Indonesia 737 crash caused by “safety” feature change pilots weren’t told of

SONY DSC

On November 6, Boeing issued an update to Boeing 737 MAX aircrews. The change, directed by the Federal Aviation Administration (FAA), came because Boeing had never provided guidance to pilots on what to do when part of an updated safety system malfunctioned—the very scenario that the pilots of Indonesia’s Lion Air Flight 610 faced on October 29. Not knowing how to correct for the malfunction, the aircrew and their passengers were doomed. All aboard were lost as the aircraft crashed into the Java Sea.

First approved for commercial operation by the FAA on March 8, 2017, the MAX is just beginning to be delivered in large volumes. Lion Air was one of Boeing’s primary foreign customers for the MAX, which is also flown by Southwest Airlines, American Airlines, and Air Canada. The Lion Air aircraft lost in the accident was virtually brand new, delivered by Boeing in August; this was the first accident involving an aircraft touted for its safety.

Update: But Boeing never told pilots about one key new safety feature—an automated anti-stall system—or how to troubleshoot its failure. The manual update raised an outcry from pilots in the US.

Read 11 remaining paragraphs | Comments

Google goes down after major BGP mishap routes traffic through China

Google goes down after major BGP mishap routes traffic through China

Google lost control of several million of its IP addresses for more than an hour on Monday in an event that intermittently made its search and other services unavailable to many users and also caused problems for Spotify and other Google cloud customers. While Google said it had no reason to believe the mishap was a malicious hijacking attempt, the leak appeared suspicious to many, in part because it misdirected traffic to China Telecom, the Chinese government-owned provider that was recently caught improperly routing traffic belonging to a raft of Western carriers though mainland China.

The leak started at 21:13 UTC when MainOne Cable Company, a small ISP in Lagos, Nigeria, suddenly updated tables in the Internet’s global routing system to improperly declare that its autonomous system 37282 was the proper path to reach 212 IP prefixes belonging to Google. Within minutes, China Telecom improperly accepted the route and announced it worldwide. The move by China Telecom, aka aka AS4809, in turn caused Russia-based Transtelecom, aka AS20485, and other large service providers to also follow the route.

The redirections, BGPmon said on Twitter came in five distinct waves over a 74-minute period. The redirected IP ranges transmitted some of Google’s most sensitive communications, including the company’s corporate WAN infrastructure and the Google VPN. This graphic from regional Internet registry RIPE NCC shows how the domino effect played out over a two-hour span. The image below shows an abbreviated version of those events.

Read 10 remaining paragraphs | Comments

A 100,000-router botnet is feeding on a 5-year-old UPnP bug in Broadcom chips

A 100,000-router botnet is feeding on a 5-year-old UPnP bug in Broadcom chips

A recently discovered botnet has taken control of an eye-popping 100,000 home and small-office routers made from a range of manufacturers, mainly by exploiting a critical vulnerability that has remained unaddressed on infected devices more than five years after it came to light.

Researchers from Netlab 360, who reported the mass infection late last week, have dubbed the botnet BCMUPnP_Hunter. The name is a reference to a buggy implementation of the Universal Plug and Play protocol built into Broadcom chipsets used in vulnerable devices. An advisory released in January 2013 warned that the critical flaw affected routers from a raft of manufacturers, including Broadcom, Asus, Cisco, TP-Link, Zyxel, D-Link, Netgear, and US Robotics. The finding from Netlab 360 suggests that many vulnerable devices were allowed to run without ever being patched or locked down through other means.

Last week’s report documents 116 different types of devices that make up the botnet from a diverse group of manufacturers. Once under the attackers’ control, the routers connect to a variety of well-known email services. This is a strong indication that the infected devices are being used to send spam or other types of malicious mail.

Read 4 remaining paragraphs | Comments

Russian officials: Nope, we can’t finish fixing the carrier Kuznetsov

MURMANSK, RUSSIA - Russian aircraft carrier <em>Admiral Kuznetsov</em> at the PD-50 floating dry dock of Shipyard 82.

Russian officials have now acknowledged that the October 29 accident involving Russia’s only aircraft carrier and largest floating dry dock has made continuing the refit of the ship impossible. The dry dock, the PD-50, was the only one available capable of accommodating the 55,000 ton Admiral Kuznetsov. As a result, the completion of the refit of the ship is now delayed indefinitely.

The PD-50, built by a Swedish shipyard in 1980 for the Soviet Union, sank in an uncontrolled “launch” of the Kuznetsov and came to rest on the sloping bottom of the harbor at Murmansk. Two cranes collapsed during the sinking, with one crashing onto the Kuznetsov and leaving a large gash in its hull. And recovering and repairing the PD-50 could take as long as a year.

“We have alternatives actually for all the ships except for Admiral Kuznetsov,” United Ship-Building Corporation Chief Executive Alexei Rakhmanov told TASS. But the loss of the PD-50 dock “creates certain inconveniences” for future repairs on large capital ships, he acknowledged.” We hope that the issue of the docking of first-rank ships will be resolved in the near future. We are also preparing several alternatives, about which we will report to the Industry and Trade Ministry,” Rakhmanov said.

Read 1 remaining paragraphs | Comments

Negotiating with ISPs: Don’t accept broadband price hikes without a fight

An angry man yelling into a cell phone.

We’ve all been there. You’ve been paying an annoyingly large sum for Internet and/or TV service each month for the past couple of years, and suddenly your ISP tells you it’s time to pay even more.

Your promotional rate has expired, and now you’ll have to pay the “real” price of service. You’re free to switch to another provider—if there’s another one in your neighborhood.

And so, the ritual of calling your ISP to demand—or beg for—a lower price begins again. There’s no guarantee that it’ll work, but in our experience it’s worth trying to negotiate a better rate using whatever amount of leverage you have.

Read 32 remaining paragraphs | Comments

Get your code on in RunCode, the online programming and pwning extravaganza

Want to flex your coding and hacking skills but can't get to a con? RunCode is for you.

Last year, a group of dedicated volunteers launched Codewarz, an online coding “capture the flag” (CTF) contest originally developed as an on-site competition for colleges and training events. Paid for entirely out of their own pockets, the competition included 24 challenges—challenges that could be taken on in one of 14 supported programming and scripting languages. There were over 1,000 participants in last year’s event, with only one completing all the challenges.

The team behind Codewarz has continued to do on-site events, including a Python workshop held at BSides Augusta this year focused on tackling CTF-style problems. But the open competition is back this weekend—bigger, better, and with a whole new domain. Re-dubbed RunCode, the contest is now backed by a newly-formed nonprofit funded by sponsors.

That sponsorship has made it possible to scale the event up—RunCode will have 180 coding challenges, including security-focused ones. And now there are prizes for top competitors, including an Intel NUC kit, Raspberry Pi and Arduino kits, and a one-year VIP subscription to the Hack The Box penetration testing lab.

Read 5 remaining paragraphs | Comments

California’s cap-and-trade dollars are building a hydrogen fuel cell boat

hydrogen fuel cell vehicle

All aboard: construction of a hydrogen fuel cell boat, with aims to be the first of its kind to run commercially, was announced on Thursday in San Francisco.

A startup called Golden Gate Zero Emission Marine (GGZEM) held a keel-laying ceremony on Thursday for its new, 70-foot hydrogen fuel cell ferry. The keel-laying ceremony marks the beginning of the construction of a vessel, and GGZEM expects that it will be completed by September 2019.

The boat, which will be called the Water-Go-Round, will likely be the first hydrogen fuel cell boat to run commercially, ferrying people around the San Francisco Bay. Generally, ferries tend to be diesel-powered, creating significant noise underwater, as well as greenhouse gas emissions and potential marine pollution from spills. By contrast, a hydrogen fuel cell boat would be quieter, and its only emissions while operating in the water would be more water.

Read 5 remaining paragraphs | Comments

Police decrypt 258,000 messages after breaking pricey IronChat crypto app

Police decrypt 258,000 messages after breaking pricey IronChat crypto app

Police in the Netherlands said they decrypted more than 258,000 messages sent using IronChat, an app billed as providing end-to-end encryption that was endorsed by National Security Agency leaker Edward Snowden.

In a statement published Tuesday, Dutch police said officers achieved a “breakthrough in the interception and decryption of encrypted communication” in an investigation into money laundering. The encrypted messages, according to the statement, were sent by IronChat, an app that runs on a device that cost thousands of dollars and could send only text messages.

“Criminals thought they could safely communicate with so-called crypto phones which used the application Ironchat,” Tuesday’s statement said. “Police experts in the east of the Netherlands have succeeded in gaining access to this communication. As a result, the police have been able to watch live the communication between criminals for some time.”

Read 10 remaining paragraphs | Comments