hacking

You are currently browsing articles tagged hacking.

The Final Redoubt: click to embiggenMy week of Monday 27 July to Sunday 2 August 2015 represented a remarkable turnaround — perhaps the turnaround that I’d been detecting in the winds since June. And then there’s the bushfire. It’s all so complicated!

Why? It was a full week with a properly-working computer — a week spent in a house with a properly-working kitchen, heating, and inspiring view — and that brought back some of the clarity of thought which I’ve been sorely lacking. I got plenty done, the most important in many ways being the launch — finally! — of The 9pm Urgent Hardware Refresh.

I was very pleased when people started contributing to this crowdfunding campaign just as soon as it was launched. I’m even more pleased to report that as I write this, roughly half-way through the campaign period, we’ve reached 54% of the initial target. That means we’re likely to succeed.

The stress of not having a working computer is subsiding, but I’m not counting my chickens before they’re hatched.

People who write or perform for a living will also understand the importance of the kind of reassurance that comes with people supporting the plan which, until then, had existed solely in your own head.

That has helped. Thank you. If you haven’t done so already, please check out The 9pm Urgent Hardware Refresh

Thanks also to the many people who asked whether I was in any danger from this weekend’s bushfire at Wentworth Falls. No, I’m not.

The fire is only 3km from Bunjaree Cottages, but between it and me there’s some significantly challenging terrain, and the wind has been taking the fire in a different direction. More than 100 volunteers from the NSW Rural Fire Service have been keeping us safe.

I’m certainly paying attention to what’s happening, though, and I see that there’s a wind change forecast for Monday. Depending on how the RFS people go with their plans for the rest of today and overnight, well, my risk assessment may change.

Just as I write this, the alert for the fire area has been raised from WATCH AND ACT to EMERGENCY WARNING — the latter being described thusly:

You may be in danger and need to take action immediately. Any delay now puts your life at risk.

I must stress again, though, that I am not in the alert area, and I currently face no risk.

Articles

Podcasts

  • On Friday, I posted “The 9pm I Can’t Believe It’s Not a Planet”, being The 9pm Edict episode 46. I turned out better than its convoluted production process led me to imagine. I may tell you about that during the week.

Media Appearances

5at5

The hiatus has ended. There were two editions, on Thursday and Friday. Why not subscribe so you’ll get all the future ones?

Corporate Largesse

None. But there’s quite a bit scheduled for the coming week.

The Week Ahead

This is going to be a better-structured one, folks.

Monday will be a media production day — but I’ll decide the exact details on the day, depending on the bushfire threat level.

On Tuesday, I’ll be catching the 0706 train to Sydney, because on Tuesday and Wednesday I’ll be covering the ADMA Global Forum, presented by the Association for Data-driven Marketing and Advertising. Also, at 2030 AEST on Tuesday night, I’ll be a guest on ABC Local Radio around NSW. And on Wednesday night, I’ll be going to Text100’s (in)famous Christmas in August event, a preview of their clients’ consumer technology for Christmas.

On Thursday, I’ll be going to a lunchtime briefing by NetSuite, and writing something for ZDNet, before taking the train back to the Blue Mountains. Thursday is also the last day of The 9pm Urgent Hardware Refresh, with the campaign ending at 2100 AEST that evening.

On Friday, I’ll be confirming what’ll happen with the funds so raised.

[Photo: The Final Redoubt, photographed on 2 August 2015. Should I ever need a final hiding place from a severe bushfire — and everything has happened so quickly that we skipped straight past three levels of warning, the fire jumped the road and railway, and all escape routes were blocked — then this cutting on Railway Parade near Wentworth Falls is where I’d wrap myself in wet woollen items and hope for the best.]

ABC logoThe information security news story of the week was, of course, the data breach at “affairs” and “cheaters” website Ashley Madison, something first reported by journalist Brian Krebs.

I spoke about this data breach in a couple of radio spots — I’m reluctant to call it a
“hack” until we have some evidence that a hack was involved, as opposed to some internal problem — but I reckon the first was the best.

Here’s that conversation, a 13-minute chat from Tuesday morning with ABC 936 Hobart morning presenter Leon Compton. Enjoy.

Play

The audio is of course ©2015 Australian Broadcasting Corporation.

ABC logoHundreds of millions of Samsung smartphones have a serious security vulnerability. The company has known about it since December, but hasn’t done anything about it. I spoke about this on ABC Radio’s The World Today on Thursday.

A software bug is making around 600 million Samsung mobile phones around the world vulnerable to attack. The bug in the phone’s keyboard software could allow hackers to read text messages and to view and take photos. It was found by a US computer security company which informed Samsung late last year.

If you want the technical details, read the Ars Technica story, New exploit turns Samsung Galaxy phones into remote bugging devices.

Here’s the three-and-a-half minute radio story. There’s also a transcript, and a written news story, Samsung phones vulnerable to cyber attacks because of software bug.

Play

The audio is ©2015 Australian Broadcasting Corporation, and it’s being served here directly from the ABC website.

Since this report aired, Samsung has said that it will fix this vulnerability, but not all Samsung smartphone owners will receive the fix immediately.

Surveillance: click to embiggenMy week of Monday 8 to Sunday 14 June 2015 has been another productive one, despite Monday allegedly being a holiday. Thank you, Your Majesty. I’m exhausted.

I also think I’m coming down with a cold, which is hardly surprising. We’ll see.

There’s much I want to talk about, but this very moment I’m at the regularly monthly Poetry in the Pub in Katoomba. I have Sunday Lunch here many weeks. But this month it’s essentially a wake, because one of their number has passed. I’ll admit that I shed a tear as one chap read Henry Lawson’s “The Glass on the Bar”. My whinges can wait for another time.

Articles

There’s also two more ZDNet pieces in the pipeline. They’ll appear in the first half of the coming week, I imagine.

Podcasts

None. The next episode of The 9pm Edict is now scheduled for Wednesday 17 Saturday 20 June.

5at5

There were five editions of 5at5 this week, on Monday, Tuesday, Wednesday, Thursday, and Friday. That’s more than 25 things for you to read! To save me having to tell you this, you could just subscribe.

Media Appearances

Corporate Largesse

None.

The Week Ahead

On Monday and Tuesday, I’ll be finishing off those two ZDNet stories. In theory, I’m also heading in to Sydney on Tuesday for the Optus Business Lunch, to hear the company’s chief executive officer Allen Lew deliver a keynote speech on “how customer behaviours are driving digital transformation” — but with deadlines, that may have to be cancelled. That Sydney trip will definitely be cancelled.

On Wednesday, I’ll be completing an episode of The 9pm Edict podcast. On Thursday, I’ll be writing a column for ZDNet. Wednesday and Thursday are writing days, completing those two ZDNet items, plus a piece for Crikey, plus starting on an episode of The 9pm Edict podcast.

On Friday, I’m definitely doing the long commute to Sydney, to go to a lunchtime briefing by the Wynyard Group on corporate and cyber criminals.

On Saturday I’ll be completing the podcast, and perhaps helping with some, um, engineering work at Bunjaree Cottages. While the rest of the weekend has not yet been planned, the Solstice is on Sunday night — well, for me it’s at 0238 AEST on Monday morning — so I’ll be marking the occasion in some way. How? I’m not sure yet. The same applies to the rest of the weekend, I suppose.

Update 15 June 2015: Edited to reflect the schedule change. Second update, 1620 AEST: Edited to add link to ABC Riverina recording. Update 17 June 2015: Edited to reflect further schedule changes.

[Photo: Surveillance, photographed at Wentworth Falls railway station on 13 June 2015.]

Winter in Katoomba: click to embiggenMy week of Monday 25 to Sunday 31 May 2015 did not unfold as planned, but it wasn’t a complete disaster.

Podcasts

  • “The 9pm Orgy of Confusion”, being The 9pm Edict episode 44. There’s actually a lot more to this episode than this simple entry might suggest. Please listen.

Articles

  • Lessons from a Sydney cryptoparty, ZDNet Australia, 25 May 2015. Quite a few people have said this is a good piece, despite its bland headline, so perhaps you might do me the honour of clicking through and reading it.

5at5

There were two editions of 5at5 this week, on Monday, and Friday. To save me having to tell you this, you could just subscribe.

Media Appearances

None.

Corporate Largesse

None. But this will change next week.

The Week Ahead

On Monday, I’ll be doing various tasks which I am not at liberty to reveal, before heading to Sydney and getting a decent night’s sleep before…

On Tuesday, I’ll be getting up early and heading to the morning sessions of Check Point’s Cyber Security Symposium 2015. In the afternoon I’m flying to the Gold Coast for the AusCERT 2015 Information Security Conference, which runs through to Friday afternoon. I’ll even be taking part in the AusCERT Speed Debatecheck out last year’s — before flying back to Sydney on Friday night.

Then it’s the Queen’s Birthday long weekend, and I haven’t quite decided what happens with that.

[Photo: Winter in Katoomba, photographed on 31 May 2015.]

2UE logoIs it possible to hack into a commercial airliner’s flight control systems by first hacking into its inflight entertainment system?

That’s the worry, certainly. But now the FBI has said that security researcher Chris Roberts told them he’d done exactly that hack 15 or 20 times, and on one occasion even managed to compromise the Thrust Management Computer, getting it to issue a “climb” command to one engine — with the result that the burst of increased thrust caused “lateral movement” of the aircraft.

Except Wired reports that Roberts told them that he claimed no such thing. He’d had many hours of conversations with the FBI, and in condensing that down to a few sentences they’ve got the wrong end of the stick.

This whole story caught the attention of 2UE morning presenter Stuart Hocking, we spoke about it for about seven minutes earlier today, and here’s the recording.

Play

This audio is ©2015 Radio 2UE Sydney Pty Ltd.

Sunrise over Rozelle Bay, Sydney: click to embiggenMy week of Monday 13 to Sunday 19 April 2015 was rather full, but not as productive as the plan intended. Instead, there were unexpected loose ends to tie up, plus hours and hours of introspection.

Introspection about the fact that Q1 of 2015 was, in revenue terms, my second-worst quarter in more than four years. Introspection about just how I’ll increase revenue. And about the isolation of living at Bunjaree Cottages, which isn’t good for me — and the fact that these accommodation arrangements, only ever intended to be for “a few weeks”, have run for more than four years. All my household possessions, apart from two suitcases of personal items and the like, have been in storage all this time.

Introspection about two events coming up next month, a birthday that ends in a “5” and, on 13 May, the twentieth anniversary of moving from Adelaide to Sydney — a move triggered by taking on a new job during the first dotcom boom. With both work and accommodation issues on the agenda again, is it time for another migration?

Introspection about the “need”, as my doctor put it, to get some exercise, change my diet, and lose 10kg of weight. And introspection about just how I’ll change all those things — and more that I haven’t mentioned yet — without going postal.

I don’t have any answers yet. Heck, I don’t even have most of the questions. But I am starting to get a clearer view of the landscape, like the sun rising through dawn clouds.

All that said, I did get a few things done this week…

Podcasts

  • “The 9pm Statement of Regret”, being The 9pm Edict episode 40. It contains quite a bit about Australia’s forthcoming celebrations for Anzac Day and the mythic nature of Gallipoli in those celebrations. I’d like to hear your responses. Your deadline for audio comments is Tuesday 21 April at 1700 AEST.

Articles

5at5

There were four editions of 5at5 this week, on Monday, Tuesday, Thursday and Friday. To save me having to tell you this, you could just subscribe.

Media Appearances

Corporate Largesse

  • On Friday, I had coffee with an executive from Dyn, an internet performance optimisation company. That coffee was paid for by their PR people.

The Week Ahead

I’ll be in the Blue Mountains all week, as far as I can tell at this stage.

On Monday and Tuesday, I’m finishing a column for ZDNet Australia, producing another episode of The 9pm Edict podcast, and setting up some sort of subscription drive for same. Those last two tasks are intertwined. On Tuesday night, I’ll be talking tech news with Dom Knight on ABC 702 Sydney at 2030 AEST.

On Wednesday through Friday, I’ll finally get that ebook sorted, write a column for ZDNet Australia, review the scripts for six episodes of a television drama. Yes, that last one is running late. Also left over from last week is producing and posting the recording of my recent lecture at UTS. There’s no way that’ll fit into the coming week.

The weekend is currently unplanned, but given how much I’ll be doing during the week, I suspect I’ll just be a sloth for two days. Apart, that is, from going to a local Anzac Day Dawn Service somewhere. Maybe. I may also try to have some sort of social life. Possibly.

Further Ahead

The following week, on 29-29 April, I’ll be covering the Disruptocon conference in Sydney, trying not to choke on the name.

Then on Saturday 2 May, I’ll be flying to the US for eight days, primarily to cover NetSuite’s SuiteWorld conference once again. I currently plan to return to Australia on Tuesday 12 May. I’ll tell you more about that trip in due course.

Update 24 April 2015: Edited to reflect cancellation of US trip.

[Photo: Sunrise over Roselle Bay, Sydney, photographed on 19 April 2015. Yes, today.]

ABC logoSo SIM card manufacturer Gemalto has responded to the claims that America’s NSA and Britain’s GCHQ had hacked their network in 2010 and 2011 and stolen SIM card encryption keys. I spoke about that response on ABC Radio’s AM this morning.

You can read Gemalto’s full press statement, but The Wall Street Journal has a good summary, and The Intercept has various infosec experts disputing Gemalto’s analysis.

If nothing else, it seems unlikely that Gemalto could have conducted a thorough forensic investigation in just six days — although they may have just dig out a report they’d prepared earlier.

Here’s how AM introduced the story today:

Overnight the world’s largest SIM card manufacturer has responded to allegations it was hacked by American and British spies. Dutch company Gemalto confirmed it was the target of sophisticated hacks in 2010 and 2011, and most likely the US National Security Agency and their British counterparts were responsible. Last week, documents from Edward Snowden alleged spies stole encryption keys from Gemalto, giving them potential to monitor mobile communications. But Gemalto denies there was mass theft of encryption keys and says their products are secure.

And here’s the full report from journalist Sarah Sedghi.

Play

The audio is ©2015 Australian Broadcasting Corporation. It’s served here directly from the ABC website, where you can also read a transcript.

FIVEaa logoThird time’s the charm, right? My third radio spot on The Great SIM Heist was for 1395 FIVEaa in Adelaide on Wednesday afternoon.

Again, I won’t repeat the background, because it’s all in my first post on the subject. But I will say that this is the most detailed conversation about it so far, because presenter Will Goodings and I spoke for 13 minutes.

That said, there’s not much more information than we had yesterday. Gemalto isn’t due to hold its press conference until late this evening Australian time, so we’ll know more tomorrow.

Play

The audio is ©2015 Nova Entertainment.

2UE logoThe second radio spot I did on The Great SIM Heist — or perhaps I should say the claimed heist, or even the alleged heist — was for the Sydney talk radio station 2UE on Tuesday afternoon.

I won’t repeat all the background. See my previous post for that. But I will say that it’s always interesting to hear the different questions asked and concerns raised by different presenters. And of course my responses differ in content and style to match the style of the program and the radio station.

Here’s the full seven-minute chat with drive presenter Justin Smith. At the end, we seem to have invented a new regular segment. And at least this time I pronounced Gemalto correctly.

Play

This audio is ©2015 Radio 2UE Sydney Pty Ltd.

« Older entries