Environmental licence for SKA phase one gets green light

The Integrated Environmental Management Plan (IEMP), which gives licence to construct phase one of the Square Kilometre Array (SKA), has been adopted.

This is according to the Department of Science and Technology (DST), which confirmed environmental affairs minister Nomvula Mokonyane gazetted the IEMP.

In terms of SKA development, the environmental affairs department, together with the DST and the South African Radio Astronomy Observatory, consulted communities from towns surrounding the project site in the Northern Cape, and the IEMP is part of that procedure.

The IEMP covers the environmental principles to be followed in the construction and operation of SKA phase one, the environmental monitoring and control activities to be undertaken, as well as the long-term research monitoring programmes to be implemented at the SKA site.

This is the first time an environmental instrument of this kind has been adopted at national level in SA, reveals the DST.

"The department is very pleased with the conclusion of this process that has granted the environmental licence for the construction of SKA phase one to proceed in the Northern Cape," says the DST's acting chief director for astronomy, Takalani Nemaungani.

See also

SA locks in deal to establish SKA Observatory

SKA team completes key infrastructure designs

"I would like to thank these communities and the municipalities, as well as the stakeholders in various sectors affected by the project, for actively participating in the meetings and workshop held by the Council for Scientific and Industrial Research (CSIR), who served as the facilitators," he adds.

The SKA project is an international effort to build the world's largest radio telescope, led by the SKA Organisation. It will be built in two main phases in SA and Australia, with a later expansion in both countries and into other African countries.

The CSIR was appointed to undertake the environmental assessment for SKA phase one. The study, which took three years to complete, covered an area of approximately 628 200 hectares in the Karoo.

The study, states the department, assessed the impacts the construction and operation of phase one of the SKA project might have on local agriculture, heritage, archaeology, visual landscape, terrestrial ecology and biodiversity, as well as local socio-economic aspects.

Further aspects of sensitivity in terms of aviation, defence, telecommunications, weather services, mining, water use, waste management, noise and traffic effects were also investigated.

Dr Rob Adam, MD of the South African Radio Astronomy Observatory, says: "The development of the IEMP for the first phase of the SKA, and the gazetting of its adoption by minister Mokonyane, is yet another milestone towards the realisation of the SKA mid-frequency array in South Africa."

Read Original Article... 

Here's the List of ~600 MAC Addresses Targeted in Recent ASUS Hack

EXCLUSIVE — While revealing details of a massive supply chain cyber attack against ASUS customers, Russian security firm Kaspersky last week didn't release the full list all MAC addresses that hackers hardcoded into their malware to surgically target a specific pool of users.

Instead, Kaspersky released a dedicated offline tool and launched an online web page where ASUS PC users can search for their MAC addresses to check whether they were in the hit list.

However, many believe it is not a convenient way for large enterprises with hundreds of thousands of systems to know if they were targeted or not.

List of MAC Addresses Targeted in ASUS Supply Chain Attack

To solve this and help other cybersecurity experts continue their hunt for related hacking campaigns, Australian security firm Skylight's CTO Shahar Zini contacted The Hacker News and provided the full list of nearly 583 MAC addresses targeted in the ASUS breach.

"If information regarding targets exists, it should be made publicly available to the security community so we can better protect ourselves," Skylight said in a post shared with The Hacker News.

"So, we thought it would be a good idea to extract the list and make it public so that every security practitioner would be able to bulk compare them to known machines in their domain."

Skylight researchers retrieved the list of targeted MAC addresses with the help of the offline tool Kaspersky released, which contains the full list of 619 MAC addresses within the executable, but protected using a salted hash algorithm.

They used a powerful Amazon server and a modified version of HashCat password cracking tool to brute force 583 MAC addresses in less than an hour.

"Enter Amazon's AWS p3.16xlarge instance. These beasts carry eight (you read correctly) of NVIDIA's V100 Tesla 16GB GPUs. The entire set of 1300 prefixes was brute-forced in less than an hour."

ASUS Hack: Operation ShadowHammer

It was revealed last week that a group of state-sponsored hackers managed to hijack ASUS Live automatic software update server last year and pushed malicious updates to over one million Windows computers worldwide in order to infect them with backdoors.

The security company then informed ASUS about the ongoing supply chain attack campaign on Jan 31, 2019.

After analyzing more than 200 samples of the malicious updates, researchers learned that the hackers, who are not yet attributed to any APT group, only wanted to target a specific list of users identified by their unique MAC addresses, which were hardcoded into the malware.

Though the second stage malware was only pushed to nearly 600 targeted users, it doesn't mean that millions of ASUS computers which received the malicious software update are not compromised.

How to Check if Your ASUS Laptop Has Been Hacked?

After admitting that an unknown group of hackers hacked its servers between June and November 2018, ASUS this week released a new clean version of its LIVE Update application (version 3.6.8) and also promised to add "multiple security verification mechanisms" to reduce the chances of further attacks.

However, you should know that just installing the clean version of the software update over the malicious package would not remove the malware code from the infected systems.

So, to help its customers know if they were a victim of the attack, ASUS also released a diagnostic toolusing which you can check whether your ASUS system was affected by the malicious update.

If you find your computer MAC address in the list, it means your computer has been backdoored by the malicious update, and ASUS recommends you perform a factory reset to wipe up the entire system.

The identity of hackers and their intentions are still unknown.

Read Original Article...

Family locator app leaked real-time location data of 238,000 individuals

We normally consider family locator app as a blessing because we are able to track our family members conveniently through them. But, what if your private data collected or shared on such an app gets misused by cybercriminals because the app fails to secure it properly? It would instantly become a nuisance...no?

The same has happened in the case of Australian software house React Apps’ Family Locator app. According to security researcher Sanyam Jain’s latest findings, this app has so far leaked sensitive data including real-time location information of about 238,000 individuals.See: Hackers leave ransom note after wiping out MongoDB in 13 seconds

The data exposure has been occurring for several weeks because of the fact that the database wasn’t properly configured to keep the data protected from landing into wrong hands.

The location data exposure is a real issue of concern here because the app has leaked people’s positions from the distance of a few feet and even displayed the names of geofenced areas that are particularly used to alert or notify family members.

Reportedly, the app’s developer didn’t secure the server with a password due to which the data leak occurred. For your information the app allows registered members to track their family members like spouse or children in real-time. With the app’s FollowMe feature, members are able to receive alerts about the current status of their family members such as whether the child has reached school or the spouse has reached the workplace, etc.

The main culprit behind such a massive data leakage is a poorly protected MongoDB database that was hosted on a Cloud server. The database was storing location data in an unencrypted format, so anyone who finds the database through services like Shodan can check the members’ real-time location as well as their profile photos, email IDs, full name, and login credentials including passwords.

This definitely puts members’ families at great risk since the geofenced locations data is also included in the leaked information.

Jain, who is associated with the GDI Foundation, notified TechCrunch about the unsecure database. TechCrunch has verified the information available on the database after downloading the app and registering with a fake email ID. As soon as the signing up process ended, their real-time location appeared on the database with exact location coordinates.

The company contacted one of the registered members chosen randomly and the user was naturally shocked by the findings. The unnamed user also confirmed that the location information about his workplace and his child’s school was completely accurate.

See: Google collects Android location data even if location service is off

TechCrunch’s Zack Whittaker tried to contact React Apps but the company didn’t respond. TechCrunch then contacted the Australian Securities & Investments Commission to get the company’s business records that provided information about React App’s owner Sandip Mann Singh. However, the owner’s contact number wasn’t listed.

Then TechCrunch informed Microsoft, the company responsible for hosting the MongoDB database on its Azure Cloud server. Microsoft tried to contact the developer after which the database was taken offline. It is currently unclear the duration for which the database remained exposed.

Read Original Article...

The History of Email

QWERTYUIOP

— Text of the first email ever sent, 1971

The ARPANET (a precursor to the Internet) was created “to help maintain U.S. technological superiority and guard against unforeseen technological advances by potential adversaries,” in other words, to avert the next Sputnik. Its purpose was to allow scientists to share the products of their work and to make it more likely that the work of any one team could potentially be somewhat usable by others. One thing which was not considered particularly valuable was allowing these scientists to communicate using this network. People were already perfectly capable of communicating by phone, letter, and in-person meeting. The purpose of a computer was to do massive computation, to augment our memories and empower our minds.

Surely we didn’t need a computer, this behemoth of technology and innovation, just to talk to each other.

Computers which sent the first emailThe computers which sent (and received) the first email.

The history of computing moves from massive data processing mainframes, to time sharing where many people share one computer, to the diverse collection of personal computing devices we have today. Messaging was first born in the time sharing era, when users wanted the ability to message other users of the same time shared computer.

Unix machines have a command called write which can be used to send messages to other currently logged-in users. For example, if I want to ask Mark out to lunch:

$ write mark write: mark is logged in more than once; writing to ttys002 Hi, wanna grab lunch? He will see:

Message from zack@Awesome-Mainframe.local on ttys003 at 10:36 ... Hi, wanna grab lunch? This is absolutely hilarious if your coworker happens to be using a graphical tool like vim which will not take kindly to random output on the screen.

Persistant Messages

When the mail was being developed, nobody thought at the beginning it was going to be the smash hit that it was. People liked it, they thought it was nice, but nobody imagined it was going to be the explosion of excitement and interest that it became. So it was a surprise to everybody, that it was a big hit.

— Frank Heart, director of the ARPANET infrastructure team

An early alternative to Unix called Tenex took this capability one step further. Tenex included the ability to send a message to another user by writing onto the end of a file which only they could read. This is conceptually very simple, you could implement it yourself by creating a file in everyones home directory which only they can read:

mkdir ~/messages chmod 0442 ~/messages Anyone who wants to send a message just has to append to the file:

echo "

Read Original Article...

South Africa to develop three more nano-satellites worth R27 million

The Department of Science and Technology (DST), director general, Dr Phil Mjwara, announced earlier this week that the department is committed to support the development of a constellation of satellites through the investment of R27 million.

The director general announced this at a plenary briefing that was hosted by the Cape Peninsula University of Cape Town (CPUT), after the successful launch of the country’s second nano-satellite, ZACUBE-2, which is considered the most advanced on the continent.

“We have contracted CPUT to develop three more nano-satellites to the value of R27 million to be launched by 2020. This investment will allow us to take full advantage of SA’s vast and exclusive economic zone, our oceans, which have the potential to add R177 billion to the country’s gross domestic product and create over 1 million jobs by 2033,” Mjwara told IOL News.

The nano-satellite named ZACUBE-2 is funded by DST in support of Operation Phakisa, to provide cutting edge, high frequency data exchange communication systems to maritime industry and it will monitor the movement of ships along the coastline with its automatic identification system (AIS).

ZACUBE-2 is the predecessor of ZACUBE-1, which was developed by CPUT space programme graduates four years ago, and continues to transmit space weather data.

“Currently South Africa purchases its AIS data at huge cost from outside service providers, and we are now in position to provide our own data but at present only twice. Once we have a constellation of satellites providing a constant flow of data, it will go towards proving SA has the indigenous knowledge to provide this technology for our country,” concluded CPUT head of space programme, Prof Robert Van Zyl.

Read Original Article...
Apple Repairs and Service
Member of the Internet Defense League
Internet Cafe available

BitcoinCash Accepted

download