Monthly Archives: September 2017

CDMaST Phase 2 is going to change naval warfare

Posted on by

I’m constantly amazed at the level of tech we are achieving in a relatively short period of time. The “future” is coming fast, and sometimes in ways that even the best of science fiction didn’t anticipate.

Case in point – the CDMaST Phase 2 project from DARPA. Long story short, the idea behind this project “revolves around real-time secure networks of manned and unmanned aircraft, surface ships, and submarines able to attack and defend vast areas of the world’s oceans to hold enemy ships and submarines at risk over wide contested areas.”

The CDMaST project wouldn’t be the only line of defense. The project “would augment aircraft carrier battle groups and manned submarines with networked manned and unmanned systems of systems (SoS) that work collaboratively to control the seas.”

Imagine hundreds or thousands of drone-based ships in the ocean, playing basic defense and surveillance “over ocean areas as large as a million square kilometers”. This 24/7 armada would “hold the line” so to speak, and keep the Navy’s “12 aircraft carriers, 52 attack submarines, and 18 ballistic- and cruise-missile submarines” on a more focused and as-needed basis.

It’s brilliant.

Of course CDMaST is going to be target #A1 for hacking, and CDMaST is probably going to be the focus of some terrible movies when the mainstream media gets wind of this, but the idea that technology has reached the point of 24/7 global defense is astounding.

The article is on the Military and Aerospace website here.

DJI drones and tech banned from US Army for “operational risks”

Posted on by

In an article on Military and Aerospace Electronics, the US Army recently ordered all Army personnel “to cease all use of Chinese-made Dajiang Innovation drone products, uninstall all DJI applications, remove all batteries/storage media from devices, and secure equipment for follow on direction.”

“This guidance applies to all DJI UAS and any system that employs DJI electrical components or software including, but not limited to, flight computers, cameras, radios, batteries, speed controllers, GPS units, handheld control stations, or devices with DJI software applications installed.”

According to a sUAS article, this full stop shutdown might have something to do with DJI drones collecting “audio, visual and telemetry data on all flights across the globe. The details shared here are perhaps known to a limited number of the worldwide owners and users of the DJI technology.”

In other words, it looks like every DJI flght was copied to DJI / China’s HQ.

The actual Army memo and breakdown is on a sUAS news site, the sharing / data collection of DJI drones is on another sUAS page, and the ban is cross-confirmed on the UPI news site and the Military and Aerospace page.

The new bank heist – hacking Apple’s biometric datbases

Posted on by

Today Apple announced their new shiny shiny – the iPhone X.

<Nicholson Joker Voice> You thought the celebrity photo leak was bad? The Equifax hack terrorized? Wait until you get a load of the biometric hack. </Nicholson Joker Voice>

Apple swears “the detailed biometric data points that Face ID will use to identify individuals will stay local, stored on the phone and not remotely” BUT “face ID will work with third-party apps.

The gold mine of biometric data won’t be held in Apple’s Fort Knox, but shared “on the open road” with third parties?

Never mind Apple. Forget about trying to get into their billion dollar systems. If I was an evil mastermind, this would be by four-step plan…

  1. Wait and see what new app requiring the iPhone X facial recognition takes off in popularity
  2. Hack their low-secure angel-funded 20-people-in-the-whole-company database
  3. Sell the users’ biometric data on the dark web
  4. Profit

If I was an government employee evil mastermind, this would be by four-step plan…

  1. Create multiple new apps requiring iPhone X’s facial recognition (match the celebrity funny face, make your own emojis, group party chat, who’s the hottest, etc)
  2. Keep a master database of all faces using the app AND constantly scan everything the camera “sees” while running in the background
  3. Keep the users’ biometric data in my master database – create cross references of who the user associates with through matching biometric facial scans, their GPS locations, and who they have in their contact list (Apple already allows app access to GPS position and contact lists BTW)
  4. Profit in a very serious long-term way

Read Apple’s statement again. The biometric data points are not generated and deleted with every use. They are stored. On the local phone.

That stored information will be shared with third-party apps.

Biometric scans are a mathematical algorithm. Your facial patterns create an identifier unique to you. There’s no changing it. Once your unique biological mathematical algorithm is out in the open, there’s absolutely no way to put that genie back in the bottle. The last cornerstone of individual security will turn to dust.

I expect the first public-aware hack in two years.