The vulnerability involves the way that Android handles integrity checks on APK files and enables an attacker to create two versions of a given file with the same name, one that is benign and will pass the signature check and another that contains exploit code. The two files can be combined in one zip file in such a way that the benign one will be used when the device checks the signature on it and then the malicious one will be loaded onto the device.
In other words, "the ratio of wing-command opportunities for RPA pilots versus those who fly manned combat aircraft is a staggering 1-to-26."
Such personnel policies that seemingly favor manned standbys are part and parcel of deep-rooted, institutional stigmas. In a 2008 speech, General Norton Schwarz, who served as AF chief from 2008 to 2012, did not mince words when he said that this systemic obsession with all-things manned has turned the Air Force's swelling drone ranks into a "leper colony".
NanoSatisifi, also based in San Francisco-based company, is developing the Arduino-based ArduSat, which carries a variety of sensors. NanoSatisifi plans to rent time on ArduSats to citizen scientists and experimenters, who will be able upload their own programs to the satellites. The first ArduSat is scheduled for launch August 4 on a Japanese H-II Transfer Vehicle carrying supplies to the International Space Station.
The cost of orbital launches remains a limiting factor, however. As a result, Infinity Aerospace has developed the Arduino-based ArduLab experiment platform, which is compatible with new low-cost suborbital spacecraft as well as higher-end systems such as the International Space Station.
The non-profit Citizens in Space has purchased 10 flights on the XCOR Lynx spacecraft, which will be made available to the citizen-science community. Citizens in Space is looking for 100 citizen-science experiments and 10 citizen astronauts to fly as payload operators. To help spread the word, it is holding a Space Hacker Workshop in Dallas, Texas on July 20-21. Infinity Aerospace will be on hand to teach Arduino hardware and software.
Last week, the first commercial Firefox OS devices arrived in Spain ready to be sold by Telefónica, starting on July 9 with the ZTE Open for €69 ($88.80) including VAT. Mozilla says Poland, Colombia, and Venezuela also have upcoming launches soon, and more countries will be joining the list as well, but today today marks the day official Firefox OS devices are available in store.
The vulnerability stems from an SSH key that is hard-coded into DASDEC-I and DASDEC-II devices made by Monroe Electronics. Unless the default settings were altered during deployment, impacted systems are using a known key that could enable an attacker with full access if the systems are publicly faced or if they’ve already compromised the network. By exploiting the vulnerability, an attacker could disrupt a station’s ability to transmit and/or could send out false emergency information.
“Earlier this year we were shown an example of an intrusion on the EAS when the Montana Television Network’s regular programming was interrupted by news of a zombie apocalypse. Although there was no zombie apocalypse, it did highlight just how vulnerable the system is,” said Mike Davis, a principal research scientist at IOActive.
The DHS issued an alert on the vulnerability, and IOActive, the firm that discovered the flaw, has published additional technical details (PDF) on the security issue.
Note that Switzerland has an exceptionally direct democracy, which means that the People can actually make a real difference. This is not a whitehouse.gov petition, it is a real one which will have a real effect:
If you are a Swiss citizen, you should immediately sign the petition. And yes, even legal *residents* can sign the petition.
If you don't live in Switzerland, please inform as many friends and work colleagues in Switzerland as possible about this petition. Every single vote counts!
What's in for the People outside of Switzerland? You get the option to store your data in a western country that will continue to defend privacy and democracy (which seems to become more precious by the day).
A security contractor ultimately declared the systems largely clean, finding only six computers infected with untargeted, garden-variety malware and easily repaired by reimaging. But that wasn't enough for the EDA: taking gross incompetence to a whole new level, they proceeded to physically destroy $170,500 worth of equipment, including uninfected systems, printers, cameras, keyboards and mice.
After the destruction was halted — only because they ran out of money to continue smashing up perfectly good hardware — they had racked up a total of $2.3 million in service costs, temporary infrastructure acquisitions and equipment destruction.