FOXTROT/ALFA: Unsecure Nukes from Boeing, Assange Conviction Would Be Death Sentence for Press Freedom, ICANN Halts .org Sale

Hey, everyone! As promised, here’s a regular edition of FOXTROT/ALFA once more. This is issue 76, for Tuesday, 4 February 2020.

I’m just back from a press screening of Sonic The Hedgehog. TL;DR: It ain’t good, but it could’ve been a lot worse. Jim Carrey does a decent Doctor Robotnik. Not worth seeing if you ain’t going with your kids, I think. I kinda doubt that kids these days know who Sonic is, though.

Anyway. Now some actual tech news:

Hack of the Day

Our hack of the day comes from Scotland this time.

A further education college in east Scotland has been struck by what its principal described as a cyber “bomb” in an apparent ransomware attack so bad that students have been told to stay away and reset passwords en masse.

Dundee and Angus College told students not to turn up after the ransomware seemingly downed the entire institution’s IT systems. The outage began late last week and has been ongoing ever since, though the latest internal update to students and staff says services are finally being restored, we have been told by sources.

A “cyber bomb”. What will they come up with next? ROFL.

Data Leak of the Day

Ah yes, world-readable AWS buckets again. This time, it’s a yacht crew recruiting company for rich people.

Crew & Concierge – a Bath-based jobs firm that targets “high net worth individuals”, yacht captains and management companies searching for seafarers to crew private yachts – left an AWS S3 bucket open to anyone and everyone for around 11 months starting in February 2019.

British news site Verdict reported that 17,379 seafarers' CVs were exposed, along with thousands of ENG1 medical certificates and passport scans. A total of 90,000 files were exposed, it was said, including sample menus from chefs hoping to fill a billet aboard some oligarch’s floating gin palace.

Microsoft Azure Remote Code Execution

Check Point researchers have found and reported remote code execution vulnerabilities in Microsoft’s cloud platform Azure. These have been fixed for quite a while.

The SSRF vulnerability (CVE-2019-1234) was disclosed and fixed by Microsoft, and was awarded $5,000 from Microsoft’s bug bounty program.

The unauthenticated internal API issue had also been separately discovered by Microsoft, and had been addressed in late 2018 in Azure Stack 1811 update.

Windows 10 Zombieload Fixes

Microsoft has pushed out some updates for Windows 10 as part of their ongoing effort to try and close these Zombieload CPU vulnerabilities.

Microsoft has released Intel microcode updates for Windows 10 versions 1909 and 1903 to address four recently disclosed security threats, including Zombieload.

The microcode updates are the latest installment of Microsoft’s efforts to help distribute firmware updates on behalf of the chip maker, addressing a variety of attacks on the optimization process known as speculative execution. The updates address four microarchitectural data-sampling (MDS) attacks that can exploit store buffers (CVE-2018-12126 aka Fallout), load buffers (CVE-2018-12127), line-fill buffers (CVE-2018-12130, aka the Zombieload attack, or RIDL), and uncacheable memory (CVE-2019-11091).

While consumers are being encouraged to install Intel’s microcode updates, the mitigations for Zombieload have reduced CPU performance by up to 40% on some systems after disabling hyper-threading.

Microsoft indicates in a support page that the new microcode updates are available for Denverton, Sandy Bridge, Sandy Bridge E and EP, Valley View, and Whiskey Lake U chips. The Whiskey Lake U updates are for Intel’s 8th Generation Core CPUs, including the i5-8265U, i3-8145U, and Core 4205U and 5405U. The Denverton updates fix issues in Intel’s Atom E3800 product family, while the Sandy Bridge updates fix Intel’s 8th Generation Core processors for desktop, embedded and mobile devices. The Sandy Bridge E and EP fixes target Intel Core, Celeron, and Pentium server CPUs, while Valley View updates address the issues in Intel Atom Z series processors.

Users need to manually install the updates from the Microsoft Update Catalog as they won’t be installed automatically through Windows Update.

Well, I don’t usually say things like that but… with those reported performance impacts, maybe that’s a good thing?

More Boeing Software Problems …This Time in a Nuke

Boeing is building a guidance toolkit for nuclear bombs. It has an IT security issue, but the Pentagon won’t fix it because that would take time and money.

What could possibly go wrong.

Since 1968 the B61 nuclear bomb has been the primary thermonuclear gravity bomb in America’s nuke stockpile. The Air Force has since 2012 contracted Boeing to upgrade the bomb’s tail-kit assembly as part of a broader life-extension program to “refurbish, reuse or replace all of the bomb’s nuclear and non‐nuclear components to extend the service life of the B61 by at least 20 years, and to improve the bomb’s safety, effectiveness and security,” according to the Department of Energy.

Boeing has overseen a new tail kit guidance assembly since being awarded an initial $178 million contract in 2012, and subsequent ones since, which allows for air-launched nukes to utilize new “guided freefall capability” using four maneuverable fins (to be sure, and quite tragically, Boeing is all too experienced with “freefall” capabilities). Essentially the internal guidance system allows the upgraded B61 tactical nuke to glide to its target.

“There have been no reliability failures during flight,” Director of Operational Test and Evaluation Robert Behler said in the just-released 2019 testing report. “One system component presents a cybersecurity vulnerability” but mitigating or eliminating the vulnerability “appears feasible without a major investment of time or money,” Behler writes.

Not too comforting considering the events of the past year: a Pentagon oversight office writing in its review the words Boeing, nuclear bombs, reliability, cybersecurity vulnerability — followed by concluding lines of “appears feasible without a major investment of time or money.”

Blizzard in Hot Water Over Warcraft 3: Reforged

Another company that isn’t having a good time lately also starts with a B: Blizzard.

Unfortunately, though the announcement of a remade Warcraft 3 was dreamlike, the release has been much closer to a waking nightmare for Blizzard. The game was immediately lambasted by fans who were struggling with a slew of different graphical issues, bugs, and more, while even those who were enjoying themselves through the campaign lamented the loss of other crucial features like ladder and clan systems. Through it all, Warcraft 3: Reforged broke the wrong kind of records for user review scores and had fans turning their back on the project.

UN Special Rapporteur on Torture: Assange Conviction Would Be Death Sentence for Press Freedom

The United Nations Special Rapporteur on Torture, Nils Melzer, has strongly criticised the continued prosecution of Julian Assange for espionage and rape charges:

In an interview with news outlet Republik, Melzer delivered a damning indictment of the legal and political systems in the United States, Britain, Sweden and Ecuador. “It is obvious that what we are dealing with here is political persecution,” he said. “The case is a huge scandal and represents the failure of Western rule of law.”

Melzer got involved in the case last year but was dissatisfied with answers to his enquiries to the Swedish and British authorities. He has visited Assange in jail and says that the 48-year-old is being denied legal rights and is being subject to psychological torture that could cost him his life.

“Four democratic countries joined forces – the US, Ecuador, Sweden and the UK – to leverage their power to portray one man as a monster so that he could later be burnt at the stake without any outcry. If Julian Assange is convicted, it will be a death sentence for freedom of the press,” Melzer said.

ICANN Halts .org Sale

Well, all those signatures didn’t halt the sale of the .org registry from a non-profit to a private equity firm, but some prosecution from the Californian AG might do the trick.

The California State Attorney General’s Office (CA-OAG) sent a letter last week to DNS overlord ICANN asking for confidential information about the planned sale of the .org registry and a delay of the transaction.

ICANN, which disclosed the letter on Thursday, responded by notifying the Public Internet Registry (PIR), which intends to sell the .org registry to a private equity firm called Ethos Capital, that it has been asked to provide private data about the deal. The DNS overseer, which bestowed .org oversight on PIR through a legal agreement, wants PIR to greenlight the CA-OAG’s disclosure demand and to wait longer before completing the sale. ICANN notes in its letter to PIR that the CA-OAG’s missive amounts to a subpoena, the implication being that the CA-OAG could file a lawsuit if compliance isn’t voluntary.

Last November, the Internet Society (ISOC), parent of PIR, said that the two organizations had agreed to sell the rights to the .org registry for an undisclosed sum.

German Artist Tricks Google Maps with Hand Cart Full of Phones

This is a great story. Still chuckling about that one. Great idea!

A German artist has had a bit of fun with Google Maps after tricking its free satnav service into displaying traffic jams – by walking around with a hand cart full of mobile phones.

Simon Weckert’s performance art piece, titled Google Maps Hacks, is very simple. Weckert walked around the roads of Berlin pulling a small hand cart behind him. Inside the cart were 99 “secondhand smartphones”. With all of those phones connected to Google Maps for driving directions, it is trivially easy to fool the multibillion-dollar adtech company’s systems into believing that there is a severe traffic jam in the area. Even when there is no traffic jam in reality.

Click through to the story and watch the embedded video. It’s great! Him walking along all those empty streets…

Also Noteworthy

Some more stories that might be worth a look:

This is an archived issue of my daily newsletter FOXTROT/ALFA. You can find more information about it, including how to subscribe via email, on this page.