Archive for the ‘Software’ Category
If you have young children, this science-education game might be of interest. The author describes how his daughter took to it.
When Kevin Drum is good, he’s really very good. Read this one.
Sam Biddle reports in The Intercept:
ON MONDAY, A HACKING group calling itself the “ShadowBrokers” announced an auction for what it claimed were “cyber weapons” made by the NSA. Based on never-before-published documents provided by the whistleblower Edward Snowden, The Intercept can confirm that the arsenal contains authentic NSA software, part of a powerful constellation of tools used to covertly infect computers worldwide.
The provenance of the code has been a matter of heated debate this week among cybersecurity experts, and while it remains unclear how the software leaked, one thing is now beyond speculation: The malware is covered with the NSA’s virtual fingerprints and clearly originates from the agency.
The evidence that ties the ShadowBrokers dump to the NSA comes in an agency manual for implanting malware, classified top secret, provided by Snowden, and not previously available to the public. The draft manual instructs NSA operators to track their use of one malware program using a specific 16-character string, “ace02468bdf13579.” That exact same string appears throughout the ShadowBrokers leak in code associated with the same program, SECONDDATE.
SECONDDATE plays a specialized role inside a complex global system built by the U.S. government to infect and monitor what one document estimated to be millions of computers around the world. Its release by ShadowBrokers, alongside dozens of other malicious tools, marks the first time any full copies of the NSA’s offensive software have been available to the public, providing a glimpse at how an elaborate system outlined in the Snowden documents looks when deployed in the real world, as well as concrete evidence that NSA hackers don’t always have the last word when it comes to computer exploitation.
But malicious software of this sophistication doesn’t just pose a threat to foreign governments, Johns Hopkins University cryptographer Matthew Green told The Intercept:
The danger of these exploits is that they can be used to target anyone who is using a vulnerable router. This is the equivalent of leaving lockpicking tools lying around a high school cafeteria. It’s worse, in fact, because many of these exploits are not available through any other means, so they’re just now coming to the attention of the firewall and router manufacturers that need to fix them, as well as the customers that are vulnerable.
So the risk is twofold: first, that the person or persons who stole this information might have used them against us. If this is indeed Russia, then one assumes that they probably have their own exploits, but there’s no need to give them any more. And now that the exploits have been released, we run the risk that ordinary criminals will use them against corporate targets.
The NSA did not respond to questions concerning ShadowBrokers, the Snowden documents, or its malware.
The offensive tools released by ShadowBrokers are organized under a litany of code names such as POLARSNEEZE and ELIGIBLE BOMBSHELL, and their exact purpose is still being assessed. But we do know more about one of the weapons: SECONDDATE.
SECONDDATE is a tool designed to intercept web requests and redirect browsers on target computers to an NSA web server. That server, in turn, is designed to infect them with malware. SECONDDATE’s existence was first reported by The Intercept in 2014, as part of a look at a global computer exploitation effort code-named TURBINE. The malware server, known as FOXACID, has also been described in previously released Snowden documents.
Other documents released by The Intercept today not only tie SECONDDATE to the ShadowBrokers leak but also provide new detail on how it fits into the NSA’s broader surveillance and infection network. They also show how SECONDDATE has been used, including to spy on Pakistan and a computer system in Lebanon.
The top-secret manual that authenticates the SECONDDATE found in the wild as the same one used within the NSA is a 31-page document titled “FOXACID SOP for Operational Management” and marked as a draft. It dates to no earlier than 2010. A section within the manual describes administrative tools for tracking how victims are funneled into FOXACID, including a set of tags used to catalogue servers. When such a tag is created in relation to a SECONDDATE-related infection, the document says, a certain distinctive identifier must be used: . . .
UPDATE: One clue: the poor use of English in the messages seems to be faked. /update
That the NSA data dump could have come from a disgruntled employee seems not at all unlikely, given Edward Snowden. Lorenzo Franceschi-Bicchierai and Joseph Cox report in Motherboard:
There are a lot of unanswered questions surrounding the shocking dump of a slew ofhacking tools used by an NSA-linked group earlier this week. But perhaps the biggest one is: who’s behind the leak? Who is behind the mysterious moniker “The Shadow Brokers”?
So far, there’s no clear evidence pointing in any direction, but given the timing of the leak, and the simple fact that very few would have the capabilities and the motives to hack and shame the NSA publicly, some posited The Shadow Brokers could be Russian.
But there’s another possibility. An insider could have stolen them directly from the NSA, in a similar fashion to how former NSA contractor Edward Snowden stole an untold number of the spy agency’s top secret documents. And this theory is being pushed by someone who claims to be, himself, a former NSA insider.
“My colleagues and I are fairly certain that this was no hack, or group for that matter,” the former NSA employee told Motherboard. “This ‘Shadow Brokers’ character is one guy, an insider employee.”
The source, who asked to remain anonymous, said that it’d be much easier for an insider to obtain the data that The Shadow Brokers put online rather than someone else, even Russia, remotely stealing it. He argued that “naming convention of the file directories, as well as some of the scripts in the dump are only accessible internally,” and that “there is no reason” for those files to be on a server someone could hack. He claimed that these sorts of files are on a physically separated network that doesn’t touch the internet; an air-gap. (Motherboard was not able to independently verify this claim, and it’s worth bearing in mind that an air-gap is not an insurmountable obstacle in the world of hacking).
Of course, as Matt Suiche, the CEO of Dubai-based cybersecurity company Comae,noted in a post analyzing the insider theory, a leading theory is . . .
David Silverberg reports at Motherboard:
“There has to be a better way.”
That’s what UK software developer Mike Fox thought last year when he was searching RottenTomatoes.com for blog posts about films he wanted to check out. But as much as he liked the curation and aggregation of reviews that gave each film a score, he was frustrated he couldn’t filter results based on the number of critic or audience reviews. He was also annoyed by the many articles about celebrities surrounding reviews, which cluttered and sullied the database.
So, like many intrepid developers, he built a better site.
Cinesift, which launched last September but was updated recently thanks to a popular post on reddit, aggregates the aggregators. It lists more than 21,439 films and includes data from Rotten Tomatoes, Metacritic, Letterboxd, IMDB and more. Fox created an algorithm that averages the score from each source to give each film a new rating, while also displaying if the film is available on DVD, Netflix and Amazon Prime.
While Fox’s idea isn’t entirely new—InstantWatcher.com also lists films with Netflix/Amazon Prime availability—he developed a robust search engine that will make Cinesift incredibly popular with finicky movie lovers. The standard search options include the ability to find films based on year or decade, genre, the number of critic reviews, and whether it’s available on DVD, Netflix and/or Amazon Prime. The impressive Advanced Options let you filter results based on director, cast and even keyword within the plot description.
Got MLB fever and in the mood to catch a baseball-related movie? Type “baseball” into the Plot field and you’ll see results ranging from Moneyball to Sugar to Bull Durham.
Other Advanced Options for filtering let you toggle sliders for fields such as rating and number of audience reviews within each source, such as Metacritic and IMDB.
The coolest feature for those outside the U.S. is the ability to select on a drop-down list the Netflix availability for various regions, such as Canada, UK, Sweden and Australia. . .
Nathaniel Popper reports in the NY Times:
As state after state has legalized marijuana in one way or another, big names in corporate America have stayed away entirely. Marijuana, after all, is still illegal, according to the federal government.
But Microsoft is breaking the corporate taboo on pot this week by announcing a partnership to begin offering software that tracks marijuana plants from “seed to sale,” as the pot industry puts it.
The software — a new product in Microsoft’s cloud computing business — is meant to help states that have legalized the medical or recreational use of marijuana keep tabs on sales and commerce, ensuring that they remain in the daylight of legality.
But until now, even that boring part of the pot world was too controversial for mainstream companies. It is apparent now, though, that the legalization train is not slowing down: This fall, at least five states, including the biggest of them all — California — will vote on whether to legalize marijuana for recreational use.
So far, only a handful of smaller banks are willing to offer accounts to companies that grow or sell marijuana, and Microsoft will not be touching that part of the business. But the company’s entry into the government compliance side of the business suggests the beginning of a legitimate infrastructure for an industry that has been growing fast and attracting lots of attention, both good and bad.
“We do think there will be significant growth,” said Kimberly Nelson, the executive director of state and local government solutions at Microsoft. “As the industry is regulated, there will be more transactions, and we believe there will be more sophisticated requirements and tools down the road.”
Microsoft’s baby step into the business came through an announcement on Thursday that it was teaming up with a Los Angeles start-up, Kind, that built the software the tech giant will begin marketing. Kind — one of many small companies trying to take the marijuana business mainstream — offers a range of products, including A.T.M.-style kiosks that facilitate marijuana sales, working through some of the state-chartered banks that are comfortable with such customers.
Microsoft will not be getting anywhere near these kiosks or the actual plants. Rather, it will be working with Kind’s “government solutions” division, offering software only to state and local governments that are trying to build compliance systems.
But for the young and eager legalized weed industry, Microsoft’s willingness to attach its name to any part of the business is a big step forward. . .
The whole article by Ryan Gallagher in The Intercept is worth reading, but just look at the chart:
This shows the importance of developing pattern-recognition software that can trawl through the oceans of data to find significant connections to be reviewed in depth.