BIOS4breakfast writes: Wired reports that later this week at BlackHat and Defcon, Trammell Hudson will show the Thunderstrike 2 update to his Thunderstrike attack on Mac firmware (previously covered on Slashdot). Trammell teamed up with Xeno Kovah and Corey Kallenberg from LegbaCore, who have previously shown numerous exploits for PC firmware. They found multiple vulnerabilities that were already publicly disclosed were still present in Mac firmware. This allows a remote attacker to break into the Mac over the network, and infect its firmware. The infected firmware can then infect Apple Thunderbolt to Ethernet adapters' PCI Option ROM. And then those adapters can infect the firmware of any Mac they are plugged into — hence creating the self-propagating Thunderstrike 2 "firmworm." Unlike worms like Stuxnet, it never exists on the filesystem, it only ever lives in firmware (which no one ever checks.) A video showing the proof of concept attack is posted on YouTube.
An anonymous reader writes: Security firm ESET has published a report on new malware that targets Linux-based communication devices (modems, routers, and other internet-connected systems) to create a giant proxy network for manipulating social media. It's also capable of hijacking DNS settings. The people controlling the system use it for selling "follows," "likes," and so forth on social media sites like Twitter, Instagram, Vine, Facebook, and Google+. Affected router manufacturers include: Actiontec, Hik Vision, Netgear, Synology, TP-Link, ZyXEL, and Zhone. The researchers found that even some medical devices were vulnerable to the worm, though it wasn't designed specifically to work with them.
An anonymous reader writes: Italian researchers in Trent have enabled 15 Pholcidae spiders to spin graphene-strengthened dragline silk just by spraying them with a solution containing carbon nanotubes and graphene flakes. The resulting fiber is as strong as Kevlar 49, and ranks among the most resilient and ductile in the world of manufacturing. But Emiliano Lepore's research has not succeeded in understanding by what process the spiders are able to incorporate the ambient materials into their webs. Since spider-farming is historically unproductive, the possibility of continuing the research on silk-worms has been presented.
Rube_Goldberg_Mentat writes: The power struggles between rival houses Atreides and Harkonnen have come to a T. It was reported earlier today that a coup led by Baron Vladimir Harkonnen was staged in the capitol of Arrakis. The House Atreides, which had only recently taken command of the planet and of the spice trade, is reported to have no survivors, though this is yet to be confirmed.Naysayers fear a collapse of the spice economy as a result of the violence. A r presentative from House Harkonnen has shared with the press that though times ahead may be rocky, "the spice will still flow."
An anonymous reader writes: We've been in a malware arms race since the 1990s. Malicious hackers keep building new viruses, worms, and trojan horses, while security vendors keep building better detection and removal algorithms to stop them. Botnets are becoming more powerful, and phishing techniques are always improving — but so are the mitigation strategies. There's been some back and forth, but it seems like the arms race has been pretty balanced, so far. My question: will the balance continue, or is one side likely to take the upper hand over the next decade or two? Which side is going to win? Do you imagine an internet, 20 years from now, where we don't have to worry about what links we click or what attachments we open? Or is it the other way around, with threats so hard to block and DDoS attacks so rampant that the internet of the future is not as useful as it is now?
mikejuk writes The nematode worm Caenorhabditis elegans (C. elegans) is tiny and only has 302 neurons. These have been completely mapped, and one of the founders of the OpenWorm project, Timothy Busbice, has taken the connectome and implemented an object oriented neuron program. The neurons communicate by sending UDP packets across the network. The software works with sensors and effectors provided by a simple LEGO robot. The sensors are sampled every 100ms. For example, the sonar sensor on the robot is wired as the worm's nose. If anything comes within 20cm of the 'nose' then UDP packets are sent to the sensory neurons in the network. The motor neurons are wired up to the left and right motors of the robot. It is claimed that the robot behaved in ways that are similar to observed C. elegans. Stimulation of the nose stopped forward motion. Touching the anterior and posterior touch sensors made the robot move forward and back accordingly. Stimulating the food sensor made the robot move forward. The key point is that there was no programming or learning involved to create the behaviors. The connectome of the worm was mapped and implemented as a software system and the behaviors emerge. Is the robot a C. elegans in a different body or is it something quite new? Is it alive? These are questions for philosophers, but it does suggest that the ghost in the machine is just the machine. The important question is does it scale?
An anonymous reader writes: Analyzing more than 2,000 Stuxnet files collected over a two-year period, Kaspersky Lab can identify the first victims of the Stuxnet worm. Initially security researchers had no doubt that the whole attack had a targeted nature. The code of the Stuxnet worm looked professional and exclusive; there was evidence that extremely expensive zero-day vulnerabilities were used. However, it wasn't yet known what kind of organizations were attacked first and how the malware ultimately made it right through to the uranium enrichment centrifuges in the particular top secret facilities. Kaspersky Lab analysis sheds light on these questions.
sciencehabit writes You can credit your existence to tiny wormlike creatures that lived 500 million years ago, a new study suggests. By tunneling through the sea floor, scientists say, these creatures kept oxygen concentrations at just the right level to allow animals and other complex life to evolve. The finding may help answer an enduring mystery of Earth's past. The idea is that as they dug and wiggled, these early multicellular creatures—some were likely worms as long as 40 cm—exposed new layers of seafloor sediment to the ocean's water. Each new batch of sediment that settles onto the sea floor contains bacteria; as those bacteria were exposed to the oxygen in the water, they began storing a chemical called phosphate in their cells. So as the creatures churned up more sediment layers, more phosphate built up in ocean sediments and less was found in seawater. Because algae and other photosynthetic ocean life require phosphate to grow, removing phosphate from seawater reduced their growth. Less photosynthesis, in turn, meant less oxygen released into the ocean. In this way, the system formed a negative feedback loop that automatically slowed the rise in oxygen levels as the levels increased.
An anonymous reader writes Having completed his 31-day stretch underwater, Fabien Cousteau, grandson of famed oceanographer Jacques Cousteau, shows off his underwater laboratory to PBS in this video. When asked about his observations' Fabien said' "It's just amazing, we've seen so much new behavior that I've never seen before. Fish sleeping in sponges, a goliath grouper attacking a barracuda, never seen that before, I don't think anyone has ever caught it on film before. Christmas tree worms, spawning and giving off this milky smoke like stuff off. I mean it's just science fiction, it's really amazing down here. And that's why we're down here, my grandfather used to say, in order to film a fish you must become a fish. So we're trying to get as close as we can to becoming fish."
sciencehabit (1205606) writes "Every day, our cells manufacture small amounts of a molecule that, in higher doses, might be the key to leading a longer, healthier life. A team of researchers has found that this molecule boosts the lifespan of worms by more than 50%, raising the possibility that it will increase human longevity. Dietary supplements that contain the molecule and allegedly build muscle are already on the market. The study drops a barbell on their use, however, by suggesting that the molecule may actually thwart muscle growth."
mdsolar (1045926) writes in about a Norwegian team who believe they have an explanation about the unique distribution of HIV in Africa. "While around the world a vast majority of AIDS victims are men, Africa has long been the glaring exception: Nearly 60 percent are women. And while there are many theories, no one has been able to prove one. In a modest public health clinic behind a gas station here in South Africa's rural KwaZulu/Natal Province, a team of Norwegian infectious disease specialists think they may have found a new explanation. It is far too soon to say whether they are right. But even skeptics say the explanation is biologically plausible. And if it is proved correct, a low-cost solution has the potential to prevent thousands of infections every year. The Norwegian team believes that African women are more vulnerable to H.I.V. because of a chronic, undiagnosed parasitic disease: genital schistosomiasis (pronounced shis-to-so-MY-a-sis), often nicknamed 'schisto.' The disease, also known as bilharzia and snail fever, is caused by parasitic worms picked up in infested river water. It is marked by fragile sores in the far reaches of the vaginal canal that may serve as entry points for H.I.V., the virus that causes AIDS. Dr. Eyrun F. Kjetland, who leads the Otimati team, says that it is more common than syphilis or herpes, which can also open the way for H.I.V."
Nerval's Lobster writes "The remote-access management flaw that allowed TheMoon worm to thrive on Linksys routers is far from the only vulnerability in that particular brand of hardware, though it might be simpler to call all home-based wireless routers gaping holes of insecurity than to list all the flaws in those of just one vendor. An even longer list of Linksys (and Cisco and Netgear) routers were identified in January as having a backdoor built into the original versions of their firmware in 2005 and never taken out. Serious as those flaws are, they don't compare to the list of vulnerabilities resulting from an impossibly complex mesh of sophisticated network services that make nearly every router aimed at homes or small offices an easy target for attack, according to network-security penetration- and testing services. For example, wireless routers (especially home routers owned by technically challenged consumers) are riddled with security holes stemming from design goals that emphasize usability over security, which often puts consumers at risk from malware or attacks on devices they don't know how to monitor, but through which flow all their personal and financial information via links to online banking, entertainment, credit cards and even direct connections to their work networks, according to a condemnation of the Home Network Administration Protocol from Tenable Network Security. Meanwhile, a January 2013 study from Rapid7 found 40 million to 50 million network-enabled devices, including nearly all home routers, were vulnerable to exploits using UPnP. Is there any way to fix this target-rich environment?" If only there were an easily upgradeable open source router operating system to which vendors could add support for their hardware leaving long term maintenance to a larger community.
UnderAttack writes "A vulnerability in many Linksys routers, allowing for unauthenticated code execution, is being used to mass-exploit various Linksys routers right now. Infected routers will start scanning for vulnerable systems themselves, leading to a very fast spread of this 'worm.'"
the_newsbeagle writes "When surgeons set out to repair holes in the walls of the heart's chambers or in blood vessels, they often do invasive open-heart surgery and use sutures, staples, and glue to keep a patch in place. But the sutures and staples are a rough fix, and many of the glues on the market today don't work well on wet tissue that's continually flexed by the heart's contractions and the movement of pumping blood. Today biomaterial researchers announced a new light-activated glue that could make surgery less invasive, quicker, and easier. The adhesive was inspired by slugs' and sandcastle worms' sticky secretions, which work underwater, and it can be applied with slender tools during minimally invasive surgery. A flash of UV light then sets the glue, which bends and flexes with the tissue."
Rambo Tribble writes "An article in Current Biology (abstract) details the finding that minute particles of plastic waste are affecting marine worms, potentially having grave impacts on marine biodiversity (PDF) and leading to the accumulation of toxins in marine animals. 'The team found that the tiny bits of plastic, which measure 1mm or smaller, transferred pollutants and additive chemicals — such as flame-retardants — into the guts of lugworms (Arenicola marina). This process results in the chemical reaching the creatures' tissue, causing a range of biological effects such as thermal stress and the inability to consume as much sediment.' Unfortunately, policymakers have routinely treated such wastes as benign. The BBC provides more approachable coverage of the findings."
Hugh Pickens DOT Com writes "The Boston Globe reports that the pending use of GPS tracking devices, slated to be installed in Boston police cruisers, has many officers worried that commanders will monitor their every move. Boston police administrators say the system gives dispatchers the ability to see where officers are, rather than wait for a radio response and supervisors insist the system will improve their response to emergencies. Using GPS, they say, accelerates their response to a call for a shooting or an armed robbery. 'We'll be moving forward as quickly as possible,' says former police commissioner Edward F. Davis. 'There are an enormous amount of benefits. . . . This is clearly an important enhancement and should lead to further reductions in crime.' But some officers said they worry that under such a system they will have to explain their every move and possibly compromise their ability to court street sources. 'No one likes it. Who wants to be followed all over the place?' said one officer who spoke anonymously because department rules forbid police from speaking to the media without authorization. 'If I take my cruiser and I meet [reluctant witnesses] to talk, eventually they can follow me and say why were you in a back dark street for 45 minutes? It's going to open up a can of worms that can't be closed.' Meanwhile civil libertarians are relishing the rank and file's own backlash. 'The irony of police objecting to GPS technology for privacy reasons is hard to miss in the aftermath of United States v. Jones,' says Woodrow Hartzog. 'But the officers' concerns about privacy illustrate just how revealing GPS technology can be. Departments are going to have to confront the chilling effect this surveillance might have on police behavior.'"
wiredmikey writes "According to a recent survey of malware analysts at U.S. enterprises, 40% of the time a device used by a member the senior leadership team became infected with malware was due to executives visiting a pornographic website. The study, from ThreatTrack Security, also found that nearly six in 10 of the malware analysts have investigated or addressed a data breach that was never disclosed by their company. When asked to identify the most difficult aspects of defending their companies' networks from advanced malware, 67% said the complexity of malware is a chief factor; 67% said the volume of malware attacks; and 58% cited the ineffectiveness of anti-malware solutions."
First time accepted submitter calinduca writes "Artificial blood that could one day be used in humans without side effects has been created by scientists in Romania. The blood contains water and salts along with a protein known as hemerythrin which is extracted from sea worms. Researchers from Babe-Bolyai University in Cluj-Napoca, Romania, hope it could help end blood supply shortages and prevent infections through donations." Wikipedia's entry on hemerythrin explains its unusual oxygen binding mechanism.
sciencehabit writes "When you drop a whale backbone into Antarctic waters and retrieve it a year later, you'll find it covered with a pelt of wriggling, rosy-hued worms. Drop a chunk of wood in the same spot, and you'll discover that it's hardly changed. That's the result of a simple experiment to find out if some of the world's weirdest worms also live in Antarctic waters. The discovery extends the range of bone-eating worms to the Southern Ocean and suggests that Antarctic shipwrecks may be remarkably intact."