Daily Archives: November 14, 2016

Britain must send its F-35s to Italy for heavy overhauls, decrees US, engines overhauled in Turkey

Posted on by
Reply

Britain will have to send its supersonic F-35 fighter jets to Italy for heavy overhauls, the UK Ministry of Defence has confirmed to The Register.

BAE Systems will maintain an airframe maintenance, repair, overhaul and upgrade (MRO&U) capability at RAF Marham in Norfolk, according to a US announcement earlier this week.

However, that will only be used if Italy, the Americans’ designated airframe overhaul point in Europe, is unable to cope with demand.

“The F-35 programme is based on a global support solution concept. This is the most cost effective way to deliver the F-35 support solution and is based on economies of scale,” the MoD told The Register, adding: “The UK is establishing an F-35 airframe maintenance facility at RAF Marham to maintain UK aircraft. However, regional Airframe ‘Heavy’ MRO&U and Engine MRO&U will be undertaken in Italy and Turkey.”

In Europe, F-35 heavy maintenance will be carried out by the UK for the aircraft’s avionics, and as noted above, Italy for the airframes and Turkey for the jets’ F135 engines.

The MoD declined to answer questions as to why Britain’s carrier strike aircraft will have to be dismantled and shipped abroad for MRO&U work, when a perfectly good airframe overhaul facility exists over here, referring The Register to the Americans for an answer. This was said to be because the Americans have the lead on PR relating to F-35 maintenance arrangements and not because, as El Reg suggested, the US supplier tail is wagging the British customer dog.

Source: Britain must send its F-35s to Italy for heavy overhauls, decrees US

Being dependent on countries like Italy and Turkey sounds like a bad idea when it comes to maintaining your defence capabilities.

Spotify is writing massive amounts of junk data to storage drives

Posted on by
Reply

For almost five months—possibly longer—the Spotify music streaming app has been assaulting users’ storage devices with enough data to potentially take years off their expected lifespans. Reports of tens or in some cases hundreds of gigabytes being written in an hour aren’t uncommon, and occasionally the recorded amounts are measured in terabytes. The overload happens even when Spotify is idle and isn’t storing any songs locally.

The behavior poses an unnecessary burden on users’ storage devices, particularly solid state drives, which come with a finite amount of write capacity. Continuously writing hundreds of gigabytes of needless data to a drive every day for months or years on end has the potential to cause an SSD to die years earlier than it otherwise would. And yet, Spotify apps for Windows, Mac, and Linux have engaged in this data assault since at least the middle of June, when multiple users reported the problem in the company’s official support forum.

“This is a *major* bug that currently affects thousands of users,” Spotify user Paul Miller told Ars. “If for example, Castrol Oil lowered your engine’s life expectancy by five to 10 years, I imagine most users would want to know, and that fact *should* be reported on.”

Three Ars reporters who ran Spotify on Macs and PCs had no trouble reproducing the problem reported, not only in the above-mentioned Spotify forum but also on Reddit, Hacker News, and elsewhere. Typically, the app wrote from 5 to 10 GB of data in less than an hour on Ars reporters’ machines, even when the app was idle. Leaving Spotify running for periods longer than a day resulted in amounts as high as 700 GB.

Source: Spotify is writing massive amounts of junk data to storage drives

That’s incredibly poor design!

5 major Russian banks repel massive DDoS attack

Posted on by
Reply

At least five Russian major banks came under a continuous hacker attack, although online client services were not disrupted. The attack came from a wide-scale botnet involving at least 24,000 computers, located in 30 countries.

The attack began Tuesday afternoon, and continued for two days straight, according to a source close to Russia’s Central Bank quoted by RIA Novosti. Sberbank confirmed the DDoS attack on its online services.

“The attacks are conducted from botnets, consisting of tens of thousands computers, which are located in tens of countries,” Sberbank’s press service told RIA.

The initial attack was rather massive and its power intensified over the course of the day.

Source: 5 major Russian banks repel massive DDoS attack — RT News

AdultFriendFinder was hacked, together with affiliates. 400m users data out there

Posted on by
Reply
  • Adultfriendfinder.com 339,774,493 users “World’s largest sex & swinger community”
    Cams.com 62,668,630 users “Where adults meet models for sex chat live through webcams”
    Penthouse.com 7,176,877 users Adult magazine akin to Playboy
    Stripshow.com 1,423,192 users Another 18+ webcam site
    iCams.com 1,135,731 users “Free Live Sex Cams”
    Unknown domain 35,372 users

    • Total: 412,214,295 aff

    Source: AdultFriendFinder was hacked – LeakedSource

    BlackNurse: Ping of death is back, DoS using only a laptop

    Posted on by
    Reply

    Remember the days back in the 90s when you could cripple someones Internet connection simply by issuing a few PING command like “ping -t [target]”? This type of attack was only successful if the victim was on a dial-up modem connection. However, it turns out that a similar form of ICMP flooding can still be used to perform a denial of service attack; even when the victim is on a gigabit network.

    Devices verified by TDC to be vulnerable to the BlackNurse attack:

  • Cisco ASA 5506, 5515, 5525, 5540 (default settings)
    Cisco ASA 5550 (Legacy) and 5515-X (latest generation)
    Cisco Router 897 (unless rate-limited)
    Palo Alto (unless ICMP Flood DoS protection is activated) – See advisory from Palo Alto.
    SonicWall (if misconfigured)
    Zyxel NWA3560-N (wireless attack from LAN Side)
    Zyxel Zywall USG50

    • Source: BlackNurse Denial of Service Attack – NETRESEC Blog