Apple’s first computer called Apple 1, sold at Sotheby’s auction for $374,500. The Apple 1 was made in 1976 by Steve Wozniak. Sold for $666.66 with fully assembled circuit board.
An extremely well attended talk by Hugo Teso, a security consultant at n.runs AG in Germany, about the completely realistic scenario of plane hijacking via a simple Android app has galvanized the crowd attending the Hack In The Box Conference in Amsterdam today.
Teso, who has been working in IT for the last eleven years and has been a trained commercial pilot for a year longer than that, has combined his two interests in order to bring to light the sorry state of security of aviation computer systems and communication protocols.
By taking advantage of two new technologies for the discovery, information gathering and exploitation phases of the attack, and by creating an exploit framework (SIMON) and an Android app (PlaneSploit) that delivers attack messages to the airplanes’ Flight Management Systems (computer unit + control display unit), he demonstrated the terrifying ability to take complete control of aircraft by making virtual planes “dance to his tune.”
One of the two technologies he abused is the Automatic Dependent Surveillance-Broadcast (ADS-B), which sends information about each aircraft (identification, current position, altitude, and so on) through an on-board transmitter to air traffic controllers, and allows aircraft equipped with the technology to receive flight, traffic and weather information about other aircraft currently in the air in their vicinity.
The other one is the Aircraft Communications Addressing and Reporting System (ACARS), which is used to exchange messages between aircraft and air traffic controllers via radio or satellite, as well as to automatically deliver information about each flight phase to the latter. (more…)
Security analysts have detected an ongoing attack that uses a huge number of computers from across the Internet to commandeer servers that run the WordPress blogging application.
The unknown people behind the highly distributed attack are using more than 90,000 IP addresses to brute-force crack administrative credentials of vulnerable WordPress systems, researchers from at least three Web hosting services reported. At least one company warned that the attackers may be in the process of building a “botnet” of infected computers that’s vastly stronger and more destructive than those available today. That’s because the servers have bandwidth connections that are typically tens, hundreds, or even thousands of times faster than botnets made of infected machines in homes and small businesses.
“These larger machines can cause much more damage in DDoS [distributed denial-of-service] attacks because the servers have large network connections and are capable of generating significant amounts of traffic,” Matthew Prince, CEO of content delivery network CloudFlare, wrote in a blog postdescribing the attacks. (more…)
A male engineering student was crossing a road one
day when a frog called out to him and said, “If you kiss
me, I’ll turn into a beautiful princess.” He bent over,
picked up the frog, and put it in his pocket. The frog
spoke up again and said, “If you kiss me and turn me
back into a beautiful princess, I will stay with you for
one week.” The engineering student took the frog out
of his pocket, smiled at it; and returned it to his pocket.
The frog then cried out, “If you kiss me and turn me
back into a princess, I’ll stay with you and do ANYTHING you want.”
Again the boy took the frog out,
smiled at it, and put it back into his pocket. Finally, the
frog asked, “What is the matter? I’ve told you I’m a
beautiful princess, that I’ll stay with you for a week and
do anything you want. Why won’t you kiss me?” The
boy said, “Look I’m an engineer. I don’t have time for a
girlfriend, but a talking frog is cool.”
Interviewer:”If the Earth rotates 30 times faster,
what will happen?”
Candidate:”We will get our salary everyday” :D
The New York Times this morning published a story about the Spamhaus DDoS attack and how CloudFlare helped mitigate it and keep the site online. The Times calls the attack the largest known DDoS attack ever on the Internet. We wrote about the attack last week. At the time, it was a large attack, sending 85Gbps of traffic. Since then, the attack got much worse. Here are some of the technical details of what we’ve seen.
On Monday, March 18, 2013 Spamhaus contacted CloudFlare regarding an attack they were seeing against their website spamhaus.org. They signed up for CloudFlare and we quickly mitigated the attack. The attack, initially, was approximately 10Gbps generated largely from open DNS recursors. On March 19, the attack increased in size, peaking at approximately 90Gbps. The attack fluctuated between 90Gbps and 30Gbps until 01:15 UTC on on March 21.
The attackers were quiet for a day. Then, on March 22 at 18:00 UTC, the attack resumed, peaking at 120Gbps of traffic hitting our network. As we discussed in the previous blog post, CloudFlare uses Anycast technology which spreads the load of a distributed attack across all our data centers. This allowed us to mitigate the attack without it affecting Spamhaus or any of our other customers. The attackers ceased their attack against the Spamhaus website four hours after it started.
Other than the scale, which was already among the largest DDoS attacks we’ve seen, there was nothing particularly unusual about the attack to this point. Then the attackers changed their tactics. Rather than attacking our customers directly, they started going after the network providers CloudFlare uses for bandwidth. More on that in a second, first a bit about how the Internet works.
Peering on the Internet
The “inter” in Internet refers to the fact that it is a collection of independent networks connected together. CloudFlare runs a network, Google runs a network, and bandwidth providers like Level3, AT&T, and Cogent run networks. These networks then interconnect through what are known as peering relationships.
When you surf the web, your browser sends and receives packets of information. These packets are sent from one network to another. You can see this by running a traceroute. Here’s one from Stanford University’s network to the New York Times’ website (nytimes.com):
Internet speed across Pakistan plummeted by nearly 60% on Wednesday when an underwater fiber optic cable was damaged in the Arabian Sea near Karachi.
South East Asia-Middle East-Western Europe (SEA-ME-WE) 4, one of the four submarine cables that connects the country globally via the internet, was damaged around noon on Wednesday – only a couple of weeks following the breakdown of India-Middle East-Western Europe (I-ME-WE) fiber optic cable that has yet to be repaired.
As a result, internet services in the country will likely remain disrupted for an indefinite period. Internet service providers were unable to provide a timeframe on when the problem will be resolved.
Shortly after the disruption, internet users across Pakistan faced a host of problems ranging from intermittent to slow internet connectivity. Many complained that their browsing speed had decreased significantly.
“This is a result of a fault in the undersea cable line to Pakistan through Alexandria, Egypt. The fiber optic undersea cable SEA-ME-WE-4 was affected beyond Egypt for currently unknown reasons,” Wateen Telecom said in a statement. (more…)