Monthly Archives: March 2019

GALÁPA-GOSH – PT. 5: IF YOU CAN SURVIVE HUMANS LIKES GIANT TORTOISES CAN…

Another day – another gosh!…

The tortoise. Hmmm. Not the sharpest tool in the shed – even among reptiles, which aren’t known for their intellectual prowess. Probably the world’s slowest animal too. And when it comes to sweetness and honey and good manners and good looks – the tortoise is also toward the back of the line. Poor things. BUT!…

But… there’s still something about these creatures that charms, enchants, enraptures and enthralls. Maybe it’s something in our genes that says that despite their outward appearance the tortoise is wholly… tasty… But more on that later. For now: giant tortoise pics!…

Read on…

GALÁPA-GOSH – PT. 4: THE CACTUS TREES OF SANTA CRUZ.

Hi folks!

Another day, another Galápagos island. Next up – Santa Cruz Islandhere. We were driven literally from its top to bottom (on a road some 40km long). No swimming with the turtles on this day, but of course that didn’t mean there’d be no Ecuad-awesomeness – the main one of which was the fact that… cactuses can resemble trees!

Now, remember the last pic in yesterday’s post? The one with a tree trunk that looked to be of a pine or fir tree? Well it’s actually a cactus known as an opuntia, aka prickly bear! No, not one of those small cactuses with the silly ears that you know to be a cactus. Here cactuses are verrrrry big, verrrrry strangely shaped, verrrrry unusual – and with trunks!

Read more…

GALÁPA-GOSH – PT. 3: If you can swim with turtles…

Hola folks!

Adios Española Island, and, after a short night flight, hola Punta Cormorant on Floreana Islandhere.

At Punta Cormorant you’d think there might be at least one or two Cormorants to be seen, but you’d be wrong (I wonder… did they become extinct on the island?). However, instead, there are one or two tons of Cheloniid sea turtles – which provided today’s main Ecuad-awesomeness!

Read more…

Enter your email address to subscribe to this blog
(Required)

GALÁPA-GOSH – PT. 2.2: seals, iguanas, and yet more boobies!

While on Española Island, the young albatross leaping off a cliff face for the first time in his life hoping he’ll be able to fly – that kinda stole the show. However, there were other wild animals worthy of mention observed too – including species we’d seen for the first time or had never seen in such vast quantities. And we saw them at Punta Suarez – the westernmost point of the island.

Even before we’d made it ashore in the dinghy we came across a seal ‘kindergarten’. While mommy is out at sea getting the ‘groceries’ in, the little ones are frolicking on the beach!

I wondered briefly – how does mom know which toddler-seals are hers? Logically, I asked our guides; they answered: by smell. They added also how life can be rather cruel for the seals around here: if mommy get gobbled up by a shark while out to sea getting dinner in, her offspring will inevitably die. Other moms won’t feed them – poor things. But, at the same time – if one of those child seals happens upon a mom-penguin – young penguins wind up with no mommy too. And if penguins happen upon… and so on and so forth. I could carry on the ‘chain’ at length. But let’s look at some pics instead…

Read on…

Cyber-news from the dark side: Japanese legal hacking; iKeychain hack; 2FA -> $0; an Iranian cyber-whodunit; and a USB-eating leopard seal.

Privyet boys and girls!

Herewith, the next in my periodic/occasional cyber-news cyber-shocker-bulletins: a few stories of the cyber-interesting, the cyber-this-news-just-in, and the cyber-absurd…

State-sanctioned hacking!

The Japanese government is believed to be planning to hack 200 million IoT devices of its citizens. And that’s not science fiction folks; it looks like it’s for real. Indeed, it’s how the Japanese are preparing for the Olympics to be held in Tokyo in 2020 – and it’s all legal of course, since it’s the government who’s behind it. So their citizens’ gadgets will be hacked using the cybercriminals favorite method: using default passwords and password dictionaries. If a device is found to have a weak password, bureaucrats will enter the device into a list of unsecure gadgets, which list will then be handed over to internet service providers, which will be expected to inform subscribers and have them make their devices secure by changing the password. It’s all being done as a resilience test in the run-up to the Olympics, to work out if IoT devices in the country are sufficiently protected, and to try and prevent their use in attacks on the Olympics’ infrastructure. The methods to be used for this ‘test’ can easily be disputed, but the fact that the authorities are doing something concrete so well in advance is certainly a good thing. For let’s not forget that the Olympics have been targeted before – and not all that far away from Japan.

iOops!

An 18-year-old hacker, Linus Henze, has published a video highlighting a startling weakness in MacOS – specifically its Keychain program, which stores and secures a user’s many passwords. The teenager used a zero-day to develop his own app that can scan the full contents of the keychain.

Curiously, intriguingly, Mr. Henze isn’t planning on sharing his research and his app with the tech giant, since Apple still doesn’t run a bug-bounty program. So that leaves the company with two options: negotiate with the expert (which would be an unprecedented move for Apple), or consider trying to remedy the issue themselves – which they may or may not be able to do, of course.

Meanwhile, you, dear readers, need not fear for the safety of your passwords! Since there do exist (who’d know?!) fully secure, cross-platform password managers out there. And researchers – there do exist software companies that run bug-bounty programs ).

Even two-factor authentication can be hacked now.

Bank accounts being emptied by cyber-thiefs is on the up. One example recently involved accounts held at the UK’s Metro Bank. And the method used for the robberies involved intercepting text messages sent to account-holders’ phones for two-factor authentication. Now, 2FA is a good thing: it’s an extra layer of security and all that, so why not? It’s just that SMSs are by far not the most secure way to transfer data. For example, vulnerabilities can be exploited in the SS7 protocol, which is used by telecoms operators the world over to coordinate how they route texts and calls. If cyber-baddies manage to access the mobile network of an operator, they’re able to re-route messages and calls without the user being any the wiser. First they’d need to know your login and password for online banking, but that isn’t beyond the abilities of modern-day cyber-villains with their crafty keyboard spies, phishing tactics, or banking Trojans.

Once inside the online bank, the criminals send a request for a money transfer and intercept the message with the one-time code from the bank. The code is entered, and the bank transfers the funds, since both the password and the code were correctly entered. And the criminals are laughing all the way to the bank, as it were ).

So what can you do to stop such a scenario happening to you? Here are a couple of tips:

  • Never tell anyone your login or passwords – even to a bank employee, but you’ll probably know that one: banks helpfully remind us whenever they can.
  • Protect your devices from malware with a reliable antivirus app. There is one I happen to know of… but no – you choose the one you want ).

Cyber-spying on foreign diplomats in Iran – but whodunit?

Our researchers just recently discovered multiple attempts at infection of foreign diplomatic missions in Iran with some rather primitive cyber-espionage malware. The backdoor is presumed to be associated with the hacking group know as Chafer, which happens to ‘speak’ Farsi, and which is thought to have been responsible for cyber-surveillance on individuals in the Middle East in the past. This time, they cybercriminals used an improved version of the Remexi backdoor, designed to remotely control (as administrator) a victim’s computer.

Remexi software was first detected in 2015 when it was used for illegal surveillance of individuals and organizations across the whole region. The Windows-targeting surveillance-ware can exfiltrate keystrokes, screenshots, and browser-related data like cookies and history.

Much ‘home made’ malware is used in the region – often in combination with public domain utilities. But who’s behind these particular attacks? Finding out is made all the more difficult by the very fact that the malware is homespun; it literally could be anybody: Iranians, or non-Iranians pulling a false-flag operation. Alas, false flags are on the up and up and look set to remain so.

“Well, actually… a seal ate my USB stick, sir.”

In New Zealand, one day out walking a vet observed a clearly unwell leopard seal on a beach. As any concerned vet would, he proceeded to… scoop up a lump of the poorly seal’s poop and took it off for analysis. He was expecting to find therein some ghastly little parasites or viruses or what have you, but instead found… a USB stick. After much disinfection (I hope), the vet stuck the thumb drive into his computer (don’t try any of this at home kids, but this was a special case). And guess what? Thereon were stored lots of photos of the beautiful New Zealand scenery! Now the vet and Co. are seeking the owners of the USB – using this here video. Recognize it, anybody?

Galápa-gosh – pt. 2: the maiden flight of a young albatross.

The albatross is one of the most astonishing birds in the world. It can fly for thousands of miles from the shore, it can actually live up in the air for years without landing, epic poems are written about it, epic songs are sung about it, it’s considered an omen, and generally there’s an air of mystery around the species. I mean, like, how did they learn to fly just soooo far? How do they sleep up in the sky? How do they sniff out smells of potential prey from miles away?.

The first time I saw some albatrosses was while sailing on a research vessel through the Drake Passage en route to Antarctica, as you do. They seemed to appear out of nowhere, soared so low over the ocean it looked like they were touching it, circled round the ship (just curious?), and then disappeared never to be seen again; and never once did we see them flap their wings! Like, really: zero times! Indeed, they can glide for hours (or is it days, weeks or months?) upon airstreams caused by large ocean waves and wind – both of which they need both to survive; calm, windless conditions are lethal to the albatross. No wind means it simply can’t fly off – not from water, not from land.

In fact, the species has gone so far down the evolutionary road that’s led to its extraordinary gliding abilities that their wings are hardly flappable like other birds’ wings any more. Instead, they have special retainers into which the bones of the wings stick into, fixing the two-or-three-meter-wide wings in place to resemble a glider plane – with no muscles being used at all and zero energy expenditure.

How do they sleep if they’re up in the sky for years (the first six years of their lives they never touch land once!)? Apparently it’s still not known. It might be that the two halves of their brains take it in turns to sleep and be awake, much like whales and dolphins’ do.

Great albatrosses are expert fishermen and fisherwomen. Much like the boobies, they’re super-fast divers, though they don’t go as far deep into the ocean as boobies. They can sniff out ‘food’ from miles away; they drink seawater (they have a special organ in their beaks (the little bumps with the holes thereon) that filters out the salt!!). They nest and breed only in one place – where they were born. That is, after several years and hundreds of thousands of kilometers of flying gliding they return right back to their birthplace.

Truly fantastic fowl.

Simply seeing an albatross would probably have been the main Ecuad-awe-someness of our second day on the Galápagos Islands. However, what made it even more incredible was that we saw the first ever flight of a young great albatross! But I’ll get to that in a bit…

Rewind! A new day – a new island. Next up: Española Island, which is the main breeding ground of the Galápagos Islands.

Read on…