Start up: Mac ransomware, bitcoin’s crunch, global warming’s milestone, the price of your attention, and more

“I bought it so I wouldn’t forget my PIN.” Photo by mag3707 on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 12 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

First Mac ransomware found in Transmission BitTorrent client » Mac Rumors

»This weekend, a notice appeared on warning users that version 2.90 of the popular Mac BitTorrent client downloaded from their site may have been infected with malware. The warning reads:


Everyone running 2.90 on OS X should immediately upgrade to 2.91 or delete their copy of 2.90, as they may have downloaded a malware-infected file.

Using “Activity Monitor” preinstalled in OS X, check whether any process named “kernel_service” is running. If so, double check the process, choose the “Open Files and Ports” and check whether there is a file name like “/Users//Library/kernel_service”. If so, the process is KeRanger’s main process. We suggest terminating it with “Quit -> Force Quit”


Reuters reports that the infected download contained the first “Ransomware” found on the Mac platform. Ransomware is a type of malware that encrypts a user’s hard drive and demands payment in order to unencrypt it. This type of attack has been increasingly popular on the PC, but this is the first time it has been seen on the Mac.

According to Reuters, Apple is aware of the issue and has already revoked “a digital certificate from a legitimate Apple developer that enabled the rogue software to install on Macs.”

The malware in question is said to delay encrypting the user’s hard drive for 3 days, so we may see the first reports of those affected as early as Monday.


Transmission is open source; expect this problem to affect any open source project in future, especially if it isn’t very active.
link to this extract


Market views: hard drive shipments drop by nearly 17% in 2015 » Anandtech

Anton Shilov:

»While no one is writing off the PC market entirely, since it’s heyday nearly a decade ago the PC market has been in a slow decline for some time, and that decline has yet to bottom out. Sales of personal computers declined by roughly 25 – 30m units year-over-year, hitting an eight-year low in 2015 due to economic trends, weak international currencies, and competition from tablets and smartphones in some markets. Shipments of PC components naturally dropped alongside weak PC sales, but hard drive sales in particular have made for an interesitng observation: for 2015, declines of HDD sales greatly outpaced the regress of the PC market. Based on estimates from Western Digital and Seagate (see counting methodology below), the total available market of hard drives contracted by nearly 100 million units year-over-year in 2015.

The three major producers of hard drives shipped a total of 468.9m hard drives in 2015, according to estimates from both Seagate and Western Digital. This is down from 564.1m units in 2014, or by 17%. By comparison, back in 2010 at the peak of HDD sales, the industry sold 651m HDDs.


The implication – since more drives are shipped than PCs – is that add-on drive purchases are falling along with PC sales. That would make sense; if you don’t have a PC, you don’t need an add-on.

However average capacity per drive has gone from 578MB in Q1 2011 to 1.35TB in Q4 2015. Price per drive has been fairly static, at around $60.
link to this extract


Bitcoin’s capacity issues no ‘nightmare’, but higher fees may be new reality » CoinDesk

Stan Higgins:

»The bitcoin network has been on the receiving end of spam attacks during most of its history, including spam events last fall that were revealed to be the work of an entity called CoinWallet that claimed it was seeking to showcase capacity issues on the network.

Yet this week’s occurrence appears to be of a different sort, involving a string of transactions with relatively high fees – something that appears to be pricing out users who are using hard-coded fees that, as a result, leaving them at a disadvantage.

Certain industry representatives interviewed were also split on whether to call the new transactions ‘spam’ due to the fact that identifying the nature of the activity is difficult.

Justus Ranvier, a contributor to the Open Bitcoin Privacy Project, which aims to assess the privacy featured offered by bitcoin wallets, said the transactions could be coming from a badly designed exchange wallet or a malicious attack “designed to sway the block size debate”, but that there is no way to tell definitively.

Avalon’s Yifu Guo told CoinDesk that he believes the effort may be an attempt to tumble coins – or obscure the transaction history of funds by mixing them repeatedly.

A video posted to YouTube further illustrates the activity, further supporting the idea that some individual or group is pushing up overall network fees through a stream of transactions.


Feels like a turning point for bitcoin; and the uncertainty, and higher fees, means some organisations are abandoning it, says Higgins.
link to this extract


PIN number analysis » Data Genetics

Nick Berry:

»I was able to find almost 3.4 million four digit passwords. Every single one of the of the 10,000 combinations of digits from 0000 through to 9999 were represented in the dataset.

The most popular password is  1234  …

… it’s staggering how popular this password appears to be. Utterly staggering at the lack of imagination …

… nearly 11% of the 3.4 million passwords are  1234  !!!

The next most popular 4-digit PIN in use is  1111  with over 6% of passwords being this.

In third place is  0000  with almost 2%.

A table of the top 20 found passwords in shown at the right. A staggering 26.83% of all passwords could be guessed by attempting these 20 combinations!


Wonderful graphs and explanations. And those 20 PINs – oh, my.
link to this extract


Why Trump? » George Lakoff

Lakoff is a professor of cognitive science and linguistics at the University of California at Berkeley:

»I work in the cognitive and brain sciences. In the 1990’s, I undertook to answer a question in my field: How do the various policy positions of conservatives and progressives hang together? Take conservatism: What does being against abortion have to do with being for owning guns? What does owning guns have to do with denying the reality of global warming? How does being anti-government fit with wanting a stronger military? How can you be pro-life and for the death penalty? Progressives have the opposite views. How do their views hang together?

The answer came from a realization that we tend to understand the nation metaphorically in family terms: We have founding fathers. We send our sons and daughters to war. We have homeland security. The conservative and progressive worldviews dividing our country can most readily be understood in terms of moral worldviews that are encapsulated in two very different common forms of family life: The Nurturant Parent family (progressive) and the Strict Father family (conservative).

What do social issues and the politics have to do with the family? We are first governed in our families, and so we grow up understanding governing institutions in terms of the governing systems of families.


This is fascinating, especially because it can be applied more widely in other countries and parties and candidates.
link to this extract


Our hemisphere’s temperature just reached a terrifying milestone » Slate

Eric Holthaus:

»As of Thursday morning, it appears that average temperatures across the Northern Hemisphere have breached the 2 degrees Celsius above “normal” mark for the first time in recorded history, and likely the first time since human civilization began thousands of years ago.* That mark has long been held (somewhat arbitrarily) as the point above which climate change may begin to become “dangerous” to humanity. It’s now arrived—though very briefly—much more quickly than anticipated. This is a milestone moment for our species. Climate change deserves our greatest possible attention.

Global temperatures hit a new all-time record high in February, shattering the old record set just last month amid a record-strong El Niño. Pic: Ryan Maue/Weatherbell Analytics

Our planet’s preliminary February temperature data are in, and it’s now abundantly clear: Global warming is going into overdrive.

There are dozens of global temperature datasets, and usually I (and my climate journalist colleagues) wait until the official ones are released about the middle of the following month to announce a record-warm month at the global level. But this month’s data is so extraordinary that there’s no need to wait: February obliterated the all-time global temperature record set just last month.


link to this extract


Source: Microsoft mulled an $8bn bid for Slack, will focus on Skype instead » TechCrunch

Jon Russell and Ingrid Lunden:

»When Slack announced new voice and video services earlier this week, the enterprise messaging startup signalled a move into territory dominated by the likes of Microsoft’s Skype. But it looks like this is not the only moment when the two company’s paths have crossed in recent times.

Microsoft eyed Slack as a potential acquisition target for as much as $8 billion, TechCrunch has heard. But an internal campaign around making an offer failed to drum up support. Microsoft co-founder Bill Gates and CEO Satya Nadella were among those unconvinced by the idea, with Gates pushing instead to add more features into Skype to make it more competitive with Slack in the business market, our source says.

Slack’s momentum in picking up new users — it currently has 2.3m daily active users, 675,000 of them paying — makes it a competitive threat for others who are hoping to lead in enterprise collaboration services.


I get from this: there’s still a sort of acquisition lunacy inside Microsoft, which has bought Skype and Nokia’s mobile arm and scores of other companies without making them pay; Gates and Nadella are now going to pour cold water on them and say things like “We already spent BILLIONS a company that can do this, REMEMBER?”
link to this extract


Amazon to restore encryption to Fire tablets after complaints » Reuters

Jim Finkle:

»Amazon said it plans to restore an encryption feature on its Fire tablets after customers and privacy advocates criticized the company for quietly removing the security option when it released its latest operating system.

“We will return the option for full-disk encryption with a Fire OS update coming this spring,” company spokeswoman Robin Handaly told Reuters via email on Saturday.

Amazon’s decision to drop encryption from the Fire operating system came to light late this week. The company said it had removed the feature in a version of its Fire OS that began shipping in the fall because few customers used it.

On-device encryption scrambles data so that the device can be accessed only if the user enters the correct password. Well-known cryptologist Bruce Schneier called Amazon’s removal of the feature “stupid” and was among many who publicly urged the company to restore it.


Andrew Cunningham at Ars Technica actually took the trouble to ask Amazon (and get a response) about why it was removing the encryption, and got the “nobody’s using it” answer – one that will have been behind the curve in news terms.

But more generally, those devices are often used for children because they’re cheap. Amazon says the hardware is not up to encrypting/decrypting on the fly. Seems like a weak excuse for poor security.
link to this extract


Cambridge Computer Crime Database » Cambridge University Computer Laboratory

Alice Hutchings maintains it:

»The Cambridge Computer Crime Database (CCCD) is a database of computer crime events where the offender has been arrested, charged and/or prosecuted in the United Kingdom, dating from 1 January 2010. These are broadly classified as high tech offences, including those that fall under the Computer Misuse Act. The database also includes offences that involve the use of computers that fall under other legislation. This includes fraud, conspiracy, misconduct in public office, data protection, and money laundering offences where there is a link to high tech or computer crime.


Useful resource for journalists writing on the topic.
link to this extract


Can I annoy you for a penny a minute? » Medium

Rob Leathern:

»US TV advertising revenue is expected to reach $78.8 billion this year. The average person over 2 years of age in the United States still watches an amazing 29 hours and 47 minutes of TV per week. Which means, when you work it out, that’s just $0.18 in ad revenue per hour of TV watched.

TV Networks are even speeding up their programming in order to fit in more ads as prices fall and viewership dwindles. The average hour of cable television now has 15.8 minutes of ads compared with 14.5 minutes five years ago. The Wall Street Journal reported that “TBS used compression technology to speed up [movies and TV shows]”  —  this video on YouTube shows an example of this tactic with a Seinfeld rerun. For reruns and movies especially, cable networks have long rolled credits very quickly or cut TV opening sequences out entirely.


Whenever I visit the US, I’m astonished by the sheer volume of ads on TV; it seems to me to infect the entire culture; if you’ll tolerate this, you’ll tolerate anything. But people are beginning to break away by turning to Netflix, etc. (How have feature films survived as an art form in the US without ad breaks? Yes, I know, ticket prices, popcorn prices and paid placement.)

By thre way, when Leathern did the calculation for 2009, it was $0.24 per hour. If the ads look worse, they probably are, for that price.
link to this extract


On dormant cyber pathogens and unicorns » Zdziarski’s Blog of Things

Jonathan Zdziarski on the amicus claim by the San Bernadino district attorney Gary Fagan that the Farook 5C could “contain evidence that can only be found on the seized phone that it was used as a weapon to introduce a lying dormant cyber pathogen that endangers San Bernadino County’s infrastructure”:

»I was fortunate to have read this brief before it was publicly released in the news. I quickly googled the term “cyber pathogen” to see if anyone had used it in computer science. The first result was a hit on what appears to be Harry Potter fiction. That’s right, a Demigod from Gryffindor is the closest thing Google could find about cyber pathogens. The next several results show that Google is equally confused about the term, throwing out random results about fungus, academic pathogen models, and cyber conflicts. There is absolutely nothing in the universe that knows what a cyber pathogen is, except for Fagan apparently.


“Lying dormant cyber pathogen” sounds like something that would get tossed from a script on the first read through. Amazing that Fagan’s team left it in.
link to this extract


Galaxy S7 system uses up 8GB out of the box, but you can move apps to SD » Droid Life

Kellen Barranger:

»Remember that big stink that was made about Samsung not allowing for Android 6.0 Marshmallow’s Adoptable Storage feature? Well, this is right here is why people threw a bit of a fit. Out of the box, the Samsung Galaxy S7 uses up 8GB of the phone’s 32GB for system apps and TouchWiz and whatever else Samsung has pre-loaded. That’s a quarter of all of your internal storage, to put it another way. That’s…not good.

As you can see from the image above, before I even completed setup on my Galaxy S7 (we unboxed it here!), I was down to around half of my 32GB storage available. In actuality, the image shows that I’ve used under 16GB total, but I’m still installing apps and have already jumped past the halfway mark and now have around 15GB left to use. If I were a typical smartphone owner who keeps a phone for two years, 15GB isn’t leaving me much space to install apps to.


Of course, you can move it to the SD card. Is that why people would buy an S7 – so they feel obliged to get an SD card too?
link to this extract


Errata, corrigenda and ai no corrida: none notified.

3 thoughts on “Start up: Mac ransomware, bitcoin’s crunch, global warming’s milestone, the price of your attention, and more

  1. “Lying dormant cyber pathogen” sounds like something that would get tossed from a script on the first read through.

    Nah. It’s excellent “treknobabble” (stuff put into Star Trek scripts to sound impressive). Deep Space Nine had a good episode based around exactly that plot: “The station
    goes into lockdown and the crew is endangered when an old Cardassian security program is accidentally activated. ”

    Anyway, the guy obviously meant what’s called a “logic bomb”. But he’s not a technical person, so he didn’t know the right jargon. It’s still scare-mongering, so I can’t muster much sympathy for him over the ritual social-media mob abuse of “You misspoke, so you’re an utter idiot who should should be mocked relentlessly as a complete moron”.

  2. Pingback: CyberSecurity Related News - Daily digest: March 7, 2016 | EVOSEC

  3. Pingback: CyberSecurity Related News - Daily digest: March 8, 2016 | EVOSEC

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.