How did a 37-ton tanker suddenly vanish from GPS off the coast of Russia? AmiMoJo shares a report from Wired: The ship’s systems located it 25 to 30 miles away — at Gelendzhik airport… The Atria wasn’t the only ship affected by the problem… At the time, Atria’s AIS system showed around 20 to 25 large boats were also marooned at Gelendzhik airport. Worried about the situation, captain Le Meur radioed the ships. The responses all confirmed the same thing: something, or someone, was meddling with the their GPS… After trawling through AIS data from recent years, evidence of spoofing becomes clear. GPS data has placed ships at three different airports and there have been other interesting anomalies. “We would find very large oil tankers who could travel at the maximum speed at 15 knots, ” said a former director for Marine Transportation Systems at the U.S. Coast Guard. “Their AIS, which is powered by GPS, would be saying they had sped up to 60 to 65 knots for an hour and then suddenly stopped. They had done that several times”… “It looks like a sophisticated attack, by somebody who knew what they were doing and were just testing the system…” says Lukasz Bonenberg from the University of Nottingham’s Geospatial Institute. “You basically need to have atomic level clocks.” The U.S. Maritime Administration confirms 20 ships have been affected — all traveling in the Black Sea — though a U.S. Coast Guard representative “refused to comment on the incident, saying any GPS disruption that warranted further investigation would be passed onto the Department of Defence.” But the captain of the 37-ton tanker already has his own suspicions. “It looks like the Russians define an area where they don’t want the GPS to apply.” Read more of this story at Slashdot.
Continue reading here:
Russia Suspected In GPS-Spoofing Attacks On Ships
sciencehabit shares a report from Science Magazine: The Equifax breach is reason for concern, of course, but if a hacker wants to access your online data by simply guessing your password, you’re probably toast in less than an hour. Now, there’s more bad news: Scientists have harnessed the power of artificial intelligence (AI) to create a program that, combined with existing tools, figured more than a quarter of the passwords from a set of more than 43 million LinkedIn profiles. Researchers at Stevens Institute of Technology in Hoboken, New Jersey, started with a so-called generative adversarial network, or GAN, which comprises two artificial neural networks. A “generator” attempts to produce artificial outputs (like images) that resemble real examples (actual photos), while a “discriminator” tries to detect real from fake. They help refine each other until the generator becomes a skilled counterfeiter. The Stevens team created a GAN it called PassGAN and compared it with two versions of hashCat and one version of John the Ripper. The scientists fed each tool tens of millions of leaked passwords from a gaming site called RockYou, and asked them to generate hundreds of millions of new passwords on their own. Then they counted how many of these new passwords matched a set of leaked passwords from LinkedIn, as a measure of how successful they’d be at cracking them. On its own, PassGAN generated 12% of the passwords in the LinkedIn set, whereas its three competitors generated between 6% and 23%. But the best performance came from combining PassGAN and hashCat. Together, they were able to crack 27% of passwords in the LinkedIn set, the researchers reported this month in a draft paper posted on arXiv. Even failed passwords from PassGAN seemed pretty realistic: saddracula, santazone, coolarse18. Read more of this story at Slashdot.