Txch This Week: Autonomous Trains And "Magic Wand" Technology

image

by Jared Kershner

We dedicated much of this week on Txchnologist to Nobel Prize announcements for the world’s most groundbreaking discoveries in physics, chemistry and physiology or medicine. We witnessed three neuroscientists be honored for uncovering how the brain understands where the body is in space. John O’Keefe, May-Britt Moser and Edvard Moser revealed the positioning system or “inner GPS” in the brain that makes it possible to orient ourselves and remember places we’ve been.

The physics Nobel recognized the revolution in artificial lighting ushered in by LEDs. The three winners this year allowed white light to be created in a new way by figuring out how to produce blue-light LEDs, creating longer-lasting and more efficient alternatives to older light sources. Their discovery is bound to impact global energy demand and improve the lives of billions living in poverty with no access to electricity beyond unhealthy light sources such as burning kerosene. 

Outside of the Nobel frenzy, NASA plans on a December launch for the Orion capsule on its first space flight aboard the Delta IV Heavy rocket. This vehicle – expected one day to carry astronauts as far as Mars – will perform its first mission unmanned as a test flight for fact-finding on how it will safely convey astronauts in future explorations.

Now we’re bringing you the news and trends we’ve been following this week in the world of science, technology and innovation.

Read More

そもそもLINEは自社のWEBに主要株主を書いていない(探したけど見つからなかった)。書けよ!

Don’t Read This Story on Public WiFi

By Maurits Martijn, Matter, Oct. 15, 2014
Translated from Dutch by Jona Meijers

In his backpack, Wouter Slotboom, 34, carries around a small black device, slightly larger than a pack of cigarettes, with an antenna on it. I meet Wouter by chance at a random café in the center of Amsterdam. It is a sunny day and almost all the tables are occupied. Some people talk, others are working on their laptops or playing with their smartphones.

Wouter removes his laptop from his backpack, puts the black device on the table, and hides it under a menu. A waitress passes by and we ask for two coffees and the password for the WiFi network. Meanwhile, Wouter switches on his laptop and device, launches some programs, and soon the screen starts to fill with green text lines. It gradually becomes clear that Wouter’s device is connecting to the laptops, smartphones, and tablets of local cafe visitors.

On his screen, phrases like “iPhone Joris” and “Simone’s MacBook” start to appear. The device’s antenna is intercepting the signals that are being sent from the laptops, smartphones, and tablets around us.

More text starts to appear on the screen. We are able to see which WiFi networks the devices were previously connected to. Sometimes the names of the networks are composed of mostly numbers and random letters, making it hard to trace them to a definite location, but more often than not, these WiFi networks give away the place they belong to.

We learn that Joris had previously visited McDonald’s, probably spent his vacation in Spain (lots of Spanish-language network names), and had been kart-racing (he had connected to a network belonging to a well-known local kart-racing center). Martin, another café visitor, had been logged on to the network of Heathrow airport and the American airline Southwest. In Amsterdam, he’s probably staying at the White Tulip Hostel. He had also paid a visit to coffee shop called The Bulldog.

Session 1: Let everyone connect to our fake network.
The waitress serves us our coffee and hands us the WiFi password. After Slotboom is connected, he is able to provide all the visitors with an internet connection and to redirect all internet traffic through his little device.

Most smartphones, laptops, and tablets automatically search and connect to WiFi networks. They usually prefer a network with a previously established connection. If you have ever logged on to the T-Mobile network on the train, for example, your device will search for a T-Mobile network in the area.

Slotboom’s device is capable of registering these searches and appearing as that trusted WiFi network. To demonstrate, I suddenly see the name of my home network appear on my iPhone’s list of available networks, as well as my workplace, and a list of cafes, hotel lobbies, trains, and other public places I’ve visited. My phone automatically connects itself to one of these networks, which all belong to the black device.

Slotboom can also broadcast a fictitious network name, making users believe they are actually connecting to the network of the place they’re visiting. For example, if a place has a WiFi network consisting of random letters and numbers (Fritzbox xyz123), Slotboom is able to provide the network name (Starbucks). People, he says, are much more willing to connect to these.

We see more and more visitors log on to our fictitious network. The siren song of the little black device appears to be irresistible. Already 20 smartphones and laptops are ours. If he wanted to, Slotboom is now able to completely ruin the lives of the people connected: He can retrieve their passwords, steal their identity, and plunder their bank accounts. Later today, he will show me how. I have given him permission to hack me in order to demonstrate what he is capable of, though it could be done to anyone with a smartphone in search of a network, or a laptop connecting to a WiFi network.

Everything, with very few exceptions, can be cracked.

The idea that public WiFi networks are not secure is not exactly news. It is, however, news that can’t be repeated often enough. There are currently more than 1.43 billion smartphone users worldwide and more than 150 million smartphone owners in the U.S. In the U.S., more than 92 million American adults own a tablet and more than 155 million own a laptop. Each year the worldwide demand for more laptops and tablets increases. In 2013, an estimated 206 million tablets and 180 million laptops were sold worldwide. Probably everyone with a portable device has once been connected to a public WiFi network: while having a coffee, on the train, or at a hotel.

The good news is that some networks are better protected than others; some email and social media services use encryption methods that are more secure than their competitors. But spend a day walking in the city with Wouter Slotboom, and you’ll find that almost everything and everyone connected to a WiFi network can be hacked. A study from threat intelligence consultancy, Risk Based Security, estimates that more than 822 million records were exposed worldwide in 2013, including credit card numbers, birth dates, medical information, phone numbers, social security numbers, addresses, user names, emails, names, and passwords. Sixty-five percent of those records came from the U.S. According to IT security firm Kaspersky Lab, in 2013 an estimated 37.3 million users worldwide and 4.5 million Americans were the victim of phishing—or pharming—attempts, meaning payment details were stolen from hacked computers, smartphones, or website users.

Report after report shows that digital identity fraud is an increasingly common problem. Hackers and cybercriminals currently have many different tricks at their disposal. But the prevalence of open, unprotected WiFi networks does make it extremely easy for them. The National Cyber Security Center, a division of the Ministry of Security and Justice, did not issue the following advice in vain: “It is not advisable to use open WiFi networks in public places. If these networks are used, work or financial related activities should better be avoided.”

Slotboom calls himself an “ethical hacker,” or one of the good guys; a technology buff who wants to reveal the potential dangers of internet and technology. He advises individuals and companies on how to better protect themselves and their information. He does this, as he did today, usually by demonstrating how easy it is to inflict damage. Because really, it’s child’s play: The device is cheap, the software for intercepting traffic is very easy to use, and readily available for downloaded. “All you need is 70 Euros, an average IQ, and a little patience,” he says. I will refrain from elaborating on some of the more technical aspects, such as equipment, software, and apps needed to go about hacking people.

Session 2: Scanning for name, passwords, and sexual orientation.
Armed with Slotboom’s backpack, we move to a coffeehouse that is known for the beautiful flowers drawn in the foam of the lattes, and as a popular spot for freelancers working on laptops. This place is now packed with people concentrating on their screens.

Slotboom switches on his equipment. He takes us through the same steps, and within a couple of minutes, 20 or so devices are connected to ours. Again we see their Mac-addresses and login history, and in some cases their owners names. At my request, we now go a step further.

Slotboom launches another program (also readily available for download), which allows him to extract even more information from the connected smartphones and laptops. We are able to see the specifications of the mobile phone models (Samsung Galaxy S4), the language settings for the different devices, and the version of the operating system used iOS 7.0.5).

The latter can be extremely valuable information for a malicious hacker. If a device has an outdated operating system, for example, there are always known “bugs,” or holes in the security system that can be easily exploited. With this kind of information, you have what you need to break into the operating system and take over the device. A sampling of the coffeehouse customers reveals that none of the connected devices have the latest version of the operating system installed. For all these legacy systems, a known bug is listed online.

We can now see some of the actual internet traffic of those around us. We see that someone with a MacBook is browsing the site Nu.nl. We can see that many devices are sending documents using WeTransfer, some are connecting to Dropbox, and some show activity on Tumblr. We see that someone has just logged on to FourSquare. The name of this person is also shown, and, after googling his name, we recognize him as the person sitting just a few feet away from us.

Information comes flooding in, even from visitors who are not actively working or surfing. Many email programs and apps constantly make contact with their servers—a necessary step for a device to retrieve new emails. For some devices and programs, we are able to see what information is being sent, and to which server.

And now it’s getting really personal. We see that one visitor has the gay dating app Grindr installed on his smartphone. We also see the name and type of the smartphone he’s using (iPhone 5s). We stop here, but it would be a breeze to find out to who the phone belongs to. We also see that someone’s phone is attempting to connect to a server in Russia, sending the password along with it, which we are able to intercept.

Session 3: Obtaining information on occupation, hobbies, and relational problems.
Many apps, programs, websites, and types of software make use of encryption technologies. These are there to ensure that the information sent and received from a device is not accessible to unauthorized eyes. But once the user is connected to Slotboom’s WiFi network, these security measures can be circumvented relatively easily, with the help of decryption software.

To our shared surprise, we see an app sending personal information to a company that sells online advertising. Among other things, we see the location data, technical information of the phone, and information of the WiFi network. We can also see the name (first and last) of a woman using the social bookmarking website, Delicious. Delicious allows users to share websites—bookmarks—they are interested in. In principle, the pages that users of Delicious share are available publicly, yet we can’t help feeling like voyeurs when we realize just how much we are able to learn about this woman on the basis of this information.

First we google her name, which immediately allows us to determine what she looks like and where in the coffeehouse she is sitting. We learn that she was born in a different European country and only recently moved to the Netherlands. Through Delicious we discover that she’s been visiting the website of a Dutch language course and she has bookmarked a website with information on the Dutch integration course.

In less than 20 minutes, here’s what we’ve learned about the woman sitting 10 feet from us: where she was born, where she studied, that she has an interest in yoga, that she’s bookmarked an online offer for an anti-snore mantras, recently visited Thailand and Laos, and shows a remarkable interest in sites that offer tips on how to save a relationship.

Slotboom shows me some more hacker tricks. Using an app on his phone, he is able to change specific words on any website. For example, whenever the word “Opstelten” (the name of a Dutch politician) is mentioned, people see the word “Dutroux” (the name of a convicted serial killer) rendered on the page instead. We tested it and it works. We try another trick: Anyone loading a website that includes pictures gets to see a picture selected by Slotboom. This all sounds funny if you’re looking for some mischief, but it also makes it possible to load images of child pornography on someone’s smartphone, the possession of which is a criminal offense.

We visit yet another cafe. My last request to Slotboom is to show me what he would do if he wanted to really harm me. He asks me to go to Live.com (the Microsoft email site) and enter a random username and password. A few seconds later, the information I just typed appears on his screen. “Now I have the login details of your email account,” Slotboom says. “The first thing I would do is change the password of your account and to indicate to other services you use that I have forgotten my password. Most people use the same email account for all services. And those new passwords will then be sent to your mailbox, which means I will have them at my disposal as well.” We do the same for Facebook: Slotboom is able to intercept the login name and password I entered with relative ease.

Another trick that Slotboom uses is to divert my internet traffic. For example, whenever I try to access the webpage of my bank, he has instructed his program to re-direct me to a page he owns: a cloned site that appears to be identical to the trusted site, but is in fact completely controlled by Slotboom. Hackers call this DNS spoofing. The information I entered on the site is stored on the server owned by Slotboom. Within 20 minutes he’s obtained the login details, including passwords for my Live.com, SNS Bank, Facebook, and DigiD accounts.

I will never again be connecting to an insecure public WiFi network without taking security measures.

The police have never had the power to listen in on every conversation, to spy upon every interaction. No system that can only sustain itself by arrogating these powers can possibly be called ‘just.’
— 

Cory Doctorow in The Guardian. Crypto wars redux: why the FBI’s desire to unlock your private life must be resisted

In 1995, the US government tried – and failed – to categorise encryption as a weapon. Today, the same lines are being drawn and the same tactics repeated as the FBI wants to do the same. Here’s why they are wrong, and why they must fail again

Tim Cook Meets With Top Chinese Official After iCloud Hack

Tim Cook Meets With Top Chinese Official After iCloud Hack

Just two days after China was accused of trying to steal Chinese users’ iCloud logins and passwords with a sophisticated cyberattack, Apple CEO Tim Cook traveled there for a high-level meeting with a government official. Details of the meeting are murky, but Cook met with Chinese Vice Premier Ma Kai on Wednesday to exchange “views on protection of users’ information, and “views on strengthening…

View On WordPress

A Revolution in Payment Systems; Biometric Experts Talk about Apple Pay and Smart Wallets

Investorideas.com (www.investorideas.com), a financial news source covering leading sectors including biometrics and mobile tech, issues follow-up commentary from biometric experts following the official launch of Apple Pay. Alan Goode of Goode Intelligence, Janice Kephart, founder of the Secure Identity and Biometrics Association (SIBA) and Gino Pereira, CEO of NXT-ID (NASDAQ: NXTD) a company introducing its own biometric smart wallet, talk about the controversial launch that is shaking up the payment industry.

http://www.investorideas.com/news/2014/technology/10221.asp

Eye on the Triangle
  • Eye on the Triangle
  • WKNC 88.1 FM Raleigh
Play

EOT150 Optimizing Food Bank Distribution 10/7/14                             

Eye on the Triangle is WKNC’s weekly public affairs programming, with news, interviews, opinion, weather, sports, arts, music, events, and issues that matter to NCSU, Raleigh, and the Triangle.  This week on EOT:

Contributor Michaela brings a lot of local news for our listeners, including some sustainability talk, NC State’s cybersecurity events this month, and the changes to North Carolina’s voting laws.

Here at NC State, we have a large variety of majors, and Industrial & Systems Engineering is just one of them. A professor in the department is part of an incredible effort to help local food banks optimize their food distribution.

Listen to all this, plus news beyond the headlines from Sydney and our Community Calendar.

Nick Savage and the EOT crew bring you another edition of “Eye on the Triangle,” live each Tuesday at 7 p.m. on WKNC 88.1 FM and wknc.org/listen and available as a downloadable podcast.

http://interviews.wknc.org/eot/EOT150_100714.mp3

Fewer Veterans in Congress

Fewer Veterans in Congress

Morning Coffee is a robust blend of links to news around the internet concerning the Naval Air Station Patuxent River economic community. The opinions expressed here do not necessarily reflect those of the Leader’s owners or staff.

The number of veterans in Congress has been steadily dropping in recent election cycles, but the legislative branch’s veteran count could take an even bigger hitthis…

View On WordPress

China-backed hackers may have infiltrated Apple's iCloud, says Chinese web monitoring group

China-backed hackers may have infiltrated Apple’s iCloud, says Chinese web monitoring group

Apple Inc’s iCloud storage and backup service in China was attacked by hackers trying to steal user credentials, a Chinese web monitoring group said, adding that it believes the country’s government is behind the campaign. Using a method called a “man-in-the-middle” (MITM) attack, unknown hackers interposed their own website between users and Apple’s iCloud server, intercepting data and…

View On WordPress

ProfNet Experts Available on Ebola Virus, Menopause, Holiday Entertaining, More
Via Google Yahoo & Bing News Search Cybersecurity
October 22, 2014 at 06:59PM

NEW YORK, Oct. 17, 2014 /PRNewswire/ — Below are experts from the ProfNet network that are available to discuss timely issues in your coverage area. If you are interested in interviewing any of the experts, please contact them via the contact information at the end of the listing….

Read more: http://ift.tt/1ou8AGW

"Hacking can be ugly. The guy who published the private photos of those celebrities online made headlines everywhere. What he did was not only a violation of these women but it was criminal, and as a hacker I was very saddened by it. I feel like we, the hackers, need better PR to show we’re not all like that… After all I’m in the business of protecting people."

— Parisa Tabriz, M.S. (x) (x)

Text
Photo
Quote
Link
Chat
Audio
Video