Month: March 2016

Enlarge / By default, Mac OS X allows applications to run only if they are signed with a valid certificate.

There are lots of ways to ensure the success of an advanced hacking operation. For a gang called Suckfly, one of the keys is having plenty of stolen code-signing certificates on hand to give its custom malware the appearance of legitimacy.

Since 2014, the group has used no fewer than nine separate signing certificates from nine separate companies to digitally sign its hacking wares, according to a blog post published Tuesday by security firm Symantec. Company researchers first came upon the group last year when they identified a brute-force server message-block scanner that was signed with a certificate belonging to a South Korean mobile software developer. When the researchers searched for other executable files that used the same credential, they eventually uncovered three more custom tools from the same group of black-hat hackers.

After tracing the hacking group's traffic to IP addresses in Chengdu, China, Symantec researchers ultimately identified a much larger collection of custom-developed backdoors and hacking tool that were signed by nine different certificates from nine different companies. Curiously, all nine of the compromised companies are located within a few miles of each other in Seoul. While the physical proximity is suspicious, the researchers ultimately speculated it was coincidental, and that the certificate theft was most likely the result of the owners being infected with malware that had the ability to search for and extract signing certificates.

This image, first made for the PSN hacking case back in 2011, kind of works for this story, too. Right?

After Monday's surprise announcement that Microsoft was opening the Xbox One up to wider cross-platform play, the only thing standing between a more-unified console multiplayer future is Sony. Now, the PlayStation maker has responded to Microsoft's offer, but in an incredibly vague and hard-to-read way.

"PlayStation has been supporting cross-platform play between PC on several software titles starting with Final Fantasy 11 on PS2 and PC back in 2002,” the company said in a statement issued to Gamespot. “We would be happy to have the conversation with any publishers or developers who are interested in cross-platform play."

On the surface, that statement suggests that Sony is willing to open the doors to the PlayStation Network at least a crack, even if it's not willing to throw those doors as wide open as Microsoft. It sounds like PSN cross-platform access will be granted on a case-by-case basis—perhaps the standards will be different for niche indie titles and the big-budget shooters that really drive PSN's network effects.

(credit: United)

On Friday, United Airlines announced that its flights between Los Angeles International Airport and San Francisco International Airport will now be partly powered by a biofuel mix supplied by an LA-based company called AltAir Fuels.

United runs four or five flights between LAX and SFO every day, and it will fill these planes up with a combination of 30 percent biofuel and 70 percent traditional jet fuel, according to the Washington Post. The biofuel portion of the mix will be made with a range of biological source materials “from used cooking oil to algae,” the Post writes; it was developed with funding from the Defense Advanced Research Projects Agency (DARPA).

The airline has agreed to purchase 15 million gallons of the mix over the next three years from AltAir. Still, the Los Angeles Times points out that United burned through 3.2 billion gallons of traditional jet fuel last year, so that 15 million gallons is just a proverbial drop in the jet fuel barrel.

SAN FRANCISCO—Ahead of its virtual reality headset's impending March 28 launch, Oculus held one final press event adjacent to the Game Developers Conference. And you know what that means: makeshift living rooms!

Comfortable couches and chairs were centrally placed in cushy, compartmentalized demo stations, each dimly lit and set off by HDTVs, computer- and fan-loaded entertainment shelves, and small bookshelves lined with nerd-hip books like Jane McGonigal's Reality is Broken. What surprised us about the event, however, is how many of these faux rooms didn't have couches.

The event was notable for including the Oculus Rift's full, launch-day release slate of 30 VR games. But it was just as notable for dedicating over a third of its floor space to its full-room Oculus Touch controller system, which isn't set to launch until fall. We came in expecting a good chance to play through a lot of launch content, but we were instead left with barely enough time to scrabble together launch-game impressions—and we think we know why.

One of the ginger-chew buckets placed around the Oculus Rift launch preview event in San Francisco earlier this week. (credit: Sam Machkovech)

Before the Oculus Rift VR headset ships to its first preorder customers in 12 days, Oculus founder Palmer Luckey invited select press to a major preview event, which I wrote about in another article. I touched upon some nausea issues, mostly in terms of particular examples of comfort and discomfort alike, but I skipped the larger question of the platform's immersive feeling in general.

That's because I spent roughly four hours after the preview event feeling sick. I felt stuck in a dizziness spell the likes of which I'd never experienced at over a year of major, lengthy VR preview events. In the past, I'd used more ineffective VR tracking systems, particularly Google Cardboard, and I'd used earlier Oculus kits with more "screendoor" problems and other visual issues.

What was so bad about this one?