Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Sunday January 22, @12:09AM   Printer-friendly

It was an innocuous-looking photograph that turned out to be the downfall of Zheng Xiaoqing, a former employee with energy conglomerate General Electric Power:

According to a Department of Justice (DOJ) indictment, the US citizen hid confidential files stolen from his employers in the binary code of a digital photograph of a sunset, which Mr Zheng then mailed to himself.

It was a technique called steganography, a means of hiding a data file within the code of another data file. Mr Zheng utilised it on multiple occasions to take sensitive files from GE.

[...] The information Zheng stole was related to the design and manufacture of gas and steam turbines, including turbine blades and turbine seals. Considered to be worth millions, it was sent to his accomplice in China. It would ultimately benefit the Chinese government, as well as China-based companies and universities.

Zheng was sentenced to two years in prison earlier this month. It is the latest in a series of similar cases prosecuted by US authorities. In November Chinese national Xu Yanjun, said to be a career spy, was sentenced to 20 years in prison for plotting to steal trade secrets from several US aviation and aerospace companies - including GE.

Originally spotted on Schneier on Security.

Related:


Original Submission

Related Stories

New Zeus Trojan Variant Using Steganography 26 comments

Keldrin writes:

"Zeus is a trojan designed to steal banking credentials, and has been declared one of the most successful pieces of malware currently seen in the wild. A new variant is making detection far more difficult for anti-virus companies by hiding configuration settings inside pictures. At the moment, the malware simply encodes the configuration with Base64, passes them through XOR and RC4, then attaches them to the end of an image file. This makes for an 'infected' file that is much larger than the original. There is speculation that future releases of the malware will be able to detect minuscule changes to the colors of individual pixels, making the affected files much harder to detect."

How Video Became a Dangerous Delivery Vehicle for Malware Attacks 23 comments

Submitted via IRC for SoyCow2718

Most employees have some awareness about malware attacks. Many probably know that you should never open an executable file from a stranger or install a thumb drive found in the parking lot, for example. But videos, or links to videos, can deliver malware just like that executable or thumb drive. Do your employees know this too? And even if they do know it, will they be tricked into chasing malicious videos anyway?

Here's why it's time to start focusing on video malware.

[...] The video habit (or addiction) in our culture has paved the way for video malware — malicious code embedded into video files. Video malware is part of a larger trend toward more effective stealth in the delivery of malware. It's also the latest, and probably the most interesting, example of malicious steganography — the embedding of something secret inside some other medium. When the medium is an executable file, it's called stegware.

Malware has been embedded in still-image file formats, such as JPG, PNG and BMP formats, for years. Now, it appears that video malware is having a moment.

Source: https://securityintelligence.com/articles/how-video-became-a-dangerous-delivery-vehicle-for-malware-attacks/


Original Submission

Say Goodbye to the Dots and Dashes to Enhance Optical Storage Media 28 comments

Arthur T Knackerbracket has processed the following story:

Purdue University innovators have created technology aimed at replacing Morse code with colored “digital characters” to modernize optical storage. They are confident the advancement will help with the explosion of remote data storage during and after the COVID-19 pandemic.

[...] Rather than using the traditional dots and dashes as commonly used in these technologies, the Purdue innovators encode information in the angular position of tiny antennas, allowing them to store more data per unit area.

"The storage capacity greatly increases because it is only defined by the resolution of the sensor by which you can determine the angular positions of antennas," said Alexander Kildishev, an associate professor of electrical and computer engineering in Purdue's College of Engineering. "We map the antenna angles into colors, and the colors are decoded."

[...]This new development not only allows for more information to be stored but also increases the readout rate.

"You can put four sensors nearby, and each sensor would read its own polarization of light," Kildishev said. "This helps increase the speed of readout of information compared to the use of a single sensor with dots and dashes."

Future applications for this technology include security tagging and cryptography. To continue developing these capabilities, the team is looking to partner with interested parties in the industry.

Journal Reference:
Maowen Song, Di Wang, Zhaxylyk A. Kudyshev, et al. Enabling Optical Steganography, Data Storage, and Encryption with Plasmonic Colors, Laser & Photonics Reviews (DOI: 10.1002/lpor.202000343)


Original Submission

This discussion was created by janrinok (52) for logged-in users only. Log in and try again!
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 4, Insightful) by Runaway1956 on Sunday January 22, @02:37AM (5 children)

    by Runaway1956 (2926) Subscriber Badge on Sunday January 22, @02:37AM (#1288001) Homepage Journal

    What would the US be willing to do, to capture trade secrets and technology from other nations? Does Operation Paperclip ring any bells? https://en.wikipedia.org/wiki/Operation_Paperclip [wikipedia.org] What about all the ongoing intel operations around the world? Is that all military, or are we routinely stealing industrial secrets?

    But, back to walking a mile - what if we were the tech underdogs? What if the UK, Europe, Russia and China were all ahead of us, and denying us their tech? What if we were Canada's poor southern neighbor, instead of a world power? What would we do about it?

    If you answer, "We'd just steal everything we could!" then you are correct.

    --
    Don’t confuse the news with the truth.
    • (Score: 2) by crafoo on Sunday January 22, @03:18AM

      by crafoo (6639) on Sunday January 22, @03:18AM (#1288010)

      that is correct. international politics is amoral, and it cannot be any other way, ever. morality is subjective. each nation advances their own best interests. it's a good reason to build a strong, cohesive culture. It really is your nation against everyone else and anyone telling you differently is an outsider trying to take your stuff.

    • (Score: 2) by Rich on Sunday January 22, @03:22AM

      by Rich (945) on Sunday January 22, @03:22AM (#1288011) Journal

      I'd say Paperclip was fair game with war booty. And Von Braun even, after losing two world wars with Germany, stated he'd once like to be on the winning side. Really immoral US dealings with war booty were the Unit 731 affair.

      But e.g. the issue where wind generator manufacturer Enercon was denied entry into the American market is quite nasty stuff that could come straight from a bad thriller novel.

    • (Score: 2) by Captival on Sunday January 22, @04:03AM (1 child)

      by Captival (6866) on Sunday January 22, @04:03AM (#1288013)

      I'm not going to blame China for trying, but I am going to blame the US corporations that keep giving them manufacturing jobs to steal, and US politicians who are bought and paid for and always appease China.

    • (Score: 2) by Reziac on Monday January 23, @02:31AM

      by Reziac (2489) on Monday January 23, @02:31AM (#1288122) Homepage

      Takeaway: Everybody steals whatever they can. But Chinese spies are so ham-handed that they are the most likely to get caught.

  • (Score: 4, Informative) by RedGreen on Sunday January 22, @05:00AM (2 children)

    by RedGreen (888) on Sunday January 22, @05:00AM (#1288017)

    Brought to by the same people who did it to bootstrap their rise by stealing all the IP of the word back then, the Americans. Then again they have always have been that with all they do, from the all men created with equal rights, unless of course you are not a christian white male, to the democracy they are suppose to support. The same people who whenever a government is elected around the world that supports the people are the first to get the murdering right wing bastards going about their business of killing their leaders and people they do so well. Though I do agree they should be stopping the equal murderous Chinese bastards, first step should be telling their parasite corporations the free ride is over pay some taxes and bring back the jobs you have farmed out to the slave labour there.

    --
    "I modded down, down, down, and the flames went higher." -- Sven Olsen
    • (Score: 2, Touché) by Anonymous Coward on Sunday January 22, @01:42PM (1 child)

      by Anonymous Coward on Sunday January 22, @01:42PM (#1288052)

      Your government is next.

      • (Score: 3, Informative) by RedGreen on Sunday January 22, @03:23PM

        by RedGreen (888) on Sunday January 22, @03:23PM (#1288058)

        "Your government is next."

        I am under no illusions that my government is anything special. They just do not flat out murder people, they are the same scummy bunch of bastards all politicians are. That is the only difference there is between them.

        --
        "I modded down, down, down, and the flames went higher." -- Sven Olsen
  • (Score: 2) by deimtee on Sunday January 22, @07:01AM (2 children)

    by deimtee (3272) on Sunday January 22, @07:01AM (#1288028) Journal

    If the USA actually succeeded in stopping all tech export to China the likely result would be China investing massively into their own development. Sure they can steal this turbine design, but if you manage to stop them then they will have to research and design their own turbines. And given their resources, very soon they would likely be better turbine designers than you.

    It's the reverse of the situations with rare earth metals. China keeps the price high enough to bleed, but not quite high enough for anyone else to mine and process them.

    --
    No problem is insoluble, but at Ksp = 2.943×10−25 Mercury Sulphide comes close.
    • (Score: 2, Insightful) by Anonymous Coward on Sunday January 22, @01:39PM (1 child)

      by Anonymous Coward on Sunday January 22, @01:39PM (#1288051)

      They're already investing in their own development. They don't need to stop stealing because it works.

      • (Score: 2, Interesting) by Anonymous Coward on Sunday January 22, @11:03PM

        by Anonymous Coward on Sunday January 22, @11:03PM (#1288107)

        It wrecks the culture. It's an admission that you can't do it. Thievery and cheating become the winning plays = corrupt shithole.

(1)