E-Passports Can Be Hacked and Cloned in Minutes

Tests conducted for the UK's Times Online have concluded that the new high-tech e-passports being distributed around the world can be hacked and cloned within minutes. A computer researcher proved it by cloning the chips in two British passports and then implanting digital images of Osama bin Laden and a suicide bomber. Both passports passed as genuine by UN approved passport reader software. The entire process took less than an hour.

Initially, the assumption was that cloned chips would be spotted because their key codes would not match those stored in an international database. However, only 10 of the 45 countries participating in the e-passport program have signed up to for the Public Key Directory (PKD) code system, and only five are currently using it. On top of all that, the research also suggests that biometric data could also be manipulated and implemented into fake passports.

At this point, there has been no evidence to suggest that an e-passport has been successfully cloned and passed off as genuine in a real-life situation—but it is bound to happen unless every country buys into the PKD. Even then, I still have my doubts about long-term security. We all know that it's only a matter of time before someone figures out how to manipulate the system.
Original here

US cracks 'biggest ID fraud case'

The US authorities have charged 11 people in connection with the theft of credit-card details in the country's largest-ever identity theft case.

They are accused of stealing more than 40 million credit and debit card numbers before selling the information.

They allegedly hacked into the computer systems of several major US retailers and installed software to access account details and passwords.

Prosecutors said the alleged fraud was an "international conspiracy".

'Increasing vulnerability'

Three of those charged are US citizens. The others come from Estonia, Ukraine, Belarus and China.

The 11 suspects are alleged to have obtained card numbers, account information and password details by driving around neighbourhoods and hacking into wireless equipment.

They are said to have then concealed the information in computer servers both in the US and Europe.

This case highlights our increasing vulnerability to the theft of personal information US Attorney General Michael Mukasey. How secure is your card info?

The Department of Justice said the scam caused "widespread" losses among banks, retailers and ordinary consumers - although it did not put a precise figure on the financial damage.

Retailers targeted included fashion store TJ Maxx and Barnes & Noble.

The justice department urged people worried about the safety of their personal information to contact their banks.

It said this was "the single largest and most complex identity theft case" ever to result in charges being brought.

"This case highlights our increasing vulnerability to the theft of personal information," said US Attorney General Michael Mukasey.

"Cases like these send a clear message to those who might be tempted to abuse our computer networks to steal information and harm law-abiding people and businesses.

"If you do, we will track you down wherever you are in the world, we will arrest you and we will send you to jail."

Global investigation

The accused targeted at least nine retail chains, prosecutors allege.

Those affected were TJX Corporation - which operates the TJ Maxx chain of shops - BJ's Wholesale Club, Barnes and Noble, Sports Authority, Boston Market, Office Max, Dave and Busters, DSW shoe stores and Forever 21.

TJX Corporation, which has shops around the world, revealed that it had been the victim of a massive identity fraud last year.

US Attorney General Michael B Mukasey described the scale of the fraud

More than 45 million credit cards were at risk of being compromised as a result of a breach of its computer systems which began in 2005.

The firm has since reached an agreement to compensate banks which are part of the Visa and Mastercard networks for the cost incurred in replacing cards and dealing with fraud inquiries.

Law enforcement agencies around the world, including in Turkey and Germany, co-operated with the investigation.

There are concerns that identity theft is costing the US billions every year.

In 2006, the Bush administration set up an identity theft task force comprising 17 federal departments and agencies.

Orignal here

A fast, fast-booting, implementation of GNOME aimed at netbooks and older hardware has emerged, and shows "a lot of promise." LXDE has already stacked up a heap of distribution partners.
The LXDE project has released its lightweight Linux desktop for general use. Built into the latest gOS 3 Gadget distro, LXDE is touted as being fast, fast-booting, compatible with old computers, and designed so that "every component can be used without LXDE," say the developers.

The GTK+ 2-based LXDE (Lightweight X11 Desktop Environment) first emerged in late 2006 when two Taiwanese Linux distributions adopted an early version. First came B2D Linux, which apparently no longer uses LXDE, and then came the Ubuntu-based PUD GNU/Linux, which does. Since then, the group, which appears to also be based in Taiwan, has been pretty quiet, but behind the scenes, they have been racking up bundling deals with a number of small Linux distributions that use all or parts of the LXDE code.

LXDE was catapulted into the spotlight in the latest gOS release, announced this week at LinuxWorld. gOS 3 Gadget swapped out Enlightenment E17 in favor of the LXDE desktop. It is not clear that the release will see commercial use, as LXDE is a young project that is not yet complete. However, gOS Founder David Liu said he believes the project has "a lot of promise," describing it as a "scaled-down version of GNOME."


PCManFM file manager
(Click to enlarge)
The full list of distro partners includes:

• PUD GNU/Linux -- Installable Live CD includes full LXDE
  
• TinyMe -- PCLinuxOS-based distro uses some components
  
• Slitaz -- Minimalist Live CD distro uses most components
  
• Greenie -- Slovakian Ubuntu-based OS uses both LXDE and GNOME
  
• Ubuntulite -- Member of Ubuntu Derivatives features full LXDE
  
• Vectorlinux LITE -- LITE edition uses complete package
  
• Myah OS 3.0 Box Edition -- Uses customized version
  
• gOS 3 Gadget -- Latest version of distro in Everex's popular Linux netbooks uses full release

Aside from its lightweight characteristics, one reason LXDE appears to be so popular with Linux distribution makers is that it's highly modular. Explains a LXDE web page: "We don't tightly integrate every component. Instead, we tried to make all components independent, and each of them can be used independently with few dependencies."


LXAppearance, the GTK+ theme switcher
(Click to enlarge)
The LXDE components include:

• PCManFM -- File manager with tabbed-browsing and desktop icons
  
  
• LXPanel -- Desktop panel with configuration done via GUI
  
  
• LXSession -- This standards-compliant X11 session manager offers
  shutdown/reboot/suspend support via HAL and gdm. An LXSession Lite version skips on the X11 support, but is "more stable."
  
  
• LXAppearance -- This GTK+ theme switcher can change themes, icon themes, and fonts.
  
  
• Openbox -- This third-party window manager can be swapped out.
  
  
• GPicView -- Image viewer featuring immediate startup
  
  
• Leafpad -- Third-party text editor
  
  
• LXTerminal -- Desktop-independent VTE-based terminal emulator
  
  
• XArchiver -- Third-party desktop-independent file archiver based on GTK+
  
  
• LXNM -- Still under construction, this network connection helper daemon supports wireless connections

GPicView image viewer (Click to enlarge)

Finally, here are some choice quotes from the LXDE FAQ:

• On why they went with good 'ol GTK+: "The only toolkits with really good i18n supports are gtk+ 2 and Qt, among which gtk+ 2 is lighter. gtk+ is a better choice if portability is important. Writing programs with gtk+ is really a pain, though."
  
  
• "If Windows 98 and xp work quite well on old machines, why my Linux desktop needs a 1.0 GHz CPU + 1GB RAM?"
  
  
• "Not everyone on this earth is rich. There must be a nice desktop environment for those who can't afford new fancy hardware, and we have the ability to help them."
  
  
• "Reinventing the wheel is cool, and we love it!"

Availability

LXDE (version unspecified except for build date) is available now for free from the LXDE site.