Archive for the ‘Biz & IT’ Category

Why a former Nazi sub base in Marseille is becoming a data center

June 25th, 2019

Marseille—France's largest city on the Mediterranean coast—is many things. It's the country's largest commercial port, the birthplace of French hip-hop, and the home of the French Foreign Legion. It's also a tech industry hotspot and the landing station for 13 major submarine cables. These cables connect Europe with North America, Africa, Cyprus, the Middle East, and Asia. Two more are scheduled to come online next year.

From a networking standpoint, the cables place Marseille very close to Cairo, Dubai, and Saudi Arabia. According to Fabrice Coquio (the managing director for France of data-center-operator Interxion), there are only five or six milliseconds of network latency to any of those locations—less than to Paris 800 kilometers (roughly 500 miles) away.

That has made Marseille a magnet for data-center operations—where data and application providers can "put platforms in a safe environment in terms of legal and financial environments like Europe and particularly the European Union and at the same time be connected to 46 countries directly with a very low latency," Coqiuo explained. "Basically, in the last 15 years, we have [cut] the cost of a submarine cable to a [10th of what it was] and multiplied the capacity by 50."

Read 12 remaining paragraphs | Comments

Posted in Biz & IT, data centers, France, Interxion, Marseille, Modular Data center | Comments (0)

Steam and Ubuntu clash over 32-bit libs

June 25th, 2019
The new icon theme in Ubuntu 19.04.

Enlarge / The new icon theme in Ubuntu 19.04. (credit: Scott Gilbertson)

It has been a tumultuous week for gaming on Linux. Last Tuesday afternoon, Canonical's Steve Langasek announced that 32-bit libs would be frozen (kept as-is, with no new builds or updates) as of this October's interim 19.10 release, codenamed "Eoan Ermine." Langasek was pretty clear that this did not mean abandoning support for running 32-bit applications, however.

Unfortunately, that part of the announcement may not have been entirely clear to all who read it. This group may include Steam lead Pierre-Loup Griffais, who responded by breaking up with Ubuntu in a tweet.

Two days later, Canonical issued another public statement making it very explicit that support for commonly used 32-bit libs would be continued. That statement has been widely reported as an "about-face" from Canonical, but it appears to be more of a clarification of the original statement. The heart of the issue is that 32-bit computing represents an incredibly wide attack surface, with lessening amounts of active maintenance to discover, analyze, and patch flaws and exploits. Canonical, like any company, needs to apply its developer resources intelligently, so it looks for ways to remove unnecessary cruft where possible. The vast majority of 32-bit code is cruft.

Read 4 remaining paragraphs | Comments

Posted in Biz & IT, Gaming & Culture | Comments (0)

DHS cyber director warns of surge in Iranian “wiper” hack attacks

June 24th, 2019
An effective wiper of sorts.

Enlarge / An effective wiper of sorts. (credit: Getty Images)

With tensions between the US and Iran on the rise following the downing of a US military drone last week, the director of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency is warning that Iran is elevating its efforts to do damage to US interests through destructive malware attacks on industrial and government networks.

In a statement issued on Saturday, June 22, CISA Director Christopher C. Krebs said:

CISA is aware of a recent rise in malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies. Iranian regime actors and proxies are increasingly using destructive "wiper" attacks, looking to do much more than just steal data and money. These efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing. What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network.

Krebs urged businesses and agencies to take steps to improve their security hygiene, including implementing multi-factor authentication for user credentials to prevent brute-force attempts to connect to exposed network and cloud applications.

Read 6 remaining paragraphs | Comments

Posted in Biz & IT, flame, Iran, Iranian Cyber Army, Policy, shamoon, stuxnet | Comments (0)

The Raspberry Pi 4 launch site runs on a Pi 4 cluster

June 24th, 2019

The Raspberry Pi 4 Model B has launched. It's a pretty big upgrade from the Raspberry Pi 3, with the company claiming that the device can provide "desktop performance comparable to entry-level x86 PC systems."

OK... but how does it perform as a server? Individually, the answer is just about what you'd expect. While the Pi 4B is an enormous all-around upgrade from the 3B+, it's still a Raspberry Pi at its heart. The former model's DDR2 RAM has been upgraded to DDR4, the new Cortex A72 CPU is anywhere from double to quadruple the speed of the older A53, and the gigabit Ethernet adapter isn't hamstrung by a USB 2.0 bus anymore, so it can actually push a gigabit worth of traffic. This is fantastic for a starting-at-$35, passively-cooled bittybox... but it's still very anemic compared to, for example, a humble i3-8100T.

But where you can't scale up, you can scale out—and that's precisely what www.raspberrypi.org has done. The launch site for the Raspberry Pi 4 Model B is mostly running on a cluster of 18 of the little devices themselves. Fourteen handle PHP code execution, two serve static files, and two run memcached. CloudFlare is still handling the brunt of the raw network traffic, though, and the database—by far the heaviest storage load on a WordPress site—isn't running on the little Pi cluster, either.

Read 3 remaining paragraphs | Comments

Posted in Biz & IT | Comments (0)

Argentina’s blackout and the storm-battered future of the grid

June 22nd, 2019
Argentina’s blackout and the storm-battered future of the grid

Enlarge (credit: Roberto Machado Noa/LightRocket via Getty Images)

Early Sunday morning, all of mainland Argentina lost power in an “unprecedented” blackout event that left most of the country’s 44 million citizens in the dark until the evening. The blackout also extended to Uruguay (which is connected to Argentina’s power grid) and limited parts of Chile. Although the exact cause of the blackout is still being investigated, Argentina experienced heavy rains over the weekend, and there is reason to believe that the inclement weather played a starring role in the largest blackout in recent history.

Extreme weather events are a leading cause of blackouts around the world, and the blackout in Argentina is a reminder that our electric grids aren’t ready to handle the increasing intensity of storms resulting from climate change. Although the United States isn’t likely to see a nationwide blackout like the one that hit Argentina, localized blackouts in the United States have increased in both frequency and duration in recent years. This is due in no small part to massive forest fires, snow storms, tornadoes, and hurricanes that cause localized blackouts often affecting tens of thousands of people.

“There is clear evidence that extreme weather events have increased over the past 20 years, and so have the number of outages and the number of customer hours out of service,” says Alison Silverstein, an independent energy consultant and previous advisor to the chairman of the Federal Energy Regulatory Commission. “We need to accept this and do a better job at helping customers and communities survive these growing outages and threats.”

Read 9 remaining paragraphs | Comments

Posted in Biz & IT, grid, power, sabotage | Comments (0)

A tale of two cities: Why ransomware will just get worse

June 21st, 2019
Baltimore, Maryland; Riviera Beach, Florida. Both got ransomware, and the outcomes were... the worst of times, and the worst of times.

Enlarge / Baltimore, Maryland; Riviera Beach, Florida. Both got ransomware, and the outcomes were... the worst of times, and the worst of times.

Earlier this week, the city of Riviera Beach, Florida, faced a $600,000 demand from ransomware operators in order to regain access to the city's data. The ransom was an order of magnitude larger than the ransom demanded by the attackers that struck Baltimore's city government in May. Against the advice of the Federal Bureau of Investigation, however, the Riviera Beach city council voted to pay the ransom—more than $300,000 of it covered by the city's insurance policy.

Baltimore had refused to pay $76,000 worth of Bitcoin despite facing an estimated ransomware cost of more than $18 million, of which $8 million was from lost or deferred revenue. Baltimore lacked cyber insurance to cover those costs.

Riviera Beach is much smaller than Baltimore—with an IT department of 10 people, according to the city's most recent budget, and an annual budget of $2.5 million to support a total city government of 550 employees. (Baltimore has about 50 IT staffers supporting more than 13,000 employees by comparison.) It's not a surprise that Riviera Beach's leadership decided to pay, given that a full incident response and recovery would have likely cost two to three times what they've agreed to pay the ransomware operators, and half of that price tag is covered by insurance. So, Riviera Beach's decision to pay looks like the easiest way out. It's a decision that has been made by many local governmental organizations and businesses alike over the past few years.

Read 13 remaining paragraphs | Comments

Posted in Baltimore ransomware attack, Biz & IT, Florida, Riviera Beach ransomware attack, targeted ransomware | Comments (0)

Manufacturing memory means scribing silicon in a sea of sensors

June 21st, 2019
How it's made: silicon wafers!

Enlarge / How it's made: silicon wafers! (credit: Micron)

At Micron's memory chip fabrication facility in the Washington, DC, suburb of Manassas, Virginia, the entire manufacturing area is blanketed in electronic detectors in all their various forms. But the primary purpose isn't to keep intruders out or anything so prosaic. "A lot of them are microphones,” a spokesman for Micron said. “They listen to the robots."

It turns out that there are thousands of microphones throughout the facility, or "fab," as silicon manufacturing plants are commonly known. There are microphones inside the giant $70 million cameras that imprint the component layout on the silicon surface of a memory chip. There are microphones lining the tracks of the robot controlled railways that carry colorful plastic FOUPs (front opening universal pods) along the ceiling throughout the plant. There are microphones near essentially every moving part in the facility.

All those thousands of microphones are listening for signs of wear—for variances to develop in the noises made by the machines—so that maintenance can be scheduled before anything breaks and causes downtime. Downtime, as you might imagine, is about the worst thing that can happen to an automated chip-making facility.

Read 14 remaining paragraphs | Comments

Posted in Biz & IT, Industry 4.0, Manufacturing, Micron, silicon, smart factory | Comments (0)

Potent Firefox 0-day used to install undetected backdoors on Macs

June 20th, 2019
The fox animoji.

Enlarge / The fox animoji. (credit: Samuel Axon)

Hackers exploited a pair of potent zero-day vulnerabilities in Firefox to infect Mac users with a largely undetected backdoor, according to accounts pieced together from multiple people.

Mozilla released an update on Tuesday that fixed a code-execution vulnerability in a JavaScript programming method known as Array.pop. On Thursday, Mozilla issued a second patch fixing a privilege-escalation flaw that allowed code to break out of a security sandbox that Firefox uses to prevent untrusted content from interacting with sensitive parts of a computer operating system. Interestingly, a researcher at Google's Project Zero had privately reported the code-execution flaw to Mozilla in mid April.

On Monday, as Mozilla was readying a fix for the array.pop flaw, unknown hackers deployed an attack that combined working exploits for both vulnerabilities. The hackers then used the attack against employees of Coinbase, according to Philip Martin, chief information security officer for the digital currency exchange.

Read 12 remaining paragraphs | Comments

Posted in Biz & IT, exploits, Firefox, vulnerabilities, zeroday | Comments (0)

The trick to saving human factory jobs might be teaming up with the machines

June 20th, 2019
"Oh brave new industry, that has such bots in't!"

Enlarge / "Oh brave new industry, that has such bots in't!" (credit: Javier Pierini / Getty)

The Matrix. Skynet. Roy Batty. Anyone who has watched a science-fiction movie has seen a scenario where factions of humans and machines find themselves locked in mortal combat.

Here in 2019, though, we're doing what we can to disrupt that vision and steer the course away from human-machine antagonism and more toward cooperation. Instead of robot servants plotting to overthrow their meatbag masters, we're trying to use machines to augment human skills and strengths—especially in the context of manufacturing, which is the place where we're most likely to see robots. The rapid push to update manufacturing methods to more smartly integrate human with machine isn't necessarily as big a deal as the original Industrial Revolution, but it is a big enough deal that analysts have coined a snappy phrase for what we're going through: "Industry 4.0."

Sometimes the man-machine enhancements are physical, and sometimes they’re mental. Sometimes it's a Venn diagram that includes both aspects, as a skilled human worker collaborates with robotics and AI to complete a task.

Read 11 remaining paragraphs | Comments

Posted in Artificial intelligence, Biz & IT, factory of the future, Industry 4.0 | Comments (0)

Nation-sponsored hackers likely carried out hostile takeover of rival groups’s servers

June 20th, 2019
Nation-sponsored hackers likely carried out hostile takeover of rival groups’s servers

Enlarge

If nation-sponsored hacking was baseball, the Russian-speaking group called Turla would not just be a Major League team—it would be a perennial playoff contender. Researchers from multiple security firms largely agree that Turla was behind breaches of US Department at Defense in 2008, and more recently the German Foreign Office and France’s military.  The group has also been known for unleashing stealthy Linux malware and using satellite-based Internet links to maintain the stealth of its operations.

Now, researchers with security firm Symantec have uncovered evidence of Turla doing something that would be a first for any nation-sponsored hacking group. Turla, Symantec believes, conducted a hostile takeover of an attack platform belonging to a competing hacking group called OilRig, which researchers at FireEye and other firms have linked to the Iranian government. Symantec suspects Turla then used the hijacked network to attack a Middle Eastern government OilRig had already penetrated. Not only would the breach of OilRig be an unprecedented hacking coup, it would also promise to make the already formidable job of attribution—the term researchers use for using forensic evidence found in malware and servers to pin a hack on a specific group or nation—considerably harder.

A murkier world

“The fact that we’ve seen one advanced group taking over the infrastructure of anther nation-backed group changes a lot of policy discussions that are going on because it complicates attribution,” Jonathan Wrolstad, principal cyber intelligence analyst in Symantec’s Managed Adversary and Threat Intelligence group, told Ars. “This does make us live in the world now that’s a bit murkier.”

Read 18 remaining paragraphs | Comments

Posted in apt34, Biz & IT, crambus, espionage, hacking, OilRig, Turla, waterbug | Comments (0)