doodzed - Slashdot User

Airgap-Jumping Malware May Use Ultrasonic Networking To Communicate 265

Posted by samzenpus on Friday November 01, 2013 @12:36AM from the protect-ya-neck dept.

Hugh Pickens DOT Com writes "Dan Goodwin writes at Ars Technica about a rootkit that seems straight out of a science-fiction thriller. According to security consultant Dragos Ruiu one day his MacBook Air, on which he had just installed a fresh copy of OS X, spontaneously updated the firmware that helps it boot. Stranger still, when Ruiu then tried to boot the machine off a CD ROM, it refused and he also found that the machine could delete data and undo configuration changes with no prompting. Next a computer running the Open BSD operating system also began to modify its settings and delete its data without explanation or prompting and further investigation showed that multiple variants of Windows and Linux were also affected. But the story gets stranger still. Ruiu began observing encrypted data packets being sent to and from an infected laptop that had no obvious network connection with—but was in close proximity to—another badBIOS-infected computer. The packets were transmitted even when the laptop had its Wi-Fi and Bluetooth cards removed. Ruiu also disconnected the machine's power cord so it ran only on battery to rule out the possibility it was receiving signals over the electrical connection. Even then, forensic tools showed the packets continued to flow over the airgapped machine. Then, when Ruiu removed internal speaker and microphone connected to the airgapped machine, the packets suddenly stopped. With the speakers and mic intact, Ruiu said, the isolated computer seemed to be using the high-frequency connection to maintain the integrity of the badBIOS infection as he worked to dismantle software components the malware relied on. It's too early to say with confidence that what Ruiu has been observing is a USB-transmitted rootkit that can burrow into a computer's lowest levels and use it as a jumping off point to infect a variety of operating systems with malware that can't be detected. It's even harder to know for sure that infected systems are using high-frequency sounds to communicate with isolated machines. But after almost two weeks of online discussion, no one has been able to rule out these troubling scenarios, either. 'It looks like the state of the art in intrusion stuff is a lot more advanced than we assumed it was,' says Ruiu. 'The take-away from this is a lot of our forensic procedures are weak when faced with challenges like this. A lot of companies have to take a lot more care when they use forensic data if they're faced with sophisticated attackers.'"

Comment no thanks (Score 1) 244

by doodzed on Thursday October 20, 2011 @11:10AM (#37775188) Attached to: Ubuntu Turns 7

I understand that people like ubuntu but it is not really helping linux. I upgraded my box to 11.04 over the past two days from a much older release and around 10.04 got hit with a bug because grub was not updated. This was a well known bug that was spotted in testing and never got fixed. It is not the first time something like this has happened. Frequently updates will bork settings or a function like sound. It has gotten so bad that a non-profit I help out at will not run any updates unless I am there.

Usually a google search and some command line will fix things but this is not how you spread linux. The ubuntu community really needs to get better about making sure that updates/upgrades work. They continue to do good hard work and it is a shame that the work is undermined by stupid bugs that are known but never fixed.

Snoop Dogg Joins the War On Cybercrime 164

Posted by samzenpus on Wednesday September 01, 2010 @06:22PM from the scanning-fo-shizzle dept.

wiredmikey writes "Think you can bust out some silly fresh rhymes on the subjects of hacking, identity theft and computer viruses? In a somewhat untraditional partnership, Snoop Dogg and Symantec's Norton want you to show off your their lyrical skills on the subject of cybercrime and enter the 'Hack is Wack' cybercrime rap contest. If you have the skills and bust out the phattest rap, you'll receive round trip airfare for two to Los Angeles along with two days and two nights' hotel stay to meet with Snoop's management, learn more about his business. You'll also get two tickets to a Snoop Dogg concert and a new laptop pimped out with Norton Internet Security 2011."

Prices Slashed For Nook, Kindle E-Readers 255

Posted by kdawson on Monday June 21, 2010 @08:02PM from the free-falling dept.

b0bby sends in a report from ZDNet about the sudden outbreak of a price war in e-reader devices. "On Monday, Barnes & Noble cut the price of the 3G Nook to $199. It also launched a $149 Wi-Fi version. Just hours later, Amazon responded by cutting the price of the Kindle to $189. At $259, the price of the Kindle and Nook just 24 hours ago, an e-reader purchase competed with an Apple iPad, which started at $499 for a Wi-Fi version. Below $200, a dedicated e-reader purchase makes a lot more sense." Sony dropped prices for its readers three months ago, but the move didn't kick off a price war at that time. Some believe that dedicated e-readers are doomed in the long run to lose out to general-purpose devices such as the iPad — and its coming imitators, many of which will be based on Google Android.

An Early Look At What's Coming In PHP V6 307

Posted by timothy on Wednesday May 06, 2009 @02:22PM from the press-harder-please dept.

IndioMan writes "In this article, learn about the new PHP V6 features in detail. Learn how it is easier to use, more secure, and more suitable for internationalization. New PHP V6 features include improved support for Unicode, clean-up of several functions, improved extensions, engine additions, changes to OO functions, and PHP additions." Update — May 7th at 16:47 GMT by SS: IBM seems to have removed the article linked in the summary. Here's a different yet related article about the future of PHP, but it's a year old.

Comment Are you serious? (Score 1) 414

by doodzed on Thursday August 28, 2008 @07:13PM (#24786981) Attached to: Cost-Effective Server Room Air Conditioning?

if you have a problem with getting $600 together you are not running a datacenter. We ended up spending between 10 and 20k on a bunch of Mr. Slim units and have been happy.

You can try and be cheap but when you are talking computing you have to have at least 1k to spend on a problem at any point in time. if you can't, get a fruit stand and do that.

Are you serious? Can't beleive this made slashdot.

Comment Re:Iron Man's Suit Defies Physics -- Mostly (Score 2, Interesting) 279

by John Carmack on Thursday May 01, 2008 @03:06PM (#23266718) Attached to: The Science of Iron Man

Hydrogen peroxide powered rocket packs fly for around 30 seconds, because they have a specific impulse of around 125, meaning that one pound of propellant can make 125 pound-seconds of thrust, meaning that it takes about two pounds of propellant for every second you are in the air. Mass ratios are low for anything strapped to a human, so the exponential nature of the rocket equation can be safely ignored.

A pretty hot (both literally and figuratively) bipropellant rocket could manage about twice the specific impulse, and you could carry somewhat heavier tanks, but two minutes of flight on a rocket pack is probably about the upper limit with conventional propellants.

However, an actual jet pack that used atmospheric oxygen could have an Isp ten times higher, allowing theoretical flights of fifteen minutes or so. Here, it really is a matter of technical development, since jet engines have thrust to weight ratios too low to make it practical. There is movement on this technical front, but it will still take a while.

John Carmack

Slashdot Top Deals