Month: February 2017

Enlarge / Nipsey Hussle and YG pose backstage at Nokia Theatre LA Live on January 13, 2012. (credit: Joe Scarnici / Getty Images)

A certain model of Low Power FM radio transmitter with known vulnerabilities has been targeted in a new wave of radio-station hacks this week. Armed with an exploit that was known all the way back in April 2016, hackers have commandeered terrestrial radio stations—and in apparent unity, the hackers all decided to broadcast the YG and Nipsey Hussle song "Fuck Donald Trump."

News of the song's unexpected playback on radio stations began emerging shortly after Trump's inauguration on January 20, and the hack has continued to affect LPFM stations—a type of smaller-radius radio station that began to roll out after the FCC approved the designation in 2000. Over a dozen stations experienced confirmed hacks in recent weeks, with more unconfirmed reports trickling in across the nation. Thus far, the stations' commonality isn't the states of operation or music formats; it's the transmitter.

Specifically, hackers have targeted products in the Barix Exstreamer line, which can decode many audio file formats and send them along for LPFM transmission. If that sounds familiar, that's because Ars Technica reported on this kind of hack last year. As Barix told its products' owners in 2016, Exstreamer devices openly connected to the Internet are incredibly vulnerable to having their remote login passwords discovered and systems compromised. The company recommends using full, 24-character passwords and placing any live Internet connections behind firewalls or VPNs.

Enlarge (credit: Getty Images | John Lund)

The New York state government’s lawsuit against Charter and its Time Warner Cable (TWC) subsidiary contains some intriguing details about how TWC allegedly manipulated speed tests conducted by the Federal Communications Commission.

The FCC uses measuring equipment in the homes of more than 4,000 Internet subscribers across the US to produce its annual Measuring Broadband America (MBA) report, which compares actual Internet speeds to the speeds promised by broadband providers. But TWC played a few tricks to get better marks than it should have in the tests, according to the lawsuit (full text) filed in the New York State Supreme Court by New York Attorney General Eric Schneiderman.

According to the lawsuit, TWC used one tactic that an employee described as “lipstick on a pig.” In another case, a TWC executive wrote an e-mail saying, “We just have to make it work temporarily” in order to boost the FCC speed test scores.

Enlarge (credit: AFP/Stringer)

A few months ago we reported that the "devil was in the details" about how Sony Playstation 3 owners could go about getting either $9 or $55 from Sony as part of a class-action settlement over a 2010 software update that removed the ability to run Linux on the popular gaming consoles.

The California judge presiding over the litigation is now killing the proposed settlement amid concerns the lawyers representing the class haven't explained why they should get $2.25 million for their legal services, especially considering that the deal has made it burdensome on gamers to get their cash. Of the gamers who tried to get their $55 refund, 25 percent have been rejected.

"The Court has concerns, based upon how the notice and claims process preceded, the results it produced, and the disproportionality of the attorneys’ fees versus the class recovery, that the settlement agreement is not fair, reasonable, and adequate," US District Judge Yvonne Gonzalez Rogers ruled, (PDF) a decision that reversed her earlier order that tentatively backed the pact.

Enlarge (credit: flickr user: Andrea Squatrito)

Habla some other language?

Bilingualism is a surprisingly fraught topic of research. For a long time, exciting results have been pouring out of the field, suggesting that bilingual children have a cognitive advantage over monolingual kids. But many of those results haven’t replicated, leaving a confusing picture—and it's going to take a lot of research to unravel the knot.

There are also findings that suggest bilingualism could delay the onset of Alzheimer’s. A paper published in PNAS this week, led by Daniela Perani at the Vita-Salute San Raffaele University in Italy, reports underlying changes in the brain that seem to be connected to the delay. Again, the evidence for this is on the murky side, but it provides a great starting point for figuring out where to look for more robust evidence, says Jon Andoni Duñabeitia, a bilingualism researcher not involved with the paper.

Enlarge / The supernatural Nazi SS scientist in Hellboy, who works on weird experiments. (credit: Hellboy)

Among other horrors, the Nazis were famous for weird, semi-mystical science experiments. These have spawned movies from the classic Raiders of the Lost Ark to Hellboy to Norwegian splatstick series Dead Snow. Now JJ Abrams' production company Bad Robot is getting in on the Nazi monster action with Overlord, a movie about the supernatural fascist menace.

The project, which is the brainchild of JJ Abrams and writer Billy Ray (Captain Phillips, The Hunger Games), will be directed by Julius Avery (Son of a Gun). The script is complete and has gotten a final polish from Mark L. Smith, who wrote the seriously violent, emotionally intense flick The Revenant. This roster of creators suggests Overlord may be pretty dark and likely harrowing. It's hard to imagine magical Nazi monsters without a dose of irony, but we're living in pretty non-ironic times these days.

Variety reports the film's plot:

Enlarge (credit: Alex Eylar)

OAKLAND, Calif.—In September, KrebsOnSecurity—arguably the Internet's most intrepid source of security news—was on the receiving end of some of the biggest distributed denial-of-service attacks ever recorded. The site soon went dark after Akamai said it would no longer provide the site with free protection, and no other DDoS mitigation services came forward to volunteer their services. A Google-operated service called Project Shield ultimately brought KrebsOnSecurity back online and has been protecting the site ever since.

At the Enigma security conference on Wednesday, a Google security engineer described some of the behind-the-scenes events that occurred shortly after Krebs asked the service for help, and in the months since, they said yes. While there was never significant hesitancy to bring him in, the engineers did what engineers always do—weighed the risks against the benefits.

"What happens if this botnet actually takes down google.com and we lose all of our revenue?" Google Security Reliability Engineer Damian Menscher recalls people asking. "But we considered [that] if the botnet can take us down, we're probably already at risk anyway. There's nothing stopping them from attacking us at any time. So we really had nothing to lose here."

The Planck cosmic microwave background observatory and its map of temperature fluctuations on the sky. (credit: ESA)

Cosmology is a funny kind of science. At one end of the spectrum, cosmologists can explain vast swathes of the Universe with remarkable accuracy. Unfortunately, at the point where this explanation breaks down, cosmology theories don't gently fail, allowing you to come to a safe halt on the shoulder of the inflationary-universe-highway. No, three tires blow out at once, leaving you spinning toward a high-velocity crash barrier, followed by an unsympathetic truck.

How does this happen? It comes down to the problem that quantum mechanics and gravity do not share a common theoretical framework. To describe the very earliest times of the Universe, a unified theory of quantum mechanics and gravity appears to be necessary, but there are many competing ideas for how to achieve this. Now, scientists have had a chance to digest data from the Planck mission to explore the cosmic microwave background, and some of these ideas are being tested against this new data.

Unfortunately, the test results are not as clear as we'd like them to be.