Category Archives: Hackers News

Hackers News

Hackers News

NSA’s Top-Secret SKYNET May Be Killing Thousands of Innocent Civilians

Leave a comment
NSA’s Top-Secret SKYNET May Be Killing Thousands of Innocent Civilians With Drones
So what do you expect from an Artificially intelligent program run by the government intelligence agency?
Possibly killing innocent people.
The real-life SKYNET, the fictional malevolent artificial intelligence in the Terminator movies, run by the US National Security Agency (NSA) is a surveillance program that uses cell phone metadata to track the GPS location and call activities of suspected terrorists, who may be shot by a Hellfire missile.
Now, a new analysis of previously published NSA documents leaked by former NSA staffer Edward Snowden suggests that many of those people killed based on metadata may have been innocent.
Last year, the leaked documents detailing the NSA’s SKYNET programme published by The Intercept showed that NSA had used a machine learning algorithm on the cellular network metadata of 55 Million people in Pakistan to rate each citizen’s likelihood of being a terrorist.

You need to know that the US drone bombing campaigns in Pakistan have been raging for years.

Elementary Errors in SKYNET

However, the spy agency has made elementary errors in their machine-learning algorithm, which lead to the generation of thousands of false leads, potentially exposing innocent people to remote assassination by drone.
One of the leaked slides claimed that SKYNET has a false-positive rate of 0.008%, in some cases, and the NSA was using about 55 million people’s phone records for SKYNET.
But, Ars Technica points out that, even at this minute rate, many innocent people are possibly mislabeled. Some of the NSA’s tests even saw higher error rates of 0.18%, which means mislabeling nearly 99,000 people out of the 55 Million.

“There are very few ‘known terrorists’ to use to train and test the model,” Patrick Ball, the executive director of Human Rights Data Analysis Group, told the site. “If they are using the same records to train the model as they are using to test the model, their assessment of the fit is completely bullshit.”

The purpose SKYNET serves is not clear yet. Although SKYNET could be part of non-violent surveillance programs, like tracking and monitoring suspected terrorists, Ars suggests this technology could potentially be used to target drone strikes.

US Drone Strike Killed Almost 4,000 People

Since 2004, the United States government has carried out hundreds of drone strikes against alleged terrorists in Pakistan and killed somewhere between 2,500 and 4,000 people, the Bureau of Investigative Journalism reported.
The NSA has not yet commented on how the agency used SKYNET, and how the technology was trained.
But Does Killing people “Based on Metadata” actually make sense?
Maybe it is easy to say YES, it makes sense as it happened or is happening far away in a foreign land. But imagine if SKYNET gets turned on us.

Hackers News

Critical glibc Flaw Puts Linux Machines and Apps at Risk (Patch Immediately)

Leave a comment
glibc-linux-flaw

A highly critical vulnerability has been uncovered in the GNU C Library (glibc), a key component of most Linux distributions, that leaves nearly all Linux machines, thousands of apps and electronic devices vulnerable to hackers that can take full control over them.

Just clicking on a link or connecting to a server can result in remote code execution (RCE), allowing hackers to steal credentials, spy on users, seize control of computers, and many more.
The vulnerability is similar to the last year’s GHOST vulnerability (CVE-2015-0235) that left countless machines vulnerable to remote code execution (RCE) attacks, representing a major Internet threat.
GNU C Library (glibc) is a collection of open source code that powers thousands of standalone apps and most Linux distributions, including those distributed to routers and other types of hardware.
The recent flaw, which is indexed as CVE-2015-7547, is a stack-based buffer overflow vulnerability in glibc’s DNS client-side resolver that is used to translate human-readable domain names, like google.com, into a network IP address.
The buffer overflow flaw is triggered when the getaddrinfo() library function that performs domain-name lookups is in use, allowing hackers to remotely execute malicious code.

How Does the Flaw Work?

The flaw can be exploited when an affected device or app make queries to a malicious DNS server that returns too much information to a lookup request and floods the program’s memory with code.
This code then compromises the vulnerable application or device and tries to take over the control over the whole system.
It is possible to inject the domain name into server log files, which when resolved will trigger remote code execution. An SSH (Secure Shell) client connecting to a server could also be compromised.
However, an attacker need to bypass several operating system security mechanisms – like ASLR and non-executable stack protection – in order to achieve successful RCE attack.
Alternatively, an attacker on your network could perform man-in-the-middle (MitM) attacks and tamper with DNS replies in a view to monitoring and manipulating (injecting payloads of malicious code) data flowing between a vulnerable device and the Internet.

Affected Software and Devices

All versions of glibc after 2.9 are vulnerable. Therefore, any software or application that connects to things on a network or the Internet and uses glibc is at RISK.
The widely used SSH, sudo, and curl utilities are all known to be affected by the buffer overflow bug, and security researchers warn that the list of other affected applications or code is almost too diverse and numerous to enumerate completely.
The vulnerability could extend to a nearly all the major software, including:
  • Virtually all distributions of Linux.
  • Programming languages such as the Python, PHP, and Ruby on Rails.
  • Many others that use Linux code to lookup the numerical IP address of an Internet domain.
  • Most Bitcoin software is reportedly vulnerable, too.

Who are Not Affected

The good news is users of Google’s Android mobile operating system aren’t vulnerable to this flaw. As the company uses a glibc substitute known as Bionic that is not susceptible, according to a Google representative.
Additionally, a lot of embedded Linux devices, including home routers and various gadgets, are not affected by the bug because these devices use the uclibc library as it is more lightweight than hefty glibc.
The vulnerability was first introduced in May 2008 but was reported to the glibc maintainers July 2015.
The vulnerability was discovered independently by researchers at Google and Red Hat, who found that the vulnerability has likely not been publicly attacked.
The flaw was discovered when one of the Google’s SSH apps experienced a severe error called a segmentation fault each time it attempted to contact to a particular Internet address, Google’s security team reported in a blog post published Monday.

Where glibc went Wrong

Google researchers figured out that the error was due to a buffer overflow bug inside the glibc library that made malicious code execution attacks possible. The researchers then notified glibc maintainers.
Here’s what went wrong, according to the Google engineers:

“glibc reserves 2048 bytes in the stack through alloca() for the DNS answer at _nss_dns_gethostbyname4_r() for hosting responses to a DNS query. Later on, at send_dg() and send_vc(), if the response is larger than 2048 bytes, a new buffer is allocated from the heap and all the information (buffer pointer, new buffer size and response size) is updated.”

“Under certain conditions a mismatch between the stack buffer and the new heap allocation will happen. The final effect is that the stack buffer will be used to store the DNS response, even though the response is larger than the stack buffer and a heap buffer was allocated. This behavior leads to the stack buffer overflow.”

Proof-of-Concept Exploit Released

Google bod Fermin J. Serna released a Proof-of-Concept (POC) exploit code on Tuesday.
With this POC code, you can verify if you are affected by this critical issue, and verify any mitigations you may wish to enact.

Patch glibc Vulnerability

Google researchers, working with security researchers at Red Hat, have released a patch to fix the programming blunder.
However, it is now up to the community behind the Linux OS and manufacturers, to roll out the patch to their affected software and devices as soon as possible.
For people running servers, fixing the issue will be a simple process of downloading and installing the patch update.
But for other users, patching the problem may not be so easy. The apps compiled with a vulnerable glibc version should be recompiled with an updated version – a process that will take time as users of affected apps have to wait for updates to become available from developers.
Meanwhile, you can help prevent exploitation of the flaw, if you aren’t able to immediately patch your instance of glibc, by limiting all TCP DNS replies to 1024 bytes, and dropping UDP DNS packets larger than 512 bytes.
For more in-depth information on the glibc flaw, you can read Red Hat blog post.

Hackers News

Facebook Offering You $1000 to Run Advertisement Against Terrorism

Leave a comment
Facebook Offering $1,000 Credits If You Want to Run Advertisements Against ISIS and Terrorism
Over a past few times, we have seen a steady growth in the online recruitment of Jihadis from social networking sites by many radical groups.
ISIS has topped the online recruitment, and it is the only terror group that leverages the enormous power of Twitter and Facebook to radicalize young minds, spread its message and recruit foreign supporters to its fights.
Many ISIS militants maintain extremely active accounts on the popular social media platforms and have a strong presence on the most popular encrypted messaging app Telegram with more than 100,000 followers.
This issue had impacted the society deeply. Recent examples include last year’s Paris attack in which ISIS used some popular messaging apps to plot the attack.
As the Dark Siders of social media began to turn this platform into a Terror-Picker, the White Siders of the same social media came under a single roof to declare fight against terrorism, and rage cyber war against these anti-humans.

Facebook Buckled Up to Fight against Terrorism

Facebook is also on the main line up to join the fight against terrorism. The social media giant has also come up with a solution to minimize the presence of caliphate group from its social media platform.
Similar efforts have previously been made by Anonymous hacktivist group, who conducted various planned operation like OpISIS, OpParis, expunging ISIS channels from Twitter and Telegram.
Recently, Facebook introduced a new program, dubbed “Counter-Speech,” that offers advertising credits up to $1000 for those who raise their voice against hate speeches & terror propagandas.
This new intelligent strategy would enlighten the immature minds of those who got influenced by the radicalized propaganda and created an automatic hatred towards the group (who tried to brainwash with their propagandas).
So, rather than vanishing or blocking the extremist Facebook pages that spread hatred among its followers, Facebook is focusing on educating more and more young minds in an effort to fight against terrorism.

The First Person to Receive $1000 Credit

Arbi-el-Ayachi – A German comedian had got benefited from the newly released Facebook plan when he released a video showing eating halal meat is poisonous to Christians, last year.

How did the idea strike?

The idea was formed by the current Facebook Chief Operating Officer Sheryl Sandberg while speaking at World Economic Forum last month.
Sandberg backed up this idea by referring to a recent attack conducted by the group in Germany called “Laut gegen Nazis” (an anti-neo nazi group) had attacked the Facebook page of the far-right NDP by getting members to like (“Like Attack”) and post on the page.
“Rather than scream and protest, they got 100,000 people to like the page, who did not like the page and put messages of tolerance on the page, so when you got to the page, it changed the content and what was a page filled with hatred and intolerance was then tolerance and messages of hope” Sandberg stated.

Cyber World Fights Against Terrorism

Gradually, the massive operation to fight against terrorist organizations began to hit the headlines and grabbed the attention of several tech giants like Google, YouTube, and Twitter.
  1. Youtube had wiped out more than 1000 dozens of radical videos from its database.
  2. Twitter had expelled 1,25,000 accounts of Jihadi members since in mid 2015.
  3. Google also rolled out a special advertising program for terrorist sympathizers who type extremism-related words in the search engine, but the “top” search results display anti-radicalized links.
Joint ventures like this would act as a Digital Age Shield to minimize the threat levels.
However, Facebook had not mentioned about the verification procedure for those credited $1000. So, it may be possible that those awarded credits could be used for personal promotions too…

Hackers News

How-to — Stealing Decryption Key from Air-Gapped Computer in Another Room

Leave a comment
Stealing Decryption Key from Air-Gapped Computer in Another Room

Air-gapped computers that are believed to be the most secure computers on the planet have become a regular target for researchers in recent years.

Air-gap computers are one that are isolated from the Internet or any other computers that are connected to the Internet or external network, so hackers can’t remotely access their contents.
But you need to think again before calling them ‘Safe.’
A team of security researchers from Tel Aviv University and Technion have discovered a new method to steal sensitive data from a target air-gapped computer located in another room.
The team is the same group of researchers who had experimented a number of different methods to extract data from a computer. Last year, the team demonstrated how to extract secret decryption keys from computers using just a radio receiver and a piece of pita bread.
In 2014, the team devised a special digitizer wristband that had the ability to extract the cryptographic key used to secure data stored on a machine just by solely touching the chassis of the computer.

Extracting Secret Decryption Key in Seconds

Now taking its experiment a step further, the team of researchers, including Daniel Genkin, Lev Pachmanov, Itamar Pipman, and Eran Tromer, recently discovered a similar way to extract secret decryption key within seconds, but this time, from an air-gapped machine.
Although hacking air-gapped machines to steal cryptographic keys has been carried out in past, this is the first time when such attack have successfully targeted computer running Elliptic Curve Cryptography (ECC).
Elliptic Curve Cryptography is a robust key exchange algorithm that is most widely used in everything from securing websites to messages with Transport Layer Security (TLS).

How Does the Method Work?

Researchers used a method known as Side-Channel Attack: An attack that extracts the secret cryptographic key from a system by analyzing the pattern of memory utilization or the electromagnetic outputs of the PC that are emitted during the decryption process.

“By measuring the target’s electromagnetic emanations, the attack extracts the secret decryption key within seconds, from a target located in an adjacent room across a wall,” reads the recently published paper [PDF].

Specifically, the team obtained the private key from a laptop running the popular implementation of OpenPGP, GnuPG. However, the developers of GnuPG have since rolled out countermeasures to this method, making GnuPG more resistant to side-channel attack.

Equipment Required:

The equipment used in the experiment hack included:
  • An antenna
  • Amplifiers
  • A software-defined radio
  • A laptop
During the experiment hack, the researchers first sent the target laptop a specific ciphertext (an encrypted message).
Now, during the decryption of the chosen ciphertext, the researchers measured the EM leakage of the laptop, “focusing on a narrow frequency band.”
The signal was then processed, and a clear trace was produced, revealing the information about the operands used in the ECC, which in turn revealed the secret key.
This experiment was being carried out through a 15-centimeter thick wall, reinforced with metal studs, according to the researchers.

“The experiment…was conducted using a Lenovo 3000 N200 laptops, which exhibit a particularly clear signal,” the paper reads. “The attacks are completely non-intrusive: we didn’t modify the targets or open their chassis.”

The security researchers successfully extracted the secret key after observing around 66 decryption processes, each lasting about 0.05 seconds, resulting in a total measurement time* of about 3.3 secs.

Future Challenges:

Future challenges for researchers include the challenges of non-chosen ciphertext attacks and attacking other cryptographic primitives (such as symmetric encryption). Moreover, minimizing the number of decryption operations in order to extract the secret key.
The team will present its work at the upcoming RSA Conference on March 3. To know in-depth explanation with technical details about the attack, we recommend you read the research paper [PDF].

*Note: When the team says the secret key was obtained in ‘seconds’, it is the total measurement time, and not how long the time would take for the attack to actually be carried out.

Hackers News

Wanna Mine Bitcoins Faster? Researchers Find New Way to Do it

Leave a comment

A new machine for Bitcoin Mining called “Approximate Hardware” would make Bitcoin mining easier.

Bitcoin had gained tremendous popularity over a few couple of years among the virtual currencies due to its decentralized principle.

Mining a single Bitcoin is not an ice cake walk, as it requires an enormous amount of computing power to dig Bitcoins.

To overcome this issue and mine

Hackers News

This Android Malware Can Root Your Device And Erase Everything

Leave a comment

A new Android malware has been making waves recently that have the capability to gain root access on your smartphone and completely erase your phone’s storage.

Dubbed Mazar BOT, the serious malware program is loaded with so many hidden capabilities that security researchers are calling it a dangerous malware that can turn your smartphone into a zombie inside hacker’s botnet.

Mazar BOT

Hackers News

Warning — Setting This Date On iPhone Or iPad Will Kill Your Device Permanently

Leave a comment

Don’t Try this at Home!

An interesting software bug has been discovered in Apple’s iOS operating system that could kill your iPhone, iPad or iPod Dead Permanently.

Yes, you heard me right.

An issue with the date and time system in iOS had emerged recently when Reddit users started warning people that changing your iPhone’s or any iOS device’s date to January 1, 1970, will brick

Hackers News

Russia Wants to Kick Foreign Tech Companies Out Of The Nation

Leave a comment

Someone wants to kick Microsoft, Google and Apple off from his land, but himself uses Gmail and Mac.

The newly appointed Internet Tsar German Klemenko, who is the first internet advisor of Vladimir Putin, wants to kick off American Giants from Russia.

In a 90-minute interview conducted by Bloomberg, Klemenko expressed his interest to vanish the presence of tech biggies of foreign

Hackers News

Here's How to Decrypt Hydracrypt & Umbrecrypt Ransomware Files

Leave a comment

Over the last few years, we have seen several types of Ransomware malware that demand a whopping amount of money from users for the retrieval of their locked, compromised sensitive files.

We have also witnessed the birth of decryption solution for some of the Ransomware like Cryptolocker (partial), Coinvault, Rescue Kit.

One more solution has recently been released for decryption of