Asteroids, the late-70s arcade hit, was an immensely popular game. Often those with the simplest premise, while maintaining a fun, lighthearted gameplay have the most cultural impact and longest legacy. But, although it was popular, it doesn’t really meet the high bar of scientific fidelity that some gamers are looking for. That’s why [Attoparsec] built the Kessler Syndrome Edition of this classic arcade game.

The Kessler Syndrome is a condition where so much man-made debris piles up in low-Earth orbit that nothing can occupy this orbit without getting damaged or destroyed by the debris, and thus turning into more debris itself in a terrible positive feedback loop. [Attoparsec] brings this idea to Asteroids by reprogramming the game so that asteroids can be shot into smaller and smaller pieces but which never disappear, quickly turning the game into a runaway Kessler Syndrome where the chance of survival is extremely limited, and even a destroyed player’s ship turns into space junk as well.

To further the scientific accuracy and improve playability, though, he’s added a repulsor beam mechanism which can push the debris a bit and prolong the player’s life, and also added mass effect reactions so that even shooting bullets repels the player’s ship a bit. The build doesn’t stop with software, either. He also built a custom 70s-style arcade cabinet from the ground to host the game.

Asteroids is still a popular platform for unique builds like this. Take a look at a light-vector game using lasers to create the graphics, or this tiny version of the game that uses a real CRT.

Thanks to [smellsofbikes] for the tip!

youtube.com/embed/O4l3y0N1yeY?…

Prosegue la rubrica della dietista Abril González Campos…

L'articolo Alimenti senza lattosio per tutti o solo per gli intolleranti? proviene da Il Fatto Alimentare.

La mozzarella, protagonista della pizza, dell’insalata caprese e…

L'articolo Mozzarella e fior di latte: differenze, aspetti nutrizionali e prezzi dei protagonisti dell’estate proviene da Il Fatto Alimentare.

Last time, I talked about how MicroPython is powerful and deserving of a place in your toolkit, and it made for a lively discussion. I’m glad to see that overall, MicroPython has indeed been getting the recognition it deserves – I’ve built a large number of wonderful projects with it, and so have people I’ve shown it to!

Sometimes I see newcomers dissatisfied with MicroPython, because the helper tools they initially pick don’t suit it well. For instance, they try and start out with a regular serial terminal application that doesn’t fit the MicroPython constraints, or a general IDE that requires a fair bit of clicking around every time you need to run your code. In particular, I’d make sure that you know your options no matter whether you prefer GUI or commandline – both have seriously nice tools for MicroPython use!

The main problem to be solved with MicroPython is that you have a single serial port that everything happens through – both file upload and also debugging. For ESP8266/32-based boards, it’s a physical serial port, and for chips like RP2040 and ESP32-S* where a hardware USB peripheral is available, it’s a virtual one – which makes things harder because the virtual port might get re-enumerated every now and then, possibly surprising your terminal application. If you want to upload a program of yours, you need to free up the serial port, and to see the program’s output, you will need to reopen that port immediately after – not a convenient thing to do if you’re using something like PuTTy.

So, using MicroPython-friendly software is a must for a comfortable hacking experience. What are your options?

Power Of Thonny And Friends

Whether you’re primarily a GUI user, or you’re teaching someone that is, Thonny is undoubtedly number one in MicroPython world – it’s an IDE developed with Python in mind, and it has seriously impressive MicroPython integrations. Your board’s terminal is being managed as if effortlessly in the background – just open your files in different tabs as you normally do, and press the Run button sometimes.

Expecting more? There is more – basically anything MicroPython adjacent you’d do from commandline, is present in Thonny in a comfortable way. For instance, are you working with an ESP32 board that doesn’t yet have a MicroPython image in its flash? Lucky you, there’s an esptool integration that lets you flash an image into your MCU through a dialog box. Want debugging? There’s single-step debugging that works in an intuitive user-friendly way – you’d find this pretty hard to happen from console apart from specially engineered print statements, but Thonny delivers.

youtube.com/embed/EMAye6AlHFc?…

Not looking to pick a new IDE? There are VSCode extensions. Arduino IDE more your jam? Yeah, well, remember how Arduino has a MicroPython IDE now? It’s decently usable, so if you got used to the Arduino keybindings, you might like it. More of a commandline user? You’ve got a good few options, then, and they are similarly powerful.

Mpremote And Ampy

Rather use the terminal? Maybe IDEs are too clunky for you and the terminal window’s cleanliness provides for a distraction-free environment you can only dream about, maybe it’s just the thing you’ve used your entire life, or maybe you’re even debugging a MicroPython device over an SSH connection? mpremote is the tool to save you.

mpremote is part of the MicroPython project, it’s developed alongside the project, and it’s got plenty of killer features to show for it. It includes an “inline” terminal emulator that lets you access REPL effortlessly to see your code’s results and interact with the variables afterwards, correctly managing things like Ctrl+C so you can interrupt your code if needed and still poke at its variables in the REPL. You can also explore the MicroPython filesystem Linux-style with ease, and, most importantly, you can mount your current directory up to it with mpremote mount, and mpremote will send files to your board as the on-MCU interpreter requests them.

Overall, mpremote offers a seriously comfortable environment for iterating on MicroPython code lightning quick. Without it, you would need to reopen the serial port each time you need to upload a new file – here, you can just chain a bunch of commands together and mpremote will dutifully do the serial port juggling needed to get you there.

In addition to that, you can see that mpremote is designed to help you with awkward-to-do things you didn’t know you needed to do. Need to sync your board’s RTC time with your computer’s time? That’s a mpremote rtc command away. Want to access the MicroPython package manager? That’s mpremote mip. Your board needs to switch into bootloader mode? No need to fiddle with buttons, just use mpremote bootloader. In short, mpremote is a MicroPython powerhouse for everyone who’s most comfortable in a terminal window.

youtube.com/embed/sc6ND-1QZH0?…

There is an alternative here, too: ampy, a personal choice of mine, which I use combined with screen. Ampy is a tool initially designed by Adafruit, and it’s more barebones – I like it because I have control of what’s happening when I issue a command to a software, keeping my MicroPython devices in a known state at all times. On the other hand, it does require jugging the serial port on your own, so when I need to update my code, I exit screen, run the ampy command, then re-enter screen again. I regularly work with large MicroPython files that also import static library files that don’t change for months, however, so having control of the upload process seems to save me a fair bit of time.

There are caveats, of course – the major one is, when using screen in serial terminal mode, you need to press `Ctrl+A k y` (kill window) instead of `Ctrl+A d` to detach the screen session. If you do the detach instead, as you might be used to with screen, the serial port will remain open until you unplug the device or kill the screen process, and ampy will fail mysteriously.

Summary

I hope this toolkit overview helps you make sure you’re using exactly the kind of MicroPython environment that works for you – while compiling it, I’ve learned some nuances myself! Next time, we shall talk about CircuitPython – a MicroPython fork that has grown into a contender in the educational Python space, and how it is different from MicroPython in a number of crucial ways you deserve to know about.

Consumer organisations allege X's artificial intelligence (AI) tool is in violation of the General Data Protection Regulation (GDPR) in a complaint filed with the Irish Data Protection Commission (DPC) on Monday (5 August).

euractiv.com/section/data-priv…

You can only imagine that when they made Star Trek back in the 1960s, they would have laughed if anyone suggested they’d still be making the show nearly six decades later. If you told [John Kemeny] at Dartmouth back in 1964 that people would be serving websites in Basic in the year 2024, he’d probably be amazed after you explained what a website was. But that’s what [Jamonholmgren] is doing.

[Jamon] wrote his first Basic program when he was 12, which was a common thing to do. Recently, he decided to build and deploy a website using Basic, and so this project, qub (pronounced like cube), was born. The web server is modified from an existing source but adds features and many new features are planned.

The main program essentially creates a starter set of HTML and related files for the server. Honestly, we don’t recommend a server in Basic, but it is fun to see Basic — granted a modern version of QuickBasic — being up to the task.

It would probably be smarter to dedicate an old phone to the task. Or you could stand up an old DOS computer, but that’s probably not any better.

To the extent that you have an opinion on something like high-frequency (HF) radio, you probably associate it with amateur radio operators, hunched over their gear late at night as they try to make contact with a random stranger across the globe to talk about the fact that they’re both doing the same thing at the same time. In a world where you can reach out to almost anyone else in an instant using flashy apps on the Internet, HF radio’s reputation as somewhat old and fuddy is well-earned.

Like the general population, modern militaries have largely switched to digital networks and satellite links, using them to coordinate and command their strategic forces on a global level. But while military nets are designed to be resilient to attack, there’s only so much damage they can absorb before becoming degraded to the point of uselessness. A backup plan makes good military sense, and the properties of radio waves between 3 MHz and 30 MHz, especially the ability to bounce off the ionosphere, make HF radio a perfect fit.

The United States Strategic Forces Command, essentially the people who “push the button” that starts a Very Bad Day, built their backup plan around the unique properties of HF radio. Its current incarnation is called the High-Frequency Global Communications System, or HFGCS. As the hams like to say, “When all else fails, there’s radio,” and HFGCS takes advantage of that to make sure the end of the world can be conducted in an orderly fashion.

Bombs Away LeMay

The US Air Force has a long history radio, dating back to when airplanes were little more than wood and canvas contraptions. Radio, especially HF radio, played a huge role in prosecuting World War II, changing the face of warfare forever. As the Cold War years set in and strategic forces became increasingly important, HF radio systems continued to play a role. One of the biggest boosters of HF radio for coordinating strategic air forces was none other than General Curtis LeMay, who as an enthusiastic amateur radio operator well knew the power of HF radio to communicate long distances, particularly using single-sideband (SSB) modulation.

Despite this history, HFGCS itself is relatively new. It only came onto the scene in 1992, when post-Cold War military restructuring combined two earlier Air Force HF networks into the Global High-Frequency System. GHFS would undergo equipment upgrades in 2002 and get an extra letter in its rearranged acronym, becoming HFGCS. While HFGCS may have started out as the Air Force’s baby, its design is open and flexible enough that it can be used by Air Force, Army, and Navy assets anywhere in the world around the clock.

The primary fixed infrastructure of HFGCS is a network of thirteen ground stations scattered across the United States and its territories as well as allied countries around the world. The HFGCS ground stations are linked together through a combination of landlines and satellite stations to act as a unified network. Almost all of the stations on the network are “lights out” stations that are controlled remotely. The primary control point for the entire system is located at Andrews Air Force Base outside of Washington, DC, with a backup location deep in the interior of the continent at Offutt AFB in Omaha, Nebraska. Each of these two stations is manned around the clock and can control the entire network.

It’s obviously difficult to get a lot of technical detail on what sort of gear is being used at each HFGCS station, but there’s one aspect of the system that’s hard to keep from public scrutiny: the antennas. The Offutt AFB transmitter station provides a pretty good look at things, sitting as it does in the middle of a cornfield off a public road in Elkhorn, Nebraska. There sprouts a sprawling farm of directional and omnidirectional antennas, including a collection of massive AS-3482/GRC log periodic arrays. These giants have twin towers that support a rotating platform with three support booms for the radiation array. A balun at the base matches the antenna to the feedline, which is a 50-ohm hardline coax measuring a whopping 3-1/8″ (80 mm) diameter. HFGCS stations also have receive capability, of course, but given the 25,000-watt power rating on these antennas, the receivers are generally not located with the transmitters. In the case of the Offutt AFB station, the receivers are located 28 miles (45 km) away outside of Scribner, Nebraska.
Interesting crop. One of the many AS-3482/GRC log-periodic antennas at the HFGCS transmit antenna farm outside Offut AFB in Nebraska. Source: Google

Fine Business, Old Minuteman

The ability of HF radio to make contacts across the globe with no fixed infrastructure between contact points is what makes it perfect for backup communications with strategic forces. That’s not to say that it’s foolproof, of course; there certainly are ways to interfere with the ionospheric skip that it depends on, which probably plays a large part in why HFGCS is only a backup, but things have to have gone badly wrong for that to be the case.
Built to last. Blast cover for HFGCS transmit antenna silo at a Minuteman LCC. The white cone in the background is a hardened radome for the UHF satellite link. Source: Library of Congress.
Ironically, one of the ways for things to go wrong enough to bump HFGCS up from backup status is an all-out nuclear exchange, which would no doubt involve the 450-odd Minuteman III ICBMs that comprise one of the legs of the United States’ nuclear triad. The Minuteman missiles are kept at the ready in 45 missile alert facilities (MAFs) scattered across the American prairie. Each MAF is comprised of ten launch facilities, each storing one LGM-30 missile in an underground silo, and a separate launch control center, or LCC. The LCC is the underground bunker crewed by two Air Force officers who bear the responsibility of turning the keys that launch their flight of missiles, should it be so ordered.

But to perform that final official act of their careers, those officers have to get the coded order from US Strategic Command, typically over one of the primary secure networks. Should those links fail, though, each LCC is equipped with an HFGCS link. The fact that each LCC is no doubt slated to receive a nasty package on the appointed day means that standard HF antennas, which tend to be quite large, are far too exposed to survive and perform their backup duties. So the LCCs sport hidden HFGCS antennas that can be deployed on command.

On the transmit side, each squadron LCC has a 50′ (15 meter) deep reinforced concrete silo topped by an extremely sturdy blast door that’s flush to the ground, for maximum resistance to nearby blast waves. Upon command, the door opens to allow a telescopic HF antenna to extend up to 120′ (36 meters) above the ground. The reality, though, is that the need to transmit on HFGCS is far less important than being able to receive. That’s why the receiving antenna arrangement is a bit more complicated.
The Bravo-01 LCC for the 319th Missile Squadron. It’s not entirely clear if Minuteman LCCs still have the deployable antennas activated, but the silo for the receive antenna is clearly visible in the northeast corner below the freestanding red-on-white tower. The telescoping transmit antenna silo is the ominous bullseye in the southwest section of the facility. Source: Google Maps
To make sure the LCC is always ready to receive and act on an Emergency Alert Message (EAM), each facility has a hardened HFGCS receive antenna array. Like the transmitting antenna, these are housed in underground silos. Each silo has six monopole steel antennas, one of which is always deployed. The five others are kept in reserve; should the main antenna get knocked down, an explosive charge at the bottom of the antenna’s tube detonates, extending a fresh antenna above the ground.

Mainsail, Mainsail

Given the highly sensitive nature of the traffic on a radio network charged in part with ending the world, you’d think that messages would be digitally encrypted and completely useless to try snooping in on. And while it’s true that there are encrypted digital modes that use HFGCS, a surprising amount of traffic is just plain old voice messages transmitted in the open. While it remains true that nothing punches through like good old Morse code on continuous wave (CW), SSB voice is far more efficient. The video below shows British ham M0SZT monitoring HFGCS from an adorable shepherd’s camp somewhere in the Peak’s District, not far from the RAF Croughton HFGCS site:

youtube.com/embed/ytqLbWRBQy4?…

That’s not to say that you’d be able to understand the messages, the bulk of which is a block of 30 numbers and letters, with the former stated as the standard NATO phonetic alphabet. Unless you have the decryption code, the message will read as gibberish. In fact, you can’t even derive any useful information from the length of the message, since it’s always 30 characters long. About the only metadata you could potentially glean would be the station code names embedded in the message, but since those are randomly changed every day, there’s not much point.

Still, there’s plenty to be gained from monitoring HFGCS, especially in times of geopolitical tumult. If the balloon goes up, so to speak, then traffic on HFGCS will undoubtedly increase markedly, as it will on its Russian counterpart, colloquially known as Bear Net to the US military. It’ll make for interesting listening — at least for a few minutes.

Vodafone Ukraine è stata recentemente vittima di un attacco cibernetico di grande portata, rivendicato da un gruppo noto come #KozSec. Questo articolo tecnico fornisce un’analisi dettagliata dell’incidente, delle tecniche utilizzate dagli aggressori e delle implicazioni geopolitiche ed economiche dell’attacco.

Dettagli dell’Attacco

L’attacco ha colpito Vodafone Ukraine, causando disservizi significativi. In particolare, sono stati compromessi 65.536 indirizzi IP e diversi domini sono risultati non funzionanti. Questi dati sono stati raccolti e riportati dagli specialisti, sebbene si tratti di valori approssimativi. Il gruppo responsabile ha dichiarato che l’operazione è stata un’azione dimostrativa della loro capacità di partecipare attivamente a un conflitto cibernetico. L’attacco ha mostrato una chiara competenza tecnica, coinvolgendo probabilmente un mix di tecniche avanzate di Distributed Denial of Service (DDoS) e possibili exploit di vulnerabilità nei sistemi di Vodafone Ukraine. L’azione è durata un’ora, ma il gruppo ha avvertito che il loro obiettivo finale è la totale distruzione delle infrastrutture colpite. L’attacco è stato pianificato per durare un’ora, ma il gruppo ha avvertito che future operazioni potrebbero essere più estese e devastanti. Questo primo attacco potrebbe quindi essere stato un test o una dimostrazione delle loro capacità tecniche e della loro determinazione. L’attacco ha causato disservizi significativi, interrompendo i servizi di comunicazione per numerosi utenti. La vasta compromissione degli indirizzi IP e dei domini ha avuto ripercussioni su vari settori economici, evidenziando la vulnerabilità delle infrastrutture critiche.

Contesto Geopolitico

Il gruppo #KozSec ha dichiarato di operare a favore della Russia, in un contesto di tensioni geopolitiche elevate. Questo attacco si inserisce in un quadro più ampio di cyber conflitti che vedono coinvolte diverse nazioni e organizzazioni in azioni di hacking offensive.

Il gruppo ha descritto l’attacco come un gesto simbolico di opposizione all’oppressione e di sostegno alla trasparenza e responsabilità globali. Questo messaggio suggerisce che gli attacchi futuri potrebbero essere diretti non solo a infrastrutture critiche, ma anche a entità percepite come oppressive o non trasparenti.

Conseguenze Tecniche ed Economiche

L’attacco ha causato significativi disservizi per gli utenti di Vodafone Ukraine, potenzialmente interrompendo servizi essenziali di comunicazione. La compromissione di 65.536 indirizzi IP e di diversi domini indica un attacco su larga scala, con possibili ripercussioni su molteplici settori economici.

Vodafone Ukraine dovrà intraprendere immediate azioni di recupero per ripristinare i servizi interrotti e rafforzare la sicurezza delle proprie infrastrutture. Saranno necessari interventi di aggiornamento dei sistemi di difesa cibernetica e un’analisi approfondita delle vulnerabilità sfruttate durante l’attacco.

Conclusioni

L’attacco a Vodafone Ukraine rappresenta un chiaro esempio delle attuali minacce cibernetiche legate a tensioni geopolitiche. Il gruppo #KozSec ha dimostrato capacità tecniche avanzate e una determinazione ideologica che potrebbero portare a ulteriori attacchi in futuro. È essenziale che le organizzazioni potenzialmente a rischio adottino misure preventive e rafforzino le loro difese per proteggere le infrastrutture critiche e i servizi essenziali.

Raccomandazioni

1. Monitoraggio Continuo: Implementare sistemi di monitoraggio in tempo reale per rilevare e rispondere rapidamente a possibili attacchi.
2. Aggiornamento della Sicurezza: Eseguire regolarmente aggiornamenti di sicurezza per mitigare le vulnerabilità conosciute.
3. Piani di Risposta agli Incidenti: Sviluppare e testare piani di risposta agli incidenti per garantire una reazione rapida ed efficace in caso di attacco.
4. Formazione del Personale: Formare il personale per riconoscere le minacce cibernetiche e rispondere adeguatamente.

L’importanza di un approccio proattivo alla sicurezza cibernetica non può essere sottovalutata, specialmente in un contesto di crescenti tensioni geopolitiche e di sofisticate capacità di attacco.

L'articolo KozSec rivendica un attacco informatico a Vodafone Ukraine: Un’Analisi Tecnica proviene da il blog della sicurezza informatica.

Una presunta fuga di dati senza precedenti ha travolto l’FBI: un massiccio data breach che ha esposto online i dati personali di oltre 22.000 agenti, mettendo a rischio la sicurezza nazionale.

Un utente di Breached Forum ha pubblicato un database contenente nomi, ruoli e altre informazioni sensibili degli agenti, scatenando l’allarme nella comunità dell’intelligence.

Al momento, non possiamo confermare la veridicità della notizia, poiché l’organizzazione non ha ancora rilasciato alcun comunicato stampa ufficiale sul proprio sito web riguardo l’incidente. Pertanto, questo articolo deve essere considerato come ‘fonte di intelligence’.

Dettagli del Data Breach

Il post, pubblicato dall’utente “rpk” il 3 agosto 2024 alle 03:23 AM, presenta un file contenente i dettagli di numerosi agenti dell’FBI. Il file, di 1.9MB, include presumibilmente nomi, ruoli e altre informazioni personali degli agenti.

Secondo il post, il database è descritto come un file di testo (.txt) con un totale di 22.175 righe. Il post include anche alcune informazioni generali sull’FBI, enfatizzando il ruolo dell’agenzia come principale braccio investigativo del Dipartimento di Giustizia degli Stati Uniti e membro a pieno titolo della comunità dell’intelligence statunitense.

Un aspetto rilevante di questa pubblicazione è la totale assenza di esempi di dati (sample) che dimostrino la veridicità delle informazioni contenute nel database. Inoltre, non è stato previsto alcun meccanismo di escrow, un intermediario fidato che possa garantire l’autenticità e la sicurezza della transazione dei dati. Queste assenze sollevano dubbi sulla credibilità del database e sull’intenzione dell’utente “rpk”.

Conclusione

La divulgazione di informazioni personali degli agenti dell’FBI rappresenta un rischio significativo. Gli agenti potrebbero diventare bersagli di attacchi fisici o digitali, e le loro famiglie potrebbero essere minacciate. Inoltre, la fuga di dati potrebbe compromettere operazioni investigative in corso.

Non è chiaro come l’FBI abbia risposto al data breach, è probabile che l’agenzia stia conducendo un’indagine interna per determinare come si sia verificata la fuga di dati e per prevenire ulteriori incidenti.

Questa fuga di dati sottolinea l’importanza critica della cyber security e della protezione delle informazioni sensibili. Mentre l’FBI lavora per mitigare i danni e prevenire future violazioni, questo incidente serve come promemoria della necessità di rafforzare continuamente le misure di sicurezza a tutti i livelli delle agenzie governative.

L'articolo Fuga di Dati FBI: Pubblicato il Database degli Agenti su Breached Forum proviene da il blog della sicurezza informatica.

TikTok can no longer launch rewards programmes for its EU users, following binding measures that the European Commission announced on Monday (5 August).

euractiv.com/section/platforms…

Data manipulation is at the heart of computation, and a system is said to be Turing-complete if it can be configured to manipulate data in a way that makes implementing arbitrary computation possible. [Keigo Oka] shared a proof that find and mkdir together are Turing-complete, which is to say, a system with only GNU’s find and mkdir has access to enough functionality to satisfy the requirements of Turing completeness, which ignores questions of efficiency or speed.

[Keigo Oka]’s first attempt at a proof worked to implement Rule 110, an elementary cellular automata configuration that has been shown to be Turing-complete, or ‘universal’, but has been updated to implement a tag system as it’s proof, and you can see it in action for yourself.

Seeing basic utilities leveraged in such a way illustrates how computation is all around us, and not always in expected places. We’ve also seen Turing-complete origami and computation in cellular automata.

In March 2024, we discovered a campaign targeting individuals in Russia with previously unseen Android spyware we dubbed LianSpy. Our analysis indicates that the malware has been active since July 2021. This threat is equipped to capture screencasts, exfiltrate user files, and harvest call logs and app lists. The malicious actor behind LianSpy employs multiple evasive tactics, such as leveraging a Russian cloud service, Yandex Disk, for C2 communications. They also avoid having dedicated infrastructure, and employ a lot of other features to keep the spyware undiscovered. Some of these features suggest that LianSpy is most likely deployed through either an unknown vulnerability or direct physical access to the target phone.

Technical details

Initially, LianSpy determines if it is running as a system app, which automatically receives the permissions it needs. Otherwise, it requests permissions for screen overlay, notifications, background activity, contacts, call logs, etc. Once authorized, the spyware verifies it’s not running in a debugging environment. If the environment is free from debugger artifacts, LianSpy sets up its configuration with predefined values and stores this data as a collection of key-value pairs locally using SharedPreferences, an app data storage mechanism generally used for storing application settings. This configuration persists across device reboots and uses integer keys linked to specific spyware settings in SharedPreferences. A detailed list of configuration parameters, including descriptions and default values, is provided below.

Once activated, the spyware hides its icon and registers a built-in broadcast receiver to receive intents from the system. This receiver triggers various malicious activities, such as screen capturing via the media projection API, taking screenshots as root, exfiltrating data, and updating its configuration.

LianSpy registers a malicious broadcast receiver

To update the spyware configuration, LianSpy searches for a file matching the regular expression
"^frame_.+\\.png$" on a threat actor’s Yandex Disk every 30 seconds. If found, the file is downloaded to the application’s internal data directory. The spyware then decrypts the overlay (data written after the end of the payload) in the downloaded file with a hardcoded AES key. Finally, the configuration updater searches the decrypted payload for a set of substrings, each substring modifying LianSpy’s configuration. A comprehensive list of available options can be found below.

The collected victim’s data is stored encrypted in the SQL table
Con001, which also contains the type of record (device information, contact list, call logs, etc.) and its SHA-256 hash. The data is encrypted using the following scheme:

• An AES key for data encryption is generated using secure pseudorandom number generator (PRNG). This approach thwarts timing-based attacks that could potentially be exploited by unauthorized parties.
• A hardcoded public RSA key embedded within the spyware encrypts the AES key.

This robust encryption scheme ensures that only a threat actor owning the corresponding private RSA key can decrypt stolen data.

Stealth features

LianSpy employs unconventional sophisticated evasion techniques to remain undetected.

• To blend in with legitimate applications, its variants masquerade as the Alipay app or a system service.
• Android 12 introduced the privacy indicators feature, which displays a status bar icon if sensitive data is being accessed, for example when the screen is being recorded. However, LianSpy developers have managed to bypass this protection by appending a cast value to the Android secure setting parameter icon_blacklist, which prevents notification icons from appearing in the status bar.

• To further conceal its activities, LianSpy hides notifications from background services it calls by leveraging the NotificationListenerService that processes status bar notifications and is able to suppress them. A list of key phrases used for removing a notification from the status bar can be found below.running in the background
  using battery
  в фоновом режиме
  использует батарею
  используют батарею

• LianSpy can take screenshots using the screencap system command, typically employed for debugging, but accessible with root permissions. This command leaves no trace of screenshot capture, which allows attackers to stealthily capture screen content.
• It leverages legitimate cloud and pastebin services extensively, making malicious web activity from a compromised device virtually undetectable.
• It encrypts exfiltrated data using a robust encryption scheme. Victim identification remains impossible even if Yandex Disk credentials are compromised during APK analysis.
• LianSpy uses su binary with a modified name to gain root access. The malware samples we analyzed attempt to locate a mu binary in the default su directories. This indicates an effort to evade root detection on the victim’s device. Acquiring superuser rights with such a strong reliance on a modified binary suggests that the spyware was likely delivered through a previously unknown exploit or physical device access.

Infrastructure

LianSpy has no private infrastructure whatsoever. Instead, the threat actor leverages Yandex Disk for both exfiltrating stolen data and storing configuration commands. Victim data is uploaded into a separate Yandex Disk folder.

Other than configuration update job, LianSpy’s communication with its command-and-control (C2) server is unidirectional, with no incoming commands. The malware autonomously conducts update checks and data exfiltration based on its current configuration.

Yandex Disk credentials can be updated from a hardcoded pastebin URL, which may vary across different malware variants. A comprehensive list of these pastebin pages is provided in the IoC section.

Victims

Given that key phrases used to filter notifications are partially in Russian, and some of the default configurations of LianSpy variants include package names for messaging apps popular in Russia, we assume that this spyware targets users in that country. Our KSN telemetry corroborates this, indicating that Russian users have been victims of LianSpy attacks.

Conclusion

The newly discovered Android spyware we dubbed LianSpy exhibits several noteworthy capabilities. Beyond standard espionage tactics like harvesting call logs and app lists, it leverages root privileges for covert screen recording and evasion. Its reliance on a renamed
su binary strongly suggests secondary infection following an initial compromise. Unlike financially motivated spyware, LianSpy’s focus on capturing instant message content indicates a targeted data-gathering operation.
By exclusively leveraging legitimate platforms like Yandex Disk and pastebin services for data exfiltration and C2 communication, the threat actor has complicated attribution. This novel Android threat exhibits no overlap with ongoing malware campaigns targeting Russian users, and we will maintain vigilant monitoring for related activities.

Indicators of Compromise

APK file hashes
084206ec8e6e5684a5acdcbd264d1a41
09088db5640381951e1b4449e930ff11
15222c61978f9133aa34b5972ce84e7e
1ccf5b723c38e30107d55040f10ce32a
22b013cfb95df6b4ba0d2d40dc4bddf4
23b9e5d4ab90506c6e9a42fa47164b84
36bc97ce040ada7142e4add4eb8cd3dd
38149658e5aba1942a6147b387f79d3f
3a4f780820043a8f855979d2c59f36f2
4c3e81bb8e972eef3c9511782f47bdea
5b16eb23a2f5a41063f3f09bc4ca47dd
69581e8113eaed791c2b90f13be0981a
707a593863d5ba9b2d87f0c8a6083f70
7de18a7dac0725d74c215330b8febd4e
842d600d5e5adb6ca425387f1616d6c4
86ea1be200219aca0dc985113747d5ea
86f7c39313500abfb12771e0a4f6d47a
8f47283f19514178ceb39e592324695a
966824d8c24f6f9d0f63b8db41f723b6
99d980a71a58c8ad631d0b229602bbe2
9f22d6bffda3e6def82bf08d0a03b880
a7142ad1b70581c8b232dc6cf934bda4
c449003de06ba5f092ee9a74a3c67e26
d46c5d134a4f9d3cd77b076eb8af28b3
d9e9655013d79c692269aeadcef35e68
da97092289b2a692789f7e322d7d5112
ec74283d40fd69c8efea8570aadd56dc
f13419565896c00f5e632346e5782be4
f37213a7ef3dc51683eec6c9a89e45af
f78eaca29e7e5b035dbcbabac29eb18d
fa3fecca077f0797e9223676d8a48391
fbc2c4226744c363e62fcfeaec1a47f1

Yandex Disk encrypted credential sources
hxxps://pastebin[.]com:443/raw/X4CuaV5L
hxxps://pastebin[.]com:443/raw/0t2c1Djz
hxxps://pastebin[.]com:443/raw/8YXyQtp9
hxxps://pastebin[.]com:443/raw/hm78BGe9
hxxps://pastebin[.]com:443/raw/R509SydV
hxxps://pastebin[.]com:443/raw/dXXcZDF7
hxxps://pastebin[.]com:443/raw/81GhQUjK
hxxps://pastebin[.]com:443/raw/2PmX7Bgd
hxxps://pastebin[.]com:443/raw/zsY6tZLb
hxxps://pastebin[.]com:443/raw/rzMhGiFp
hxxps://pastebin[.]com:443/raw/85DMiWdE
hxxps://pastebin[.]com:443/raw/nSZaB3hw
hxxps://pastebin[.]com:443/raw/Wppem8U5
hxxps://pastebin[.]com:443/raw/KRqNqNrT
hxxps://pastebin[.]com:443/raw/47uLyg6q
hxxps://pastebin[.]com:443/raw/tUQFWtVY
hxxps://pastebin[.]com:443/raw/AgBMX16r
hxxps://pastebin[.]com:443/raw/wSzsbXpg
hxxps://pastebin[.]com:443/raw/e0SqYu41
hxxps://pastebin[.]com:443/raw/ZBFe2b4z
hxxps://pastebin[.]com:443/raw/cbLWwCbR
hxxps://pastebin[.]com:443/raw/fxqART5r
hxxps://pastebin[.]com:443/raw/hiAYisG8
hxxps://pastebin[.]com:443/raw/459bbu4H
hxxps://pastebin[.]com:443/raw/7kxADNLm
hxxps://pastebin[.]com:443/raw/417svXuD
hxxps://pastebin[.]com:443/raw/w4j6jNBV
hxxps://pastebin[.]com:443/raw/9eQJ8uUd
hxxps://pastebin[.]com:443/raw/zy8BKYyg
hxxps://pastebin[.]com:443/raw/uc5Ft4z6

securelist.com/lianspy-android…

It has been two years, but the slow and steady progress that [Doug Brown] has been making towards bringing a modern Linux kernel to the Chumby has approached the point that it could be called done. In his final blog post of the series, [Doug] walks through the highs and lows of the whole process.

Many of the changes [Doug] and others have made are already upstream in the Linux mainline. However, some will likely remain in private branches for a few reasons that [Doug] gets into. The blog post covers every commit needed to turn a Chumby or other Marvell ARMADA-powered widget into a working device. At the end of the day, what does [Doug] have to show? He can turn it on, see a boot logo, and then see an indefinite white screen. While underwhelming to most of the world, an X server is coming up, Wi-fi is online, the time syncs from an NTP server, and the touchscreen is ready to be tapped. A white screen, yes, but a white screen of potential. [Doug] has to decide what to launch after boot.

However, the future of the Chumby and other older devices is still on the chopping block of progress. Compiler writers want to drop support for platforms that nobody uses anymore, and the Chumby is ARMv5. With many changes destined to languish, [Doug] still considers it a huge success, and we do too. The whole series represents a journey with beautiful lessons about the power of the Linux device tree, making the dark and scary world of Linux kernel drivers seem a little more approachable.

We’ve covered the first post and when graphics started coming along. We salute the mighty Chumby and the idea it stood for. Of course, the idea of a handy screen displaying information is still alive and well. This handy e-paper HomeAssistant display is just one of many examples.

A safe haven to preserve samples of biodiversity from climate change, habitat loss, natural disaster, and other threats is recognized as a worthwhile endeavor. Everyone knows good backup practice involves a copy of critical elements at a remote location, leading some to ask: why not the moon?
Not even the Svalbard global seed vault is out of the reach of climate change’s effects.
A biological sample repository already exists in the form of the Svalbard global seed vault, located in a mountain on a remote island in the Arctic circle. Even so, not even Svalbard is out of the reach of our changing Earth. In 2017, soaring temperatures in the Arctic melted permafrost in a way no one imagined would be possible, and water infiltrated the facility. Fortunately the flooding was handled by personnel and no damage was done to the vault’s contents, but it was a wake-up call.

An off-site backup that requires no staffing could provide some much-needed redundancy. Deep craters near the moon’s polar regions offer stable and ultra-cold locations that are never exposed to sunlight, and could offer staffing-free repositories if done right. The lunar biorepository proposal has the details, and is thought-provoking, at least.

The moon’s lack of an atmosphere is inconvenient for life, but otherwise pretty attractive for some applications. A backup seed vault is one, and putting a giant telescope in a lunar crater is another.

Google è vittima della propria piattaforma pubblicitaria, scrivono i ricercatori di Malwarebytes. Il fatto è che gli aggressori stanno creando degli annunci che promuovono una falsa applicazione Google Authenticator, con il pretesto di distribuire il malware DeerStealer.

Gli esperti affermano che gli aggressori sono ancora in grado di inserire annunci nei risultati delle ricerche di Google, mentre sembrano essere associati a domini legittimi, il che crea un falso senso di fiducia tra gli utenti.

Lo schema funziona così: durante la ricerca di Google Authenticator, l’utente vede un annuncio pubblicitario, presumibilmente proveniente da una fonte ufficiale.

In effetti, dietro l’annuncio si nasconde un account falso. Quando si fa clic sul collegamento, si verificano numerosi reindirizzamenti verso domini controllati dai truffatori.

Di conseguenza, l’utente finisce su un sito Web falso che imita la pagina di Google Authenticator. Lì verrà scaricato il file eseguibile.

Questo è seguito da un reindirizzamento a GitHub, dove è ospitato il payload dannoso. L’utilizzo di hosting legittimo per sviluppatori infonde fiducia negli utenti e consente di aggirare di evadere molti sistemi di sicurezza.

Il file scaricato contiene il malware DeerStealer che è progettato per rubare i dati personali dell’utente. Tutte le informazioni rubate vengono immediatamente inviate al server degli aggressori.

È interessante notare che il file dannoso ha una firma digitale valida, che inganna ulteriormente gli utenti.

Gli esperti di Malwarebytes hanno notato la particolare ironia della situazione: mentre cercano di aumentare la sicurezza utilizzando l’autenticazione a due fattori, gli utenti rischiano di diventare vittime di truffatori incappando accidentalmente in un sito di phishing simile, mascherato da ufficiale tramite reindirizzamenti multipli.

Gli esperti consigliano di non fare clic sui collegamenti pubblicitari per scaricare software. Dovresti invece visitare direttamente i siti Web ufficiali degli sviluppatori. E per evitare che la pubblicità dannosa ti confonda, sarebbe una buona idea installare un comprovato blocco degli annunci.

L'articolo DeerStealer: la MFA non è stata mai così pericolosa fingendosi Google Authenticator proviene da il blog della sicurezza informatica.

Gli esperti hanno scoperto nuove prove che il famigerato gruppo di hacker FIN7 continua a migliorare i suoi metodi di attacco e ad espandere la sua influenza nell’underground criminale. Secondo una recente ricerca, gli hacker utilizzano una varietà di alias per mascherare la loro vera identità e supportare operazioni criminali nei forum clandestini.

FIN7 è operativo dal 2012. Durante questo periodo è riuscito a causare danni significativi a diversi settori dell’economia, tra cui il settore alberghiero, l’energia, la finanza, l’alta tecnologia e il commercio al dettaglio.

Inizialmente la FIN7 utilizzava malware per terminali POS a scopo di frode finanziaria. Tuttavia, dal 2020, il gruppo ha spostato la sua attenzione sulle operazioni di ransomware, unendosi a noti gruppi RaaS (ransomware as a service) come REvil e Conti, oltre a lanciare i propri programmi RaaS chiamati Darkside e BlackMatter.

Uno dei tratti distintivi di FIN7 è la creazione di false società di sicurezza informatica. Il gruppo ha così fondato le società fittizie Combi Security e Bastion Secure per frodare. Nonostante l’arresto di alcuni membri del gruppo, le attività della FIN7 continuano, segnalando cambiamenti di tattica, pause temporanee o l’emergere di sottogruppi scissionisti.

Nuovi dati mostrano che FIN7 sta vendendo attivamente i suoi strumenti nei forum criminali. Nello specifico, i ricercatori hanno trovato annunci pubblicitari che offrivano uno strumento di bypass specializzato chiamato AvNeutralizer (noto anche come AuKill).

Un’analisi dell’attività su vari forum clandestini ha rivelato diversi alias presumibilmente associati a FIN7:

• “buonosoft”
• “lefroggy”
• “killerAV”
• “Stupore”

Questi utenti hanno pubblicato annunci simili per la vendita di strumenti per aggirare i sistemi antivirus e i framework post-exploitation. L’arsenale di FIN7 comprende una serie di strumenti sofisticati, ciascuno progettato per una fase specifica dell’attacco:

1. Powertrash è uno script PowerShell fortemente offuscato per caricare in modo riflessivo i file PE in memoria.
2. Diceloader (noto anche come Lizar e IceBot) è una backdoor minima per stabilire un canale di comando e controllo (C2).
3. Backdoor basato su SSH: un insieme di strumenti basati su OpenSSH e 7zip per fornire accesso permanente ai sistemi compromessi.
4. Core Impact è uno strumento commerciale di test di penetrazione utilizzato da FIN7 per sfruttare le vulnerabilità.
5. AvNeutralizer è uno strumento specializzato per aggirare le soluzioni di sicurezza.

Di particolare interesse è l’evoluzione dello strumento AvNeutralizer. L’ultima versione di questo malware utilizza una tecnica precedentemente sconosciuta per aggirare alcune implementazioni di processi protetti utilizzando il driver Windows integrato ProcLaunchMon.sys (TTD Monitor Driver).

FIN7 ha anche sviluppato un sistema di attacco automatizzato chiamato Checkmarks. Questa piattaforma mira principalmente a sfruttare i server pubblici Microsoft Exchange utilizzando le vulnerabilità ProxyShell (CVE-2021-34473, CVE-2021-34523 e CVE-2021-31207).

Inoltre, la piattaforma Checkmarks include un modulo Auto-SQLi per attacchi SQL injection. Se i tentativi iniziali non hanno successo, lo strumento SQLMap esegue la scansione delle destinazioni per potenziali vulnerabilità di SQL injection.

I ricercatori hanno scoperto numerose intrusioni utilizzando vulnerabilità di SQL injection che prendono di mira server pubblici attraverso lo sfruttamento automatizzato. Questi attacchi sono attribuiti a FIN7 con moderata sicurezza. La maggior parte di queste intrusioni si è verificata nel 2022, in particolare nel terzo trimestre, colpendo aziende statunitensi nei settori manifatturiero, legale e governativo.

L'articolo FIN7: quando dai POS al ransomware, il passo è breve proviene da il blog della sicurezza informatica.

L’esperimento di Altman si ispira alla sua convinzione dell’importanza di un reddito di base nell’era dell’intelligenza artificiale, che secondo alcuni esperti potrebbe rendere obsoleti milioni di posti di lavoro. Ritiene inoltre che sia impossibile raggiungere le pari opportunità senza una qualche forma di sicurezza del reddito.

L’idea di un reddito di base universale non è nuova, ma ha guadagnato particolare popolarità grazie alla campagna presidenziale del 2016 di Andrew Yang. Da allora, molte figure di spicco del settore tecnologico, tra cui il cofondatore di Twitter Jack Dorsey e il CEO di Tesla Elon Musk, hanno espresso sostegno al concetto.

Sono emersi i risultati tanto attesi di un esperimento su larga scala sul reddito di base avviato dal CEO di OpenAI Sam Altman del quale avevamo parlato a suo tempo.

Lo studio, uno dei più grandi nel suo genere, ha fornito ai partecipanti a basso reddito pagamenti mensili di 1.000 dollari per tre anni senza vincoli. Lo scopo dell’esperimento era studiare l’impatto del reddito di base sulla vita delle persone, e i risultati sono stati davvero notevoli.

Lo studio ha rilevato che la maggior parte dei fondi aggiuntivi sono stati spesi per bisogni primari, come l’affitto, i trasporti e il cibo. È interessante notare che i partecipanti hanno iniziato a lavorare meno, ma allo stesso tempo sono rimasti partecipanti attivi nel mercato del lavoro ed erano più consapevoli della ricerca di lavoro rispetto al gruppo di controllo.

Gli autori del rapporto sottolineano che ai partecipanti allo studio è stata data maggiore libertà di prendere decisioni che meglio si adattassero alle loro vite e si preparassero per il futuro. Alcuni hanno potuto trasferirsi in altre aree o prendere in considerazione nuove opportunità di business.

Lo studio è stato condotto da OpenResearch e guidato dalla ricercatrice Elizabeth Rhodes. Tutto è iniziato nel 2019, quando sono stati arruolati nell’esperimento 3.000 residenti del Texas e dell’Illinois che vivevano in aree urbane, suburbane e rurali con redditi inferiori a 28.000 dollari. Un terzo dei partecipanti ha ricevuto 1.000 dollari al mese per tre anni, mentre il resto, il gruppo di controllo, ha ricevuto 50 dollari al mese. Tutti i partecipanti hanno mantenuto i vantaggi esistenti.

Secondo lo studio, coloro che hanno ricevuto 1.000 dollari hanno aumentato la loro spesa totale in media di 310 dollari al mese, di cui la maggior parte è destinata al cibo, all’affitto e ai trasporti. Hanno anche fornito maggiore assistenza finanziaria ai bisognosi rispetto al gruppo di controllo.

Tuttavia, i ricercatori non hanno trovato prove dirette di un migliore accesso all’assistenza sanitaria o di cambiamenti significativi nella salute fisica e mentale dei partecipanti. Il rapporto rileva che, sebbene nel primo anno si siano registrate riduzioni significative dello stress, del disagio psicologico e dell’insicurezza alimentare, questi effetti sono scomparsi nel secondo e nel terzo anno del programma. Pagamenti di 1.000 dollari al mese non possono risolvere problemi come malattie croniche, mancanza di assistenza all’infanzia o alti costi abitativi.

Il reddito di base universale fornisce pagamenti diretti in contanti a tutte le persone senza vincoli. Tuttavia, politicamente questo è un compito molto difficile. Molte città e stati stanno sperimentando la garanzia di un reddito di base per alcune popolazioni a basso reddito o vulnerabili. Le prove provenienti da dozzine di programmi simili dimostrano che i trasferimenti di denaro possono aiutare a combattere i senzatetto, la disoccupazione e l’insicurezza alimentare.

All’inizio di quest’anno, Altman ha anche proposto un diverso tipo di reddito di base, che ha chiamato “informatica di base universale”. In questo scenario, le persone riceverebbero una “quota” delle risorse informatiche del grande modello linguistico GPT-7, che potrebbero utilizzare come ritengono opportuno.

Anche questi piccoli esperimenti devono affrontare ostacoli politici. I conservatori di diversi stati hanno contestato i programmi, bloccandone l’avanzamento.

I risultati della ricerca di Altman includevano sia dati quantitativi (indagini e transazioni bancarie) che dati qualitativi (interviste con i partecipanti). Si è scoperto che i destinatari del pagamento mensile di 1.000 dollari hanno aumentato i loro risparmi del 25% rispetto al gruppo di controllo. Hanno anche speso 22 dollari in più al mese per aiutare gli altri, ovvero il 26% in più rispetto al gruppo di controllo.

Non ci sono stati cambiamenti significativi nella proprietà dell’auto o della casa, ma i destinatari di 1.000 dollari avevano maggiori probabilità di cambiare residenza o pagare l’affitto rispetto al gruppo di controllo.

Nel settore sanitario, i destinatari hanno riportato lievi aumenti nella spesa per cure odontoiatriche, visite al pronto soccorso e altre spese mediche, ma non vi è stata alcuna prova diretta di un miglioramento della salute.

I destinatari erano più propensi a mettere in conto un budget e a continuare gli studi, soprattutto nel terzo anno del programma, anche se non ci sono stati cambiamenti significativi nel livello di istruzione complessivo.

Lo studio, avviato durante la pandemia di COVID-19, ha rilevato un calo dei tassi di occupazione tra i destinatari negli anni due e tre rispetto al gruppo di controllo. In media, i redditi sono aumentati in modo significativo per tutti i gruppi, ma leggermente più alti per il gruppo di controllo. I redditi dei destinatari di 1.000 dollari sono aumentati da poco meno di 30.000 a 45.710 dollari, mentre i redditi del gruppo di controllo sono aumentati da un livello simile a 50.970 dollari.

L'articolo Sam Altman e il reddito universale. Iniziano ad uscire i primi dati dello studio proviene da il blog della sicurezza informatica.

The US Commerce Department is expected to propose barring Chinese software in autonomous and connected vehicles in the coming weeks, according to sources briefed on the matter.

euractiv.com/section/cybersecu…

Ever heard of Apollo Computer, Inc.? They were one of the first graphical workstation vendors in the 1980s, and at the time were competitors to Sun Microsystems.

But that’s enough dry historical context. Feast your eyes on this full-color, 26-page product brochure straight from 1988 for the Series 10000 “Personal Supercomputer” featuring multiple processors and more! It’s loaded with information about their hardware and design architecture, giving a unique glimpse into just how Apollo was positioning their offerings, and the markets they were targeting with their products.

Apollo produced their own hardware and software, which meant much of it was proprietary. Whatever happened to Apollo? They were acquired by Hewlett-Packard in 1989 and eventually shuttered over the following decade or so. Find yourself intrigued? [Jim Rees] of The Apollo Archive should be your next stop for everything Apollo-oriented.

Vintage computing has a real charm of its own, but no hardware lasts forever. Who knows? Perhaps we might someday see an Apollo workstation brought to life in VR, like we have with the Commodore 64 or the BBC Micro (which even went so far as to sample the sound of authentic keystrokes. Now that’s dedication.)

Good news, bad news for Sun watchers this week, as our star launched a solar flare even bigger than the one back in May that gave us an amazing display of aurora that dipped down into pretty low latitudes. This was a big one; where the earlier outburst was only an X8.9 class, the one on July 23 was X14. That sure sounds powerful, but to put some numbers to it, the lower end of the X-class exceeds 10-4 W/m2 of soft X-rays. Numbers within the class designate a linear increase in power, so X2 is twice as powerful as X1. That means the recent X14 flare was about five times as powerful as the May flare that put on such a nice show for us. Of course, this all pales in comparison to the strongest flare of all time, a 2003 whopper that pegged the needle on satellite sensors at X17 but was later estimated at X45.

So while the X14 last week was puny by comparison, it still might have done some damage if it had been Earth-directed. As it was, the flare and its associated coronal mass ejection occurred on the far side of the Sun, sending all that plasma off into the void, since pretty much all the planets were on this side of the Sun at the time. That’s the bad news part of this story, at least for those of us who enjoy watching aurora, not to mention the potential for a little doomsday. But fear not; the sunspot region that spawned this monster flare is transiting the far side of the Sun as we speak, and might just emerge with all its destructive potential intact.

Then again, why wait for the Sun to snuff communications when you can just start your own fiber optic apocalypse? Perhaps that was the motivation when saboteurs in France broke into cabinets in several locations on the night of July 28 and 29 to cut fiber cables. These must have been proper cables, since telecomms insiders say it would have taken an axe or angle grinder to cut through them. While the saboteurs were obviously motivated and organized, they appear not to have been familiar enough with the network topology to cause a widespread outage, nor did they succeed in disrupting the Paris Olympics, the most obvious nearby target. Then again, maybe they weren’t looking for that much attention. Probing attack much?

A couple of weeks back we featured a story (third item) about a GMRS system that had a questionable interaction with Federal Communications Commission investigators, resulting in their system of linked repeaters being taken offline. It seemed pretty clear to us at the time that the FCC regulations regarding the General Mobile Radio Service allowed for repeaters, but prohibited linking them together with pretty much any kind of network. Our friend Josh (KI6NAZ) over at Ham Radio Crash Course is weighing in on the issue now, and seems to have come to the same conclusion. However, the FCC didn’t really do themselves or the GMRS community any favors with the wording of 47 CFR §95.1733, which prohibits “Messages which are both conveyed by a wireline control link and transmitted by a GMRS station.” That “wireline” bit seems to be the part GMRS operators latched onto, thinking somehow that this only meant landline telephones and that linking repeaters through the Internet was all good.

youtube.com/embed/dyikR1lZXnQ?…

A friend of ours once related his plans for the weekend, which included, “Going home, flipping on cable, and turning on CSPAN.” He knew this was pretty sad, and even had a name for it: “Loser Entertainment Television”, or LET. We’re not sure what other channels were on his LET list, but if NASA TV had been available at the time, we’re pretty sure he would have included it. Sadly, or luckily depending on your viewpoint, NASA is shutting down their cable channel in a couple of weeks. You say you had no idea that NASA had a cable channel? We didn’t either — we haven’t had cable or satellite service in at least a decade now — so don’t feel too bad. Our condolences if NASA TV was a part of your life, but you can at least take comfort that much of the same content will still be available on the NASA+ streaming service, which we also didn’t know was a thing. Are we so out of touch?

And finally, if you need something to play with during these dog days of (northern hemisphere) summer, you could do worse than React Flight Tracker, and open-source 3D visualizer for everything that flies. And we mean everything; not only does it track civil and military aviation globally, it also shows the obit of everything from satellites in LEO to dead comms birds in parking geosynchronous parking orbits. You can even zoom way out and see bits of space flotsam like boosters and fairing out about halfway to the Moon. The nice thing about it is the Google Earth-like interface, which gives you a unique perspective on flight. We always knew that the best path from Istanbul to Seattle was (almost) over the North Pole, but seeing it on a 3D globe really brings the point home. It’s also interesting to watch planes from Tokyo to Frankfurt skirting around Russian airspace. Have fun.