhoyono, the first lady, the vice-president and other senior ministers as targets for telephone monitoring, Australian media said.

The alleged spying took place in 2009, under the previous Australian government.

"It is not possible that we can continue our co-operation when we are still uncertain that there is no spying towards us," Mr Yudhoyono said on Wednesday.

He added he would also write to Australian Prime Minister Tony Abbott to seek an official explanation over spying allegations.

Mr Abbot has said he regretted the embarrassment the media reports have caused.

However, he also said that he does not believe Australia "should be expected to apologise for reasonable intelligence-gathering operations".

Cyber attacks

The Australian Federal Police (AFP) and Australia's Reserve Bank confirmed that their sites were victims of a cyber attack on Wednesday night.

"We have had an attack on the open source website," AFP Commissioner Tony Negus said. "I am not sure who is the perpetrator but we are investigating that."

Australian police said that the site was "not connected to secret networks" and no sensitive information had been compromised.

"These attacks are irresponsible, and will not influence government policy," the police added in a statement.

The Reserve Bank also said its website was "the subject of a denial of service attack".

"The bank has protections for its website, so the bank website remains secure," a spokesman added.

Australian media identified a Twitter user who described herself as a member of Anonymous Indonesia and appeared to claim responsibility for the attack.

The user wrote: "I am ready for this war!" and said she would conduct further attacks unless there was an apology from the Australian government for the alleged spying.

Twitter outburst

Meanwhile, Mark Textor, a campaign strategist who advised Australian Prime Minister Tony Abbott's Liberal Party came under fire for a series of provocative tweets that criticised Indonesia's handling of the spying row.

Mr Textor wrote in a Twitter post: "Apology demanded from Australia by a bloke who looks like a 1970's Pilipino [sic] porn star and has ethics to match". The tweet has since been deleted.

Australian media widely reported that he was referring to Indonesian Foreign Minister Marty Natalegawa, who has called for an apology from Australia over the spying claims.

Mr Textor also appeared to criticise Mr Yudhoyono's use of Twitter to express his anger at Australia.

His tweets were criticised by opposition foreign affairs spokeswoman Tanya Plibersek, who described them as "highly inappropriate comments".

However, Liberal Party MP Steve Ciobo said Mark Textor was "a private citizen" and that the comments were "made in a private capacity".

On Thursday, Mr Textor wrote: "Apologies to my Indonesian friends - frustrated by media-driven divisions - Twitter is indeed no place for diplomacy."

He told broadcaster ABC that he was "not referring to anyone in particular" in his earlier tweet.

23.34 | 0 komentar | Read More

Facebook sues over sex tape spam

21 November 2013 Last updated at 06:42 ET

Facebook launches legal action against an alleged spammer suspected of posting fake links to a supposed sex tape of Justin Bieber and Selena Gomez.

Court papers filed in the US allege Christopher Peter Tarquini was behind the faked Facebook messages.

Users who clicked the link in the posts were redirected to sites that allegedly paid Mr Tarquini for hits.

In addition, clicking led to the posts being automatically shared with users' Facebook friends.

In its legal complaints, Facebook calls Mr Tarquini, of New Jersey, a "recidivist" spammer who has spent much of the past five years crafting computer programs that put "deceptive messages, images and links" on the site's pages.

One of the most notorious of the programs involved faked images purporting to take people to a video of actress Selena Gomez with her partner, singer Justin Bieber. Instead the link led to a pop-up message asking for access to a Facebook account that then let an app take control and spam the message out to a person's friends.

Mr Tarquini persisted in targeting the social network even after he was told that his actions violated Facebook's terms - his account was shut down and he was told never to use the site again, the papers state.

Facebook said it had a confession from Mr Tarquini that he had written the program that took over accounts and posted faked links. Now it says it wants to be reimbursed for the cost of clearing up after Mr Tarquini and for the work it has done to track him down. In addition, it wants him banned from ever using Facebook again.

Mr Tarquini has yet to file any legal response to Facebook's claims.

The action against the alleged spammer is the latest in a series of steps Facebook has taken to stem the flow of junk messages passing through the network.

In September, Facebook won a $3m (£1.8m) settlement against a spam company that sent tens of thousands of messages to users.

In addition, in 2009 Facebook was awarded $711m after winning a lawsuit against spammer Sanford Wallace.

23.34 | 0 komentar | Read More