Privacy and Security related news for the week ending 2020 08 11


This week your DAML privacy and security stories start with a little bit of overzealous cyber-stalking. From there we move to Belarus where, during a contentious election, all forms of communication went dark, Barclays Bank in a bit of a pickle, Cap One in more of a pickle and why your fave Reddit forum might be espousing sentiment you may or may not agree with. We end with a weekly recommendation for those working in orbit.


Love gone weird

Stalker on steroids (as described by North Salt Lake police) Loren M. Okamura was arrested in December 2019 on charges of cyber-stalking, making interstate threats, and transporting a person over state lines for the purpose of prostitution. The 44-year-old entered a guilty plea in US District Court on July 27.

The Gilmore family’s stalking experience began in August 2018 when a tow-truck company employee turned up on their doorstep with false instructions to remove a car from the Gilmore’s driveway.

For the next seven months, the family turned away up to 20 people a day (plumbers, locksmiths, food delivery workers, electricians, sex workers, etc.) who had been sent to their house by Okamura.

“These are individuals who come to our home in the middle of the night—10, 11 o’clock, 1, 2, 3 in the morning. They have police records. Criminals. Felons. Active warrants for their arrests coming to my home. They’re looking for drugs. They’re offering prostitution,” stated Walt Gilmore to a local newspaper.

The arrival of misled service providers at the Gilmore family home became so frequent that the local police parked a patrol car in the family’s driveway to deter people scammed by Okamura from knocking on the front door.

Walt Gilmore said that his adult daughter had known Okamura at one point but no longer kept in contact. Okamura’s sentencing is scheduled for October 5.


China now blocking ESNI-enabled TLS 1.3 connections

Robbie Harb: China is now blocking encrypted HTTPS traffic that uses TLS 1.3 with ESNI enabled, according to observers at the Great Firewall Report (GFR).

TLS is the foundation of secure online communication and hides content users wish to access or have generated so it can pass over the internet without being observed by unrelated parties.

While TLS hides the content of a user’s communication, it cannot always hide the server they are communicating with because its handshake optionally contains a Server Name Indication (SNI) field designed to explain where traffic is going. China and other nations have used this info to block their users from accessing particular websites.

To address that privacy gap, TLS introduced Encrypted SNI (ESNI). ENSI encrypts the SNI so that intermediaries cannot view it and thus, in theory at least, prevent overzealous censors from sniffing and blocking traffic headed to and from places they don’t like.

But according to the GFR, China has found one way around this: outright block all TLS 1.3 connections with ESNI enabled.

For a workaround: The GFR found that it could circumvent the new blocks using Geneva, a genetic algorithm developed by the University of Maryland in the U.S. that manipulates packet streams without impacting the original connection. Using Geneva, the GFR team discovered six strategies that work from the client side and four that work from the server side with 100 percent reliability.


Facebook Open Sources Analysis Tool “Pysa” for Python Code

By Ionut Arghire: The security-focused tool relies on Pyre, Facebook’s type checker for Python, and allows for the analysis of how data flows through code. It can be used to identify issues related to the protection of user data, as well as flaws such as XSS and SQL injection.

In addition to making Pysa available in open source, Facebook released many of the definitions that it leverages when looking for security bugs, making it readily available for others to start analyzing their own Python code.

Pysa was designed only for the discovery of data flow–related security issues, meaning that it won’t identify security or privacy issues that cannot be modeled as flows of data.


Belarus Has Shut Down the Internet Amid a Controversial Election

Lily Hay Newman for Wired: Internet and cellular service in Belarus have been down since Sunday evening, after sporadic outages early that morning and throughout the day. The connectivity blackout, which also included landline phones, appears to be a government-imposed outage that came amid widespread protests and increasing social unrest over Belarus’ presidential election Sunday.

The ongoing shutdown has further roiled the country of about 9.5 million people, where official election results yesterday indicated that five-term president Aleksandr Lukashenko had won a sixth term with about 80 percent of the vote.

Around the country, protests against Lukashenko’s administration, including criticisms of his foreign policy and handling of the Covid-19 pandemic, grew in the days leading up to the election and exploded on Sunday night. The government has responded to the protests by mobilizing police and military forces, particularly in Minsk, the capital.

Meanwhile, opposition candidates and protesters say the election was rigged and believe the results to be illegitimate.


Security cameras vulnerable to hijacking

For a while we have been letting you know about the perils of Internet based cameras that purport to provide security for your home and family.

There is a website that is collecting live data on Internet accessible cameras called hacked(dot)camera and for those who like a visual representation, add /map/ to the end.

A quick visual review might suggest that Alice Springs Australia is doing pretty well understanding how poor the security is on some of these cameras, or alternately, it’s so quiet that a single camera is sufficient to cover the action.


An unknown Group ran as many as 24% of all Tor exit nodes to perform SSL stripping attacks

Since January 2020, a mysterious threat actor has been adding servers to the Tor network in order to perform SSL stripping attacks on users accessing cryptocurrency-related sites through the Tor Browser.

The group has been so prodigious and persistent in their attacks, that by May 2020, they ran a quarter of all Tor exit relays — the servers through which user traffic leaves the Tor network and accesses the public internet.

According to a report published on Sunday by an independent security researcher and Tor server operator known as Nusenu, the group managed 380 malicious Tor exit relays at its peak, before the Tor team made the first of three interventions to cull this network.

“There are multiple indicators that suggest that the attacker still runs >10% of the Tor network exit capacity (as of 2020–08–08).”

The researcher suggested that the threat actor is likely to continue their attack as the Tor Project does not have a thorough vetting process in place for entities who can join its network.

The goal of the person-in-the-middle attack is to execute “SSL stripping” attacks by downgrading the user’s web traffic from HTTPS URLs to less secure HTTP alternatives. The SSL stripping attacks allow the group to replace Bitcoin addresses inside HTTP traffic going to Bitcoin mixing services. “Bitcoin address rewriting attacks are not new, but the scale of this operation was.”


UK: Barclays Bank in privacy probe.

Barclays Bank are under investigation over allegations that managers spied upon their staff as part of a workplace productivity improvement drive.

During February, the bank trialled tracking software to detail the amount of time employees spent at their desk. The bank was reportedly using software from Sapience Analytics to monitor how long staff were spending at their desks. It was alleged to have introduced the surveillance tool so managers could target individual workers.

A spokesperson for the Information Commissioner’s Office (ICO) stated: "We have an ongoing investigation relating to Barclays’ alleged use of employee monitoring tools.” Apparently that investigation started after an employee rebellion prompted Barclays to come clean to the ICO.


US: Last week US secretary of state Mike Pompeo announced a 5 Point “Clean Network plan”

Pompeo’s new 5 point plan (with 6 points) was revealed in a series of tweets and detailed the following:

Clean Carrier: To ensure untrusted People’s Republic of China (PRC) carriers are not connected with US telecommunications networks. Such companies pose a danger to US national security and should not provide international telecommunications services to and from the United States.

Clean Store: To remove untrusted applications from US mobile app stores. PRC apps threaten our privacy, proliferate viruses, and spread propaganda and disinformation. American’s most sensitive personal and business information must be protected on their mobile phones from exploitation and theft for the CCP’s benefit.

Clean Apps: To prevent untrusted PRC smartphone manufacturers from pre-installing – or otherwise making available for download – trusted apps on their apps store. Huawei, an arm of the PRC surveillance state, is trading on the innovations and reputations of leading US and foreign companies. These companies should remove their apps from Huawei’s app store to ensure they are not partnering with a human rights abuser.

Clean Cloud: To prevent US citizens’ most sensitive personal information and our businesses’ most valuable intellectual property, including COVID-19 vaccine research, from being stored and processed on cloud-based systems accessible to our foreign adversaries through companies such as Alibaba, Baidu, and Tencent.

Clean Cable: To ensure the undersea cables connecting our country to the global internet are not subverted for intelligence gathering by the PRC at hyper scale. We will also work with foreign partners to ensure that undersea cables around the world aren’t similarly subject to compromise.

One last thing: Pompeo’s Tweet mentions a five-point plan but then lists a sixth - “Clean Path” - that has still not been explained.


US: Capital One Fined $80 Million for 2019 Data Breach Affecting 106 Million Users

Swati Khandelwal: A United States regulator has fined the credit card provider Capital One Financial Corp with $80 million over last year’s data breach that exposed the personal information of more than 100 million credit card applicants of Americans.

The fine was imposed by the Office of the Comptroller of the Currency (OCC), an independent bureau within the United States Department of the Treasury that governs the execution of laws relating to national banks.

According to a press release published by the OCC on Thursday, Capital One failed to establish appropriate risk management before migrating its IT operations to a public cloud-based service, which included appropriate design and implementation of certain network security controls, adequate data loss prevention controls, and effective dispositioning of alerts.

Besides credit card information, the hacker also managed to steal approx 140,000 Social Security numbers and 80,000 bank account numbers linked to US customers, and 1 million Canadian Social Insurance numbers.

The hacker, identified as former Amazon web services employee Paige Thompson a.k.a erratic, 33, was arrested following the breach and charged with computer fraud and abuse, which carries up to five years in prison and a $250,000 fine.

The breach occurred after Thompson allegedly exploited a misconfigured firewall on Capital One’s Amazon Web Services cloud server in March and stole more than 700 folders of data stored on that server.


Chinese hackers pillage Taiwan’s semiconductor industry

Over the past decade, Taiwan has slowly established itself as a hotbed for chip companies in both development and production. Taiwan Semiconductor Manufacturing Company (TSMC) is a major player in the field and over time, the market value of the overall semiconductor and equipment manufacturing sector in the country has increased.

Between 2018 and 2019, the Cycraft research team discovered several attacks on various semiconductor vendors located at the Hsinchu Science-based Industrial Park in Taiwan (Among the seven are Taiwan Semiconductor Manufacturing Company (TSMC) and United Microelectronics Corporation (UMC)). As these attacks employed similar attack techniques and tactics, a pattern could be discerned from the malicious activities. From this pattern, Cycraft deduced that these attacks, which we dubbed Chimera APT (Advanced Persistent Threat) Group, were actually conducted by the same threat actor.

The main objective of these attacks appeared to be stealing intelligence, specifically documents about IC chips, software development kits (SDKs), IC designs, source code, etc. If such documents are successfully stolen, the impact can be devastating.

The motive behind these attacks likely stems from competitors or even countries seeking to gain a competitive advantage over rivals. Since these techniques and tactics were similar to previous attack activities, the Cycraft research team suspect the attacker is a China-based hacker group.

The initial access came from a valid, corporate ID — potentially stolen in a separate data breach — and a virtual private network (VPN) connection.

“Many enterprises often neglect this attack vector, by default trusting VPN connections and welcoming them into their intranet; and Chimera is one of the most skilled threat actors that we have seen at abusing VPN policies.”


YouTube bans thousands of Chinese accounts to combat ‘coordinated influence operations’

Devin Coldewey@techcrunch: Last week YouTube banned a large number of Chinese accounts it said were engaging in “coordinated influence operations” on political issues, the company announced 2,596 accounts from China alone were taken down from April to June, compared with 277 in the first three months of 2020.

It’s the “return” of this particular spam dragon because it showed up last fall in a similar form, and whoever is pulling the strings appears undeterred by detection.

The Google post notes that the Chinese campaign, as well as others from Russia and Iran, were multi-platform, as similar findings were reported by Facebook, Twitter and cybersecurity outfits like FireEye.


U.S. Offers Reward of $10M for Info Leading to Discovery of Election Meddling

The U.S. government is concerned about foreign interference in the 2020 election, so much so that it will offer a reward of up to $10 million for anyone providing information that could lead to tracking down potential cybercriminals aiming to sabotage the November vote.

The U.S. Department of State’s Rewards for Justice (RFJ) program, overseen by the Diplomatic Security Service, will pay for info that can identify or locate someone working with or for a foreign government “for the purpose of interfering with U.S. elections through certain illegal cyber activities,” according to a release posted on the department’s website.

“The Computer Fraud and Abuse Act, 18 U.S.C. § 1030, criminalizes unauthorized computer intrusions and other forms of fraud related to computers,” according to the release. “Among other offenses, the statute prohibits unauthorized access of computers to obtain information and transmit it to unauthorized recipients.”

Recent research by Google identified two separate phishing campaigns targeting staffers of both President Trump and Democratic candidate Joe Biden from persistent threat (APT) groups. Google reported a China-linked APT group targeted Biden’s campaign staff, while an Iran-linked APT targeted Trump’s.

The department is encouraging anyone with information on foreign interference in U.S. elections to contact them via their website or contact a U.S. Regional Security Officer at the nearest U.S. embassy or consulate.


CH: Intel investigating breach after 20GB of internal documents leak online

US chipmaker Intel is investigating a security breach after 20 GB of internal documents, with some marked “confidential” or “restricted secret,” were uploaded online on file-sharing site MEGA.

The data was published by Till Kottmann, a Swiss software engineer, who said he received the files from an anonymous hacker who claimed to have breached Intel earlier this year.

Kottmann received the Intel leaks because he manages a very popular Telegram channel where he regularly publishes data that accidentally leaked online from major tech companies through misconfigured Git repositories, cloud servers, and online web portals.

The Swiss engineer said last week’s leak represents the first part of a multi-part series of Intel-related leaks. None of the leaked files contain sensitive data about Intel customers or employees, but are loaded with Intel chip and platform design IP and even some marketing materials.


Hackers defaced Reddit with pro-Trump messages

A massive hack has hit Reddit with Reddit channels hacked and defaced to show messages in support of Donald Trump’s reelection campaign. Combined, the channels have tens of millions of subscribers. The Reddit hack comes after Reddit banned r/The_Donald, a channel for Donald Trump supporters, in late June. Reddit said it took the decision to ban the channel for breaking its community rules after reports of harassment, bullying, and threats of violence.

Last week’s stunt was similar to one that took place at the end of June and the start of July, when more than 1,800 Roblox accounts were hacked and defaced with a similar pro-Trump reelection message.


Censys, a search engine for internet devices, raises $15.5M Series A

Internet device search engine Censys is one of the biggest search engines you’ve probably never heard of.

If Google is the search engine for finding information sitting on the web, Censys is the search engine for finding internet devices, like computers, servers, and smart devices, that hosts the data to begin with. By continually mapping the internet looking for connected devices, it’s possible to identify devices that are accessible outside a company’s firewall. The aim is to help companies keep track of which systems can be accessed from the web and know which devices have exploitable security vulnerabilities.

The fundraise couldn’t come at a more critical time for the company. Censys is not the only internet device search engine, rivaling Binary Edge and Shodan. But Censys says it has spent two years on bettering its internet mapping technology, helping it see more of the internet than it did before.

The new scan engine, built by the same team that developed and maintains its original open-source ZMap scanner, claims to see 44% more devices on the internet than other security companies. That helps companies see new vulnerable systems as soon as they come online, said Censys’ chief scientist Zakir Durumeric.


CN: Think telemarketers are a pest? Wait till China’s AI versions call

Maria Siow: They can make 3,000 calls a day without getting tired or temperamental and even blocking their number won’t stop them.

Shanghai resident Fan Kaiyi has been on the receiving end of unsolicited calls for as long as she can remember.

Lately, the calls have taken a new twist. Now when she answers the phone Fan often finds there is nobody on the other end. At least, there’s no person there. It’s a robot instead – and a very realistic one too. “At first I didn’t even realize I was speaking to an automated service. I told the ‘person’ that I did not require an energy-boosting product and the voice went on to recommend another, similar product,” she said.

“When I asked ‘didn’t you hear what I just said’, the voice did not appear to understand. Just as I was about to hang up the phone, the voice suddenly identified itself as an AI phone assistant. I felt stupid talking to a machine. But the voice was so real and did not sound as if it was pre-recorded.”


Google is done with the Pixel 4 and Pixel 4 XL

The Pixel 4 and 4 XL are technically discontinued. Both models were introduced less than a year ago and their successor – the announced but yet-to-be-revealed Pixel 5 – isn’t ready to be sold just yet. For now, Google’s smartphone lineup starts and stops with the Pixel 4a.


Pixel 4a is the first device to go through ioXt at launch

The Internet of Secure Things Alliance (ioXt) manages a security compliance assessment program for connected devices. ioXt has over 200 members across various industries, including Google, Amazon, Facebook, T-Mobile, Comcast, Zigbee Alliance, Z-Wave Alliance, Legrand, Resideo, Schneider Electric, and many others. With so many companies involved, ioXt covers a wide range of device types, including smart lighting, smart speakers, webcams, and Android smartphones.

ioXt’s baseline security requirements are tailored for product classes, and the ioXt Android Profile enables smartphone manufacturers to differentiate security capabilities, including biometric authentication strength, security update frequency, length of security support lifetime commitment, vulnerability disclosure program quality, and preloaded app risk minimization.

NCC Group (a sanctioned auditor) has published an audit report that included assessments of the following:

  1. The product shall not have a universal password; unique security credentials will be required for operation.

  2. All product interfaces shall be appropriately secured by the manufacturer.

  3. Product security shall use strong, proven, updatable cryptography using open, peer-reviewed methods and algorithms.

  4. Product security shall be appropriately enabled by default by the manufacturer.

  5. The product shall only support signed software updates.

  6. The manufacturer shall act quickly to apply timely security updates.

  7. The manufacturer shall implement a vulnerability reporting program, which will be addressed in a timely manner.

  8. The manufacturer shall be transparent about the period of time that security updates will be provided.


TikTok, WeChat Bans Not Crucial to US Security

AFP: An all-in-one tool, WeChat provides messaging, financial transactions, group chats, and social media, all of which is stored on Chinese servers that a 2017 security law says must be accessible by Chinese intelligence.

TikTok, a simple app for making and sharing short videos, meanwhile mines users’ accounts and phones for lots of identifying information.

“WeChat is bad,” said Nicholas Weaver, a lecturer in computer security at the University of California in Berkeley.

“It uses encrypted links to WeChat’s servers in China… but the servers see all messages, so the Chinese government can see any message it wants,” he said.

However, Weaver said, there few alternatives if you want to communicate widely with people in China, from inside or outside the country.

More of a concern are US companies in China who might be banned from the WeChat App. As it would effectively cut them out of huge amounts of online commerce in China.


US: Smart Lock Vulnerability

Bruce Schneier: Yet another Internet-connected door lock is insecure: Sold by retailers including Amazon, Walmart, and Home Depot, U-Tec’s $139.99 UltraLoq is marketed as a “secure and versatile smart deadbolt that offers keyless entry via your Bluetooth-enabled smartphone and code.”

Users can share temporary codes and ‘Ekeys’ to friends and guests for scheduled access, but according to Tripwire researcher Craig Young, a hacker able to sniff out the device’s MAC address can help themselves to an access key, too.

UltraLoq eventually fixed the vulnerabilities, but not in a way that should give you any confidence that they know what they’re doing.


U.K.: Travelex Forced into Administration (the UK’s equivalent of the US’ chapter 11) After Ransomware Attack.

Ransomware victim Travelex has been forced into administration, with over 1000 jobs set to go.

PwC announced late last week that it had been appointed join administrators of the currency exchange business.

Despite operating over 1000 ATMs and 1000+ stores globally, and providing services for banks, supermarkets and travel agencies in over 60 countries, the firm was forced to cut over 1300 jobs as part of the restructuring.

“The impact of a cyber-attack in December 2019 and the ongoing COVID-19 pandemic this year has acutely impacted the business,” admitted PwC in a notice announcing the news.


AU: Have I Been Pwned to release code base to the open source community

Data breach and record exposure search engine “Have I Been Pwned” is going open source.

Developed and maintained by security expert Troy Hunt, the search engine has become increasingly popular over time as the volume of reported data breaches ramped up, prompted by legislation and demands for transparency by companies suffering such a security incident.

Members of the general public can submit their email addresses into the Have I Been Pwned search engine to find out if they have been “pwned,” and if their emails have been linked to a data breach, each one and a summary of what happened is displayed – as well as what information has been exposed.

At the heart, one main operator isn’t enough to ensure future scalability or sustainability, and with this in mind, Hunt previously attempted to find a buyer to help expand his life’s work.

By going open source, Hunt says this will take the “nuts and bolts” of the service and “put them in the hands of people who can help sustain the service regardless of what happens to me.”

Have I Been Pwned was developed to improve the security landscape and give individuals impacted by a data breach the knowledge required to potentially improve their own security posture – such as by changing passwords linked to compromised accounts and to hammer the lesson home that passwords should not be re-used across different services.

With this in mind, going open source would also contribute to this concept by opening up code to other eyes – increasing trust through transparency, and also potentially improving the platform’s own security via the discovery of vulnerabilities.

“All that backlog, all those bugs, all the great new ideas people have but I simply can’t implement myself can, if the community is willing, finally be contributed back into the project,” the security expert added.


WhatsApp Users To Get Upgrade

Zak Doffman: The biggest missing feature with WhatsApp are options for multiple device access.

According to WABetaInfo a new release will make using WhatsApp seamless, from your phone(s) to your iPad to your desktop. And no more clunky front-end to the message store on your primary phone. This will work even if that main device is not switched on or online.

“WhatsApp has also developed an iPad app, that will be released after the activation of the feature, so you will be able to use WhatsApp on your iPhone and your iPad at the same time.”

Why is this so difficult? It all comes down to end-to-end encryption. Clearly, introducing linked devices means that you need to ensure the end-to-end encryption security extends to multiple endpoints on each side of a conversation, whether person-to-person or within groups. That’s challenging but achievable. The issue, though, is that to maintain a full user experience you need to sync the entire message history across each of those devices and keep them aligned. That’s significantly harder.

WhatsApp’s closest rival—by feature if not install base—Signal, takes a similar approach to transferring an account from an old phone to a new one. But every one of its linked devices is a separate instance, with its message history limited to the time window during which it is linked. The reported WhatsApp approach is a significant step-up from that.

The other serious update coming from WhatsApp is to extend end-to-end encryption to cloud backups. Right now, when you backup chats to Google’s or Apple’s cloud, you only have the protection of their encryption over your backup—not WhatsApp’s end-to-end protection. That means law enforcement or others can access your content with keys held by those platforms. The new update will fix this, extending the same protection from your devices to your backups.


CN: Huawei Confirms ‘Big Loss’ For Smartphones After New Trump Strike

Zak Doffman: Back in May, the Trump administration tightened its blacklist restrictions on Huawei, denying the company access to the custom “Kirin” chips designed by its HiSilicon subsidiary, but fabricated by external suppliers. At the time, there were varying reports as to how well prepared Huawei was for the change, how many chips it had managed to stockpile, how long the company would have to shift from in-house designs to off-the-shelf alternatives, or find a design to fabrication process absent any American technology.

The consensus seemed to be that the company might only have enough to see it through the next 12-months. Fast forward three-months and that impact seems to have come much faster than anticipated. This has been making headlines through the weekend, after Huawei’s fairly sovereign consumer boss, Ricard Yu, admitted that the imminent Mate 40 flagship would likely be the last to carry a Kirin chip.

In the second quarter, ending June 30, Huawei finally achieved its long-stated goal of overtaking Samsung to lead the world’s smartphone makers. Leadership status, however, may be short lived. But the next three to six months will likely be the most telling yet as regards the impact they will have. Until now, Huawei has maintained its share of the smartphone market by replacing international sales softened by its loss of Google, with soaring growth in China.

Meanwhile, Huawei’s 5G business is also heavily impacted by reversals like those used by the U.K. to reverse a decision to allow Huawei into its new networks, claiming new security vulnerabilities might be introduced.


Space: How the International Space Station Enables Cybersecurity

Sean Michael Kerner: “Now we know that our key infrastructure is at risk on the ground as it is in space, from both physical and cyber-threats,” former NASA astronaut Pamela Melroy stated. Attacks against space-based infrastructure including satellites are not theoretical.

Melroy noted that the simplest type of attack is a Denial of Service (DoS) which is essentially a signal jamming activity. She added that it already happens now, sometimes inadvertently, that a space-based signal is blocked. There is also a more limited risk that a data transmission could be intercepted and manipulated by an attacker.

The entire network by which NASA controllers at Mission Control communicate with ISS is a private network, operated by NASA. Melroy emphasized that the control does not go over the open internet at any point.

There is also a very rigorous verification system for any commands and data communications that are sent from the ground to ISS. Melroy noted that the primary idea behind the verification is not necessarily about malicious hacking, but rather about limiting the risk of a ground controller sending a bad command to space.

“There’s a very rigorous certification process required for controllers in the International Space Station Mission Control Center (MCC) to allow them to send commands to the space station,” she explained. “In addition there are screening protocols both before a message ever leaves MCC going up to the ISS and once it’s on board ISS, to check and make sure that the command will not inadvertently do some damage to the station.”

There is also a local area network on the station with support computers used for limited internet access including email and social media like Twitter. While the local ISS network has internet access, it is not directly connected to the public internet.

Melroy explained that there is a proxy computer inside the firewall at the Johnson Space Center, in Houston, Texas, that is connected with ISS. As such, the space station support computers talk to the proxy computer, which then goes out onto the public internet.

“The most serious problem I think we have in space is complacency. We are going to have to figure out how to insert cybersecurity and an awareness of that into the values and the culture of aerospace, all the way from the beginning in design and through to operations,” Pamela Melroy suggested.

We say, start by reading this blog post every week!


1 Like

thanks for the update @rps!