Jane's reports that the Lockheed Martin F-35 Joint Strike Fighter Developed by and for the armed forces of the United States and its allies has a new quirk gathering public attention (archived). Well, several quirks but the most notable is a software glitch that interferes with the aircraft's mission readiness by requiring hard reboots during flight to restore functionality to the radar. So far the F-35's ability to hemorrhage funds printed for the United States Department of Defense has lead to the early end of production for the more capable F-22 fighter, threatened the end of life for the more capable A-10 ground attack aircraft, and ended or hindered an uncountable other number of other things which may have been less embarrassing ends to direct the United States Government's money printing machine than the F-35. Sorry for your loss and peace in our time.
Category Archives: Security
Microsoft Bundles Adware With Security Update
Microsoft has by its own admission bundled adware with a security update for Windows. The update to the Internet Explorer component of Microsoft Windows pulls in another update containing the adware. The adware creates a banner in Internet Explorer badgering users to upgrade their version of Windows to Windows 10. In order to avoid angering their institutional customers who actually pay for software licenses, this new Microsoft adware checks to see if the machine it is installed on is part of a Microsoft domain before badgering the end user. This move suggests that Microsoft itself is surrendering its own overt actions in the Windows ecosystem to match the the rest of the spammers that dominate the space.
US May Accuse Iran Of Office Computer Infection
There are murmurings that the United States may loudly accuse Iran of being involved in the infection of several office computers with malware. Substantial noise is being attached to the otherwise mundane infection of these office computers because of their physical proximity to systems affecting the operations of a dam in New York State (archived). The incident in question happened in 2013, three years after Microsoft released their first patch against the Stuxnet vulnerability.
Mainstream Media Hyping US Legacy In Iraq: Iraqi Made Chemical Weapons
Numerous stories are saturating mainstream media today heralding the capture of and Iraqi chemist aligned with ISIS/ISIL (archived). A substantial strain of hopium embedded in this coverage is optimism that this might lead to a reduction or perhaps even the end of chemical weapons deployments by ISIS/ISIL. Back in 2003 United States president George W. Bush made the state of chemical, biological, and nuclear weapons manufacturing in Iraq a cornerstone of his case for invading Iraq and deposing their government. Thirteen years later Iraq is no longer a country which has gone more than a decade without fielding chemical weapons in anger. There isn't any serious discussion of biological or nuclear weapons being produced any of the new regimes in Iraq yet, but one out of three isn't bad.
FBI Agents Investigated For Misconduct In Lavoy Finicum's Murder While Insisting Slaying Was Justified
The United States Department of "Justice" whose loyal FBI soldiers murdered Lavoy Finicum is continuing to insist the murder of this American hero was justified, even though it has been compelled to open a criminal investigation into several of the FBI Agents who unleashed the fatal hail of bullets on Finicum (archived). The alleged criminal behavior happened as the triggers were being pulled to fire bullets at Finicum, concerns the triggermen firing bullets at Finicum, and involves a conspiracy of the triggermen's FBI comrades in covering up facts about the events of Lavoy Finicum's martyrdom. Naturally the Preets at the Department of "Justice" continue insist the shooting was justified as their own enforcers go feral.
Elon Musk Venture Remotely Diddles Attentive Owner's Vehicle
Elon Musk's Tesla Motors remotely downgraded the firmware on a vehicle owned by attentive owner Jason Hughes. As an attentive vehicle owner Hughes had earlier investigated a firmware update and found information suggesting a new Tesla Model S variant with a larger battery and shared the results of his investigation with the world. In what appears to be a retaliatory move Musk's firm downgraded his vehicle firmware remotely, a move that was subsequently noticed by the attentive Hughes.
New Cross Platform Malware Depends on JVM
Reports are emerging of new cross platform malware that has the potential to affect Windows, OSX, Linux, and Android machines using a single executable (archived). The catch is only machines with a Java runtime are vulnerable to the attacks. The simplest mitigation measure is simply not having a Java execution environment on your computing machine. Java has long been a dubious proposition, for the increased attack surface it presents as well as a portion of the programmers it attracts.
Foscam Internet Of Shit "Seekoority" Camera Phones Home, Peers With Other Cameras
Brian Krebs reports that "security cameras" and digital video recorders manufactured by Foscam and marked under Foscam's own brand and others have a peer to peer networking unfeature that phones home enabled by default (archived). In his post Krebs neglected to make the low hanging joke about SCAM already being a part of the firm's name.
Silk Road 2.0 Case Confirms FBI And CMU Tor Attack Collaboration
Judge Richard A Jones of the Western District of Washington has confirmed the collusion between the FBI and Carnegie Mellon University in carrying out an attack on the Tor network. This disclosure occurred in Jone's denial of a motion to compel discovery put forth by attorneys representing Brian Farrell who is alleged to be DoctorClu of the Silk Road 2.0 according to prosecutors. The revelation settles the mystery surrounding the "lead" on Farrell's IP address received on July 30th of 2014 by the department of Homeland Security. This previously uncertain lead enabled by Carnegie Mellon's collaboration lead to months of surveillance of Farrell's residential address before Farrell was raided and arrested on January 2nd, 2015.
This entry into the public record confirms that the United States government is selectively treating domestic law enforcement cases as a military problem while precious few citizens of the United States are treating the defense of their liberty with comparable severity. This entry into the record would make Farrell's case promising in appellate courts maintained by righteous judges, but there is a poverty of actual justice in the United States court system. The full text of the order is presented below: Continue reading
Numerous Sites Explicitly Open To Cross Site Scripting
A survey of top websites has revealed many including unnamed Bitcoin holding websites have a header set which explicitly allows third party javascript to be run on their pages without any checks on the code's origin (archived). Web stack security is exactly as bad as you thought it was. Unless you didn't think it was this bad, in which case it is far worse than you think. Of course, Coinbase would never be the same if they removed their Gravatar integration.