When the piece of malware given the name “Flame” was found last month, initial analysis indicated that it did not share code with Stuxnet and Duqu, two previously discovered programs also directed at Iran and other nations in the Middle East. However, researchers at the Kaspersky Lab have found that a chunk of early Stuxnet code called “resource 207” is also found in Flame, which indicates a connection between the authors of both programs.
An early version of Stuxnet from 2009 included the resource 207 module, which helped spread the virus to new machines via USB drives by exploiting a then-unknown security flaw in the Microsoft Windows operating system. The later incarnation of Stuxnet could accomplish the same task with different sections of code, and resource 207 was discarded. But when Kaspersky Lab researchers began studying an early module of Flame, they found its code bore a strong resemblance to Stuxnet’s resource 207. They believe that Flame was created first (which means it must date back to at least 2009), and its module lent a hand to the early stages of Stuxnet until the younger malware had been developed enough to stand on its own.
The Raman spectrometer emits a laser beam.
What’s the News: Using a laser, a super-strong telescope, and some physics know-how, researchers say they have impressive power to look through solid barriers. Scientists have developed a technique to do so using Raman scattering, which is the change in energy of photons bouncing off a material. The technique could be used to detect hidden explosives or do geological analysis.
“Massive acoustic trauma.” It sounds like an ’80s metal band, but according to scientists at the Technical University of Catalonia in Spain, it’s what happens to squid and other cephalopods when they are exposed to sounds similar to boat noise. After exposing 87 cephalopods to low-volume, low-frequency noises for two hours, the researchers found damaged nerves, lesions, and other trauma in the creatures’ hearing organs. There are some holes in the team’s methods (see below), but if the findings hold, squid will be added to the long list of marine animals (including whales, dolphins, and crustaceans) endangered by human-made noise in the oceans.
Last year, Google raised the ire of many when it confessed that its city-mapping Street View vehicles unintentionally gathered unencrypted Wi-Fi data as they rolled past people’s abodes. To fix its image and to fend off lawsuits, the company soon tightened its privacy policies and ensured that its Street View cars stopped collecting that information. But the controversies just won’t stop. Google is now trying to convince privacy-conscious Swiss officials to drop the country’s tight Street View restrictions, while security-conscious Israeli officials are concerned that the technology will help terrorists.
Twenty-seven countries have been partially mapped via Street View, a Google product that provides 360-degree panoramic views from ground level. The company creates these images by sending groups of camera-studded vehicles to various parts of the world to snap pictures as they drive.
Although Switzerland is home to one of Google’s largest offices outside the United States, the country has strict privacy laws that have prevented Google from loading new Street View images of Switzerland for the past year. On Thursday, Google petitioned a Swiss court to lift this ban. The search engine company told Switzerland’s Federal Administrative Court that its technology automatically conceals the identity of faces and license plates, and that it is no different from rival services.
The next time you enjoy the sight of a hummingbird in a garden, you might want to look twice–because it could be the government’s new avian-inspired drone. Dubbed “Nano Hummingbird,” this camera-toting, remote-controlled surveillance tool is the latest gadget to fly out the doors of DARPA (Defense Advanced Research Project Agency).
Commissioned by the Pentagon in 2006 and designed by AeroVironment, this bird-drone’s abilities match its $4 million price tag: It flies forward, backward, and sideways, and it can even hover in mid-air. That’s not bad for a battery-powered, 6.5-inch long bundle of communication systems and motors that weighs in at two-thirds of an ounce. “We’ve achieved what our customer asked us to,” AeroVironment Vice President Steve Gitlin told TIME Magazine. But with the robot’s maximum speed clocking in at 11 miles per hour, natural hummingbirds can fly circles around this bot.
DARPA hopes Nano Hummingbird could eventually be used as an extra eye on the battlefield.
Stuxnet seems to become scarier every time you hear about it. The sophisticated piece of malware came to the world’s attention in September; shortly thereafter we heard that it was perfectly designed to attack nuclear centrifuges, and in fact had disrupted some nuclear research in Iran. Now comes more news about how it works, and who might be using it next.
The security group Symantec has been trying to analyze and understand the waves of Stuxnet attacks against Iran, and now its researchers have found the base of the attacks, according to Symantec’s Orla Cox.
The new research, which analysed 12,000 infections collected by various anti-virus firms, shows that the worm targeted five “industrial processing” organisations in Iran. “These were the seeds of all other infections,” said Ms Cox. The firm was able to identify the targets because Stuxnet collected information about each computer it infected, including its name, location and a time stamp of when it was compromised. [BBC News]
Though Symantec isn’t naming the five targets in Iran, another security expert studying Stuxnet’s code, Ralph Langner, told CNET the likely target of the whole attack was the Natanz nuclear enrichment plant.
Over the last two years (and perhaps as long as four), hackers probably based in China have been targeting several huge multinational energy companies and using long-established techniques to extract information. That’s according to the computer security firm McAfee, which helped some of the companies fight back against the ongoing wave of attacks it has dubbed “Night Dragon.”
“We have confirmed that five companies have been attacked,” said Dmitri Alperovitch, McAfee’s vice president for threat research. He said he suspected that at least a dozen companies might have been affected by the team of computer hackers seemingly based in Beijing and who appeared to work during standard business hours there. “These people seemed to be more like company worker bees rather than free-spirited computer hackers,” he said. “These attacks were bold, even brazen, and they left behind a trail of evidence.” [The New York Times]
In a blog post about the attacks, McAfee CTO George Kurtz notes that the hackers took advantage of techniques that have been around for more than a decade. In fact, he says, their simplicity helped them to evade security software.
During the last two years — and up to four years — the hackers had access to the computer networks, focusing on financial documents related to oil and gas field exploration and bidding contracts, said Alperovitch. They also copied proprietary industrial processes. “That information is tremendously sensitive and would be worth a huge amount of money to competitors,” said Alperovitch. [Reuters]
Weapons-grade lasers still sound like the stuff of science fiction, but thanks to a major breakthrough by researchers at the Los Alamos National Lab in New Mexico, the Navy has taken a big step toward making this bit of sci-fi real. With the Free Electron Laser (FEL) program, the Navy hopes to use laser beams to blast enemies out of the sea and sky, and for the first time, they’re starting to generate enough power to do so, with the newfound ability to create a megawatt-level laser beam.
“The injector performed as we predicted all along,” said Dr. Dinh Nguyen, senior project leader for the FEL program at the lab. “But until now, we didn’t have the evidence to support our models. We were so happy to see our design, fabrication and testing efforts finally come to fruition. We’re currently working to measure the properties of the continuous electron beams, and hope to set a world record for the average current of electrons.” [Office of Naval Research]
Military watchers are all atwitter this week about J-20, the Chinese stealth aircraft that has now taken to the skies in its inaugural test flight. It’s the country’s first radar-evading plane. The question is, what is it for, and should we worry?
The aircraft appears most similar to the F-22 Raptor, the United States’ stealth bomber/fighter and the only one of its kind in the world.
“From what we can see, I conclude that this aircraft does have great potential to be superior in some respects to the American F-22, and could be decisively superior to the F-35 [joint strike fighter],” claims Richard Fisher, a senior fellow on Asian military affairs at the International Assessment and Strategy Center, a Washington-based security think tank. [Los Angeles Times]
At 70 feet, the J-20 is actually longer than the Raptor by 10 feet. To some, that size would suggest its makers are attempting to maximize range, making the J-20 as much a bomber as a fighter.
Last week the Navy took its best shot–and it was a doozy. The shot, fired on December 10th, broke the world record for the most powerful shot, as the 23-pound aluminum projectile rocketed out of the Navy’s electromagnetic railgun at a reported speed of Mach 7, or seven times the speed of sound.
Today’s 33-megajoule shot–powerful enough to launch 33 Smart cars at 100 mph–means the Navy can fire projectiles at least 125 miles, keeping military personnel at a safe distance from their targets, according to the Office of Naval Research. [Popular Science]