There seems to be an epidemic of computer-generated nonsense academic papers.
Labbé does not know why the papers were submitted—or even if the authors were aware of them. Most of the conferences took place in China, and most of the fake papers have authors with Chinese affiliations. Labbé has emailed editors and authors named in many of the papers and related conferences but received scant replies; one editor said that he did not work as a program chair at a particular conference, even though he was named as doing so, and another author claimed his paper was submitted on purpose to test out a conference, but did not respond on follow-up. Nature has not heard anything from a few enquiries.
In this arms race between fake-paper-generator and fake-paper-detector, the advantage goes to the detector.
Posted on March 7, 2014 at 6:13 AM •
Nice profile of Brian Krebs, cybersecurity journalist:
Russian criminals routinely feed Mr. Krebs information about their rivals that they obtained through hacks. After one such episode, he began receiving daily calls from a major Russian cybercriminal seeking his files back. Mr. Krebs is writing a book about the ordeal, called “Spam Nation,” to be published by Sourcebooks this year.
In the meantime, hackers have been competing in a dangerous game of one-upmanship to see who can pull the worst prank on Mr. Krebs. They often steal his identity. One opened a $20,000 credit line in his name. Admirers have made more than $1,000 in bogus PayPal donations to his blog using hacked accounts. Others have paid his cable bill for three years with stolen credit cards.
The antics can be dangerous. In March, as Mr. Krebs was preparing to have his mother over for dinner, he opened his front door to find a police SWAT team pointing semiautomatic guns in his direction. Only after his wife returned home from the grocery store to find him handcuffed did the police realize Mr. Krebs had been the victim of “swatting.” Someone had called the police and falsely reported a murder at their home.
Four months after that, someone sent packets of heroin to Mr. Krebs’s home, then spoofed a call from his neighbor to the police. But Mr. Krebs had already been tipped off to the prank. He was tracking the fraud in a private forum—where a criminal had posted the shipment’s tracking number - and had alerted the local police and the F.B.I.
Posted on February 20, 2014 at 4:09 PM •
This is what happens when you’re a security writer and you piss off the wrong people: they conspire to have heroin mailed to you, and then to tip off the police. And that’s after they’ve called in a fake hostage situation.
Posted on July 31, 2013 at 6:25 AM •
This is the latest in the arms race between spoofing GPS signals and detecting spoofed GPS signals.
Unfortunately, the countermeasures all seem to be patent pending.
Posted on August 9, 2012 at 6:32 AM •
A team at the University of Texas successfully spoofed the GPS and took control of a DHS drone, for about $1,000 in off-the-shelf parts. Does anyone think that the bad guys won’t be able to do this?
EDITED TO ADD (7/9): It wasn’t a DHS drone. It was a drone owned by the university.
Posted on July 9, 2012 at 6:02 AM •
Great movie-plot threat:
Financial institutions depend on timing that is accurate to the microsecond on a global scale so that stock exchanges in, say, London and New York are perfectly synchronised. One of the main ways of doing this is through GPS, and major financial institutions will have a GPS antenna on their main buildings. “They are always visible because they need a clear view of the sky,” Humphreys told Wired.co.uk.
He explains that someone who directed a spoofer towards the antenna could cause two different problems which could have a major impact on the largely automated high-frequency trading systems. The first is simply causing confusion by manipulating the times—a process called “time sabotage”—on one of the global stock exchanges. This sort of confusion can be very damaging.
Posted on March 2, 2012 at 6:11 AM •
There’s a report that Iran hacked the drones’ GPS systems:
“The GPS navigation is the weakest point,” the Iranian engineer told the Monitor, giving the most detailed description yet published of Iran’s “electronic ambush” of the highly classified US drone. “By putting noise [jamming] on the communications, you force the bird into autopilot. This is where the bird loses its brain.”
The “spoofing” technique that the Iranians used—which took into account precise landing altitudes, as well as latitudinal and longitudinal data—made the drone “land on its own where we wanted it to, without having to crack the remote-control signals and communications” from the US control center, says the engineer.
The Aviationist has consistently had the best analysis of this, and here it talks about the Tehran Times report that Iran has four Israeli and three U.S. drones.
My original blog post.
Posted on December 16, 2011 at 12:01 PM •
There’s a security story from biology I’ve used a few times: plants that use chemicals to call in airstrikes by wasps on the herbivores attacking them. This is a new variation: a species of orchid that emits the same signals as a trick, to get pollinated.
Posted on August 9, 2011 at 1:09 PM •
I’ve been asked this question by countless reporters in the past couple of weeks. Here’s a good explanation. Shorter answer: it’s easy to spoof source destination, and it’s easy to hijack unsuspecting middlemen and use them as proxies.
No, mandating attribution won’t solve the problem. Any Internet design will necessarily include anonymity.
Posted on June 13, 2011 at 6:52 AM •
Sidebar photo of Bruce Schneier by Joe MacInnis.