Researchers Hack Air-Gapped Computer Using Nine-Year-Old Motorola Phone

An air-gapped computer is the most secure way of storing sensitive data; a PC that has no internet connection and no removable storage or disk drives cannot be compromised by hackers or government surveillance, in theory. Well, it’s time to say goodbye to that theory, as not only have Israeli researchers managed to remotely hack into an air-gapped computer, but they did it with a nine-year-old mobile phone that has no GPRS, Wi-Fi, or mobile data capabilities.

Researchers warn that their findings should encourage companies attempting to protect data via air-gapped systems to “change their security guidelines and prohibit employees and visitors from bringing devices capable of intercepting RF signals,” so says Yuval Elovici, director of the Cyber Security Research Center at Ben-Gurion University of the Negev.

Since smartphones are often restricted in areas which house air-gapped computers, so the researchers from the Cyber Security Center chose to use an old mobile phone that could bypass any security restrictions.

“[U]nlike some other recent work in this field, [this attack] exploits components that are virtually guaranteed to be present on any desktop/server computer and cellular phone,” the researchers note in their paper.

The phone used, a Motorola C123, runs on a Calypso baseband chip from Texas Instruments, and supports 2G communication, but has none of the more advanced networking capacities of modern smartphones. Data was grabbed from air-gapped computers, running Microsoft Windows, Linux, and Ubuntu, at a rate of 1-2bps, allowing the researchers to obtain 256-bit encryption keys from the system via radio frequencies.

“This is not a scenario where you can leak out megabytes of documents, but today sensitive data is usually locked down by smaller amounts of data,” Dudu Mimran, CTO of the Cyber Security Research Center, said. “So if you can get the RSA private key, you’re breaking a lot of things.”

Thank you Wired for providing us with this information.

Image courtesy of Mobile Phones & Smartphones Info.

Anonymous Threatens Israel with Electronic Holocaust

Anonymous has been fighting Israel for a couple of years now, and while their attacks have gotten more sophisticated over time, the damage they’re causing is said to be decreasing. Now the group threatens Israel with what they call the electronic holocaust where they vowed to erase it from cyberspace on April 7 for crimes committed in Palestine.

https://youtu.be/5wxzJsBmdd8

The video features an electronic voice as we know from previous Anonymous videos while the background shows images from Israels attacks. The video is in English, but has Arabic subtitles. “We are coming to punish you again. As we did many times, we’ll take down your servers, government websites, Israeli military websites, banks, and public institutions. We’ll erase you from cyber-space as we have every year, 7 April 2015, will be an electronic holocaust,” the video says.

Anonymous will start this year’s attack just a little over a week before the Holocaust Remembrance Day, known in Israel as Yom HaShoah, on April 16. But experts question how much is achieved by these attacks as Israel is pretty much leading in electronic warfare, both offensive and defensive, and Anonymous operates mainly with DDoS attacks.

Thanks to RT for providing us with this information

YO App Used for Notifying People About Missile Strikes in Israel

Increasingly popular social media application, Yo, the application which lets you say ‘YO’ to another friend may seem ridiculous to some smartphone users, but in fact it is apparently used for more complicated things than just ‘yo-ing’ around.

The Times of Israel apparently has stated that some developers are now using Yo as a means of notifying people when terrorist attacks are happening in the country. It is said that the notification will be triggered on all devices using the Yo app and are subscribed to the Red Alert: Israel group.

For those who use Red Alert to stay notifying of such activities probably know that the group even has their own standalone application which sends more detailed push notification about the same type of terrorism activities happening in the country.

Though this may seem useless given that a standalone app for Red Alert exists, it might not be for some users if other countries. The Red Alert standalone application is said to work only when you are in Israel, having a limited audience. With its partnership with the Yo application, users can now receive push notifications outside the Israeli borders, having friends and family abroad notified immediately as on the Red Alert app.

Thank you The Verge for providing us with this information

Search and Rescue Operations to Get Assistance from Robot Snake

A team of engineers in Israel have developed a new search and rescue robot to help them search dangerous sites. The new snake-like robot is capable of crawling through rubble to aid in the search of people and more, and it’s especially adept at tight spaces where a human could not search.

The snake robot is perfect for searching under collapsed buildings and that has obvious benefits to saving time, when it comes to saving lives in these kinds of situations, knowing where to dig can mean the difference between life and death for those trapped in the rubble.

Amir Shapiro’s lab at Ben-Gurion University in the Israeli city of Beersheba is no stranger to creating robots, and Mr Shapiro’s robots are often funded for the Israeli Army who often deploy his creations, and the new snake-bot is likely going to aid in the army search and rescue efforts in the very near future.

[youtube width=”800″ height=”450″]http://youtu.be/zOz-HbR9lIU[/youtube]

Thank you Telegraph for providing us with this information.

Image courtesy of Telegraph.

Asia Reported To Be The Leading Place For Top-Speed Internet Connectivity

Study shows that the fastest internet connection, in the world, is in Asia. Latest study from Akamai Technologies, Asia is considered the epicentre for top-speed Internet access, having Hong Kong, South Korea, Japan and Singapore as the top 4 on the list.

Akami states that most of Asia improved their internet speeds compared to last year with at least 12 percent, which is quite impressive. However, Indonesia was the only one to see a 30 percent drop each year, achieving a 9.7 Mbps average connection, placing it on the 115th place on the list.

India appears to be the worst of them all, having a 9 Mbps connection speed, and even China’s 11.3 Mbps was not nearly enough to place it on the top 100 on the list. But as you would expect, people in Singapore, Japan and South Korea were among the top five countries on the list, having exceeded 100 mobile-data connections per 100 inhabitants., according to the International Telecommunication Union.

“Internet – and particularly broadband Internet – has become a key tool for social and economic development, and needs to be prioritized, even in the world’s poorest nations,” ITU Secretary-General Hamadoun Toure said in a statement last year.

Besides Asia, in the top 10 top-speed internet countries, there were some European countries as well. Israel has achieved a 5th position with a 47.7 Mbps average connection, followed by Romania and Latvia on the 6th and 7th positions, with internet speeds of 45.4 Mbps and respectively 43.1 Mbps. The US and UK however appear to be kicked off the top 10 list, having the UK placed on the 16th position with 35.7 Mbps and the US coming in on the 13th place with 37 Mbps. Now how about that?

Thank you Bloomberg for providing us with this information.

Serious Vulnerability Found In Samsung Knox Security Suite

Samsung launched its Knox security suite earlier this year which basically creates a “container” that runs a separate execution environment for apps and data on top of Android. Therefore any apps run outside of the container can’t access their data. A team of researchers at Ben Gurion University of the Negev in Israel claim that they have found a “serious vulnerability” in Samsung Knox.

Further details suggest that the newly discovered vulnerability would allow a hacker to access data in the container, which basically eliminates the entire premise that Knox is built upon. Apparently the vulnerability can be used to track emails, as well as monitor communications and steal saved data. The threat is said to exist on all smartphones based on the Knox architecture. Samsung has commented on the report, saying that it is looking into the claims made by the researchers. The company says it has found out through initial investigation that this vulnerability isn’t as severe as the researchers claim it to be.

Thank you Ubergizmo for providing us with this information
Image courtesy of Ubergizmo