Monthly Archives: February 2017

Metasploit hwbridge connects to your car

Posted on by
Reply

We recently announced a new addition to Metasploit to help you do exactly that: the Hardware Bridge API. The Hardware Bridge API extends Metasploit’s capabilities into the physical world of hardware devices. Much in the same way that the Metasploit framework helped unify tools and exploits for networks and software, the Hardware Bridge looks to do the same for all types of hardware. From within Metasploit you can now branch out into a Metasploit compatible hardware device to remotely control and use it for your penetration testing needs.
[…]
If your device supports CAN, Metasploit will automatically provide several interactive vehicle-related commands. This will also mark your Hardware Bridge (HWBridge) session as an Automotive session that can be viewed in your session list or via modules that are designed to work only on automotive systems. This allows exploit developers to focus on writing automotive tools without having to worry about the attached hardware. It also provides internal Metasploit APIs to make common automotive calls easier, such as getting the vehicle speed or requesting a security access token from the Engine Control Unit (ECU).

Source: Exiting the Matrix: Introducing Metasploit’s Ha… | Rapid7 Community and Blog

Facebook’s AI unlocks the ability to search photos by what’s in them

Posted on by
Reply

Initially used to improve the experience for visually impaired members of the Facebook community, the company’s Lumos computer vision platform is now powering image content search for all users. This means you can now search for images on Facebook with key words that describe the contents of a photo, rather than being limited by tags and captions.

To accomplish the task, Facebook trained an ever-fashionable deep neural network on tens of millions of photos. Facebook’s fortunate in this respect because its platform is already host to billions of captioned images. The model essentially matches search descriptors to features pulled from photos with some degree of probability.
[…]
Facebook isn’t the only one racing to apply recent computer vision advances to existing products. Pinterest’s visual search feature has been continuously improved to let users search images by the objects within them. This makes photos interactive and more importantly it makes them commercializable.

Google on the other hand open sourced its own image captioning model last fall that can both identify objects and classify actions with accuracy over 90 percent. The open source activity around TensorFlow has helped the framework gain prominence and become very popular with machine learning developers.

Facebook is focused on making machine learning easy for teams across the company to integrate into their projects. This means improving the use of the company’s general purpose FBLearner Flow.

“We’re currently running 1.2 million AI experiments per month on FBLearner Flow, which is six times greater than what we were running a year ago,” said Joaquin Quiñonero Candela, Facebook’s director of applied machine learning.

Lumos was built on top of FBLearner Flow. It has already been used for over 200 visual models. Aside from image content search, engineers have used the tool for fighting spam.

Source: Facebook’s AI unlocks the ability to search photos by what’s in them | TechCrunch

Google, unlike Microsoft, must turn over foreign emails: U.S. judge

Posted on by
Reply

A U.S. judge has ordered Google to comply with search warrants seeking customer emails stored outside the United States, diverging from a federal appeals court that reached the opposite conclusion in a similar case involving Microsoft Corp (MSFT.O).

U.S. Magistrate Judge Thomas Rueter in Philadelphia ruled on Friday that transferring emails from a foreign server so FBI agents could review them locally as part of a domestic fraud probe did not qualify as a seizure.

The judge said this was because there was “no meaningful interference” with the account holder’s “possessory interest” in the data sought.

“Though the retrieval of the electronic data by Google from its multiple data centers abroad has the potential for an invasion of privacy, the actual infringement of privacy occurs at the time of disclosure in the United States,” Rueter wrote.

Source: Google, unlike Microsoft, must turn over foreign emails: U.S. judge

I guess Rueter finds that invasion of privacy is no meaningful interference.

GM Salmonella destroys cancer

Posted on by
Reply

A genetically modified bacterium destroys tumors by provoking an immune response, according to a study published Wednesday.

Using mice and cultures of human cancer cells, a South Korean-led scientific team demonstrated that Salmonella typhimurium engineered to make a foreign protein caused immune cells called macrophages and neutrophils to mobilize against the cancer.
[…]
Tumors shrank below detectable levels in 11 out of 20 mice injected with the modified Salmonella, said the study, published in Science Translational Medicine.

Go to j.mp/salcancer for the study. The first author was Jin Hai Zheng of Chonnam National University Hwasun Hospital, in Jeonnam, South Korea.

The engineered Salmonella provoke a sustained immune response, in addition to preventing the spread of a human colon cancer implanted in a mouse. The bacterium also were found to be nontoxic, multiplying almost exclusively inside tumors.
[…]
UC San Diego researcher Jeff Hasty has developed engineered Salmonella that deliver cancer-killing toxins inside the tumor. This bacterium periodically self-destructs when it reaches a certain population density, releasing the toxins. Some of the engineered Salmonella survive, rebuilding the population until it reaches the self-destruct density. So the tumor receives periodic doses of targeted chemotherapy.

Source: GM Salmonella destroys cancer

Vizio coughs up $2.2m after its smart TVs spied on millions of families

Posted on by
Reply

California electronics maker Vizio will cough up $2.2m after its smart TVs spied on millions of people.

America’s trade watchdog, the FTC, said today the payment will settle a complaint filed by the state of New Jersey accusing Vizio of violating privacy regulations: the biz had collected the viewing habits of 11 million television sets throughout the country without warning or permission.

According to the state attorney general’s federal complaint [PDF], from February 2014 to March 2016, Vizio noted down exactly what its customers were watching and then resold all those records as summaries to third parties – which were mostly advertising companies.

The usage data was not only collected while customers were watching over-the-air or cable TV broadcasts, but also when they were watching DVDs or streaming video from websites and over-the-top services like Netflix.

Vizio harvested surveillance on people and their families so precise, it knew exactly what you were watching, second by second, and even took copies of the watched video, according to prosecutors. Additionally, we’re told, Vizio resold summaries of personal information about its customers it had gathered, including age, marital status, and household income, to advertisers without consent.

Source: Vizio coughs up $2.2m after its smart TVs spied on millions of families • The Register

No mention of the records having to be destroyed though?

600 Goldman traders replaced by 200 computer engineers

Posted on by
Reply

Average compensation for staff in sales, trading, and research at the 12 largest global investment banks, of which Goldman is one, is $500,000 in salary and bonus, according to Coalition. Seventy-five percent of Wall Street compensation goes to these highly paid “front end” employees, says Amrit Shahani, head of research at Coalition.

For the highly paid who remain, there is a growing income spread that mirrors the broader economy, says Babson College professor Tom Davenport. “The pay of the average managing director at Goldman will probably get even bigger, as there are fewer lower-level people to share the profits with,” he says.
[…]
Goldman Sachs has already begun to automate currency trading, and has found consistently that four traders can be replaced by one computer engineer, Chavez said at the Harvard conference. Some 9,000 people, about one-third of Goldman’s staff, are computer engineers.
[…]
Goldman’s new consumer lending platform, Marcus, aimed at consolidation of credit card balances, is entirely run by software, with no human intervention, Chavez said. It was nurtured like a small startup within the firm and launched in just 12 months, he said. It’s a model Goldman is continuing, housing groups in “bubbles,” some on the now-empty trading spaces in Goldman’s New York headquarters: “Those 600 traders, there is a lot of space where they used to sit,” he said.

Source: As Goldman Embraces Automation, Even the Masters of the Universe Are Threatened

Want to come to the US? Be prepared to hand over your passwords if you’re on Trump’s hit list

Posted on by
Reply

Previously, tourists, travelers and visa holders were warned they may have to hand over their online account names and handles so their public profiles can be studied by border agents and immigration officials.

Now Kelly wants to take that further, by demanding passwords from some visa applicants so g-men can log into Twitter, Facebook, online banking accounts, and so on, and rummage around for any eyebrow-raising non-public posts, messages and transactions. If you refuse, you can’t come in.

“We want to say ‘what kind of sites do you visit and give us your passwords,’ so we can see what they do,” Kelly explained, in response to a question from Representative Clay Higgins (R-LA).

“We want to get on their social media with passwords – what do you do, what do you say. If they don’t want to cooperate then they don’t come in. If they truly want to come to America they’ll cooperate, if not then ‘next in line’.”
[…]
Kelly said this invasive vetting of people’s online personas and accounts could take weeks or months, and that applicants would just have to wait until it was done. Representative Higgins said he agreed, and was anxious for Homeland Security and others to start trawling through people’s social media pages. Higgins said handing over such credentials should be mandatory.

Source: Want to come to the US? Be prepared to hand over your passwords if you’re on Trump’s hit list • The Register

The 4th reich keeps getting scarier.

71% NL population likes cash

Posted on by
Reply

Even though cash payments have decreased to 49% of our daily payments, people in the eurozone still think cash is important and shouldn’t be banned.

DNBulletin: Contant betalen moet mogelijk blijven

Source: DNBulletin: Contant betalen moet mogelijk blijven

There has been a movement to try to shame cash payments, into creating a shady overtone to them. In fact it’s none of anyones’ business what you are spending your money on and being able to monitor your expenditure is shameless. For the banks you become the product, for the government you fall more under their control.

Germany Is Threatening Biohackers With Prison

Posted on by
Reply

Over the last few years, advances in science have made the kind of experiments once only accessible to PhDs with fancy labs far more attainable. College undergrads are constructing gene drives. Anyone can buy a kit on the internet to concoct their own bioluminescent beer.
[…]
The German government, it seems, is none too pleased with this development. Two weeks ago its consumer protection office issued a statement making clear just how upset it is: Any science enthusiast doing genetic engineering outside of a licensed facility, it wrote, might face a fine of €50,000 or up to three years in prison.
[…]
The law behind the German DIY bio crackdown isn’t new. The government was simply reminding so-called biohackers of a long-existing law that forbids genetic engineering experiments outside of laboratories supervised and licensed by the state.
[…]
“The statement has to be seen in light of the newly formed DIY biology scene and due to the appearance of low-priced DIY biology kits in online shops,” the BVL told Gizmodo, via email.
[…]
The BVL conceded that the new rules will make it virtually impossible for a lone scientist to meet the legal requirements to do genetic engineering. To begin with, any lab needs a project manager qualified by academic credentials such as a master’s degree in science. Labs also require a commissioner for biological safety who is similarly qualified.

“This makes genetic engineering experiments rather unattractive for individuals,” the BVL’s spokesman said.

Source: Germany Is Threatening Biohackers With Prison

On the one hand I understand the need for oversight and ethics, on the other hand, it should be a lot easier for individuals to play and learn in this field. It must be possible to balance the two needs.

New smartphone app looks inside objects, shows what else is in there

Posted on by
Reply

A new app from Fraunhofer development engineers looks directly inside objects and displays specific constituents. It has numerous uses: For instance, apples can be scanned for pesticide residues. Applications will be added successively following the Wikipedia principle.
[…]
Such scans usually require a special hyperspectral camera: It adjusts to different colored light each time and ascertains how much of a color’s light is reflected by an object, thus generating a complete spectral fingerprint of the object. The development engineers use a mathematical model to extract just about any information on an object, e.g. its constituents, from its spectral fingerprint. “Since hyperspectral cameras aren’t integrated in smartphones, we simply reversed this principle,” explains Seiffert. “The camera gives us a broadband three-channel sensor, that is, one that scans every wavelength and illuminates an object with different colored light.” This means that, instead of the camera measuring luminous intensity in different colors, the display successively illuminates the object with a series of different colors for fractions of a second. Thus, if the display casts only red light on the object, the object can only reflect red light – and the camera can only measure red light. Intelligent analysis algorithms enable the app to compensate a smartphone’s limited computing performance as well as the limited performance of the camera and display.

Source: New smartphone app looks inside objects

Blueprint for a microwave trapped ion quantum computer released

Posted on by
Reply

The availability of a universal quantum computer may have a fundamental impact on a vast number of research fields and on society as a whole. An increasingly large scientific and industrial community is working toward the realization of such a device. An arbitrarily large quantum computer may best be constructed using a modular approach. We present a blueprint for a trapped ion–based scalable quantum computer module, making it possible to create a scalable quantum computer architecture based on long-wavelength radiation quantum gates. The modules control all operations as stand-alone units, are constructed using silicon microfabrication techniques, and are within reach of current technology. To perform the required quantum computations, the modules make use of long-wavelength radiation–based quantum gate technology. To scale this microwave quantum computer architecture to a large size, we present a fully scalable design that makes use of ion transport between different modules, thereby allowing arbitrarily many modules to be connected to construct a large-scale device. A high error–threshold surface error correction code can be implemented in the proposed architecture to execute fault-tolerant operations. With appropriate adjustments, the proposed modules are also suitable for alternative trapped ion quantum computer architectures, such as schemes using photonic interconnects.

Source: Blueprint for a microwave trapped ion quantum computer

Cisco’s Prime Home lets hackers hijack people’s routers, from one single point at the ISP

Posted on by
Reply

“An attacker could exploit this vulnerability by sending API commands via HTTP to a particular URL without prior authentication,” Cisco said today. “An exploit could allow the attacker to perform any actions in Cisco Prime Home with administrator privileges.”

Note that “administrator” was italicized by the networking giant. Super serious.

Cisco pitches Prime Home as a “solution” for ISPs and connected device vendors, allowing companies to control devices such as ISP-issued cable modems, routers, and set top boxes in subscribers’ homes from afar. It uses “Broadband Forum’s TR-069 suite of protocols to provision and manage in-home devices.”

That means that a successful attack on an ISP’s installation of Prime Home would allow a criminal to take administrator-level control of the Prime Home GUI and meddle with all the devices connected to that particular service. As there are no workarounds or mitigations for the bug, Cisco is recommending that administrators install the update as soon as possible.

Source: Home-pwners: Cisco’s Prime Home lets hackers hijack people’s routers, no questions asked • The Register

Our galaxy is being pushed towards Shapley attractor from Dipole repeller by gravity flows

Posted on by
Reply

The presence of a large underdensity, the dipole repeller, is predicted based on a study of the velocity field of our Local Group of galaxies. The combined effects of this super-void and the Shapley concentration control the local cosmic flow.
[…]
Our Local Group of galaxies is moving with respect to the cosmic microwave background (CMB) with a velocity 1 of V CMB = 631 ± 20 km s−1 and participates in a bulk flow that extends out to distances of ~20,000 km s−1 or more

Source: The dipole repeller

Figure 1: A face-on view of a slice 6,000 km s−1 thick, normal to the direction of the pointing vector rˆ=(0.604,0.720,−0.342).

Three different elements of the flow are presented: mapping of the velocity field is shown by means of streamlines (seeded randomly in the slice); red and grey surfaces present the knots and filaments of the V-web, respectively; and equi-gravitational potential (ϕ) surfaces are shown in green and yellow. The potential surfaces enclose the dipole repeller (in yellow) and the Shapley attractor (in green) that dominate the flow. The yellow arrow originates at our position and indicates the direction of the CMB dipole (galactic longitude l = 276°, galactic latitude b = 30°). The distance scale is given in units of km s−1.

Figure 2: A 3D view of the velocity field.

It is shown here by means of the flow streamlines (in black–blue, left panel) and of the anti-flow (in yellow–red, right panel). Anti-flow is defined here by the negative (namely, the reverse) of the velocity field. The same streamlines are seeded on a regular grid and are coloured according to the magnitude of the velocity. The flow streamlines diverge from the repeller and converge on the attractor. For the anti-flow, the divergence and convergence switch roles: they diverge from the attractor and converge on the repeller. The knots and filaments of the V-web are shown for reference. Cartesian supergalactic coordinates (SGX, SGY, SGZ) are assumed here. (For a 3D view, look at the accompanying Supplementary Video, at time 00:56–01:28.)

Linux encryption app Cryptkeeper has universal password: ‘p’

Posted on by
Reply

The flawed version is in Debian 9 (Stretch), currently in testing, but not in Debian 8 (Jessie). The bug appears to be a result of a bad interaction with the encfs encrypted filesystem’s command line interface: Cryptkeeper invokes encfs and attempts to enter paranoia mode with a simulated ‘p’ keypress – instead, it sets passwords for folders to just that letter.

Cryptkeeper’s developer appears to have abandoned the project. Luckily, it’s not used by that many people – although it makes the bug no less tragically hilarious.

Source: You’re taking the p… Linux encryption app Cryptkeeper has universal password: ‘p’ • The Register

PostScript printers extremely vulnerable outside of the network

Posted on by
Reply

If PostScript is the printer driver, the printer is vulnerable to what they call Cross-Site Printing attacks, documented in detail at Hacking Printers here.

The bugs range from attackers exfiltrating copies of what’s sent to printers, to denial-of-service, code execution, forced resets and even bricking the targets.

The work from the University Alliance Ruhr landed on Full Disclosure here (with five vendor-specific follow-ups), and as they note: “This vulnerability has presumably been present in every PostScript printer [for] 32 years as solely legitimate PostScript language constructs are abused.”

Source: We don’t want to alarm you, but PostScript makes your printer an attack vector • The Register

Bypassing Authentication on NETGEAR Routers

Posted on by
Reply

“Hmm, what is that unauth.cgi thingy? and what does that id number mean?”, I thought to myself.

Luckily for me the Internet connection had come back on its own, but I was now a man on a mission, so I started to look around to see if there were any known vulnerabilities for my VEGN2610. It turned out that there are none. :< I started looking up what that "unauth.cgi" page could be, and I found 2 publicly disclosed exploits from 2014, for different models that manage to do unauthenticated password disclosure. Booyah! Exactly what I need. (link 1 & link 2) Those two guys found out that the number we get from unauth.cgi can be used with passwordrecovered.cgi to retrieve the credentials. I tested the method described in both, and voila - I have my password, now I can go to sleep happy and satisfied. I woke up the next morning excited by the discovery, I thought to myself: "3 routers with same issue… Coincidence? I think not". Luckily, I had another, older NETGEAR router laying around; I tested it and bam! Exploited.

Source: CVE-2017-5521: Bypassing Authentication on NETGEAR Routers

Suffered a breach? Expect to lose cash, opportunities, and customers – report

Posted on by
Reply

More than a third of organisations that experienced a breach last year reported substantial customer, opportunity and revenue loss.

The finding is one of the key takeaways from the latest edition of Cisco’s annual cybersecurity report, which also suggests that defenders are struggling to improve defences against a growing range of threats.

The vast majority (90 per cent) of breached organisations are improving threat defence technologies and processes following attacks by separating IT and security functions (38 per cent), increasing security awareness training for employees (38 per cent), and implementing risk mitigation techniques (37 per cent). The report surveyed nearly 3,000 chief security officers (CSOs) and security operations leaders from 13 countries. CSOs cite budget constraints, poor compatibility of systems, and a lack of trained talent as the biggest barriers to advancing their security policies.

More than half of organisations faced public scrutiny after a security breach. Operations and finance systems were the most affected, followed by brand reputation and customer retention. For organisations that experienced an attack, the effect can be substantial: 22 per cent of breached organisations lost customers and 29 per cent lost revenue, with 38 per cent of that group losing more than 20 per cent of revenue. A third (33 per cent) of breached organisations lost business opportunities.

Source: Suffered a breach? Expect to lose cash, opportunities, and customers – report • The Register

Trump’s ‘Extreme Vetting’ for US Visitors Could Involve Social Media Posts and Browser Histories

Posted on by
Reply

Phone numbers, browser histories, and social media posts are all examples of the sort of data that could be mined from those entering the US under Trump’s “extreme vetting” policy, Department of Homeland Security secretary John Kelly said today.

As Talking Points Memo reported, Kelly held a press conference this afternoon to discuss the president’s new (and massively unpopular) travel ban. When pressed to explain what the “extreme vetting” part of the order could involve, Kelly answered, “It might be certainly an accounting of what websites they visit.” He stressed, however, that the new rules—whatever form they may take—are still “under development.”

“It might be telephone contact information [and] social media,” he continued. “We have to be convinced that people that come here, there’s a reasonable expectation that we don’t know who they are and what they’re coming here for and what their backgrounds are.”

Source: Trump’s ‘Extreme Vetting’ for US Visitors Could Involve Social Media Posts and Browser Histories

2016 Hard Drive Reliabilty Benchmark Stats by Backblaze

Posted on by
Reply

Backblaze has recorded and saved daily hard drive statistics from the drives in our data centers since April 2013. At the end of 2016 we had 73,653 spinning hard drives. Of that number, there were 1,553 boot drives and 72,100 data drives.

[…]

In 2016, three drives models ended the year with zero failures, albeit with a small number of drives. Both the 4 TB Toshiba and the 8 TB HGST models went the entire year without a drive failure. The 8 TB Seagate (ST8000NM0055) drives, which were deployed in November 2016, also recorded no failures.

The total number of failed drives was 1,225 for the year. That’s 3.36 drive failures per day or about 5 drives per workday, a very manageable workload. Of course, that’s easy for me to say, since I am not the one swapping out drives.

The overall hard drive failure rate for 2016 was 1.95%. That’s down from 2.47% in 2015 and well below the 6.39% failure rate for 2014.

Source: 2016 Hard Drive Reliabilty Benchmark Stats

Secret Rules Make It Pretty Easy for the FBI to Spy on Journalists

Posted on by
Reply

Secret FBI rules allow agents to obtain journalists’ phone records with approval from two internal officials — far less oversight than under normal judicial procedures. The classified rules, obtained by The Intercept and dating from 2013, govern the FBI’s use of national security letters, which allow the bureau to obtain information about journalists’ calls without going to a judge or informing the news organization being targeted.

Source: Secret Rules Make It Pretty Easy for the FBI to Spy on Journalists