Lifeboat Foundation

Ouch!!!

National Security Agency says tools left exposed by mistake — and dumping by presumably Russia-backed hackers Shadow Brokers.

An FBI investigation into the public dumping of hacking tools used by the National Security Agency (NSA) to uncover security flaws in some networking vendor products is looking at how the tools were exposed on a remote computer, a Reuters report says, quoting people close to the investigation.

Continue reading “FBI Probes Dumping Of NSA Hack Tools On Public Site” »

This is definitely something that we should all be aware of, and watching for.

“Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet,” according to a blog post by security expert Bruce Schneier.

Continue reading “Someone is learning how to take down the Internet” »

When the project started, a “Red Team” of hackers could have taken over the helicopter almost as easily as it could break into your home Wi-Fi. But in the intervening months, engineers from the Defense Advanced Research Projects Agency (DARPA) had implemented a new kind of security mechanism — a software system that couldn’t be commandeered. Key parts of Little Bird’s computer system were unhackable with existing technology, its code as trustworthy as a mathematical proof. Even though the Red Team was given six weeks with the drone and more access to its computing network than genuine bad actors could ever expect to attain, they failed to crack Little Bird’s defenses.

“They were not able to break out and disrupt the operation in any way,” said Kathleen Fisher, a professor of computer science at Tufts University and the founding program manager of the High-Assurance Cyber Military Systems (HACMS) project. “That result made all of DARPA stand up and say, oh my goodness, we can actually use this technology in systems we care about.”

The technology that repelled the hackers was a style of software programming known as formal verification. Unlike most computer code, which is written informally and evaluated based mainly on whether it works, formally verified software reads like a mathematical proof: Each statement follows logically from the next. An entire program can be tested with the same certainty that mathematicians prove theorems.

Edward Snowden has warned people not to use Google’s new chat app, because it lets the company read everything that they say.

Google has finally released its new chat app after showing it off over the summer. It comes with a robot that watches everything people say and then stores it for later analysis, using that data to improve the app itself.

But that also means that chats are stored on Google’s servers indefinitely, and are able to be read by it. The company had initially indicated that the messages would only be stored temporarily, limiting the possible impact of any data breach and retaining some privacy for users.

Continue reading “Google’s new chat app should be deleted and never used, says Edward Snowden” »

Quantum teleportation just moved out of the lab and into the real world, with two independent teams of scientists successfully sending quantum information across several kilometres of optical fibre networks in Calgary, Canada, and Hefei, China.

The experiments show that not only is quantum teleportation very much real, it’s also feasible technology that could one day help us build unhackable quantum communication systems that stretch across cities and maybe even continents.

Quantum teleportation relies on a strange phenomenon called quantum entanglement. Basically, quantum entanglement means that two particles are inextricably linked, so that measuring the state of one immediately affects the state of the other, no matter how far apart the two are — which led Einstein to call entanglement “spooky action at a distance”.

Continue reading “Quantum teleportation was just achieved over more than 7 km of city fibre” »

A 50-year-old man has been arrested after an undercover FBI agent posed as a vendor on dark web market AlphaBay.

Hmmm; Chinese antitrust regulators are investigating Microsoft, and Huawei has been shut out of the U.S. telecommunications-equipment market over concerns it might be a front for cyberspying.

Alleged Chinese hacking of American companies may have diminished since tensions over the issue came to a head during Xi Jinping’s state visit to the U.S. last year. At Lawfare, however, security technologist Bruce Schneier describes a recent series of attacks which appear to show “someone […] learning to take down the internet.” “The data I see suggests China,” he writes, “an assessment shared by the people I spoke with.”

Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don’t know who is doing this, but it feels like a large a large nation state. China or Russia would be my first guesses.

Continue reading “China Suspected of Cyberwar Recon; Huawei Fears Linger” »

So, here is the real question we in the US should start raising is how does all of this look for the US to its allies, frienemies, etc. with US filling the headlines with statements like this one. No wonders allies and others are expanding their partnerships with Russia.

WASHINGTON (AP) — CIA Director John Brennan warned on Sunday that Russia has “exceptionally capable and sophisticated” computer capabilities and that the U.S. must be on guard.

When asked in a television interview whether Russia is trying to manipulate the American presidential election, Brennan didn’t say. But he noted that the FBI is investigating the hacking of Democratic National Committee emails, and he cited Moscow’s aggressive intelligence collection and its focus on high-tech snooping.

Continue reading “CIA Director John Brennan warns of Russian hacking” »

CHANTILLY, Va., Sept. 13, 2016 /PRNewswire/ — Vencore Labs Inc., a wholly owned subsidiary of Vencore Inc., announced today that it has been awarded two prime contracts for the Rapid Attack Detection, Isolation and Characterization Systems (RADICS) program led by the U.S. Defense Advanced Research Projects Agency (DARPA). The contracts have a total value of $17M and work is slated to begin in August of this year.

The objective of the RADICS program is to develop technologies for detecting and responding to cyberattacks on critical U.S. infrastructure, with an ultimate goal of enabling cyber and power engineers to restore electrical service within seven days in the event of a major attack. Vencore Labs, a leader in smart grid security and monitoring, will conduct research and deliver technologies in three of five technical areas (TA).