Friday, July 21, 2017

Incompatibility in Leica Camera Equipment

DP Review reports here on an incompatibility between a Leica camera and a Leica viewfinder.  Attaching the viewfinder may cause the camera to stop functioning.

Thursday, July 20, 2017

Movidius Neural Compute Stick

Anandtech reports here on the Movidius Neural Compute Stick from Intel. A Caffe convolutional neural network can be compiled onto the Movidius stick for execution.  The stick interfaces to the host via USB.

Tuesday, July 18, 2017

FBI Warning on Internet-Enabled Toys

Toms Hardware reports here on an FBI public service announcement which warns of the dangers of Internet-enabled toys.

Friday, July 7, 2017

DHS Investigating Russian Penetration of U. S. Energy and Manufacturing Computer Systems

The New York Times reports here that the Department of Homeland Security is investigating the penetration of computer networks by Russian hackers.  Targets include Wolf Creek Nuclear Operating Corporation, other energy facilities, and manufacturing plants.

Sunday, July 2, 2017

NTSB Docket on 2016 Tesla Crash

The National Traffic Safety Board reports here that it has opened a docket on the 2016 fatal crash of a Tesla Model S. The docket contains a number of items, one of which is the Driver Assistance System Specialist's Factual Report. This report notes that an event data recorder is not required for this vehicle but that "The Tesla Model S stores non geo located data on the vehicle in non volatile  memory using a removable SD card installed within the Gateway ECU ". SD cards are mechanically thin.

Friday, June 30, 2017

Recent Attacks May Not Have Been Traditional Ransomware

Tom's Hardware reports here that the recent ransomware attacks may have been intended primarily to disrupt targets, not to extract payments from them.  The payments were to be made to an email address that was quickly shut down.  Given the simple nature of the payment system, some question whether the attack was intended to generate revenue.  Instead, it may have been intended to disrupt operations in the targets with the ransom demands being something of a distraction.

How Hard is Flipping a Presidential Election, Part 3

My earlier posts walked through the arithmetic of two recent Presidential elections.  We saw that nullifying a small proportion of the total votes would have been sufficient to change the results. To close out the subject, let's make a few observations.

First, attackers generally have some options as to which regions they can attack.   Areas where the vote is expected to be closest make sense as good targets.  We saw that in the 2016 elections, a large number of combinations of regions could be put together to affect the required number of votes.  The 2012 election offered a fewer number of combinations but options were still available.

Second, the federated nature of the U. S. election system cuts both ways.  Design diversity is a good approach in all sorts of high reliability systems. The range of systems and procedures used in different counties means that an attacker cannot roll out a one-size-fits-all attack.  On the other hand, a security wall is only as good as its weakest point.  Some counties are likely to be more difficult to attack than others.  Given that a relatively small proportion of the jurisdictions need to be compromised, and given that multiple combinations of regions can be put together to produce the required number of votes, attackers can probe for weak links to achieve their ends.