9439 stories
·
74 followers

Mirai botnet creators praised for helping FBI, won’t serve prison time

1 Share
Article intro image

Enlarge (credit: Jason Alden/Bloomberg via Getty Images)

More than nine months ago, three men pleaded guilty to creating and operating the Mirai and Clickfraud botnets.

However, on Tuesday, after prosecutors announced that the men had provided "extensive" and "exceptional" assistance to federal law enforcement, a federal judge in Alaska sentenced each of them to just five years of probation—no prison time.

The men, Paras Jha, 22, of Fanwood, New Jersey; Josiah White, 21, of Washington, Pennsylvania; and Dalton Norman, 22, of Metairie, Louisiana, will continue to cooperate with the FBI.

In particular, prosecutors called out their assistance in the 2017 federal takeover of the Kelihos botnet.

Additionally, the Mirai trio helped thwart online fraud, prevent further DDOS attacks, mitigate a new attack known as Memcache, and even provided "expert assistance" to researchers who were going after an Advanced Persistent Threat from a nation-state.

As Ars reported in October 2016, Mirai degraded or completely took down Twitter, GitHub, the PlayStation network, and hundreds of other sites by targeting Dyn, a service that provided domain name services to the affected sites.

Jha admitted to being behind Mirai, according to court documents that were unsealed late last year. The Rutgers University computer science student was originally publicly identified as a likely suspect in January 2017 by Brian Krebs, a well-known independent computer security journalist.

In a sentencing memorandum submitted on September 11, 2018, Adam Alexander, a federal prosecutor, marveled at how the men could be so notorious in the online DDOS community, and yet at the same time, "socially immature young men living with their parents in relative obscurity."

"That gulf between their online personas and the reality of their daily lives offline is mirrored in the gulf between the sophistication and significance of their criminal botnet activities both in terms of the Mirai botnet and the successor Clickfraud scheme," Alexander continued.

"Collectively, the three were much more talented at building a botnet than they were at successfully monetizing their criminal activity, although they demonstrated a marked and unfortunate degree of refinement when they transitioned from Mirai to Clickfraud. It is fortunate to all involved that their activities were disrupted, and it is worthwhile to note that if they hadn’t there is every reason to believe that they would still be engaging in significant cyber crime in the United States and abroad."

Ultimately, he concluded: "All three have significant employment and educational prospects should they choose to take advantage of them rather than continuing to engage in criminal activity."

Read Comments

Read the whole story
fxer
17 minutes ago
reply
Bend, Oregon
Share this story
Delete

Cloudflare wants internet route leaks to be a thing of the past

1 Share

Internet outages happen all the time. If it’s not someone cutting through a cable in the street, it’s a massive denial-of-service attack pummeling a pillar of the internet with junk data.

There is another, more common cause: routing issues.

Internet routing isn’t sexy. But it’s a fundamental part of how the internet works. Routing relies on the border gateway protocol (BGP), which manages how internet traffic is routed the internet. BGP relies on trust between network operators to not send incorrect or malicious data. But mistakes happen, and malformed data can form a “route leak” that leads to confusion over where internet traffic should go, and can lead to massive outages.

Predictably, bad actors can take advantage of the overly trusting protocol in what’s known as a “route hijack.” By redirecting unencrypted traffic, it can be read and modified.

Now, Cloudflare wants routing issues to be a thing of the past by deploying a new feature to try to stop route leaks and hijacks in their tracks.

Cloudflare told TechCrunch that rolling out resource public key infrastructure (RPKI) to all of its customers for free will make it far more difficult to reroute traffic — either by accident or deliberately.

RPKI, in a nutshell, helps to ensure that traffic goes to the right place through a route that’s verified as legitimate and correct by using cryptographically signed certificates.

“When two networks connect with each other — say, AT&T and Verizon — they announce the set of IP addresses for which they should be sent traffic,” said Nick Sullivan, Cloudflare’s head of cryptography. “The RPKI is a security framework to make sure a network announces only its legitimate IP addresses.”

Cloudflare’s push in the right direction follows an effort by the National Institute for Standards and Technology, which last week published its first draft of a new standard, which incorporates RPKI as one of three components that will help prevent route leaks and hijacks. A possible approval is expected in the coming weeks.

RPKI isn’t perfect, though — it’s better at preventing leaks than hijacks, Cloudflare said, but called its move the “first milestone” in moving from trust-based to authentication-based routing.

Sullivan said pushing for RPKI will protect networks from fraudulently (or accidentally) directing traffic to the wrong place, “resulting in a safer and more stable internet.”

Right now, RPKI adoption hovers between about 8-9 percent, but less than 1 percent of networks are using strict RPKI validation.

Because it can only be effective if it’s deployed across a large swath of network operators. The company wanted to encourage a wider adoption of the technology by showing it can be done easily and cost efficiently.

With any luck, that might just be the kick that it needs.

Read the whole story
fxer
20 minutes ago
reply
Bend, Oregon
Share this story
Delete

A new antenna using single atoms could usher in the age of atomic radio

1 Share
Article intro image

Enlarge / Zapping a vapor cell of excited cesium atoms with lasers makes an excellent detector of radio waves. (credit: Rydberg Technologies)

In the 1950s, atomic clocks revolutionized precision time-keeping. Now we may be on the verge of so-called "atomic radio," thanks to the development of a new type of antenna capable of receiving signals across a much wider range of frequencies (more than four octaves) that is highly resistant to electromagnetic interference.

An antenna is typically a collection of metal rods that pick up passing radio waves and convert their energy into an electrical current, which is then amplified. One might argue that the good old-fashioned radio antenna has served us well since the dawn of the 20th century, so why do we need anything to replace it?

According to David Anderson of Rydberg Technologies, those antennae are wavelength-dependent, so their size depends on whatever wavelength of signal they are trying to measure (they need to be about half the size of whatever wavelength they are designed to receive). That means you need antennae of several different sizes to measure different radio frequencies.

Anderson is a co-author of a new paper posted to the arXiv describing a novel alternative to conventional antennae, based on vapor cells filled with a gas of so-called "Rydberg atoms." That just means the atoms are in an especially excited state, well above their ground (lowest-energy) state. This makes them especially sensitive to passing electric fields, like the alternating fields of radio waves. All you need is a means of detecting those interactions to turn them into quantum sensors.

The Rydberg Technologies team realized they could zap their vapor cells filled with excited cesium atoms with laser light tuned to just the right critical frequency. This saturates the atoms so they can't absorb any more light, such that a second laser beam can pass right through them, effectively making the gas transparent. The critical frequency at which this transition happens will change in response to a passing radio wave, so the light from that second laser beam will flicker in response. The vapor cell becomes a purely optical radio wave detector, with no need for any wires or circuitry.

Plus it's capable of measuring pulsed and modulated RF fields, according to Anderson, which is how information is transferred across the airwaves. They have already tested the concept with AM and FM microwaves to transmit recordings of various team members singing "Mary Had a Little Lamb"—a nod to Thomas Edison, who sang the same song when he invented the phonograph in 1877.

The all-optical nature of the vapor cells means that even if they are hit with a massive burst of electromagnetic radiation, like that from a solar flare, they won't be permanently damaged because there is no circuitry to fry. This is a major concern for the electrical grid or certain defense systems and satellites. An atomic antenna would also be less vulnerable to the recent spate of suspected microwave attacks at US embassies in Cuba and China. And the cells are ideal for secure communications. "You can design the receiver to operate at whatever band or whatever frequencies you want and avoid intentional electromagnetic interference much more easily," says Anderson.

The detector cells are quite small, merely millimeters in size, with potential to scale them down even more. However, they require a significant backup system to operate, which has not been miniaturized. "You're not going to have a radio receiver that fits into a car dashboard today," says Anderson. "But the atomic clock paved the way for what we now call quantum technologies," and they began as large tabletop devices. Eventually scientists figured out how to make them small enough to fit into commercial systems.

Anderson foresees a similar trajectory for atomic radio. Within the next couple of years, he is confident they will have a suitcase-sized system that would fit neatly into an airplane or a ship, for example—vessels that would welcome the added protection from interference and electromagnetic pulses conferred by these detector cells. And perhaps one day these vapor cells will replace those pesky car antennae with something a bit more aesthetically pleasing.

[h/t: Technology Review]

Read Comments

Read the whole story
fxer
23 minutes ago
reply
Bend, Oregon
Share this story
Delete

iOS 12.1 beta hints at new iPad Pro

1 Share

iOS 12 is still brand new, but Apple is already testing iOS 12.1 with a developer beta version. Steve Troughton-Smith and Guilherme Rambo found references to a brand new iPad that would support Face ID.

First, there are changes to Face ID. You can find references to landscape orientation in the iOS 12.1 beta. Face ID on the iPhone is limited to portrait orientation. Chances are you didn’t even notice this limitation because there’s only one orientation for the lock screen and home screen.

But the iPad is a different story as people tend to use it in landscape. And even when you hold it in landscape, some people will have the home button on the left while others will have the home button on the right.

In other words, in order to bring Face ID to the iPad, it needs to support multiple orientations. This beta indicates that iOS 12.1 could be the version of iOS that ships with the next iPad.

If that wasn’t enough, there’s a new device codename in the setup reference files. This device is called iPad2018Fall, which clearly means that a new iPad is right around the corner.

Analyst Ming-Chi Kuo previously indicated that the iPad Pro could switch from Lightning to USB-C. This would open up a ton of possibilities when it comes to accessories. For instance, you could plug an external monitor without any dongle and send a video feed to this external monitor.

As for iPhone users, in addition to bug fixes, iOS 12.1 brings back Group FaceTime, a feature that was removed at the last minute before the release of iOS 12. If it’s still too buggy, Apple could still choose to remove the feature once again. Memojis could support iCloud syncing across your devices, which would be useful for an iPad Pro with Face ID.

Read the whole story
fxer
25 minutes ago
reply
Bend, Oregon
Share this story
Delete

Sony announces the PlayStation Classic, its own mini retro console

1 Share

If you’re the kind of person who has two beers and regularly launches into the same 20 minute-long ode to the original PlayStation for playing a seminal role in the maturation of gaming as an art form, well, do we have some news for you. Sony just announced its intentions to give the PS1 the (winning) Nintendo Classic treatment with teeny to-scale PlayStation Classic consoles. They’re scheduled to hit shelves on December 3 for $99.99.

Like Nintendo’s wildly popular SNES and NES Classics that paved the way, Sony’s PlayStation Classic will come pre-loaded with a cache of well-loved games. The PlayStation Classic’s lineup will feature 20 classic games, including Final Fantasy VII [editor’s note: hell yeah], Jumping Flash, Ridge Racer Type 4, Tekken 3, and Wild Arms.

“Almost 25 years ago, the original PlayStation was introduced to the world. Developed by Sony Computer Entertainment, it was the first home console in video game history to ship 100 million units worldwide, offering consumers a chance to play games with real-time 3D rendered graphics in their homes for the first time,” Sony said, waxing nostalgic in a blog post announcing the console. We’re here for it.

“Long-time fans will appreciate the nostalgia that comes with rediscovering the games they know and love, while gamers who might be new to the platform can enjoy the groundbreaking PlayStation console experience that started it all.”

According to Sony, the new mini PlayStation will be 45% smaller than a real PlayStation, complete with smaller controllers that also mimic their forebears. Each unit will ship with an HDMI and USB cable and two controllers for couch multiplayer. The consoles will be available to pre-order at some retailers in Canada and the U.S and more details (including the 15 other games) so keep an eye out — Sony will be sharing more details “in the coming months.”

Most of us can agree that this particular nostalgia baiting tactic is awesome, take our money, but have you seen this thing? It’s extra cute. Maybe it’s because the PS1 had those iconic circular buttons that echoed its game discs and round things are cute like Kirby is cute (Toad, on the other hand, is over).

I can still remember exactly how much give the original PlayStation’s buttons had when you pushed them, how the disc hood opened gracefully, almost suspensefully… sure I gave five years of my actual life to this thing — what’s a few months more?

Read the whole story
fxer
8 hours ago
reply
Bend, Oregon
Share this story
Delete

Mom’s blistering rant on how men should be blamed for all unwanted pregnancies going crazy viral. 

1 Comment and 3 Shares

via <a href="https://www.flickr.com/photos/hey__paul/6980584656/in/photolist-bCRjBS-7qYCFS-ht4o7H-7qUHLz-aqqBxn-qgx9wL-p1XW9k-eyFXm8-9wVPMa-diyGJV-fiYHpP-7qYD61-28aGDYB-fizHVp-bAwExG-2c1hXf-Gnd3Et-21BtQfS-283JWR9-fBzGZ-bVFx68-cm3kh7-6qme4Y-2z5zP3-de2M4a-de2LMb-eZ9nmn-o6Tyvh-de2MpG-az4SG-de2MRD-de2LDa-5oXRxs-7Vkiq8-de2Mko-7QG4nS-8c225Z-6dhjmS-5oXRtC-8chyyc-osgeZ3-de2JNh-YMvTM3-bLauEg-YE51t2-qgxwL5-dLRpVM-Y9bZNc-ZKfUZ6-YQ6QKR" target="_blank">Hey Paul Studios/Flickr</a>

Members of the Church of Latter Day Saints, commonly known as Mormons, are a conservative group who aren’t known for being vocal about sex.

But best selling author, blogger, and mother of six, Gabrielle Blair, has kicked that stereotype to the curb with a pointed thread on reducing unwanted pregnancies. And her sights are set directly at men.

She wrote a Cliff’s Notes version of her thread on her blog:

If you want to stop abortion, you need to prevent unwanted pregnancies. And men are 100% responsible for unwanted pregnancies. No for real, they are. Perhaps you are thinking: IT TAKES TWO! And yes, it does take two for _intentional_ pregnancies.

But ALL unwanted pregnancies are caused by the irresponsible ejaculations of men. Period. Don’t believe me? Let me walk you through it. Let’s start with this: women can only get pregnant about 2 days each month. And that’s for a limited number of years.

Here’s the whole thread. It’s long, but totally worth the read.

Blair’s controversial tweet storm have been liked hundreds of thousands of time, with the original tweet earning nearly 200,000 likes since it was posted on Thursday, September, 13.

The reactions have earned her both praise and scorn.

Most of the scorn was from men.

But Blair wouldn’t budge.

For other men, the tweet thread was a real eye-opener.

Women everywhere applauded Blair’s bold thread.

Read the whole story
fxer
8 hours ago
reply
come see my band; Irresponsible Ejaculations
Bend, Oregon
hannahdraper
7 hours ago
No thanks, I've seen enough of those in my life.
hannahdraper
8 hours ago
reply
Washington, DC
diannemharris
3 hours ago
I wish I could star your reply
Share this story
Delete
Next Page of Stories