Domain: blogspot.ch
Stories and comments across the archive that link to blogspot.ch.
Stories · 5
-
US Spy Satellite Buzzes ISS (arstechnica.com)
The spy satellite that SpaceX launched about six weeks ago appears to have buzzed the International Space Station in early June. The fly-by was made by a dedicated group of ground-based observers who continued to track the satellite after it reach outer space. Ars Technica reports: One of the amateur satellite watchers, Ted Molczan, estimated the pass on June 3 to be 4.4km directly above the station. Another, Marco Langbroek, pegged the distance at 6.4km. "I am inclined to believe that the close conjunctions between USA 276 and ISS are intentional, but this remains unproven and far from certain," Molczan later wrote. One expert in satellite launches and tracking, Jonathan McDowell, said of the satellite's close approach to the station, "It is not normal." While it remains possible that the near-miss was a coincidence due to the satellite being launched into similar orbit, that would represent "gross incompetence" on the part of the National Reconnaissance Office, he said. Like the astronaut, McDowell downplayed the likelihood of a coincidence. Another option is that of a deliberate close flyby, perhaps to test or calibrate an onboard sensor to observe something or some kind of activity on the International Space Station. "The deliberate explanation seems more likely, except that I would have expected the satellite to maneuver after the encounter," McDowell said. "But it seems to have stayed in the same orbit." -
Hackers Exploit MacKeeper Flaw To Spread OS X Malware
An anonymous reader writes: Controversial OS X 'clean-up utility' MacKeeper is being exploited by cybercriminals to diffuse Mac malware OSX/Agent-ANTU, according to the BAE cyber security unit. A single line of JavaScript on a malicious web-page is enough to hand over control of the user's system via MacKeeper. Lead security researcher Sergei Shevchenko said 'attackers might simply be 'spraying' their targets with the phishing emails hoping that some of them will have MacKeeper installed, thus allowing the malware to be delivered to their computers and executed,' The malware enables remote control over commands, uploads and downloads, and the setting of execution permissions, as well as granting access to details of VPN connections, user names, and lists of processes and statuses. -
Rebuilding the PDP-8 With a Raspberry Pi
braindrainbahrain writes: Hacker Oscarv wanted a PDP-8 mini computer. But buying a real PDP-8 was horribly expensive and out of the question. So Oscarv did the next best thing: he used a Raspberry Pi as the computing engine and interfaced it to a replica PDP-8 front panel, complete with boatloads of fully functional switches and LEDs. -
Stung By File-Encrypting Malware, Researchers Fight Back
itwbennett (1594911) writes "When Jose Vildoza's father became the victim of ransomware, he launched his own investigation. Diving into CryptoDefense's code, he found its developers had made a crucial mistake: CryptoDefense used Microsoft's Data Protection API (application programming interface), a tool in the Windows operating system to encrypt a user's data, which stored a copy of the encryption keys on the affected computer. Vildoza and researcher Fabian Wosar of the Austrian security company Emsisoft collaborated on a utility called the Emsisoft Decrypter that could recover the encrypted keys. In mid-March Vildoza had launched a blog chronicling his investigation, purposely not revealing the mistake CryptoDefense's authors had made. But Symantec then published a blog post on March 31 detailing the error." -
Fake PGP Keys For Crypto Developers Found
IamTheRealMike (537420) writes "In recent months fake PGP keys have been found for at least two developers on well known crypto projects: Erinn Clark, a Tor developer and Gavin Andresen, the maintainer of Bitcoin. In both cases, these PGP keys are used to sign the downloads for popular pieces of crypto software. PGP keys are supposed to be verified through the web of trust, but in practice it's very hard to find a trust path between two strangers on the internet: one reply to Erinn's mail stated that despite there being 30 signatures [attached to] her key, [the respondent] couldn't find any trust paths to her. It's also very unclear whether anyone would notice a key substitution attack like this. This leaves three questions: who is doing this, why, and what can be done about it? An obvious candidate would be intelligence agencies, who may be trying to serve certain people with backdoored binaries via their QUANTUMTHEORY man-in-the-middle system. As to what can be done about it, switching from PGP to X.509 code signing would be an obvious candidate. Both Mac and Windows support it, obtaining a forged certificate is much harder than simply uploading a fake PGP key, and whilst X.509 certs can be issued in secret until Google's Certificate Transparency system is fully deployed, finding one would be strong evidence that an issuing CA had been compromised: something that seems plausible but for which we currently lack any evidence. Additionally, bad certificates can be revoked when found whereas beyond making blog posts, not much can be done about the fake PGP keys."