Connect with us

Cybersecurity

Hacking Drones Close to Being Drawn up by Boeing and Hacking Team

Published

on

Leaked emails between Italian spyware vendor Hacking Team and Boeing subsidiary Insitu revealed that drones carrying malware to infect targeted computers via Wi-Fi by flying over their proximity is close to becoming a reality.

Spyware-carrying drones were being discussed by Insitu, a division of Boeing and now-disgraced malware firm Hacking Team, according to leaked emails from the recent breach of the Italian company which have been posted on WikiLeaks, Engadget reported.

It was only the failure to come to terms over a non-disclosure agreement that kept Insitu and Hacking Team ‘teaming up’ together in order to create the malware infesting drone.

Early conversations took place regarding the inception and the possibility of a spy drone created by Boeing’s aircraft expertise, carrying malware that Hacking Team is notorious for. The concept was designing a drone capable of intercepting communications and hacking on-the-fly, via Wi-Fi. Discussions didn’t get far, however, when lawyers representing both companies couldn’t see eye-to-eye on a viable non-disclosure agreement.

Drone HackedThe Talks Behind the Flying, Hacking Drone

Initial discussions kicked off when Giuseppe Venneri, a mechanical engineering graduate from UC and internee at Insitu took notice of Hacking Team’s “Galileo”, a piece of hardware otherwise known as the Tactical Network Injector. This is essentially designed to infiltrate networks and insert the malicious code via Wi-Fi networks to launch man-in-the-middle attacks and other exploits.

Venneri wrote to Emad Shehata, Hacking Team’s key account manager, stating:

We see potential in integrating your Wi-Fi hacking capability into an airborne system and would be interested in starting a conversation with one of your engineers to go over, in more depth, the payload capabilities including the detailed size, weight, and power specs of your Galileo System.

Shehata replied by sending in the standard Hacking Team NDA, to which Venneri responded with Boeing’s own PIA (Proprietary Information Agreement) which the intern noted “must be signed before we engage with potential partners.”

“Signing our PIA (attached) will dramatically shorten the authorization process at our end,” Venneri added. “Let me know if you are willing to sign our document to engage in conversations with us.”

It was at this point when Hacking Team’s Chief Operating Office Giancarlo Russo stepped into the conversation, taking the authority and stating: “I saw your document and it will require additional legal verification from our side regarding the applicability of ITAR and other U.S. Law,” he said. “In my opinion, for a preliminary discussion our non-disclosure agreement should be sufficient to protect both companies and as you will see it is including mutual provision for both parties and it will make things easier and faster for us.”

Venneri’s response was short and succinct: “If you are unable to review/sign our form, know it will take some time on our side to seek approval from our Boeing parent. Are you willing to consider our form?”

Communications went quiet for about a month after this exchange and Venneri sent in another email on 11 May 2015: “We corresponded with you about a month ago and were unsure about the progress going forward with preliminary discussions regarding any future collaborations. If you could please reconsider our mutual PIA, know that the questionnaire at the beginning of the document is just for gathering information and has no impact on the PIA itself. We have lots of Non-US companies under our PIA. If you or your legal team have any requested changes to our PIA please don’t hesitate to add them in the attached document.”

This was the last known correspondence taken from the leaks which came from the data breach two months later in July 2015. All NDAs are have been rendered obsolete and ineffective due to the Hacking Team hack.

Images from Wikimedia Commons and Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

Ali is a freelance journalist, having 5 years of experience in web journalism and marketing. He contributes to various online publications. With a master degree, now he combines his passions for writing about internet security and technology. When he is not working, he loves traveling and playing games.




Feedback or Requests?

12 Comments

12 Comments

  1. sphvn

    July 22, 2015 at 8:40 am

    This was the first purpose I thought drones would have.

    • Micheal Justin

      July 23, 2015 at 6:45 am

      there would be drone pizza delivery in the future, except people would shoot down the drones to get the pizza.

  2. Sunspot369

    July 22, 2015 at 11:23 am

    How sad humans are -here we have all this wonderful technology, and all we can seem to do with it is wage war. Oh well, the humans will be extinct soon, through climate disaster or unleashing the nukes, so I guess it doesn’t really matter any more, but the potential for so many to live wonderful lives has always been there if we weren’t so greedy and willing to screw over the person next to us.

  3. Eddie Smith

    July 22, 2015 at 12:29 pm

    This will present grounds for justification in blasting someones expensive drone out of the sky, it’s going to cause all kinds of problems which could result in draconian restrictions on drones.

    • Sunspot369

      July 22, 2015 at 1:39 pm

      We’ll see – it’s a multi-billion dollar, rapidly growing industry, and money is what’s more important.

    • JessicaEndi

      July 22, 2015 at 6:57 pm

      Well three things.

      First, it’s Boeing, not DJI. So you’re not going to be “blasting” anything out of the sky if it’s flying at 20,000′ and a couple hundred miles an hour.

      Second, I 100% guarantee that you are not interesting enough to be worth spying on.

      And third, anyone with a laptop and an hour to kill can already break into your network pretty easily.

      • Dogecoin

        July 22, 2015 at 8:25 pm

        What WiFi network is reachable from “20,000′ and a couple hundred miles an hour.” ??? I can barely connect from my bedroom to the den.

        • Malik Nawaz

          July 28, 2015 at 10:34 am

          Scenario that Isitu wants to create is to fly the drone to a targeted premises and hover over the roof top close enough to sniff target’s wifi connection. A sniffer with high gain antenna can capture wifi packets up to 50 meters distance, then send ARP attack and do man-in the-middle attack. Best is to use a WIPS sensor to disrupt drone frequency and bring it down or protect your own wifi. Shooting drones down is not the answer, its not logical.

      • Shawn Paul Neckelmann

        July 22, 2015 at 8:33 pm

        What WiFi is broadcasted 20,000′? An hour to break into your network?

        Sorry but you don’t know what you’re talking about.

      • Eddie Smith

        July 23, 2015 at 1:02 am

        Where did I claim to be doing any of these things? I just postulated a possible conflict, Jesus, turn the smarminess down a notch before you hurt yourself.

  4. god

    July 22, 2015 at 9:28 pm

    Boeing = Skynet. It’s here folks.

  5. Mic Justin

    July 23, 2015 at 6:43 am

    It’s gonna be cool when the southern states start passing laws allowing you to shotgun drones flying over your property.

You must be logged in to post a comment Login

Leave a Reply

Altcoins

Cardano (ADA) Has Big Security Boost as Trezor Ready to Support ADA

Published

on

  • Hardware wallet manufacturer set to support Cardano’s ADA, which is a big security boost.
  • ADA/USDT still demonstrates some near-term vulnerabilities to the downside. 

Trezor Set to Support Cardano’s ADA

IOHK were very much pleased to announce, that Trezor are currently undergoing preparation to support Cardano (ADA). Trezor are a globally known hardware wallet, which facilitates cryptocurrencies to be stored. They are renowned for the security and being able to store the key to the wallet safely. The company is a large manufacturer of hardware wallets. A huge boost in security for the foundation’s native token, something token holders should be pleased about.

The update came from the Cardano founder, Charles Hotkinson, via his Twitter account, indicating this could be the case before the month of November. Separately, Trezor themselves tweeted, “have you ever wondered what we are working on? Have a look at our newly created roadmap, where you can see all the new stuff that is coming up! https://wiki.trezor.io/Roadmap It lists other tokens which will be receiving support in addition to Cardano’s ADA that day. This includes the likes of Monero (XMR), Stellar (XLM), Ripple (XRP), Zencash (ZEN) and Zcash (ZEC).

What Next for Cardano?

The Cardano Founder, Charles Hoskinson, was recently speaking about how the team is going to be providing more insightful updates. He noted that they will soon start the creation and posting of videos with their future projects.

There is much anticipation from token holders regarding the imminent 1.4 update. Given Cardano’s growing number of users, this is said to be a large factor to the development of a new update from the foundation. This 1.4 update is expected to help Cardano gain further traction in bringing in more users to its platform and the use of its native token.

Technical Review ADA/USDT – 4-hour Chart

ADA/USDT 4-hour chart

Downside pressure continues to keep ADA/USDT at bay. The lack of announcement from Cardano with regards to its ecosystem update, as mentioned above, perhaps could be also taking its toll on the price. It is currently running within its 8th consecutive trading session in the red. No sign of bounce yet.

ADA/USDT price action remains stuck and dictated within this triangular pattern formation. The market bears, with the current losing streak, are set to test the key near-term support to the downside. This is seen at the lower part of the above-mentioned pattern, tracking at $0.0728 area, also within a touted demand zone. A breach potentially seen here, could see a very fast move back down to 18th September low area, around $0.0620. As a result, it is hard to ignore that the current technical set up, suggest of vulnerabilities.

In terms of resistance, this can be seen at the upper part of the pattern, tracking at $0.0800 mark. Enough upside momentum could see a breakout higher, back towards $0.0950 territory, price last within this proximity on 23rd September. Further north, any breach of the mentioned areas, $0.10000, will quickly be back in the picture.

ADA/USDT daily chart

To conclude as mentioned above, the near-term support $0.0728, is vital for ADA/USDT to hold. A failure of comfort here, could open the doors to a fresh wave of selling pressure.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
3 votes, average: 5.00 out of 53 votes, average: 5.00 out of 53 votes, average: 5.00 out of 53 votes, average: 5.00 out of 53 votes, average: 5.00 out of 5 (3 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.4 stars on average, based on 55 rated postsKen has over 8 years exposure to the financial markets. During a large part of his career, he worked as an analyst, covering a variety of asset classes; forex, fixed income, commodities, equities and cryptocurrencies. Ken has gone on to become a regular contributor across several large news and analysis outlets.




Feedback or Requests?

Continue Reading

Altcoins

EOS Price Forecast: EOS/USD Heading for Another 300% Move?

Published

on

  • EOS/USD price action via the 4-hour chart view has formed a bullish flag pattern.
  • The price is moving around levels seen back end of March to early April, before a bull run of over 300%.

The past six sessions for EOS/USD have been erratic to say the least. It has been subject to a high amount of volatility, swinging aggressively in both directions. There has been a lack of commitment from either the bear or bull camps of late. As the market continues to trade with such behavior, it appears to be trying to find its feet, ahead of a potential chunky firm trend.

EOS DApp Hacked Again

An EOS based gambling DApp, EOSBet has been hacked, with $338,000 being reported as stolen. This isn’t the first time; just back in September, hackers managed to get away with a reported 40,000 worth of EOS, which at the time had a value of $200,000. It has been said that they were able to exploit their smart contracts, having found security vulnerabilities.

Technical Review – 4-hour Chart View

EOS/USD 4-hour chart

EOS/USD price action has formed a bullish flag pattern, which began taking shape on 15th October, after the aggressive price behavior stabilized. The bulls at the time ran the price well up into $6 territory. Consequently, it then met the breached ascending trend line, failing to move back above this area. This followed the sharp breakthrough to the downside, which occurred on 11th October. As a result, a drop of over 15% was seen, forcing EOS/USD to retreat in a demand area, within the $5.0000 level proximity.

Looking to the upside, small near-term resistance is seen at around $5.6100, which is the upper trend line of the mentioned bull flag pattern. A breakout will likely open the doors to a retest of the broken ascending trend line, tracking around $6.1100. Support can be eyed at $5.4600, which marks the lower trend line of the flag. Furthermore, should this fail to hold, EOS/USD could likely fall back down to the serving demand area, within the lower $5.0000 territory.

April 2018 Bull Run

EOS/USD April bull run

In April of this year EOS/USD entered a chunky bull run, gaining over 300%. From the back end of March until 11th April, the price had been stuck within consolidation mode. Resulting in the price trading within a tight range, at levels of where the price is currently seen today.

Something quite astonishing started to unfold. Between the period of 11th April to the 29th April, a bull run of around 290% was seen. Over this time frame EOS/USD went from $5.9500 up to a high of around $23.0811. The price is currently demonstrating a similar behavior to that of what was seen during the mentioned period. It is interesting to note that the price did have historical levels to break through, as it had already run higher during the period of December 2017 and came back down. Finally, this is not to say EOS/USD will observe the same bull run. However, it is an interesting observation to be aware of.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
2 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 5 (2 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.4 stars on average, based on 55 rated postsKen has over 8 years exposure to the financial markets. During a large part of his career, he worked as an analyst, covering a variety of asset classes; forex, fixed income, commodities, equities and cryptocurrencies. Ken has gone on to become a regular contributor across several large news and analysis outlets.




Feedback or Requests?

Continue Reading

Altcoins

“Mass Adoption is the Direction Things Are Taking” – Lionel Wolberger, CTO and Co-Founder of Platin

Published

on

Platin is a new blockchain token-based ecosystem which powers an infrastructure platform that incorporates a proprietary programming language (‘SolidityGEO’), all in the name of accomplishing a so-called decentralized ‘Proof of Location’ protocol.

We reached out to the team to find out more about how their solution works, the current state and future vision.

The result of this outreach was a warm reception from the company’s Chief Technical Officer (CTO) and Co-Founder Lionel Wolberger, with whom we discussed such topics as well as Platin’s: objectives, company ethos, and views on the current state of the crypto space.

Who is Behind Platin?

Lionel Wolberger’s experience with cryptocurrency and blockchain spans as far back as 2011, where he “spoke about it at Cisco Secure Video where our team of cryptographers included the inventor of Public Key Cryptography himself, Prof. Adi Shamir.”.

It wasn’t until two years later before Wolberger got the opportunity to professionally re-engage with crypto technology, when he participated in an experiment on behalf of the Internet Identity Workshop “and decided to study it more closely and see what it was all about.”

In 2017, Lionel Wolberger created Platin alongside co-founder Allon Mason when they “identified the potential for a secure and lightweight Proof of Location protocol on the blockchain.”. Wolberger met mason during academia at Cornell University, having

“always admired his drive and passion for the projects he has developed over the years, particularly XPLace an online marketplace with hundreds of thousands of users and multi-million dollar annual turnover.”

Wolberger also highlights the fact that the team is working alongside secure-location advisor Professor Srdjan Capkun (Director of the Zurich Information Security and Privacy Center, ZISC), which he calls a “privilege”.

“Dr. Capkun is an ideal advisor, as he sits on the major standards committees, and has an inside track to secure GPS and other important technologies associated with secure proof of location.”

What is Platin?

Whilst participating in the “’colored coin’ experiment’” for the Internet Identity Workshop, Wolberger had a fundamental epiphone with regards to his perception of blockchain and the purpose of cryptocurrency:

“it’s not about currency, but an asset tracking system of decentralized trust that could also provide the basis for so much more than just currencies.”

As such, Platin’s purpose is to provide a utility-token based platform which they (on their website) describe as a system for the “Geo-location of digital assets (cryptocurrencies, documents, images, etc.), anywhere on the map, anywhere in the world, in real time.”.

There are a wide range of uses for geo-locational software, from marketing to emergency broadcasting regarding critical events such as national disasters. Official use-cases include:

Lionel Wolberger lists, among the key values of Platin its hardware agnosticism as well as its interoperable nature.

“Interoperable refers to Platin’s protocol, that it is cleanly defined and independent, enabling it to work with many other products or systems, at present or in the future, in many possible implementations with few restrictions. This is achieved by having a clean interface (API, SDK) and is essential as Platin is needs to inter-operate with Android, Apple, many backend systems and blockchain assets.

“Hardware agnostic refers to one aspect of Platin’s Proof of Location protocol, its ability to work with any — all, i possible — geospatially relevant signal sources. This will certainly include GPS, cll towers and wifi, but will extend to BLE, LoRA, Ultrasound, indeed any signal that has relevance for a Proof of Location. This is achieved by having a clear definition of Proof of Location and how a device’s location relates to all this other data.”

Furthermore, the team is planning to implement cross-chain compatibility in the future, including Ethereum / EOS.

A Security Focus

Security is also a key concern and this is echoed in our interview as well as across the website for Platin. The company even mentions KYC / AML with its list of use-cases for the platform.

One way which the company seeks to achieve this is through the use of hardware cold-storage systems for the safe-keeping of all tokens, with their first wallet integration being TrustWallet. They also, according to Wolberger, are anticipating a future partnership with Ledger.

Lionel Wolberger claims that

“Platin has security and privacy baked-in from the start. Some features that reflect this approach include.

  • Platin’s architecture starts with individuals storing their own data, with blinded commitments shared to the network.
  • Platin’s functionality is “opt-in” based, reflecting a deep respect for our users as sovereign digital actors. You opt-in for the sharing of data, whatever you are comfortable with. The default is no sharing.
  • One of our Platin’s hires was a full-time cryptographer, and we are open sourcing our first zero knowledge cryptographic achievement: a ZK Range proof of bounded location. This shows our cryptographic and security passion.
  • Platin’s default pattern is “send the algorithm to the user,” rather than, “have the user send their data to the network.” Our Artificial Intelligence is privacy-preserving in this way.
  • Platin’s three pillars of security are orthogonal, working together to create a secure proof of location that would not be possible with any one of those pillars”

Geolocation and Geofencing

With use cases including retail shopping and other location-based rewards initiatives, Platin incorporates (and is responsible for the effective utilization of) specific technical and methodological processes pertaining to their geo-locational solution / protocol.

This scenario is made fully possible using a technology called ‘geo-fencing’ which is essentially, according to Wolberger, “An ability to restrict and define usage within the boundaries of their regulatory and legal jurisdiction.”

“imagine that a national supermarket chain airdrops coupon for 10% off certain items to celebrate the launch of their new store However, they do not want these coupons to be redeemable at other locations as they want to drive traffic to this new store.

“With a special smart contract, the coupon will only work within the geo-fenced area around the new store.”

Attempts at geo-location are most effective with both the consent and honest participation of both direct and third-party sourced users. Considering tech scandals surrounding personal and public data privacy & security, it has become increasingly difficult to encourage people to confide their personal data sincerely.

This is where rewards-based systems such as Platin come in.

Humanitarian Aid (A Use Case)

Another key use case cited, which Wolberger doubles down on in our discussion is that of charitable coin drops…

“We think it is incredibly important to focus on use cases such as humanitarian aid airdrops.

“While our technology has broad commercial uses, our team is passionate about seeing the project bring new ways to enable ordinary people use cryptocurrency, and an ideal win/win use case is the ability to transfer crypto to people who need assistance.

“Blockchain and cryptocurrency can often seem intimidating to people, but mass adoption is the direction things are taking. Platin wants to ensure that everyone can access and utilize this technology to utilize decentralized funds in a beneficial and potentially life-saving way.”

These partnerships include IsraAID (with whom theys already signed an agreement) in addition to the Swiss Red Cross (with whom they are currently in discussions), where Platin plans to further develop and test their systems and processes with regards to how they will integrate geo-location focused / geo-fenced cryptocurrency airdrops.

Another, tangentially related use-case is:

“the Tokyo Olympics airdrops… we are currently discussing the opportunity with our Tokyo-based partners.

“The Olympics has traditionally seen technological innovation, such as instant replay, virtual video graphics and most recently 5G deployments. This is the year of blockchain, and we look forward to announcing details once we are permitted.”

Final Words

All these features, aims and objectives are tied together by the fact that they are all built upon not only a proprietary – but also a home-grown programming language which third parties can leverage for their own projects when working on the Platin blockchain.

“SolidityGEO extends Ethereum’s Solidity language, GEOS extends EOS’s C++ language. These will equip our partners for fast onboarding into location proofs on the blockchain.”

SolidityGEO is what Platin calls a “location-aware language” created to help the utilisation and implementation of geographic demarcation for token distribution, rewards and airdrops. It will additionally include ZK-Snarks and Starks zero-knowledge proof mechanisms as well as general operating standards such as ISO and W3C.

Finally, with regards to the future:

“Proximity radio technology is being deployed steadily, without any loud publicity. 5G, RTT-enabled Wi-Fi, and IEEE secure proximity radio standards promise highly accurate distance readings via radio. The average person feels this progress in the slow spread of keyless entry–just having a key, fob or smartphone in your pocket to unlock a desired resource such as your car or home. Platin has partners in this space and there are sure to be exciting announcements in the next six months (though they will be quite technical, they will promise rapid progress).”

Featured image courtesy of Shutterstock. 

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
2 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 5 (2 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.5 stars on average, based on 12 rated posts




Feedback or Requests?

Continue Reading

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending