VnutZ's Articles, Page 5 of 71
Elon Musk, the wealthy innovator behind PayPal, SpaceX and Telsa motors, recently blogged about his next idea Hyperloop (detailed pdf). This one, however, he proposed as a thinking man’s journey as opposed to putting up the funding and infrastructure himself. Musk asks that for California’s massive investment in transportation, it should provide a massive improvement in critical areas:
- Lower cost
- More convenient
- Immune to weather
- Sustainably self-powering
- Resistant to Earthquakes
- Not disruptive to those along the route
One of the interesting presentations at the 2013 Blackhat conference in Las Vegas demonstrated the fun hackers can have with a femtocell. For those not familiar with them, femtocells are essentially miniature base stations that allow a mobile phone to affiliate (via 3G, LTE, etc) whereupon the connection is patched to the carrier via the Internet. This sort of technology is useful in low signal areas such as your house in order to have a full signal experience.
Tom Ritter of iSEC presented, I Can Hear You Now: Traffic Interception and Remote Mobile Phone Cloning with a Compromised CDMA Femtocell which demonstrated all the options available with a Verizon femtocell. The hackers first gained shell and root access to the device whereupon they were able to perform traffic captures of all the data passing through. It took awhile for them to identify the codec used for voice, but once determined, they were able to capture a call’s voice packets for decoding and replaying voice conversations. Text messages were easy to intercept and display live to the audience as was capturing the data sessions. (NOTE: The same talk was also given at DEFCON where the audience was much more apt to text “Penis” and other phallic ASCII art to be displayed on the projectors.) For their demonstration, they intercepted an SSL connection from the affiliated phone to a bank and logged the username/password combinations. All of this was “simple stuff” when you have root access to the packet streams. So the team went further and used their captured information to essentially allow them to clone a mobile phone such that they could receive calls, listen in on existing calls and for all intents and purposes … be that phone and use it’s account for free. According to Ritter, “this is not about how the NSA would attack ordinary people. This is about how ordinary people would attack ordinary people.”
Food will be tight during the zombie apocalypse. A question arose at work today – would it be safe to eat Zombie meat if its cooked or irradiated?
So who believes there was an AQAP threat to the US embassies in Northern Africa and the Middle East?
Supposedly, the SIGINT system made famous by Edward Snowden is credited with capturing chatter between AQAP leadership. Particularly of interest, according to anonymous government sources, was a notification between Ayman al-Zawahiri and his subordinate leadership that everything was ready for an imminent attack. This prompted the US government to shut down nineteen embassies and issue a general travel advisory through the month of August. Meanwhile, despite the imminence of the attacks, nothing has happened except for some drone strikes against AQAP militants in Yemen.
GEN Alexander took the stage for BlackHat 2013’s keynote speech and gave the audience an hour long outline of the programs in question, the authorities involved and the success stories behind them. It’s interesting how accounts vary … the summary write-up on SlashDot for instance made it sound like the conference was largely against him (the forum’s comments are about the most off-the-mark guesswork of conspiracy I’ve read in awhile). While sentiment is hard to read, the NSA director received thunderous applause in support of his words more often than jeers (yes, BTW, I was there in the audience).
Bradley Manning, the lowly Army PFC responsible for America’s largest leak of classified documents has been acquitted of the most serious charge against him – aiding and abetting the enemy. He was still found guilty of countless other charges regarding the leaks which will likely leave him imprisoned for the remainder of his life. Elizabeth Goitein, of the Liberty and National Security Program commented, “The judge rejected the government’s argument that Manning, by virtue of his training as an intelligence officer, must have known that the information he disclosed was likely to reach al Qaeda. But she also ruled that Manning had reason to believe his disclosures could harm the U.S., even if that was not his goal.”
Everyone used to bitch and moan about AKO (Army Knowledge On-line) as a horrible email solution for the Army – with its outdated interface and horrendously small storage capacity. But there were always workarounds for exemptions on storage, the BETA program for a modern OWA UI and bypassing the whole thing with IMAP. Oh, if we could only have that old system back.
Then DISA found it in the best interest of the Army to roll-out Enterprise Email. It’s kind of like a self-imposed denial of service. Login is only possible with a CAC because DISA seems to believe its impossible for an adversary to cache your credentials and replay them. Whether you have a CAC or not, the system continually blasts you with pop-up windows to re-enter your PIN … sometimes as often as every ten minutes. Even if you enter the PIN, it will still time you out in the middle of your work causing it to be lost. Somehow, they’ve taken a working Microsoft product (OWA) and mutilated it so the page doesn’t render properly in anything but Internet Explorer. If it happens to die, the page will NEVER come back unless you close your whole browser down and re-open it – the rest of your tabs and work be damned. I used to be accessible to my subordinates and unit nearly at all times with my IMAP access from home and work machines. But then I had to have CAC readers installed at work just to access the page and as I mentioned before, it continually times me out or fails the PIN re-entry because my screen locked. Needless to say, the inconvenience of it all means I only check once a day every couple of days now.
It’s a good thing there’s nothing important for Congress to be doing, right? Democrat representatives from Maryland and Texas have proposed H.R. 2617 which is meant to establish a national park … on … the … moon. The best part describes how, well, let me just quote it directly:
The Secretary may accept donations from, and enter into cooperative agreements with, foreign governments and international bodies, organizations, or individuals to further the purpose of an interagency agreement entered into under paragraph (1) or to provide visitor services and administrative facilities within reasonable proximity to the Historical Park.
A recent article in TechCrunch discussed the technical interview’s death … as a good thing. “The whole purpose of an interview was to serve as a proxy for actual performance, because we didn’t have the tools and infrastructure to easily observe and measure the latter,” which the author asserts as moot in the modern age such that employers should just hire its applicants and fire them if they fail. He talks about the existing methods by which companies have tried to weed out the can’ts from the cans – brain teasers, puzzles, FizzBuzz code snippets and hitting whiteboards to write code on the fly – as poor indicators of talent.
The US Government seems to have itself in a pickle with its citizens. First, there was an alleged leak regarding blanket acquisitions of metadata from Verizon on all phone calls. Shortly afterwards, the President responded to the public summarized simply as, “Nobody is listening to your telephone calls.” Even the DNI responded with a statement as well covering the legality of the surveillance. Of course, there was an additional story about the government having taps into all the major Internet sites for a huge data-mining operation. Over the weekend, the story broke even more with revelations about the source of the leaks, a disgruntled defense contractor that fled to Hong Kong for political asylum. Naturally the EFF is pounding its we told you so drums over the whole situation.
Not everyone will be an astronaut when the grow up, jokes despair.com. Its pretty funny until your Mayor Bloomberg lays it flat on the students in New York City. In his weekly radio show, the mayor says, “The people who are going to have the biggest problem are college graduates who aren’t rocket scientists, if you will, not at the top of their class …. Compare a plumber to going to Harvard College — being a plumber, actually for the average person, probably would be a better deal.”
The 3D printing craze continues to evolve, especially as prices have dropped making them more affordable and accessible. With printer accessibility and the incepted seed of 3D guns, more people continue to develop open source CAD designs for improved performance. While the first models were AR-15 lowers (the regulated component) and reliant on existing metal parts for the remainder of the weapon, complete handguns have been produced entirely from the 3D printer. This newer development has led California Senator Leland Yee to propose the mandatory registration of 3D printers since they can be used to produce untraceable firearms. “Terrorists can make these guns and do some horrible things to an individual and then walk away scott-free, and that is something that is really dangerous.” In a limited Reason-Rupe telephone poll of only 1003 subjects, Americans indicated they were in support of banning the production of firearms with 3D printers.
If you haven’t at least heard of BitCoins, you’re living under the proverbial rock. The Internet’s digital currency of anonymity based on encryption algorithms has had interesting ride over the past year. Approximately a year ago, they were valued at just over $4 each after a particularly scathing cyber theft. This lull was followed by a spectacular rise starting in early 2013 to over $260 each. Despite the rises and falls, it would seem BitCoins are going to stick around for awhile and their continued acceptance (Amazon, PayPal, etc.) has led economists to start paying legitimate attention to them.
What do you think the Army will do this time around? The last time an Army football player was drafted by the NFL, the Army opted to send him off to war instead. Recently, four year quarterback Trent Steelman was signed by the Baltimore Ravens. It would seem a broader target audience to have a professional football player advocating the US Army for public relations than hitting the American Southeasts for NASCAR (although that ends this year) and drag racing.