Posts

Monday: A Different Ark

/2 Comments/in , , /by

[Caution: some content in this video is NSFW] Today’s Monday Movie is a short film by Patrick Cederberg published three years ago. This short reflects the love life of a youth whose age is close to that of my two kids. A few things have changed in terms of technology used — I don’t think either Facebook or Chatroulette is as popular now with high school and college students as it was, but the speed of internet-mediated relationships is the same. It’s dizzying to keep up with kids who are drowning in information about everything including their loved ones.

Their use of social media to monitor each other’s commitment is particularly frightening; it’s too easy to misinterpret content and make a snap decision as this movie shows so well. Just as scary is the ease with which one may violate the privacy of another and simply move on.

Imagine if this youngster Noah had to make a snap decision about someone with whom they weren’t emotionally engaged. Imagine them using their lifetime of video gaming and that same shallow, too-rapid decision-making process while piloting a drone.

Boom.

Goodness knows real adults with much more life experience demonstrate bizarre and repeated lapses in judgment using technology. Why should we task youths fresh out of high school and little education in ethics and philosophy with using technology like remote surveillance and weaponized drones?

Speaking of drones, here’s an interview with GWU’s Hugh Gusterson on drone warfare including his recommendations on five of books about drones.

A, B, C, D, USB…

  • USBKiller no longer just a concept (Mashable) –$56 will buy you a USB device which can kill nearly any laptop with a burst of electricity. The only devices known to be immune: those without USB ports. The manufacturer calls this device a “testing device.” Apparently the score is Pass/Fail and mostly Fail.
  • Malware USBee jumps air-gapped computers (Ars Technica) — Same researchers at Israel’s Ben Gurion University who’ve been working on the potential to hack air-gapped computers have now written software using a USB device to obtain information from them.
  • Hydropower charger for USB devices available in 2017 (Digital Trends) — Huh. If I’m going to do a lot of off-grid camping, I guess I should consider chipping into the Kickstarter for this device which charges a built-in 6,400mAh battery. Takes 4.5 hours to charge, though — either need a steady stream of water, or that’s a lot of canoe paddling.

Hackety-hack, don’t walk back

  • Arizona and Illinois state elections systems breached (Reuters) — An anonymous official indicated the FBI was looking for evidence other states may also have been breached. The two states experienced different levels of breaches — 200K voters’ personal data had been downloaded from Illinois, while a single state employee’s computer had been compromised with malware in Arizona, according to Reuters’ report. A report by CSO Online explains the breaches as outlined in an leaked FBI memo in greater detail; the attacks may have employed a commonly-used website vulnerability testing application to identify weak spots in the states’ systems. Arizona will hold its primary election tomorrow, August 30.
  • Now-defunct Australian satellite communications provider NewSat lousy with cyber holes (Australian Broadcasting Corp) — ABC’s report said Australia’s trade commission and Defence Science Technology Group have been attacked frequently, but the worst target was NewSat. The breaches required a complete replacement of NewSat’s network at a time when it was struggling with profitability during the ramp-up to launch the Lockheed Martin Jabiru-1 Ka-band satellite. China was named as a likely suspect due to the level of skill and organization required for the numerous breaches as well as economic interest. ABC’s Four Corners investigative reporting program also covered this topic — worth watching for the entertaining quotes by former CIA Director Michael Hayden and computer security consultant/hacker Kevin Mitnick in the same video.
  • Opera software users should reset passwords due to possible breach (Threatpost) — Thought users’ passwords were encrypted or hashed, the browser manufacturer still asks users to reset passwords used to sync their Opera accounts as the sync system “showed signs of an attack.” Norwegian company Opera Software has been sold recently to a Chinese group though the sale may not yet have closed.

That’s a wrap for now, catch you tomorrow! Don’t forget your bug spray!

Tuesday: One String

/23 Comments/in , , /by

There aren’t enough words to describe this genius who can do so much with a lone string. Brushy One String is the stagename of Andrew Chin, son of Jamaican musician Freddie McKay. McKay died in 1986 in his late 30s, leaving behind a body of work representative of the rocksteady (ex: Rock-a-Bye Woman) and reggae genres. While Brushy inherited his father’s musical talent, he’s parlayed into an interesting Rhythm-and-Blues-meets-Roots-Reggae crossover. Check out his website when you have a chance.

Wheels

  • Volkswagen and USDOJ talking about criminal investigation (Deutsche Welle) — Up in the air yet whether DOJ goes with deferred prosecution or asks for a guilty plea from the lawmaker for criminal activity related to the promotion and sale of its so-called “Clean Diesel” passenger vehicles during the last decade. Criminal fines are estimated at $1.2 billion. VW claims to be cooperating, but the company’s failure to disclose the additional cheat software in the 3.0L engines suggests some problems understanding what “good faith” means.
  • Volkswagen’s Australian manager believes diesel fix “imminent” (CarsGuide) — And “Under Australian law, we don’t believe there’s anything on our car which is illegal.” Uh-huh. Hence the fix for 80,000 1.6L and 2.0L passenger diesels. It’s true that Australia is not as strict about NOX as the U.S., but VW’s passenger diesels didn’t meet EU or AUS limits on other pollutants.
  • Ford expects to offer self-driving car without steering wheel within five years (Detroit News) — Well, then. Better hope regulations don’t require a steering wheel, huh? Ford has also invested $75M in LiDAR-maker Velodyne; Chinese search engine company Baidu has likewise made a $75M investment. LiDAR is expected to provide navigational assistance for these self-driving vehicles.

Way Up There

Words

  • Univision’s bid wins Gawker Media (Recode) — Of the two known bidders — Ziff-Davis and Univision — the latter’s $135M bid won bankrupt Gawker Media and its brands. Gawker’s lineup joins The Onion and The Root, purchased by Univision, and Fusion which Univision originally created jointly with Disney and now owns outright. Founder Nick Denton seems pleased with this outcome as his brands and workers continue without disruption; billionaire Pete Thiel gets partial revenge on Denton for outing him by forcing the bankruptcy and sale. Univision’s editorial policy will be less personal in its coverage — probably a good thing. Let’s check back in a year.
  • ‘Not a good fit’ says Barnes & Noble as CEO shown the door (GalleyCat) — Whoa. You don’t see such blunt statements about CEOs, especially one with less than a year under their belt. The company’s stock has been up though retail sales continued to struggle in competition against Amazon. Feels like there’s more to this story. In the mean time, Ron Boire is out the door and executive chairman Leonard Riggio will delay his retirement until a new CEO is found. Hope the next one can salvage NOOK tablet platform because I can’t stand Amazon’s Kindle.
  • Turkish court closes pro-Kurdish newspaper Ozgur Gundem (Business Standard) — Claiming the paper was a propaganda outlet for Kurdistan Workers’ Party (PKK), labeled a terrorist organist organization by Turkey, EU, and the US. The court said the closure was not related to the government’s post-coup purge of media believed to be sympathetic to Gülen movement. An appeal is possible.

I-Spy: Cyber Edition
You’ve probably heard about the alleged hacking of a NSA server and the subsequent attempt to auction contents from that server. Edward Snowden offered his perspective on the situation — I’ve Storify’d the tweet thread for your reading ease.

The disclosure and attempted auction were likely done by Russia for political reasons given the timing. Hacking and accessing the contents of the server should be expected — it’s ordinary spying, same as the U.S. does. But the revelation is a new tack; Snowden suggests it’s a warning to the U.S. about potential future disclosures. Read the thread for yourself.

I don’t think this hacking and disclosure happened in a vacuum. There’s a much bigger game to puzzle out — add the meeting between Russia and Saudi Arabia to “achieve oil market stability” as well as Russia’s express interest in Saudi Arabia’s plans to build as many as 16 nuclear reactors. Factor in a change in relationship between Iran and Russia now that Russia has deployed long-range bombers from Iran for the first time against ISIS. Russia, Saudi Arabia and Iran have some of the largest proven oil reserves in the world, all three in the top 10 and in Saudi’s case, influence over OPEC. Is Russia preparing for asymmetric economic pressure?

Late adder: #BlueCutFire in San Bernadino County, CA is very bad, now 82,000 ordered to evacuate.

That’s it for now, still Tuesday in the next time zone. Let’s see if I can make it over the hump earlier tomorrow.

[UPDATED] Russian GPS-Alternative Satellites Went ‘Illegal/Failure’: Solar Storm Damage or Cyberwar in Space?

/10 Comments/in , /by

GLONASS_monitoring_02APR2014-1407h_500pxw

[Update at end of article.Rayne 6:45 pm EST]

Between 1030 and 0400 UTC last night or early morning, most of Russia’s GLONASS satellites reported “illegal” or “failure” status. As of this post, they do not appear to be back online.

GLONASS is the equivalent of GPS, an alternative global navigation satellite system (GNSS) launched and operated by Russian Aerospace Defense Forces (RADF). Apart from GPS, it is the only other GNSS with global capability.

It’s possible that the outage is related to either a new M-class solar storm — the start of which was reported about 48 hours ago — or recent X-class solar flare on March 29 at approximately 1700 UTC. The latter event caused a short-term radio blackout about one hour after the flare erupted.

But there is conjecture that GLONASS’ outage is human in origin and possibly deliberate. The absence of any reported outage news regarding GPS and other active satellite systems suggests this is quite possible, given the unlikelihood that technology used in GLONASS differs dramatically from that used in other satellite systems.

At least one observer mentioned that a monitoring system tripped at 21:00 UTC — 00:00 GLONASS system time. The odds of a natural event like a solar storm tripping at exactly top of the hour are ridiculously slim, especially since radiation ejected from the new M-class storm may not reach its peak effect on earth for another 24-48 hours.

GLONASS_monitoring_02APR2014

It’s not clear whether the new GLONASS-M satellite launched March 24th may factor into this situation. There are no English language reports indicating the new satellite was anything but successful upon its release, making it unlikely its integration into the GLONASS network caused today’s outage.

If the outage is based in human activity, the problem may have been caused by:

— an accidental disabling here on earth, though RADF most likely has redundancies to prevent such a large outage;

— deliberate tampering here on earth, though with RADF as operator this seems quite unlikely; or

— deliberate tampering in space, either through scripts sent from earth, or technology installed with inherent flaws.

The last is most likely, and of either scripts sent from earth or the flawed technology scenarios, the former is more likely to cause a widespread outage.

However, if many or all the core operating systems on board the GLONASS satellites had been updated within the last four years – after the discovery of Stuxnet in the wild – it’s not impossible that both hardware and software were compromised with an infection. Nor is it impossible that the same infection was triggered into aggressive action from earth.

Which begs the question: are we in the middle of a cyberwar in space?

UPDATE — 6:45 PM EST—

Sources report the GLONASS satellite network was back online noon-ish Russian time (UTC+4); the outage lasted approximately 11 hours. Unnamed source(s) said the outage was due to the upload of bad ephemeris data, the information used by the satellites to locate other satellites in space. An alleged system-wide update with bad data suggests RADF has serious problems with change management, though.

There is speculation the M-class solar storm, summarized at 1452 UTC as an “X-ray Event exceeded M5,” may have impacted GLONASS. However early feedback about radiation ejected by an M-class storm indicated the effects would not reach earth for 24-48 hours after the storm’s eruption.