Please create an account to participate in the Slashdot moderation system


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - Wikileaks Releases "NightSkies 1.2": Proof CIA Bugs "Factory Fresh" iPhones (

anonieuweling writes: Meet the CIA's "NightSkies 1.2" project, a "beacon/loader/implant tool" for the Apple iPhone "expressly designed to be physically installed onto factory fresh iPhones. i.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008."
So yes, Is the deep state of the USA evil?

Submission + - WikiLeaks: CIA Has Been Infecting iPhones At the Factory Since 2008 (

An anonymous reader writes: Just when you thought the hole couldn't get any deeper:

Today, March 23rd 2017, WikiLeaks releases Vault 7 “Dark Matter”, which contains documentation for several CIA projects that infect Apple Mac Computer firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA’s Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain ‘persistence’ on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware.

Comment Impressive work. (Score 4, Insightful) 71

Aside from the egregious delay in fixing these things; does anyone else get a very, very, bad feeling about the expected quality of the firmware when 'supply a string longer than a normal user would type' is a successful attack?

If you aren't sanitizing your inputs against that one; what are you sanitizing?

Comment Its rather exaggerated (Score 5, Interesting) 63

Intels claims are rather exaggerated. Their claims have already been torn apart on numerous tech forums. At best we're talking only a ~3-5x reduction in QD1 latency and the intentionally omit vital information in the specs to force everyone to guess what the actual durability of the XPoint devices is. They say '12PB' of durability for the 375GB part but refuse to tell us how much overprovisioning they do. They say '30 drive writes per day' without tellling us what the warrenty will be.

In fact, over the last 6 months Intel has walked back their claims by orders of magnitude, to the point now where they don't even claim to be bandwidth competitive. They focus on low queue depths and and play fast and loose with the stats they supply.

For example, their QOS guarantee is only 60uS 4KB (99.999%) random access latency and in the same breath they talk about being orders of magnitude faster than NAND NVMe devices. They fail to mention that, for example, the Samsung NVMe devices also typically run around ~60-70uS QD1 latencies. Then Intel mumbles about 10uS latencies but bandies about large factors of improvement over NAND NVMe devices, far larger than the 6:1 one gets simply assuming 10uS vs 60uS.

Then they go on to say that they will have a NVDIMM form for the device later this year, with much faster access times (since in the NVMe form factor access times are constricted by the PCIe bus and block I/O protocol). But with potentially only 33,000 rewrite cycles per cell to failure that's seriously problematic. (And that's the best guess, since Intel won't actually tell us what the cell durability is).


The price point is way too high for what XPoint in the NVMe format appears to actually be capable of doing. The metrics look impossible for a NVDIMM form later this year. Literally we are supposed to actually buy the thing to get actual performance metrics for it? I don't think so.

Its insane. This is probably the biggest marketing failure Intel has ever had. Don't they realize that nobody is being fooled by their crap specs?


Comment Re:Mercator straight lines are not great circles! (Score 1) 319

Ironically, that's the main sense in which arguments that Mercator projections are 'imperialist' aren't total nonsense:

You don't 'imperialize' by drawing the other guy's country really small and hurting his feelings; you do so by having the maritime expertise to deliver troops and maintain supply lines across large areas of the world; and conquering the other guy's country.

As a rather useful projection for navigation, Mercator can definitely help you out with that; the wonky land areas are just a minor side effect.

Comment Re:Geometry is hard, as is geography (Score 2) 319

The trouble isn't with the Mercator projection, it does what it was designed to do well enough; but the somewhat baffling decision to make a map whose main virtues are for marine navigation the quasi-default for classroom applications mostly focused on what happens on land.

I've never heard a particularly cogent justification for that one.

Comment Re: Not if the NRA has any balls! (Score 1) 62

It's considered tacky to talk about 'blocking' GPS; but if you look for 'GPS signal generators' or 'GPS simulators', you can get hardware that doesn't merely interfere with GPS; but can produce a fairly convincing GPS fix for a time/location/etc. that you specify. Tricky and subtle to fool a suitably nice GPS system that is actively paranoid about the possibility; a couple of antennas on the ground just doesn't look quite like a satellite constellation; but can fool more naive GPS systems quite effectively.

It is suspected that this is the technique behind a few surveillance drones that were led off course and (mostly) soft-landed in hostile areas(I think the most recent case was a US drone that got a little too close to the Iranians). Really shoddy firmware might get fatally confused if you suddenly present it with some wild fantasy data; but if you start feeding accurate GPS signals, and gradually skew them, error can quickly and quietly accumulate much faster than a naive target might suggest.

I imagine that the power of blocking or spoofing GPS depends mostly on how many backup instruments you have; and how paranoid you are. GPS is preferred because it provides very well-behaved data from a chip that costs peanuts; but it's not as though everyone just stumbled around and got lost before it was available. A drone built right down to budget and weight might not have anything to fall back on; but compasses, terrain-following, inertial navigation, even celestial navigation if it isn't too sunny are all options.

Comment Re:type of technology (Score 2) 187

I assume that someone with service provider MiTM access could do a bunch of SS7 weirdness, in order to confuse attribution; but that's my understanding: if you have privileged access at the provider level, you don't need to do anything to traffic routing/redirection that might attract attention, you can just grab a copy as it passes by; while if you don't have provider-level cooperation;, you either need to try to get the traffic sent somewhere you do have access to(or run the comparatively great risk of sending people out with stingrays to do it in person; which is likely a poor plan unless you are the local cops.

Sort of like when something deeply unsettling happens to the world's BGP configurations. Ma Bell doesn't need to mess with those to tap your stuff; but some backwater that normally doesn't pass traffic worth spying on needs to modify things if they want to intercept something of interest.

Comment Re: Not if the NRA has any balls! (Score 1) 62

That might work in select locations; but CIWS isn't cheap(Phalanx is north of $5 million a pop; albeit probably more because of the support electronics than the gun alone); and ammunition isn't inexpensive and is a nontrivial danger to everyone in the area; and both factors are going to limit the number of places you can get away with deploying it.

Comment Good news everyone! (Score 3, Interesting) 62

This should improve the odds that cheapo Chinese drones start to feature more robust IMU/gyro/etc. based fallbacks for dealing with excessive RF noise!

In all seriousness, jamming a drone obviously makes life harder, since it excludes all 'basically just an RC airplane' hardware; prevents the operator from getting footage or issuing new commands, and so on; but it's hardly some rule of the universe that 'just make a docile attempt at landing' is the inevitable response to hitting a nasty RF spike. A variety of options, from heuristics of various sophistication for backing out and trying to escape the jamming; to attempts to fly straight toward where the emissions are most intense and ruin the jammer's day; to just dead-reckoning via onboard sensors and a backup flight path, all exist.

And that doesn't include the drones that actually have some nontrivial machine vision capabilities, or sensors other than cameras that can be used for navigation, though such tend to be rather more expensive.

Slashdot Top Deals

It is better to live rich than to die rich. -- Samuel Johnson