Top Stories for the Week Of October 18, 2017

  • Episode 526
  • October 18, 2017
The weekly tech news from Category5 TV is provided free of charge. If you enjoy what we do, please consider becoming a Patron so we can continue offering more great content.
Support This Free Content

Here are the stories we're following for the week of Wednesday October 18, 2017

An airplane flying nearly half a kilometer in the air was hit by a drone in Canada.

Canada's transport minster has told drone operators to stay away from airports after a remotely-piloted craft bonked a passenger plane during its final approach to Jean Lesage International Airport in Québec City.

Minister Marc Garneau hasn't revealed the model of the drone, but we do know that it hit a plane operated by Skyjet Aviation, a charter outfit that despite its name operates only turboprop aircraft. The three types it operates, the King Air 100 and 200, plus the Beechcraft 1900, seat six, 10 and 19 passengers apiece.

Whichever type was struck, it came away with what Garneau described as “minor damage” and landed safely.

There's also no news of where on the plane the drone struck. As the craft landed without incident, we can assume it wasn't chopped up by the plane's propellors.

Local media suggest that the plane was struck about 3,000m from the runway while at an altitude of 450 metres.

All concerned are therefore reminding Canadian drone operators of their obligations to fly below 90 metres and at least 5 ½ km away from airports, or face $25,000 fines.

Authorities hope to identify the drone pilot, to remind them of those rules... in strong language. A drone striking a propeller or being sucked into a jet engine has the potential to cause a very serious incident.


Sent to us by: Roy W Nash

It's easy to hack Subaru door locks using a Raspberry Pi.

A Dutch electronics engineer reckons Japanese auto-maker Subaru isn't acting on a key-fob cloning vulnerability he discovered.

Tom Wimmenhove claims to have discovered that Subaru's electronic keys don't use a random number. The “rolling code” instead merely increments codes.

Wimmenhove says he's built a cloning device--which he has made available on GitHub--and used it on a 2009 Subaru Forester. He believes it would also work on a 2006 Baja, Forester models from 2005 to 2010, Impreza models from 2004 to 2011, the "Legacy" sedan's 2005 to 2010 models and the Outback from 2005 to 2010.

His test rig only costs around $25, using a Raspberry Pi for much of the functionality.

Because the key fobs simply increment the rolling code exchanged between car and key, all an attacker needs is to be close enough to capture the code used when the owner locks the car; incrementing that code lets the attacker unlock the vehicle.


Sent to us by: Roy W Nash

Windows 10 is under fire by the Dutch data protection authority.

The Dutch data protection authority has concluded that Microsoft’s Windows 10 operating system breaches local privacy law on account of its collection of telemetry metadata.

Personal data being harvested by default by Microsoft can include the URL of every website visited if the Windows 10 user is browsing the web with Microsoft’s Edge browser (and has not opted out of full telemetry), as well as data about usage of all installed apps on their device — including frequency of use; how often apps are active; and the amount of seconds usage of mouse, keyboard, pen or touchscreen.

Microsoft says it gathers and processes Windows 10 users’ data in order to fix errors, keep devices up-to-date and secure and improve its own products and services.

But if users have not opted out it also uses data from both a basic and full telemetry level to show personalised advertisements in Windows and Edge (including all apps for sale in the Windows store), and also for showing personalised advertisements in other apps.

According to the local DPA there are more than 4 million active devices using Windows 10 Home and Pro in the Netherlands.

After investigating several versions of the OS (including Windows 10 Home and Pro), the Dutch DPA said Friday it has identified multiple breaches of data protection law.

Microsoft has compiled a point-by-point rebuttal on these points of disagreement.


Sent to us by: Jeff Weston

Android ransomware DoubleLocker encrypts data and changes PINs.

Crooks have come up with a strain of Android ransomware that both encrypts user data and locks victims out of compromised devices by changing PINs.

Lukáš Štefanko, the malware researcher at security firm ESET who discovered DoubleLocker said, "Its payload can change the device's PIN, preventing the victim from accessing their device and encrypts the victim's data. Such a combination hasn't been seen yet in the Android ecosystem."

He goes on to explain, "DoubleLocker misuses Android accessibility services, which is a popular trick among cybercriminals."

The nasty is based on a banking trojan, which means that account-compromising functionality might easily be added.

The Android malware spreads in the very same way as its PC parent, as a fake Adobe Flash Player update that's pushed via compromised websites.

Once launched, the app requests activation of the malware's accessibility service, named "Google Play Service". After the malware obtains these accessibility permissions, it uses them to activate device administrator rights and set itself as the default Home application, in both cases without the user's consent.

DoubleLocker, once planted on a compromised device, creates two reasons for the victims to pay. First, it changes the device's PIN, effectively blocking the victim from using it. Second, DoubleLocker encrypts all files from the device's primary storage directory using the AES encryption algorithm.

The ransom has been set at a relatively modest 0.0130 BTC (approximately $54). The only viable option to clean a non-rooted device of the DoubleLocker ransomware is via a factory reset. A way around the PIN lock on rooted devices is possible, if not exactly straightforward. Encrypted files cannot be easily recovered.


Sent to us by: Roy W Nash

In security news, WPA2 has been cracked, and you need to hear about this if you use WiFi.

Researchers have disclosed a serious weakness in the WPA2 protocol that allows attackers within range of vulnerable device or access point to intercept passwords, e-mails, and other data presumed to be encrypted, and in some cases, to inject ransomware or other malicious content into a website a client is visiting.

The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks. The research has been a closely guarded secret for weeks ahead of a coordinated disclosure that was scheduled for 8am Monday, East Coast time.

A website disclosing the vulnerability said it affects the core WPA2 protocol itself and is effective against any device, including those running the Android, Linux, macOS, Windows, and OpenBSD operating systems.

The vulnerabilities are scheduled to be formally presented in a talk scheduled for November 1 in Dallas.

The vast majority of existing access points aren't likely to be patched quickly, and some may not be patched at all.


Sent to us by: Roy W Nash


Technology TV
Episode 659 Live:

Being Watched

Twitter Posts

Login to Category5

Error message here!

Hide Error message here!

Forgot your password?

Register on Category5

Error message here!

Error message here!

Hide Error message here!

Lost your password? Please enter your email address. You will receive a link to create a new password.

Error message here!

Back to log-in