search results for heart attack
I dont know is that is really a work of government sponsored hackers , I mean "flame", but obviously that some ppl in government see that that attacks on infrastructure in Iran are great for them to promote American supremacy in IT technologies and hacking.
Therefore they will every attack on Iran in IT hacking field publicly sign as their own attack. If nothing else it hype out the moral of US troops and citizens.
But the worst thing about that is that they will not stop at hacking attacks but will continue with air and ground attacks by USA military and NATO alies.
Btw I generally stray out of politics also and this is just my vision of events that are and to come on global political scene.
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
On the Ongoing Attacks between China, U.S., Russia, Israel, etc.…The latest round of evidence of ongoing digital warfare between the superpowers is now being reported in the N.Y. Times [1] after an undeniably incriminating 60-page report on the Chinese attacks on the U.S. by security firm Mandiant [2].
“Either they are coming from inside Unit 61398, or the people who run the most-controlled, most-monitored Internet networks in the world are clueless about thousands of people generating attacks from this one neighborhood.”
— Kevin Mandia
The report goes on to track individual participants in the attack, tracing them back to the headquarters of P.L.A. Unit 61398.
Attacks from the Chinese have been ongoing for many years, notably back to Operation Titan Rain [3] in 2003, in which attackers gained access to military intelligence networks at organizations such as Lockheed Martin, Sandia National Laboratories, Redstone Arsenal, and NASA [4]. Direct military targets were also included in the assault, such as the U.S. Army Information Systems Engineering Command at Fort Huachuca, Arizona, the Defense Information Systems Agency in Arlington, Virginia, the Naval Ocean Systems Center, a Defense Department installation in San Diego, California, and the U.S. Army Space and Strategic Defense installation in Huntsville, Alabama [5].
These ongoing attacks are labeled "Advanced Persistent Threats" or "APT" by the American Military, are considered acts of war by both the White House [6] and the Department of Defense [7] as far back as 2011, and are not unique to the Chinese origins. You may remember the 2007 attacks on Estonia [8], which has been attributed to entities within Russian territory operating with the assistance of the Russian government [9]. These attacks disabled a wide array of Estonian government sites, rendering services in the world's most digitally-connected country unusable. The attacks
also disabled ATM machines, effectively disabling some portion of the Estonian economy.
The United States [and arguably Israel, [10]] have also been actively participating in these attacks [11] with the deploying of FLAME and Stuxnet against Iran, which made international headlines this past year when the coordinated efforts of the tools were used to disable Iranian nuclear centrifuges in an attempt to slow their progress in their nuclear program [12]. These efforts are ongoing, with the latest addition of the Gauss and Duqu malwares [13] continuing to target middle-eastern countries.
“From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.”
—
+The New York TimesObama reportedly went on to sign a classified directive last year [14] enabling the government to
seize control of private networks, and the 2012 NDAA (National Defense Authorization Act) includes terms [15, section 954] that authorize offensive attacks on foreign threats [16]. The official United States policy already is to deem any cyberattack on the U.S. as an "act of war" [17], and it looks like these types of actions and attacks have already been made legal.
While it may once have been a subject of fiction [18], it's now and has been a harsh reality that we're in the middle of a new era in warfare, and the battles are already well-underway as countries around the world are openly engaging in offensive attacks on one another that are impacting economies on a massive scale. I don't know what else to call this other than a world war—even the CIA's Center for the Study of Intelligence (CSI) predicted this [19], as have many others even earlier [20].
Here's a thought; if our constitution gives us the right to bear arms, and the government deems these types of attacks as acts of war, then isn't it our right to keep and bear these arms? Yet another case for a mass-algorate society [21], which Mr. Obama appears to agree with me on [22], at the very least.
[1]:
http://www.nytimes.com/2013/02/19/technology/chinas-army-is-seen-as-tied-to-hacking-against-us.html[2]:
http://intelreport.mandiant.com/[3]:
http://en.wikipedia.org/wiki/Titan_Rain[4]:
http://www.time.com/time/nation/article/0,8599,1098371,00.html[5]:
http://www.zdnet.com/news/security-experts-lift-lid-on-chinese-hack-attacks/145763[6]:
http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf[7]:
http://online.wsj.com/article/SB10001424052702304563104576355623135782718.html[8]:
http://en.wikipedia.org/wiki/2007_cyberattacks_on_Estonia[9]:
http://www.vedomosti.ru/smartmoney/article/2007/05/28/3004[10]:
http://www.zdnet.com/meet-gauss-the-latest-cyber-espionage-tool-7000002405/[11]:
http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?pagewanted=all[12]:
http://www.bbc.co.uk/news/technology-11388018[13]:
http://www.zdnet.com/meet-gauss-the-latest-cyber-espionage-tool-7000002405/[14]:
http://endthelie.com/2012/11/15/obama-reportedly-signs-classified-cyberwarfare-policy-directive-with-troubling-implications/#axzz2LMPlf8iA[15]:
http://www.gpo.gov/fdsys/pkg/BILLS-112hr1540enr/pdf/BILLS-112hr1540enr.pdf[16]:
http://endthelie.com/2011/12/17/approval-of-covert-offensive-cyberwar-sneakily-inserted-into-ndaa/[17]:
http://www.forbes.com/sites/reuvencohen/2012/06/05/the-white-house-and-pentagon-deem-cyber-attacks-an-act-of-war/[18]:
http://en.wikipedia.org/wiki/Neuromancer[19]:
https://www.cia.gov/library/center-for-the-study-of-intelligence/csi-publications/csi-studies/studies/vol48no4/new_face_of_war.html[20]:
http://www.rand.org/content/dam/rand/pubs/reprints/2007/RAND_RP223.pdf[21]:
https://plus.google.com/112353210404102902472/posts/MVQXyw9EJDE[22]:
http://news.cnet.com/8301-17938_105-57569503-1/obama-endorses-required-high-school-coding-classes/
Attachments
China’s Army Is Seen as Tied to Hacking Against U.S.
An overwhelming percentage of the attacks on American companies and government agencies start in a building on the edge of Shanghai, say cybersecurity experts and American intelligence officials.
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
On the Ongoing Attacks between China, U.S., Russia, Israel, etc.…The latest round of evidence of ongoing digital warfare between the superpowers is now being reported in the N.Y. Times [1] after an undeniably incriminating 60-page report on the Chinese attacks on the U.S. by security firm Mandiant [2].
“Either they are coming from inside Unit 61398, or the people who run the most-controlled, most-monitored Internet networks in the world are clueless about thousands of people generating attacks from this one neighborhood.”
— Kevin Mandia
The report goes on to track individual participants in the attack, tracing them back to the headquarters of P.L.A. Unit 61398.
Attacks from the Chinese have been ongoing for many years, notably back to Operation Titan Rain [3] in 2003, in which attackers gained access to military intelligence networks at organizations such as Lockheed Martin, Sandia National Laboratories, Redstone Arsenal, and NASA [4]. Direct military targets were also included in the assault, such as the U.S. Army Information Systems Engineering Command at Fort Huachuca, Arizona, the Defense Information Systems Agency in Arlington, Virginia, the Naval Ocean Systems Center, a Defense Department installation in San Diego, California, and the U.S. Army Space and Strategic Defense installation in Huntsville, Alabama [5].
These ongoing attacks are labeled "Advanced Persistent Threats" or "APT" by the American Military, are considered acts of war by both the White House [6] and the Department of Defense [7] as far back as 2011, and are not unique to the Chinese origins. You may remember the 2007 attacks on Estonia [8], which has been attributed to entities within Russian territory operating with the assistance of the Russian government [9]. These attacks disabled a wide array of Estonian government sites, rendering services in the world's most digitally-connected country unusable. The attacks
also disabled ATM machines, effectively disabling some portion of the Estonian economy.
The United States [and arguably Israel, [10]] have also been actively participating in these attacks [11] with the deploying of FLAME and Stuxnet against Iran, which made international headlines this past year when the coordinated efforts of the tools were used to disable Iranian nuclear centrifuges in an attempt to slow their progress in their nuclear program [12]. These efforts are ongoing, with the latest addition of the Gauss and Duqu malwares [13] continuing to target middle-eastern countries.
“From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.”
—
+The New York TimesObama reportedly went on to sign a classified directive last year [14] enabling the government to
seize control of private networks, and the 2012 NDAA (National Defense Authorization Act) includes terms [15, section 954] that authorize offensive attacks on foreign threats [16]. The official United States policy already is to deem any cyberattack on the U.S. as an "act of war" [17], and it looks like these types of actions and attacks have already been made legal.
While it may once have been a subject of fiction [18], it's now and has been a harsh reality that we're in the middle of a new era in warfare, and the battles are already well-underway as countries around the world are openly engaging in offensive attacks on one another that are impacting economies on a massive scale. I don't know what else to call this other than a world war—even the CIA's Center for the Study of Intelligence (CSI) predicted this [19], as have many others even earlier [20].
Here's a thought; if our constitution gives us the right to bear arms, and the government deems these types of attacks as acts of war, then isn't it our right to keep and bear these arms? Yet another case for a mass-algorate society [21], which Mr. Obama appears to agree with me on [22], at the very least.
[1]:
http://www.nytimes.com/2013/02/19/technology/chinas-army-is-seen-as-tied-to-hacking-against-us.html[2]:
http://intelreport.mandiant.com/[3]:
http://en.wikipedia.org/wiki/Titan_Rain[4]:
http://www.time.com/time/nation/article/0,8599,1098371,00.html[5]:
http://www.zdnet.com/news/security-experts-lift-lid-on-chinese-hack-attacks/145763[6]:
http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf[7]:
http://online.wsj.com/article/SB10001424052702304563104576355623135782718.html[8]:
http://en.wikipedia.org/wiki/2007_cyberattacks_on_Estonia[9]:
http://www.vedomosti.ru/smartmoney/article/2007/05/28/3004[10]:
http://www.zdnet.com/meet-gauss-the-latest-cyber-espionage-tool-7000002405/[11]:
http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?pagewanted=all[12]:
http://www.bbc.co.uk/news/technology-11388018[13]:
http://www.zdnet.com/meet-gauss-the-latest-cyber-espionage-tool-7000002405/[14]:
http://endthelie.com/2012/11/15/obama-reportedly-signs-classified-cyberwarfare-policy-directive-with-troubling-implications/#axzz2LMPlf8iA[15]:
http://www.gpo.gov/fdsys/pkg/BILLS-112hr1540enr/pdf/BILLS-112hr1540enr.pdf[16]:
http://endthelie.com/2011/12/17/approval-of-covert-offensive-cyberwar-sneakily-inserted-into-ndaa/[17]:
http://www.forbes.com/sites/reuvencohen/2012/06/05/the-white-house-and-pentagon-deem-cyber-attacks-an-act-of-war/[18]:
http://en.wikipedia.org/wiki/Neuromancer[19]:
https://www.cia.gov/library/center-for-the-study-of-intelligence/csi-publications/csi-studies/studies/vol48no4/new_face_of_war.html[20]:
http://www.rand.org/content/dam/rand/pubs/reprints/2007/RAND_RP223.pdf[21]:
https://plus.google.com/112353210404102902472/posts/MVQXyw9EJDE[22]:
http://news.cnet.com/8301-17938_105-57569503-1/obama-endorses-required-high-school-coding-classes/
Attachments
China’s Army Is Seen as Tied to Hacking Against U.S.
An overwhelming percentage of the attacks on American companies and government agencies start in a building on the edge of Shanghai, say cybersecurity experts and American intelligence officials.
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
On the Ongoing Attacks between China, U.S., Russia, Israel, etc.…The latest round of evidence of ongoing digital warfare between the superpowers is now being reported in the N.Y. Times [1] after an undeniably incriminating 60-page report on the Chinese attacks on the U.S. by security firm Mandiant [2].
“Either they are coming from inside Unit 61398, or the people who run the most-controlled, most-monitored Internet networks in the world are clueless about thousands of people generating attacks from this one neighborhood.”
— Kevin Mandia
The report goes on to track individual participants in the attack, tracing them back to the headquarters of P.L.A. Unit 61398.
Attacks from the Chinese have been ongoing for many years, notably back to Operation Titan Rain [3] in 2003, in which attackers gained access to military intelligence networks at organizations such as Lockheed Martin, Sandia National Laboratories, Redstone Arsenal, and NASA [4]. Direct military targets were also included in the assault, such as the U.S. Army Information Systems Engineering Command at Fort Huachuca, Arizona, the Defense Information Systems Agency in Arlington, Virginia, the Naval Ocean Systems Center, a Defense Department installation in San Diego, California, and the U.S. Army Space and Strategic Defense installation in Huntsville, Alabama [5].
These ongoing attacks are labeled "Advanced Persistent Threats" or "APT" by the American Military, are considered acts of war by both the White House [6] and the Department of Defense [7] as far back as 2011, and are not unique to the Chinese origins. You may remember the 2007 attacks on Estonia [8], which has been attributed to entities within Russian territory operating with the assistance of the Russian government [9]. These attacks disabled a wide array of Estonian government sites, rendering services in the world's most digitally-connected country unusable. The attacks
also disabled ATM machines, effectively disabling some portion of the Estonian economy.
The United States [and arguably Israel, [10]] have also been actively participating in these attacks [11] with the deploying of FLAME and Stuxnet against Iran, which made international headlines this past year when the coordinated efforts of the tools were used to disable Iranian nuclear centrifuges in an attempt to slow their progress in their nuclear program [12]. These efforts are ongoing, with the latest addition of the Gauss and Duqu malwares [13] continuing to target middle-eastern countries.
“From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.”
—
+The New York TimesObama reportedly went on to sign a classified directive last year [14] enabling the government to
seize control of private networks, and the 2012 NDAA (National Defense Authorization Act) includes terms [15, section 954] that authorize offensive attacks on foreign threats [16]. The official United States policy already is to deem any cyberattack on the U.S. as an "act of war" [17], and it looks like these types of actions and attacks have already been made legal.
While it may once have been a subject of fiction [18], it's now and has been a harsh reality that we're in the middle of a new era in warfare, and the battles are already well-underway as countries around the world are openly engaging in offensive attacks on one another that are impacting economies on a massive scale. I don't know what else to call this other than a world war—even the CIA's Center for the Study of Intelligence (CSI) predicted this [19], as have many others even earlier [20].
Here's a thought; if our constitution gives us the right to bear arms, and the government deems these types of attacks as acts of war, then isn't it our right to keep and bear these arms? Yet another case for a mass-algorate society [21], which Mr. Obama appears to agree with me on [22], at the very least.
[1]:
http://www.nytimes.com/2013/02/19/technology/chinas-army-is-seen-as-tied-to-hacking-against-us.html[2]:
http://intelreport.mandiant.com/[3]:
http://en.wikipedia.org/wiki/Titan_Rain[4]:
http://www.time.com/time/nation/article/0,8599,1098371,00.html[5]:
http://www.zdnet.com/news/security-experts-lift-lid-on-chinese-hack-attacks/145763[6]:
http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf[7]:
http://online.wsj.com/article/SB10001424052702304563104576355623135782718.html[8]:
http://en.wikipedia.org/wiki/2007_cyberattacks_on_Estonia[9]:
http://www.vedomosti.ru/smartmoney/article/2007/05/28/3004[10]:
http://www.zdnet.com/meet-gauss-the-latest-cyber-espionage-tool-7000002405/[11]:
http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?pagewanted=all[12]:
http://www.bbc.co.uk/news/technology-11388018[13]:
http://www.zdnet.com/meet-gauss-the-latest-cyber-espionage-tool-7000002405/[14]:
http://endthelie.com/2012/11/15/obama-reportedly-signs-classified-cyberwarfare-policy-directive-with-troubling-implications/#axzz2LMPlf8iA[15]:
http://www.gpo.gov/fdsys/pkg/BILLS-112hr1540enr/pdf/BILLS-112hr1540enr.pdf[16]:
http://endthelie.com/2011/12/17/approval-of-covert-offensive-cyberwar-sneakily-inserted-into-ndaa/[17]:
http://www.forbes.com/sites/reuvencohen/2012/06/05/the-white-house-and-pentagon-deem-cyber-attacks-an-act-of-war/[18]:
http://en.wikipedia.org/wiki/Neuromancer[19]:
https://www.cia.gov/library/center-for-the-study-of-intelligence/csi-publications/csi-studies/studies/vol48no4/new_face_of_war.html[20]:
http://www.rand.org/content/dam/rand/pubs/reprints/2007/RAND_RP223.pdf[21]:
https://plus.google.com/112353210404102902472/posts/MVQXyw9EJDE[22]:
http://news.cnet.com/8301-17938_105-57569503-1/obama-endorses-required-high-school-coding-classes/
Attachments
China’s Army Is Seen as Tied to Hacking Against U.S.
An overwhelming percentage of the attacks on American companies and government agencies start in a building on the edge of Shanghai, say cybersecurity experts and American intelligence officials.
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
On the Ongoing Attacks between China, U.S., Russia, Israel, etc.…The latest round of evidence of ongoing digital warfare between the superpowers is now being reported in the N.Y. Times [1] after an undeniably incriminating 60-page report on the Chinese attacks on the U.S. by security firm Mandiant [2].
“Either they are coming from inside Unit 61398, or the people who run the most-controlled, most-monitored Internet networks in the world are clueless about thousands of people generating attacks from this one neighborhood.”
— Kevin Mandia
The report goes on to track individual participants in the attack, tracing them back to the headquarters of P.L.A. Unit 61398.
Attacks from the Chinese have been ongoing for many years, notably back to Operation Titan Rain [3] in 2003, in which attackers gained access to military intelligence networks at organizations such as Lockheed Martin, Sandia National Laboratories, Redstone Arsenal, and NASA [4]. Direct military targets were also included in the assault, such as the U.S. Army Information Systems Engineering Command at Fort Huachuca, Arizona, the Defense Information Systems Agency in Arlington, Virginia, the Naval Ocean Systems Center, a Defense Department installation in San Diego, California, and the U.S. Army Space and Strategic Defense installation in Huntsville, Alabama [5].
These ongoing attacks are labeled "Advanced Persistent Threats" or "APT" by the American Military, are considered acts of war by both the White House [6] and the Department of Defense [7] as far back as 2011, and are not unique to the Chinese origins. You may remember the 2007 attacks on Estonia [8], which has been attributed to entities within Russian territory operating with the assistance of the Russian government [9]. These attacks disabled a wide array of Estonian government sites, rendering services in the world's most digitally-connected country unusable. The attacks
also disabled ATM machines, effectively disabling some portion of the Estonian economy.
The United States [and arguably Israel, [10]] have also been actively participating in these attacks [11] with the deploying of FLAME and Stuxnet against Iran, which made international headlines this past year when the coordinated efforts of the tools were used to disable Iranian nuclear centrifuges in an attempt to slow their progress in their nuclear program [12]. These efforts are ongoing, with the latest addition of the Gauss and Duqu malwares [13] continuing to target middle-eastern countries.
“From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.”
—
+The New York TimesObama reportedly went on to sign a classified directive last year [14] enabling the government to
seize control of private networks, and the 2012 NDAA (National Defense Authorization Act) includes terms [15, section 954] that authorize offensive attacks on foreign threats [16]. The official United States policy already is to deem any cyberattack on the U.S. as an "act of war" [17], and it looks like these types of actions and attacks have already been made legal.
While it may once have been a subject of fiction [18], it's now and has been a harsh reality that we're in the middle of a new era in warfare, and the battles are already well-underway as countries around the world are openly engaging in offensive attacks on one another that are impacting economies on a massive scale. I don't know what else to call this other than a world war—even the CIA's Center for the Study of Intelligence (CSI) predicted this [19], as have many others even earlier [20].
Here's a thought; if our constitution gives us the right to bear arms, and the government deems these types of attacks as acts of war, then isn't it our right to keep and bear these arms? Yet another case for a mass-algorate society [21], which Mr. Obama appears to agree with me on [22], at the very least.
[1]:
http://www.nytimes.com/2013/02/19/technology/chinas-army-is-seen-as-tied-to-hacking-against-us.html[2]:
http://intelreport.mandiant.com/[3]:
http://en.wikipedia.org/wiki/Titan_Rain[4]:
http://www.time.com/time/nation/article/0,8599,1098371,00.html[5]:
http://www.zdnet.com/news/security-experts-lift-lid-on-chinese-hack-attacks/145763[6]:
http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf[7]:
http://online.wsj.com/article/SB10001424052702304563104576355623135782718.html[8]:
http://en.wikipedia.org/wiki/2007_cyberattacks_on_Estonia[9]:
http://www.vedomosti.ru/smartmoney/article/2007/05/28/3004[10]:
http://www.zdnet.com/meet-gauss-the-latest-cyber-espionage-tool-7000002405/[11]:
http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?pagewanted=all[12]:
http://www.bbc.co.uk/news/technology-11388018[13]:
http://www.zdnet.com/meet-gauss-the-latest-cyber-espionage-tool-7000002405/[14]:
http://endthelie.com/2012/11/15/obama-reportedly-signs-classified-cyberwarfare-policy-directive-with-troubling-implications/#axzz2LMPlf8iA[15]:
http://www.gpo.gov/fdsys/pkg/BILLS-112hr1540enr/pdf/BILLS-112hr1540enr.pdf[16]:
http://endthelie.com/2011/12/17/approval-of-covert-offensive-cyberwar-sneakily-inserted-into-ndaa/[17]:
http://www.forbes.com/sites/reuvencohen/2012/06/05/the-white-house-and-pentagon-deem-cyber-attacks-an-act-of-war/[18]:
http://en.wikipedia.org/wiki/Neuromancer[19]:
https://www.cia.gov/library/center-for-the-study-of-intelligence/csi-publications/csi-studies/studies/vol48no4/new_face_of_war.html[20]:
http://www.rand.org/content/dam/rand/pubs/reprints/2007/RAND_RP223.pdf[21]:
https://plus.google.com/112353210404102902472/posts/MVQXyw9EJDE[22]:
http://news.cnet.com/8301-17938_105-57569503-1/obama-endorses-required-high-school-coding-classes/
Attachments
China’s Army Is Seen as Tied to Hacking Against U.S.
An overwhelming percentage of the attacks on American companies and government agencies start in a building on the edge of Shanghai, say cybersecurity experts and American intelligence officials.
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
I've been relying heavily on node.js this past year to provide a robust set of tools to solve the problems I encounter on a daily basis. I was pleased to see honorCipherOrder was added to node's TLS library in node.js v0.7.6, and released with node.js v0.8.0.
Late last year, security researcher Juliano Rizzo announced a new attack against the AES encryption used in the SSL/TLS transaction he dubbed BEAST. The details are interesting to those who care, but it turns out that we can mitigate this attack in node.js by enforcing honorCipherOrder on the server. Let's take a look.
If you have an HTTPS server that looks like this:
var https = require('https');
var fs = require('fs');
var options = {
key: fs.readFileSync('key.pem'),
cert: fs.readFileSync('cert.pem')
};
https.createServer(options, function (req, res) {
res.writeHead(200);
res.end("hello world\n");
}).listen(443);
...you can now manage the cipher order by using the ciphers option. In the following code snippet we're going set the options for the above server to use Steve Caligo's cipher order, which prefers TLS 1.2 ciphers (which are not vulnerable to the BEAST attack) for clients that support TLS 1.2 but falls back to the RC4 ciphers on TLS 1.0 clients.[...]
var options = {
key: fs.readFileSync('key.pem'),
cert: fs.readFileSync('cert.pem'),
ciphers: 'ECDHE-RSA-AES256-SHA:AES256-SHA:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM'
};
Finally, we will enforce the cipher order on the server's side of the negotiation:
var options = {
key: fs.readFileSync('key.pem'),
cert: fs.readFileSync('cert.pem'),
ciphers: 'ECDHE-RSA-AES256-SHA:AES256-SHA:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM',
honorCipherOrder: true
};
...which leaves us with the following code for a working server that is not vulnerable to the BEAST attack (in node v0.8.0+!):
var https = require('https');
var fs = require('fs');
var options = {
key: fs.readFileSync('key.pem'),
cert: fs.readFileSync('cert.pem'),
ciphers: 'ECDHE-RSA-AES256-SHA:AES256-SHA:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM',
honorCipherOrder: true
};
https.createServer(options, function (req, res) {
res.writeHead(200);
res.end("hello world\n");
}).listen(443);
Edit, 6/13/2013: Lloyd Watkin has done some research on his own and decided to use a different cipher chain:
ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH
You should read into why he chose it and make an educated decision. </edit>
Until node.js implements this as the defaults (they should), this is something you should implement where using HTTPS with node!
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
I've just learned of a virus that was launched against the U.S. Drone Fleet. See the attached article from Wired.
Earlier this year, the Pentagon recently concluded that digital attacks such as this can constitute an
act of war [1]. This one doesn't [yet] seem as sophisticated as last year's attack on Iran's nuclear reactors by Stuxnet [2], but it continues to show how important and integral our computer systems are in this rapidly changing world. Security professionals
+Alex Levinson,
+Jerome Radcliffe, and
+Scott Hanselman surely have some great insight here, I highly recommend you go take a look at some of the things they've written.
In 2009, a
very sophisticated [and successful] cyber-attack was launched from inside China that targeted the United States through Google and Adobe [3] that caused surprisingly few stirs within our government, especially after NATO was sent in to assist in the defense of Estonia's computer systems during the 2007 attacks [4]. Not long after this, the widely-used and [formerly] explicitly trusted RSA security mechanism, used in a large number major institutions around the world. was completely and entirely broken [5] by an embarrassingly simple hack [6].
Aside: We can look back at some of the things actual software engineers like
+Ryan Dahl [7] and
+Zack Morris [8] have been saying lately and quickly conclude that there's something fundamentally broken with the whole system. If you've ever worked on or with a large software project, you can see evidence of negligence and ignorance alike embedded at every level. It certainly contributes to if not
causes these types of security concerns.
[1]:
http://online.wsj.com/article/SB10001424052702304563104576355623135782718.html[2]:
http://www.schneier.com/blog/archives/2010/10/stuxnet.html[3]:
http://www.wired.com/threatlevel/2010/01/operation-aurora/[4]:
http://www.wired.com/politics/security/magazine/15-09/ff_estonia[5]:
http://www.computerworld.com/s/article/9214757/RSA_warns_SecurID_customers_after_company_is_hacked[6]:
http://www.zdnet.co.uk/blogs/mapping-babel-10017967/rsa-hack-targeted-flash-vulnerability-10022143/[7]:
https://plus.google.com/115094562986465477143/posts/Di6RwCNKCrf[8]:
http://zackarymorris.tumblr.com/post/10973087527/the-state-of-the-art-is-terrible
Attachments
» Exclusive: Computer Virus Hits U.S. Drone Fleet
A computer virus has infected the cockpits of America's Predator and Reaper drones, logging pilots' every keystroke as they remotely fly missions over
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
I've just learned of a virus that was launched against the U.S. Drone Fleet. See the attached article from Wired.
Earlier this year, the Pentagon recently concluded that digital attacks such as this can constitute an
act of war [1]. This one doesn't [yet] seem as sophisticated as last year's attack on Iran's nuclear reactors by Stuxnet [2], but it continues to show how important and integral our computer systems are in this rapidly changing world. Security professionals
+Alex Levinson,
+Jerome Radcliffe, and
+Scott Hanselman surely have some great insight here, I highly recommend you go take a look at some of the things they've written.
In 2009, a
very sophisticated [and successful] cyber-attack was launched from inside China that targeted the United States through Google and Adobe [3] that caused surprisingly few stirs within our government, especially after NATO was sent in to assist in the defense of Estonia's computer systems during the 2007 attacks [4]. Not long after this, the widely-used and [formerly] explicitly trusted RSA security mechanism, used in a large number major institutions around the world. was completely and entirely broken [5] by an embarrassingly simple hack [6].
Aside: We can look back at some of the things actual software engineers like
+Ryan Dahl [7] and
+Zack Morris [8] have been saying lately and quickly conclude that there's something fundamentally broken with the whole system. If you've ever worked on or with a large software project, you can see evidence of negligence and ignorance alike embedded at every level. It certainly contributes to if not
causes these types of security concerns.
[1]:
http://online.wsj.com/article/SB10001424052702304563104576355623135782718.html[2]:
http://www.schneier.com/blog/archives/2010/10/stuxnet.html[3]:
http://www.wired.com/threatlevel/2010/01/operation-aurora/[4]:
http://www.wired.com/politics/security/magazine/15-09/ff_estonia[5]:
http://www.computerworld.com/s/article/9214757/RSA_warns_SecurID_customers_after_company_is_hacked[6]:
http://www.zdnet.co.uk/blogs/mapping-babel-10017967/rsa-hack-targeted-flash-vulnerability-10022143/[7]:
https://plus.google.com/115094562986465477143/posts/Di6RwCNKCrf[8]:
http://zackarymorris.tumblr.com/post/10973087527/the-state-of-the-art-is-terrible
Attachments
» Exclusive: Computer Virus Hits U.S. Drone Fleet
A computer virus has infected the cockpits of America's Predator and Reaper drones, logging pilots' every keystroke as they remotely fly missions over
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
I've just learned of a virus that was launched against the U.S. Drone Fleet. See the attached article from Wired.
Earlier this year, the Pentagon recently concluded that digital attacks such as this can constitute an
act of war [1]. This one doesn't [yet] seem as sophisticated as last year's attack on Iran's nuclear reactors by Stuxnet [2], but it continues to show how important and integral our computer systems are in this rapidly changing world. Security professionals
+Alex Levinson,
+Jerome Radcliffe, and
+Scott Hanselman surely have some great insight here, I highly recommend you go take a look at some of the things they've written.
In 2009, a
very sophisticated [and successful] cyber-attack was launched from inside China that targeted the United States through Google and Adobe [3] that caused surprisingly few stirs within our government, especially after NATO was sent in to assist in the defense of Estonia's computer systems during the 2007 attacks [4]. Not long after this, the widely-used and [formerly] explicitly trusted RSA security mechanism, used in a large number major institutions around the world. was completely and entirely broken [5] by an embarrassingly simple hack [6].
Aside: We can look back at some of the things actual software engineers like
+Ryan Dahl [7] and
+Zack Morris [8] have been saying lately and quickly conclude that there's something fundamentally broken with the whole system. If you've ever worked on or with a large software project, you can see evidence of negligence and ignorance alike embedded at every level. It certainly contributes to if not
causes these types of security concerns.
[1]:
http://online.wsj.com/article/SB10001424052702304563104576355623135782718.html[2]:
http://www.schneier.com/blog/archives/2010/10/stuxnet.html[3]:
http://www.wired.com/threatlevel/2010/01/operation-aurora/[4]:
http://www.wired.com/politics/security/magazine/15-09/ff_estonia[5]:
http://www.computerworld.com/s/article/9214757/RSA_warns_SecurID_customers_after_company_is_hacked[6]:
http://www.zdnet.co.uk/blogs/mapping-babel-10017967/rsa-hack-targeted-flash-vulnerability-10022143/[7]:
https://plus.google.com/115094562986465477143/posts/Di6RwCNKCrf[8]:
http://zackarymorris.tumblr.com/post/10973087527/the-state-of-the-art-is-terrible
Attachments
» Exclusive: Computer Virus Hits U.S. Drone Fleet
A computer virus has infected the cockpits of America's Predator and Reaper drones, logging pilots' every keystroke as they remotely fly missions over
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
I've just learned of a virus that was launched against the U.S. Drone Fleet. See the attached article from Wired.
Earlier this year, the Pentagon recently concluded that digital attacks such as this can constitute an
act of war [1]. This one doesn't [yet] seem as sophisticated as last year's attack on Iran's nuclear reactors by Stuxnet [2], but it continues to show how important and integral our computer systems are in this rapidly changing world. Security professionals
+Alex Levinson,
+Jerome Radcliffe, and
+Scott Hanselman surely have some great insight here, I highly recommend you go take a look at some of the things they've written.
In 2009, a
very sophisticated [and successful] cyber-attack was launched from inside China that targeted the United States through Google and Adobe [3] that caused surprisingly few stirs within our government, especially after NATO was sent in to assist in the defense of Estonia's computer systems during the 2007 attacks [4]. Not long after this, the widely-used and [formerly] explicitly trusted RSA security mechanism, used in a large number major institutions around the world. was completely and entirely broken [5] by an embarrassingly simple hack [6].
Aside: We can look back at some of the things actual software engineers like
+Ryan Dahl [7] and
+Zack Morris [8] have been saying lately and quickly conclude that there's something fundamentally broken with the whole system. If you've ever worked on or with a large software project, you can see evidence of negligence and ignorance alike embedded at every level. It certainly contributes to if not
causes these types of security concerns.
[1]:
http://online.wsj.com/article/SB10001424052702304563104576355623135782718.html[2]:
http://www.schneier.com/blog/archives/2010/10/stuxnet.html[3]:
http://www.wired.com/threatlevel/2010/01/operation-aurora/[4]:
http://www.wired.com/politics/security/magazine/15-09/ff_estonia[5]:
http://www.computerworld.com/s/article/9214757/RSA_warns_SecurID_customers_after_company_is_hacked[6]:
http://www.zdnet.co.uk/blogs/mapping-babel-10017967/rsa-hack-targeted-flash-vulnerability-10022143/[7]:
https://plus.google.com/115094562986465477143/posts/Di6RwCNKCrf[8]:
http://zackarymorris.tumblr.com/post/10973087527/the-state-of-the-art-is-terrible
Attachments
» Exclusive: Computer Virus Hits U.S. Drone Fleet
A computer virus has infected the cockpits of America's Predator and Reaper drones, logging pilots' every keystroke as they remotely fly missions over
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
The assumption that a technical infrastructure like this is directly connected to the internet for control, and is vulnerable to cyber attacks is not quite robust. Totally isolated local networks and control systems can not be hacked by cyber warfare. I find it difficult to believe critical systems will be controlled through the net.
Distributed wars fought on very large number of fronts weaken the defences of a stronger player and give an advantage to a weaker attacker. Col Blotto's game!
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
I generally stray from politics, but this warrants attention. The United States Cyber Command (USCYBERCOM) is far more capable than they have [until recently] been letting on. Bush ordered these unprecedentedly sophisticated attacks on Iran, and Obama has accelerated them. Stuxnet was a complete and utter masterpiece, and Flame follows closely in its footsteps.
The implications of these actions are worrying at best -- escalating a soft war to these measures is pushing the boundaries of the modern legal system and I'm surprised there hasn't been a more formal declaration in light of the official news that the USA and Israel were responsible for the direct attacks on Iran's infrastructure.
Attachments
Obama Ordered Wave of Cyberattacks Against Iran
Even after the Stuxnet computer worm became public, President Obama accelerated cyberattacks against Iran that had begun in the Bush administration, temporarily disabling 1,000 centrifuges.
Obama Ordered Wave of Cyberattacks Against Iran
Even after the Stuxnet computer worm became public, President Obama accelerated cyberattacks against Iran that had begun in the Bush administration, temporarily disabling 1,000 centrifuges.
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
I generally stray from #politics , but this warrants attention. The United States Cyber Command ( #USCYBERCOM ) is far more capable than they have [until recently] been letting on. Bush ordered these unprecedentedly sophisticated attacks on #Iran , and Obama has accelerated them. #Stuxnet was a complete and utter masterpiece, and #Flame follows closely in its footsteps.
The implications of these actions are worrying at best -- escalating a soft war to these measures is pushing the boundaries of the modern legal system and I'm surprised there hasn't been a more formal declaration in light of the official news that the USA and Israel were responsible for the direct attacks on Iran's infrastructure.
Attachments
Obama Ordered Wave of Cyberattacks Against Iran
Even after the Stuxnet computer worm became public, President Obama accelerated cyberattacks against Iran that had begun in the Bush administration, temporarily disabling 1,000 centrifuges.
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
I generally stray from #politics , but this warrants attention. The United States Cyber Command ( #USCYBERCOM ) is far more capable than they have [until recently] been letting on. Bush ordered these unprecedentedly sophisticated attacks on #Iran , and Obama has accelerated them. #Stuxnet was a complete and utter masterpiece, and #Flame follows closely in its footsteps.
The implications of these actions are worrying at best -- escalating a soft war to these measures is pushing the boundaries of the modern legal system and I'm surprised there hasn't been a more formal declaration in light of the official news that the USA and Israel were responsible for the direct attacks on Iran's infrastructure.
Attachments
Obama Ordered Wave of Cyberattacks Against Iran
Even after the Stuxnet computer worm became public, President Obama accelerated cyberattacks against Iran that had begun in the Bush administration, temporarily disabling 1,000 centrifuges.
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
I generally stray from #politics , but this warrants attention. The United States Cyber Command ( #USCYBERCOM ) is far more capable than they have [until recently] been letting on. Bush ordered these unprecedentedly sophisticated attacks on #Iran , and Obama has accelerated them. #Stuxnet was a complete and utter masterpiece, and #Flame follows closely in its footsteps.
The implications of these actions are worrying at best -- escalating a soft war to these measures is pushing the boundaries of the modern legal system and I'm surprised there hasn't been a more formal declaration in light of the official news that the USA and Israel were responsible for the direct attacks on Iran's infrastructure.
Attachments
Obama Ordered Wave of Cyberattacks Against Iran
Even after the Stuxnet computer worm became public, President Obama accelerated cyberattacks against Iran that had begun in the Bush administration, temporarily disabling 1,000 centrifuges.
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
"What you still hear today from all kinds of people is how a Stuxnet-type attack requires so much insider knowledge."
Lazy programmers and administrators have said similar things for ages. First it was stack overflow bugs where the claim was it was much too hard to take advantage of them. Now it is a science with automatic intrusion tools that characterize certain types of overflows and develop attacks.
The best thing that can happen right now is benign bored teenagers breaking into systems until the owners can't pretend it isn't a real problem. Hopefully that happens long before organized crime and adversarial nations get into the act.
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
Ongoing Attacks between China, U.S., Russia, Israel, and more:
Attachments
Ongoing Attacks between China, U.S., Russia, Israel,…
The latest round of evidence of ongoing digital warfare between the superpowers is now being reported in the N.Y. Times [1] after an undeniably incriminating 60-page report on the Chinese attacks on the U.S. by security firm Mandiant [2]. Countries around the world are openly engaging in offensive ...
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
RT @
martindale: Ongoing Attacks between China, U.S., Russia, Israel, and more:
Attachments
plus.google.com/11235321040410…
plus.google.com/11235321040410…
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
RT @
martindale: Ongoing Attacks between China, U.S., Russia, Israel, and more:
Attachments
plus.google.com/11235321040410…
plus.google.com/11235321040410…
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
RT @
martindale: Ongoing Attacks between China, U.S., Russia, Israel, and more:
Attachments
plus.google.com/11235321040410…
plus.google.com/11235321040410…
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
RT @
martindale: Ongoing Attacks between China, U.S., Russia, Israel, and more:
Attachments
plus.google.com/11235321040410…
plus.google.com/11235321040410…
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
RT @
martindale: Ongoing Attacks between China, U.S., Russia, Israel, and more:
Attachments
plus.google.com/11235321040410…
plus.google.com/11235321040410…
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
RT @
martindale: Ongoing Attacks between China, U.S., Russia, Israel, and more:
Attachments
plus.google.com/11235321040410…
plus.google.com/11235321040410…
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
The Chinese attack on @
GitHub is interfering with my goal of pushing code every day… nevertheless, over 90 days now:
Attachments
github.com/martindale
github.com/martindale
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
The Chinese attack on @
GitHub is interfering with my goal of pushing code every day… nevertheless, over 90 days now:
Attachments
github.com/martindale
github.com/martindale
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
Cyber war! You can't subdue any one with that. They can learn this too and launch counter attacks tomorrow. The bigger guy with more net based economy will suffer eventually. Expect a future with peace talks on cyber wars.
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
RT @
martindale: The Chinese attack on @
GitHub is interfering with my goal of pushing code every day… nevertheless, over 90 days now: https:
Attachments
github.com/martindale
github.com/martindale
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
RT @
martindale: The Chinese attack on @
GitHub is interfering with my goal of pushing code every day… nevertheless, over 90 days now: https:
Attachments
github.com/martindale
github.com/martindale
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
RT @
martindale: The Chinese attack on @
GitHub is interfering with my goal of pushing code every day… nevertheless, over 90 days now: https:
Attachments
github.com/martindale
github.com/martindale
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
How do you think one would attack this problem in a society (my country - South Africa) where basic education isn't even a priority for government?
Create gamified environments like:
http://www.checkio.org/ ?
Make sure kids have access?
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
The biggest problem for a USA is that those attacks will be used as a starting point to recruit a new hackers to work for Iran and other muslim countries governments.
And that will be then one more step to a global cyberwar I mean official cause cyberwar already exist.
The worst thing that could happen to us users of the free internet is that because of that cyberwar they can try to bring new acts like damn Pipa Sopa Cispa and that could endanger our free internet.
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
Because bitcoin is environmentally damaging. It relies wasting on immense amounts of cpu cycles, and thus energy.
Because it's a fixed money supply, which carries a lot of economic problems. (There's a reason a lot of libertarians love bitcoin - it's essentially the gold standard, rehashed)
Not to mention its technical flaws - sybil attacks, an ever-growing ledger that is becoming unmanageably large, amongst others.
Bitcoin is a great idea, but it's a prototype for a digital currency.
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
Of course it doesn't tell you who wrote Flame. The NYT article tells you that. But how is that relevant? The cryptography aspect of it is part and parcel of the whole program. Without it, the operation could not have succeeded. Tell me, what rogue hacker has the capacity to develop his own collision attack cryptography--never before seen anywhere else--to conduct this operation. Mind you one that has specific interests in Iran. No matter how you twist it, you're still being delusional dude.
Given the number of classified patents the US publishes, especially in the field of cryptography, the most likely culprit is the NSA, the largest employer of mathematicians in the world.
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
Doesn't sound like a targeted attack but, just accidental luck to get into something thought to be secured.
Personally I think that in the IT industry there needs to be proactive training for all software developers because there is a serious deficit on security education and its very hard to keep up because of its ever changing nature. Better yet would be a strong investment in automated tools which could evaluate code for exploits. I'm sure some automated security checking exists out there but, I can tell you that if banks aren't using this sort of tool then I doubt many companies are.
Getting rid of Adobe reader and flash would also help greatly...
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
Definitely an interesting read.
Whenever i work at a Diabetes camp, one of the questions i have received from parents is "How do you make sure the remote is controlling the right pump? Currently, Medtronic/Minimed uses a device ID to pair the meter, CGM, or remote to the pump. I believe Johnson & Johnson/Animas One Touch Ping uses a similar method - i would have to ask my brother.
The Insulet Omnipod uses a proximity registration method, which i don't fully understand (I haven't played with it much), but I have a feeling that this pairing method might be vulnerable to an attack, possibly of a man-in-the-middle design.
I also do not see how interfering with the CGM signal could cause any issue - the only integrated CGM/pump combo that is FDA approved for sale in the USA (Minimed 522/722 or 523/723 ("Revel")) does nothing with the CGM information beyond display it on the pump and alert you to changes. Let me reiterate: the US CGM/pump combo does not use CGM data to alter insulin patterns - at this point in time, the FDA simply will not allow it.
Now, assuming the insulin pump is Medtronic's European model, I have been told (by a Medtronic Diabetes sales representative) that the european model features an "auto-off" switch - if the wearer's blood glucose level drops below a certain threshold, the insulin pump will immediately suspend insulin delivery. I do not know the specifics of how this works, if it is all insulin or just the basal levels, but it is a potential vulnerability, but leads to the risk of a high blood sugar (which leads to long-term complications if uncontrolled).
Now the flipside of the auto off, would be an automatic insulin increase. Theoretically, if we wanted a closed-loop insulin delivery system that mimics the natural function of the pancreas, we need to automatically reduce insulin delivery when blood glucose levels are dropping, as well as increase insulin delivery when BG levels are rising. The current technology has its known issues, so I am not sure if the FDA (or any similar agencies worldwide) will even allow this functionality with the available technology, but it is still a valid concern for biomedical programmers.
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
I often get asked for my Skype address, sometimes in relation to business or casual conversation. I politely decline with some degree of hand-waving about my reasons, and suggest an alternative form of communication (typically either Google Talk or Google Hangouts, depending on the context—both are built right in to Gmail!). I'd like to outline some of the reasons why I've made the decision to avoid Skype, primarily so I have something to link to when someone asks me about it.
First and foremost, we don't really know what Skype actually does. The binary (the actual program you run on your computer) is obfuscated, so attempts at disassembling it [PDF] to verify some of its strange behavior and the information it is transmitting have so far come up with very little. This is an issue, because Skype produces encrypted traffic even when you are not actively using Skype. This means we can only speculate on what information Skype is collecting about you after you've so graciously chosen to install it, and perhaps more importantly who it is sending that information to.
Quoting Salman Baset:
When a Skype client is not in a call and is running on a machine with public IP address, it has on the average 4-8 active TCP connections and atleast one UDP connection.
While connecting to external IP addresses is normal for a server/client architecture and necessary for receiving notifications, the volume of traffic and number of connections is concerning, considering the compounding issues between Skype's peer-to-peer architecture [PDF] and the "reasonable level of detection accuracy" in snooping on voice calls in Skype [PDF], despite the [purportedly] encrypted nature of the Skype protocol.
Speaking in general terms, Skype is "black box" software which has undergone no public review despite very concerning observed behavior. When new Skype malware (like Skype IMBot, of which an analysis is available, or the more recent Skype account hijacking) is released, there are very few options to protect ourselves if we've got Skype installed. On Linux, tools like AppArmor and TOMOYO exist, but without the ability to easily view the source and understand the attack (per perhaps even fix it proactively, before it occurs) we are at the mercy of Skype's new maintainers to provide a timely resolution in a reactive approach.
If you use a proprietary program or somebody else's web server, you're defenceless. You're putty in the hands of whoever developed that software.
— Richard Stallman
In conclusion, while Skype may be convenient, it presents a series of questions that must be asked and implications to be considered before choosing it over other chat, VoIP, and video chat solutions. I can only hope that more people consider these things before doing so.
Asides
Some of the other things I found interesting, more recently than the research I've linked in this post, include
Skype's role in the Syrian conflict, in which a claim was made as follows:
A media activist in Idlib named Mohamed said a rebel informant working for the government was killed in Damascus six months ago after sending warnings to the Free Syrian Army on Skype.
“I saw this incident right in front of my eyes,” Mohamed said. “We put his info on Skype so he was arrested and killed.”
Skype (Microsoft) has also made other concerning statements after accusations of helping the U.S. Government spy on its own citizens.
Wikipedia also lists a large number of known flaws in Skype, which I've chosen to avoid duplicating in this post.
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
It seems evil knows it's heart.
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
CODING IS NOT FOR THE FAINT HEARTED, BUT THE MOST COMPLEX HUMAN ARTIFACT EVER IS UNARGUABLY, SOFTWARE
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
Tinkering is the heart and soul of true learning. Here's a sweet project that makes it easier to tinker these days:
Attachments
indiegogo.com/projects/bring…
indiegogo.com/projects/bring…
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
Ha! It looks like the latest iteration of Gtalk (inside Gmail, at least) no longer converts at least the heart ( <3 ) to an animated emoticon. Me gusta!
...but really, can't I get just one more option to let me send all my messages as pure text only, and disallow clients from converting them to images? :(
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
+Eric Martindale I agree whole-heartedly. I've been trying to hack this behavior out of windows live mail for a couple months now. I type a lot of mathematics in emails, and every time I type something like (x) or any of a hundred other common constructs, that stupid thing makes it into an icon. I hate that!
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
+Lisa Way Good point. Capitalism is merely the right to own property. Free Markets, Libertarianism, Austrian Economics, and Right-Anarchism simply have shared ground and tend to go well together, but are importantly different things like Physics, Engineering, or Mathematics.
I think the idea that Capitalism and Self-Ownership are inseparable is a powerful idea that is in the heart of every person that came to the US with NOTHING looking or a better life. Too bad so many people born here don't understand that.
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
She said yes!
Having gotten through the trivial detail of launching Google+ (!), I recently turned my attention to even more important matters...
In the beautiful Parisian dusk, dining under the stars at Lasserre, I popped the question... and
+Irene Au agreed to marry me!
+Irene Au, I love you with all my heart and cannot wait to spend the rest of my life with you...
Attachments
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
She said yes!
Having gotten through the trivial detail of launching Google+ (!), I recently turned my attention to even more important matters...
In the beautiful Parisian dusk, dining under the stars at Lasserre, I popped the question... and
+Irene Au agreed to marry me!
+Irene Au, I love you with all my heart and cannot wait to spend the rest of my life with you...
Attachments
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
She said yes!
Having gotten through the trivial detail of launching Google+ (!), I recently turned my attention to even more important matters...
In the beautiful Parisian dusk, dining under the stars at Lasserre, I popped the question... and
+Irene Au agreed to marry me!
+Irene Au, I love you with all my heart and cannot wait to spend the rest of my life with you...
Attachments
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
She said yes!
Having gotten through the trivial detail of launching Google+ (!), I recently turned my attention to even more important matters...
In the beautiful Parisian dusk, dining under the stars at Lasserre, I popped the question... and
+Irene Au agreed to marry me!
+Irene Au, I love you with all my heart and cannot wait to spend the rest of my life with you...
Attachments
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
Interested in #sustainability?
+Daniel Ely Rankin recently introduced me to Liquid-Flouride Thorium Reactors (LFTR), which were passed up in the 50s as commercial sources of nuclear energy because they apparently didn't provide "viable weapons-grade plutonium". [1] They provide a
possibly viable safe alternative to the current form of nuclear fission reactors, and deserve the same level of attention that things like solar and wind power have been earning.
If you gather one thing from this post, it's that you should sign this WhiteHouse.gov Petition to fund further research into LFTR Reactors:
http://goo.gl/KVnvOIt's a tragedy when we see disasters like #Fukushima. Extenuating circumstances indeed; but likely an avoidable tragedy nonetheless. As opposed to other reactors like the Boiling Water Reactors (BWR) at the heart of the Japanese disaster,
LFTR Reactors cannot meltdown, [2] instead stabilizing themselves naturally because their power
decreases as their temperature
increases.
If you're further interested, check out
+Daniel Ely Rankin's post [3] and read up on the technology yourself. It's completely fascinating, and it's a healthy balance to the anti-nuclear rhetoric that's become so much louder recently.
[1]:
http://books.google.com/books?id=fOtxQpPPyyIC[2]:
http://www.energyfromthorium.com/pdf/ - Section 5.3, WASH 1097, Energy From Thorium's Document Repository "The Use of Thorium in Nuclear Power Reactors"
[3]:
https://plus.google.com/109596373340495798827/posts/4SF6fr99Jsv
Attachments
Provide Funding for Liquid-Fluoride Thorium Reactor (LFTR) Research and Development for Energy Independence. | The White HouseProvide Funding for Liquid-Fluoride Thorium Reactor (LFTR) Research and De...
Thorium is nearly a Perfect Fuel. Fund it's development. It has been presented to Google and TED.com. Videos below. Liquid-Fluoride Thorium Reactor (LFTR) has been proven by previous US research a...
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
Interested in #sustainability?
+Daniel Ely Rankin recently introduced me to Liquid-Flouride Thorium Reactors (LFTR), which were passed up in the 50s as commercial sources of nuclear energy because they apparently didn't provide "viable weapons-grade plutonium". [1] They provide a
possibly viable safe alternative to the current form of nuclear fission reactors, and deserve the same level of attention that things like solar and wind power have been earning.
If you gather one thing from this post, it's that you should sign this WhiteHouse.gov Petition to fund further research into LFTR Reactors:
http://goo.gl/KVnvOIt's a tragedy when we see disasters like #Fukushima. Extenuating circumstances indeed; but likely an avoidable tragedy nonetheless. As opposed to other reactors like the Boiling Water Reactors (BWR) at the heart of the Japanese disaster,
LFTR Reactors cannot meltdown, [2] instead stabilizing themselves naturally because their power
decreases as their temperature
increases.
If you're further interested, check out
+Daniel Ely Rankin's post [3] and read up on the technology yourself. It's completely fascinating, and it's a healthy balance to the anti-nuclear rhetoric that's become so much louder recently.
[1]:
http://books.google.com/books?id=fOtxQpPPyyIC[2]:
http://www.energyfromthorium.com/pdf/ - Section 5.3, WASH 1097, Energy From Thorium's Document Repository "The Use of Thorium in Nuclear Power Reactors"
[3]:
https://plus.google.com/109596373340495798827/posts/4SF6fr99Jsv
Attachments
Provide Funding for Liquid-Fluoride Thorium Reactor (LFTR) Research and Development for Energy Independence. | The White HouseProvide Funding for Liquid-Fluoride Thorium Reactor (LFTR) Research and De...
Thorium is nearly a Perfect Fuel. Fund it's development. It has been presented to Google and TED.com. Videos below. Liquid-Fluoride Thorium Reactor (LFTR) has been proven by previous US research a...
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
Interested in #sustainability?
+Daniel Ely Rankin recently introduced me to Liquid-Flouride Thorium Reactors (LFTR), which were passed up in the 50s as commercial sources of nuclear energy because they apparently didn't provide "viable weapons-grade plutonium". [1] They provide a
possibly viable safe alternative to the current form of nuclear fission reactors, and deserve the same level of attention that things like solar and wind power have been earning.
If you gather one thing from this post, it's that you should sign this WhiteHouse.gov Petition to fund further research into LFTR Reactors:
http://goo.gl/KVnvOIt's a tragedy when we see disasters like #Fukushima. Extenuating circumstances indeed; but likely an avoidable tragedy nonetheless. As opposed to other reactors like the Boiling Water Reactors (BWR) at the heart of the Japanese disaster,
LFTR Reactors cannot meltdown, [2] instead stabilizing themselves naturally because their power
decreases as their temperature
increases.
If you're further interested, check out
+Daniel Ely Rankin's post [3] and read up on the technology yourself. It's completely fascinating, and it's a healthy balance to the anti-nuclear rhetoric that's become so much louder recently.
[1]:
http://books.google.com/books?id=fOtxQpPPyyIC[2]:
http://www.energyfromthorium.com/pdf/ - Section 5.3, WASH 1097, Energy From Thorium's Document Repository "The Use of Thorium in Nuclear Power Reactors"
[3]:
https://plus.google.com/109596373340495798827/posts/4SF6fr99Jsv
Attachments
Provide Funding for Liquid-Fluoride Thorium Reactor (LFTR) Research and Development for Energy Independence. | The White HouseProvide Funding for Liquid-Fluoride Thorium Reactor (LFTR) Research and De...
Thorium is nearly a Perfect Fuel. Fund it's development. It has been presented to Google and TED.com. Videos below. Liquid-Fluoride Thorium Reactor (LFTR) has been proven by previous US research a...
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
Interested in #sustainability?
+Daniel Ely Rankin recently introduced me to Liquid-Flouride Thorium Reactors (LFTR), which were passed up in the 50s as commercial sources of nuclear energy because they apparently didn't provide "viable weapons-grade plutonium". [1] They provide a
possibly viable safe alternative to the current form of nuclear fission reactors, and deserve the same level of attention that things like solar and wind power have been earning.
If you gather one thing from this post, it's that you should sign this WhiteHouse.gov Petition to fund further research into LFTR Reactors:
http://goo.gl/KVnvOIt's a tragedy when we see disasters like #Fukushima. Extenuating circumstances indeed; but likely an avoidable tragedy nonetheless. As opposed to other reactors like the Boiling Water Reactors (BWR) at the heart of the Japanese disaster,
LFTR Reactors cannot meltdown, [2] instead stabilizing themselves naturally because their power
decreases as their temperature
increases.
If you're further interested, check out
+Daniel Ely Rankin's post [3] and read up on the technology yourself. It's completely fascinating, and it's a healthy balance to the anti-nuclear rhetoric that's become so much louder recently.
[1]:
http://books.google.com/books?id=fOtxQpPPyyIC[2]:
http://www.energyfromthorium.com/pdf/ - Section 5.3, WASH 1097, Energy From Thorium's Document Repository "The Use of Thorium in Nuclear Power Reactors"
[3]:
https://plus.google.com/109596373340495798827/posts/4SF6fr99Jsv
Attachments
Provide Funding for Liquid-Fluoride Thorium Reactor (LFTR) Research and Development for Energy Independence. | The White HouseProvide Funding for Liquid-Fluoride Thorium Reactor (LFTR) Research and De...
Thorium is nearly a Perfect Fuel. Fund it's development. It has been presented to Google and TED.com. Videos below. Liquid-Fluoride Thorium Reactor (LFTR) has been proven by previous US research a...
Replies are automatically detected from social media, including Twitter, Facebook, and Google+. To add a comment, include a direct link to this post in your message and it'll show up here within a few minutes.
