NSA targets system administrators

The Intercept describes the NSA’s efforts to undermine networks by targeting the system administrators who job it is to keep them secure. If this doesn’t make system administrators angry there’s something seriously wrong.

Across the world, people who work as system administrators keep computer networks in order – and this has turned them into unwitting targets of the National Security Agency for simply doing their jobs. According to a secret document provided by NSA whistleblower Edward Snowden, the agency tracks down the private email and Facebook accounts of system administrators or sys admins, as they are often called, before hacking their computers to gain access to the networks they control.

The document consists of several posts – one of them is titled “I hunt sys admins” – that were published in 2012 on an internal discussion board hosted on the agency’s classified servers. They were written by an NSA official involved in the agency’s effort to break into foreign network routers, the devices that connect computer networks and transport data across the Internet. By infiltrating the computers of system administrators who work for foreign phone and Internet companies, the NSA can gain access to the calls and emails that flow over their networks.

The classified posts reveal how the NSA official aspired to create a database that would function as an international hit list of sys admins to potentially target. Yet the document makes clear that the admins are not suspected of any criminal activity – they are targeted only because they control access to networks the agency wants to infiltrate. “Who better to target than the person that already has the ‘keys to the kingdom’?” one of the posts says.

via Inside the NSA’s Secret Efforts to Hunt and Hack System Administrators – The Intercept.

We Got A Badass Over Here: Doctor Neil deGrasse Tyson, Science and Social Responsibility | Geekquality.com

Here’s a great bio of Dr. Neil deGrasse Tyson. I’ve requested his memoir from the Wake County Public Library but this will hold me over until it arrives.

In the latter half of 1958, two events occurred that would have a profound effect on the science of astrophysics: one was the signing of the National Aeronautics and Space Act by President Dwight D. Eisenhower, which authorized the creation of NASA as a civilian space agency; the other, much more humble of the two, was the birth in the West Bronx of Neil deGrasse Tyson.

Oh, and we got tickets!

via We Got A Badass Over Here: Doctor Neil deGrasse Tyson, Science and Social Responsibility | Geekquality.com.

Tickets to Neil deGrasse Tyson?

Neil deGrasse Tyson

I got a tip from a friend that tickets would be available to the public this morning for the upcoming visit to NCSU’s College of Sciences by Dr. Neil deGrasse Tyson. I had heard there were only going to be 100 or so general admission tickets available so I knew we had to act fast if this science family had any chance to see NDT.

Kelly and I teamed up to increase our chances. She and I both pounded the NCSU website as the clock approached 10 AM. Then when the “register now” link appeared, we both typed like crazy to enter our information. With my registration safely complete, I refreshed my browser to see that the registration window had just closed. Kelly and I were both successful, and we made it in the nick of time!

I don’t know how NCSU will distribute it’s 100 tickets. It’s possible the school will try to accommodate its alumni first and leave us regular folk out of it. I sure hope they will honor their procedure, though, and award us the tickets that we earned this morning. Fingers crossed!

A million times brigher than the sun: Astronomers reveal ‘largest yellow star ever’ | The Raw Story

I love astronomy news!

Astronomers have spotted the largest yellow star ever observed in our galaxy and 1,300 times larger than the sun.The yellow hypergiant star HR 5171 A is also in the top-10 of the largest stars known and about one million times brighter than the sun, Olivier Chesneau, whose team made the discovery, said Wednesday.

Despite its great distance of nearly 12,000 light-years from earth, the object can just about be seen with the naked eye.“
The new observations also showed that this star has a very close binary partner, which was a real surprise,” said Chesneau, of the Observatoire de la Cote d’Azur, in Nice, France.

“The two stars are so close that they touch and the whole system resembles a gigantic peanut.”

via A million times brigher than the sun: Astronomers reveal ‘largest yellow star ever’ | The Raw Story.

Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping

Whoopsie! A big security hole has been discovered in a Linux package. It goes to show that Linux is not immune to flaws. The difference is that with Linux anyone can audit the code. This didn’t seem to happen with GnuTLS because apparently the code was really a mess.

Hundreds of open source packages, including the Red Hat, Ubuntu, and Debian distributions of Linux, are susceptible to attacks that circumvent the most widely used technology to prevent eavesdropping on the Internet, thanks to an extremely critical vulnerability in a widely used cryptographic code library.

The bug in the GnuTLS library makes it trivial for attackers to bypass secure sockets layer SSL and Transport Layer Security TLS protections available on websites that depend on the open source package. Initial estimates included in Internet discussions such as this one indicate that more than 200 different operating systems or applications rely on GnuTLS to implement crucial SSL and TLS operations, but it wouldn’t be surprising if the actual number is much higher. Web applications, e-mail programs, and other code that use the library are vulnerable to exploits that allow attackers monitoring connections to silently decode encrypted traffic passing between end users and servers.

via Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping | Ars Technica.

I have obtained Linux Guru status

My score

As part of one job recruiter’s vetting of me as a candidate, I was asked to take an online assessment of my Linux skills. I spent about 30 minutes completing this test, which turned out to be a bit more challenging than I expected. Nevertheless, my score was quite impressive, with a 4.28 out of 4.50 putting me up in the advanced category. My Linux-fu puts me in the 100th percentile for global population and 98th percentile for the company population.

The recruiters I’ve spoken with have all mentioned how in-demand people with Linux skills are. It’s good to know I’ve got skills that employers are looking for.

RALEIGH: Little Raleigh Radio goes live with online broadcast

The N&O writes about Little Raleigh Radio.

RALEIGH — When Little Raleigh Radio’s on-air sign glowed red for the first time a few weeks ago, station founders Kelly Reid and Jacob Downey knew they had made it.After years of planning, they had officially launched a community radio station.“People got to listen, which is one of the most exciting moments we’ve had,” said Reid, who, like Downey, was once a disc jockey at N.C. State’s WKNC 88.1 FM.The station’s mission is to offer music and news programs produced by locals for the Raleigh community. Already, listeners can tune in to shows featuring everything from heavy metal and contemporary classical to museum exhibits and beer.For now, the station is streaming online from a studio off St. Marys Street, but Reid and Downey hope to secure a home on the FM dial – 106.5 – as well.

via RALEIGH: Little Raleigh Radio goes live with online broadcast | Local/State | NewsObserver.com.

What I’ve learned about Google Fiber – Lori Bush – Cary Town Council, At-Large Representative

Cary Town Councilmember Lori Bush discusses what she learned from last week’s visit to the Triangle by Google Fiber representatives.

There’s been a lot of excitement about Google Fiber coming to the Triangle – and I have to admit that I’m on that band wagon. I’ve received more than 100 separate emails from Cary citizens, excited about this possibility!If you’d like to read more about our Cary position on this announcement, the Town has a FAQ on Google Fiber. You can also check out the Open Letter to Cary Citizens from our Mayor.Last week, I met with Google Fiber representatives about their plans for the Triangle, and to learn more. They were in town to meet with the municipalities about the “check list” of items that will make it easier for them to decide if Google Fiber will go forward in this area.Here is what I learned in that meeting.

via What I’ve learned about Google Fiber – Lori Bush – Cary Town Council, At-Large Representative.

Fiber letter runs in N&O

I wrote a letter to the editor last week after being amazed at all the buzz that was going around about Google considering the Triangle for Google Fiber. It created huge buzz, even though we’re not a sure bet to get it and whatever fiber Google does lay down won’t be lit for at least a year.

Here’s my short-but-sweet letter:

News that Google Fiber might bring gigabit Internet to the Triangle brought to mind the stir that must have accompanied the arrival of the railroad. Sure, a horse and buggy will get you there, but the future rides on fiber optics.

Mark Turner
Raleigh

Why Apple’s Recent Security Flaw Is So Scary

I can’t say for sure whether the National Security Agency had anything to do with this Apple security flaw but it is certainly something the NSA could readily exploit. All the Agency needed to do is control a router between its target and the target’s destination and it would have clear view of the supposedly encrypted traffic.

I’ve said it before and I’ll say it again: America no longer has a monopoly on world-class cryptographers (if it ever did). By encouraging these types of flaws, our government leaves us vulnerable to attacks from foreign nations. Instead, our cryptographers should be working to make American software as secure as it can be.

I hope Apple will track down the developer responsible for this colossal blunder and fire him or her on the spot.

SSL stands for Secure Sockets Layer, and it’s what helps ensure that communication between your browser and your favorite websites’ servers remains private and secure. TLS, or Transport Layer Security, is a more recent protocol that does essentially the same. In brief, SSL/TLS is a cryptographic key that lets a browser and a server know they are who they say they are, a secret digital handshake that keeps your financial information safe when you make an Amazon payment or log into wellsfargo.com.

This all happens in the background; your only direct interaction with SSL/TLS is when you notice the lock icon in your search bar has clamped shut. That means you’ve got a direct, private, secure line.

The Apple bug in question—which, again, has been patched in iOS but not yet in OS X, though Apple tells Reuters that fix is coming "very soon"—means that Safari or one of these other affected applications can’t actually know for sure if the servers it’s talking to are who they say they are. Which leaves you and everything you transmit over the web vulnerable to a Man in the Middle attack.

via Why Apple's Recent Security Flaw Is So Scary.

S	M	T	W	T	F	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28