Blog

This old-fashioned horror anthology isn't terrifying or scream-inducing; instead, it's closer in spirit to the moody, clammy, atmospheric English movies of decades past, and parodies thereof. I am again reminded of Dr. Strangelove.

→ Read more...

IBM researchers at Black Hat USA 2018 announced their development of DeepLocker, a proof of concept to raise awareness of AI-powered threats, demonstrate how attackers have the capability to build stealthy malware that can circumvent commonly deployed defences, and provide insights into how to reduce risks and deploy adequate countermeasures.

DeepLocker has changed the game of malware evasion by taking a fundamentally different approach from any other current evasive and targeted malware.

  • Malicious payload is hidden in benign carrier applications, such as a video conference software, to avoid detection by most antivirus and malware scanners.
  • AI makes the “trigger conditions” to unlock the attack almost impossible to reverse engineer.
  • The malicious payload will only be unlocked if the intended target is reached. It achieves this by using an AI model that can use several attributes to identify its target, including visual, audio, geolocation and system-level features.
  • It is virtually impossible to exhaustively enumerate all possible trigger conditions for the AI model, this method would make it extremely challenging for malware analysts to reverse engineer the neural network and recover the mission-critical secrets, including the attack payload and the specifics of the target.

Long story short, while a class of malware like DeepLocker has not been seen in the wild to date, these AI tools are publicly available, as are the malware techniques being employed — so it’s only a matter of time before we start seeing these tools combined by adversarial actors.

→ Read more...

And the first week of May 2019 the internet news was full of stories like “Chinese Hacker Crew Stole NSA Cyber Weapons In 2016” (forbes) and “Chinese spies stole NSA hacking tools, report finds” (CNN). Somewhat more subtle is the word “grab” in “How China grabbed NSA hacking tools and used them to attack U.S.” (Boing boing).

Hmm. “Chinese intelligence agents acquired National Security Agency hacking tools and repurposed them in 2016 to attack American allies and private companies in Europe and Asia”.

How about taking some responsibility for ones' own actions? For example, “The United States created and used a malware to break into foreign networks and attack adversaries’ infrastructure, the malware was discovered and then turned around on its creators?”, or “How the U.S. is proliferating cyber conflict by creating a cybersecurity arsenal that is hard to keep track of and gives rise to a digital Wild, Wild West on the internet with few rules or certainties?”

The details of Buckeye can be found in the Symantec report, including its Indicators of Compromise.


The Memcached vulnerability has been used to create record-breaking distributed denial-of-service attacks. Memcached-based amplification/reflection attacks amplify the bandwidth of the DDoS attacks by a factor of around 50,000 by exploiting thousands of misconfigured Memcached servers that were left exposed on the Internet.

→ Read more...

A great deal of computing research focuses on one particular type of future, one very much like the present, only more so. Often, looking forward assumes that current ever-increasing economic growth will continue. Not surprising, after a period of remarkable industrial and technological expansion. And there are a variety of planet-scale limits, the very matter, the consequences of which many people are already experiencing, yet not at “the top” or “in the computing field”, hence the signals go (mostly) ignored.

The Cassandra's among us (like me) may feel some relief with Within Limits (on the impact of present and future ecological, material, energetic, and societal limits on computing).

→ Read more...

The CNIL’s restricted committee imposes a financial penalty of 50 Million euros against GOOGLE LLC because it agrees with complaints brought by activists: user consent is insufficient.

Under the GDPR, all companies, including tech giants like Google, must give users clear and comprehensive information about the data they collect from them. They must also give control to users and provide simple tools so that users can consent to having their personal information used. Opt-in instead of opt-out. According to the French regulator, Google failed on both accounts.