Orwell nails it again!
Tag: technology
Your IoT Device is Likely Spying on You through Backdoor Security Flaws
Many people are used to trading privacy for convenience these days. After all, this is how those with nefarious agendas get people to adopt technology that continually spies on them. IoT technology is no different. A recently discovered security vulnerability from a major manufacturer of IoT devices has exposed just how dangerous this technology can be. The following article from TweakLibrary details how this sort of surveillance technology can wreak havoc upon our lives. – Truth Unmuted Editor Jesse Smith
This Security Vulnerability Could Change An IoT Device Into A Nasty Spy
IoT has had a remarkable impact on our lives. We now have devices connected over a network that are capable of making our lives much easier and comfortable. From smartphones to smartwatches to internet-powered doorbells, door alarms, security cameras, speakers, door locks, lights, bulbs, and baby monitors, the list is just endless. However, with this boon, a bane looms around and that is, miscreants can hack into these devices and if not acted upon promptly, they can wreak havoc on our lives. But, when can hackers feed on IoT devices? The answer is when they sniff a security vulnerability or when we as users don’t practice healthy security habits.
We’ll get into the security habits on a user’s part later in the blog but, let’s first discuss how a security vulnerability can lead a hacker into your IoT device and then into your personal or professional life. Quite recently, a security vulnerability has hit IoT devices. This security flaw can give access to your IoT audio and video feeds and turn into a spying tool.
What is This Security Vulnerability All About? How Severe Is The Security Flaw
As per the researchers at Nozomi Networks Lab and DHS, the security flaw can let malicious attackers tamper with an IoT device. They can easily convert a given IoT device such as a home security camera, a baby monitor, or a smart doorbell into a spying tool. Owing to this vulnerability, they can steal crucial data or spy on video feeds as well. Apart from intruding into one’s personal lives through the aforementioned channels, an attacker can even steal crucial business data such as data related to customers, employees, or even production techniques. The security flaw is indeed very severe. So much so that the Common Vulnerability Scoring System (CVSS) rates it at 9.1/10 on a severity scale.
How Did This Security Flaw Surface?
The flaw is a supply chain bug that was discovered in a software component (P2P SDK) manufactured by a company called ThroughTek who is one of the prominent suppliers of IoT devices. The P2P’s SDK gives remote access to audio/ video streams over the internet. The SDK is found in smart sensors, security cameras such as baby and pet monitoring cameras, doorbells, etc. and it help a viewer gain access to audio/ video streams. The flaw affects P2P’s version 3.1.5 or before. As Nozomi has demonstrated, the older versions of the SDK allow data packets to be intercepted while in transit. A hacker can refurbish these packets into complete audio or video streams.
ThroughTek’s Defence
ThroughTek has countered this bug in version 3.3 that was released in mid-2020. Though the issue is that quite many devices still run the older build. Secondly, as per ThroughTek, to conduct an attack, a prospective attacker will need to have extensive knowledge of network sniffer tools, network security, and encryption algorithm.
Former Intel Chief Calls For “Larger Discussion” On UFOs, Warns They Display Technology US Doesn’t Have
Former Director of National Intelligence John Ratcliffe said that Unidentified Aerial Phenomenon (UAP), also known as UFOs, appear to display technology that the United States does not have and could not defend against.
Ratcliffe made the remarks in an interview on Fox News that aired Saturday, one day after the public release of a much-anticipated government report on UAPs or UFOs (pdf), which found “no clear indications that there is any non-terrestrial explanation” for the aerial phenomena, although it left open the possibility of an alien origin.
“I’m actually glad that there’s a report out there,” Ratcliffe said in the interview, adding, “the bottom line is, unidentified aerial phenomena—many, many cases we’re able to explain it away for reasons like visual disturbances, or weather phenomenon, or foreign adversaries and their technologies, or even our own experimental technologies with certain aircraft and vehicles.”
At the same time, he said were are a number of cases where none such explanations applied.
“What this report really underscores … is that there are a number of instances—and the specific number remains classified—but a number of instances where we’ve ruled all of that out,” he said.
“And there are technologies that we don’t have and frankly that we are not capable of defending against—based on those things that we’ve seen, multiple sensors, in other words, where not just people visually see it but where it’s picked up on radar, where it’s seen on satellites,” Ratcliffe said, adding that, “it’s an issue of national security.”
New Air Force weapon can take out hundreds of drones instantly — and silently
The U.S. Air Force unveiled a weapon this month designed to take out hundreds of drones at once with barely a sound.
The Tactical High Power Operational Responder (THOR) uses a beam of energy to scramble the electronics inside hundreds of drones at once.
“This unique system allows base defense forces to stop [unmanned aerial system] attacks at long range before they threaten critical infrastructure,” the Air Force Research Lab said in a June 16 animated video.
Increasingly sophisticated drones are becoming more threatening in the hands of enemy militaries as attack and surveillance capabilities grow, the Air Force said in the video. THOR is more effective than small arms and more efficient than heavy arms, which are currently used against drones.
When THOR identifies a target, it shoots a beam of microwaves in less than a second, providing an instant effect on the drones.
The system is different from a laser, which shoots a beam capable of destroying one drone, according to the Air Force. Instead, THOR’s utilization of high-powered microwaves allows it to scuttle swarms of unmanned aerial systems.
Think about it…
The U.S. Marines Are Getting Suicide Drones — Lots Of Them
In the near future, the United States Marine Corps will begin fielding a so-called suicide drone, essentially a quickly deployable — and expendable — flying bomb. Based on the UVision Hero-120, the loitering munition is the largest of the company’s short-range systems.
What It Can Do
Don’t let “short-range” fool you, however. Powered by an electric motor and controlled by a “man-in-the-loop” the Hero-120 has a maximum range of 40 kilometers, or nearly 25 miles, and can stay aloft for an hour. The canister launched drone has 8 pop-out fins and is remarkably lightweight.
The entire drone weighs just 12.5 kilos and packs a 4.5-kilo explosive warhead, presumably in its nose. Packed into multiple canister launcher-type pods, it is not hard to imagine large numbers of the Hero-120 sent aloft at once — and in fact, that is exactly what the Marine Corps wants to do.
The Marine Corps contracted with Mistral, an American weapon system company, to integrate the Hero-120 onto the LAV and JLTV land vehicles, as well as onto the LRUSV, a long-range remotely operated drone boat. When mated to a vehicle, multiple Heros could be stacked together, not unlike a multiple rocket launcher system.
The Marine’s new suicide drone will differ slightly from the Hero-120 however, though it is not exactly clear what this difference will be exactly.
US Senate Finally Admits that Neuroweapons Exist, Passes Bill to Help Diplomat-Victims
In a reversal of the established commentary that those claiming victimization by electronic weaponry are crazy and delusional, the US Senate has passed a Bill authorizing payment to CIA and State Department officials who have been attacked by this weaponry. Recent news reports have detailed these attacks on US diplomats in Cuba and China.
Dubbed “The Havana Syndrome,” it was recently reported that CIA personnel have also suffered such attacks in Europe and Asia.
Senate Bill 1828, the “Helping American Victims Afflicted by Neurological Attacks Act of 2021, or the HAVANA Act of 2021,” authorizes payment to qualified employees for brain injuries inflicted by neuroweaponry.
In a letter to the Bill’s sponsors, Senators Susan Collins and Jeanne Shaheen, former NSA analyst Karen Melton-Stewart asked the following question: “Did you know that you are actually accidentally excluding a large and significant body of victims… who need help NOW?”
Scientists want to use human engineering to solve climate change
A few days ago, the Wall Street Journal held an event called the “Tech Health Conference.” During the event, one reporter had a question for the head of Google’s “Health Division,” a man called David Feinberg.
Why, the reporter asked, was Google censoring searches for information about the possibility that COVID had escaped from a laboratory in China? Feinberg began by admitting the premise of the question. Yes, Google was in fact hiding information from its users, he effectively conceded. But it was for their own good. According to Feinberg, Google didn’t want to, “lead people down pathways that we would find to be not authoritative information.” Authoritative information. You’ve heard that phrase a lot in the last year, and phrases like it. “Authoritative information” is the opposite of “misinformation” — or worse, a “conspiracy theory.”
It’s really important. All you’re allowed to see is authoritative information. So it’s worth knowing in this and many other cases, what is it? And where exactly did Google get its so-called “authoritative information.” In this case, it came from a group led by a noted man of science called Peter Daszak. If the name sounds familiar, Peter Daszak is the person who almost single-handedly stopped virtually all public speculation about the lab leak early in the pandemic. Daszak did this in one swoop by organizing a letter to The Lancet — one of the top scientific publications — stating as fact that there was no possibility the coronavirus could have come from the lab in Wuhan. No chance. Many people believed him and they stopped looking. It was in The Lancet, after all. Almost no one asked why Peter Daszak might be saying this.
We now know the answer: Peter Daszak himself was funding research on bat coronaviruses in Wuhan, using U.S. taxpayer dollars, supplied by Tony Fauci. According to one grant Fauci approved, Daszak was authorized to conduct quote, “virus infection experiments across a range of cell cultures from different species and humanized mice.”
Why humanized mice? Well, because they mimic humans. Daszak and his collaborators wanted to make viruses more infectious to people. He didn’t hide this. In December 2019, Daszak appeared on a podcast on YouTube — which is owned by Google — to brag about how easy it is to manipulate bat coronaviruses.
ENGINEERED ICE AGE: Congress funds NOAA scientist for geoengineering project to cool the Earth by artificially dimming the sun
During the last ice age, huge masses of ice covered the northern U.S., Canada, northern Europe and northern Asia. All that ended around 12,000 years ago, but we could be closer to another one than you think now that the National Oceanic and Atmospheric Administration (NOAA) has received funds from congress for a controversial geoengineering project that aims to cool our planet.
David Fahey, the director of NOAA’s Earth System Research Laboratory Chemical Sciences Division, reportedly told staff that the federal government wished to examine the science behind geoengineering, something he described as a “Plan B” for climate change. Along with $4 million in funding, he was given the go-ahead to study two methods of geoengineering.
The first approach entails injecting sulfur dioxide or another aerosol into the stratosphere to shade the planet from more intense sunlight. This concept is modeled after what occurs naturally when volcanic eruptions emit huge clouds of sulfur dioxide that have the effect of cooling the earth. In the second approach, an aerosol of sea salt particles would be used to enhance the power of low-lying clouds over the ocean to serve as shade.
See the light: Philips Hue smart bulbs can be hacked and used to install malware
We’ve all heard the horror stories of hackers remotely steering smart cars off the road, but even the smallest of smart devices can lead to big problems if they’re not monitored carefully.
This was on full display when a flaw was discovered that exposed the home networks of people using the very popular Philips Hue smart bulbs. Researchers from cyber security firm Check Point revealed how a bug enabled them to infiltrate the bulbs with a drone that hovers outside a building. They were able to gain access to the bulbs as well as the control bridge that leads to the users’ network, which means it is possible to compromise a person’s home network or even that of a business or smart city using the bulbs.
To infiltrate the users’ network, the researchers exploited a previously discovered bug that Philips hadn’t fixed that allowed them to control aspects of the bulb like brightness and color. After lowering and raising the brightness or changing the color to trick the user into believing the bulb had a glitch, the user would then reset the product by deleting it from their app and then attempting to rediscover it. However, once they rediscovered the compromised bulb, it was able to offload malware onto the control bridge. The users’ home network is linked to this central hub, which means the malware or spyware could infect the entire network.
Check Point Research Head of Cyber Research Yaniv Balmas said: “Many of us are aware that IoT devices can pose a security risk, but this research shows how even the most mundane, seemingly ‘dumb’ devices such as light bulbs can be exploited by hackers and used to take over networks or plant malware.”
Hellbound and Down 
You must be logged in to post a comment.