The Space Review: A NEMESIS in the sky: PAN, MENTOR 4, and close encounters of the SIGINT kind

PAN/NEMESIS satellite

Here’s an interesting story from 2016 about spy satellites. Amateur satellite spotters determined that the “PAN” satellite of the U.S. Government were tiptoeing up next to geostationary commercial communications satellites so they could vacuum up the signals being relayed through them. Speculation is that PAN was able to triangulate the position of satellite phones used by terrorists, enabling drone strikes.

This would make a fun new hobby.

After launch, the enigma became even bigger. PAN was placed in a geostationary orbit and observations by amateur satellite trackers (including this author) from Europe and South Africa revealed very unusual behavior. Every few months—usually once every six months—PAN moved to a new position. In a mere four years time, it moved at least nine times to various longitudes scattering between 33 and 52.5 degrees east (see my blog post “Imaging Geostationary satellites, and PAN’s past relocations”). This costs fuel, and it is something you normally do not do with a geostationary satellite, as liberally spending fuel drastically shortens the satellite’s operational lifetime. In late 2013, the relocations suddenly stopped and PAN has remained at longitude 47.7 degrees east. This active stationkeeping at this longitude means it must still be operational, although the satellite obviously has ended its previous roving state. All very mysterious! What was this spacecraft doing?

Source: The Space Review: A NEMESIS in the sky: PAN, MENTOR 4, and close encounters of the SIGINT kind

Tom Dundon, king of subprime auto loans

Tom Dundon

The local paper is singing the praises of the new owner of the Carolina Hurricanes, Tom Dundon. WRAL Sports Fan The News and Observer’s Luke DeCock and Chip Alexander lauded the “self-made billionaire” in an adoring story today:

Dundon, 46, has no background in professional sports but knows how to operate a successful business and already has analyzed much of the Hurricanes’ organization and operation. He also likes to win.

Let’s talk about this “self-made billionaire” who “knows how to operate a successful business.” Dundon’s successful business was Santander Consumer Holdings USA, the subprime auto lending arm of the Spanish bank, Santander. Dundon founded the business and ran it until July 2015, when he stepped down just as the regulatory heat was being turned up on Santander. Santander Consumer is in the subprime auto loan business, making what some say is 1 out of every 5 loans. For those of you who didn’t see the film The Big Short or slept through the 2008 recession, America’s economy was nearly ruined by the kind of loans lenders like Santander made.
Continue reading

Got Robocalled? Don’t Get Mad; Get Busy. — Krebs on Security

Several times a week my cell phone receives the telephonic equivalent of spam: A robocall. On each occasion the call seems to come from a local number, but when I answer there is that telltale pause followed by an automated voice pitching some product or service. So when I heard from a reader who chose to hang on the line and see where one of these robocalls led him, I decided to dig deeper. This is the story of that investigation. Hopefully, it will inspire readers to do their own digging and help bury this annoying and intrusive practice.

Source: Got Robocalled? Don’t Get Mad; Get Busy. — Krebs on Security

The time Santa rescued me

A visit from Santa at sea

Over the holidays, I found myself thinking back to another Christmas of over 25 years ago.

I was serving in the Navy on the USS Elliot (DD-967) and it was yet another Christmas away from home. I was in a funk at the time though now I’m not sure which one of the many possible causes was responsible. I’m pretty sure I was nearing the end of my enlistment. I definitely remember that the deployment was ending and we were bound for San Diego. Maybe it was because I had been butting heads with some of the other guys in my division (we didn’t always get along and when I finally earned some rank I became more comfortable with confronting the slackers and assholes). Maybe it was simply because I didn’t know what I should be doing with my life. Still don’t, actually.

But there I was at sea. It was about 8 AM. I had been working midwatches and had just come off of twelve hours of nighttime duty. I was in my rack, exhausted and feeling depressed. I just wanted to sleep and make the time pass as quickly as I could.
Continue reading

‘Kernel memory leaking’ Intel processor design flaw forces Linux, Windows redesign • The Register

A massive security issue has been found in Intel’s processors that will very shortly have a huge performance impact on almost all computers. Details are sketchy at the moment but it’s not looking good.

Remember the Year 2000 (Y2K) bug? This is likely to eclipse Y2K. Why? Because patching broken software is trivial but patching broken hardware is all but impossible. We will feel the effects of this design flaw for years. Soon nearly all computers you interact with (including online services like Facebook, SalesForce, Netflix, etc) could be from five to thirty percent slower.

When I purchased a new Intel processor last year, I did so thinking it would give me a decade or more of service. Now it’s already obsolete. If any class-action lawsuits spring up over this I would be willing to join in. This is ridiculous.

A fundamental design flaw in Intel’s processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.

Programmers are scrambling to overhaul the open-source Linux kernel’s virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday: these changes were seeded to beta testers running fast-ring Windows Insider builds in November and December.

Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we’re looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features – specifically, PCID – to reduce the performance hit.

Similar operating systems, such as Apple’s 64-bit macOS, will also need to be updated – the flaw is in the Intel x86 hardware, and it appears a microcode update can’t address it. It has to be fixed in software at the OS level, or buy a new processor without the design blunder.

Source: ‘Kernel memory leaking’ Intel processor design flaw forces Linux, Windows redesign • The Register

Bonus link: Some technical speculation on the bug from “pythonsweetness.”

Cheap Thoughts: Microcell towers

A microcell site outside of the gas station at Raleigh’s Costco.

I’d been a bit puzzled by all of the microcell sites I’ve seen popping up around town. The first I found was the one behind Adventure Landing on Capital Boulevard a few years ago. Since then, more and more have appeared at locations like Hillsborough Street near N.C. State, Cameron Village Shopping Center, Red Hat Amphitheater, St. Augustine University, outside the Subway on Creekside Drive, and the one pictured above outside of Costco on Six Forks Road near Wake Forest Road.

Many of these new towers sit almost literally in the shadow of massive, existing towers. Why were all of these micro towers going up in places that already have clearly good coverage?

Then the Eureka moment hit me. These cheap, utility-pole cell sites are poaching cellphone users away from the massive towers and collecting the connection fees!
Continue reading

The Promotion and Marketing of OxyContin: Commercial Triumph, Public Health Tragedy

I stumbled upon this old but still relevant paper on the National Institutes of Health website, tracing our country’s current opioid epidemic directly to Purdue Pharmaceutical’s aggressive marketing campaign.

It is truly frightening to consider how many lives have been sacrificed – and continue to be sacrificed – in the name of profits for the pharmaceutical industry. These are real people who trusted their health care providers and were let down. So many families have been shattered and it makes me extremely angry.

America’s health care system is badly broken and needs a drastic fix.

Purdue promoted among primary care physicians a more liberal use of opioids, particularly sustained-release opioids. Primary care physicians began to use more of the increasingly popular OxyContin; by 2003, nearly half of all physicians prescribing OxyContin were primary care physicians.19 Some experts were concerned that primary care physicians were not sufficiently trained in pain management or addiction issues.

Primary care physicians, particularly in a managed care environment of time constraints, also had the least amount of time for evaluation and follow-up of patients with complicated chronic pain.

Source: The Promotion and Marketing of OxyContin: Commercial Triumph, Public Health Tragedy

Hello, 2018

New Years 2018 arrives in Raleigh City Plaza during the First Night Raleigh celebration

It’s New Years Day 2018 and I sit in my comfortable home office, coffee in hand and a pile of technology surrounding me. The weather is a brisk 22 degrees Fahrenheit as we’re in the middle of a brutal cold spell. I’ve been spending the past week and change catching up on home projects, mostly of the indoor variety.

When it was still warm enough to feel one’s limbs outside I worked more on our fence, digging up more than half of our old fenceposts. The ones that are left are anchored by concrete and not as eager to be ripped from the ground. On a future warmer weekend I will pry these out as well. For now, we have a mostly-open yard for the first time in a while.
Continue reading

Broken DHCP on the Ubiquiti EdgeRouter Lite

The Ubiquiti EdgeRouter Lite (ERL), an amazing little networking box.

Back in October I finally squeezed gigabit speeds out of my AT&T Fiber connection by switching from my old OpenWRT-based TP-Link Archer C7 routers to an Ubiquiti EdgeRouter Lite (ERL). The Archer hardware could not keep up with gigabit speeds but the ERL can.

I love the ERL! It’s only about $100 but it’s a very powerful device! Previous versions of the firmware were a bit cryptic (at least in the UI area) but the latest one provides a lot of functionality (and wizards).

I had followed one such wizard to do my initial setup with the ERL back in October, after upgrading it from version 1.9.1 of EdgeOS to EdgeOSv1.9.7+hotfix.4. All seemed to work … except for it properly pulling a DHCP address from AT&T. See, I have bypassed AT&T’s PACE router in favor of my own and the ERL now does everything but the initial 802.1x authentication that opens the port on AT&T’s switch.

Why do you need to use DHCP on your AT&T link? You can put a static IP on your end of the link but AT&T offers DHCP leases of 14 days and expects you to use them. If your box (i.e., my ERL) doesn’t renew its IP near the end of those 14 days, AT&T considers the link to be dead and shuts down the connection. At this point, the only way you’ll get it going again is to reconnect the AT&T router and let it do its 802.1x authentication again. This is a pain, so avoiding it is very useful.
Continue reading

Burglars enter her home. Cops take an hour to get there.

Imagine being on your own with these guys for almost an hour

Yesterday evening one of my neighbors found herself in a terrifying situation. Three would-be burglars had targeted her home and two of them had just quietly entered through her back door – while she was home! If her very large dogs hadn’t alerted her and scared them off she could’ve found herself face to face with these young men.

She did what any panicked homeowner would do – she called 911 and waited for help to arrive.

And she waited. And waited. And waited.

Two strangers had just entered her home while she was inside and the first Raleigh police officer did not arrive until a full fifty minutes later. By that time the intruders trail had gone cold, too cold for the K9 unit to track them. Officers were apologetic, telling her the department is understaffed.

My neighbor said later that the dispatcher misclassified the break-in as a “Level 2” incident, meaning the officers didn’t even get dispatched until 20 minutes after the incident. Even so, if it takes 30 minutes to round up enough officers to respond to a B&E that is far too long.

No one should have to wait this long for assistance in a life-threatening emergency. This is completely unacceptable. If the Raleigh Police Department is this understaffed then the City of Raleigh needs to get this fixed.

I know the Council recently approved raises for our first responders. Has that boosted recruitment? Why or why not? What else can the city do to ensure the safety of its citizens?

I can’t imagine what I would’ve done had this happened to me. The City of Raleigh needs to do whatever it takes to get more officers in the Raleigh Police Department and to keep happy the ones who are there now. What we have now puts everyone’s safety at risk.

Neighbors will be asking the Raleigh City Council next month to allocate more resources towards our police.