2017-07-01 00:00:00 ..
2017-10-22 11:16:25 UTC
(SPIDs: [719..756]) 2017-10-22 08:22:15 UTC
We always have a place for talented people, visit the Get Involved section on the wiki to see how you can make SoylentNews better.
Multiple Soylentils submitted stories about a newly-reported vulnerability that has been discovered in the WPA-2 protocol that secures communications on Wi-Fi networks. This is a significant vulnerability, but not quite as bad as some sensationalist headlines and stories would suggest. As I understand it, there is a 4-step process by which keys are exchanged to set up wireless encryption. An attacker can force a connection to repeat the 3rd step and thus force known values for the nonce. An attacker can leverage that information to break the encryption and, in many cases, eavesdrop on communications. In certain cases, it is possible to manipulate the communications and modify/insert a payload.
The vulnerability is in the protocol, not in a specific implementation. The spec fails to call out a mitigation that could preclude key re-use. So, it is an error of omission instead of an error of commission. An implementation can avoid this problem by refusing to reuse a previously received key.
The defect is primarily in the remote device, not in the base station. The researcher called out Android 6+ as being especially vulnerable.
A fix for BSD was silently released ahead of the announcement. I saw a report that Linux has already been patched, but without any supporting link.
The researcher, Mathy Vanhoef, has created a web site with details: https://www.krackattacks.com/. A research paper, Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 (pdf), is available.
See the Vulnerability Notes Database for information on specific vendors.
Sensationalist reports are already appearing. For a calmer view, see Kevin Beaumont's take on this at Regarding Krack Attacks — WPA2 flaw where he notes:
- It is patchable, both client and server (Wi-Fi) side.
- Linux patches are available now. Linux distributions should have it very shortly.
- The attack doesn't realistically doesn't[sic] work against Windows or iOS devices. The Group vuln is there, but it's not near enough to actually do anything of interest.
- There is currently no publicly available code out there to attack this in the real world — you would need an incredibly high skill set and to be at the Wi-Fi base station to attack this.
- Android is the issue, which is why the research paper concentrates on it. The issue with Android is people largely don't patch.
My suggestion for organisations is they ask their Wi-Fi network providers for patches — this is absolutely patchable, as per the researcher's own website.
The Guardian has an article on it here https://www.theguardian.com/technology/2017/oct/16/wpa2-wifi-security-vulnerable-hacking-us-government-warns.
Heres the researchers description...
We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.
An air of unease set into the security circles on Sunday as they prepared for the disclosure of high-severity vulnerabilities in the Wi-Fi Protected Access II protocol that make it possible for attackers to eavesdrop Wi-Fi traffic passing between computers and access points.
The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks. The research has been a closely guarded secret for weeks ahead of a coordinated disclosure that's scheduled for 8 a.m. Monday, east coast time. An advisory the US CERT recently distributed to about 100 organizations described the research this way:
US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.
Woody Leonhard has been my go-to source for the status of safety and usability of updates to Windows for years. He's not usually prone to alarmism, so I'm looking at this announcement on his site with a great deal of trepidation:
There's a lot of buzz this weekend about a flaw that's purported to break security on most Wi-Fi connections, allowing an eavesdropper to snoop or use the connection without permission.
Said to involve CVE-2017-13077, 13078, 13079, 13080, 13081, 13082, 13084, 13086, 13087, 13088, when they're posted.
The reference to the tweet by @campuscodi is to "Catalin Cimpanu [who] is the Security News Editor for Bleeping Computer, where he covers topics such as malware, breaches, vulnerabilities, exploits, hacking news, the Dark Web, and a few more." See the tweet for references to background papers which may be of assistance in understanding the nature of the flaw and possible preparations to help try and mitigate the breakage.
There is a web site — https://www.krackattacks.com/ — which was created on October 10 that seems to be a placeholder for posting the details when they are released.
Time to stock up on energy drinks, coffee, and Pringles®?
Submitted via IRC for SoyCow1937
SpaceX will attempt the launch of EchoStar 105/SES-11 at 6:53 PM EDT (10:53 PM UTC). This is SpaceX's second launch attempt in 3 days, following the successful launch of 10 satellites for Iridium on Monday:
It's the third time SpaceX has used one of its landed boosters for a second flight — and if it sticks the landing again, it'll also be the third to have come safely back to Earth for a second time. The first reused Falcon 9 flew in March, with the second one following close behind in June. It's possible we'll see more used rockets fly before the year is out: earlier this year, Musk said the company could fly as many as six used boosters in 2017. Eventually, SpaceX hopes to refly its Falcon 9s much more frequently, by making a landed booster ready to fly again in just 24 hours.
Going up on this flight is a hybrid satellite that will be used by two companies, SES and EchoStar. Called EchoStar 105/SES-11, the satellite will sit in a high orbit 22,000 miles above Earth, providing high-definition broadcasts to the US and other parts of North America. While this is the first time EchoStar is flying a payload on a used Falcon 9, this is familiar territory for SES. The company's SES-10 satellite went up on the first "re-flight" in March. And SES has made it very clear that it is eager to fly its satellites on previously flown boosters.
Update: Liftoff was successful and the first stage landed successfully on a drone ship in the Atlantic Ocean.
Update 2: EchoStar 105/SES-11 successfully deployed.
The death toll from Northern California's wildfires now stands at 15, officials say, with a total of nine confirmed fatalities in Sonoma County. The Sonoma County Sheriff's Office said on its Twitter page that the number of dead had increased from seven to nine. Three others are dead in Mendocino County, two more in Napa and one in Yuba, officials say. In Sonoma County, more than 200 people have been reported missing, and 45 of those have since been located, officials said.
The fires have burned 115,000 acres statewide and destroyed at least 2,000 homes and businesses, Cal Fire Ken Pimlott said Tuesday. More than 4,000 emergency workers have been deployed to help battle the fires, including a massive effort at McClellan Air Park, where a record 45 missions were flown Monday that dumped 266,000 acres of retardant on the blazes.
Vice President Mike Pence visited the state's emergency operations center at Mather Air Park Tuesday and announced that President Trump had approved the state's request for federal assistance in the counties of Butte, Lake, Mendocino, Napa, Nevada, Sonoma, and Yuba.
A gunman fired upon thousands of people attending a music festival on the Las Vegas Strip Sunday night, in a brutal attack that is blamed for at least 58 deaths, police say. In the mass shooting and panic that ensued, 515 people were injured. At least one of the dead is an off-duty police officer who was attending the concert.
Editorializing: Interesting how media always emphasize ISLAMIC terrorists, but downplay domestic terrorism as psychologically disturbed individual lone-wolfs.
As if the onslaught of hurricanes Irma and Maria were not enough, the National Weather Service in San Juan is reporting that a major dam is failing in Puerto Rico and that 70,000 people are being evacuated by bus. From CBS:
The National Weather Service in San Juan said Friday that the northwestern municipalities of Isabela and Quebradillas, home to some 70,000 people, were being evacuated with buses because the nearby Guajataca Dam was failing after Hurricane Maria hit the U.S. territory.
Maria poured more than 15 inches of rain on the mountains surrounding the dam, swelling the reservoir behind it.
Details remained slim about the evacuation with communications hampered after the storm, but operators of the dam reported that the failure was causing flash-flooding downstream. The 345-yard dam holds back a man-made lake covering about 2 square miles and was built decades ago, U.S. government records show.
"Move to higher ground now," the weather service said in a statement. "This is an extremely dangerous and life-threatening situation. Do not attempt to travel unless you are fleeing an area subject to flooding or under an evacuation order."
"Act quickly to protect your life," it added. "Buses will be evacuating people from these areas."
Wikipedia has a page about Guajataca Dam
The BBC is reporting that North Korea has fired another missile:
North Korea has fired a missile eastwards from its capital, Pyongyang, towards Japan, media reports say.
Japan said that the missile likely passed over its territory and has warned residents to take shelter, local media report.
South Korea and the US are analysing the details of the launch, the South's military said.
Al Jazeera reports:
The projectile was launched at 6:57am (21:57GMT Thursday) and flew over the northern Japanese island of Hokkaido before falling into the Pacific Ocean - 2,000km east of Cape Erimo, said Japan's Chief Cabinet Secretary Yoshihide Suga.
"Japan protests the latest launch in the strongest terms and will take appropriate and timely action at the United Nations and elsewhere, staying in close contact with the United States and South Korea," Suga told reporters.
South Korea's defence ministry said the missile travelled about 3,700km and reached a maximum altitude of 770km - both higher and further than previous tests.
Just more saber rattling? Another step in escalation? What's next?
The New York Daily News reports Len Wein has died at the age of 69:
Legendary comic book writer and editor Len Wein has died.
He was 69.
Wein helped revive the "X-Men" franchise in 1975 with artist Dave Cockrum, creating characters including Nightcrawler, Storm, Colossus and Thunderbird.
A year earlier, in "The Incredible Hulk" #180, he debuted Wolverine, who eventually joined the "X-Men" team in later years.
In the late '80s, Wein left Marvel for DC Comics, where he worked as a writer and later an editor.
His work included "Batman" and "Green Lantern," as well as editing Alan Moore's and Dave Gibbons' "Watchmen" and "Swamp Thing," also by Moore.
I was surprised to learn just how tremendously prolific he actually was. Wikipedia has a thorough rundown of his life and works.
Reports are coming in about a massive earthquake which hit late Thursday night in Mexico.
The Telegraph has live coverage; most recently:
A rare and powerful 8.2-magnitude earthquake struck southern Mexico late Thursday, killing at least 15 people as seismologists warned of a tsunami of more than 10 feet.
The quake hit offshore in the Pacific about 75 miles southwest of the town of Tres Picos in far southern Chiapas state, the US Geological Survey said, putting the magnitude at 8.1.
Mexico's president said the earthquake magnitude was 8.2, the strongest in a century in the country.
The USGS (United States Geological Survey) has a page with copious data and reports available. Here is their Tectonic Summary:
The September 8th, 2017, M 8.1 earthquake offshore Chiapas, Mexico, occurred as the result of normal faulting at an intermediate depth. Focal mechanism solutions for the earthquake indicate slip occurred on either a fault dipping very shallowly towards the southwest, or on steeply dipping fault striking NW-SE. At the location of this event, the Cocos plate converges with North America at a rate of approximately 76 mm/yr, in a northeast direction. The Cocos plate begins its subduction beneath Central America at the Middle America Trench, just over 100 km to the southwest of this earthquake. The location, depth, and normal-faulting mechanism of this earthquake indicate that it is likely an intraplate event, within the subducting Cocos slab, rather than on the shallower megathrust plate boundary interface.
Wikipedia has a well-written summary of the event available:
On 7 September 2017, at 11:49 p.m. CDT, a magnitude 8.2 earthquake occurred off the coast of Chiapas, Mexico, approximately 87 kilometres (54 mi) south of Pijijiapan in the Gulf of Tehuantepec. The earthquake caused some buildings in Mexico City to shake, prompting people to evacuate. At least five people have been killed, according to the state governments of Chiapas and Tabasco. The earthquake also generated a tsunami with waves of 1 metre (3 ft 3 in) above tide level; tsunami alerts have been issued for surrounding areas. It was the strongest earthquake recorded in Mexico in a century as well as the second strongest recorded in the country's history, behind the magnitude 8.6 earthquake in 1787. It is also the most intense recorded globally in 2017.
See also: Huffington Post.
North American has not been doing so well, lately... Hurricane Harvey, Hurricane Irma, and now this. What's next? Tornado alley gets a sudden surge, as well? Human sacrifice, dogs and cats living together... mass hysteria?
Residents near a chemical plant in Crosby, TX — approximately 25 miles (40km) northeast of Houston — have been evacuated due to the possibility of an explosion:
Arkema SA expects chemicals to catch fire or explode at its heavily flooded plant in Crosby, Texas in the coming days because the plant has lost power to its chemical cooling systems, a company official said on Wednesday.
The company evacuated remaining workers on Tuesday, and Harris County ordered the evacuation of residents in a 1.5-mile(2.4-km) radius of the plant that makes organic peroxides used in the production of plastic resins, polystyrene, paints and other products.
Richard Rowe, chief executive officer of Arkema's North America unit, told reporters that chemicals on the site will catch fire and explode if they are not properly cooled.
Arkema expects that to happen within the next six days as temperatures rise. He said the company has no way to prevent that because the plant is swamped by about 6 feet (1.83 m) of water due to flooding from Harvey, which came ashore in Texas last week as a powerful Category 4 hurricane.
"Materials could now explode and cause a subsequent and intense fire. The high water that exists on site, and the lack of power, leave us with no way to prevent it," Rowe said. He said he believes a fire would be "largely sustained on our site but we are trying to be conservative."
From the company's web site:
Our Crosby facility makes organic peroxides, a family of compounds that are used in everything from making pharmaceuticals to construction materials. But organic peroxides may burn if not stored and handled under the right conditions. At Crosby, we prepared for what we recognized could be a worst case scenario. We had redundant contingency plans in place. Right now, we have an unprecedented 6 feet of water at the plant. We have lost primary power and two sources of emergency backup power. As a result, we have lost critical refrigeration of the materials on site that could now explode and cause a subsequent intense fire. The high water and lack of power leave us with no way to prevent it. We have evacuated our personnel for their own safety. The federal, state and local authorities were contacted a few days ago, and we are working very closely with them to manage this matter. They have ordered the surrounding community to be evacuated, too.
Rather than putting pressure on the businesspeople of the Manufacturing Council & Strategy & Policy Forum, I am ending both. Thank you all!
3M Co. Chief Executive Officer Inge Thulin stepped down from the White House's manufacturing council, adding to the corporate exodus as the backlash grows to President Donald Trump's ambivalent response to racially-charged violence in Virginia over the weekend.
Thulin joined the White House panel in January "to advocate for policies that align with our values and encourage even stronger investment and job growth -- in order to make the United States stronger, healthier and more prosperous," the CEO said Wednesday in a statement tweeted by 3M. "After careful consideration, I believe the initiative is no longer an effective vehicle for 3M to advance these goals."
Update: The members of the Strategic and Policy Forum reportedly disbanded the group before President Trump's tweet:
The quick sequence began late Wednesday morning when Stephen A. Schwarzman, the chief executive of the Blackstone Group and one of Mr. Trump's closest confidants in the business community, organized a conference call for members of the president's Strategic and Policy Forum. On the call, the chief executives of some of the largest companies in the country debated how to proceed. After a discussion among a dozen prominent C.E.O.s, the decision was made to abandon the group altogether, said people with knowledge of the details of the call.
Also at Bloomberg:
Trump made the announcement on Twitter, less than an hour after one of the groups was said to be planning to inform the White House that it would break up. [...] Trump appeared to be making an effort to get ahead of the news as the councils began to disintegrate. The strategy forum, which is led by Blackstone Group LP's Stephen Schwarzman, planned to inform the White House Wednesday before making the announcement public, according to another person familiar with the matter, who wasn't authorized to discuss the news publicly.
The new Dr Who has been announced....
I'll get the popcorn..
Jodie Whittaker has been announced as Doctor Who's 13th Time Lord - the first woman to get the role.
She was revealed in a trailer that was broadcast on BBC One at the end of the Wimbledon men's singles final.
The Broadchurch star succeeds Peter Capaldi, who took the role in 2013 and leaves in this year's Christmas special.
Whittaker, 35, said it was "more than an honour" to become the Doctor. She will make her debut on the sci-fi show when the Doctor regenerates in the Christmas Day show.
We're a bit late to the party, but for those who haven't seen on the Internet, today is a protest day for Net Neutrality, where sites across the internet are disrupting their normal operations to get the word out and get people to send a message. Ars Technica already has a fairly decent summary of who's doing what, and we stand with them and the rest of the Internet.
Due to real life issues, I was late on getting this together, but for the rest of the day, this article will remain on the top of the page
and we will be blacking the theme of the site in protest [Technical issues among others precluded our doing so today --martyb].
Let's get the word out!
A U.S. Navy vessel has collided with a container vessel southwest of Yokosuka, Japan:
Seven U.S. sailors are unaccounted for after a Navy destroyer collided with a merchant ship southwest of Yokosuka, Japan, early Saturday local time, a U.S. official and the Navy said.
Some flooding was reported aboard the USS Fitzgerald, a 505-foot destroyer, after the collision with a Philippine container vessel at approximately 2:30 a.m. Saturday local time (1:30 p.m. ET Friday), about 56 nautical miles of Yokosuka, the U.S. 7th Fleet said.
Also at Reuters.
mrpg wrote in with another story about a U.S. Navy sailor who was reported missing and presumed dead after a search by the Navy, Japan Maritime Self-Defense Force, and Japan's Coast Guard. He was found days later, hiding in one of the engine rooms.
A gunman opened fire at U.S. Congressmen and others who were gathered at a practice this morning for the Congressional Baseball Game. House Majority Whip Steve Scalise and at least four others were reportedly injured. The gunman, who has been identified by unnamed sources as James T. Hodgkinson III, was taken to a local hospital where he died from his injuries:
A gunman unleashed a barrage of gunfire Wednesday at a park in Alexandria, Va., as Republican members of Congress held a morning baseball practice, wounding at least five people, including House Majority Whip Steve Scalise (La.).
The suspected gunman is James T. Hodgkinson III, 66, from Illinois, according to multiple law enforcement sources. President Trump announced that the gunman, who was wounded in a shootout with officers, has died at an area hospital.
The wounded also included two Capitol Police officers and a congressional aide, according to one law enforcement official and witness accounts.
Congressman Scalise was shot in the hip and is in stable condition.
Hodgkinson's motive may have already been identified by the media:
A Facebook page belonging to a person with the same name includes pictures of Democratic presidential candidate, Bernie Sanders, and rhetoric against President Trump, including a post that reads: "Trump is a Traitor. Trump Has Destroyed Our Democracy. It's Time to Destroy Trump & Co."
Charles Orear, 50, a restaurant manager from St. Louis, said in an interview Wednesday that he became friendly with Hodgkinson during their work together in Iowa on Sanders's campaign. Orear said Hodgkinson was a passionate progressive and showed no signs of violence or malice toward others.
Armed police respond to serious incidents at London Bridge and Borough Market – with members of the public urged to reach areas of safety.
Since late yesterday evening [Saturday, 3 June], the Metropolitan Police Service has been responding to incidents in the London Bridge and Borough Market areas of south London. We are treating this as a terrorist incident and a full investigation is already underway, led by the Met’s Counter Terrorism Command.
[...] Six people have been killed in terror attacks on London Bridge and at Borough Market.
Three male suspects have been shot dead by police.
Canisters seen around the body of at least one of the suspects have been “established to be hoaxes”, police said.
Police believe all of those directly responsible for the attack have been killed.
[...] Since March there has been the Westminster attack by Khalid Masood, who mowed down pedestrians near parliament and stabbed a policeman, resulting in six deaths, including his own: and the Manchester bombing two weeks ago that killed 22. And now London again.
[...] An editor in the Sun’s London Bridge Street office says police confirmed that a number of blasts heard [...] were controlled explosions.
Source: The Guardian
An investigation into the foreign funding of extremist Islamist groups may never be published, the Home Office has admitted.
The inquiry commissioned by David Cameron, was launched as part of a deal with the Liberal Democrats in December 2015, in exchange for the party supporting the extension of British airstrikes against Isis into Syria.
But although it was due to be published in the spring of 2016, it has not been completed and may never be made public due to its "sensitive" contents.
It is thought to focus on Saudi Arabia, which the UK recently approved £3.5bn worth of arms export licences to.
Source: The Independent