Author: Sean Gallagher

Scammers, via Cisco Talos

Ranscam's "ransom note": Pay us and then we'll make everything better.

2 more images in gallery

There has been a lot of ingenuity poured into creating crypto-ransomware, the money-making malware that has become the scourge of hospitals, businesses, and home users over the past year. But none of that ingenuity applies to Ranscam, a new ransom malware reported by Cisco's Talos Security Intelligence and Research Group.

Ranscam is a purely amateur attempt to cash in on the cryptoransomware trend that demands payment for "encrypted" files that were actually just plain deleted by a batch command. "Once it executes, it, it pops up a ransom message looking like any other ransomware," Earl Carter, security research engineer at Cisco Talos, told Ars. "But then what happens is it forces a reboot, and it just deletes all the files. It doesn't try to encrypt anything—it just deletes them all."

Talos discovered the file on the systems of a small number of customers. In every case, the malware presented exactly the same message, including the same Bitcoin wallet address. The victim is instructed:

Back into action. (credit: Oracle PR)

The long silence is apparently over. After an extended quiet period following last October’s Java One conference, Oracle has finally provided a hint about the company’s actual plans for Java EE, the enterprise framework for server-side Java applications. As Ars reported on July 1, development on Java EE projects by Oracle engineers has practically ceased since last fall, as the company pushed development resources to other projects—leaving members of the Java Community Process (JCP) executive committee and Java EE partners in the dark.

In response to Ars’ report, Mike Moeller, spokesperson for Oracle, issued the following statement via e-mail:

Oracle is committed to Java and has a very well defined proposal for the next version of the Java EE specification—Java EE 8—that will support developers are as they seek to build new applications that are designed using micro-services on large-scale distributed computing and container-based environments on the Cloud. Oracle is working closely with key partners in the Java community to finalize the proposal and will share the full details with the broader Java community at JavaOne in September.

When asked if “key partners” meant the JCP, the Java EE Expert Group, or specific industry partners in a parallel effort, an Oracle spokesperson replied that there was no parallel effort. The spokesperson suggested the changes Oracle was proposing would clearly need to be discussed within the Java community—both with the Java EE Expert group as well as more widely within the JCP—and that Oracle looks forward to feedback on the ideas.

Clinton's staff may face administrative sanctions for mishandling classified information from the State Department, and she may now face a perjury investigation. (credit: CSPAN)

Now that criminal charges are off the table in the investigation of former Secretary of State Hillary Clinton’s e-mails, the State Department is taking up its own investigation once again, looking into the mishandling of classified information by Clinton, her staff, and other State Department employees who forwarded classified information via State’s unclassified e-mail system. According to the Associated Press, State Department spokesperson John Kirby said that State had held up its own review, started in January, until the completion of the FBI investigation.

While Clinton’s core staff left the department shortly after she did, the State investigation could have material impact on the future careers of Clinton chief of staff Cheryl Mills, and deputy chiefs of staff Jacob Sullivan and Huma Abedin—including the revocation of security clearances and blocking of any future access to a security clearance. The actions would be kept on file, Kirby said; they could block them from top jobs if Clinton is elected president. Sullivan has been said to have been a top candidate for the position of National Security adviser in a Clinton administration. Some of Clinton’s former State staff still hold security clearances, according to reports.

All three sent information later determined to be classified—some of it as highly as Top Secret /Sensitive Compartmented Information (TS/SCI) via State’s unclassified e-mail system to Clinton’s private, unsecured e-mail server. But as revealed during a hearing of the House Oversight Committee Thursday, as many as 1,000 State Department employees were connected to classified information sent through the unclassified e-mail system that found its way into Clinton’s server—almost all of it unmarked with classification information, and some of it including information about CIA and other Intelligence Community personnel and assets overseas.

The House Oversight Committee is holding a hearing today, focused on Hillary Clinton's use of a private e-mail account during her tenure as Secretary of State. The Representatives will get to question FBI Director James Comey, State Department Inspector General Steve Linick, and Intelligence Community Inspector General Charles McCullogh III. The hearing comes two days after Comey called the use of private e-mail by Clinton and the mishandling of classified information by her, her staff, and State Department officials "extremely careless" but declined to recommend criminal prosecution.

“The FBI’s recommendation is surprising and confusing," House Oversight Committee Chairman Jason Chaffetz (R-UT) said in a statement announcing the hearing. "The fact pattern presented by Director Comey makes clear Secretary Clinton violated the law. Individuals who intentionally skirt the law must be held accountable. Congress and the American people have a right to understand the depth and breadth of the FBI’s investigation. I thank Director Comey for accepting the invitation to publicly answer these important questions.”

In his testimony, in response to questions about whether Clinton should have been aware that she was sending highly classified data in unclassified e-mails, Comey said, "I don’t think our investigation established she was that sophisticated about classification."

The Silent Phone app from Silent Circle is encrypted end-to-end, so there's really no call for a canary.

News reports that Silent Circle, the commercial encrypted voice-over-IP service company that manufactures the security-focused Blackphone, had removed its "warrant canary" webpage have apparently created some confusion. Things only got fuzzier since the company counsel stated that the page’s removal was a “business decision” and not the result of a warrant being served against the company for customer data. But the explanation for that decision, made more than a year ago with no fanfare, is actually very simple: Silent Circle's customers don't care. In fact, the warrant warning might have been a liability with some of Silent Circle's core customers, who might be more likely to be serving a warrant than receiving one.

Many of Silent Circle’s customers are in the government and corporate sector. "Our customer base is generally not concerned with law enforcement," Vic Hyder, Silent Circle's chief strategy officer, explained to Ars. "They use Silent Circle to protect their business activities from criminals and competition for the most part."

As Ars reported when we tested the original Blackphone and the Blackphone 2, the Silent Phone service definitely keeps customer security at the core. It provides end-to-end encrypted voice, video, and text messaging, and the service doesn’t provide any way for the Switzerland-based company to monitor or log the contents of messages, much as Apple’s iMessage service can’t. In addition to a layer of SSL encryption between the two ends of a call or message stream, Silent Phone applies another layer of encryption based on an exchange of keys. As a result, once the call or message thread is established, all of the data is protected between devices. In cases of calls from Silent Phone to an unsecured phone, the call is encrypted all the way to Silent Circle’s access point to the switched public phone network.

FBI Director James Comey slammed former Secretary of State Hillary Clinton, her Staff, and the State Department for reckless treatment of classified data in unsecured e-mails. But he stopped short of recommending prosecution. (credit: Brookings Institution)

In a surprise 15-minute press conference on Tuesday, Federal Bureau of Investigation Director James Comey issued a harsh assessment of former Secretary of State Hillary Clinton's use of a private e-mail server, calling her handling of classified data "extremely careless" and suggesting that it was possible her home-based mail server had been breached by hackers.

But Comey said he would recommend no criminal charges be filed against Clinton, citing that there was a lack of evidence that Clinton had intended to expose or transmit classified data, or that she mishandled information in a willful oversight of her responsibilities. That decision has already drawn calls from Republicans for an independent investigation.

Comey's conclusion was that no reasonable prosecutor would try to make a case out of the evidence collected in the investigation. Though the Justice Department has certainly done so with other cases of mishandling classified data, those cases have involved more willful acting, and anything not directly involving espionage generally results in relatively light punishment.

National Archives

A colorized photo of the Baker detonation from Operation Crossroads. The underwater detonation rained down unanticipated fallout over a large area, covering the entire target fleet.

14 more images in gallery

In July of 1946, the US military conducted a pair of nuclear weapons tests on the previously inhabited island of Bikini, a coral atoll in the Marshall Islands chain. Advertised as a "defensive" test to see how ships would withstand a nuclear blast, the tests—code-named "Crossroads"—were described by the Manhattan Project team as "the most publicly advertised secret test ever conducted."

The National Security Archive project at George Washington University has assembled a collection of documents and videos related to the Bikini tests—the second of which would be called "the world's first nuclear disaster"by Atomic Energy Commission chairman Glenn T. Seaborg. The Baker explosion, detonated underwater, was the first to create significant fallout, as a "base surge" of irradiated water and debris washed over the entire fleet of target ships and Bikini's lagoon itself.

Bikini was chosen for its deep, large lagoon, and because the island was far off international shipping routes. To prepare the site, the US Navy (which governed the Marshall Islands immediately following World War II) convinced the inhabitants of Bikini to relocate for the tests, which military governor Commodore Ben Wyatt told them was for "the good of all mankind and to end all world wars."

Coffee break with lots of splashes.

Stop me if you've heard this one before: Oracle has quietly pulled funding and development efforts away from a community-driven technology where customers and partners have invested time and code. It all seems to be happening for no reason other than the tech isn't currently printing money.

It's a familiar pattern for open source projects that have become the property of Oracle. It started with OpenSolaris and continued with OpenOffice.org. And this time, it's happening to Java—more specifically to Java Enterprise Edition (Java EE), the server-side Java technology that is part of hundreds of thousands of Internet and business applications. Java EE even plays an integral role for many apps that aren't otherwise based on Java.

For months as Oracle Corporation's attorneys have battled Google in the courts over the use of Java interfaces in Android's Davlik programming language, Oracle's Java development efforts have slowed. And in the case of Java EE, they've come to a complete halt. The outright freeze has caused concerns among companies that contribute to the Java platform and among other members of the Java community—a population that includes some of Oracle's biggest customers.

Huma Abedin with Hillary Clinton on the campaign trail in 2008. Abedin was grilled about Clinton's e-mail proclivities by a Judicial Watch attorney this week. (credit: http://www.flickr.com/people/41834437@N00)

We already knew that Hillary Clinton's e-mail and mobile device issues were likely a pain for State Department employees—and even some foreign governments. But new testimony recorded on Tuesday by one of Clinton's top aides illuminates the extent of those headaches.

Huma Abedin is the vice-chair of Clinton's presidential campaign and the former deputy chief of staff and senior advisor to Clinton during her stint as Secretary of State. She was deposed on June 28 by an attorney representing the conservative action group Judicial Watch as part of discovery for a lawsuit being brought against Clinton. Judicial Watch published the transcript of that deposition yesterday, and Abedin revealed what she knew about Clinton's use of the mail server and how she was "frustrated" with the technical glitches caused by Clinton's mobile device and e-mail travails. 

Both Clinton and Abedin had accounts on the clintonemail.com server, which was originally set up at the Clinton residence by staffers of former president Bill Clinton prior to the family's arrival at the State Department. (The server would later be managed by Platte River Networks, a managed IT services firm, with security provided by Datto.) Clinton had been using a BlackBerry mail account through AT&T during the 2008 presidential campaign, and she had been having "technical issues" with the account, according to Abedin. Clinton switched to the private server when she got a new device, and Abedin was given an account on the server after she lost access to her Senate e-mail account. Abedin said she used it primarily for personal business in addition to a personal Yahoo e-mail account (where she would later forward press clippings received from a State Department clipping service, she said).

Retired United States Air Force Colonel Gene Lee, in a flight simulator, takes on the ALPHA AI. It doesn't go well for him. (credit: Lisa Ventre, University of Cincinnati)

In the future, the US Air Force hopes to have armed drones flying in formation with human pilots, responding to their verbal and digital commands to fight the enemy and strike targets. That would require an artificial intelligence capable of interpreting commands and applying knowledge of combat tactics—something that is already being proven in a project funded by the Air Force Research Lab.

ALPHA, an artificial intelligence trained by a retired Air Force expert in air combat, was originally developed as what amounts to ultimate video game AI—an autonomous simulated enemy for use in training fighter pilots. The AI is so good that it has consistently beaten human pilots in simulated air combat—even when heavily handicapped by simulated physics. And now AFRL is investigating using ALPHA as the AI for Unmanned Combat Aerial Vehicles (UCAVs) in the physical world, potentially flying missions alongside human pilots.

Described in a paper recently published in the Journal of Defense Management, ALPHA was created using a "genetic fuzzy tree" (GFT) system. There's a lot to unpack in that term, but in short, the methodology uses genetic algorithms—code intended to mimic evolution and natural selection—to train a collection of independent but interconnected "fuzzy inference systems" (FISs). Instead of training each bit of fuzzy logic independently for a given task, as is normally done in fuzzy systems, the genetic algorithm "is utilized to train each system in the Fuzzy Tree simultaneously," lead researcher Nick Ernest, CEO of Psibernetix Inc. (the company that developed ALPHA) and his co-authors wrote in the paper. "Each FIS has membership functions that classify the inputs and outputs into linguistic classifications, such as 'far away' and 'very threatening', as well as if-then rules for every combination of inputs, such as 'If missile launch computer confidence is moderate and mission kill shot accuracy is very high, fire missile'. By breaking up the problem into many sub-decisions, the solution space is significantly reduced."