Month: September 2016

Enlarge / Whoa. (credit: USA / NBCUniversal)

Warning: This piece contains spoilers for this week's episode of Mr. Robot as well as show's entire second season.

"Angela's right. We can't beat them, but we don't have to lose to them either. Maybe there's a way to stop them from winning."

Last week, Mr. Robot's two-part Season Two (S2) finale began with this monologue from series hero Eliot. At the time, it seemed to be referencing the FBI (hot on fsociety's trails with agent Dom DiPierro following Angela like a hawk) or E-Corp (about to unleash its digital currency on the US to fill the financial sector void created by the 5/9 hack). But based on how the finale turned out, Elliot appears to be on quest to stop himself from winning.

It took 11 episodes, but fsociety's follow-up to S1's 5/9 hack has finally come into focus. The mysterious Stage Two proves to be a culmination of prior work. The idea of using temperature to disrupt data storage came out during a Steel Mountain data center attack in S1. Planting a femtocell at the temporary FBI setup stations at E-Corp happened in episode six this season. And blowing crap up was a dark Mr. Robot desire from early in S1 before Elliot fought to include "no killing" as part of the hacking moral code.

Bleach those bits away. (credit: Adina Firestone)

A system administrator with Platte River Networks, the company that took over hosting Hillary Clinton's mail server after it was moved out of her basement in Chappaqua, has been the target of a crowdsourced investigation on Reddit into whether he took part in a conspiracy to cover up Clinton's e-mails. Paul Combetta, an employee of Platte River Networks who was granted immunity from prosecution by the Justice Department in exchange for cooperation with the FBI's investigation of Clinton's e-mails, apparently went to Reddit for help with a sticky problem related to the e-mail investigation by the House Select Committee on Benghazi—scrubbing the e-mails of Clinton's personal address.

While the post doesn't provide evidence that Clinton herself instructed Combetta to erase her e-mails, it does suggest that his staff wanted to excise her private e-mail address from the archives to be turned over to the State Department—ånd in turn, to the House Select Committee. The later destruction of the e-mails during the continuing investigation was apparently, as Combetta told investigators, an "oh-shit moment."

It's chosen by default, ready to download and install if you're not paying attention.

For the first year of Windows 10's availability, the operating system was offered as a free upgrade for anyone running a consumer version of Windows 7 and Windows 8.1. To advertise this unusual offer, the company pushed an update known as "Get Windows 10" to users of those operating systems in a move that proved more than a little contentious. The promotion used some shady techniques to trick people into upgrading to Windows 10.

The Get Windows 10 software, however, has finally been purged from user systems. Mary Jo Foley spotted that a patch shipped yesterday, KB3184143, which removes the Get Windows 10 promotional software.

Broadly speaking, the Get Windows 10 program seems to have been successful. Windows 10's uptake was unprecedented for a Windows release, with more than 350 million people now using the operating system—a number that hasn't been updated for several weeks. We hope to hear more at Microsoft's Ignite conference in Atlanta next week. The manner in which the program was operated, however, became increasingly underhanded; toward the end of the promotion, the ads felt straight-up deceptive, as they performed the upgrade even if you clicked the X to dismiss the window. That 350 million users number undoubtedly includes some number of Windows users who wanted to stick with Windows 7 or 8.1 but were tricked into upgrading.

A recently fixed security vulnerability that affected both the Firefox and Tor browsers had a highly unusual characteristic that caused it to threaten users only during temporary windows of time that could last anywhere from two days to more than a month.

As a result, the cross-platform, malicious code-execution risk most recently visited users of browsers based on the Firefox Extended Release on September 3 and lasted until Tuesday, or a total of 17 days. The same Firefox version was vulnerable for an even longer window last year, starting on July 4 and lasting until August 11. The bug was scheduled to reappear for a few days in November and for five weeks in December and January. Both the Tor Browser and the production version of Firefox were vulnerable during similarly irregular windows of time.

While the windows were open, the browsers failed to enforce a security measure known as certificate pinning when automatically installing NoScript and certain other browser extensions. That meant an attacker who had a man-in-the-middle position and a forged certificate impersonating a Mozilla server could surreptitiously install malware on a user's machine. While it can be challenging to hack a certificate authority or trick one into issuing the necessary certificate for addons.mozilla.org, such a capability is well within the means of nation-sponsored attackers, who are precisely the sort of adversaries included in the Tor threat model. Such an attack, however, was only viable at certain periods when Mozilla-supplied "pins" expired.

Enlarge / A screenshot from the newly playable Half-Life mod Threewave shows where the "quad damage" logo was in the original Quake version.

It's not every day that we see the playable release of official Valve content for the original 1998 release of Half-Life. Today is apparently one of those days, even if the "official" content here is a port of a two-decade-old Quake mod that was originally canceled in 2001 and leaked through a 13-year-old hack of Valve's servers.

Confused? Then you should watch this highly informative Valve News Network video, which lays out the story of the Half-Life version of the Threewave mod. If that name sounds familiar, you were probably a fan of the original Threewave mod for id Software's Quake. That mod, released way back in the Internet prehistory of 1996, helped popularize the standard Capture the Flag mode that's been seen in countless shooters since.

Even PC shooter superfans may not remember, however, that a Half-Life version of Threewave was contained in the infamous 2003 hack of Valve's servers—the same hack that revealed an early copy of Half-Life 2 to the world. Buried in a leaked folder called "wmods" (in a subfolder named "3wave") was a level pack for Half-Life's Deathmatch Classic containing replicas of all the official maps from the Quake Threewave mod.

Enlarge / An antenna used by AT&T's Project AirGig. (credit: AT&T)

AT&T is developing wireless technology that uses power lines to guide wireless signals to their destination and potentially deliver multi-gigabit Internet speeds. The technology is experimental and not close to commercial deployment, but it could potentially—in a few years—be used to deliver smartphone data or home Internet.

Project AirGig from AT&T Labs, announced yesterday, revives the possibility of using power lines for Internet service—but in a surprising way. Signals would not travel inside the power lines, but near the lines. "Low-cost plastic antennas and devices located along the power line" send wireless signals to each other, using the power lines as a guide, AT&T said.

“We’re experimenting with multiple ways to send a modulated radio signal around or near medium-voltage power lines,” AT&T’s announcement said. “There’s no direct electrical connection to the power line required, and it has the potential of multi-gigabit speeds in urban, rural, and underserved parts of the world.”