From the Chicago area, Kevin is a maker, tinkerer, and programmer.
331 stories
·
0 followers

Amazon Key flaw makes entering your home undetected a possibility

1 Comment

Enlarge / It's watching. (credit: Amazon)

Security research firm Rhino Security Labs found a vulnerability in the Amazon Key in-home delivery service's security procedures that could allow either the courier or even a savvy and malicious bystander to enter your home undetected after the delivery is completed. Amazon has promised to change how Key works in order to make it easier for you to tell when something unusual is happening in this event, but the changes proposed by Amazon don't necessarily resolve the vulnerability.

Amazon Key is available to Amazon customers who have bought and installed Amazon's own Cloud Cam security camera and installed it at their front door. If you're one of those customers, you can select "in-home delivery" as a delivery method when purchasing something on Amazon. Amazon couriers can then authenticate themselves with your Cloud Cam to unlock the door and enter your home to leave the package. However, they can only do this at a home to which they're assigned to make a delivery and only at the scheduled time. They are recorded by your security camera as they make the delivery, and they must lock the door when they leave. Amazon also tracks which courier is assigned to the delivery, and only that courier has access.

Rhino Labs discovered that a courier equipped with a simple program can use their laptop to fake a command from your Wi-Fi router to disconnect the Cloud Cam from your network. This causes the camera to stop functioning by freezing the image at the last frame. At that point, the courier could re-enter your home, do whatever it is that they want there, and then exit, reactivate the camera, and lock the door as usual. This re-entry would be undetectable by the resident, and it would appear like a normal delivery in Amazon's data.

Read 4 remaining paragraphs | Comments

Read the whole story
roofuskit
20 days ago
reply
Wow, thwarted by a simple deauth attack.
Share this story
Delete

US judge says “global de-indexing order” against Google threatens free speech

1 Share

(credit: Photo by Michael Gottschalk/Photothek via Getty Images)

Canadian courts can't rule the Internet—at least not outside Canada.

A US federal judge has stopped a ruling from the Canadian Supreme Court from going into effect in the US. The Canadian order would have ordered Google to de-index all pages belonging to a company called Datalink, which was allegedly selling products that violated the IP of Vancouver-based Equustek.

When the order came down earlier this year, Google filed a lawsuit in US federal court seeking to render the Canadian order unenforceable stateside. Google called the Canadian order "repugnant" to the First Amendment, and it pointed out that the Canadian plaintiffs "never established any violation of their rights under US law."

Read 8 remaining paragraphs | Comments

Read the whole story
roofuskit
32 days ago
reply
Share this story
Delete

The History of Russian Involvement in America's Race Wars

1 Share

According to a spate of recent reports, accounts tied to the St. Petersburg-based Internet Research Agency—a Russian “troll factory”— used social media and Google during the 2016 electoral campaign to deepen political and racial tensions in the United States. The trolls, according to an interview with the Russian TV network TV Rain, were directed to focus their tweets and comments on socially divisive issues, like guns. But another consistent theme has been Russian trolls focusing on issues of race. Some of the Russian ads placed on Facebook apparently targeted Ferguson and Baltimore, which were rocked by protests after police killings of unarmed black men; another showed a black woman firing a rifle. Other ads played on fears of illegal immigrants and Muslims, and groups like Black Lives Matter.

Except for the technology used, however, these tactics are not exactly new. They are natural outgrowths of a central component of covert influence campaigns, like the one Russia launched against the United States during the 2016 election: make discord louder; divide and conquer. “Covert influence campaigns don’t create divisions on the ground, they amplify divisions on the ground,” says Michael Hayden, who ran the NSA under Presidents Bill Clinton and George W. Bush and then became CIA director. During the Cold War, the Kremlin similarly sought to plant fake news and foment discontent, but was limited by the low-tech methods available at the time. “Before, the Soviets would plant information in Indian papers and hope it would get picked up by our papers,” says John Sipher, who ran the CIA’s Russia desk during George W. Bush’s first term. The Soviets planted misinformation about the AIDs epidemic as a Pentagon creation, according to Sipher, as well as the very concept of a nuclear winter. “Now, because of the technology, you can jump right in,” Sipher says.

Soviet propaganda poster by Dmitri Moor, 1932

Neither is playing on racial tensions inside the United States a new Russian tactic. In fact, it predates even the Cold War. In 1932, for instance, Dmitri Moor, the Soviet Union’s most famous propaganda poster artist, created a poster that cried, “Freedom to the prisoners of Scottsboro!” It was a reference to the Scottsboro Boys, nine black teenagers who were falsely accused of raping two white women in Alabama, and then repeatedly—wrongly—convicted by all-white Southern juries. The case became a symbol of the injustices of the Jim Crow South, and the young Soviet state milked it for all the propagandistic value it could.

It was part of a plan put in place in 1928 by the Comintern—the Communist International, whose mission was to spread the communist revolution around the world. The plan initially called for recruiting Southern blacks and pushing for “self-determination in the Black Belt.” By 1930, the Comintern had escalated the aims of its covert mission, and decided to work toward establishing a separate black state in the South, which would provide it with a beachhead for spreading the revolution to North America.

The Soviets also exploited the oppression of Southern blacks for their own economic benefit. It was the height of the Great Depression, and the Soviet Union was positioning itself not only as a workers’ utopia, but as a racial utopia as well, one where ethnic, national, and religious divisions didn’t exist. In addition to luring thousands of white American workers, it brought over African-American workers and sharecroppers with the promise of the freedom to work and live unburdened by the violent restrictions of Jim Crow. In return, they would help the Soviets build their fledgling cotton industry in Central Asia. Several hundred answered the call, and though many eventually went back—or died in the Gulag—some of their descendants remain in Russia. One of Russia’s best-known television hosts, for instance, is Yelena Khanga, the granddaughter of Oliver Golden, an agronomist from Tuskeegee University who moved with his communist Jewish-American wife to Uzbekistan to develop the cotton industry there.

The beginning of the Cold War coincided with the beginning of the civil rights movement, and the two became intertwined—both in how the Soviets used the racial strife, and how the Cold War propelled the cause of civil rights forward. “Early on in the Cold War, there was a recognition that the U.S. couldn’t lead the world if it was seen as repressing people of color,” says Mary Dudziak, a legal historian at Emory, whose book Cold War Civil Rights is the seminal work on the topic. When, in September 1957, the Arkansas governor Orval Faubus deployed the National Guard to keep nine black students from integrating the Central High School in Little Rock, the standoff was covered by newspapers around the world, many of which noted the discrepancy between the values America expressed and hoped to spread around the world, and how it implemented them at home.

The Soviets, again, took full advantage of the opportunity. Komsomolskaya Pravda, the newspaper of the communist youth organization in the USSR, ran a sensational story, complete with photographs, about the conflict under the headline, “Troops Advance Against Children!” Izvestia, the second main Soviet daily, also extensively covered the Little Rock crisis, noting at one point that “right now, behind the facade of the so-called ‘American democracy,’ a tragedy is unfolding which cannot but arouse ire and indignation in the heart of every honest man.” The story went on:

The patrons of Governor Faubus ... who dream of nooses and dynamite for persons with different-colored skins, advocates of hooliganism who throw rocks at defenseless Negro children—these gentlemen have the audacity to talk about “democracy” and speak as supporters of “freedom.” In fact it is impossible to imagine a greater insult to democracy and freedom than an American diplomat's speech from the tribunal of the U.S. General Assembly, a speech in which Washington was pictured as the “champion” of the rights of the Hungarian people.

The point then, as it was in 2016, was to discredit the American system, to keep the Soviets (and, later, Russians) loyal to their own system instead of hungering for Western-style democracy. But it was also used in Soviet propaganda around the world for a similar purpose. “This is a principal Soviet propaganda theme,” says Dudziak of the Soviet messaging at the time. “What’s described as communist propaganda that circulated in India overplays the story sometimes but also very maudlin stories about things that actually happened. Sometimes, in Pravda, all they needed to do was to reprint something that appeared in Time Magazine. Just the facts would themselves inflame international opinion. On top of that, the Soviets would push the envelope.”

This came at a critical time for time for the United States. After World War II, the U.S. was a new global power locked in an ideological struggle with the Soviet Union. As the United States tried to convince countries to join its sphere by taking up democracy and liberal values, the U.S. government was competing with the Soviets in parts of the world where images of white cops turning fire hoses and attack dogs on black protesters did not sit well—especially considering that this was coinciding with the wave African countries declaring independence from white colonial rulers. “Here at the United Nations I can see clearly the harm that the riots in Little Rock are doing to our foreign relations,” Henry Cabot Lodge, then the U.S. ambassador to the UN, wrote to President Eisenhower in 1957. “More than two-thirds of the world is non-white and the reactions of the representatives of these people is easy to see. I suspect that we lost several votes on the Chinese communist item because of Little Rock.”

“The Russian objective then was to disrupt U.S. international relations and undermine U.S. power in the world, and undermine the appeal of U.S. democracy to other countries,” says Dudziak, and Lodge was reflecting a central concern at the State Department at the time: The Soviet propaganda was working. American diplomats were reporting back both their chagrin and the difficulty of preaching democracy when images of the violence around the civil rights movement were reported all over the world, and amplified by Soviet or communist propaganda. On a trip to Latin America, then-Vice President Richard Nixon and his wife were met with protestors chanting, “Little Rock! Little Rock!” Secretary of State John Foster Dulles complained that “this situation was ruining our foreign policy. The effect of this in Asia and Africa will be worse for us than Hungary was for the Russians.” Ultimately, he prevailed on Eisenhower to insert a passage into his national address on Little Rock that directly addressed the discrepancy that Soviet propaganda was highlighting—and spinning as American hypocrisy. Whenever the Soviet Union was criticized for its human rights abuses, the rebuttal became, “And you lynch Negroes.”

Moscow never abandoned these tactics, which became known as “whataboutism,” even after the Soviet Union collapsed. Russian propaganda outlets like Russia Today—now known as RT—have always focused on domestic strife in the United States, be it homelessness or Occupy Wall Street or the Ferguson protests. The Facebook ads focusing on divisive issues like Black Lives Matter are just another page from the old Soviet handbook. The difference this time is that the Russians got better at penetrating the American discussions on these fraught subjects. They became a more effective bellows, amplifying the fire Americans built.

The good news, though, is that America can do things to disarm the propaganda. In the 1950s and 60s, for example, this was one of the reasons that American presidents pushed through various civil rights victories, culminating in the Civil Rights Act and the Voting Rights Act. This time, Americans can stop blaming the Russians and look at ourselves for what we do to fan the flames—to a far greater extent than the Russians ever could or do. “If there’s anyone to blame, it’s us,” says Sipher. “If we accept the stoking, it’s our fault.”

Read the whole story
roofuskit
39 days ago
reply
Share this story
Delete

Researchers warn state system to catch voter fraud has 99% false positive rate

1 Share

Enlarge / Georgia voters at voting machines during the US presidential election at the Athens-Clarke County Fleet building in Athens, Georgia, on November 8, 2016. (credit: TAMI CHAPPELL/AFP/Getty Images)

A database system that will now be used by Indiana to automatically purge voter registrations that have duplicates in other states is 99 percent more likely to purge legitimate voters, according to a paper published last week by researchers from Stanford University, the University of Pennsylvania, Harvard, Yale, and Microsoft Research. Using the probability of matching birth dates for people with common first, middle, and last names and an audit of poll books from the 2012 US presidential election, the researchers concluded that the system would de-register "about 300 registrations used to cast a seemingly legitimate vote for every one registration used to cast a double vote."

The Interstate Voter Registration Crosscheck Program is a system administered by the office of Kansas Secretary of State Kris Kobach—the vice-chair of President Donald Trump's Presidential Advisory Commission on Election Integrity. Crosscheck uses voter roll data from 27 states—pulled every January by election officials and uploaded to an FTP site—to check for duplicate records across states, based on full name and date of birth, as well as the last four digits of social security numbers where that data is collected by voter registration (which is not consistent from state to state).

Indiana has used Crosscheck as an advisory system for a number of years but not to automatically purge voters. A law passed in July now allows county election officials in Indiana to de-register voters when a duplicate registration is detected. The problem with that variation in data is that it can leave room for massive error, as Sharad Goel and Houshmand Shirani-Mehr of Stanford University, Marc Meredith of the University of Pennsylvania, Michael Morse of Harvard University and Yale Law School, and David Rothschild of Microsoft Research found.

Read 6 remaining paragraphs | Comments

Read the whole story
roofuskit
39 days ago
reply
Share this story
Delete

Days after activists sued, Georgia’s election server was wiped clean

1 Share

Enlarge / Georgia voters at voting machines during the US presidential election at the Athens-Clarke County Fleet building in Athens, Georgia, on November 8, 2016. (credit: TAMI CHAPPELL/AFP/Getty Images)

A server and its backups, believed to be key to a pending federal lawsuit filed against Georgia election officials, was thoroughly deleted according to e-mails recently released under a public records request.

Georgia previously came under heavy scrutiny after a researcher discovered significant problems with his home state’s voting system. A lawsuit soon followed in state court, asking the court to annul the results of the June 20 special election for Congress and to prevent Georgia’s existing computer-based voting system from being used again. The case, Curling v. Kemp, was filed in Fulton County Superior Court on July 3.

As the Associated Press reported Thursday, the data was initially destroyed on July 7 by the Center for Elections Systems at Kennesaw State University, the entity tasked with running the Peach State’s elections.

Read 12 remaining paragraphs | Comments

Read the whole story
roofuskit
39 days ago
reply
Share this story
Delete

Puerto Rico power woes continue, a month after Hurricane Maria

1 Share

Enlarge / Image of Tesla's solar+storage system outside of Hospital del Niño. (credit: Tesla)

Two weeks ago, battery makers Tesla and Sonnen pledged to build microgrids and deliver batteries to hospitals and other critical infrastructure in Puerto Rico in the aftermath of Hurricane Maria, which wiped out power to nearly all of the island’s electricity customers. Today, Tesla tweeted that Hospital del Niño, a children’s hospital in Puerto Rico, was the “first of many solar+storage projects going live.” (The company didn't immediately respond to requests for comments on the size of the installation or how much it cost.)

But Tesla is not the only company working on putting renewable energy in Puerto Rico. In an e-mail to Ars, Sonnen spokesperson Michelle Mapel said that the company's first microgrid in Puerto Rico would go live sometime next week, with three to five Sonnen microgrids serving communities on the island by mid-November.

Microgrids have often been cited as infrastructure to improve electric resiliency. They tend to be small, community-based systems that run on solar power, batteries, wind, or diesel generators, which can be quickly repaired and linked up to other microgrids in case of failure. In the aftermath of Superstorm Sandy in 2012, New York set aside $500,000 in grants to do feasibility studies for microgrid construction. Similarly, Puerto Rico seems enthusiastic to place microgrids where more traditional energy was once served. According to Bloomberg, Puerto Rico officials have talked not only to Tesla and Sonnen, but also to Arensis and Sunnova to discuss improving and privatizing parts of the commonwealth's public grid.

Read 7 remaining paragraphs | Comments

Read the whole story
roofuskit
39 days ago
reply
Share this story
Delete
Next Page of Stories