Ominous biosecurity trends under Putin

Regimes of all types throughout history have sought to harness science for war. As a result, otherwise beneficial technology can become ‘dual-use’. Biological weapons are among the starker examples: research meant to save lives is used to take them. Now, in the run up to elections in Russia, and with concerns mounting about the nation’s role globally, biological-weapons specialists Raymond Zilinskas and Philippe Mauger deliver Biosecurity in Putin’s Russia.

Bioweapons research in Russia and its environs extends back as far as 1928. It took off in the 1970s, for example through the infamous clandestine Biopreparat network. There, the Soviets weaponized pathogens including the smallpox and Marburg viruses and the anthrax bacterium Bacillus anthracis. Zilinskas and Mauger focus on the years 2012–16, when political tensions between Russia and the West intensified markedly. Concerned by apparent shifts in Russia’s pronouncements and actions regarding dual-use activities related to biosecurity, Zilinskas and Mauger write that they wish to “move the discussion over Russian compliance concerns to the public sphere”, where an evaluation based on evidence becomes possible.

Source: Ominous biosecurity trends under Putin

Are these SpaceX’s Starlink satellites?

Looks like I may have found the orbital elements (TLEs) of SpaceX’s Starlink Internet satellites. I noticed on SatView’s site that three objects entered orbit on 22 February, one of which was SpaceX’s PAZ satellite. PAZ was the primary payload on SpaceX’s most recent Falcon 9 flight and the Starlink birds were the secondaries.

Starlink orbits!

Following Satview’s links takes you to the real-time tracking of 43616U and 43617U (International Designators 2018-020A & 2018-020B), two satellites that are almost certainly Starlink’s TinTin A & B (or Microsat 2A & 2B). They show up in NORAD’s catalog as the bland descriptions of “Object B” and “Object C” and were launched from Vandenberg Air Force Base on the same day as PAZ. From CelesTrak:

So now I know both what to look for and where and when to look for it. Now I need to acquire the gear to acquire the signals, which might be the biggest stumbling block of all. Well, aside from actually decoding any signals I happen to get.

Yes, folks, this actually is rocket science.

SpaceX’s Starlink satellite internet: It’s time for tough talk on cyber security in space | Science| In-depth reporting on science and technology | DW | 21.02.2018

It’s time to talk about how secure our flying Internet will be.

Imagine a cutting-edge industry that’s all about pushing boundaries, finding solutions to problems that never existed and “disrupting” absolutely everything we’ve come to rely on with a cast-iron belief in better-life-through-technology. Now, imagine them just “sitting around a big table with a lot of coffee, and talking about it.”

It’s not exactly an image of action, is it? No matter what the “it” is.

And yet that’s precisely the way Constantin Constantinides describes the satellite industry today. Constantinides is a radio frequency engineer with a satellite company in Glasgow called Alba Orbital. And the “it” refers to … cyber security.

Cyber security is one of the biggest unsolved challenges we have on Earth, and it’s about to become a far larger challenge in space.

You could say, “Well, at least they are talking about it.” At least cyber security is on the new space agenda. And it had certainly better be, because the more satellites we fire up into space, and the more those satellites form huge constellations, the more we rely on the data they accrue — the communications networks, location services, Earth Observation, shipping, flight and freak weather tracking, plus masses of unimagined stuff.

And, the more we’re putting our daily lives — human life — at risk.

Source: SpaceX?s Starlink satellite internet: It?s time for tough talk on cyber security in space | Science| In-depth reporting on science and technology | DW | 21.02.2018

Hacking and tracking SpaceX’s Starlink Internet satellites

Starlink Microsat/TinTin

Update 1 March: I found the satellites!

As my family and I strolled our neighborhood at sunset, my eagle-eyed son spotted a light in the sky sliding slowly away from us before fading. At first we thought it was the International Space Station (ISS) but it was too dim for that. We decided it was a low-earth orbit satellite and the conversation shifted to SpaceX’s recent launch of two low-earth-orbit test satellites for their proposed satellite Internet service, Starlink.

I have no idea whether the satellite we watched is a Starlink Satellite (more formally called TinTin A & B and previously known as Microsat 2A and 2B). I didn’t have my satellite tracking app fired up on my phone at the time. It did get me thinking, though, that it would be fun to track the TinTin satellites to see what I could discover.

A search on the Internet reveals very little information about these birds. I have not yet found the two-line elements (TLE) which describe their orbits. They haven’t been mentioned on my satellite-tracking email list, either.

What if I could locate them, then what? I’d like to try to collect whatever telemetry is being broadcast, even if it’s just beeps. Better yet, I could capture the data stream from the Internet side but that would be challenging to do anything with as it’s said to be encrypted. The birds do have imagery capability. What if I could tune into that and download an image snapped from orbit? Wouldn’t that be cool!
Continue reading →

Fake Amazon survey gift webpage

Fake Amazon survey popup

I was reading a cool story on BoredPanda.com this afternoon when suddenly my mobile browser was redirected to a fake survey purporting to be from Amazon.com. I’d seen this once before so I thought right away to screenshot it and save a copy of the page.

First it put a pop-up that enticed me to click “OK.” I declined. 🙂 After moving past that dialog, the user is presented with brain-dead-easy survey questions, promising an iPhone X or a $1000 gift card as a reward:

Continue reading →

Drug firms shipped 20.8M pain pills to WV town with 2,900 people | Health | wvgazettemail.com

Somebody needs to go to jail. Several somebodies, in fact.

Over the past decade, out-of-state drug companies shipped 20.8 million prescription painkillers to two pharmacies four blocks apart in a Southern West Virginia town with 2,900 people, according to a congressional committee investigating the opioid crisis.

The House Energy and Commerce Committee cited the massive shipments of hydrocodone and oxycodone — two powerful painkillers — to the town of Williamson, in Mingo County, amid the panel’s inquiry into the role of drug distributors in the opioid epidemic.

“These numbers are outrageous, and we will get to the bottom of how this destruction was able to be unleashed across West Virginia,” said committee Chairman Greg Walden, R-Ore., and ranking member Frank Pallone Jr., D-N.J., in a joint statement.

Source: Drug firms shipped 20.8M pain pills to WV town with 2,900 people | Health | wvgazettemail.com

Oh noes! Mr. Belarus is tracking me with the pornz!

Another spam email I got today. Not the only one, it seems.

In my opinion 330 usd is pretty enough for this little false!

Date: Mon, 29 Jan 2018 22:08:52 -0700
From: “Skylar_Moodie” info@linkleadsmta.com
Reply-To: “Skylar_Moodie” john_d0ne@yahoo.com
To: @markturner.net
Subject: =?utf-8?Q?WUV=3A_=3C=40markturner.net=3E_30-01-2018_07=3A08=3A53_Anyone_can_make_a_mistake

Ticket Details: WUV-273-205439
Email:@markturner.net
Camera ready,Notification: 30-01-2018 07:08:53
Status: Waiting for Reply 85xuHa8n4kjjbiu84mbeioi1j438Hu5_Priority: Normal
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hi.

If u were more attentive while playing with yourself, I wouldn’t write dis message. I don’t think that playing with yourself is extremely bad, but when all colleagues, relatives and friends receive video record of it- it is awful news.

I placed virus on a web-site for adults (with porn) which was visited by you. When the target press on a play button, device begins recording the screen and all cameras on ur device begins working.

Moreover, my virus makes a dedicated desktop supplied with key logger function from your system , so I was able to get all contacts from your e-mail, messengers and other social networks. I’m writing on dis e-mail because It’s your working address, so you will read it.
Continue reading →

USAF Is Jamming GPS In The Western U.S. For Largest Ever Red Flag Air War Exercise – The Drive

Interesting. Glad to see the military conducting exercises without GPS, now that Russia has shown its willingness to jam it. In war we must be prepared to go without this incredibly-useful resource.

The year’s first iteration of the USAF’s premier set of aerial war games, known commonly as Red Flag, is kicking off today at Nellis Air Force Base just outside of Las Vegas, but this exercise will be different than any in the past. Not only is it the largest of its kind in the exercise’s 42 year history, but the USAF is going to blackout GPS over the sprawling Nevada Test and Training Range to challenge aircrews and their weaponry under realistic fighting conditions. The tactic will spill over throughout the region, with warnings being posted stating inconsistent GPS service could be experienced by aircrews flying throughout the western United States.

Source: USAF Is Jamming GPS In The Western U.S. For Largest Ever Red Flag Air War Exercise – The Drive

Bonus: Read more of the Navy’s rationale for blocking GPS.

Candid camera: Dutch hacked Russians hacking DNC, including security cameras | Ars Technica

Hackers hacking hackers. Reason #47,672 why I love the Dutch!

According to a report in the Dutch newspaper de Volkskrant, the General Intelligence and Security Service of the Netherlands (AIVD)—the Netherlands’ domestic intelligence service—had hacked into the network of a building at a Russian university in Moscow some time in the summer of 2014. The building housed a group running a hacking campaign now known as “Cozy Bear,” one of the “threat groups” that would later target the Democratic National Committee.

Russia’s hack of State Department was “hand-to-hand” combatAIVD’s intrusion into the network gave them access to computers used by the group behind Cozy Bear and to the closed-circuit television cameras that watched over them, allowing them to literally witness everything that took place in the building near Red Square, according to the report. Access to the video cameras in a hallway outside the space where the Russian hacking team worked allowed the AIVD to get images of every person who entered the room and match them against known Russian intelligence agents and officials.

Based on the images, analysts at AIVD later determined that the group working in the room was operated by Russia’s Foreign Intelligence Service (SVR). An information and technology sharing arrangement with the National Security Agency and other US intelligence agencies resulted in the determination that Cozy Bear’s efforts were at least in part being driven by the Russian Federation’s leadership—including Russian President Vladimir Putin.

Source: Candid camera: Dutch hacked Russians hacking DNC, including security cameras | Ars Technica

A Complete Taxonomy of Internet Chum – The Awl

The Awl provides an in-depth look at the outrageous “suggested for you” news stories that are on many media sites (like the News and Observer).

This is a chumbox. It is a variation on the banner ad which takes the form of a grid of advertisements that sits at the bottom of a web page underneath the main content. It can be found on the sites of many leading publishers, including nymag.com, dailymail.co.uk, usatoday.com, and theawl.com (where it was “an experiment that has since ended.”)

The chumboxes were placed there by one of several chumvendors?—?Taboola, Outbrain, RevContent, Adblade, and my favorite, Content.ad?—?who design them to seamlessly slip into a particular design convention established early within the publishing web, a grid of links to appealing, perhaps-related content at the bottom of the content you intentionally came to consume. In return, publishers who deploy chumboxes receive money, traffic, or both. Typically, these publishers collect a percentage of the rates that the chumvendors charge advertisers to be placed inside the grids. These gains can be pocketed, or re-invested into purchasing the publisher’s own placements in similar grids on thousands of other sites amongst the chummy sea, reaping bulk traffic straight from the reeking depths of chumville.

Source: A Complete Taxonomy of Internet Chum – The Awl