How a ransomware attack cost one firm £45m

Found on BBC News on Tuesday, 25 June 2019
Browse Computer

Imagine the excitement when hackers gained a foothold in the computer system of Norsk Hydro, a global aluminium producer.

We don't know when it was, but it's likely that once inside they spent weeks exploring this group's IT systems, probing for more weaknesses.

When they eventually launched their ransomware attack, it was devastating - 22,000 computers were hit across 170 different sites in 40 different countries.

Imagine the hacker's anticipation as they waited to receive a reply to their ransom note. After all, every minute counts for a modern manufacturing powerhouse. They probably thought they could name their price.

But the reply never came. The hackers were never even asked how much money they wanted. Imagine the shock.

That's the only way how to handle such incidents. This, and a reliable backup plan that allows you to go months back if required. To avoid having your backups encrypted too, backup systems should have read-only access to source systems and pull in the data. There is no need to give source systems write access on a backup system.

The Linux desktop is in trouble

Found on ZD Net on Sunday, 14 April 2019
Browse Computer

For example, better Linux desktops, such as Linux Mint, provide an easy way to install applications, but under the surface, there are half-a-dozen different ways to install programs.

The broad strokes of the Linux desktop are painted primarily by Canonical and Red Hat, but the desktop is far from their top priority. Instead, much of the nuts and bolts of the current generation of the Linux desktop is set by vendor-related communities: Red Hat, Fedora, SUSE's openSUSE, and Canonical's Ubuntu.

It is not easy building and supporting a Linux desktop. It comes with a lot of wear and tear on its developers with far too little reward.

The good thing about Linux is that anybody can fork and a release a project. The bad thing about Linux is that anybody can fork and a release a project. Hopefully desktop developers get their act together and will in the near future combine their resources.

Flatbed Scanners Used as Relay Point for Controlling Malware in Air-Gapped Systems

Found on Bleeping Computer on Saturday, 01 April 2017
Browse Computer

For this technique to work, two conditions must be met. First, the flatbed scanner lid must be left open in an upright position so an attacker can aim light beams at its sensors.

Second, an attacker must find a way to install malware on an air-gapped system.

Similarly, scientists hacked a smart lightbulb that was installed in the same room as the air-gapped PC, and made it pulsate in a controlled manner that relayed commands to the scanner, and to the attached air-gapped PC.

From the headline, the news sound pretty interesting, but with the requirements it is highly unlikely to be seen in the wild instead of being just a proof of concept.

New ASLR-busting JavaScript is about to make drive-by exploits much nastier

Found on Ars Technica on Wednesday, 15 February 2017
Browse Computer

The attack uses simple JavaScript code to identify the memory addresses where system and application components are loaded. When combined with attack code that exploits vulnerabilities in browsers or operating systems, the JavaScript can reliably eliminate virtually all of the protection ASLR provides.

Given how crucial caching is to the performance of modern CPUs, the researchers say architectural fixes are likely to be too costly to be feasible.

"We hence recommend ASLR to no longer be trusted as a first line of defense against memory error attacks and for future defenses not to rely on it as a pivotal building block."

Just your daily reminder that nothing is secure.

Tech Industry Warns Against French-German Plans To Weaken Encryption

Found on CCIA on Wednesday, 24 August 2016
Browse Computer

A new European Commission proposal could undermine the confidentiality of encrypted communication. A new “ePrivacy proposal”, expect end of this year, would likely include a loophole for governments to request access to encrypted data.

The following can be attributed to CCIA Europe Director, Christian Borggreen:

“We are worried that EU proposals can allow governments to challenge end-to-end encryption and thus threaten the security and confidentiality of Europeans’ communications.”

Either encryption works, or it does not. Having backdoor access means it does not and should be replaced by a product that is not respecting such ridiculous laws.

New Plastic For Old Amigas and Commodores

Found on Slashdot on Monday, 19 October 2015
Browse Computer

Amiga enthusiast Philippe Lang has created a new Kickstarter campaign to design and build new, improved molds for Amiga 1200 housings and do a licensed production run using anti-UV ASA plastic in the original color plus black, transparent, and 9 other colors. His team is also investigating the feasibility of producing new Amiga 1200 keyboards if this campaign succeeds.

Good things never die.

Lenovo has been selling laptops that come loaded with Superfish 'malware'

Found on Business Insider on Thursday, 19 February 2015
Browse Computer

Computer manufacturer Lenovo is being criticized for selling laptops that come pre-installed with invasive software, which many users are calling malware.

There are reports that Superfish is carrying out what's known as a "man in the middle" attack — impersonating the security certificates of encrypted websites to let it serve up its ads.

Lenovo says it has now "temporarily removed Superfish from our consumer systems until such time as Superfish is able to provide a software build that addresses these issues."

Lenovo might have removed Superfish, but reports say that the problematic certificate remains on the system, allowing third parties to carry out MITM attacks. Which is only a matter of time because the Superfish private key and password have been found and are now public. So if you are using a Lenovo laptop, don't rely on the lock icon anymore: check who signed the certificate.

The Almost forgotten Story of the Amiga 2000

Found on Amiga Lounge on Monday, 21 July 2014
Browse Computer

Steve Jobs was quoted that he wanted to" Make a dent in the Universe", and now,everyone (other than Amiga users) wants to change the history books and erase Commodore and the Amiga from history but, there actually was one Amiga that truly changed the world.

TV shows like "Home Improvement" to the Pilot of Babylon 5, to Seaques DSV took full advantage not only of the A2000 with a Video Toaster, but of the 3D animation software that came with the VT called "Light Wave". LightWave also made movies like "Jurasic Park" Possible, because without test animations for it, it would have ended up a "stop motion" dinosaurs (it was originally planed as stop motion and miniatures like the old harryhausen movies).

NASA chose the Amiga over the Apple, because they could make and developed their own custom hardware. When they asked Commodore for documentation, Commodore sent them palettes full of books, schematics and software. In Fact, Some Amiga's were being still used at NASA up until 2003.

Yet management ruined it. Commodore could be the biggest player on the market these days. Back then you could only laugh at PC users with their monochrome desktop while you played amazing games on your A500 (and up).

The NSA has nearly complete backdoor access to Apple's iPhone

Found on The Daily Dot on Wednesday, 01 January 2014
Browse Computer

An NSA program called DROPOUTJEEP allows the agency to intercept SMS messages, access contact lists, locate a phone using cell tower data, and even activate the device’s microphone and camera.

“Either [the NSA] have a huge collection of exploits that work against Apple products, meaning they are hoarding information about critical systems that American companies produce, and sabotaging them, or Apple sabotaged it themselves,” Appelbaum said at the Chaos Communication Conference in Hamburg, Germany.

That's why Apple devices are so simple and easy to use; that way, a lot of people want to use them. Widespread adoption makes a product a very interesting target.

U.S. says Chinese government behind cyberespionage

Found on CNet News on Tuesday, 07 May 2013
Browse Computer

The Chinese government and military have engaged in widespread cyberespionage targeting U.S. government and business computer networks, the Pentagon said Monday.

"In 2012, numerous computer systems around the world, including those owned by the U.S. government, continued to be targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military," the report said.

In March, the Obama administration demanded that China end its "unprecedented" campaign of cyberespionage, warning that the hacking activity threatens to derail efforts to build stronger ties between the two countries.

This is nothing really new. Every government has similar projects running; China is just not keeping it secret enough.