Archive for the ‘Tech’ Category

SOFT ROBOTS THAT can grasp delicate objects, computer algorithms designed to spot an “insider threat,” and artificial intelligence that will sift through large data sets — these are just a few of the technologies being pursued by companies with investment from In-Q-Tel, the CIA’s venture capital firm, according to a document obtained by The Intercept.

Yet among the 38 previously undisclosed companies receiving In-Q-Tel funding, the research focus that stands out is social media mining and surveillance; the portfolio document lists several tech companies pursuing work in this area, including Dataminr, Geofeedia, PATHAR, and TransVoyant.

Those four firms, which provide unique tools to mine data from platforms such as Twitter, presented at a February “CEO Summit” in San Jose sponsored by the fund, along with other In-Q-Tel portfolio companies.

Full Story @ [The Intercept]

Advertisements

WASHINGTON — In early 2003, F.B.I. agents hit a roadblock in a secret investigation, called Operation Trail Mix. For months, agents had been intercepting phone calls and emails belonging to members of an animal welfare group that was believed to be sabotaging operations of a company that was using animals to test drugs. But encryption software had made the emails unreadable.

So investigators tried something new. They persuaded a judge to let them remotely, and secretly, install software on the group’s computers to help get around the encryption.

That effort, revealed in newly declassified and released records, shows in new detail how F.B.I. hackers worked to defeat encryption more than a decade before the agency’s recent fight with Apple over access to a locked iPhone. The Trail Mix case was, in some ways, a precursor to the Apple dispute. In both cases, the agents could not decode the data themselves, but found a clever workaround.

Full Story @ [New York Times]

While DARPA is often described as “one hundred geniuses connected by a federal travel agent”, don’t assume it’s all for the betterment of man. DARPA was also the source of some of the most outlandish weapons systems the world has ever seen. DARPA’s current projects include a nifty little project titled Persistent Close Air Support. It’s goal is to provide soldiers in the field the ability to mark a location on a map display and then have a remote-controlled A-10 Warthog kill everything at that location. In a project that that sounds like something out of the X-Files, DARPA attempted to train honey bees to find landmines. When that didn’t work, they decided to build insect cyborgs. The agency is also working to build powered exoskeletons for soldiers to wear in combat. That high tech blimp the NSA lost recently? DARPA developed it to spy on everyone all the time.

(more…)

In an extensive profile on Marlinspike, The Wall Street Journal details how an encryption program he wrote was so robust, simple, and efficient that WhatsApp — one of the more popular messaging apps on the planet — “made it a standard feature for many of the app’s 800 million users.”

While he may appear to be like any other dreadlocked dude you might see at a Grateful Dead concert, don’t let the hairstyle fool you. He’s the real deal, having formerly served as the head of Twitter’s security team.

The Journal reports:

In a research paper released Tuesday, 15 prominent technologists cited three programs relying on Mr. Marlinspike’s code as options for shielding communications.

His encrypted texting and calling app, Signal, has come up in White House meetings, says an attendee. Speaking via video link last year as part of a panel on surveillance, former National Security Agency contractor Edward Snowden, who leaked troves of U.S. spying secrets, urged listeners to use “anything” that Mr. Marlinspike releases.

All the more impressive, the report relays an anecdote detailing how a Johns Hopkins University cryptography class examined Marlinspike’s code only to find that there were no errors to be found. Anywhere.

In typical coder fashion, Marlinspike is extremely private. We don’t know his age or much else about him aside from his elegant code. And while the ultimate functionality of what Marlinspike’s accomplishes may not be new in and of itself, his code stands out because it’s extremely easy to use.

Source: [BGR]

A new facial recognition system being used by the FBI has managed to track down and capture a convicted paedophile on the Most Wanted List who disappeared 19 years ago.

Lynn Cozart, 63, from Beaver County, Pennsylvania was convicted for sexually assaulting his three children in February 1996, and he went missing just before his sentencing hearing two months later.

He managed to leave the state and stay under the radar for almost two decades, until the FBI used the $1bn (£650m, €900m) Next Generation Identification (NGI) system built by Lockheed Martin to track him down.

The FBI submitted Cozart’s mug shot to the NGI system, which used facial recognition to capture biometric data of his face.

The system then sought matches from other databases belonging to state agencies across the US, from government-issued licence databases to any form of government-collected data of scanned facial images taken from video or photos.

The system spotted a match amongst driving licence photos held by Arkansas’ motor vehicle department, and from there, the fugitive was tracked down to yet another state – Muskogee in Arkansas, more than 1,160 miles away from Pennsylvania.

Cozart was found working in Walmart under an assumed name, David Stone, and was apprehended by the town’s police officers.

Source: [ibtimes]

The company Hacking Team internally tested its code against a wide range of antivirus engines and Internet security apps. Testing was done using Windows 7, 64bit. In this color coded scheme, red means the code was not only detected but issued an alert whereas black just blocked with no notification. Click on the image for the full list.

  • Green – Antivirus does not react to the launch of the agent.
  • Yellow – Agent connects to the server, but can sometimes issues a warning. The antivirus has a non-standard configuration (ie the firewall turned off).
  • Black – the agent can not connect to the server, but there is no anti-virus warnings, or agent is in the antivirus black list.
  • Red – the agent can not connect to the server, an antivirus warning appears (agent is detected as malicious).

av-chart-hackingteam

Source: [exploit.in]

virus

A MYSTERIOUS new disease is afflicting children in the United States. It starts as a cold — but ends as weakness and paralysis. Does polio have a twin? Or are several new, potentially debilitating, viruses on the loose?

In the past 12 months, more than 118 children across 34 US states have been reported with a condition called “acute flaccid myelitis”.

It’s a condition that seems to start out as a respiratory infection like a serous bout of the common cold.

In these cases the muscle pain doesn’t go away. Then they lose their strength in their arms and legs.

While such symptoms are enough to panic any parent, disease experts say the cause does not appear to be particularly infectious.

But the number of cases seeking hospitalization in the US has raised eyebrows.

Early suspicions have fallen on the viruses which belong to the family we know as the common cold, the rhinoviruses.

The Centers for Disease Control and Prevention (CDC) have named enterovirus D68 (EV-D68) as the chief suspect.

But new figures show only 20 per cent of the known cases in the US tested positive for D68 — and it isn’t certain if this virus is linked to the paralysis anyway.

Enterovirus C105 is something new. It was first detected in patients from Peru and the Republic of Congo in 2010. The Congo case also suffered paralysis.

It’s now thought to be circulating worldwide.

Dr Turner says his six-year-old patient may simply be the first known case in the US because the C105 virus is particularly hard to detect.

Dr Senanayake says its ties to polio makes guilt by association understandable.

What makes the polio virus different — and deadly — is that it is highly contagious. A century ago, polio paralyzed hundreds of thousands of children every year. But it infected many more.

Are these immigrant children that are coming to the U.S. receiving vaccinations that are mutating with a normally harmless virus into a new virulent strain?

Source: [news.com.au]

8edb1-url

Researchers sifting through the confidential material stolen from spyware developer Hacking Team have already uncovered a weaponized exploit for a currently unpatched vulnerability in Adobe Flash, and they also may have uncovered attack code targeting Microsoft Windows and a hardened Linux module known as SELinux.

Hacking Team documentation accompanying the Flash exploit said it targeted “the most beautiful Flash bug for the last four years,” according to a blog post published Wednesday by researchers from antivirus provider Trend Micro. The use-after-free flaw resides in a Flash Bytearray object. Researchers at competing AV company Symantec have confirmed the existence of a Flash exploit that works against the latest version of Flash (18.0..194). They also have confirmed it works against people viewing content with Internet Explorer, and it’s presumed it will work against other browsers as well.

“Symantec has confirmed the existence of a new zero-day vulnerability in Adobe Flash which could allow attackers to remotely execute code on a targeted computer,” they wrote in a blog post published Tuesday. “Since details of the vulnerability are now publicly available, it is likely attackers will move quickly to exploit it before a patch is issued.”

Full Story @ [arstechnica]

Thomas Drake, a former senior executive at the NSA turned whistleblower, sat down with the Real News to talk about the USA Freedom Act as ersatz reform and how the public can take matters into their own hands by encrypting their phones and computers.

magic-math

A Melbourne-based PhD candidate’s online open-access publishing forum is a boon for those wishing to access texts and transcripts free. But at what cost to the authors of some of these works?

You don’t have to look far for information accessible only to the wealthy. Court documents are cynically priced to be affordable only to institutions, namely the legal firms and media organizations that daily require them. One can sit freely in court and watch proceedings, but to acquire the official record can cost thousands of dollars. A few years ago, my research required a transcript of a murder trial. It cost almost $3500, for which I had to seek a loan. Its price was a magnitude greater than the administrative labor involved in its release, and requests for a justification of the cost were ignored. I have heard more than once of a practice of defence lawyers – who receive these documents at no cost – “leaving transcripts on photocopiers”, a euphemism for making them secretly available to the prosecution.

But if there’s a ground zero for the open-access movement, it is scholarly archives. In 2008, a few years before his JSTOR operation, Swartz posted what he called his “Guerilla Open Access Manifesto”. It was a call to arms. It read, in part: “Information is power. But like all power, there are those who want to keep it for themselves. The world’s entire scientific and cultural heritage, published over centuries in books and journals, is increasingly being digitised and locked up by a handful of private corporations … Forcing academics to pay money to read the work of their colleagues? Scanning entire libraries but only allowing the folks at Google to read them? Providing scientific articles to those at elite universities in the First World, but not to children in the Global South? It’s outrageous and unacceptable.”

Full Story @ [thesaturdaypaper]