Archive for the ‘Meddling’ Category

The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle

Thursday, February 19th, 2015

NSA hacked SIM card manufacturer Gemalto and stole millions of encryption keys without the company’s knowledge. While I don’t particularly mind NSA targeting bad guys (that’s why we have NSA), I consider hacking the good guys to get the bad guys to be very poor form.

I am not surprised that this took place on Obama’s watch, either. His record is just as bad as George W. Bush’s. Perhaps worse.

The monitoring of the lawful communications of employees of major international corporations shows that such statements by Obama, other U.S. officials and British leaders — that they only intercept and monitor the communications of known or suspected criminals or terrorists — were untrue. “The NSA and GCHQ view the private communications of people who work for these companies as fair game,” says the ACLU’s Soghoian. “These people were specifically hunted and targeted by intelligence agencies, not because they did anything wrong, but because they could be used as a means to an end.”

via The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle.

Lenovo shipping laptops with pre-installed adware that kills HTTPS | CSO Online

Thursday, February 19th, 2015

Whoops. Lenovo shipped computers with adware that breaks ALL SSL on its laptops. Not only that, but the private key is also widely available, meaning anyone can spoof any website on an unsuspecting Lenovo owner’s computer. Major security fail!

Lenovo is in hot water after it was revealed on Wednesday that the company is shipping consumer laptops with Superfish Adware pre-installed. Security experts are alarmed, as the software performs Man-in-the-Middle attacks that compromises all SSL connections.

It’s a fact of life; PC manufacturers are paid to install software at the factory, and in many cases this is where their profit margin comes from. However, pre-installed software is mostly an annoyance for consumers. Yet, when this pre-installed software places their security at risk, it becomes a serious problem.

via Lenovo shipping laptops with pre-installed adware that kills HTTPS | CSO Online.

Update: More technical info here and here.

New Snowden Docs Indicate Scope of NSA Preparations for Cyber Battle – SPIEGEL ONLINE

Tuesday, February 17th, 2015

Germany’s Der Spiegel published Snowden documents last month that describe an NSA project to modify hard drive firmware for spying purposes. This pretty much fingers the NSA as the “Equation Group” Kaspersky mentioned in its report.

Normally, internship applicants need to have polished resumes, with volunteer work on social projects considered a plus. But at Politerain, the job posting calls for candidates with significantly different skill sets. We are, the ad says, "looking for interns who want to break things."

Politerain is not a project associated with a conventional company. It is run by a US government intelligence organization, the National Security Agency (NSA). More precisely, it’s operated by the NSA’s digital snipers with Tailored Access Operations (TAO), the department responsible for breaking into computers.

via New Snowden Docs Indicate Scope of NSA Preparations for Cyber Battle – SPIEGEL ONLINE.

Equation Group: NSA-linked spying team have software to hack into any computer – News – Gadgets and Tech – The Independent

Tuesday, February 17th, 2015

Astonishing. The apparent creators of Stuxnet have learned how to alter the firmware in hard drives to hide spying software in hidden sectors.

The US security services have developed software that has enabled it to spy on home computers almost anywhere in the world.Russian researchers at Kaspersky Lab have claimed that the software gave those behind it, thought to be the US National Security Agency, the power to listen in on the majority of the world’s computers.

It could be installed on practically any of the world’s most common hard drives and spy on the computer while going undetected.

It was used to break in to government and other important institutions in 30 countries across the world, they claim.

via Equation Group: NSA-linked spying team have software to hack into any computer – News – Gadgets and Tech – The Independent.

Update 10:20 PM: Read Kaspersky’s blog post on the Equation Group and it’s Equation Group Q&A [PDF].

MicLoc – DIY acoustic triangulation

Friday, February 13th, 2015

On the the East CAC Facebook page, some neighbors recently asked if the police department was using acoustic triangulation systems for tracking gunfire. I responded that systems like ShotSpotter were interesting but that the police department couldn’t afford the $300k cost.

Ah, the joys of open source! It turns out one enterprising hacker has built his own Arduino-based triangulation system using easy-to-obtain parts. This has me thinking that if a few neighbors here and there were willing to station these near their homes, the fixes that could be plotted would be extremely accurate. Even a small network of these would do wonders. In this way, neighbors could be helping to fight crime in their area without actually having to do anything. It sounds like a great solution!

MicLoc is an effort to develop a device capable of passively identifying a sound based event position on a given map, therefor pinpointing its location. The whole idea is to achieve this goal with everyday electronics and reduced development costs.With the event of small, affordable, powerful microprocessors and electronics in general, this technology now seems accessible to potential commercial applications and general public use.The main goals of this project are:

  • Develop a low cost, compact device capable of identifying a source source location on a map with sub-meter precision.
  • Develop, detail and open-source the hardware and plans used so anyone can build this device.
  • Develop, detail and open-source the software needed to interface the device with a computer.

via rural hacker: MicLoc.

Street closing hints of Google Fiber disruption

Thursday, February 5th, 2015

Traffic backs up on Edmund St.

Traffic backs up on Edmund St.


Tuesday night, street crews began blocking off Glascock Street and side streets in preparation for a traffic calming and sewer line replacement project. Glascock’s traffic was detoured down the normally serene side street of Edmund, where traffic now roared down the 25MPH road. Understandably, the neighbors were livid with this gigantic disruption, especially in light of no notice being given to the community outside of the few neighbors who live on Glascock itself. Hopefully in the future, the city will choose to notify the neighbors on the detour street, too, as they get impacted just as strongly as those on the street getting the construction.

The whole mess got me thinking of what it might be like in the next few years when Google Fiber gets started here in earnest. Tuesday’s closure affected just one block whereas Google likely will be tearing things up everywhere. How will people react to this kind of disruption happening all over town?

Peter Eichenberger on 9/11

Friday, November 14th, 2014

I was thinking again today about a local writer whom I respected, Peter Eichenberger. It was about this time of year four years ago that Peter wrote this post on the 9/11 event on his blog. He died just three days later from the brain injuries he suffered in a bike crash several years prior. I figured I’d repost it here in case WordPress.com ever got around to deleting his blog.

Vowing to myself not to succumb to a knee-jerk reaction over the passing of the date of the most significant post-WW ll event I kept it buttoned back in September. Were it so until a November 17th piece by Kevin Ryan in Foreign Policy Journal, an expanded look at well reviewed (overseas) evidence of insider trading upstream of 9/11 that added some weighty bit of ballast to the mounting pile of evidence pointing toward a new, actual investigation. http://www.foreignpolicyjournal.com/2010/11/18/evidence-for-informed-trading-on-the-attacks-of-september-11/%5D Ryan’s piece added to the fuel provided by W’s aka Whistledick’s claim to have ordered the launch of interceptors following the hit on the South Tower, a claim that the prudent analyst must entertain is based in truth. That fancy leaves 2 troubling possibilities; that both the Air Force and Air National Guard failed at their duty, or “someone” else lower in the chain of command chose to countermand a President’s executive orders. Either event in another dimension would have resulted in the military inquiry that never happened here. (more…)

Mystery cell tower has vanished!

Sunday, October 26th, 2014

Back at the end of July I became curious about a mysterious cell phone tower that sprouted behind the Adventure Landing business on Capital Boulevard. The fresh paint on the box, the fresh dirt around the bottom of the utility pole, and the new electrical meter box that still had the plastic cover on it led me to believe this site had just been installed. Instead, less than three months later the only sign it was there is a small patch of dirt where the pole once was. The site has vanished!

That patch has so much grass growing over it now that if you didn’t know where to look you could easily overlook it. That makes me think that the pole could have been removed perhaps a one month ago or longer.

I had convinced myself that the strange site was simply a micro-cell site but I was flabbergasted when I found the site has gone missing. I never expected to revisit the site and have it just be … gone. Why would a company dig up a cell tower site just a few months after installing it? Hell, maybe even before it had been fired up? I have to say that any company in the business of installing cell towers that would suddenly change its mind about a site after so much work had been done runs a piss-poor operation. At the very least.

I can only wonder again if the site was a Stingray site all along and either

  • served its purpose in an investigation, or
  • got its cover blown.

Real cell towers don’t disappear practically overnight. Not even micro sites. This is just weird.

Ebola research: Fever not a surefire sign of infection – LA Times

Wednesday, October 22nd, 2014

If we’re only looking for fever while screening Ebola victims, we may be missing 13% of cases. Yikes.

For public health workers screening more than 1,000 air travelers who arrive each week in the United States from Ebola-stricken West Africa, one symptom above all others is supposed to signal danger: fever.

So long as an individual’s temperature does not exceed 101.5 degrees and there are no visible symptoms of Ebola, health authorities say it should be assumed the person is not infectious.

Yet the largest study of the current outbreak found that in nearly 13% of “confirmed and probable” cases in Liberia, Sierra Leone, Guinea and elsewhere, those infected did not have fevers.

via Ebola research: Fever not a surefire sign of infection – LA Times.

Canadian Public Health Agency scrubs Ebola website

Monday, October 13th, 2014

As I touched on in the previous post, I recently came across some websites that reported that the Canadian Public Health Agency had recently changed the description on their website of research that suggests that Ebola can be spread through the air. The changes soften what was once an alarming statement about the spread. Here’s the August 2014 version:

In the laboratory, infection through small-particle aerosols has been demonstrated in primates, and airborne spread among humans is strongly suspected, although it has not yet been conclusively demonstrated

Ebola airborne transmission is strongly suspected

“In he laboratory, infection through small-particle aerosols has been demonstrated in primates, and airborne spread among humans is strongly suspected, although it has not been conclusively demonstrated.”

Now here’s the September 2014 version:

In laboratory settings, non-human primates exposed to aerosolized ebolavirus from pigs have become infected, however, airborne transmission has not been demonstrated between non-human primates

Ebola airborne transmission is not demonstrated.

“In laboratory settings, non-human primates exposed to aerosolized ebolavirus from pigs have become infected, however, airborne transmission has not been demonstrated between non-human primates.”

No explanation was provided for the change in the wording, which removed “strongly suspected” and changed “not been conclusively demonstrated” into “not been demonstrated.”
(more…)