Group items tagged

Google has made no secret about its plans for Android. Smartphones and tablets are just the beginning — the company wants Android everywhere. And thanks to FXI Technologies’ Cotton Candy USB device, we may not have to wait long to see Android on more than just our mobile devices. FXI essentially built an ultra-lean computer inside a small USB stick. Stick it into any device that supports USB storage, and Cotton Candy will register as a USB drive. From there, you can run the Android OS in a secure environment inside your desktop, courtesy of a Windows/OSX/Linux-compatible virtualization client embedded in the device. Stick Cotton Candy into a computer, and Android will appear in a virtualized window on your desktop. But get this: The USB key also features an HDMI connector. This way, you can connect the stick to your TV and use Android on the big screen (though you’ll need some kind of secondary input device, like a Bluetooth mouse/keyboard combo, to get anything done.)

The EU has been known to make a lot of odd decisions when it comes to tech, such as forcing Microsoft's hand at including a "browser wheel" with its Windows OS, but this latest decision is one I think most people will agree with. One thing that's frustrating about different smartphones is the occasional requirement to use a different charger. More frustrating is actually losing one of these chargers, and being unable to charge your phone even though you might have 8 of another charger readily available.

While this decision would cut down on this happening, the focus is to cut down on waste. On Thursday, the EU's internal market and consumer protection committee voted on forcing smartphone vendors to adopt a standard charger, which common sense would imply means micro USB, given it's already featured on the majority of smartphones out there. The major exception is Apple, which deploys a Lightning connector with its latest iPhones. Apple already offers Lightning to micro USB cables, but again, those are only useful if you happen to own one, making a sudden loss of a charger all-the-more frustrating. While Lightning might offer some slight benefits, Apple implementing a micro USB connector instead would make situations like those a lot easier to deal with (I am sure a lot of us have multiple micro USB cables lying around). Even though this law was a success in the initial voting, the government group must still bring the proposal to the Council which will then lead to another vote being made in the Parliament. If it does end up passing, I have a gut feeling that Apple will modify only its European models to adhere to the law, while its worldwide models will remain with the Lightning connector. Or, Apple might be able to circumvent the law if it offers to include the micro USB cable in the box, essentially shipping the phone with that connector.

All the remaining Snowden documents will be released next month, according t‪o‬ whistle-blowing site ‪Cryptome, which said in a tweet that the release of the info by unnamed third parties would be necessary to head off an unnamed "war".‬‪Cryptome‬ said it would "aid and abet" the release of "57K to 1.7M" new documents that had been "withheld for national security-public debate [sic]". <a href="http://pubads.g.doubleclick.net/gampad/jump?iu=/6978/reg_security/front&sz=300x250%7C300x600&tile=3&c=33U7RchawQrMoAAHIac14AAAKH&t=ct%3Dns%26unitnum%3D3%26unitname%3Dwww_top_mpu%26pos%3Dtop%26test%3D0" target="_blank"> <img src="http://pubads.g.doubleclick.net/gampad/ad?iu=/6978/reg_security/front&sz=300x250%7C300x600&tile=3&c=33U7RchawQrMoAAHIac14AAAKH&t=ct%3Dns%26unitnum%3D3%26unitname%3Dwww_top_mpu%26pos%3Dtop%26test%3D0" alt=""></a> The site clarified that will not be publishing the documents itself.Transparency activists would welcome such a release but such a move would be heavily criticised by inteligence agencies and military officials, who argue that Snowden's dump of secret documents has set US and allied (especially British) intelligence efforts back by years.

As things stand, the flow of Snowden disclosures is controlled by those who have access to the Sn‪o‬wden archive, which might possibly include Snowden confidants such as Glenn Greenwald and Laura Poitras. In some cases, even when these people release information to mainstream media organisations, it is then suppressed by these organisations after negotiation with the authorities. (In one such case, some key facts were later revealed by the Register.)"July is when war begins unless headed off by Snowden full release of crippling intel. After war begins not a chance of release," Cryptome tweeted on its official feed."Warmongerers are on a rampage. So, yes, citizens holding Snowden docs will do the right thing," it said.

"For more on Snowden docs release in July watch for Ellsberg, special guest and others at HOPE, July 18-20: http://www.hope.net/schedule.html," it added.HOPE (Hackers On Planet Earth) is a well-regarded and long-running hacking conference organised by 2600 magazine. Previous speakers at the event have included Kevin Mitnick, Steve Wozniak and Jello Biafra.In other developments, ‪Cryptome‬ has started a Kickstarter fund to release its entire archive in the form of a USB stick archive. It wants t‪o‬ raise $100,000 to help it achieve its goal. More than $14,000 has already been raised.The funding drive follows a dispute between ‪Cryptome‬ and its host Network Solutions, which is owned by web.com. Access to the site was bl‪o‬cked f‪o‬ll‪o‬wing a malware infection last week. ‪Cryptome‬ f‪o‬under J‪o‬hn Y‪o‬ung criticised the host, claiming it had ‪o‬ver-reacted and had been sl‪o‬w t‪o‬ rest‪o‬re access t‪o‬ the site, which ‪Cryptome‬ criticised as a form of cens‪o‬rship.In resp‪o‬nse, ‪Cryptome‬ plans to more widely distribute its content across multiple sites as well as releasing the planned USB stick archive. ®

WikiLeaks’ latest release in its Vault7 series details how the CIA’s alleged ‘Brutal Kangaroo’ program is being used to penetrate the most secure networks in the world.

Brutal Kangaroo, a tool suite for Microsoft Windows, targets closed air gapped networks by using thumb drives, according to WikiLeaks.Air gapping is a security measure employed on one or more computers to ensure that a secure computer network is physically isolated from unsecured networks.

These networks are used by financial institutions, military and intelligence agencies, the nuclear power industry, as well as even some advanced news networks to protect sources, according to La Repubblica journalist Stefania Maurizi.READ MORE: ‘CIA’s Cherry Bomb’: WikiLeaks #Vault7 reveals wireless network targetsThese newly released documents show how closed networks not connected to the internet can be compromised by this malware. However, the tool only works on machines with a Windows operating system.Firstly, an internet-connected computer within the targeted organization is infected with the malware. When a user inserts a USB stick into this computer, the thumbdrive itself is infected with a separate malware.Once this is inserted into a single computer on the air gapped network the infection jumps – like a kangaroo – across the entire system, enabling sabotage and data theft.RELEASE: CIA air-gap jumping virus 'Emotional Simian' https://t.co/KkBnXhNtGCpic.twitter.com/w6MZFGushc— WikiLeaks (@wikileaks) June 22, 2017If multiple computers on the closed network are under CIA control, they “form a covert network to coordinate tasks and data exchange,” according to Wikileaks.Data can be returned to the CIA once again, although this does depend on someone connecting the USB used on the closed network computer to an online device.

The latest leaks from WikiLeaks' Vault 7 is titled “Dark Matter” and claims that the CIA has been bugging “factory fresh” iPhones since at least 2008 through suppliers.

And here is the full press release from WikiLeaks: Today, March 23rd 2017, WikiLeaks releases Vault 7 "Dark Matter", which contains documentation for several CIA projects that infect Apple Mac Computer firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA's Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain 'persistence' on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware.   Among others, these documents reveal the "Sonic Screwdriver" project which, as explained by the CIA, is a "mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting" allowing an attacker to boot its attack software for example from a USB stick "even when a firmware password is enabled". The CIA's "Sonic Screwdriver" infector is stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter.   "DarkSeaSkies" is "an implant that persists in the EFI firmware of an Apple MacBook Air computer" and consists of "DarkMatter", "SeaPea" and "NightSkies", respectively EFI, kernel-space and user-space implants.   Documents on the "Triton" MacOSX malware, its infector "Dark Mallet" and its EFI-persistent version "DerStake" are also included in this release. While the DerStake1.4 manual released today dates to 2013, other Vault 7 documents show that as of 2016 the CIA continues to rely on and update these systems and is working on the production of DerStarke2.0.   Also included in this release is the manual for the CIA's "NightSkies 1.2" a "beacon/loader/implant tool" for the Apple iPhone. Noteworthy is that NightSkies had reached 1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones. i.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008.   While CIA assets are sometimes used to physically infect systems in the custody of a target it is likely that many CIA physical access attacks have infected the targeted organization's supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise.

Mozilla has been experimenting with an interesting idea called Boot 2 Gecko. Essentially, B2G (as it’s called) is a mobile operating system based on the Web, as opposed to what the project’s wiki calls “proprietary, single-vendor stacks”. Mozilla has something there--open Web technologies indeed increasingly provide an intriguing platform for lots of things, mobile and otherwise. The developers on the B2G project are looking at the following areas: New web APIs: build prototype APIs for exposing device and OS capabilities to content (Telephony, SMS, Camera, USB, Bluetooth, NFC, etc.) Privilege model: making sure that these new capabilities are safely exposed to pages and applications Booting: prototype a low-level substrate for an Android-compatible device Applications: choose and port or build apps to prove out and prioritize the power of the system

We're happy to announce that over the next few weeks we will be rolling out the ability to upload, store and organize any type of file in Google Docs. With this change, you'll be able to upload and access your files from any computer -- all you need is an Internet connection.Instead of emailing files to yourself, which is particularly difficult with large files, you can upload to Google Docs any file up to 250 MB. You'll have 1 GB of free storage for files you don't convert into one of the Google Docs formats (i.e. Google documents, spreadsheets, and presentations), and if you need more space, you can buy additional storage for $0.25 per GB per year. This makes it easy to backup more of your key files online, from large graphics and raw photos to unedited home videos taken on your smartphone. You might even be able to replace the USB drive you reserved for those files that are too big to send over email.Combined with shared folders, you can store, organize, and collaborate on files more easily using Google Docs. For example, if you are in a club or PTA working on large graphic files for posters or a newsletter, you can upload them to a shared folder for collaborators to view, download, and print.