m Quec.lim's republished posts.http://quec.li/~m /Lightning storm over Manhattanhttp://aboutphotography-tomgrill.blogspot.com/2016/08/lightning-storm-over-manhattan.htmltag:blogger.com,1999:blog-8331638045168087261.post-633571476039868150Tue, 16 Aug 2016 21:44:00 -0400For the past week or so we've been treated to late afternoon and evening thunderstorms with dramatic cloud formations often accompanied by lightning strikes. Last night we had a dry storm with lightning. I set up my X-Pro2 on a tripod to try to capture some of the strikes. With an aperture of f/11 and ISO 200 (This is when I wish Fuji had a lower 100 as the base ISO.) I ended up with a shutter speed of 4 seconds. When photographing lightning you need to keep snapping away with a slow shutter speed. In this case, I was using a 4 second exposure. I usually time my exposures by waiting several seconds after a strike and then opening the shutter for a time exposure. Then you've got to be lucky.<br /><br /><div><a href="https://2.bp.blogspot.com/-89qItpbmt7w/V7O_GQXTPLI/AAAAAAAAby4/vFQCNsSYEsM1mQ5Jp6zD_M5t48ldAWxXgCLcB/s1600/ti0109439bwbl.jpg" imageanchor="1"><img border="0" src="https://2.bp.blogspot.com/-89qItpbmt7w/V7O_GQXTPLI/AAAAAAAAby4/vFQCNsSYEsM1mQ5Jp6zD_M5t48ldAWxXgCLcB/s1600/ti0109439bwbl.jpg" /></a></div><br />http://quec.li/EntryComments?feed=http%3A%2F%2Faboutphotography-tomgrill.blogspot.com%2Ffeeds%2Fposts%2Fdefault&entry=tag%3Ablogger.com%2C1999%3Ablog-8331638045168087261.post-633571476039868150Major NSA/Equation Group Leakhttps://www.schneier.com/blog/archives/2016/08/major_nsaequati.htmltag:www.schneier.com,2016:/blog//2.10740Tue, 16 Aug 2016 11:43:00 -0400http://quec.li/EntryComments?feed=http%3A%2F%2Fwww.schneier.com%2Fblog%2Fatom.xml&entry=tag%3Awww.schneier.com%2C2016%3A%2Fblog%2F%2F2.10740Powerful Bit-Flipping Attackhttps://www.schneier.com/blog/archives/2016/08/powerful_bit-fl.htmltag:www.schneier.com,2016:/blog//2.10736Tue, 16 Aug 2016 08:09:00 -0400<p>New research: "<a href="https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_razavi.pdf">Flip Feng Shui: Hammering a Needle in the Software Stack,</a>" by Kaveh Razavi, Ben Gras, Erik Bosman Bart Preneel, Cristiano Giuffrida, and Herbert Bos.</p> <blockquote><p><b>Abstract</b>: We introduce Flip Feng Shui (FFS), a new exploitation vector which allows an attacker to induce bit flips over <i>arbitrary</i> physical memory in a <i>fully controlled way</i>. FFS relies on hardware bugs to induce bit flips over memory and on the ability to surgically control the physical memory layout to corrupt attacker-targeted data anywhere in the software stack. We show FFS is possible today with very few constraints on the target data, by implementing an instance using the <i>Rowhammer bug</i> and <i>memory deduplication</i> (an OS feature widely deployed in production). Memory deduplication allows an attacker to reverse-map any physical page into a virtual page she owns as long as the page's contents are known. Rowhammer, in turn, allows an attacker to flip bits in controlled (initially unknown) locations in the target page. <p>We show FFS is extremely powerful: a malicious VM in a practical cloud setting can gain unauthorized access to a co-hosted victim VM running OpenSSH. Using FFS, we exemplify end-to-end attacks breaking OpenSSH public-key authentication, and forging GPG signatures from trusted keys, thereby compromising the Ubuntu/Debian update mechanism. We conclude by discussing mitigations and future directions for FFS attacks.</p></blockquote>http://quec.li/EntryComments?feed=http%3A%2F%2Fwww.schneier.com%2Fblog%2Fatom.xml&entry=tag%3Awww.schneier.com%2C2016%3A%2Fblog%2F%2F2.10736Yet Another Government-Sponsored Malwarehttps://www.schneier.com/blog/archives/2016/08/yet_another_gov.htmltag:www.schneier.com,2016:/blog//2.10737Mon, 15 Aug 2016 14:43:00 -0400<p>Both <a href="https://securelist.com/files/2016/07/The-ProjectSauron-APT_research_KL.pdf">Kaspersky</a> and <a href="http://www.symantec.com/connect/blogs/strider-cyberespionage-group-turns-eye-sauron-targets">Symantec</a> have uncovered another piece of malware that seems to be a government design:</p> <blockquote><p>The malware -- known alternatively as "ProjectSauron" by researchers from Kaspersky Lab and "Remsec" by their counterparts from Symantec -- has been active since at least 2011 and has been discovered on 30 or so targets. Its ability to operate undetected for five years is a testament to its creators, who clearly studied other state-sponsored hacking groups in an attempt to replicate their advances and avoid their mistakes. <p>[...]</p> <p>Part of what makes ProjectSauron so impressive is its ability to collect data from computers considered so sensitive by their operators that they have no Internet connection. To do this, the malware uses specially prepared USB storage drives that have a virtual file system that isn't viewable by the Windows operating system. To infected computers, the removable drives appear to be approved devices, but behind the scenes are several hundred megabytes reserved for storing data that is kept on the "air-gapped" machines. The arrangement works even against computers in which data-loss prevention software blocks the use of unknown USB drives.</p> <p>Kaspersky researchers still aren't sure precisely how the USB-enabled exfiltration works. The presence of the invisible storage area doesn't in itself allow attackers to seize control of air-gapped computers. The researchers suspect the capability is used only in rare cases and requires use of a zero-day exploit that has yet to be discovered. In all, Project Sauron is made up of at least 50 modules that can be mixed and matched to suit the objectives of each individual infection.</p> <p>"Once installed, the main Project Sauron modules start working as 'sleeper cells,' displaying no activity of their own and waiting for 'wake-up' commands in the incoming network traffic," Kaspersky researchers wrote in a <a href="https://securelist.com/analysis/publications/75533/faq-the-projectsauron-apt/">separate blog post</a>. "This method of operation ensures Project Sauron's extended persistence on the servers of targeted organizations."</p></blockquote> <p>We don't know who designed this, but it certainly seems likely to be a country with a serious cyberespionage budget.</p>http://quec.li/EntryComments?feed=http%3A%2F%2Fwww.schneier.com%2Fblog%2Fatom.xml&entry=tag%3Awww.schneier.com%2C2016%3A%2Fblog%2F%2F2.10737