Tag: security

Unencrypted GPS Lets Hackers Take Control of Drones

By Sophie Bushwick | July 1, 2012 10:19 am

Using only $1000 worth of equipment, a group of researchers hijacked a small drone, highlighting the vulnerabilities of unencrypted GPS signals. Unmanned aerial vehicles have become a fact of modern warfare, and their presence is even making its way into everyday American life: Amateurs already have turned drones into a popular hobby, and law enforcement agencies want permission to deploy them as well. But while the powerful military drones used overseas use encrypted GPS signals, the ones in the United States rely on signals from open civilian GPS, which makes them vulnerable to GPS “spoofing.”

Read More

CATEGORIZED UNDER: Technology

How to Peek Inside Containers and Detect Bombs? Try Lasers

By Sarah Zhang | March 2, 2012 7:56 am

spacing is important
The Raman spectrometer emits a laser beam.

What’s the News: Using a laser, a super-strong telescope, and some physics know-how, researchers say they have impressive power to look through solid barriers. Scientists have developed a technique to do so using Raman scattering, which is the change in energy of photons bouncing off a material. The technique could be used to detect hidden explosives or do geological analysis.

Read More

CATEGORIZED UNDER: Technology, Top Posts

GPS Hacking Helps Thieves Steal Trucks, and Could Let Traders Cheat the Stock Market

By Sarah Zhang | February 23, 2012 5:20 pm

spacing is important

Tampering with GPS signals can cause big problems in both shipping routes and financial markets, warned experts at a conference on GPS security. The technology is routinely used in navigation and time synchronization nowadays, but signals are left vulnerable to jamming and spoofing.

This is partly because GPS signals are relatively weak: “A GPS satellite emits no more power than a car headlight, and with that it has to illuminate half the Earth’s surface,” said David Last, former president of the Royal Institute of Navigation, to the BBC.

Jamming devices work by broadcasting a signal at the same frequency as GPS, and can be bought for less than $100 online. When researchers set up 20 jamming monitors in locations around the UK, they caught 60 incidents in 6 months. They think most of these are from stolen trucks, where thieves jam the truck’s GPS to keep from broadcasting its location. According to Last, jamming GPS ships on ships isn’t much harder: Tests found that every major system was affected by a device with less than 1/1000 the power of a cell phone. The Financial Times reports:
Read More

CATEGORIZED UNDER: Physics & Math, Technology
MORE ABOUT: GPS, GPS jamming, security

To Escape Chinese Espionage, You Must Travel "Electronically Naked"

By Veronique Greenwood | February 13, 2012 3:02 pm

If you carry classified government information or trade secrets as part of your job, traveling in China is risky. Hackers, whether affiliated with the government, on the payroll of competing companies, or operating alone, are a constant threat, and you generally have to assume that you are never unobserved online. But a piece in the New York Times makes it exceedingly clear just how far one has to go to get even a measure of electronic privacy and security in China:

When Kenneth G. Lieberthal, a China expert at the Brookings Institution, travels to that country, he follows a routine that seems straight from a spy film. Kenneth G. Lieberthal of the Brookings Institution takes precautions while traveling. He leaves his cellphone and laptop at home and instead brings “loaner” devices, which he erases before he leaves the United States and wipes clean the minute he returns. In China, he disables Bluetooth and Wi-Fi, never lets his phone out of his sight and, in meetings, not only turns off his phone but also removes the battery, for fear his microphone could be turned on remotely. He connects to the Internet only through an encrypted, password-protected channel, and copies and pastes his password from a USB thumb drive. He never types in a password directly, because, he said, “the Chinese are very good at installing key-logging software on your laptop.”

This is a philosophy that Representative Mike Rogers, chairman of the House Intelligence Committee, calls traveling “electronically naked”; Jacob Olcott, a cybersecurity expert at Good Harbor Consulting, calls it ‘Business 101’ for people involved in commerce in China. Read the NYT piece for more, but here’s one more nugget that emphasizes how dangerous, in terms of information security, it is to have any contact at all with Chinese systems:

McAfee, the security company, said that if any employee’s device was inspected at the Chinese border, it could never be plugged into McAfee’s network again. Ever. “We just wouldn’t take the risk,” said Simon Hunt, a vice president.

Read more at NYT.

CATEGORIZED UNDER: Technology

Thousands of Infrastructure Computer Systems are Online, Unprotected

By Veronique Greenwood | January 26, 2012 4:04 pm

spacing is important

We’ve written before about hapless business owners practically handing hackers customers’ information by failing to observe basic computer security (Subway, we’re looking at you). But this is a security fail on a whole different level. A researcher has just revealed that about ten thousand systems controlling water plants, sewage plants, and other infrastructure are online, mostly unprotected and findable with a simple search.

Read More

CATEGORIZED UNDER: Technology

Your Laptop is Not Your Mind, Says Judge

By Veronique Greenwood | January 26, 2012 1:05 pm

If you think of your personal computer as almost an extension of yourself, a recent federal court ruling in Colorado sounds a little disturbing. The court has ordered that a woman decrypt files on her laptop so they can be used by prosecutors against her. The woman, who is being tried for mortgage fraud, argued that this is a violation of her Fifth Amendment right to keep from testifying against herself, but the court sees the matter differently. Timothy Lee at Ars Technica’s explanation of the problem gets to the heart of it:

In previous cases, judges have drawn a distinction between forcing a defendant to reveal her password and forcing her to decrypt encrypted data without disclosing the password. The courts have held that the former forces the defendant to reveal the contents of her mind, which raises Fifth Amendment issues. But Judge Robert Blackburn has now ruled that forcing a defendant to decrypt a laptop so that its contents can be inspected is little different from producing any other kind of document.

For some, being forced to decrypt your computer and handing over your password to investigators so they can decrypt it might not seem that different—what’s hidden by your password might well feel as much a part of your mind as your password. But when you think about the precedent a ruling in the other direction might set, things get cloudier. The Department of Justice argues that if encryption is all that’s required to keep documents out of the hands of the courts, then potential child pornographers, drug smugglers, and others can refuse to hand over evidence on the grounds that it’s encrypted. Hmmm.

Another case from this week that shows the difficulty of aligning the modern sense of privacy with the law. The Supreme Court ruled that sticking a GPS device on a suspect’s car to track his whereabouts, without a warrant, is unconstitutional. But the court was divided as to why, on a very important point.

Read More

CATEGORIZED UNDER: Technology, Top Posts

Sophisticated, 3D-Printed ATM Skimmer Appears in LA

By Veronique Greenwood | December 9, 2011 11:38 am

We often write about the amazing, charming, ridiculous things that 3D printers makes possible: see the fabbed hermit crab shells, the space shuttle made of pureed scallops and cheese, the “pirated” Penrose Triangle. But machines that can make any physical object using only resin powder can also be turned to more nefarious ends. Security blogger Brain Krebs reports that someone has deployed at least one impressively sophisticated ATM skimmer in LA that appears to have been 3D printed. The device fits over the front of a bona fide Chase ATM. Just looking at these babies sends a chill down your spine—this person or persons knew what they were doing. Here’s more from Krebs: Read More

CATEGORIZED UNDER: Technology

New, From the Makers of Stuxnet: The Duqu Virus

By Veronique Greenwood | October 19, 2011 11:55 am

virus

On October 14, security company Symantec got word from a research lab that they’d discovered a piece of malware that looked a lot like Stuxnet, the sophisticated computer virus that made headlines last year after its anonymous designers used it to attack Iran’s nuclear program. This new malware, called Duqu by the researchers who discovered it, shares much of Stuxnet’s code, suggesting that it came from the same people who built the first virus, or at least people who had access to the source code. Read More

CATEGORIZED UNDER: Technology

Scientists Develop a Way to Keep Your Pacemaker From Getting Hacked

By Veronique Greenwood | June 16, 2011 2:57 pm

pacemaker
Many implants like this pacemaker can receive
and transmit wireless signals

What’s the News: Topping the list of things you don’t want hacked is your heart. And with 300,000 medical devices such as pacemakers and drug pumps implanted each year, many of which can be controlled through wireless signals, that might soon be a real risk for patients to consider. 

To prevent such attacks, researchers from MIT and UMass Amherst are developing a jamming device that can be worn as a necklace or watch and keeps implants from receiving orders from unauthorized senders. The team will present their experiments with defibrillators [pdf], with off-the-shelf radio transmitters playing the role of the shield, at the SIGCOMM conference in Toronto.

Read More

CATEGORIZED UNDER: Health & Medicine, Technology

Engineers Can Now Wirelessly Hack Your Car

By Patrick Morgan | March 16, 2011 4:11 pm

It wasn’t too surprising when scientists first hacked into a car using its own onboard diagnostic port—sure, it’s easy to get into a car’s electronic brain if you’re already inside the car. Now the science of car-hacking has received a digital upgrade: Researchers have have gained access to modern, electronics-riddled cars from the outside. And in so doing, they’ve managed to take control of a car’s door locks, dashboard displays, and even its brakes.

The oddest part of these findings, which were presented this week to the National Academy of Science’s Committee on Electronic Vehicle Controls and Unintended Acceleration, is that they weren’t entirely intentional: It was all part of an investigation prompted by the Toyota acceleration problems, and was meant to probe the safety of electronic automotive systems. But testing those system’s safety also uncovered some flaws.

How It Works

The researchers took a 2009 sedan (they declined to identify the make and embarrass the manufacturer) and methodically tried to hack into it using every trick they could think of. They discovered a couple good ones.

Read More

CATEGORIZED UNDER: Technology
NEW ON DISCOVER
OPEN
CITIZEN SCIENCE
ADVERTISEMENT

Discover's Newsletter

Sign up to get the latest science news delivered weekly right to your inbox!

80beats

80beats is DISCOVER's news aggregator, weaving together the choicest tidbits from the best articles covering the day's most compelling topics.
ADVERTISEMENT

See More

ADVERTISEMENT
Collapse bottom bar
+

Login to your Account

X
E-mail address:
Password:
Remember me
Forgot your password?
No problem. Click here to have it e-mailed to you.

Not Registered Yet?

Register now for FREE. Registration only takes a few minutes to complete. Register now »