Submission + - CopperheadOS blocks Nexus updates to stop licensing violations (xda-developers.com)

An anonymous reader writes: Security-hardened Android build CopperheadOS has blocked Nexus updates on its servers after finding out that other companies have been flashing the ROM onto Nexus phones and selling them commercially in violation of the CopperheadOS licensing terms. The incident highlights an inherent problem in getting open source to be used by the masses: the difficulty of organizations being able to build and monetize a successful, long-term open source business model, something which only a handful of open source projects have been able to accomplish.

Submission + - Inside a low-budget consumer hardware espionage implant (cking.ch)

ourlovecanlastforeve writes: A while back Joe Fitz tweeted about the S8 data line locator1. He referred to it as “Trickle down espionage” due to its reminiscence of NSA spying equipment.

The S8 data line locator is a GSM listening and location device hidden inside the plug of a standard USB data/charging cable. It supports the 850, 900, 1800 and 1900 MHz GSM frequencies.

Its core idea is very similar to the COTTONMOUTH product line by the NSA/CSS [1] in which an RF device is hidden inside a USB plug. Those hidden devices are referred to as implants.

Submission + - Soviet Engineers Dreamed Up The Internet In The 1950s, But Couldn't Get It Built (bbc.com) 2

dryriver writes: The BBC has an interesting story about how the Soviet Union could have built the first Internet — but didn't. As early as 1959 networking enthusiast Anatoly Kitov, aka "The Internet Colonel" (subtitled documentary about him here: https://www.youtube.com/watch?...) dreamed of a computer network much like today's Internet that would connect thousands of computers all around the Soviet Union. The Soviet Union already had computer networks at the time, but they were military. This new network would be about civilian communication, and making many aspects of the USSR's centrally planned economy run more efficiently due to the ease with which information — economic data in particular — could be sent back and forth between distant cities in Russia. Kitov's proposals went all the way to the top of country, were even taken seriously by trained technologist Leonid Brezhnev, but eventually went nowhere. Inspired by Kitov's efforts, Viktor Glushkov, one of the founders of Cybernetics, pursued the idea of a Soviet Internet from 1960 onward. Glushkov would push the idea of a Soviet internet called OGAS hard for 12 years, again writing proposals to top Soviet officials like Kitov had done before. OGAS was never built for 3 reasons. 1) With the technology available at the time, OGAS would have cost nearly 100 Billion in today's Dollars to build, and required a workforce of up to 300,000 men to put in place. The project was too expensive for the Soviet Union. 2) The Soviet Union ran on relatively inflexible economic plans put together by large bureaucratic institutions. A Soviet Internet — something totally new and unexplored at the time — did not fit into those plans easily. 3) Glushkov, the architect and visionary of the system, died in 1982 aged 58 after battling a long illness. With the visionary pushing the OGAS idea first ill and then deceased, OGAS lost steam and was eventually forgotten.

Submission + - North Korea targets US Defense Contractors for info on weapons systems (wpengine.com)

chicksdaddy writes: North Korean hackers have stepped up their attacks on U.S. defense contractors in an apparent effort to gain intelligence on weapon systems and other assets that might be used against the country in an armed conflict with the United States and its allies, The Security Ledger is reporting. (https://securityledger.wpengine.com/2017/11/exclusive-eye-weapons-systems-north-korean-hackers-target-us-defense-contractors/)

Security experts and defense industry personnel interviewed by The Security Ledger say that probes and attacks by hacking groups known to be associated with the government of the Democratic People’s Republic of Korea (DPRK) have increased markedly as hostilities between that country and the United States have ratcheted up in the last year. The hacking attempts seem to be aimed at gaining access to intellectual property belonging to the companies, including weapons systems deployed on the Korean peninsula.

“As the situation between the DPRK and the US has become more tense, we’ve definitely seen an increase in number of probe attempts from cyber actors coming out of the DPRK,” an official at an aerospace and defense firm told Security Ledger. The so-called “probes” were targeting the company’s administrative network and included spear phishing attacks via email and other channels. The goal was to compromise computers on the corporate network.

According to the official, the attackers were not able to penetrate a separate and more secure network on which the company stores information on its weapons systems and other sensitive information. He asked that his name and his company’s name not be mentioned because he did not have permission to speak about the matter publicly.

So far, the attacks have targeted "weakest links" within the firms, such as Human Resources personnel and general inquiry mailboxes, rather than targeting technical staff directly. However, experts who follow the DPRK's fast evolving cyber capabilities say that the country may have more up their sleeve.

“Their first modus operandi would be data gathering – figuring out what the threat is and what the capabilities of the system are,” Priscilla Moriuchi the Director of Strategic Threat Development at the firm Recorded Future told The Security Ledger. Subsequent campaigns might attempt to achieve more subtle aims, such as influencing the performance of the weapons system in the event of a conflict. “They might try to influence the development of the system using a supply chain attack,” Moriuchi said.

In past attacks, North Korean hackers have been bent more on destruction than supply chain attacks or the kinds of intellectual property transfers typically associated with China. But that is changing. In recent weeks, for example, North Korean hackers are believed to have broken into a shipyard operated by the firm Daewoo and stolen plans for naval technologies including 60 “classified documents including blueprints and technical data for submarines and vessels equipped with Aegis weapon systems” according to a report by The Wall Street Journal. (https://www.wsj.com/articles/north-korean-hackers-stole-submarine-secrets-from-daewoo-lawmaker-says-1509447847)

Submission + - Question - Old iPods into House-wide Audio 1

zhennian writes: I don't want to spend $100 per unit to get a house-wide music playing system and was hoping that with 3 old iPods I might be able to put together a centrally managed house-wide audio system. Ideally it would be possible to control what is playing from a central web interface using an app on an IOS or Android device. With the iPods already plugged into docking stations and on the home wifi network, I assume it should be possible. A search of the Apple app store didn't bring up much and forking out $AUS400 for a Sonos One or equivalent seems wasted when I've already purchased iPod docks. Can anyone recommend an App that will still be compatible with old (ie. 2007) iPods and might do this?

Slashdot Top Deals