A Close Look at the NSA’s Most Powerful Internet Attack Tool

Posted on March 14, 2014 by mea

Rather than go through the bureaucratic fight to move the attack logic into “system low” (and co-located on the wiretap), the NSA sought to work around it in the case of QUANTUMHAND. Instead of targeting just any web connection for exploitation, it targeted persistent “push” connections from Facebook, where a user’s browser would leave an idle connection open, waiting for a command from the server.

This way, even the slow, broken, classified architecture could exploit Facebook users. Sadly for NSA and GCHQ (and FSB, and DGSE, and every other spy agency), Facebook turned on encryption a few months ago, which should thwart this attack.

via A Close Look at the NSA’s Most Powerful Internet Attack Tool | Wired Opinion | Wired.com.

The biggest limitation on QUANTUM is location: The attacker must be able to see a request which identifies the target. Since the same techniques can work on a Wi-Fi network, a $50 Raspberry Pi, located in a Foggy Bottom Starbucks, can provide any country, big and small, with a little window of QUANTUM exploitation. A foreign government can perform the QUANTUM attack NSA-style wherever your traffic passes through their country.

Orbital computing: An amazing atomic-level tech for future computers

Posted on March 12, 2014 by mea

The new technology — or shall we say, science — is being developed by Joshua Turner at Stanford’s SLAC National Accelerator Laboratory. He calls the idea “orbital computing” since the bit that stores the it would be the orbits of electrons around the nucleus of an atom. The goal is to be able to probe the electron clouds of single atoms using terahertz waves of just the right size. The catch is that to generate a tight enough pulse of sufficient intensity to do this, you need an accelerator two miles long. But if you manage that, you can switch electron states 10,000 times faster than transistor states can be switched.

via Orbital computing: An amazing atomic-level tech for future computers | ExtremeTech.

Not even Joshua Turner is expecting orbital computing to be a workable technology any time soon. Most of his experiments are aimed at understanding what might be going on. He is merely looking into the crystal ball with a telescope and seeing what is even imaginable.

Alternative to Traditional Cellular Networks Makes a Virtue of Wireless Interference

Posted on March 11, 2014 by mea

Perlman says pCell takes a different approach: it embraces signal interference. In his vision, base stations smaller than your typical satellite TV antenna are placed wherever it’s convenient (such as on the roof or the side of a building), and their signals purposely overlap. Those overlapping signals, Perlman says, combine constructively to create a sort of personal cell, a centimeter in diameter, that moves with you as you move around the network. The signal doesn’t diminish as each additional user joins the network. Overall capacity can grow by adding more access points.

via Alternative to Traditional Cellular Networks Makes a Virtue of Wireless Interference | MIT Technology Review.

ClipIt

Posted on March 11, 2014 by mea

ClipIt is a lightweight, fully featured GTK+ clipboard manager. It was forked from Parcellite (http://parcellite.sourceforge.net), adding additional features and bugfixes to the project. Please also see http://clipit.rspwn.com/

via ClipIt | Free Development software downloads at SourceForge.net.

Clipboard managers can be useful when doing a lot of copy/pastes. I noticed Clipit as part of the standard Fedora 19 install in one of my virtual machines. They had no rpm package for Fedora 14 so I compiled the source and it works great. It’s a nice no nonsense useful tool.

‘What does ISP mean?’ – how government officials are flunking security challenges

Posted on March 10, 2014 by mea

Singer added that another US official about to negotiate cybersecurity with China asked him to explain what “ISP” meant. “That’s like going to negotiate with the Soviets and not knowing what ‘ICBM’ means. And I’ve had similar experiences with officials from the UK, China and Abu Dhabi.

At the G20 conference diplomats were spearfished by an email with a link to nude photos of former French first lady Carla Bruni-Sarkozy, and many clicked – downloading spyware onto their computers.

via ‘What does ISP mean?’ – how government officials are flunking security challenges | Technology | theguardian.com.

Warrantless Cellphone Tracking

Posted on March 9, 2014 by mea

The secretive technology is generically known as a stingray or IMSI catcher, but the Harris device is also specifically called the Stingray. When mobile phones — and other wireless communication devices like air cards — connect to the stingray, it can see and record their unique ID numbers and traffic data, as well as information that points to the device’s location. By moving the stingray around, authorities can triangulate the device’s location with much more precision than they can get through data obtained from a mobile network provider’s fixed tower location.
The government has long asserted that it doesn’t need to obtain a probable-cause warrant to use the devices because they don’t collect the content of phone calls and text messages but rather operate like pen-registers and trap-and-traces, collecting the equivalent of header information.

via Florida Cops’ Secret Weapon: Warrantless Cellphone Tracking | Threat Level | Wired.com.

Is FirstNet Stalled?

Posted on March 8, 2014 by mea

I suspect there is an epic struggle going on within the Beltway for the control of FirstNet and its $7 billion in funding.

via Is FirstNet Stalled?.

New crimeware tool Dendroid makes it easier to create Android malware, researchers warn

Posted on March 7, 2014 by mea

Dendroid’s features include deleting call logs and files; calling phone numbers; opening Web pages; recording calls and audio from the microphone; intercepting text messages; taking and uploading photos and videos; opening applications and launching HTTP flood (denial-of-service) attacks for a period of time specified by the attacker.

Dendroid is not the first Android RAT, but is one of the most sophisticated one seen to date.

via New crimeware tool Dendroid makes it easier to create Android malware, researchers warn | ITworld.

Stanford team tries for zippier Wi-Fi in crowded buildings

Posted on March 7, 2014 by mea

Meanwhile, the underlying tasks of assigning client devices to particular channels and access points are centrally controlled to make the best use of the infrastructure. Where separately owned and managed APs may make poor use of the unlicensed frequencies available in the building, the centrally controlled network can use its universal view to arrange the resources most efficiently.

via Stanford team tries for zippier Wi-Fi in crowded buildings – Network World.

Apple loses bid for U.S. ban on Samsung smartphone sales

Posted on March 6, 2014 by mea

A U.S. judge on Thursday rejected Apple’s request for a permanent sales ban in the United States against some older Samsung smartphones, a key setback for the iPhone maker in its global patent battle.

U.S. District Judge Lucy Koh in San Jose, California, ruled that Apple Inc had not presented enough evidence to show that its patented features were a significant enough driver of consumer demand to warrant an injunction

via Apple loses bid for U.S. ban on Samsung smartphone sales – chicagotribune.com.

Bucktown Bell

Cut to the chase.