spy & security

I lie about my zodiac sign and watch people break down the person I’m not

2.jpg

In what appears to be the first successful hack of a software program using DNA, researchers say malware they incorporated into a genetic molecule allowed them to take control of a computer used to analyze it. […]

To carry out the hack, researchers encoded malicious software in a short stretch of DNA they purchased online. They then used it to gain “full control” over a computer that tried to process the genetic data after it was read by a DNA sequencing machine.  

The researchers warn that hackers could one day use faked blood or spit samples to gain access to university computers, steal information from police forensics labs, or infect genome files shared by scientists.  

{ Technology Review | Continue reading }

‘There is an infinite amount of hope in the universe — but not for us.’ —Kafka

22.jpg

When the National Security Agency began using a new hacking tool called EternalBlue, those entrusted with deploying it marveled at both its uncommon power and the widespread havoc it could wreak if it ever got loose.

Some officials even discussed whether the flaw was so dangerous they should reveal it to Microsoft, the company whose software the government was exploiting, according to former NSA employees who spoke on the condition of anonymity given the sensitivity of the issue.

But for more than five years, the NSA kept using it — through a time period that has seen several serious security breaches — and now the officials’ worst fears have been realized. The malicious code at the heart of the WannaCry virus that hit computer systems globally late last week was apparently stolen from the NSA, repackaged by cybercriminals and unleashed on the world for a cyberattack that now ranks as among the most disruptive in history.

{ Washington Post | Continue reading }

screenshot { Ben Thorp Brown, Drowned World, 2016 }

When that hark from the air said it was Captain Finsen

22.jpg

The travel booking systems used by millions of people every day are woefully insecure and lack modern authentication methods. This allows attackers to easily modify other people’s reservations, cancel their flights and even use the refunds to book tickets for themselves.

{ Computer World | Continue reading }

related { By posting a picture of your boarding pass online, you may be giving away more information than you think }

‘Genius presupposes some disorder.’—Diderot

657.jpg

Someone Is Learning How to Take Down the Internet

Recently, some of the major companies that provide the basic infrastructure that makes the Internet work have seen an increase in DDoS attacks against them. Moreover, they have seen a certain profile of attacks. These attacks are significantly larger than the ones they’re used to seeing. They last longer. They’re more sophisticated. And they look like probing. One week, the attack would start at a particular level of attack and slowly ramp up before stopping. The next week, it would start at that higher point and continue. And so on, along those lines, as if the attacker were looking for the exact point of failure. […]

We don’t know where the attacks come from. The data I see suggests China, an assessment shared by the people I spoke with. On the other hand, it’s possible to disguise the country of origin for these sorts of attacks. The NSA, which has more surveillance in the Internet backbone than everyone else combined, probably has a better idea, but unless the US decides to make an international incident over this, we won’t see any attribution.

{ Bruce Schneier | Continue reading }

polaroid photograph { Andy Warhol, Grapes, 1981 }

Is this a dagger which I see before me, the handle toward my hand?

32.jpg

The June 5 escape from Clinton was planned and executed by two particularly cunning and resourceful inmates, abetted by the willful, criminal conduct of a civilian employee of the prison’s tailor shops and assisted by the reckless actions of a veteran correction officer. The escape could not have occurred, however, except for longstanding breakdowns in basic security functions at Clinton and DOCCS executive management’s failure to identify and correct these deficiencies.

[…]

Using pipes as hand- and foot-holds, Sweat and Matt descended three tiers through a narrow space behind their cells to the prison’s subterranean level. There they navigated a labyrinth of dimly lit tunnels and squeezed through a series of openings in walls and a steam pipe along a route they had prepared over the previous three months. When, at midnight, they emerged from a manhole onto a Village of Dannemora street a block outside the prison wall, Sweat and Matt had accomplished a remarkable feat: the first escape from the high-security section of Clinton in more than 100 years.

[…]

In early 2015, the relationships deepened and Mitchell became an even more active participant in the escape plot, ultimately agreeing to join Sweat and Matt after their breakout and drive away with them. In addition to smuggling escape tools and maps, Mitchell agreed to be a conduit to obtain cash for Matt and gathered items to assist their flight, including guns and ammunition, camping gear, clothing, and a compass. Even as she professed her love for Sweat in notes she secretly sent him, Mitchell engaged in numerous sexual encounters with Matt in the tailor shop. These included kissing, genital fondling, and oral sex.

[…]

The Inspector General is compelled to note that this investigation was made more difficult by a lack of full cooperation on the part of a number of Clinton staff, including executive management, civilian employees, and uniformed officers. Notwithstanding the unprecedented granting of immunity from criminal prosecution for most uniformed officers, employees provided testimony under oath that was incomplete and at times not credible. Among other claims, they testified they could not recall such information as the names of colleagues with whom they regularly worked, supervisors, or staff who had trained them. Several officers, testifying under oath within several weeks of the event, claimed not to remember their activities or observations on the night of the escape. Other employees claimed ignorance of security lapses that were longstanding and widely known.

{ State of New York, Office of the Inspector General | Continue reading }

photo { Chisels, punch, hacksaw blade pieces, and unused drill bits left by Sweat in tunnel }

I’m tryna live my life and you’re just tryna drag me down

21.jpg

Facebook could be listening in on people’s conversations all of the time, an expert has claimed. The app might be using people’s phones to gather data on what they are talking about.

Professor Burns has said that the tool appears to be using the audio it gathers not simply to help out users, but might be doing so to listen in to discussions and serve them with relevant advertising. She says that to test the feature, she discussed certain topics around the phone and then found that the site appeared to show relevant ads.

Facebook says that its app does listen to what’s happening around it, but only as a way of seeing what people are listening to or watching and suggesting that they post about it.

{ Independent | Continue reading }

unrelated { How Facebook is Stealing Billions of Views }

photo { Marcus Ohlsson }

The defender must build a perfect wall to keep out all intruders, while the offense need find only one chink in the armor through which to attack

4.jpg

The air-support division of the Los Angeles Police Department operates out of a labyrinthine building on Ramirez Street in the city’s downtown, near the Los Angeles River. […]

The division began with a single helicopter in 1956, and it now has 19 in all, augmented by a King Air fixed-wing plane. The aircrews operate in a state of constant readiness, with at least two helicopters in flight at any given time for 21 hours of every day. A ground crew is suited up and on call for the remaining three, between 5 a.m. and 8 a.m. On weekends, considered peak hours, the number of airborne helicopters goes up to three, although in a crisis the division might send as many as four or five “ships” up at once. […]

The heavily restricted airspace around Los Angeles International Airport, Burdette pointed out, has transformed the surrounding area into a well-known hiding spot for criminals trying to flee by car. Los Angeles police helicopters cannot always approach the airport because of air-traffic-control safety concerns. Indeed, all those planes, with their otherwise-invisible approach patterns across the Southern California sky, have come to exert a kind of sculptural effect on local crimes across the city: Their lines of flight limit the effectiveness of police helicopter patrols and thus alter the preferred getaway routes.

{ NY Times | Continue reading }

painting { Michael Chow }

‘Clocks can never be pushed back. It’s all a lie. And now it’s dark.’ —Daylight Saving Time

8.jpg

A top Chinese military contractor is building a data analytics platform to help authorities identify terrorists before they strike. […]

So far, more data has just meant more noise, security experts say.. […]

Since the Mao era, the government has kept a secret file, called a dang’an, on almost everyone. Dang’an contain school reports, health records, work permits, personality assessments, and other information that might be considered confidential and private in other countries. The contents of the dang’an can determine whether a citizen is eligible for a promotion or can secure a coveted urban residency permit. The government revealed last year that it was also building a nationwide database that would score citizens on their trustworthiness.

{ Bloomberg | Continue reading }

Wildlife binoculars, tell me that you want me

39.jpg

Please notice how the Director of the NSA, unlike the vociferous FBI director, has been relatively silent. With a budget on the order of $10 billion at its disposal the NSA almost certainly has something equivalent to what the courts have asked Apple to create. The NSA probably doesn’t want to give its bypass tool to the FBI and blow its operational advantage.

{ Counterpunch | Continue reading }

Die Feldgleichungen der Gravitation

51.jpg

We investigate the role of networks of alliances in preventing (multilateral) interstate wars. We first show that, in the absence of international trade, no network of alliances is peaceful and stable. We then show that international trade induces peaceful and stable networks: Trade increases the density of alliances so that countries are less vulnerable to attack and also reduces countries’ incentives to attack an ally.

We present historical data on wars and trade showing that the dramatic drop in interstate wars since 1950 is paralleled by a densification and stabilization of trading relationships and alliances.

Based on the model we also examine some specific relationships, finding that countries with high levels of trade with their allies are less likely to be involved in wars with any other countries (including allies and nonallies), and that an increase in trade between two countries correlates with a lower chance that they will go to war with each other.

{ Proceedings of the National Academy of Sciences | Continue reading }

photo { Mark Cohen, Girl Holding Blackberries, 1975 }

White Sun of the Desert

4.jpg

…the immaculate ultrawhite behind the French doors of a new GE Café Series refrigerator […] the white hood of a 50th anniversary Ford Mustang GT […] the white used to brighten the pages of new Bibles, the hulls of super yachts, the snowy filling inside Oreo cookies […]

All this whiteness is the product of a compound known as titanium dioxide, or TiO2. A naturally occurring oxide, TiO2 is generally extracted from ilmenite ore and was first used as a pigment in the 19th century. In the 1940s chemists at DuPont refined the process until they hit on what’s widely considered a superior form of “titanium white,” which has been used in cosmetics and plastics and to whiten the chalked lines on tennis courts. DuPont has built its titanium dioxide into a $2.6 billion business, which it spun off as part of chemicals company Chemours, in Wilmington, Del., last fall.

A handful of other companies produce TiO2, including Kronos Worldwide in Dallas and Tronox of Stamford, Conn. Chemours and these others will churn out more than 5 million tons of TiO2 powder in 2016. China also produces large amounts of the pigment, and its industries consume about a quarter of the world’s supply. Most of China’s TiO2 plants, however, use a less efficient and more hazardous process than the one developed at DuPont. Starting in the 1990s, if not earlier, China’s government and Chinese state-run businesses began seeking ways to adopt DuPont’s methods. Only they didn’t approach the company to make a formal deal. According to U.S. law enforcement officials, they set out to rip off DuPont.

“At first, you’re like: Why are they stealing the color white?” says Dean Chappell, acting section chief of counterespionage for the FBI.

{ Bloomberg | Continue reading }

oil on wood { Ellsworth Kelly, White Plaque: Bridge Arch and Reflection, 1951-55 }

Which losses do we impose on some to benefit others?

310.jpg

The NSA’s inspector general last year detailed 12 cases of “intentional misuse” of intelligence authorities from 2003 to 2013 […] Those cases included a member of a U.S. military intelligence unit who violated policy by obtaining the communications of his wife, who was stationed in another country. After a military proceeding, the violator was punished by a reduction in rank, 45 days of extra duty and forfeiture of half of his pay for two months, according to the letter. In a 2003 case, a civilian employee ordered intelligence collection “of the telephone number of his foreign-national girlfriend without an authorized purpose for approximately one month” to determine whether she was being faithful to him, according to the letter. The employee retired before an investigation could be completed.

{ Bloomberg | Continue reading }

photo { Olivia Locher, Lucifer Rising, 2014 }