or text election to 36288 (FNCTV)
Friday, February 29, 2008
Thursday, February 21, 2008
Black Hat Conference: Security Researchers Claim To Hack GSM Calls
The creators of the in-development technology say they'll be able to crack GSM encryption with only about $1,000 worth of equipment.
By J. Nicholas Hoover, InformationWeek
Feb. 20, 2008
URL: http://www.informationweek.com/story/showArticle.jhtml?articleID=206800800
Security researchers presenting Wednesday at the Black Hat D.C. conference in Washington, D.C., demonstrated technology in development that they say will be able to greatly decrease the time and money required to decrypt, and therefore snoop on, phone and text message conversations taking place on GSM networks.
Many mobile operators worldwide use GSM networks, including T-Mobile and AT&T in the United States. The 64-bit encryption method used by GSM, known as A5/1, was first cracked in theory about 10 years ago, and researchers David Hulton and Steve, who declined to give his last name, said today that expensive equipment to help people crack the encryption has been available online for about 5 years.
Until now, however, it's been prohibitively expensive for people to get their hands on this technology. If it works, the technology Hulton and Steve are developing should be able to crack GSM encryption in less than 30 minutes with about $1,000 worth of equipment, or in about 30 seconds with $100,000 worth of equipment. The technology could potentially be helpful to law enforcement investigators, but could also be taken advantage of by malicious hackers. Hulton says he plans to commercialize the more expensive version of the technology.
Other hardware Hulton and Steve referenced uses two different techniques to snoop on GSM calls and can cost between $70,000 and $1 million. So-called "active" systems simulate a GSM base station and don't rely on encryption because they trick phones into connecting to the GSM network through them. Other, so-called "passive" systems snoop on the traffic and are far more expensive.
Hutton and Steve's technology relies on the use of an array of devices known as field programmable gate arrays to first create a table of all the possible encryption keys -- in this case 288 quadrillion -- and then decrypt each of those over the course of three months. The resulting tables of keys could then be used by software to decrypt GSM communications, which first have to be intercepted using a receiver that can listen in on GSM frequencies.
During their talk, Hulton and Steve also discussed the vulnerabilities of mobile device SIM cards, noting that GSM networks broadcast SIM cards' unique IDs in unencrypted text, which can tell attackers or law enforcement what kind of phone someone is using. The GSM network also can tell snoopers how far a phone is from a base station, within 200 meters of error. They noted that SIM cards run Java Virtual Machines that operators have access to, and suggested that it could be possible for malicious attackers to install applications on user's phones without them ever knowing, potentially rerouting traffic to a third party who listens in to phone conversations.
The GSM Association, a trade group representing more than 700 GSM operators, said it could not comment on the specific claims Hulton and Steve are making. However, spokesman David Pringle said in an e-mailed statement that while researchers have showed how A5/1 could be compromised in theory, none of their academic papers have led to "practical attack capability that can be used on live, commercial GSM networks." He also noted that more advanced encryption is beginning to be deployed for GSM networks and that other networks, including 3G networks, don't use A5/1.
Monday, February 18, 2008
Get ready for the eclipse that saved Columbus
The Moon will turn an eerie shade of red for people in the western hemisphere late Wednesday and early Thursday, recreating the eclipse that saved Christopher Columbus more than five centuries ago.
In a lunar eclipse, the Sun, Earth and Moon are directly aligned and the Moon swings into the cone of shadow cast by the Earth.
But the Moon does not become invisible, as there is still residual light that is deflected towards it by our atmosphere. Most of this refracted light is in the red part of the spectrum and as a result the Moon, seen from Earth, turns a coppery, orange or even brownish hue.
Lunar eclipses have long been associated with superstitions and signs of ill omen, especially in battle.
The defeat of the Persian king Darius III by Alexander the Great in the Battle of Gaugamela in 331 BC was foretold by soothsayers when the Moon turned blood-red a few days earlier.
And an eclipse is credited with saving the life of Christopher Columbus and his crew in 1504.
Stranded on the coast of Jamaica, the explorers were running out of food and faced with increasingly hostile local inhabitants who were refusing to provide them with any more supplies.
Columbus, looking at an astronomical almanac compiled by a German mathematician, realised that a total eclipse of the Moon would occur on February 29, 1504.
He called the native leaders and warned them if they did not cooperate, he would make the Moon disappear from the sky the following night.
The warning, of course, came true, prompting the terrified people to beg Columbus to restore the Moon -- which he did, in return for as much food as his men needed. He and the crew were rescued on June 29, 1504.
The Moon will be in total eclipse from 0301 GMT to 0351 GMT. This will be visible east of the Rocky Mountains in North America, as well as in all of Central and South America, West Africa and Western Europe. The zenith of totality is close to French Guiana.
It will be in partial eclipse from 0143 GMT to 0301 GMT, visible west of the Rockies and from the eastern Pacific, and from 0351 GMT to 0509 GMT, visible across the rest of Africa and Europe and much of South and West Asia.
Under a partial eclipse, Earth's shadow, or umbra, appears to take a "bite" out of the Moon.
The last total lunar eclipse took place on August 28 2007. The next will take place on December 21 2010.
A solar eclipse happens when the Moon swings between the Earth and the Sun.
+ Further details: (http://sunearth.gsfc.nasa.gov/eclipse/OH/OH2008.html); (http://sci.esa.int/science-e/www/object/index.cfm?fobjectid=38834); and (http://www.skyandtelescope.com/observing/highlights/15357796.html).
Copyright AFP 2008, AFP
Saturday, February 16, 2008
Wednesday, February 13, 2008
Thursday, February 7, 2008
Saturday, February 2, 2008
Domino's Viral Marketing OR Do We REALLY NEED THIS?
Now you can track your Pizza from the moment you call it in to the moment it hits your door.
From those cats over at Information Week's Editorial section:
Editor's Note: Web 2.0 Gone Awry: Online Pizza Tracking
Alert! Alert! Useless implementation of Web 2.0 Technology in progress. Alert!
Across the country, bleary-eyed teens and college students -- strung out from late-night Guitar Hero III marathons -- will no longer have the added worry of wondering when their Domino's pizza will be delivered. The company has debuted a new system that allows the pizza purchaser to track an order -- from the moment it's taken to preparation, baking, boxing, and delivery. This "Pizza Tracking Service" (implemented within 3,400 Domino's and in all franchises by June) is accurate up to 40 seconds.
This bit of tech wizardry gravitates into the "is this really necessary?" category. Seriously, you already know the Domino's mantra -- pizza delivered somewhere in the 30 minute time frame (little old ladies crossing the street be damned). No one can be that truly desperate/starving that they need to know the exact moment the pepperoni slices are being applied ... can they?
Chris McGlothlin, technology chief at Domino's, seems to think there's plenty of anxious customers out there. "It's an emotional roller-coaster when you order," McGlothlin says. "Customers wonder: Did they get my order? Are they taking care of me? Will it show up?"
Now, to be fair, the new Pizza Tracker also lets the user rate the experience -- the quality of the food, the delivery time, and the courtesy of the order taker and delivery person, all with the goal of improving customer service and quality. Nothing that the use of a telephone or online customer service form/e-mail address hasn't allowed before.
I'm reminded of a few years back when early Web page designers learned a whole bunch of "nifty tricks" (music, animations, etc.) and plastered their sites with them. After the initial cool factor wore off, most folks agreed that using new technology for the sake of using it does not always make a better product. IT pros preparing to implement Web 2.0 apps should really take that to heart. Before adding a new tool to the site, ask yourself, "Is this really going to improve the quality of my user's experience or are we just adding a bunch of bells and whistles because we can?"
So what do you think? Is this Pizza Tracker like a piping hot slice chased by a cold beer or akin to anchovies gilding a black olive pizza? Please come to my blog and post a comment.
Tom LaSusa
tlasusa@cmp.com
www.informationweek.com
I Thought, with the Big Game coming up 2morrow & all, this might save the day ;-p
-b
From those cats over at Information Week's Editorial section:
Editor's Note: Web 2.0 Gone Awry: Online Pizza Tracking
Alert! Alert! Useless implementation of Web 2.0 Technology in progress. Alert!
Across the country, bleary-eyed teens and college students -- strung out from late-night Guitar Hero III marathons -- will no longer have the added worry of wondering when their Domino's pizza will be delivered. The company has debuted a new system that allows the pizza purchaser to track an order -- from the moment it's taken to preparation, baking, boxing, and delivery. This "Pizza Tracking Service" (implemented within 3,400 Domino's and in all franchises by June) is accurate up to 40 seconds.
This bit of tech wizardry gravitates into the "is this really necessary?" category. Seriously, you already know the Domino's mantra -- pizza delivered somewhere in the 30 minute time frame (little old ladies crossing the street be damned). No one can be that truly desperate/starving that they need to know the exact moment the pepperoni slices are being applied ... can they?
Chris McGlothlin, technology chief at Domino's, seems to think there's plenty of anxious customers out there. "It's an emotional roller-coaster when you order," McGlothlin says. "Customers wonder: Did they get my order? Are they taking care of me? Will it show up?"
Now, to be fair, the new Pizza Tracker also lets the user rate the experience -- the quality of the food, the delivery time, and the courtesy of the order taker and delivery person, all with the goal of improving customer service and quality. Nothing that the use of a telephone or online customer service form/e-mail address hasn't allowed before.
I'm reminded of a few years back when early Web page designers learned a whole bunch of "nifty tricks" (music, animations, etc.) and plastered their sites with them. After the initial cool factor wore off, most folks agreed that using new technology for the sake of using it does not always make a better product. IT pros preparing to implement Web 2.0 apps should really take that to heart. Before adding a new tool to the site, ask yourself, "Is this really going to improve the quality of my user's experience or are we just adding a bunch of bells and whistles because we can?"
So what do you think? Is this Pizza Tracker like a piping hot slice chased by a cold beer or akin to anchovies gilding a black olive pizza? Please come to my blog and post a comment.
Tom LaSusa
tlasusa@cmp.com
www.informationweek.com
I Thought, with the Big Game coming up 2morrow & all, this might save the day ;-p
-b
Subscribe to:
Posts (Atom)
