Tech & Security BriefsSOME INTERESTING STORIES AROUND JUNE 14, 2015

St. Louis Federal Reserve DNS Breach

Brian Krebs reporting. Not brand new – from May 15, but worth keeping in mind:

The St. Louis Federal Reserve today sent a message to those it serves alerting them that in late April 2015 attackers succeeded in hijacking the domain name servers for the institution. The attack

redirected Web searches and queries for those seeking a variety of domains run by the government entity to a Web page set up by the attackers in an apparent bid by cybercrooks to hijack online communications of banks and other entities dealing with the regional Fed office.

http://krebsonsecurity.com/2015/05/st-louis-federal-reserve-suffers-dns-breach/

Interesting to think about in the larger context of the OPM hack.

Donating Blood in Sweden First saw it in a tweet from Robert Lenne. Tweet highly shared on social media, followed up by outfits like the Independent:

One new initiative, where donors are sent automatic text messages telling them when their blood has actually been used, has caught the public eye.

People who donate initially receive a 'thank you' text when they give blood, but they get another message when their blood makes it into somebody else’s veins.

http://www.independent.co.uk/news/world/europe/blood-donors-in-sweden-get-a-text-message-whenever-someone-is-helped-with-their-blood-10310101.html

Great way to achieve buy-in on a number of levels:

-Behavioral nudge synchronous to the actual good is more powerful

-Reinforces commitment to a civic duty through a well-working system

-Works with slot machine-like reward feeling of receiving text message

Low-Tech Attack on Darknet Market Users

From Motherboard, Vice’s tech outfit: Where there are bitcoins, there are scammers. Some users on the dark web drugs and weapons marketplace Agora are

being directed to a site which deploys malicious code designed to empty their accounts of the digital currency.

“Got a message from user brandos on Agora about a new market,” one Reddit user wrote yesterday. “It doesn't say the name or anything but the guy says he's an old seller and started his own market.”

The message then provides a link for users to visit this alleged new marketplace, which promises “24h technical support” and cheaper prices for products.

But not everything is as it seems. “Immediately after I clicked to open the page, tons of Agora tabs opened up,” the Reddit user continued, explaining that these pages tried to transfer bitcoin funds from their Agora account.

http://motherboard.vice.com/read/dark-web-spam-is-stealing-peoples-bitcoins

Granted users were on a darknet market already, but another reason that bitcoin can be a big risk. Not only are there weaknesses but it appears at this point that bitcoin users are being targeted disproportionately.

Open Wifi Users Still Vulnerable on VPNs

Ars Technica highlighted the pretty well-known but very worth-repeating idea that even with a virtual private network you’re still vulnerable in some ways if using open wifi:

But there is a hole in this protection, and it happens at connect time. The VPN cannot connect until you connect to the Internet, but the VPN connection is not instantaneous. In many, perhaps most public Wi-Fi sites,

your Wi-Fi hardware may connect automatically to the network, but you must open a browser to a "captive portal," which comes from the local router, and attempt to gain access to the Internet beyond. You may have to

manually accept a TOS (Terms of Service) agreement first.

In this period before your VPN takes over, what might be exposed depends on what software you run. Do you use a POP3 or IMAP e-mail client? If they check automatically, that traffic is out in the clear for all to see,

including potentially the login credentials. Other programs, like instant messaging client, may try to log on.

http://arstechnica.com/security/2015/06/even-with-a-vpn-open-wi-fi-exposes-users/

Stop. Using. Open. Wireless. Networks.

Reassessing Airport Security & Duqu 2.0

Security and cryptography expert Bruce Schneier:

News that the Transportation Security Administration missed a whopping 95% of guns and bombs in recent airport security "red team" tests was justifiably shocking. It's clear that we're not getting

value for the $7 billion we're paying the TSA annually.

But there's another conclusion, inescapable and disturbing to many, but good news all around: we don't need $7 billion worth of airport security. These results demonstrate that there isn't much risk

of airplane terrorism, and we should ratchet security down to pre-9/11 levels.

https://www.schneier.com/blog/archives/2015/06/reassessing_air.html

Kaspersky Labs has discovered and publicized details of a new nation-state surveillance malware system, called Duqu 2.0. It's being attributed to Israel.

https://www.schneier.com/blog/archives/2015/06/duqu_20.html

Layoff Effects on Mobile Usage Technology Review relayed the following MIT study:

Today, Jameson Toole at MIT and a few pals go further. These guys use mobile phone data to study the economic and personal impact of mass layoffs from a car parts factory in Europe. “We

observe significant declines in social behavior and mobility following job loss,” they say. 

…

These people made fewer calls, called a smaller percentage of their original network of contacts and traveled shorter distances.

http://www.technologyreview.com/view/538126/how-mobile-phone-data-reveals-the-true-toll-of-mass-layoffs/

Enjoying the population and economic effect studies we’re seeing from mobiles lately. Also see effect of mobile usage on sardine market prices.

Ian Campbell – Technology Consultant

On the web at www.igcampbell.com and www.neurovagrant.com

On twitter at www.twitter.com/neurovagrant

Available via email at ian.graham.campbell@gmail.com