Monday, April 29, 2013

Android Phone Can Hijack a Plane

Those who believed that airport security could allow smartphone use on a plane one day might be scared of the fact that you can hijack a plane with Android phone on board.


32f9android-travel.jpg

One of the German security consultants told the Hack in The Box Conference that it is possible to hijack a plane using Android. A researcher, who has been working in IT industry for the last 11 years and is also a trained commercial pilot, pointed out that the security of both aviation computer systems and communication protocols was very vulnerable.

According to the security expert, they managed to build an exploit framework called SIMON and an Android app called PlaneSploit which could deliver attack messages to the planes’ Flight Management System. They showed how it was possible to take complete control of a plain. The hack in question targeted the Automatic Dependent Surveillance-Broadcast, which sent data about each aircraft via an on-board transmitter to air traffic controllers in order to let a plane equipped with the technology to receive flight, traffic and weather data about other aircrafts nearby.

They also managed to hack the Aircraft Communications Addressing and Reporting System, used by the pilots to exchange messages between the plane and air traffic controllers either through a radio or satellite, and to automatically deliver data about each flight phase. The security researchers pointed out that both targeted technologies were very insecure and susceptible to a number of passive and active hacker attacks.

During the attacks, the experts showed how they could misuse the Automatic Dependent Surveillance-Broadcast to select targets, and the Aircraft Communications Addressing and Reporting System in order to collect data about the on-board PC and to exploit its vulnerabilities by delivering spoofed malicious messages affecting the “behavior” of an aircraft.

The researchers developed the SIMON framework which was deliberately created only to work in a virtual environment and can’t be used on real-life plane at the moment. They explained that it was virtually impossible to detect the framework once deployed on the Flight Management System, so there’s no need to disguise it like a rootkit.

Obama to Give More Cash for Cyber Defense

US president promised to increase spending to protect the computer networks of the United States from cyber attacks, despite cutbacks in other areas of the budget. This move demonstrates that a nuclear arms race is over, while the one using software instead of nukes has started. Welcome to the dangerous but beautiful digital world, my friends.


245x168.jpg

According to media reports, Obama’s budget proposal for the next fiscal year is calling for more military “hackers” to head off escalating online attacks from China, Iran, Russia and a number of other countries. It turned out that there will be extra money to bolster defenses for the authorities and private-sector computer networks. The interesting fact is that neither China nor Russia are funded for attacking the United States.

The announcement in question followed calls from intelligence officials. They claimed that hacker attacks and espionage are now more important than terrorism in terms of the security threats facing the United States.

Air Force general Robert Kehler has explained to space and cyber industry executives recently that it was time the United States had to lock its doors because someone from halfway around the world was trying to hack its networks. In the meantime, the Pentagon claimed that the spending would beef up American defenses against increasing hacker attacks, while boosting its offensive capabilities.

So, the president’s budget proposes to boost Defense Department spending on online threats to $4.7 billion. This is $800 million more than earlier, but the rest of the Pentagon’s overall spending budget will be cut by $3.9 billion. It wants to expand its Cyber Command, a team of military hackers conducting “reconnaissance, surveillance, development, maintenance and analysis”. In addition, it is going to expand efforts to protect its own computer networks.

In the meanwhile, the Department of Homeland Security is planning to spend $44 million more on a government-wide data-sharing effort, even despite the fact that its overall budget will be cut by $615 million (1.5%). The rest of the cash will be spent on funding more cyber-security research and helping private businesses and local authorities to bolster their cyber defenses.

New Zealand Spied not Only on Kim Dotcom

According to the recent report, New Zealand’s intelligent agency had illegally spied on over 80 people, and not just on Kim Dotcom. The local Government Communications Security Bureau (GCSB) is known for illegally spying on Kim Dotcom and his partners before the events leading to the closing of MegaUpload.


8453823.jpg

Once those allegations turned out to be true, an investigation was opened in order to find out whether the agency’s unauthorized actions were limited to only Dotcom and his associates. As a result, the published results confirmed that more than eighty people were illegally spied on by the Government Communications Security Bureau. Worse still, John Key, the Prime Minister of New Zealand, is also suspected to have known about these irregularities, because he is a close friend to the agency’s head Ian Fletcher.

In order to distance himself from those allegations, the Prime Minister has put on the shocked face, claiming that he wasn’t aware of the intelligent agency’s actions and that he is going to find people who are to blame for doing so. John Key has also made promises to reform the Government Communications Security Bureau and to continue with the investigation. Nevertheless, the opposite parties are currently requesting independent reports, in order to be sure that no conflicts of interest will stain the results.

As for the first victim of the agency, Kim Dotcom, he had recently asked for an official apology. However, the only person to act on his request was John Key, who brought his apologies to the former MegaUpload’s head. The Prime Minister also promised to take legal action against the intelligent agency and police forces, for the role they’ve played on Dotcom’s nightmare.

«Django Unchained» Banned from Theatres in China

For no apparent reason, Chinese authorities have taken a decision to pull Quentin Tarantino’s “Django Unchained” out of the cinemas. As a result, movie enthusiasts had no other option than to take the alternative and watch the masterpiece from illegal sources.


wpid-twimg_media_BHjGmgVCcAABNF6.jpg_710.jpg

Once moviegoers discovered that the original version of the Oscar-winning picture was banned from the cinemas, they got very upset and complained that Chinese film buffs were the most dismayed and helpless of all. They pointed out that even when they were watching dated movies they had their screenings stopped. Fortunately, they still have another option – pirated discs.

Internet users admit that they originally planned to see Django Unchained in theaters, but the shameless State Administration of Radio, Film and Television suddenly stopped the movie. After waiting for so many days they had nothing to do but download the HD version of the movie and watch it at home.

By the way, the movie’s opening day in China was totally ruined – just a minute after the screenings started, the staff there had to stop the film by order of the State Administration of Radio, Film and Television. The movie studio regrets that the film has been removed from Chinese theaters and is currently working with the local government to find out whether Django Unchained can be rescheduled.

In response, Sony China refused to comment on the decision, with Chinese authorities saying that “Django Unchained” was censored because of “technical reasons”. In the meanwhile, the bigger picture highlighted some very interesting political mishaps, with supporters of the Conservative Party saying that the pulling of the film has brought much more harm to China and its politics than just cutting out “harmful scenes”.

At the moment, there’s a lack of people within the establishment able to report to the powers that be about the real situation so as to avoid the application of wrong policies, and the establishment fails to encourage people to do so.

The industry experts point out that the need for a clear, age-based classification system has been repeatedly emphasized by both mainstream and indie movie makers and producers. However, thus far the Chinese authorities are still to act on the imperative change, if ever. Today the local rating system only works on a two-lane freeway: either they ban a film or release it for audiences of all ages.

Microsoft Started Open War against Google

Microsoft has finally started a nasty marketing war directly against the search giant and ended any pretence of niceness between the companies. Microsoft has released a series of attack ads in the United States that have upped the ante considerably in its trade war against Google which commenced 5 months ago.


google_b_10_04_2013.jpg

The advertisements that have emerged on the Internet, on TV and in print demonstrate that Google is more interested in increasing profits than protecting its users’ privacy. This ad campaign was developed by a former political operative Mark Penn, a corporate strategist. He is known as a former pollster for President Bill Clinton and campaign strategist for Hillary Clinton’s unsuccessful bid for president 5 years ago.

In the advertisements, Microsoft vilifies Google for sharing personal data collected about people purchasing Android applications. That’s a step up from earlier adverts that skewered Google’s long-running practice of electronically scanning the contents of everyone’s Gmail accounts in order to help sell adverts.

Microsoft points out that the company had a better alternative which doesn’t do such kind of nefarious things. Negative advertising isn’t widely seen in Europe and it’s just the underdog who needs to use it. However, it also stresses how the search engine has evolved from an endearing Internet start-up to a scary entity that takes a too close look at personal information. The software giant can get away with its adverts since Google has already been caught a few times and copped regulatory fines and other settlements across the world.

Ironically enough, it’s now Google who is facing complaints about its practices being anti-competitive. At the same time, Microsoft is depicted as fighting for a freer market. A few days ago, a group of companies led by the software giant explained that it has asked European authorities to investigate whether Google is acting unfairly by giving away its OS to mobile device manufacturers on the condition that its own apps like YouTube and Google Maps are installed and prominently displayed. The most interesting part that it’s exactly what Microsoft was accused of in its browser anti-trust cases earlier.

Thus far, the search giant processes about 2/3 of search requests in the United States and handles an even larger percentage of queries in Europe. In the meanwhile, Google’s market value has rocketed from almost $25 billion at the time of its IPO to $255 billion.

American Court Ran out of Patience with Commercial Invoicing

It seems that the courts of the United States are losing patience with copyright troll firms, who may find themselves on the wrong side of the law.


Seal_of_the_United_States_Supreme_Court.png

A good example of the recent days is Prenda Law, which believed it would be a wizard wheeze to act on behalf of porn firms. Their model of commercial invoicing was nothing difficult: they found a list of IP addresses which downloaded the copyrighted content and threatened to sue them for hundreds of thousands. After this, the firm suggested to pay a much lower out of court settlement. As you can guess, the threat of a lawsuit was only used to scare Internet users into paying nominal settlement fees.

Prenda was doing well until one of the judges in Los Angeles claimed that enough was enough. Otis Wright demanded Prenda lawyers to explain their strategy in filing lawsuits involving hundreds of web users alleged of infringing porn film copyrights. Instead of answering to the judge, Prenda lawyers behaved very strange and pleaded the Fifth Amendment claiming that they would be incriminating themselves.

So, Prenda Law might be regretting the fact that it ended up in Wright’s court, because he ruled last year that copyright trolling was “essentially an extortion scheme” and claimed that the plaintiffs gamble that many defendants will send back a nuisance-value check to the plaintiff. The rewards were revealed by Prenda attorney, who bragged he had managed to collect $15 million settling such lawsuits. Of course, people would prefer to pay over going public in their porn downloads.

However, the things went wrong for the copyright troll when evidence was submitted that a couple of production companies it supposedly represented as clients, Ingenuity 13 and AF Holdings, appeared to be shell companies it set up on the West Indies island of Nevis. In violation of the court rules, Prenda lawyers concealed their direct interest in those lawsuits.

The judge believes that the porn companies are fronts for the copyright trolls, and Prenda Law realized it’s time to voluntarily drop the lawsuits in Wright’s court, but the judge wouldn’t let them do so. Wright hasn’t revealed what he’ll do about the company, but the experts expect him to ask federal prosecutors to investigate Prenda Law. As a result, other judges may start to look very closely at the copyright trolls as well.