Home / Tag Archives: features

Tag Archives: features

Don’t touch that link: Machine learning and the war on phishing

Enlarge / Coming to a device near you: Freddi Fish 666—the Phishing Apocalypse. (credit: collage by Sean Gallagher from urraheesh iStock & Humongous Entertainment) It's Friday, August 3, and I have hooked a live one. Using StreamingPhish , a tool that identifies potential phishing sites by mining data on newly registered certificates, I've spotted an Apple phishing site before it's even ready for victims. Conveniently, the operator has even left a Web shell wide open for me to watch him at work. The site's fully qualified domain name is appleld.apple.0a2.com, and there's another registered at the same domain—appleld.applle.0a2.com. As I download the phishing kit, I take a look at the site access logs from within the shell. Evidently, I've caught the site just a few hours after the certificate was registered. As I poke around, I find other phishing sites on the same server in other directories. One targets French users of the telecommunications company Orange; others have more generic names intended to disguise them as part of a seemingly legitimate URL, such as Secrty-ID.com-Logine-1.0a2.com.  Others still are spam blogs filled with affiliate links to e-commerce sites. Read 39 remaining paragraphs | Comments

Read More »

How they did it (and will likely try again): GRU hackers vs. US elections

Enlarge / #Cyberz. (credit: Aurich Lawson / Getty) In a press briefing just two weeks ago, Deputy Attorney General Rod Rosenstein announced that the grand jury assembled by Special Counsel Robert Mueller had returned an indictment against 12 officers of Russia's Main Intelligence Directorate of the Russian General Staff (better known as Glavnoye razvedyvatel'noye upravleniye, or GRU). The indictment was for conducting "active cyber operations with the intent of interfering in the 2016 presidential election." The filing PDF spells out the Justice Department's first official, public accounting of the most high-profile information operations against the US presidential election to date. It provides details down to the names of those alleged to be behind the intrusions into the networks of the Democratic National Committee and the Democratic Congressional Campaign Committee , the theft of emails of members of former Secretary of State Hillary Clinton's presidential campaign team, and various efforts to steal voter data and undermine faith in voting systems across multiple states in the run-up to the 2016 election. The allegations are backed up by data collected from service provider logs, Bitcoin transaction tracing, and additional forensics. The DOJ also relied on information collected by US (and likely foreign) intelligence and law enforcement agencies. Reading between the lines, the indictment reveals that the Mueller team and other US investigators likely gained access to things like Twitter direct messages and hosting company business records and logs, and they obtained or directly monitored email messages associated with the GRU (and possibly WikiLeaks). It also appears that the investigation ultimately had some level of access to internal activities of two GRU offices. Read 54 remaining paragraphs | Comments

Read More »

The BeOS file system, an OS geek retrospective

HD, so like... a high-definition floppy? It's the day after Independence Day in the US, and much of our staff is just returning to their preferred work machines. If this was 1997 instead of 2018, that would mean booting up BeOS for some. The future-of-operating-systems-that-never-was arrived just over 20 years ago, so in light of the holiday, we're resurfacing this geek's guide. The piece originally ran on June 2, 2010; it appears unchanged below. The Be operating system file system, known simply as BFS, is the file system for the Haiku, BeOS, and SkyOS operating systems. When it was created in the late '90s as part of the ill-fated BeOS project, BFS's ahead-of-its-time feature set immediately struck the fancy OS geeks. That feature set includes: A 64-bit address space Use of journaling Highly multithreaded reading Support of database-like extended file attributes Optimization for streaming file access A dozen years later, the legendary BFS still merits exploration—so we're diving in today, starting with some filesystem basics and moving on to a discussion of the above features. We also chatted with two people intimately familiar with the OS: the person who developed BFS for Be and the developer behind the open-source version of BFS. Read 99 remaining paragraphs | Comments

Read More »

What I’ve learned from nearly three years of enterprise Wi-Fi at home

Enlarge / A USG router, a 10-gigabit Ethernet switch, and a 48-port PoE switch. This is what it sounds like when fans cry. (credit: Lee Hutchinson) There is a moment of perfect stillness after the cable slips through my fingers and vanishes back up the hole in the ceiling like an angry snake. Then the opening stanza of a rich poem of invective leaps from my lips and my wife stares up at me from below, eyes wide, frozen just as I am, ready to catch me if I rage too hard and lose my balance. But perched precariously on the top step of an inadequate and shaky ladder in the corner of my living room, drenched in sweat and speckled head to toe in pink insulation and sheetrock dust, body aching with dull red heat, I just can’t maintain the torrent of swearing. I’m too tired. The words die on my lips and I drop my burning arms to my side. Sweat stings my cut hands—“man hands,” my wife has always called them, hands that seem to always sport an ever-changing collection of cuts and dry spots and calluses and torn nails as house or computer projects come and go. Tiny drops of blood ooze from shredded cuticles. Maybe I’ll just stand here for a few hours and not move, I think, mind going blank rather than face the thought of climbing back up into the baking attic and fishing out the cable from underneath mountains of insulation. Maybe I don’t even need Wi-Fi anymore.

Read More »

We know you hate the Internet of Things, but it’s saving megafauna from poachers

Enlarge (credit: Foto24/Gallo Images/Getty Imagesi) For much of this decade, organizations seeking to protect wildlife have attempted to use emerging technology as a conservation tool, allowing small numbers of people to monitor and manage data from animals over a wide area. Nowhere is that effort more focused—and more desperate—than in the regions of Africa where illegal animal trade is threatening to wipe out endangered animals such as rhinos, elephants, pangolins, and lions. Here, several organizations are applying Internet of Things (IoT) technology to protect animals, providing rangers with data that helps them intercept poachers before they can get to their quarry. Many conservation efforts elsewhere use IoT to try to track the location of animals, such as Vodafone's IoT tagging of Scottish harbor seals and tracking of endangered dugongs in Philippines.  But in Africa, the task of protecting rhinos is slightly different—it's about tracking people,  specifically the poachers who hunt down the rhinos for their tusks. Rhinos, of course, aren't unique in needing such intervention. Based on data from the Great Elephant Census (GEC) , a continent-wide survey conducted by Microsoft cofounder Paul Allen's Vulcan Inc., Africa's savanna elephant population declined by 30 percent between 2007 and 2014 for instance. That's a loss of 144,000 elephants. Current data shows the rate of decline of the elephant population is now eight percent per year, and ivory poachers are the main reason for that decline. Read 29 remaining paragraphs | Comments

Read More »