The email was sent to Amnesty International yesterday, and while it conceded that the organization was indeed the subject of surveillance, no explanation has been offered. It is now clear that, for some reason, communications by Amnesty International were illegally intercepted, stored, and examined. What is not clear is when the spying happened, what data was collected and, more importantly, why it happened.
Mark Peterson, a spokesman for Internet provider Wave Broadband, says an unspecified number of Sacramento-area customers were knocked offline by the latest attack. Peterson characterized the Tuesday attack as "coordinated" and said the company was working with Level 3 and Zayo to restore service. It's possible the vandals were dressed as telecommunications workers to avoid arousing suspicion, say FBI officials. Backup systems help cushion consumers from the worst of the attacks, meaning people may notice slower email or videos not playing, but may not have service completely disrupted. But repairs are costly and penalties are not stiff enough to deter would-be vandals. "There are flags and signs indicating to somebody who wants to do damage: This is where it is folks," says Richard Doherty. "It's a terrible social crime that affects thousands and millions of people."
"The Block 1 SLS is the 'basic model,' sporting a Delta Cryogenic Second Stage (DCSS), renamed the Interim Cryogenic Propulsion System (ICPS) for SLS. The current plan calls for this [interim] stage to be used on [the unmanned] Exploration Mission -1 (EM-1) and [manned] Exploration Mission -2 (EM-2), prior to moving to the [Exploration Upper Stage] — also to be built by Boeing — that will become the workhorse for SLS. However, using the [interim upper stage] on a crewed mission will require it to be human rated. It is likely NASA will also need to fly the [Exploration Upper Stage] on an unmanned mission to validate the new stage ahead of human missions. This has been presenting NASA with a headache for some time, although it took the recent ASAP meeting to finally confirm those concerns to the public."
NASA doesn't have the funds to human-rate it, and even if they get those funds, human-rating it will likely cause SLS's schedule to slip even more, something NASA fears because they expect the commercial manned ships to be flying sooner and with increasing capability. The contrast — a delayed and unflown and very expensive SLS vs a flying and inexpensive commercial effort — will not do SLS good politically. However, if they are going to insist (properly I think) that SpaceX and Boeing human-rate their capsules and rockets, then NASA is going to have to hold the SLS to the same standard.
Instead of developing a more robust approach to device security, they've simply thrown encryption at everything. This makes it temporarily harder for malicious hackers to have their way with the devices, but also shuts out consumers and white-hat researchers from knowing what the devices are doing. Stanford, Berkeley, and the University of Michigan have now started the Secure Internet of Things Project, which aims to promote security and transparency for IoT devices. They hope to unite regulators, researchers, and manufacturers to ensure nascent internet-connected tech is developed in a way that respects customer privacy and choice.
Zatko is a famed hacker and security luminary, who cut his teeth with the Boston-based hacker collective The L0pht in the 1990s before moving on to work in private industry and, then, to become a program manager at the DARPA in 2010. Though known for keeping a low profile, his scruffy visage (circa 1998) graced the pages of the Washington Post in a recent piece that remembered testimony that Mudge and other L0pht members gave to Congress about the dangers posed by insecure software.