Showing posts with label Hacking News. Show all posts
Showing posts with label Hacking News. Show all posts
A Guy who helped create the internet, dies at 85
April 15, 2017
The Internet just lost one of its most prominent innovators.
Robert W Taylor, a computer scientist who was instrumental in creating the Internet as well as the modern personal computer, has died at the age of 85.
Mr. Taylor, who is best known as the mastermind of ARPAnet (precursor of the Internet), had Parkinson's disease and died on Thursday at his home in Woodside, California, his son Kurt Kurt Taylor told US media.
While the creation of the Internet was work of many hands, Mr. Taylor made many contributions.
As a researcher for the US military's Advanced Research Projects Agency (ARPA) in 1966, Taylor helped pioneer the concept of shared networks, as he was frustrated with constantly switching between 3 terminals to communicate with researchers across the country.
His frustration led the creation of ARPAnet— a single computer network to link each project with the others — and this network then evolved into what we now know as the Internet.
In a legendary 1968 essay, Mr. Taylor correctly predicted ARPAnet would become an efficient and necessary utility for the public in the future: a vast, decentralized grid of interconnected devices that would reshape communication at every level.
"In a few years, men will be able to communicate more effectively through a machine than face to face," Taylor wrote in the 1968 paper.
Besides this, Mr. Taylor also played a key role in the creation of the computerMouse. While working as a project manager for NASA in 1961, he learned of research into the direct interaction between humans and computers being conducted by computer scientist Douglas Engelbart (who died in 2013) at the Stanford Research Institute.
Mr. Taylor directed much funding to Engelbart's research, which led to the invention of the mouse, that became an essential element of both Macintosh and Microsoft Windows-based PCs.
After almost a decade, Taylor moved on to Xerox's legendary Palo Alto Research Center (PARC) in Northern California, where he oversaw the creation of the Alto, a pioneering personal computer.
The Alto was the first PC designed to support an operating system based on a graphical user interface with icons, windows, and menus instead of typing text commands in computer language — a concept that's copied by the operating systems that would follow.
Taylor's engineering team also helped develop the networking technologyEthernet and a word processing program called Bravo that became the basis for Microsoft Word.
Born in Dallas on 10 February 1932, Mr. Taylor was awarded the National Medal of Technology and Innovation in 1999 for"visionary leadership in the development of modern computing technology, including computer networks, the personal computer, and the graphical user interface."
Mr. Taylor, along with other PARC researchers, was also awarded the National Academy of Engineering's Draper Prize in 2004 for the development of "the first practical networked personal computers."
Mr. Taylor retired in 1996.
7 Ways Your SmartPhone is Being Hacked
April 14, 2017
7 Ways Your SmartPhone is Being Hacked
How safe is your smartphone?
Are you a victim of smartphone espionage?
It is a fact that governments, the NSA, private organizations and individuals hack smartphones using malicious backdoors, phone apps, ATM skimming type software and wireless radio wave technology to gain illegal access to the unsuspecting smartphone user.
Hackers can take over your smart phone by sending a text message with a photo or video attached. In 2015, over a billion Android phones were affected by this security flaw known as “Stagefright.” According to arstechnica.com a disparaging Qualcomm security-bug, leaves many phones open to attack. The fix is unavailable for most users, and many will probably never get it. “The flaw, which is most severe in Android versions 4.3 and earlier, allows low-privileged apps to access sensitive data that’s supposed to be off-limits, according to a blog published by security firm, Fire Eye, but instead, the data is available by invoking permissions that are already requested by millions of apps available in Google Play.”Unfortunately even with Apple’s strong encryption standards, even an iPhone user’s privacy is still at serious risk and exposure. According to digitaltrends.com the illegal exposure was possible from a security flaw in Signaling System 7 (SS7), a little-knownglobal networkthat connects all the phone carriers around the world. It’s known as the heart of the phone system. The bad news here is that it affects every phone on a cellular network, whether it’s running iOS, Android, or even Windows. Even if a user turns off location services on their phone, hackers would still be able to see the phone’s location via the network. “The theory is that the SS7 flaw is well known within the government, but it’s a hole that security agencies might not want plugged since it provides access to everyone’s phone.”
According to cracked.com, once your phone has been hacked, your cell phone tilt sensor can “sense” what you are typing on your computer. Your phone’s accelerometer can pick up information such as messages, chats and passwords just based on the distance from the keys to the phone and deduce which letters you type.
4. Any Smartphone with near field capabilities (NFC) can steal credit card information just by being near them. According to Cracked.com, “the program’s creator, Eddie Lee, demonstrated the hack with his own phone at DefCon 2012, then released his simple app on the Internet as a flashing ‘Fuck you, fix this!’ sign to credit card companies.”
“FREE CHARGING” Kiosks may use the same technology as ATM Skimming devicesto steal your private information, and data, or install a program on your phone to steal it later.
6. Ralf-Philipp Weinmann of the University of Luxembourg discovered that hackers infiltrate your phone through the airwaves themselves, through fake cell phone towers, completely bypassing your operating system and antivirus software to hack directly into the radio processor. This fake cell phone tower tricks your phone into thinking you are connected to a network. Much like the security flaw in SS7.
Unsecure Wifi in restaurants, hotels, and airports allows the hackers to view everything you do while connected. On iPhones, a message will warn the user by saying the server cannot be verified.
There may be a silver lining:
According to John Marinho, vice president of Technology & Cyber Security at CTIA, the wireless association, which represents phone carriers and manufactures. “The U.S. has one of the lowest malware infection rate in the world thanks to the entire wireless ecosystem working together and individually to vigilantly protect consumers.”
But is it really?
Or is this just what they want us to think?
According to PCWorld, Edward Snowden has created an iPhone case meant to kill surveillance efforts by hackers who attempt to find your location. You can’t just turn off your location in settings on an iPhone, hackers have found a way around this. Snowden warned, “The GPS, for instance, will still remain active on some handsets, like the iPhone. In the worst-case scenario, malware could also infect the handset to secretly send radio transmissions, he added.”
Snowden’s iPhone case is designed to protect journalists from governments spying their locations. “Unfortunately, journalists can be betrayed by their own tools,” he added. “That may have happened in 2012, when U.S. reporter Marie Colvin was killed while covering the Syrian civil war.” A lawsuit alleges that the Syrian government assassinated her by tracking Colvin’s satellite phone communications to find her location.
Robert Nazarian, from Digitaltrends.com shared critical information in an article dated April 2016. Nazarian says, “U.S. Rep. Ted Lieu, D-Calif., a member of the House Budget Committee and the House Committee on Oversight and Government Reform, called for a full investigation into the SS7 issue and sent a Letter dated April 18, 2016, to Honorable Jason Chaffetz, Chairman, and Honorable Elijia Cummings, Ranking Member, of the House Committee on Oversight and Government Reform.
In the letter to Chaffets and Cummings, Lieu says:
“ANYONE WHO KNOWS ABOUT THIS FLAW AND DIDN’T ACTIVELY TRY TO REMEDY IT SHOULD BE FIRED. WE CAN’T HAVE 300 SOME MILLION AMERICANS, AND REALLY THE GLOBAL CITIZENRY, BE AT RISK OF HAVING THEIR PHONE CONVERSATIONS INTERCEPTED WITH A KNOWN FLAW SIMPLY BECAUSE SOME INTELLIGENCE AGENCIES MIGHT GET SOME DATA,” HE SAID. THAT IS NOT ACCEPTABLE.”
Of course, Edward Snowden outed himself as the NSA whistleblower, because he thought the current NSA surveillance techniques were a threat to democracy, and many individuals agree with him and are in his corner. It was confirmed that the NSA has DEEP HOOKS in Big Tech, including real time access to the data of American citizens.
George Orwell warned of big government overstepping their boundaries. In his book titledNineteen Eighty Four the term Big Brother is a fictional dictatorship used to refer to any ruler or government that invades the privacy of its citizens.
In 1961, Dwight D. Eisenhower warned “In the councils of government, we must guard against the acquisition of unwarranted influence, whether sought or unsought, by the military industrial complex. The potential for the disastrous rise of misplaced power exists and will persist.”
Sure enough, Big Brother has figured out Big Tech hacking.
Even if we try to stay one step ahead . . .
Hackers Can Steal Your Pasword Just by Monitering SmartPhone Sensors
April 14, 2017
Hackers Can Steal Your Password Just by Monitoring Smart-Phone Sensors
Do you know how many kinds of sensors your smartphone has inbuilt? And what data they gather about your physical and digital activities?
An average smartphone these days is packed with a wide array of sensors such as GPS, Camera, microphone, accelerometer, magnetometer, proximity, gyroscope, pedometer, and NFC, to name a few.
Now, according to a team of scientists from Newcastle University in the UK, hackers can potentially guess PINs and passwords – that you enter either on a bank website, app, your lock screen – to a surprising degree of accuracy by monitoring your phone's sensors, like the angle and motion of your phone while you are typing.
The danger comes due to the way malicious websites and apps access most of a smartphone's internal sensors without requesting any permission to access them – doesn't matter even if you are accessing a secure website over HTTPS to enter your password.
Your Phone doesn't Restrict Apps from Accessing Sensors' Data
Your smartphone apps usually ask your permissions to grant them access to sensors like GPS, camera, and microphone.
But due to the boom in mobile gaming and health and fitness apps over the last few years, the mobile operating systems do not restrict installed apps from accessing data from the plethora of motion sensors like accelerometer, gyroscope, NFC, motion and proximity.
Any malicious app can then use these data for nefarious purposes. The same is also true for malformed websites.
"Most smartphones, tablets and other wearables are now equipped with a multitude of sensors, from the well-known GPS, camera, and microphone to instruments such as the gyroscope, proximity, NFC, and rotation sensors and accelerometer," Dr. Maryam Mehrnezhad, the paper's lead researcher, said describing the research."But because mobile apps and websites don't need to ask permission to access most of them, malicious programs can covertly 'listen in' on your sensor data and use it to discover a wide range of sensitive information about you such as phone call timing, physical activities and even your touch actions, PINs and passwords."
Scientists have even demonstrated an attack that can record data from around 25 sensors in a smartphone. They have also provided a video demonstration of their attack, showing how their malicious script is collecting sensor data from an iOS device.
The team wrote a malicious Javascript file with the ability to access these sensors and log their usage data. This malicious script can be embedded in a mobile app or loaded on a website without your knowledge.
Now all an attacker need is to trick victims into either installing the malicious app or visiting the rogue website.
Once this is done, whatever the victim types on his/her device while the malicious app or website running in the background of his phone, the malicious script will continue to access data from various sensors and record information needed to guess the PIN or passwords and then send it to an attacker's server.
Guessing PINs and Passwords with a High Degree of Accuracy
Researchers were able to guess four-digit PINs on the first try with 74% accuracy and on the fifth try with 100% accuracy based on the data logged from 50 devices by using data collected from just motion and orientation sensors, which do not require any special permission to access.
The scientists were even able to use the collected data to determine where users were tapping and scrolling, what they were typing on a mobile web page and what part of the page they were clicking on.
Researchers said their research was nothing but to raise awareness to those several sensors in a smartphone which apps can access without any permission, and for which vendors have not yet included any restrictions in their standard built-in permissions model.
"Despite the very real risks, when we asked people which sensors they were most concerned about we found a direct correlation between perceived risk and understanding," Mehrnezhad said. "So people were far more concerned about the camera and GPS than they were about the silent sensors."
Mehrnezhad says the team had alerted leading browser providers such as Google and Apple of the risks, and while some, including Mozilla and Safari, have partially fixed the issue, the team is still working with the industry to find an ideal solution.
More technical details can be found in the full research paper, titled "Stealing PINs via mobile sensors: actual risk versus user perception," published Tuesday in the International Journal of Information Security.
Ohio prisoners who built personal computers from parts
April 14, 2017
Can you imagine your world without the Internet?
I know it's hard to imagine your life without the Internet, and the same was the case of two Ohio prisoners who built personal computers from parts from e-waste, hid them in the ceiling, and connected those PCs to the Internet via the prison's network.
The incident occurred in 2015 but has now been made public by the State of Ohio's Office of the Inspector General, which published a 50-page report [PDF] on Tuesday, following almost a year-long investigation.
According to the report, a prison work program has backfired two inmates of Marion Correctional Institution in Ohio, Florida, who smuggled computer parts from an e-waste recycling workshop and built two clandestine computers out of them.
The unsupervised inmates later hid the computers behind a plywood board in the ceiling of a training room, and then connected those working PCs to the Ohio Department of Rehabilitation and Correction (ODRC) network to access the Internet.
But once the inmates got online, unsurprisingly, they used their skills to break the law.
The prisoners accessed the internal records of other inmates, created inmate passes for restricted areas, accessed websites with information about manufacturing drugs, weapons, and explosives, and apply for credit cards under another prisoner's name for a planned tax fraud scheme, Ohio's government watchdog said.
Besides this, the forensics team also found "self-signed certificates, Pidgin chat accounts, Tor sites, Tor geo exit nodes, ether soft, pornography, videos, VideoLan, virtual phone, and other various software."
The scheme was discovered after prison technology employee Gene Brady alerted about unusual levels of internet activity on a contractor's account on days when the employee was not scheduled to work.
Ultimately, a total of five inmates were identified as being involved with the hidden computers during the investigation:
Stanislov Transkiy – Executive committee chairman of Recycling.Leeshan McCullough – Chairman of aquaculture.Robert Cooper – Chairman of horticulture.Matthew Brown – Chairman of environmental education.Adam Johnston – Executive committee treasurer.All the five inmates have now been separated and moved to other correctional facilities.
Stanislov Transkiy – Executive committee chairman of Recycling.Leeshan McCullough – Chairman of aquaculture.Robert Cooper – Chairman of horticulture.Matthew Brown – Chairman of environmental education.Adam Johnston – Executive committee treasurer.All the five inmates have now been separated and moved to other correctional facilities.
"We will thoroughly review the reports and take any additional steps necessary to prevent these types of things from happening again," the ODRC said in a statement.
"It's of critical importance that we provide necessary safeguards in regards to the use of technology while still providing opportunities for offenders to participate in meaningful and rehabilitative programming."
The Marion Correctional Institution (MCI), which houses nearly 2,500 inmates, operates many programs to educate or provide services to the community, including the MCI Green Initiative to revamp the institution's trash and recycling processes.
Subscribe to:
Posts (Atom)
