Story 2014-11-12

Philae lander: touchdown on Comet 67P/Churyumov-Gerasimenko

by
in space on (#2V0N)
story imageWe live in amazing times. Ten years after the mission was conceived and set into motion, European scientists have landed a spacecraft on the surface of a comet. Despite the fear stemming from the unknown consistency of the comet's surface, which could have ranged from powdery to tarry frozen to anything in between, Philae sank only 4cm into the surface, which indicates perhaps a slight coating of dust.
Over the coming months as Philae piggybacks on the comet and Rosetta maintains orbit, the data they send back could be key to unlocking answers about the formation of the Solar System, the origins of water on Planet Earth and perhaps even life itself.

Rosetta selfie with Comet 67P in background
The challenge for the flight team operating Rosetta from back on Earth was to land Philae on a rotating, duck-shaped comet travelling through space at 18km/s (40,000mph).
The BBC has tons of coverage of the event. Amazing, simply amazing. If you checked my productivity and web-browsing habits today, you'd discover I checked into the BBC's live coverage this morning and was glued to it for the rest of the day. I wasn't around when we landed on the moon, but this is an even more impressive, technical feat. Congrats to everyone who made this happen!

ISPs caught stripping STARTTLS from email

by
in security on (#2V0A)
Those evil ISPs are at it again:
Recently, Verizon was caught tampering with its customer's web requests to inject a tracking super-cookie. Another network-tampering threat to user safety has come to light from other providers: email encryption downgrade attacks. In recent months, researchers have reported ISPs in the US and Thailand intercepting their customers' data to strip a security flag-called STARTTLS-from email traffic. The STARTTLS flag is an essential security and privacy protection used by an email server to request encryption when talking to another server or client.1

By stripping out this flag, these ISPs prevent the email servers from successfully encrypting their conversation, and by default the servers will proceed to send email unencrypted. Some firewalls, including Cisco's PIX/ASA firewall do this in order to monitor for spam originating from within their network and prevent it from being sent. Unfortunately, this causes collateral damage: the sending server will proceed to transmit plaintext email over the public Internet, where it is subject to eavesdropping and interception.
Although I wouldn't trust the content of your non-PGP email to ever be secure, this could potentially lead to your email account password being transmitted in-the-clear, depending on how your email client and server are configured.