Month: March 2016

Pirates like those shown here aboard a dhow in waters off western Malaysia in January 2006 were using data stolen from a shipping company's systems to target cargo ships and steal specific crates of valuables in hit-and-run attacks. (credit: US Navy)

When the terms "pirate" and "hacker" are used in the same sentence, usually it's a reference to someone breaking digital rights management on software. But that wasn't the case in an incident detailed in the recently released Verizon 2015 Data Breach Investigation Report. Verizon's RISK security response team was called in by a global shipping company that had been the victim of high-seas piracy aided by a network intrusion.

The shipping company experienced a series of hit-and-run attacks by pirates who, instead of seeking a ransom for the crew and cargo, went after specific shipping containers and made off with high-value cargo.

"It became apparent to the shipping company that the pirates had specific knowledge of the contents of each of the shipping crates being moved," the RISK team recounted in the report. "They’d board a vessel, locate by bar code specific sought-after crates containing valuables, steal the contents of that crate—and that crate only—and then depart the vessel without further incident."

(credit: Seabamirum)

One of the tech sector's biggest upcoming trials—Oracle v. Google—careened Tuesday away from the hot-button topic of copyrighting application programming interfaces (APIs) and instead focused on the presiding judge's concern that the tech giants are setting up jurors to fail. US District Judge William Alsup believes it's all so the loser could challenge the verdict of the second upcoming trial set for May.

Judge Alsup said Tuesday that the tech giants jointly submitted a proposed questionnaire (PDF) for prospective panelists containing "so many vague questions" that "the loser on our eventual verdict will seek, if history is any guide, to impeach the verdict by investigating the jury to find some 'lie' or omission during voir dire."

(credit: Richard Liu)

Voir dire is the part of the case in which lawyers question potential jurors about their backgrounds and biases. And the case is being closely watched by the tech sector and developer community given the high stakes. Oracle is seeking $1 billion in damages after successfully suing the search giant for infringing Oracle's Java APIs that were once used in the Android operating system. A federal appeals court has ruled (PDF) that the "declaring code and the structure, sequence, and organization of the API packages are entitled to copyright protection." The decision reversed the outcome of the first San Francisco federal trial heard before Alsup in 2012.

The 16TB Samsung PM1633a SSD (credit: Golem.de)

Samsung has announced that it is now shipping its PM1633a SSD. That's a boringly mundane name for a drive that's anything but: the PM1633a isn't just the biggest SSD around, it's straight up the biggest drive around. At 15.36TB, it dwarfs other SSDs and surpasses the capacity even of the very latest magnetic spinning disks. Remarkably, it packs all this storage into a conventional 2.5-inch package.

The company explained how this was done in August last year. While traditional integrated circuits (whether processors or flash memory or RAM or anything else) have a flat, essentially 2D structure, this drive uses Samsung's 3D V-NAND technology, which vertically stacks 48 layers of NAND cells to greatly increase the storage density. The highest performance flash memory stores a single bit in each flash cell; Samsung's trades a bit of performance for density, storing three bits per cell. Each die using this technology stores 256Gb (32GB) of data.

The company then adds a second level of layering: 16 of the 256Gb dies themselves are stacked up, creating a package with a 512GB capacity. 32 of these packages are used in the PM1633a to give it its total 15.36TB capacity. Samsung plans future versions with 7.68TB, 3.84TB, 1.92TB, 960GB, and 480GB capacities. The 15.36TB unit also has 16GB of RAM embedded.

(credit: Kārlis Dambrāns)

While many tech companies, cryptographers, and privacy advocates have lined up publicly behind Apple in its ongoing fight with federal prosecutors, the company now has an unexpected ally: a San Bernardino man whose wife was shot and severely injured during the December 2015 terrorist attack.

On Thursday, Apple published Salihin Kondoker’s letter to the federal judge overseeing the case. In the letter, Kondoker describes how his wife, a San Bernardino County Health Department employee, was shot three times during the attack but survived.

Kondoker describes himself as an IT consultant for Pacific Gas & Electric, a public utility that serves much of California.

Comcast Stream TV. (credit: Comcast)

Consumer advocacy group Public Knowledge has asked regulators to stop Comcast from exempting its own streaming video service from Internet data caps, saying that selective enforcement of caps violates a merger condition from when Comcast purchased NBCUniversal and may violate a net neutrality rule.

Public Knowledge filed its petition with the Federal Communications Commission yesterday. It relates to "Stream TV," a service for Comcast's Internet-only customers that streams live TV channels to computers, tablets, and phones. Stream TV doesn't require a set-top box, but Comcast says it "is an in-home cable service delivered over Comcast's cable system, not over the Internet." Stream TV offers some video outside the home, but live TV channels can only be watched on Comcast customers' home Internet connections.

Public Knowledge points out that when Comcast won government approval to buy NBCUniversal in 2011, the FCC and Department of Justice "prohibited Comcast from excluding its own services from data caps or metering and required it to count traffic from competing online video services the same as its own." Public Knowledge also says the data cap exemption for Stream TV should be stopped by the FCC's net neutrality order; though the net neutrality rules don't specifically ban zero-rating, the FCC imposed a "general conduct" rule to be applied on a case-by-case basis. That rule is meant to stop practices that limit consumers' access to content or the ability of online service providers to reach consumers.