Dale Napier writer Tai Chi Chuan Tai Chi In Your Life Queen Joan politics martial arts cyberwar
Dale Napier writer Tai Chi Chuan Tai Chi In Your Life Queen Joan politics martial arts cyberwar
Dale Napier Writer Main Blog Dale Napier Writer Writings Readings Cyber Tai Chi
Dale's Hard Cyber

Samsung Galaxy Phones Hacked
All Samsung Galaxy Phones Totally Hackable

Flaw in Keyboard Software Ranks 8.3 on 10-point danger scale

(June 17, CNN Money)

Researchers at cybersecurity firm NowSecure say a flaw in the keyboard software, used on all Samsung Galaxy phones, makes it possible for a hacker to hack a phone and steal its data. Since it notified Samsung last November and Samsung has apparently done nothing to fix or even reveal the problem publicly, NowSecure's CEO Andrew Hoog has chosen to go public. Samsung says they only learned of the problem last week ... right. I'm so glad I didn't buy that new S6 last week!

SEA hacks WashPo
Young Syrian hackers hammer WashPo mobile site

'Syrian Electronic Army' continues to hit media sites on Assad's behalf

(May 14, Huffington Post)

A collective of young Syrian hackers continues to outwit the adults - more than 70 media sites hit, at last count. When will a security consultant start hiring out to these media sites? (Kevin Mitnick, are you getting this?)

Santa Clara Sheriff Seeks Stingray Device to Hack Local Cell Phones

Civil Liberarians Up In Arms, Trying to Block

(Feb. 20, San Jose Mercury-News)

In California, civil libertarians are up in arms over the Santa Clara Sheriff's proposal to buy a Stingray cell phone hacking device with a $500,000 grant from the Department of Homeland Security. This portends attempts by police departments all over the country who want the ability to eavesdrop on every cell phone in their jurisdiction, without a warrant, in complete violation of the Constitution.

Lenovo laptops
Lenovo Laptops Come Pre-Installed with Malware

(Feb. 19, Reuters)

Lenovo Group Ltd, the Chinese computer company that bought IBM's PC division years ago, pre-installs its Windows laptop with malware designed to hack, eavesdrop, and steal information from its customers. The Superfish malware creates security holes in all Lenovo laptops. Slate: You Had One Job, Lenovo

Hackers Take More Than $1,000,000,000 from Banks
(Feb. 15, Associated Press)

Russian cybersecurity firm Kaspersky revealed that a global hacker gang had digitally pilfered more than $1 billion from banks around the world. The hackers used phishing and social engineering to gain access to the banks' computers, then programmed them to make transfers to offsite accounts.

Anthem BCBS
Get Ready for Medical Identity Theft

(Feb. 5, NBC News)

Anthem, which handles Blue Cross Blue Shield for a dozen states, had some 80 million records hacked, it was learned today. Included in the hack are names, social security numbers, dates of birth, email addresses, home addresses, and more. Anthem is offering free credit monitoring for those affected.

Medical identity theft is already a larger problem than most people realize, costing victims an average of $19,000 in fraudulent medical expenses.
Drone Crashed at White House
Drone that Crashed on White House Grounds

Drone Crashes on White House Grounds

How Dangerous is this Emerging Threat?

(Jan. 26, USA Today)
Mainstream media are focused on the fact that the FAA Friday is going to release its first round of regulations for the private and commercial use of drones, but few are talking about the threat to the White House and/or President Obama.
Oregaon Sen. Ron Wyden
Ron Wyden

Wyden: Why Create Backdoors that Hackers Can Use?
(Dec. 14, 2014, Los Angeles Times)
Oregon Senator Ron Wyden, in an editorial in the Los Angeles Times, raises the question of whether it makes sense to create "back doors" to computer systems for the FBI and NSA, when that would give hackers throughout the world new ways to exploit and sabotage our cybersystems.
John Brennan
John Brennan

President Knew of CIA Spying on Senate
(Jan. 15, HuffingtonPost)
The CIA's Office of Inspector General released a report revealing that Central Intelligence Director John Brennan consulted White House Chief of Staff Denis McDonough before spying on senators to determine who leaked a sensitive document on torture.
Centcom Hacked
ISIS Hacks U.S. Central Command
(Jan. 12, CNN)
ISIS hacked Twitter and other social media accounts owned by the CENTCOM, the U.S. Central Command, which covers the Middle East and central Asia, including Afghanistan and Iraq. There are no signs that the hackers were able to do more than superficial searches, since the accounts were not attached to critical information, but the embarrassment factor is considerable.
Varney McAfee
John McAfee Hacks Stuart Varney
(Jan. 9, Fox Business Network)
McAfee Software founder John McAfee demonstrated how he thinks Sony was hacked. From a remote location he breaks in through Varney's voicemail, and from there proceeds to show how the hack could be done.

Is a Cyber Attack Just Around the Corner?
(Jan. 8, Washington Times)
China is making hundreds of tests against government, military, and corporate targets. How can you be sure you're not one? This Congressman was.

FBI Claims Right to Hack Phones Without Search Warrant
"Stingray" Decoy Cell Towers Trap Calls
(Jan. 2, ARS Technica)
The FBI claims that smartphones in public may be spied up on in the same manner that public spy cameras may be used to spy on ordinary citizens without probable cause.

Linker Squad Linker Squad Hacks 1.9 million Customers of French Magazine
(Jan. 2, CyberWarZone)
The French hackers calling themselves Linker Squad claim credit for hacking and publicizing the credit information for 1.9 million customers of French magazine TF1.

Kim Jong-Un Obama Applies Sanctions to North Korea
(Jan. 2, Bloomberg)
Despite some indications of hacker involvement outside North Korea in the Sony hacking scandal, President Obama has imposed sanctions on 10 individuals and three state agencies. The sanctions take the form of Treasury Department restrictions on the use of financial transactions.

How the Sony Hack Has Changed Things
(Jan. 1, Huffington Post)
Adam Levin, Chairman of Credit.com and Identity Theft 911 discusses how the Sony hack has changed the way he works.

North Korea May Have Hired Outside Hackers
(Reuters, Dec. 30, 2014)
Theories are spinning about who hacked Sony Entertainment and under what conditions. This Reuters suggests North Korea did not have the wherewithal to do the dirty deeds on its own.

Sony HQ Was Sony Hack an Inside Job?
(Breitbart, Dec. 29, 2014)
The FBI has been briefed by cyber intelligence firm Norse to the effect that the Sony hack was pulled off by former employees working with piracy hackers.

Microsoft Xbox, Sony Playstation Hacked
(Huffington Post, Dec. 26, 2014
A hacker group calling itself Lizard Squard claimed responsibility for the attacks on the Xbox and Playstation websites. While Sony called it a 'security breach', this has the taste of a distributed denial of service (DDOS) attack.

The Real Cyber War is All Around You
(NBC News, Dec. 2014)
The Sony hack doesn't affect you personally, but daily attacks on banks and utility grids can hurt you if they succeed. Brian Williams reports on this problem.

JPMorgan Hackers Used Neglected Server
(New York Times, Dec. 22, 2014)
In August Bloomberg reported that the FBI was investigating the possibility that the hackers were Russian, but so far have not confirmed the hackers' locations or identities. Investigations have determined the the point of entry was a neglected server, which is a real wake-up call for computer security professionals.

May 14, 2015
About that Metadata: NSA's Big Lie

For quite a while now we've been hearing that the NSA "only" collects metadata when it eavesdrops illegally on our phone calls. As a database guru of more than 36 years, I've long wondered what they meant by metadata. In the database industry "metadata" means one thing and one thing only, so I've always known that not only is metadata not worth collecting, but you do not need to "collect" it because it is known in advance.

In other words, the NSA was lying. Completely. Let me explain.

Suppose you have a spreadsheet with rows and columns that look something like this:
metadata example
Row 1 contains the metadata. All the other rows contain the data. Get the idea? If you get the idea, you're still puzzled because you're wondering, why would they collect row headings? Why would they need to? Answer: Because they are not collecting METADATA, they are collecting DATA. They LIED.

Just to elaborate, the NSA is "harvesting" phone numbers. Phone numbers are data. They call it metadata because they pretend not to know who the phone number belongs to - 99% of the time, also a lie. The truth is, they have the phone number database. Heck, I have a phone number database (not as good as theirs, of course. Mine corresponds to a small subset of the population). For an NSA spokesman to say that with a straight face requires a talented con man.

May 7, 2015
Obama's NSA spying repudiated by 2nd Court of Appeals
In a recent tweet Al Gore put it best: "Is it just me, or is secret blanket surveillance obscenely outrageous?"
Read about the court's decision here. Al Gore

Feb. 14, 2015
Democrat Obama Wants More Spying on Americans
President Obama has Silicon Valley executives in an uproar over his demand for yet more data "sharing" - spying on American citizens online. Protesting Obama's recent executive order on cybersharing, Facebook CEO Mark Zuckerberg, Yahoo’s Marissa Mayer, and Google’s Larry Page and Eric Schmidt all chose to boycott Obama's recent speech at a cybersummit at Stanford University.
Read more about it here.

Feb. 11, 2015
Do you get a tad uneasy thinking about camera-equipped commercial drones flying over your property? Even if you haven't done anything wrong, a bad camera angle could make something look wrong. Good news! The drone equivalent of a Do Not Call List is being built, and you can get your location put on it. The idea is a virtual geofence that will be built into drone maps, so that they avoid specified areas.
Read more about it here.
Sign up here.

Feb. 9, 2015
Are you worried about uninvited guests hacking your mobile phone? If the NSA and FBI can do it, so can the really bad guys, using fake mobile base stations to read and process your signal. Would you like to know when that happens? We got an app for that - SnoopSnitch. It's an Android app that runs only on rooted Android devices with the QualComm chipset.
Read more about SnoopSnitch here.
Download SnoopSnitch here.

Jan. 29, 2015
Micosoft founder Bill Gates has become the latest tech mogul, following in the steps of Tesla CEO Elon Musk, to sound the alarm about artificial intelligence. You can read about it here on CNET, but you can also ready his original Reddit discussion here.

Along the same lines I recently finished reading Oxford Professor Nick Bostrom's fine book Superintelligence. Bostrom defines, categorizes, and describes the many types of possible super intelligence, the possible problems (read catastrophes), and the possibility of limiting them for security. It reads and feels like a textbook, but without the equations that scare away so many lay readers.
Super Intelligence

Jan. 26, 2015
In recent months drones have been found operating on U.S. Capitol grounds, near the Lincoln Memorial, and Reagan National Airport. Although small, this drone could carry a payload of C-4 explosive that could do damage and kill under the right circumstances. While no one thinks such a drone could penetrate the White House and injure the president, a person or group of people standing outdoors on the grounds could indeed be killed by such a device. How soon before much larger and more dangerous payloads become possible? What can the FAA, or even the U.S. military, do to stop proliferation of drones before they pose a nationwide threat to homeland security?

Jan. 15, 2015
Can biometric markers provide security not available through passwords methods? Apple fans tout it as the be-all and end-all of security: they are half right. Using fingerprint technology for security is the end of computer security as we know it. Fingerprints are hackable through a variety of low-tech methods, and Apple is doing its best to make it easier. Next up is a tech to allow an iPhone to scan a fingerprint from a distance - which means a thief could hold up a glass with your fingerprint, just like the police do, and get into your phone. The cops will like that!

What the cops will like even more is using their vast fingerprint databases to hack your iPhone at will. And who has the largest fingerprint database in the world? The FBI, or probably now DHS. If they have your fingerprint (they got mine at age 18 when I was granted a security clearance), they have access to your iPhone. Congratulations! Apple sold you a bill of goods at a premium price, and you thanked them for it.

Jan. 8, 2015
The Terminator films depicted a future dominated by humanoid robot weapons and their larger brethren, but the U.S. mlitary, through DARPA, is developing drones based on fast-moving birds and insects that in many ways are far more frightening. You figure you could see and hear a large humanoid robot coming your way, but insects? Birds? Not necessarily. Can an insect drone or bird drone deliver an explosive payload that could kill a person? You can bet that's part of the research project. Be sure to read about these, Israeli swarms and best of all, Russian battle robots.

Jan. 6, 2015
This week I'm introducing a new column on military threats, which are not exactly the same as hacking threats, but there is a lot of overlap. A top concern is the threat of a military robot with autonomous AI being hacked by an enemy. In White House Storm I dramatize this potential with U.S. nuclear-armed destroyers being hacked by an unknown attacker. Where else might this happen? For this reason drones of all types must be viewed in terms of their potential to turn on their American masters.


Electronic Frontier Foundation

SF Gate
USA Today
Venture Beat
Washington Post

New Venmo Payment System Hit With Charges of Fraud
Bad Security Apparently Causes Illegal Withdrawals

(Feb. 25, Slate)

Mobile payment app Venmo has problems with possible fraud - and worse, extremely bad customer support to deal with it. It all goes to show that payment apps should never be taken for granted, and will be a source of fraud problems for some time to come.

Your Smart TV Watches You Back - Or At Least Listens
And That's the GOOD News

(Feb. 10, Slate)

Samsung's privacy policy for its family of smart TVs, TVs that spy on you, states “please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition.” The bad news is, Samsung's advice to its users to disable these features may be a violation of federal law. So what's the solution? Don't buy Samsung! But given Apple's track record in privacy, who believes Apple's TV will do any better?
armed drones

U.S. Licenses Exporting of Armed Military Drones
(Feb. 17, Associated Press)
Remember the scene in Iron Man where Tony Stark discovers that Stark Industries advanced weapons are being used by the terrorists who have taken him hostage? The chances for such a scene to take place for real just shot up, as the Obama administration is now allowing the export of armed military drones to U.S. allies. At one time Usama bin Laden and Saddam Hussein were our allies. How long can we rely on our drone-armed allies to remain our friends?
robot dogs

Dog Robots Become Increasingly Dangerous
(Feb. 9, Daily Mail)
Boston Dynamics has built a family of "dog" robots that can walk, trot, climb stairs, and even stay upright after being kicked. The U.S. Marine Corps is testing elements of its "Legged Squad Support System" that is being developed to carry heavy equipment, but it would be a simple move to equip them with infrared visuals and machine guns, and make them remote-controlled.

Libertarian Advocates Joys of Killer Robots
(Jan. 23, Reason)
Can killer robots be given intelligence and control that make them more moral than human soldiers - less likely to make "mistakes"? A libertarian in this Reason Magazine article thinks so. Is it time for Reason to change its name to Fantasy?
Handheld Range-R radar device from L3 Communications

Police Radar Can See Through Walls
(Jan. 19, USA Today)
The tech is crude by any standards, but so was the first TV. The potential for civil liberties abuse has never been greater.

Israelis Adopting Swarm Technology
(Jan. 3, Jerusalem Post)
Israel's infamous Iron Dome is being given new tech - swarmware. With this tech Iron Dome can coordinate the actions of dozens or even hundreds of drones. With the U.S. Air Force admitting to drone fatigue, this could be just the thing for a nextgen military.

Robots Learn From YouTube
Can Learn From Watching You Too
(Jan. 2, Venture Beat )
It seems innocuous - robots learning to cook. By watching YouTube. By learning from human movement. Can't that be applied to surveillance tech?

U.S. Drone Tech Turns to the Birds and Bees
(Jan. 2, Defense News)
DARPA announces a new class of drones based on high-speed birds and insects. You think your yard is sacrosanct? You think your home is your castle? Not even with a moat.
Russian battle robot
Russian Military Battle Robots
(Jan. 2, Moscow Times)
They don't make battle robots in the real world like the ones in the comics. These Russian weapons aren't humanoid, they're drone machine guns mounted on tank-like treads for mobility.

Do You Own Your iPhone? Your Car? Your Drone?
If It Has Automatic Updates, You Don't Really Own It

(Feb. 3, Electronic Frontier Foundation)

After a drunk iWarrior flew his DJI-manufactured Phantom drone onto White House grounds last week, DJI issued a firmware update to prevent its drones from being flown within 25 km (15.5 mi) of the White House. Suppose you owned one of their models and lived 10 miles from the White House. You bought it in good faith, and now it is little more than a door stop - and if like mine, it is too lightweight to even be a door stop. Under those circumstances, who really owns your drone? This article from the world's premier digital rights organization suggests you do not.
Drone Crashed at White House

Police Don't Like Civilians Tracking Them
Sauce for the Gander?
App Turn Police Tech on its Head.

(Jan. 26, Houston Chronicle/Associated Press)

Use the Waze app on your iPhone to see locations with a police presence. Law enforcement agencies are hollering foul on this app, likely to little avail. Call this fight Freedom of Speech versus the Police State.
Waze app

Google Glass Dead
(Jan. 15, Slate)

In a rare victory for privacy advocates, Google has withdrawn its Google Glass product from the market place. Will it ever return?
Google Glass

Apple Wants to Read Fingerprints From Afar
(Jan. 15, Huffington Post)

Apple has a patent pending for the ability to read fingerprints from a distant, making it easier to unlock a phone, and vastly easier to hack. Senator Al Franken has concerns that while a hacked credit card can be replaced, fingerprints cannot.
Apple Patent

USB Wall Charger Can Hack Your Keystrokes
(Jan. 12, VentureBeat)

An enterprising man used off-the-shelf Arduino hardware to enhance a wall charger - to record every keystroke from wireless Microsoft keyboards. Keyboard loggers are among the simplest and most dangerous tools for hacking web sites, networks and databases.
Wall Charger Logger

Airline Internet? You could be Hacked.
(Jan. 5, Neowin)
If your favorite airline uses GoGo for its inflight Internet provider, you are so totally hackable. What airlines? Read and find out.

iPhone Thumbprint Easy to Hack
(Dec. 30, 2014, Huffington Post)
A thumbprint is not such a great password substitute: One photo of your thumb and it's all over. The FBI has a massive thumbprint database. If that's ever hacked, the party is over.
Thumbprint Hack to iPhone

Are Your Christmas Gadgets Conspiring Against You?
(Dec. 25, 2014, Huffington Post)
Your sleeping patterns recorded and published ... your sexual activity uploaded ... your refrigerator reporting your eating habits ...

Cars Out of Control
(Dec. 24, 2014, The Independent)
Cars with internet connections can be hacked to disable or control braking, acceleration and steering. Is it worth it?
Cars Out of Control
Cars Out of Control
Your Phone is Hacked
(Washington Post, Dec. 18, 2014)
Target Hacked
Drone Mania Leads to Public Overpayments
(SF Gate, Dec. 3, 2014)
Target Hacked
Your Credit Cards are Targets
(CNN, Dec. 22, 2013)

Send mail to dalenapierwriter@hotmail.com with questions or comments about this web site.
Copyright © 2011-2016 MasterSoft Media LLC