Coast Guard Prints Spare Parts While at Sea

Wow, imagine the possibilities….

The U.S. Coast Guard is developing the use of 3-D printers to create spare parts on board its ships.The technology has already been used to produce spare parts, and is now being trialed more widely to print parts that are not normally kept on vessels and which may be difficult to source. The Coast Guard said this will improve mission readiness and logistical support.

“Sometimes those parts have lead times of weeks… maybe months, depending on the workload of the manufacturer,” said Captain Joseph Dugan, manager for the National Security Cutter Program.

HT: CIPS

Army Halt Use of Chinese-Made DJI Drones

Citing a worry over “cyber vulnerabilities,” the U.S. Army this week ordered that all drones built by China-based DJI, the world’s biggest drone maker, be immediately removed from Army service. The order comes following a classified study of the issue completed in May by the Army Research Laboratory, and the simultaneous release of a Navy memorandum titled “Operational Risks with Regards to DJI Family of Products.”

He says NASA and the Department of Energy have already stopped using DJI products. When Egan looked into why, he says they weren’t allowed to use the drones “because they are Chinese.”

HT: http://www.airspacemag.com/daily-planet/us-army-stops-using-chinese-made-dji-drones-180964324/

Microsoft & UEFI Secure Boot

A technical solution has finally been proposed to avoid locking out Linux and other OS vendors from UEFI shipped motherboards.  A couple of months ago Microsoft made waves by announcing their Windows 8 support for UEFI.  Open source supports took notice that this security mechanism could prevent other operating systems from booting on UEFI compatible hardware.

The Linux Foundation has released a paper with a possible solution:

papers suggest that all platforms which enable Secure Boot should ship in “setup mode” which would give the system owner control of the Secure Boot system. Initial startup of an operating system should then detect that setup mode and install a KEK (key-exchange-key) and PK to enable Secure Boot. The system would then securely boot that operating system. When a user needed to take control of their system’s secure boot, a “reset” option for UEFI’s keys would allow those keys to be cleared and a different operating system installed. Microsoft’s Windows 8 could also be pre-installed in the same way; the UEFI reset would then unlock the machine for other operating systems.

When more security results in less security…

I read an article that famed cryptographers at Elcomsoft have discovered a method to brute force RIM Blackberry device passwords.  Usually a Blackberry will only allow 10 failed password attempts before wiping the device.  Elcomsoft discovered if a user enables media card encryption an unlimited offline password attack against the media card can be performed bypassing the 10 guess restriction.

Scary stuff…  I’m a user with Media Card Encryption enabled.  Do I disable encryption OR permanently solder the media card in place so it can’t be removed?

From Computer World:

“A Russian security company upgraded a phone-password cracking suite with the ability to figure out the master device password for Research in Motion’s BlackBerry devices. Elcomsoft said September 29 that before it developed the product, it was believed there was no way to figure out a device password on a BlackBerry smartphone or PlayBook tablet. BlackBerry smartphones are configured to wipe all data on the phone if a password is typed incorrectly 10 times in a row, the company said. Elcomsoft said it figured a way around the problem using a BlackBerry’s removable media card, but only if a user has configured their smartphone in a certain way. For the software to be successful, a user must have enabled the feature to encrypt data on the media card. The feature is disabled by default, but Elcomsoft said about 30 percent of BlackBerry users have it enabled for extra security. The company’s software can then analyze the encrypted media card and use a brute-force method to figure out a password. Elcomsoft said it can recover a seven-character password in less than an hour if the password is all lower-case or all capital letters. The software does not need access to the actual BlackBerry device but just the encrypted media card. The new feature is wrapped into Elcomsoft’s Phone Password Breaker. The software can also recover plain-text passwords used to access encrypted backup files for Apple’s iPhone, iPad, and iPod Touch devices. To crack those passwords, a user does need to have the Apple device in hand.”

Read the full article here at Computer World.