Home » Computer

Category Archives: Computer

New ransomware uses disk-level encryption to hold your computer hostage | ExtremeTech



Encryption can be used to secure your personal communication from prying eyes, keep your banking details secure, and plenty of other great things. However, it’s also the key to an increasingly common form of malware called ransomware. When a computer is hit by a piece of ransomware, the user’s files are encrypted, and only paying a ransom in Bitcoin will get you the key to unlock. There’s a new variant of ransomware floating around, and it takes things to the extreme. Rather than just encrypting files, the Petya malware encrypts your entire hard drive.

Petya is actually very clever with the way it goes about locking up a computer. After it is installed, the system will spontaneously reboot. Instead of booting normally, the computer loads what appears to be a system CHKDSK. As one would expect, this screen makes it very clear that shutting off the PC in the middle of this operation would be a very bad idea. That’s all just a smokescreen, though. In reality, Petya is using disk-level encryption to lock the system down. The PC’s master boot record has already been compromised at this point, so shutting down won’t do any good.



Exclusive: In boost to self-driving cars, U.S. tells Google computers can qualify as drivers | Reuters


U.S. vehicle safety regulators have said the artificial intelligence system piloting a self-driving Google car could be considered the driver under federal law, a major step toward ultimately winning approval for autonomous vehicles on the roads.

The National Highway Traffic Safety Administration told Google, a unit of Alphabet Inc (GOOGL.O), of its decision in a previously unreported Feb. 4 letter to the company posted on the agency’s website this week.

Google’s self-driving car unit on Nov. 12 submitted a proposed design for a self-driving car that has “no need for a human driver,” the letter to Google from National Highway Traffic Safety Administration Chief Counsel Paul Hemmersbaugh said.

“NHTSA will interpret ‘driver’ in the context of Google’s described motor vehicle design as referring to the (self-driving system), and not to any of the vehicle occupants,” NHTSA’s letter said.

“We agree with Google its (self-driving car) will not have a ‘driver’ in the traditional sense that vehicles have had drivers during the last more than one hundred years.”


Latest Web Security Bug Might FREAK You Out | News & Opinion |






Researchers this week disclosed a security flaw that has left some Apple and Google device users vulnerable to attack when visiting supposedly secure websites.

The vulnerability, known as FREAK (Factoring attack on RSA-EXPORT Key), dates back more than a decade, and opens those on the Android and Safari browsers to man-in-the-middle hacks when surfing various sites, including government pages.

According to the cryptographers who uncovered the flaw, “Freak” targets deliberately weak export cipher suites, which were introduced “under the pressure of U.S. governments agencies to ensure that the NSA would be able to decrypt all foreign encrypted communication.”

Support for most of these algorithms are disabled by default, but there is a loophole, the researchers said.

“If a server is willing to negotiate an export ciphersuite, a man-in-the-middle may trick a browser (which normally doesn’t allow it) to use a weak export key,” their website said.

Many U.S. government agencies (NSA, FBI) and other popular sites (IBM, Symantec) enable those export ciphersuites on their servers, allowing hackers to impersonate them to vulnerable clients.

Folks using Chrome, Firefox, or Internet Explorer to connect to sites offering strong ciphers are probably not affected, the team said. But anyone running a browser with a buggy TLS library, over an insecure network, connecting to an HTTPS server with export ciphersuites, may be vulnerable.

Check out an abridged list of insecure sites—including American Express, Bloomberg, National Geographic, Cornell University, and the Ohio government, among others; the full lineup of domains is also available online.

Web administrators can use the SSL Labs’ server test to check their site’s risk level. If vulnerable, they should disable support for all known insecure ciphers and enable forward secrecy.

An Apple spokesman told PCMag that an iOS and OS X fix will be pushed out next week.

Google, meanwhile, has developed a patch that it will provide to parnters. But a company spokeswoman told PCMag that “connections to most websites … are not subject to this vulnerability.”

Still, the search giant encourages all websites to disable support for export certificates.

via Latest Web Security Bug Might FREAK You Out | News & Opinion |

Three Months Later, State Department Hasn’t Rooted Out Hackers – WSJ






Three months after the State Department confirmed hackers breached its unclassified email system, the government still hasn’t been able to evict them from the department’s network, according to three people familiar with the investigation.

Government officials, assisted by outside contractors and the National Security Agency, have repeatedly scanned the network and taken some systems offline. But investigators still see signs of the hackers on State Department computers, the people familiar with the matter said. Each time investigators find a hacker tool and block it, these people said, the intruders tweak it slightly to attempt to sneak past defenses.

It isn’t clear how much data the hackers have taken, the people said. They reaffirmed what the State Department said in November: that the hackers appear to have access only to unclassified email. Still, unclassified material can contain sensitive intelligence.

National Security Agency Director Michael Rogers, center, listens during an interview in New York last month. The NSA is investigating a hacking attack on the State Department

National Security Agency Director Michael Rogers, center, listens during an interview in New York last month. The NSA is investigating a hacking attack on the State Department PHOTO: BLOOMBERG NEWS

The episode illustrates the two-way nature of high-technology sleuthing. For all of the U.S. government’s prowess at getting into people’s computers through the NSA and the military’s Cyber Command, the government faces challenges keeping hackers out of its own networks. The discrepancy points to a commonly cited problem with defending computers: Playing offense almost is always easier than playing defense.

The revelation that hackers are still in the State Department’s network comes less than a week after President Barack Obama led a cybersecurity summit at Stanford University and signed an executive order prodding companies to share more information on hacking threats.

The White House and NSA referred questions to the State Department. The NSA’s director, Adm. Michael Rogers, led a similar hacking investigation for the U.S. Navy. The Federal Bureau of Investigation, which also is involved in the investigation, declined to comment.

“We deal successfully with thousands of attacks every day,” State Department spokeswoman Marie Harf said in a written statement. “We take any possible cyber intrusion very serious—as we did with the one we discussed several months ago—and we deal with them in conjunction with other relevant government agencies.”

No official determination has been made about who is behind the breach. But five people familiar with the original intrusion said they had seen or been told of links suggesting involvement by the Russian government.

The malware, or intrusion software, is similar to other tools linked to Moscow in the past. Two of the people said the intruders had taken State emails related to the crisis in Ukraine, among other things. In addition, the attack appears very similar to a fall breach of the White House’s unclassified email system, which some U.S. officials linked to Russia.

The Russian embassy in Washington didn’t respond to a request for comment on Thursday. The embassy traditionally hasn’t responded to accusations about digital espionage.

Both the U.S. and Russia use hacker tricks to spy on each other. This week, the Russian cybersecurity firm Kaspersky Lab ZAO released a report that documented U.S. computer spying on Russia and other countries. The NSA declined to comment on that report.

Assuming that Russia was involved, U.S. investigators are puzzling over why were they able to detect the breach.

American national-security officials view Russia’s computer warriors as on par with their own and capable of avoiding detection. One person familiar with the incident said that either Moscow wanted to send Washington a message, or it had deployed the “B-Team.”

Investigators believe that hackers first snuck into State Department computers last fall after an employee clicked on a bogus link in an email referring to administrative matters, a type of attack known as a “phish.” That loaded malicious software onto the computer—a common hacker trick that has worked in countless corporate and government breaches.

From there, the hackers spread through the State Department’s sprawling network that includes machines in thousands of offices across the U.S., embassies and other outposts. It isn’t clear why the hackers were able to gain such wide access and whether the State Department routinely cordons off portions of its network to limit such maneuvers.

 The size of agency’s network and its key function—making sure Washington knows what is happening in the rest of the world—has made the cleanup difficult, the people familiar with the investigation said.

For example, they said it is hard to take even a portion of the State Department network offline over a weekend, as is sometimes done following corporate breaches. It isn’t clear how much, if any, of the network is now hacker-free, they said. Portions of the State Department system, such as remote email access, still occasionally are taken offline, one person familiar with the matter said.

 Investigators also see signs that hackers are trying to get back into scrubbed-clean systems with slightly altered versions of their malicious code. It couldn’t be learned if those new intrusion attempts were successful.

 Cleaning out any large network takes time. When the Defense Department discovered hackers had penetrated the U.S. Central Command’s classified network in 2008, the cleanup, called Operation Buckshot Yankee, took about a month, two former U.S. officials said. That project likely was easier than the State Department’s effort, because that network was much smaller and access was more restricted.

In 2013, the U.S. Navy discovered that Iranian attackers had breached their unclassified network. Iranian officials never commented on the Navy breach.

 It took the Navy four months to purge the hackers from their system, The Wall Street Journal reported last year. Then-Vice Adm. Rogers led that operation.



Three Months Later, State Department Hasn’t Rooted Out Hackers – WSJ.

You can take down Pirate Bay, but you can’t kill the Internet it created – The Washington Post

In the late hours of Tuesday night, the Pirate Bay abruptly disappeared from the Internet, the result of a surprise raid on the site’s servers by Swedish police in Stockholm.

But forget the big-picture questions of Internet freedom or intellectual property. The real problem, for millions of Internet-users, is how am I going to watch TV?

See, the Pirate Bay is as much an idea and an orientation to entertainment media as it is/was a torrent-tracking site. Sure, the Pirate Bay technically indexed torrents, a peer-to-peer file format popular for sharing movies, music and other oversized files. But since its launch in 2003, the world’s “most notorious file-sharing site” has done something a bit more significant, and a bit more permanent, too: It’s made digital piracy a casual, inarguable part of the mainstream.

During just one month in 2013, more than 340 million people tried to download illegal content, an industry report claimed. In North America, Europe and Asia — the regions where most infringement comes from — that averages out to one in four Internet users.

 “The free and simple availability of copyrighted content through piracy ecosystems continues to drive the popularity of hundreds of websites,” the report goes on to say. “Users of piracy ecosystems, the number of Internet users who regularly obtain infringing content, and the amount of bandwidth consumed by infringing uses of content all increased significantly between 2010 and 2013.”

It wasn’t always this way, of course. Before the birth of the torrent protocol in the early aughts, sharing big files, like TV shows or movies was virtually impossible. But in the early aughts, an American guy named Bram Cohen invented, essentially, a new way for computers to communicate data and named it BitTorrent. Less than two years later, in November 2003, just as BitTorrent was starting to gain steam, a little-known group of Swedish activists launched a site to help people find and access these shared BitTorrent files.

Pirate Bay wasn’t the first torrenting site, by any means — but it quickly became the largest, and the one that stuck around. (It’s no coincidence that the popularity of the phrase “torrent download” grew, in lockstep, with the profile of Pirate Bay.) It helped, probably, that Pirate Bay was initially operated by Piratbyran, a sort of pro-piracy think tank, which lobbied extensively against intellectual property law and wanted to popularize torrenting for “moral and political” reasons. In other words, they had the courage of conviction on their side.

Even when TPB split off from Pitatbyran shortly after its founding, administrators for the site remained involved with the group, circulating petitions, hosting rallies and publishing on “the practical, moral and philosophical issues of file sharing.” And even when law enforcement and industry groups began going after the Pirate Bay — the site was first raided in 2006, and its founders arrested and charged with aiding copyright infringement three years later — the site stayed online, moving frequently to new domains and changing to a more secure, cloud-based infrastructure in 2012.

And yet, despite all these (substantial!) threats, torrenting — on Pirate Bay, the largest torrenting portal, and off it — has only become more popular and more entrenched. Between 2011 and 2013, for instance, unique users on torrenting sites jumped 23.6 percent. There are now tens of millions of people accustomed to getting their “Game of Thrones” and “Breaking Bad” and “Walking Dead” illegally, online. In fact, more people watch “Game of Thrones” by torrent than watch it on HBO — a figure that, more than any other, should hammer in how well-entrenched this whole digital-piracy thing is.

Pirate Bay could very well come back online soon; there’s certainly no evidence, at this juncture, to suggest that it won’t, and the site has bounced back from several such hurdles before. But even if TPB doesn’t return, the politics and the conventions it advanced — that content should be free, and if you torrent, they can be! — will be very difficult to eradicate.


You may be able to shut down Pirate Bay, but good luck raiding the Internet that Pirate Bay created.




You can take down Pirate Bay, but you can’t kill the Internet it created – The Washington Post.

Report: Teens are officially over Facebook –


Since children are the future, and no one over 21 really knows what they find “cool,” researchers have devoted many, many surveys to the exact quantification of what it is #teens do online.

In May 2013, they were fleeing Facebook’s “drama.” A year later, they flocked back to the network like lil’ lost sheep.

Now, a pretty dramatic new report out from Piper Jaffray — an investment bank with a sizable research arm — rules that the kids are over Facebook once and for all, having fled Mark Zuckerberg’s parent-flooded shores for the more forgiving embraces of Twitter and Instagram. Between fall 2014 and spring 2014, when Piper Jaffray last conducted this survey, Facebook use among teenagers aged 13 to 19 plummeted from 72 percent to 45 percent. In other words, less than half of the teenagers surveyed said “yes” when asked if they use Facebook. (A note: There’s no spring data available for the “no networks” option, which is why that spot is blank.)

Surveys of this type are, of course, a dime a dozen, and teen whims are as volatile as Twitter’s trending hashtags. That said, Piper Jaffray’s research is pretty thorough: It surveyed a national group of 7,200 students and accounted for variables like gender and household income.

Among the survey’s other findings: Kids love Apple products above any other consumer tech brand, though only a sliver — 16 percent — were interested in the iWatch. They overwhelmingly predicted that, by 2019, they’d watch all their movies on Netflix. They’re cooling on Pandora radio, which has seen a host of streaming apps and other competitors crop up in the past five years.

Alas, none of this helps explain why teens like the things they do, a question as old and impenetrable as time. Both research and anecdote would suggest, of course, that it has something to do with the presence of adults on the site, as well as the typically high-school plagues of oversharing and infighting. The recent rise of anonymous social apps — things like Whisper and Yik Yak, which is dominated by college students — would also seem to suggest a youthful wish to escape the confines and responsibilities of a fixed online identity. (Facebook certainly seems to worry that’s the case: On Tuesday The New York Times reported that the website was working on an anonymous, stand-alone messaging app of its own.)

That should perhaps worry parents, of both the helicopter and cool-Dad variety: You can’t really interact with — or “check up on” — your kids on Whisper the way you do on ye olde FB. (Whisper users don’t have friends and go on under pseudonymous usernames, which, arguably, is the app’s main draw.)

Facebook needn’t panic, though. Even if its namesake platform is now totally passe, the kids still love Instagram — so Zuck wins, either way.

via Report: Teens are officially over Facebook –

VIDEO: Drone vs. Hawk (Spoiler: The Hawk Wins) | News & Opinion |


The next time you take your drone out for a spin, you better keep a close eye out for flying objects that might interrupt your joy ride — like birds. One Cambridge, Mass. man learned this lesson the hard way after a territorial hawk took down his expensive flying gadget.

Christopher Schmidt, a software developer, has flown his Phantom FC40 $499.00 at Amazon quadcopter several times a week since purchasing it six months ago, and uses an attached GoPro camera to capture footage for his YouTube page. One recent flight, however, didn’t go quite as planned.

He was flying the drone above Magazine Beach Park in Cambridge this week, capturing views of the Boston skyline, when a hawk charged at the aircraft, full speed ahead, taking it down. Check out the video below for a look at the whole confrontation.

In the 39-second clip, you can see the hawk fly in from the right and crash into the drone, talons-first before the quadcopter falls to the ground. Luckily, Schmidt’s equipment — and the bird — made it through the encounter with only minimal damage.

via VIDEO: Drone vs. Hawk (Spoiler: The Hawk Wins) | News & Opinion |

Computer repair scams working state



COLUMBUS – At the start of National Cyber Security Awareness Month, Ohio Attorney General Mike DeWine is reporting his office has received more than 50 calls about computer repair scams in the past month.

The computer repair scam generally begins with a phone call. The caller states he is affiliated with a well-known software company and says there is a problem with the consumer’s computer. The caller gives the consumer several prompts to check for a virus. Ultimately, the caller asks the consumer for remote access to the computer or for payment information so the caller can correct the problem.

Consumers who follow the instructions put their personal information at risk. Scammers may install malware to gain access to consumers’ passwords and other personal information, which could lead to identity theft. They also may rack up unauthorized charges on the consumer’s credit card.

Some consumers among the callers to the attorney general’s office have lost more than $100 or experienced hundreds or thousands of dollars in unauthorized credit card charges as a result of the scam.

“It has never been more important for all Ohioans to put cybersecurity tips to use,” DeWine said. “We need to protect our electronic devices as we would our own wallets and purses. Also, if you get an unexpected call from someone who wants to help you clear a virus on your computer, don’t respond. It’s probably a scam.”

Consumers can help protect themselves by following these tips:

• Don’t trust a caller who says your computer has a virus.

• Don’t give someone remote access to your electronic devices.

• If you fall for a computer repair scam, contact a trustworthy, local tech expert.

• Dispute unauthorized credit card charges with your credit card provider.

• Set strong passwords with eight or more characters and a combination of numbers, letters and symbols, and don’t share passwords with anyone.

• Keep operating systems, Internet browsers and other critical software optimized by installing updates.

• Limit the amount of personal information you share online and use privacy settings to avoid sharing information widely.

During October, staff members from the Ohio Attorney General’s Consumer Protection Section will offer cybersecurity presentations throughout the state, primarily to high school and junior high school students.

via Computer repair scams working state.

The biggest iPhone security risk could be connecting one to a computer | PCWorld

Apple has done well to insulate its iOS mobile operating system from many security issues, but a forthcoming demonstration shows it’s far from perfect.

Next Wednesday at the Usenix Security Symposium in San Diego, researchers with the Georgia Institute of Technology will show how iOS’s Achilles’ heel is exposed when devices are connected over USB to a computer or have Wi-Fi synching enabled.

The beauty of their attack is that it doesn’t rely on iOS software vulnerabilities, the customary way that hackers commandeer computers. It simply takes advantage of design issues in iOS, working around Apple’s layered protections to accomplish a sinister goal.

“We believe that Apple kind of overtrusted the USB connection,” said Tielei Wang, a co-author of the study and research scientist at the institute.

Last year, Wang’s team developed Jekyll, an iPhone application with well-masked malicious functions that passed Apple’s inspection and briefly ended up on its App Store. Wang said although the research was praised, critics contended it might have been hard to get people to download Jekyll amid the thousands of apps in the store.

This time around, Wang said they set out to find a way to infect a large number of iOS devices and one that didn’t rely on people downloading their malicious app.

Their attack requires the victim’s computer to have malware installed, but there’s a thriving community of people known as “botnet herders” who sell access to large networks of compromised computers.

Wang said they conducted their research using iOS devices connected to Windows, since most botnets are on that platform, but their attack methods also apply to OS X.

Apple requires a person to be logged into his account in order to download an application from the App Store. But Wang and the researchers developed a man-in-the-middle attack that can trick an Apple device that’s connected to a computer into authorizing the download of an application using someone else’s Apple ID.

As long as the application still has Apple’s digital signature, it doesn’t even need to still be in the App Store and can be supplied from elsewhere.

But Apple is pretty good at not approving malicious applications, so the researchers found another way to load a malicious app that didn’t involve the App Store.

Apple issues developer certificates to those who want to do internal distributions of their own applications. Those certificates can be used to self-sign an application and provision it.

Wang’s team found they could sneak a developer provisioning file onto an iOS device when it was connected via USB to a computer. A victim doesn’t see a warning.

That would allow for a self-signed malicious application to be installed. Legitimate applications could also be removed and substituted for look-alike malicious ones.

“The whole process can be done without the user’s knowledge,” Wang said. “We believe that it is a kind of weakness.”

Wang said Apple has acknowledged the team’s research, some of which was shared with the company last year, and made some changes. An Apple spokeswoman in Sydney did not have a specific comment on the research.

One of Apple’s changes involved displaying a warning when an iOS device is connected to a particular computer for the first time, advising that connections should only be made with trusted computers, Wang said. That advice is only displayed once.

To be sure, Apple has powerful ways to disable such attacks. It can remove applications from the App Store, remotely disable applications on a device and revoke developer certificates. And it’s questionable if an attacker would see an economic benefit from infecting large numbers of iOS devices.

But state-sponsored hackers and cyberspies opt for stealthy, targeted attacks aimed at just a few users. This method could be of use if an attacker knows exactly who is using a specific, compromised computer.

They also found another weakness when an iOS device is connected over USB. The host computer has access to a device not only through iTunes but also via a protocol called Apple File Connection, which is used for accessing images or music files.

That protocol has access to files within iOS’s application directories, which include secure, “https” cookies, according to their research paper. Cookies are small data files that allow Web services to remember that a person is logged in, among other functions.

Cookies are especially sensitive since they can be used to hijack someone’s account. iOS prevents applications from accessing each other’s cookies. But it doesn’t stop a desktop computer from grabbing that information, Wang said.

The researchers recovered login cookies, including those for Facebook and Google’s Gmail. Neither of those companies had a comment.

The best advice is to not connect your phone to a computer, especially if you think the computer might be infected with malware.

“Just avoid that,” Wang said.

The study was co-authored by Yeongjin Jang, Yizheng Chen, Simon Chung, Billy Lau and Wenke Lee.

via The biggest iPhone security risk could be connecting one to a computer | PCWorld.

How computer hackers changed the Ferguson protests : News

The Internet crashed at City Hall here on Tuesday morning. Ferguson’s website went dark. The phones died.

City officials didn’t say what happened — only that a flood of traffic aimed at the City Hall website “just kept coming.”

But an international group of unnamed computer hackers had warned it would happen. In the hours after 18-year-old Michael Brown was shot and killed by a Ferguson police officer, the group, Anonymous, urged residents to the streets.

And the hackers vowed retribution if police harmed protesters.

“We are watching you very closely,” Anonymous’ distinctive electronic voice rasped in a video posted Monday on Twitter. “If you abuse, harass or harm the protesters in Ferguson we will take every Web-based asset of your departments and federal agencies offline.”

The hackers would also, the video continued, begin publicly releasing police officers’ personal information.

Then they did.

Early Tuesday morning, someone posted the home address and phone number of Jon Belmar, the relatively new chief of St. Louis County police. And that was just the beginning.

The Ferguson protests have been informed, if not fueled, by a stream of moment-by-moment posts, largely on Twitter. Published instantaneously via cellphones by residents at the scene, the messages have told the world when crowds amass, when police line up, when tear gas flies.

But Anonymous hackers have reached beyond the Web.

Anonymous has been operating for nearly a decade. It’s hard to even call it a group — those insiders who have spoken publicly about the organization describe it more in terms of each individual mission.

“It is an anarchist collective of autonomous individuals,” wrote one hacker who responded to an email from the Post-Dispatch. “Most of us are friends and work together, but we are not responsible for anything anyone else in the global collective does.”

That team member, who declined to be identified but said he was out of the country, said the core Ferguson operation is run by about a half-dozen Anonymous operatives, invited by St. Louis activists, with thousands of “Anons” from about 75 different countries “joining in to help.”

via How computer hackers changed the Ferguson protests : News.