The idea that global politics are a terrifying blend of natural disasters, belligerence, and deadly military potential isn't unique to this decade, but holy fuck, did it ever just get weird. Read the rest
Twice now, Londoners have gone to the polls and, for a laugh, voted in "a supposed politician with comedy hair and the manners of a rapey clown." Read the rest
Samy Kamkar has a proof-of-concept attack through which he plugs a small USB stick into an unlocked Mac OS X machine and then quickly and thoroughly compromises the machine, giving him total, stealthy control over the system in seconds, even reprogramming the built-in firewall to blind it to its actions. Read the rest
In a virulently anti-Western and uncharacteristically blunt speech, Russian spy-turned-president Vladimir Putin set out his agenda for Russia and its relationship to "western elites." The speech wasn't widely reported in the west, but Dmitry Orlov has helpfully translated, transcribed and summarized it. Read the rest
A TSA supervisor confiscated Sean Malone's toy ray gun belt buckle at the airport. Malone described the encounter:
"You understand that this is a belt buckle, right? It is not a danger to the safety of anyone nor is it against the law to carry. I have also traveled with this belt buckle all over the country and it's never been a problem. So please explain to me how exactly you would justify taking it."
Her response was to suggest a hypothetical scenario. "What if", she postulated, "you take this object out of your bag and point it - like a gun - at a police officer? He would have no choice to assume that it was a gun, and take action against you."
Now... Let's leave aside for a second that the entire premise behind this argument is that police officers are too dumb and hopped up on their own power that they can't recognize a dangerous weapon from a belt buckle in the shape of a 1950's toy ray gun. I'm glad she recognized this reality, but I don't think she really processed what it says about law enforcement in America. But leaving that aside... Why in the hell would I ever take my belt buckle and point it at a police officer?
To this, she had no answer.
Malone stood his ground, and after insisting that the supervisor talk to *her* supervisor, his belt buckle was returned. Read the rest
When a dark-skinned man sneezed on a plane then joked about having ebola, the flight crew took no chances and called a team in hazardous material suits to escort him off the plane.
The passenger had never been in Africa. He did not have Ebola. Read the rest
Last summer's Black Hat presentation on "Badusb" by Karsten Nohl alerted the world to the possibility that malware could be spread undetectably by exploiting the reprogrammable firmware in USB devices -- now, a second set of researchers have released the code to let anyone try it out for themselves. Read the rest
The Organization for Economic Cooperation and Development -- a pro-establishment, rock-ribbed bastion of pro-market thinking -- has released a report predicting a collapse in global economic growth rates, a rise in feudal wealth disparity, collapsing tax revenue and huge, migrating bands of migrant laborers roaming from country to country, seeking crumbs of work. They prescribe "flexible" workforces, austerity, and mass privatization. Read the rest
Alex sez, "Spacegambit is a hackerspace space program that funds cool space projects around the world. We're now working with NASA on the Asteroid Grand Challenge, with the aim of getting more makers involved in detecting asteroid threats to human populations and figuring out what to do about them. We're running our open call at the moment (closing on 20 May) and looking to fund open-source projects linked with hackerspaces/makerspaces/fablabs/etc." Read the rest
Florida state senator Dwight Bullard thought that a proposed bill to legalize carrying concealed firearms during disaster evacuations was an incredibly stupid idea. So he proposed an amendment to rename the bill "An act relating to the zombie apocalypse." Both the bill and the amendment failed to pass the state legislature.
Scott Erven is head of information security for a healthcare provider called Essentia Health, and his Friday presentation at Chicago's Thotcon, "Just What The Doctor Ordered?" is a terrifying tour through the disastrous state of medical device security.
Wired's Kim Zetter summarizes Erven's research, which ranges from the security of implanted insulin pumps and defibrillators to surgical robots and MRIs. Erven and his team discovered that hospitals are full of fundamentally insecure devices, and that these insecurities are not the result of obscure bugs buried deep in their codebase (as was the case with the disastrous Heartbleed vulnerability), but rather these are incredibly stupid, incredibly easy to discover mistakes, such as hardcoded easy default passwords. For example: surgical robots have their own internal firewall. If you run a vulnerability scanner against that firewall, it just crashes, and leaves the robot wide open.
The backups for image repositories for X-rays and other scanning equipment have no passwords. Drug-pumps can be reprogrammed over the Internet with ease. Defibrillators can be made to deliver shocks -- or to withhold them when needed. Doctors' instructions to administer therapies can be intercepted and replayed, adding them to other patients' records. You can turn off the blood fridge, crash life-support equipment and reset it to factory defaults. The devices themselves are all available on the whole hospital network, so once you compromise an employee's laptop with a trojan, you can roam free. You can change CT scanner parameters and cause them to over-irradiate patients.
The one bright spot is that anaesthesia and ventilators are not generally networked and are more secure. Read the rest
By an amazing coincidence, the worst terrorist attack that never happened since 9/11 is not happening right now, proving that everyone who was worried about out-of-control NSA spying had lost the plot. Which is ZOMGTERRISM. So 28 US diplomatic posts have been evacuated (that is to say, "experienced an ordered departure"), including ones in places like Mauritius or Madagascar, where al Qaeda has nefariously never operated as part of its devious plan to lure everyone there into a false sense of security.
Well, some people are cynical and just don't believe it, despite all the overwhelming secret evidence that we're not allowed to see or know about or hear about or even have described to us. People like State Department counterterrorism advisor Will McCants, who called the evacuation of the diplomatic posts "Crazy Pants" ("you can quote me"). Loose cannons like Michael Leiter, former director of the National Counterterrorism Center, who called the terrifying and nonspecific warnings "absurd hyperbole that is coming almost entirely from reckless commentators or ill-informed or ill-spoken [Capitol] Hill folks...no one who really knows al Qaeda or its history thinks that this is as huge a deal as portrayed—and certainly nothing remotely close to the worst thing we have seen since 9/11." But what the hell does he know? Read the rest
Remember ACTA, the terrifying, secret SOPA-on-steroids copyright treaty that the US government tried to ram down the world's throat? Well, it's back, only this time it's called the Trans-Pacific Partnership, and it's limited (for now) to the Pacific Rim. The TPP negotiators are meeting (in secret, natch) in Peru to twirl their mustaches and cackle, and EFF has posted a great infographic summing up their nefarious plan (see the whole thing after the jump):
The TPP is likely to export some of the worst features of U.S. copyright law to Pacific Rim countries: a broad ban on breaking digital locks on devices and creative works (even for legal purposes), a minimum copyright term of the lifetime of the creator plus seventy years (the current international norm is the lifetime plus fifty years), privatization of enforcement for copyright infringement, ruinous statutory damages with no proof of actual harm, and government seizures of computers and equipment involved in alleged infringement. Moreover, the TPP is worst than U.S. copyright rules: it does not export the many balances and exceptions that favor the public interest and act as safety valves in limiting rightsholders’ protection. Adding insult to injury, the TPP's temporary copies provision will likely create chilling effects on how people and companies behave online and their basic ability to use and create on the Web.