After being missing for seven days, whistleblower Chelsea Manning has made contact. Her prison warders threw her into solitary for a week and didn’t tell her lawyers or friends where she was.
BoingBoing: Chelsea Manning has surfaced and is OK »
After being missing for seven days, whistleblower Chelsea Manning has made contact. Her prison warders threw her into solitary for a week and didn’t tell her lawyers or friends where she was.
BoingBoing: Chelsea Manning has surfaced and is OK »
While people have been discussing the possible threat of Artificial Intelligence (AI) – a totally different and very real threat has emerged: IT-attacks exploiting the Internet of things (IoT).
Simply put, a multitude of connected devices can be used in unexpected, unwanted and destructive ways. IT security expert Bruce Schneier explains in reference to a recent attack…
Instead of using traditional computers for their botnet, they used CCTV cameras, digital video recorders, home routers, and other embedded computers attached to the internet as part of the Internet of Things.
E.g. it can be about DDos-attacks or to set up a botnet to distribute malware.
Many devices used today are more or less unprotected. At Krebs on Security the victim of such an attack, Brian Krebs writes…
One of those default passwords — username: root and password: xc3511 — is in a broad array of white-labeled DVR and IP camera electronics boards made by a Chinese company called XiongMai Technologies. These components are sold downstream to vendors who then use it in their own products. (…)
“The issue with these particular devices is that a user cannot feasibly change this password,” said Flashpoint’s Zach Wikholm. “The password is hardcoded into the firmware, and the tools necessary to disable it are not present. Even worse, the web interface is not aware that these credentials even exist.”
This also raises the question of state-sponsored attacks. What if a country orders its electronics industry to include specific vulnerabilities, backdoors, malware etc. in its products?
For now, I guess awareness and an open discussion is the best protection. Also, there might be initiatives on a political level in the EU:
According to a report at Euractive.com, the Commission is planning the new IoT rules as part of a new plan to overhaul the European Union’s telecommunications laws. “The Commission would encourage companies to come up with a labeling system for internet-connected devices that are approved and secure,” wrote Catherine Stupp. “The EU labelling system that rates appliances based on how much energy they consume could be a template for the cybersecurity ratings.”
Links:
• We Need to Save the Internet from the Internet of Things »
• Who Makes the IoT Things Under Attack? »
• Europe to Push New Security Rules Amid IoT Mess »
• Commission plans cybersecurity rules for internet-connected machines »
/ HAX
Falkvinge: In the UK, running a blog over HTTPS is an act of terrorism, says Scotland Yard »
This is exciting. The Web2Web project claims to be able to put web pages on the Internet that cannot be taken down, using torrents and Bitcoin. And it can be run from any modern browser.
The under the hood stuff is explained by TorrentFreak – Web2Web: Serverless Websites Powered by Torrents & Bitcoin »
»To run a Web2Web website neither the server nor the domain is required. All you need is a bootstrap page that loads your website from the torrent network and displays it in the browser« Czech developer Michal Spicka tells TorrentFreak.
If this turns out to be anything like what it’s said to be, it might be a game changer. It builds on the need for resilient, decentralised systems beyond the reach of Big Government and Big Business.
Expect some serious noise from the authorities…
/ HAX
Facebook is a multi-billion dollar company that has one commodity – you!
EDRi – Big Brother Awards Belgium: Facebook is the privacy villain of the year »
This might be nothing. But given the history of Chelsea Mannings imprisonment: It is very important that the world is watching.
Boing Boing: Chelsea Manning is missing »
When the FBI asked a court to force Apple to help crack the encrypted iPhone 5c of San Bernardino shooter Rizwan Farook in February, Bureau director James Comey assured the public that his agency’s intrusive demand was about one terrorist’s phone, not repeated access to iPhone owners’ secrets. But now eight months have passed, and the FBI has in its hands another locked iPhone that once belonged to another dead terrorist. Which means they may have laid the groundwork for another legal showdown with Apple.
Wired: The FBI wants to get into the locked iPhone of another dead terrorist »
NYT: N.S.A. Contractor Arrested in Possible New Theft of Secrets »