Security researcher controlled passenger jet via inflight entertainment system

by
in security on (#96BP)
story imageChris Roberts, a security researcher with One World Labs, who has been issuing warnings about vulnerabilities in inflight entertainment systems for years, told the FBI agent during an interview in February that he had hacked the in-flight entertainment system on an airplane and overwrote code on the plane's Thrust Management Computer while aboard the flight. "He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights," FBI Special Agent Mark Hurley wrote in his warrant application. "He also stated that he used Vortex software after comprising/exploiting or 'hacking' the airplane's networks. He used the software to monitor traffic from the cockpit system."

"We believe Roberts had the ability and the willingness to use the equipment then with him to access or attempt to access the (inflight entertainment system) and possibly the flight control systems on any aircraft equipped with an (inflight entertainment system) and it would endanger the public safety to allow him to leave the Syracuse airport that evening with that equipment," sates the warrant application. Roberts has not yet been charged with any crime. The allegations contained in the search warrant application have not been proven in court.

Shortly after the incident with Roberts, Wired reported that the TSA and the F.B.I. issued a bulletin to airlines to be on the lookout for passengers showing signs they may be trying to hack into an airplane's Wi-Fi or inflight entertainment system. Wired also reported that the U.S. Government Accountability Office issued a report warning that electronic systems on some planes may be vulnerable to hacking.

Microsoft remotely disables leaker’s Xbox One console

by
in microsoft on (#94ZX)
It turns out that Microsoft not only has the power to ban you from Xbox Live permanently, but it can also temporarily make your Xbox One totally unusable, as the beta testers behind the Gears of War Remastered leak have found out. If you didn't think Microsoft had this power, you're not alone.

This week, videos showing off the latest internal build of Microsoft's unannounced Gears of War remake were leaked on to the web. These videos originated from testers working for VMC, a third-party agency hired by Microsoft. Obviously neither company was particularly happy when the leaks hit the web. The leakers were quickly found and have been banned from VMC's beta testing program. Additionally, Microsoft has taken matters in to its own hands, removing access to their consoles entirely. Microsoft permanently disabled their Xbox LIVE accounts (as well as other suspected accounts present on their Xbox One kits) and temporarily blocked all of their Xbox One privileges - meaning that for a period of time which Microsoft decides on depending on the severity of the offense, their Xbox One is entirely unusable.

Verizon, Sprint customers to get refunds for fraudulent "cramming" charges

by
in legal on (#8ZDE)
All 50 state attorney generals, the Consumer Financial Protection Bureau, and the Federal Communications Commission, reached settlements with Sprint and Verizon Wireless that include $158 million in payments to resolve allegations that Sprint and Verizon placed unauthorized, third-party charges on consumers' mobile telephone bills, a practice known as "cramming."

Consumers who have been "crammed" often have charges, typically $9.99 per month, for "premium" text message subscription services (also known as "PSMS" subscriptions) such as horoscopes, trivia, and sports scores that the consumers have never heard of or requested. Sprint and Verizon are the third and fourth mobile telephone providers to enter into nationwide settlements to resolve allegations regarding cramming. Similar settlements with AT&T were announced in October of 2014 ($105 million), and T-Mobile in December of 2014 ($90 million). All four mobile carriers announced they would cease billing customers for commercial PSMS in the fall of 2013.

Sprint will provide $50 million and Verizon will provide $70 million directly to consumers who were victims of cramming. Consumers can submit claims under the redress programs by visiting www.SprintRefundPSMS.com and/or www.CFPBSettlementVerizon.com. On those websites, consumers can submit claims, find information about refund eligibility and how to obtain a refund, and can request a free account summary that details PSMS purchases on their accounts.

Keyless entry fobs result in rash of vehicle thefts

by
in security on (#8TR4)
story imageAs vehicles become more technologically advanced, thieves are becoming technologically savvy, too. Cars with a hands-free key fobs typically unlock a car within about 30 centimeters. But across the USA, thieves have begun using a device called a power amplifier to help unlock cars. The amplifier, which can cost less than $20 over the Internet - takes the signal from the car and projects it as far as 100 meters, so your car can find your key fob in your purse, pocket or the table where you dump your stuff when you come in the door.

In Toronto, Los Angeles, Long Beach, New York, Springfield, and more cities, police have reported a spike in thefts from Toyota and Lexus SUVs, Priuses, and more vehicles, all parked in owners' driveways with no signs of damage. As more people buy cars with these no-push key fobs, what's the solution to stopping this type of break-in? "Use a microwave" or wrap your keys in aluminum foil. The heavy metal cages block the signal. It's another case of convenience becoming a two-edged sword.

ISS resupply ship Progress 59 crashes into Pacific

by
in space on (#8TP3)
story imageThe Russian spacecraft that failed to dock at the International Space Station two weeks ago has safely crashed back into the Earth. NASA and Russian space agency Roscosmos report that Progress 59, which launched on April 27 on a supply mission to the ISS, re-entered the Earth's atmosphere over the Pacific Ocean at 10:04PM ET last Wednesday night. NASA footage shows the Progress 59 spinning uncontrollably in space after it had launched successfully from Kazakhstan.

The US space agency said, in a statement, that the craft was not carrying any critical supplies and that the Russian and American sides of the ISS were "adequately supplied well beyond the next planned resupply flight." Around a ton of material was expected to have survived the craft's re-entry into the atmosphere, but what was left of the Progress 59 was not a danger to people on the ground as the craft landed somewhere in the central Pacific.

NASA search and rescue radar saves lives in Nepal

by
in robotics on (#8KSX)
story imageSearch-and-rescue technology developed in part by NASA helped free four men trapped under 10-feet of debris in Nepal. The two-year-old FINDER tool users microwave-radar technology to detect heartbeats of people trapped in wreckage. Following the April 25 earthquake, two prototype FINDER devices were deployed to search teams in Nepal. Arriving on April 29 to assist with rescue efforts, the FINDER tools detected two heartbeats beneath two different collapsed structures in the village of Chautara, where the four men had been trapped for days.

The device has previously detected people buried under up to 30 feet of rubble, hidden behind 20 feet of solid concrete, and at a distance of 100 feet in open spaces, but "The true test of any technology is how well it works in a real-life operational setting." A new "locator" feature also provides confirmation of a heartbeat, and the approximate location of the trapped individuals within five feet.

Aircraft fire-suppression systems can't prevent lithium-ion battery fire and explosions

by
in mobile on (#898V)
story imageInternational aviation officials are trying to quickly come up with safer packaging for cargo shipments of lithium-ion batteries on passenger planes after U.S. testing confirmed that aircraft fire suppression systems put out the initial flames but can't prevent thermal runaway from causing powerful explosions and fires. Such an explosion could blow a hole in a plane and cause depressurization for passengers. If the working group cannot come up with such packaging, officials said they consider it likely that a formal proposal to ban bulk battery shipments from passenger planes will be offered in October. The global battery industry has been lobbying heavily against restrictions on battery shipments. A growing number of airlines have said they will no longer accept bulk battery shipments, including Delta, United, American Airlines, Cathay Pacific, Qantas, British Airways and Cargolux. All three US airlines will continue to accept shipments when the batteries are packed inside or with equipment such as laptops or power tools. The increasing focus on battery safety will put pressure on other airlines to follow suit.

Aviation officials believe lithium-ion batteries contributed to fires that destroyed two Boeing 747 cargo planes, killing all four crew members. Malaysia Airlines flight 370 was also reported to have been carrying 440lb of lithium-ion batteries in its cargo, adding yet another theory to the mystery surrounding its disappearance last year. Shipments are supposed to be limited to no more than a handful of batteries in a single box, under safety standards set by the UN's International Civil Aviation Organization. But a loophole permits many small boxes to be packed into one shipment. It's not unusual for as many as 80,000 batteries to be carried on board a plane.

On Jan. 7, 2013, ground workers discovered smoke and flames coming from an auxiliary power unit lithium-ion battery in a Japan Airlines 787 that was parked at the gate at Boston Logan International Airport after flying from Tokyo. NTSB investigators said Boeing's safety assessment of the 787's lithuim-ion battery was insufficient because Boeing had ruled out cell-to-cell propagation of thermal runaway (which is what occurred in this incident) but did not provide the corresponding analysis and justification in the safety assessment. As a result, the potential for cell-to-cell propagation of thermal runaway was not thoroughly scrutinized by Boeing and FAA engineers, ultimately allowing this safety hazard to go undetected by the certification process. As a result of the investigation, the NTSB made 15 safety recommendations to the FAA, two to Boeing, and one to GS Yuasa.

ConnochaetOS, a Libre-Slackware-based Distro Resumes Development

by
Anonymous Coward
in linux on (#88YG)
ConnochaetOS, a Slackware- and Salix OS-based GNU/Linux Distribution, has announced a Release Candidate 2 for its version 14.1 after a several year hiatus.
This time it will be again a free/libre distro which contains only free software. It still focuses on lightweight usage and old computers - why there will be only a 32 bit version. To reduce the workload ConnochaetOS will be based on Slackware and Salix OS.

The versioning will follow the Slack/Salix versioning scheme to make things easier. So the next ConnochaetOS release will be version 14.1.
The ConnochaetOS website is also host to the slack-n-free repository, which provides Free Software replacements, including a linux-libre kernel, in the Slackware .t?z format.

Promising news for Free Software and Slackware fans alike.

Crack any Master Lock combination lock in eight tries or less

by
in security on (#853A)
There's a vulnerability in Master Lock branded combination padlocks that allows anyone to learn the combination in eight or fewer tries, a process that requires less than two minutes and a minimal amount of skill to carry out.

The exploit involves lifting up a locked shackle with one hand while turning the combination dial. Before the dial reaches 11, there will be three points where the dial will resist being turned anymore. The three positions are then input to a web page that streamlines the exploit. The page responds with the first digit of the combination and two possible digits for the last digit. By testing which of the possible last digits has more "give," an attacker can quickly figure out which one is correct. By eliminating the false digit from the Web form, the page will automatically populate the eight possible numbers for the second digit of the combination.

It's by no means the only way to break the security of a popular padlock. It comes a few years after Master Lock engineers developed new padlocks that resisted a popular form of attacks using shims made from soft drink cans.

NASA spacecraft to impact planet Mercury on Thursday

by
in space on (#83Z4)
story imageLaunched in 2004, NASA's Mercury-orbiting spacecraft, Messenger, is going out with a bang this week, adding a hefty crater to the little planet closest to the sun. The first spacecraft to circle Mercury, Messenger is expected to slip out of orbit and slam into Mercury on Thursday following a successful four-year tour of the rocky planet. The spacecraft will be traveling 8,750 mph (14,081 kph) when it hits, fast enough to carve out a crater 52 feet (16 meters) wide. The spacecraft itself stretches 10 feet (3 meters) solar wingtip to wingtip. Only one other spacecraft, NASA's Mariner 10, has ever visited Mercury, and that was back in the 1970s. Mariner 10 flew past, but did not orbit the innermost planet.

Messenger has run out of fuel, but ground controllers managed in recent weeks to eke out some extra life, raising Messenger's orbit by dipping into helium gas reserves not originally intended for use as fuel. But now that's all gone and Messenger is at the mercy of gravity. "I guess the end is coming," the Messenger team said via Twitter earlier this week. "After 10 years, spacecraft will end life as just another crater on Mercury's surface." Messenger is expected to crash into the side of Mercury facing away from Earth, so there will be no cameras or observatories to witness the impact. Scientists expect to gather information from Messenger until 10 to 15 minutes before its fatal plunge. The expected crash site is about two-thirds of the way up the planet, near the north pole.
...23242526272829303132...