Category Archives: Uncategorized

ETV showed sensitive information on the screen

On Tuesday, “Ringview” had the episode in which the reporter Jüri Muttika traveled around the editorial office of ERR and asked ETV TV presenters to demonstrate their handwriting. An embarrassing error by the video editors allowed the frame to be broadcasted, which contained “Terevisiooni” file transfer protocol (FTP) username and password, hence allowing everyone to view the content on the servers.

The clip shows that the TV presenters tried to hide their notebooks and computer screens from the camera, which makes it especially embarrassing – basically everyone was able to watch broadcast materials.

The error in ERR was quickly recognized and now the password should be changed. The topic is also up in Facebook IT-man’s group, where the IT people write jokingly: “No such user and password do not really hide anything.”

Wouldn’t we expect the ETV internal FTP server to be firewalled from the external world?

Links:
http://publik.delfi.ee/news/kino/sajandi-teleaps-ringvaade-naitas-ekraanil-tundlikku-siseinfot?id=80476232

President to decorate persons who helped to solve ID card crisis

The President decided to recognize with decorations three people who helped to solve the crisis of the ID-card that struck Estonia last year. The Order of the White Star, 5th Class will be handed to Margus Arm, the head of the State Information System Agency eID field, Kaija Kirch, who led the crisis management team at the Police and Border Guard Board, and Kaarel Raspel, a Nortal employee, who helped RIA to develop a solution to solve the ID-card crisis:

Margus Arm, promoter of information society. Margus Arm, as head of the eID field of the State Information System Authority, played a key role in removing the security risk of ID-card. He worked out key proposals for resolving the crisis and led the work of the team who developed the technical solutions.

Kaija Kirch, promoter of internal security. Kaija Kirch was in charge of a crisis team formed to eliminate the security card ID card at the Police and Border Guard Board. Under her leadership, both the completion of the new ID-card production line and PPA’s customer service, as well as cooperation with other public authorities, the private sector and citizens took place.

Kaarel Raspel, promoter of field of e-services. Kaarel Raspen, as a staff member of AS Nortal, made a great personal contribution preventing the security risk of the ID-card from realizing. He had a leading role in developing a fundamental solution that allowed the ID-card ecosystem to be replaced with elliptical curve encryption algorithms, which prevented the ID-card chip from encountering security risk.

The Order of the White Star, 4th Class will be also handled to:

Raimo Peterson, promoter of cybersecurity cooperation. Raimo Peterson has helped the NATO Cyber ​​Defense Center to become an internationally recognized center of expertise. Under his leadership, the Locked Shields cyber defense exercise has become one of the world’s largest among its kind. He has also developed a critical information infrastructure capability in the form of a laboratory that is used by both Estonian state authorities and large private companies.

Congratulations!

Links:
https://news.err.ee/679885/president-of-estonia-to-bestow-state-decorations-on-166-individuals
https://tehnika.postimees.ee/4398027/id-kaardi-kriisi-lahendaja-eesti-e-riiki-ei-saa-kinni-panna
https://president.ee/et/eesti-tanab/teenetemarkide-kavalerid-2018/14008-margus-arm/layout-decoration.html
https://president.ee/et/eesti-tanab/teenetemarkide-kavalerid-2018/14039-kaarel-raspel/layout-decoration.html
https://president.ee/et/eesti-tanab/teenetemarkide-kavalerid-2018/14015-kaija-kirch/layout-decoration.html
https://president.ee/et/eesti-tanab/teenetemarkide-kavalerid-2018/13972-raimo-peterson/layout-decoration.html

Database of real estate transactions was accessible for years

kristjan_gross

Brokers have collected information on real estate transactions including addresses in the password-protected tehingud.ee database for years. The database includes information on sale of apartments, including dates and prices. It is strange that the portal has been allowed to operate for years. A quick internet search shows it was founded in 2011 by self-proclaimed real estate expert Kristjan Gross. An article from years ago suggests that the portal charged 99 cents for a query. It also reveals that the database had information on more than 5,000 transactions from all over the country when it was launched and that data was added regularly. Searches of price information could be based on county, parish, town, borough, street, size and condition of real estate object.

«We have reason to suspect that the website uses data from the Land Board’s transactions database,» Jürgens adds. «We do not know how the data ends up in the brokers’ portal; however, current legislation states it can only be accessed by licensed valuators,» says Tiia Redi, executive manager of the Estonian Association of Appraisers. The matter is made more peculiar by the fact that the portal’s owner works as a valuator of land and admits he has access to the Land Board’s database.

«It is possible to use transaction and land register data to indirectly identify persons who have participated in transactions,» Jürgens explains. The state has so far kept to the principle that people’s income is not public information, and that includes proceeds from sale of real estate. «The trend is towards openness elsewhere in the world. The Land Board will analyze the possibility of amending laws that regulate use of transaction data. The main question is whether and to what extent society is ready for all real estate transactions to be made public. Disclosing sale prices could constitute sensitive information as it ties into people’s financial interests,» Jürgens adds. She says that the board feels corresponding public debate is necessary.

Links:
http://news.postimees.ee/v2/3871895/secret-brokers-database-under-investigation

Rain Ottis Decorated with the Order of the White Star

president_decorations

Estonian President Toomas Hendrik Ilves Wednesday signed the decision to decorate 99 persons for services to Estonia on the eve of the country’s 98th Independence Day celebration.

«The decorations are a testimony to Estonian people and our supporters outside Estonia for their determination in their actions and loyalty to the principles on which modern Estonia stands — openness, democracy, knowledge, innovation,» Ilves wrote in the decision to award the decorations.

Rain_Ottis

Our country is grateful to scientists whose research has helped to make Estonia greater. Decorations of the White Star are given to […] the founder of NATO CCDCOE and later the TUT Centre of Digital Forensics and Cyber Security, information technology scientist Rain Ottis.

Congratulations!

The White Star decoration was awarded also to the information security expert Toomas Nurmoja, but the Internet does not have much information about his merits.

Rain_Ottis

Toomas_Nurmoja

Links:
https://ccdcoe.org/centre-ambassador-rain-ottis-decorated-order-white-star.html
https://president.ee/et/meediakajastus/pressiteated/11983-2016-02-04-08-22-36/index.html

New director general of EISA Taimar Peterkop

Taimar-Peterkop

Minister of Economic Affairs and Infrastructure Uve Palo signed a decree to appoint Taimar Peterkop for the Estonian Information System Agency (EISA) director-general. Taimar Peterkop is currently working in Ministry of Defence as Undersecretary for Legal and Administrative Affairs. He begins his work at EISA this May.

From the CV:

Taimar Peterkop was born on 20th January 1977 in Tallinn. He has graduated from the University of Tartu Faculty of Law and he has completed many in-service trainings, including the Higher Command Studies Course in Baltic Defence College. Mr Peterkop holds a Master`s degree in Strategic Studies from the United States Army War College. He is also a reserve officer.

During 2000–2001 Taimar Peterkop worked as a lawyer in the Government Office. During 2001–2005 Mr Peterkop worked in the Ministry of Defence as the Director of International Law Office and during 2005–2008 as the Director of Operations and Crisis Management Department. From 2008 until July 2010 he worked as a Defence Counsellor in the Estonian Embassy in Washington.

Taimar Peterkop has also worked as a national defence teacher in several high schools and as an international law lecturer at Estonian Business School.

Links:
http://uudised.err.ee/v/eesti/c9740dca-b127-49e1-923b-71be3b8bbf3f
https://www.ria.ee/ria-peadirektoriks-saab-taimar-peterkop/

President of Estonia gives state awards to cyber security people

president_decorations

President Toomas Hendrik Ilves will hand out 99 state decorations, same number as last year, with Siim Kallas, Andrus Ansip and Timothy John Berners-Lee receiving high honors.

In the field of IT the decoration is awarded to internationally renowned computer scientist John Berners-Lee, who invented the internet underlying network technologies such as HTTP and the first browser; Computer Doctor Dan Bogdanov, Cybernetica researcher who led the privacy preserving Sharemind system and its application development; Cybernetica researcher and company GuardTime creator, Tallinn University of Technology professor Ahto Buldas; Free WIFI spread leader Veljo hammer.

Dan Bogdanov is known for his work on secure multi-party computation. Ahto Buldas on digital timestamping and other topics.

Congratulations!

Links:
http://www.president.ee/et/meediakajastus/pressiteated/11027-2015-02-04-08-51-57/
http://www.president.ee/et/ametitegevus/otsused/11028-576-riiklike-autasude-andmine/index.html
http://news.err.ee/v/society/6665f69e-592c-45e3-94eb-a773e38ae433