Update on the Keylogger Virus Security Incident affecting the US Predator & Reaper UAV fleet.

Wired has updated their article on the Keylogger Virus that has affected some of the US Airforce’s critical infrastructure spreading so pervasively as to even reach the command and control systems of the US UAV fleet.

The US Airforce has now gone on record insisting that the malware was “more of a nuisance” than it was an actual “operational threat”.

USAF UAV - Picture from wired.

Creech Airforce Base in Nevada remains fully operational and has not been compromised in any way by the security incident.

The Airforce also claimed that the 24th Airforce, nominally in charge of cyber security operations, was fully aware of the incident and that theyve known about it all along.

Link to the USAF press release courtesy of wired:

The whole situation seems like a shambles to me. The fact that such a generic pece of malware could spread so far and wide through critical systems is embarrassing at best and a serious threat to US national security at worst.

One would hope that there are some hard lessons being learnt from this….

link to original wired article: http://www.wired.com/dangerroom/2011/10/drone-virus-nuisance/

RIP Dennis Ritchie – Tech Visionary, Co-Creator of unix, Inventor of C# Programming Language

Dennis Ritchie at the 1984 Usenix conferenceDennis Ritchie is a man who shaped much of todays technology.

in 1969,  a group of Bell Labs employees, Ken Thompson, Dennis Ritchie, Brian Kernighan, Douglas McIlroy and Joe Ossana wrote the frist Unix operating system. It was written entirely in Assembly language. By December 6 1972, the second version of Unix was released.

Also in 1969, Dennis Ritchie started work on a general purpose programming language for use on the Unix operating system. It was deemed complete in 1973, and by the end of 1973 Unix had been ported in its entirety to C.

Today C is one of the most widely used programming languages in the world and Unix is arguably the longest running and most prolific Operating System in the world.

Bye Dennis, we will remember you. You’ve earned your place in history.

Candle Vigil of Dennis Ritchie courtesy of desconcentrado on twitter

Is your Sony TV a smoker?

Some 1.6 Million Sony LCD TV sets sold in Europe since 2007 are at risk of catching fire. So far the only symptom is that they start smoking, though sony cant rule out strange noises or smells coming from affected sets.

Sony KDL-40V3000 TV

Affected model numbers are:

KDL-40D3400, KDL-40D3500, KDL-40D3550, KDL-40D3660.

KDL-40V3000, KDL-40W3000, KDL-40X3000, KDL-40X3500.

Sony has put up a website offering free inspection if you think your TV is one of the affected ones:

Its not been a good couple of years for sony……

Sony Gets Hacked (Again).

Sony has been hacked again. This time more than 90,000 accounts for Sony Entertainment Network, PlayStation Network (PSN) and Sony Online Entertainment services were compromised in what looks like a simple Brute Force attack where the attacker or attackers simply tried common passwords against user accounts until they got in.

This attack strategy is hardly new and has been favoured in the past by Chinese hackers amongst others. Why? Its the oldest hack in the book. Its simple, easy to implement and relies on the fact that people are lazy or stupid or just dont care that passwords like “password” or “secret” or “s3cr3t” are easy to guess.

Whats surprising is that Sony STILL hasn’t implemented a strong enough password policy to force users into using at least moderately secure passwords.

How many times do they need to get compromised before they follow simple information security best practice guidance that is taught to EVERY information security officer as part of EVERY training or certification.

Sony’s CISO has posted a comforting blog message saying that this represented less than 0.1% of their user base and that no credit cards were compromised by the attackers (wouldn’t want to fall foul of PCI now would we…). Hes also said that compromised accounts have been locked and that Sony will help roll back any unauthorised transactions.

You can read his blog post here: *http://blog.us.playstation.com/2011/10/11/an-important-message-from-sonys-chief-information-security-officer/

I have to say as a CISO he certainly has his job cut out for him if he doesn’t want Sony to take Microsoft’s place as the company routinely trashed for having consistently bad security practice.

It took microsoft YEARS of hard work to escape that image (if they even have fully yet),

US Army Plans to roll out its own Android Smartphone.

The US army plans to roll out and Android smartphone as part of the next evolution of its “Nett Warrior” Programme.

Image of nett warrior smartphone
Image of nett warrior smartphone

Its hoped the Android device will reduce kilos of comms equipment down to just a few pounds for it and the Rifleman Radio that it will hook into.

Why a Rifleman Radio? The Army has no intention of ever allowing this device to connect to any type of civilian telecoms or Wifi based network.


As Lake Mead hits levels not seen since 1937, Las Vegas plans Multi Billion Dollar water pipeline

From the Las Vegas Sun:

Its no secret that Las Vegas needs water, and its also no secret that Las Vegas is struggling to meet the ever increasing demand for water. The photo below shows just how far water levels have dropped in Lake Mead, Vegas’s primary supply of water.

Levels havent been this low since 1937 when the lake was first filled.

Photo showing how far water level's have dropped in Lake Mead
Photo showing how far water level has dropped in Lake Mead

The light grey area seen on the photograph is a watermark caused by scale deposits that happened while that area was under water.

Its already 114 feet lower today than it was in 2000 and the Scripps Institute of Oceanography and the University of California, San Diego believe that the lake could be entirely drained by 2021

The answer? At the moment The Southern Nevada Water Authority hopes that a new 300 mile water pipeline that draws in water from as many other local water sources in rural Nevada as possible will solve their immediate need. The cost of this pipeline is estimated to be somewhere between $4bn and $15bn.

Just how long this will stem the inevitable worsening of Nevada’s water situation remains to be seen, as the pipeline is still in planning stages with numerous opponents suggesting that desalination plants would be a much more sustainable solution instead of potentially harming the environment and drawing water from yet another equally finite resource.

What ever happens, Las Vegas is still a city in a desert that has an every increasing thirst for water.

From Wired: US Predator and Reaper drones infected with keylogger virus.

Exclusive: Computer Virus Hits U.S. Drone Fleet
By Noah Shachtman, Wired Magazine.
October 7, 2011

US Predator and Reaper drones infected with keylogger virus.

A computer virus has infected the cockpits of America’s Predator and Reaper drones, logging pilots’ every keystroke as they remotely fly missions over Afghanistan and other warzones.

The virus, first detected nearly two weeks ago by the military’s Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech’s computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the U.S. military’s most important weapons system.

“We keep wiping it off, and it keeps coming back,” says a source familiar with the network infection, one of three that told Danger Room about the virus. “We think it’s benign. But we just don’t know.”

Military network security specialists aren’t sure whether the virus and its so-called “keylogger” payload were introduced intentionally or by accident; it may be a common piece of malware that just happened to make its way into these sensitive networks. The specialists don’t know exactly how far the virus has spread. But they’re sure that the infection has hit both classified and unclassified machines at Creech. That raises the possibility, at least, that secret data may have been captured by the keylogger, and then transmitted over the public internet to someone outside the military chain of command.

Drones have become America’s tool of choice in both its conventional and shadow wars, allowing U.S. forces to attack targets and spy on its foes without risking American lives. Since President Obama assumed office, a fleet of approximately 30 CIA-directed drones have hit targets in Pakistan more than 230 times; all told, these drones have killed more than 2,000 suspected militants and civilians, according to the Washington Post. More than 150 additional Predator and Reaper drones, under U.S. Air Force control, watch over the fighting in Afghanistan and Iraq. American military drones struck 92 times in Libya between mid-April and late August. And late last month, an American drone killed top terrorist Anwar al-Awlaki — part of an escalating unmanned air assault in the Horn of Africa and southern Arabian peninsula.

But despite their widespread use, the drone systems are known to have security flaws. Many Reapers and Predators don’t encrypt the video they transmit to American troops on the ground. In the summer of 2009, U.S. forces discovered “days and days and hours and hours” of the drone footage on the laptops of Iraqi insurgents. A $26 piece of software allowed the militants to capture the video.

The lion’s share of U.S. drone missions are flown by Air Force pilots stationed at Creech, a tiny outpost in the barren Nevada desert, 20 miles north of a state prison and adjacent to a one-story casino. In a nondescript building, down a largely unmarked hallway, is a series of rooms, each with a rack of servers and a “ground control station,” or GCS. There, a drone pilot and a sensor operator sit in their flight suits in front of a series of screens. In the pilot’s hand is the joystick, guiding the drone as it soars above Afghanistan, Iraq, or some other battlefield.

Some of the GCSs are classified secret, and used for conventional warzone surveillance duty. The GCSs handling more exotic operations are top secret. None of the remote cockpits are supposed to be connected to the public internet. Which means they are supposed to be largely immune to viruses and other network security threats.

But time and time again, the so-called “air gaps” between classified and public networks have been bridged, largely through the use of discs and removable drives. In late 2008, for example, the drives helped introduce the agent.btz worm to hundreds of thousands of Defense Department computers. The Pentagon is still disinfecting machines, three years later.

Use of the drives is now severely restricted throughout the military. But the base at Creech was one of the exceptions, until the virus hit. Predator and Reaper crews use removable hard drives to load map updates and transport mission videos from one computer to another. The virus is believed to have spread through these removable drives. Drone units at other Air Force bases worldwide have now been ordered to stop their use.

In the meantime, technicians at Creech are trying to get the virus off the GCS machines. It has not been easy. At first, they followed removal instructions posted on the website of the Kaspersky security firm. “But the virus kept coming back,” a source familiar with the infection says. Eventually, the technicians had to use a software tool called BCWipe to completely erase the GCS’ internal hard drives. “That meant rebuilding them from scratch” — a time-consuming effort.

The Air Force declined to comment directly on the virus. “We generally do not discuss specific vulnerabilities, threats, or responses to our computer networks, since that helps people looking to exploit or attack our systems to refine their approach,” says Lt. Col. Tadd Sholtis, a spokesman for Air Combat Command, which oversees the drones and all other Air Force tactical aircraft. “We invest a lot in protecting and monitoring our systems to counter threats and ensure security, which includes a comprehensive response to viruses, worms, and other malware we discover.”

However, insiders say that senior officers at Creech are being briefed daily on the virus.

“It’s getting a lot of attention,” the source says. “But no one’s panicking yet.”

Westboro Baptist Church plans to Picket Steve Jobs Funeral


Members of the controversial Westboro Baptist church better known for their extremely distasteful campaign against homosexuality though the picketing the funerals of US servicemen killed in action have announced that they will be targeting the funeral of Steve Jobs.

The group, best known for their rainbow “God hates fags” signs and web page, are claiming the action is in response to Jobs not using his wealth to promote their interpretation of the Bible and for Apple being consistently voted one of the most gay-friendly employers. The group’s grievances and its original protest plans were posted from iPhones, something the Twittersphere has been quick to point out.

WestBoro Baptist Church members using iPhones to tweet. - Picture from TheRegister


“We’re not against technology; we’re against using it to promote what God hates”, said Megan Phelps-Roper, granddaughter of the church’s founder Fred Phelps, before tweeting a picture of the group using their iPhones at a protest.

It will be interesting to see what happens when grieving Apple Fanboi’s clash with them over the  desecration of their beloved leader’s funeral..

Assuming of course that anyone can get past the immense security perimeter that will almost certainly surround the funeral.

South Korea’s Deadly Robots

Tensions between South and North Korea are always high with each side striving to gain the upper hand in some way and the constant threat of incursion by one side or the other hangs over the peninsular – As a result the mountains of Seoul are covered with both manned and unmanned defensive positons.

One radical new strategy favoured by South Korea is the development of autonomous robotic defence systems that can be left to guard the DMZ. There are several different types, though most take the form of static sentry guns with autonomous targeting systems that are *hopefully* capable of determining the correct target to obliterate.

DoDAAM’s Super aEgis II

Picture of DoDAMM's Super aEgis 2
DoDAMM's Super aEgis 2 autonomous sentry gun.

From gizmag:

The Super aEgis 2 is an automated gun tower that can find and lock on to a human-sized target in pitch darkness at a distance of up to 1.36 miles (2.2 kilometers). It uses a 35x zoom CCD camera with ‘enhancement feature’ for bad weather, in conjunction with a dual FOV, autofocus Infra-Red sensor, to pick out targets.

Then it brings the pain, either with a standard 12.7mm caliber machine-gun, a 40mm automatic grenade launcher upgrade, or whatever other weapons system you want to bolt on to it, including surface-to-air missiles. A laser range finder helps to calibrate aim, and a gyroscopic stabilizer unit helps correct both the video system’s aim and the direction of the guns after recoil pushes them off-target.
Each 140 kg (308.6 lb.) unit can be rigidly mounted or put on a moving vehicle, where the gyro stabilization would be a huge asset. They can operate in fully autonomous mode, firing first and asking questions later, or they can be put into a manual mode for more human intervention. All machines communicate back to headquarters through a LAN cable or wireless network.

Manufacturer’s web page: http://www.dodaam.com/sub_0202_1_3.php

Samsung’s SGR-A1

Image of Samsung SGR-A1 Robot Sentry
Samsung SGR-A1 Robot Sentry

From wikipedia

In 2006, Samsung Techwin announced a $200,000, all weather, 5.56 mm robotic machine gun to guard the Korean DMZ. It is capable of tracking multiple moving targets using IR and visible light cameras, and is under the control of a human operator. The Intelligent Surveillance and Guard Robot can “identify and shoot a target automatically from over two miles away.” The robot, which was developed by a South Korean university, uses “twin optical and infrared sensors to identify targets from 2.5 miles in daylight and around half that distance at night.”

It is also equipped with communication equipment (a microphone and speakers), “so that passwords can be exchanged with human troops.” If the person gives the wrong password, the robot can “sound an alarm or fire at the target using rubber bullets or a swivel-mounted K-3 machine gun.” South Korea’s soldiers in Iraq are “currently using robot sentries to guard home bases.”

Manufacturer’s website: http://www.samsungtechwin.com/product/product_01_01.asp

Dutch court ruling heralds doom for usenet and threatens ISPs all over Europe

The Dutch Music and Film industry organisation “Stichting Brein” has won a landmark case against usenet provider news-service.com. Lawyers for Stichting Brein successfully argued that even though news-service.com is only providing access to material uploaded elsewhere, because it is available on their servers they are responsible for policing it. As a result, news-service.com has to come up with a way to remove or block access to all copyrighted content or face a fine of up to 50,000 euros per day.


This is potentially quite a worrying precedent for net neutrality. Not only does it potentially spell doom of usenet service providers all over Europe, but depending on how it is interpreted it could erode protection such as the UK “Mere Conduit” defence where ISP’s have been able to successfully argue that they cannot be held liable for civil or criminal infringements cause by users of their bandwidth as all they are is a “bit pipe” to the internet and that it is in fact the user who must be held liable.