Astronauts on the International Space Station have used their 3-D printer to make a wrench from instructions sent up in an email.
It is the first time hardware has been “emailed” to space.
This post originally quoted photographer Tom Sanders as saying it takes him five years to get on the dance floor. It takes him five beers.
One person offering clear directives to the cops: Patrick Lynch, their union president, who asked them to sign an emotionally manipulative letter banning de Blasio from their hypothetical future funeral, and who actually said on Saturday night that there was “blood on their hands [of] those that incited violence on the street under the guise of protest … [blood] on the steps of city hall, in the office of the mayor”.
Yes, the cops blamed the protesters. (So did Rudy Giuliani, but don’t get me started on him.) Even more chilling, the police union purportedly declared in a widely shared statement that the NYPD has “become a ‘wartime’ police department. We will act accordingly.”
There is this bizarre idea in the heads of cops that if you’re not 100% behind them, no matter what they do or who they do it to, you’re against society and want anarchy, chaos, looting, and murder.
So to get a full picture you have to read a lot of very technical reports from the network security community. My understanding of the attack comes from reading (probably way too many) technical reports about it. I’ll try and give the most readable sources here.
The first public notification of the hack came on Reddit. Within an hour Deadline Hollywood reported Sony had sent a memo to all employees warning of the hack. This was followed by a flurry of reporting then the release of proof of the hack.
The initial data leak. I won’t post it here but it’s still available if you look on torrent sites. It’s 26 GB of files and contained Social Security numbers, names, contact details, contact phone numbers, dates of birth, email addresses, employment benefits, workers compensation details, retirement and termination plans, employees previous work history, executive salaries, medical plans, dental plans, genders, employee IDs, sales reports, copies of passport information and receipts for travel of all Sony Pictures employees worldwide. Much of this information notably “\HR\Benefits\Mayo Health\Mayo XEROX assessment feed” was stored in plaintext.
The second data leak. This one garnered less press but contained was considerably more dangerous. It contained full security certificate information, internal and external account credentials, authentication credentials with plaintext passwords for systems such as the Sony YouTube page and UPS accounts. I’ve heard that much of this information was available because an IT director was comprised apparently he had no background in IT and was actually a marketing exec who reached the position (and thus higher salary) through corporate politics. You can see for example is was good at naming files.
The FBI issued a confidential flash warning to the security departments of large American companies warning about a new malware called Destover Backdoor.
I can’t post the notice itself (it’s confidential) but I can post the Symantec writeup about it.
As people started to analyze the code sample provided we learned that it was created on a computer using the Korean language and included pictures with Sony’s name written on a tombstone (meaning that it was a targeted attack). The picture also contained the text “We’ve already warned you, and this is just the beginning. We continue till our request be met.” Note that no where did they say what their demands were though North Korea had previous threatened Sony over the release of The Interview.
We also learned how to detect the “Command and Control” modules of the code. Initially the virus just exposes the computers files and configures it to run a webserver. It also attempts to spread throughout the network targeting access to specific machines and ip addresses. Because these are hardcoded it means the attacker either had inside help or had previously penetrated Sony’s network and gathered information. The malware only begins to broadcast back to the C&C servers once it’s been launched—and deletion of data on the targeted network has already begun. This likely triggered by a hard coded time in the code. This type of malware is consistent with a watering hole or spear phishing attack. The C&C servers the malware connects to were used previous by a piece of malware known as DarkSeoul which North Korea used to attack South Korea previously.
Third data leak. This one contains all of Sony Pictures’ financial information. Bloomberg reports that the initial data breach occurred at a hotel in Thailand where a Sony executive was staying. This is likely the source of the inside information about Sony’s network.
Another leak, this one was just posted to pastebin before quickly being taken down. This one contains the email archives of two executives: Steve Mosko, President of Sony Pictures Television and Amy Pascal, Co-Chairman, Sony Pictures Entertainment and Chairman, Sony Pictures Entertainment Motion Picture Group. There’s some confusion about the authenticity of this post. The data leaked is authentic but it looks like it came from a different group than the first 3 leaks. It also specifically mentions The Interview, which previous leaks did not. Consensus of the security community seems to be that this was a copycat or disgruntled employee taking advantage of the situation.
Security company Kaspersky releases its report which shows the initial computer virus used in the attack is the same at that used in the Shamoon attack where North Korea went after Saudi Arabia. We are also told that three security certificates used a password of “password”.
The next leak occurs. This one bears the signature of the first three leaks, meaning it is likely genuine. It includes information about Sony’s anti-piracy efforts, entertainment deals in the works, internal procedures related to tracking torrents and other illegal downloading. It also contains a document that outlines Sony’s cooperation with 5 major Internet Service Providers (ISPs) to collect full data for monitoring illegal downloads.
On the same day the attacker behind the December 8th leaks releases another set of emails, these belonging to Leah Weil, Senior Executive Vice President and General Counsel for Sony Pictures Entertainment. They seem to be trying to piggyback onto the real leak. This is completely off topic but I wanted to mention the through these emails we learned that George Clooney is apparently the only person working with or for Sony that understand information security.
News stories proliferate.
The next authentic leak. This one contains internal documents for tracking deals, expenditures, and revenue. It also contains information about the state of all deals Sony is currently working on. While previous leaks were initially seeded in China, this one was initially seeded in Taipei, Taiwan.
At this point IT workers at Sony begin anonymously talking to the press. They paint a picture of a company with an outdated network, lax security standards, and an unwillingness to hire quality professionals in IT and software development (believing top talent in these areas to be “too expensive”). They also describe a very traditional big corporate office environment in which things like “ass in chair” time spent at work is valued over results. Most promotions seem to be driven by office politics not talent.
There’s been many media articles, speculation, theories, and controversy. For weeks Sony has been fighting the leaks via takedown notices, hacking of their own, and pleas in the media. They activate their “cybercrime” insurance which provides them with $65 million in coverage. They cancel most media appearances in promotion of the film.
A group of individuals makes threats of violence at US movie theaters which show The Interview. These are different in style, content, and tone than all communications from the actual hacker. They seem obviously fake, created by pranksters to take advantage of the tense situation. Regardless almost every theater chains pulls the movie from their schedule.
In an show of incredibly lazy journalism many media outlets (lead by Wired) publish stories stating that North Korea was not behind any of the hacking. These mix together the details of several attacks and treat all leaks (both credible and not) as coming from the same actor. At the same time more respectable media outlets like the NY Times, The Wall St. Journal, and The Washington Post publish stories stating that North Korea is “almost certainly” behind the attack and cite a litany of security professionals and confidential government sources.
While all the circumstantial evidence points to North Korea we do lack documented forensic trail that truly establishes some level of attribution with certainty.
Sony cancels The Interview.
They also quietly cancel “Pyongyang” another comedy starring Steve Carell. Produced by company New Regency and directed by Gore Verbinski, the story is based on a graphic novel and follows a Westerner that is accused of espionage in North Korea.
Everyone rushes to put this in a political frame.
An orangutan held in an Argentinian zoo can be freed and transferred to a sanctuary after a court recognised the ape as a “non-human person” unlawfully deprived of its freedom, local media reported on Sunday.
Animal rights campaigners filed a habeas corpus petition – a document more typically used to challenge the legality of a person’s detention or imprisonment – in November on behalf of Sandra, a 29-year-old Sumatran orangutan at the Buenos Aires zoo.
In a landmark ruling that could pave the way for more lawsuits, the Association of Officials and Lawyers for Animal Rights (Afada) argued the ape had sufficient cognitive functions and should not be treated as an object.
The court agreed Sandra, born into captivity in Germany before being transferred to Argentina two decades ago, deserved the basic rights of a “non-human person”.
“This opens the way not only for other Great Apes, but also for other sentient beings which are unfairly and arbitrarily deprived of their liberty in zoos, circuses, water parks and scientific laboratories,” the daily La Nacion newspaper quoted Afada lawyer Paul Buompadre as saying.
Yankee owner George Steinbrenner died in 2010, but his appreciation for the men and women in blue who protect New York City lives on.
For 32 years, Steinbrenner’s Yankee Silver Shield Foundation has provided for the education of the children of New York City police officers, firemen and Port Authority employees who died in the line of duty, and will do so for the family of NYPD officer Rafael Ramos, gunned down by a cold-blooded killer Saturday along with his partner, Wenjian Liu.
BT, Sky, and Virgin Media are hijacking people’s web connections to force customers to make a decision about family-friendly web filters. The move comes as the December deadline imposed by prime minister David Cameron looms, with ISPs struggling to get customers to say yes or no to the controversial adult content blocks.
The messages, which vary by ISP, appear during browser sessions when a user tries to access any website. BT, Sky,TalkTalk and Virgin Media are required to ask all their customers if they want web filters turned on or off, with the government saying it wants to create a “family friendly” Internet free from pornography, gambling, extreme violence and other content inappropriate for children. But the measures being taken by ISPs have been described as “completely unnecessary” and “heavy handed” by Internet rights groups.
The hijacking works by intercepting requests for unencrypted websites and rerouting a user to a different page. ISPs are using the technique to communicate with all undecided customers. Attempting to visit WIRED.co.uk, for example, could result in a user being redirected to a page asking them about web filtering. ISPs cannot intercept requests for encrypted websites in the same way.
It almost sounds like we need to re-engineer every useful protocol such as http into something distribution, onion-layered, encrypted by default.
THE RATE of uninsured Americans is down. The once-inexorable ballooning of health-care costs has slowed. And, the Department of Health and Human Services recently announced , U.S. hospitals are making fewer errors, adding to a previous finding that hospitals have significantly cut patient readmissions.
The Affordable Care Act isn’t responsible for all of this, but it is helping. Certainly these and other signs of progress make clear that the ACA is not destroying U.S. health care, contrary to critics’ assertions. There is no good case for the law’s repeal or modification in the ways Republican leaders have proposed. The latest news, though, does point out one of several modest changes Congress could make — if the debate on the ACA were more reasonable.
A US pastor who leads a church which preaches against homosexuality has been arrested for…
The new defense spending bill includes $120 million for tanks that the Army has repeatedly said it doesn’t want.
For three years, the Army in numerous Congressional hearings has pushed a plan that essentially would have suspended tank building and upgrades in the U.S. for the first time since World War II. The Army suggested that production lines could be kept open through foreign sales.
Each time, Congress has pushed back. Last week, Congress won again in the National Defense Authorization Act (NDAA) for Fiscal Year 2015.
In music, there are people who want to supply music and there are people who want to listen to it. The problem is that the competition for listener’s attention is intense. That’s the core of the economics of the industry. If there is a fundamental imbalance in competition — in this case, favouring listeners — you can’t assume that suppliers will get much. Unless, of course, the suppliers can supply something else that is scarce — for instance, connections through online communities or, mostly likely, through concerts. The Eagles — yes, The Eagles from the 1970s — earned $100 million last year. I don’t recall any Number One albums from them. It was all from other stuff.
While everything is made up of electrons, protons and other particles that obey the bizarre rules of quantum mechanics (among them, the possibility of particles existing in two places simultaneously), collisions, vibrations and so on within a material generally prevent such “trickery” affecting an object as a whole. As the authors point out: “The weird quantum stuff that happens at the level of the very small doesn’t usually make a difference to the big stuff like cars or toasters that we see and use every day.”
But life, it seems, is different. Indeed the internal compass that enables female robins to migrate in the winter relies on a curious capability that wouldn’t sound out of place in an X-Men line-up: magnetoreception. The theory goes that the eye of a robin contains a chemical that, when it absorbs light of the right energy, can shuffle its electrons around. This shuffling creates a system that exists, thanks to some quantum jiggery-pokery, in two forms at once – each of which leads to a different outcome in the reaction that follows. Which form predominates, and hence which outcome is more likely, is influenced by the angle of the Earth’s magnetic field, allowing the robin to detect if it is heading towards the equator or away from it.
I ended 2013 by compiling something slightly unusual: a list of some of the good news you might have missed. I thought it was a pretty good note to end the year on, and people seemed to like reading about some of the ways the world is becoming a better place. This year, I thought I’d do it again.
Of course, we can’t ignore the fact that it’s been a turbulent year, in the United States and many other countries. But it’s worth taking a moment to celebrate some of the good news too. More children are surviving than ever before. We’re making progress against some of the world’s deadliest diseases. These are some of the most fundamental ways to measure the world’s progress—and by that measure, 2014 was definitely another good year.
German researchers have discovered security flaws that could let hackers, spies and criminals listen to private phone calls and intercept text messages on a potentially massive scale – even when cellular networks are using the most advanced encryption now available.
The flaws, to be reported at a hacker conference in Hamburg this month, are the latest evidence of widespread insecurity on SS7, the global network that allows the world’s cellular carriers to route calls, texts and other services to each other. Experts say it’s increasingly clear that SS7, first designed in the 1980s, is riddled with serious vulnerabilities that undermine the privacy of the world’s billions of cellular customers.
The flaws discovered by the German researchers are actually functions built into SS7 for other purposes – such as keeping calls connected as users speed down highways, switching from cell tower to cell tower – that hackers can repurpose for surveillance because of the lax security on the network.
Scotland Yard has said claims by a witness that a “VIP” sex abuse ring murdered three boys are “credible and true”.
The allegations made by the witness, known by the pseudonym Nick, have triggered a murder investigation.
Police said the alleged abuse by a Westminster-based paedophile ring lasted a decade at locations across London and the Home Counties, including military premises.
Det Supt Kenny McDonald, who is leading the homicide inquiry, told a press conference on Thursday that detectives believed the witness’s claims.
Last week, Congress passed the Death in Custody Reporting Act of 2013. Currently awaiting Obama’s signature, it mandates that states receiving federal criminal justice assistance grants report, by gender and race, all deaths that occur in law enforcement custody, including any while a person is being detained or arrested. This would include events like the deaths of Eric Garner and Michael Brown, says Sen. Richard Blumenthal (D-Conn.), a sponsor of the bill, in an interview with Mother Jones.
The bill also mandates that federal law enforcement agencies annually gather and report these deaths to the US attorney general, who in turn has two years to analyze the data, determine if and how it can be used to reduce the number of such deaths, and file a report to Congress.
Last week, we wrote about how some of the leaked emails from the Sony hack revealed that the MPAA was funding and coordinating various Attorneys General attacks on Google, even over topics that have nothing to do with copyright infringement. In response, Mississippi AG Jim Hood told the Huffington Post that he barely knows anyone at the MPAA, and has no idea who their lawyers are — and that the MPAA has “no major influence” on what he’s working on:
Hood said the MPAA “has no major influence on my decision-making,” although he noted that content creators occasionally provide reports and advice to him. “They’re just reporting wrongdoing. There’s nothing unusual about that,” he said. Hood said he has never asked MPAA a legal question, isn’t sure which lawyers they employ, and doesn’t think he’s ever met the organization’s general counsel.
Okay. Now keep that above paragraph in mind as you read the latest report from the NY Times, in which reporters Nick Wingfield and Eric Lipton (who just a few months ago had written that big article on questionable lobbying of Attorneys General) dig deeper into the Sony emails concerning the MPAA and AGs Jim Hood and Jon Bruning from Nebraska. The Times also uses some public records requests to show that the infamous letter that Hood sent to Google was almost entirely written by the MPAA’s lawyers. You can see the whole thing at the link, but this thumbnail shows a pretty long letter with the only parts actually written by Hood’s office being the intro at the top in green and a few minor word choices. All the rest came from the MPAA’s lawyers at Jenner and Block.
Recommendations made on medical talk shows often lack adequate information on specific benefits or the magnitude of the effects of these benefits. Approximately half of the recommendations have either no evidence or are contradicted by the best available evidence. Potential conflicts of interest are rarely addressed. The public should be skeptical about recommendations made on medical talk shows.
Tussen niemendalletje en blankebabybilletjesprivilege
Geef het Dictee terug aan de kijker, kopte De Telegraaf vorig jaar. Daar schrok het Dictee wel even van. De genuttigde zwezeriken lagen plotseling zwaar op de maag. Maar na een medoc te hebben gedronken, toog het Dictee alsnog welgemoed aan de slag.
Dames en heren thuis en in deze parlementariërsruimte, bij dezen proficiat: u hebt, onder toeziend oog van koning Willy de Tweede, nog steeds nul fouten in uw brossel!
O, als gisteren herinner ik me het eerste Dictee: na aankomst in een havelock met andere BN’ers bij de Eerste Kamer der Staten-Generaal bekroop me het rodelopergevoel. Een halfuurtje later kwam een kokospalm voorbij, en zee-egels uit het Middellandse Zeegebied en een kasuaris en nochtans; en apensoort, apenrots en apekool: een taalkundig houtenjassenpark, en kookte ik vanbinnen want ik kende de Van Dale niet vanbuiten.
De oe’s en a’s waren niet van de lucht tijdens dat gillendekeukenmeidenvertoon van het Nederlands.
Sindsdien hebben we ongelooflijk veel geleerd: aanwensel, bespioneren, ge-sms’t en kippenragout kennen voor ons bollebozen geen trubbels meer, en ook uitentreuren, hawaïshirt of gestrest en een rock-‘n-rolllegende in goeden doen spellen wij foutloos.
Ooit mocht ik het Kinderdictee schrijven en vergastte de bollewangenhapsnoeten op de oeioeimachine, een perubalsempopulier en een tafa of West-Australische penseelstaartbuidelmuis; een gribbelgrabbel van woorden, alle uit de Dikke Van Dale, de toverballenautomaat van onze taal.
Sla de Dikke willekeurig open en ontdek de geheimenissen van de brougham, een gesloten rijtuig voor twee personen getrokken door één paard; blader door die Ali Babataalschatkamer en ontdek dat een turbe een menigte is, en een turco een Noord-Afrikaanse inlandse tirailleur in Franse krijgsdienst.
Dat was het jubileumdictee. Rest de vraag: wilt u de komende jaren meer of minder dicteeën? Het antwoord moet wel luiden: ‘Meer! Meer! Meer!’
“I was taught that justice is a right that every American should have. Also justice should be the goal of every American. I think that’s what makes this country. To me, justice means the innocent should be found innocent. It means that those who do wrong should get their due punishment. Ultimately, it means fair treatment. So a call for justice shouldn’t offend or disrespect anybody. A call for justice shouldn’t warrant an apology.
The Islamic State has, believe it or not, released a shocking guidebook on how to treat its female sex slaves. Something out of the dark, middle ages, this guidebook makes your flesh crawl and fill you with disgust.
Since 2012, NASA’s Voyager 1 spacecraft has experienced three ‘tsunami waves’ in interstellar space. The most recent, which reached the spacecraft earlier this year, is still propagating outward according to new data. It is the longest-lasting shock wave that researchers have seen in interstellar space.
“Most people would have thought the interstellar medium would have been smooth and quiet. But these shock waves seem to be more common than we thought,” said Don Gurnett, professor of physics at the University of Iowa in Iowa City. Gurnett presented the new data Monday, Dec. 15 at the American Geophysical Union meeting in San Francisco.
Recently, Republican hawks in Washington protested loudly against the release of that Senate report, suggesting that it should be suppressed lest it “inflame” our enemies. The real question isn’t, however, about them at all, it’s about us. Why won’t the release of this report inflame Americans, given what their government has done in their names?
Police asked a university to hand over a list of members of the public who were due to attend a public debate on its campus.Canterbury Christ Church University, which had invited experts to debate the merits of fracking in an open forum, refused to hand over the list, and the police request has drawn sharp criticism, with one of the panellists branding it deplorable.
When I learned that the Intelligence Authorization Act for FY 2015 was being rushed to the floor for a vote—with little debate and only a voice vote expected (i.e., simply declared “passed” with almost nobody in the room)—I asked my legislative staff to quickly review the bill for unusual language. What they discovered is one of the most egregious sections of law I’ve encountered during my time as a representative: It grants the executive branch virtually unlimited access to the communications of every American.
The Pirate Bay was deep-sixed this week in its home port of Stockholm, Sweden, after cops raided a data center hosting the world’s most famous piracy organization. But its absence appears to have put hardly a dent in global piracy activity over the last four days.
On Monday, Dec. 8, a total of 101.5 million Internet addresses worldwide were engaged in torrent downloads of relevant titles tracked by anti-piracy firm Excipio (including movies, TV shows, music, videogames, software and other digital media). On Dec. 9, Swedish law-enforcement authorities — acting on a complaint from an anti-piracy group based in the country — descended on a Web-hosting facility used by Pirate Bay and confiscated its servers and other equipment.
The result: The total number of IP addresses engaged in peer-to-peer downloads of content tracked by Excipio dropped slightly from 99.0 million on Dec. 9 to 95.0 million and 95.6 million the following two days, before bouncing back to 100.2 million on Friday, Dec. 12. That’s roughly in line with the daily average of 99.9 million since Nov. 1, according to Excipio.
The new findings of the Rosetta mission make it more likely that Earth got its water from asteroid-like bodies closer to our orbit and/or that Earth could actually preserve at least some of its original water in minerals and at the poles.