Campaigners call on the British government to take stronger stance against Myanmar over violence against the Rohingya.

All eyes are on the humanitarian crisis, but what impact will the Rohingya exodus have on the region as a whole?

Devastation caused by hurricanes, earthquakes, and floods is huge - and so is the repair bill.

Sixteen years after Sept 11 attacks and the US has not convicted anybody for the tower-felling spectacle of terror.

One million households lost power in Florida, and at least three people died, after Hurricane Irma made landfall Sunday morning. Bloomberg reports how Uber tried to help: Uber Technologies Inc. is offering free rides to shelters near Tampa as Hurricane Irma barrels toward the Florida mainland. The City of Tampa's Office of Emergency Management publicized the free rides on its Twitter feed, @AlertTampa, and mobile news alert service. Uber's offer helps serve a vital need for transportation, as Tampa Bay area residents got late notice that the monster storm that changed track on Saturday and was heading their way. It also provided a chance for the company to burnish an image... Uber has also been criticized for using its so-called surge pricing in times of crisis.

Read more of this story at Slashdot.

An anonymous reader quotes Wired: Last fall, a group of music industry heavyweights gathered in New York City to do something they'd mostly failed to do up to that point: work together. Representatives from major labels like Universal, Sony, and Warner sat next to technologists from companies like Spotify, YouTube, and Ideo and discussed the collective issues threatening their industry... The participants of that confab would later form a group called the Open Music Initiative... "Pretty early on it was obvious that there's an information gap in the industry," says Erik Beijnoff, a product developer at Spotify and a member of the OMI. That "information gap" refers to the data around who helped create a song. Publishers might keep track of who wrote the underlying composition of a song, or the session drummer on a recording, but that information doesn't always show up in a digital file's metadata. This disconnect between the person who composed a song, the person who recorded it, and the subsequent plays, has led to problems like writers and artists not getting paid for their work, and publishers suing streaming companies as they struggle to identify who is owed royalties. "It's a simple question of attribution," says Berklee College of Music's vice president of innovation and strategy, Panos A. Panay. "And payments follow attribution." Over the last year, members of the OMI -- almost 200 organizations in total -- have worked to develop just that. As a first step, they've created an API that companies can voluntarily build into their systems to help identify key data points like the names of musicians and composers, plus how many times and where tracks are played. This information is then stored on a decentralized database using blockchain technology -- which means no one owns the information, but everyone can access it.

Read more of this story at Slashdot.

Check or edit configuration data with Config::Model

A module for testing text files for spelling and (maybe) more.

Bundles Calendar::* packages.

A visual explainer of the unrest in Myanmar that has forced more than 700,000 Rohingya to flee their homes.

Raids targeted civilians fleeing violence on ferries across the Euphrates River, UK-based monitoring group alleged.

An anonymous reader quotes VentureBeat: Native honeybees, one of the most prolific pollinators in the animal kingdom, are dying off at an unprecedented rate from Colony Collapse Disorder and threatening an ecosystem service worth about $15 billion. Supported by the National Science Foundation, the RoboBees project looks to minimize the loss of this critical resource with new microbots that can mimic the pollinating role of a honeybee... In a remarkable display of biomimicry, scientists have developed a flight-capable robot that's just half the size of a paperclip and weighs in at one tenth of a gram... The RoboBees project pushes the boundaries of research in a variety of fields, from micromanufacturing to energy storage and even the computer algorithms that control the robots by the swarm... While the effect of a single robot might be miniscule, a coordinated group of hundreds, thousands, or millions of RoboBees could perform a host of unprecedented tasks. Aside from pollinating plants for agricultural purposes, the RoboBees could coordinate to digitally map terrain, monitor weather conditions, and even assist in relief efforts after a disaster, through data collection. While RoboBees are only intended as a stopgap measure for honeybee loss, the potential applications of the technology have the world holding its breath for the next breakthrough.

Read more of this story at Slashdot.

Cleric taken off wanted list after international police learned alleged crimes were fabricated by Egypt, NGO says.

In my PDF analysis I started last week, I have to analyze a JPEG file. I usually do this with a binary editor with templates (010 Editor), but this is not an open source solution.

I made a tool (written in Python) to help me analyze JPEG files. The tool, jpegdump.py, is still beta. Before I finish my short diary entry serie "It is a resume", I want to show some analysis example with this tool.

First a normal JPEG file:

Each line presents data for a marker and its data. We see that the file starts with a Start Of Image marker (SOI) at position 0, and ends with a End Of Image marker (EOI), without data following this marker. So that looks clean.

And then we have the markers we can expect: application (APP?), quantization tables (DQT), start of frame (SOF), Huffman tables (DHT), and finally the compressed image: start of scan (SOS). That is what we can expect in a normal image.

Compare this with a JPEG file containing an exploit I created with Metasploit:

The different markers look normal, but not when we look at 6: this is an unknown marker (FFAC), and it also does not follow directly after the data of the previous market (5 DHT): there is a difference of 108 bytes (d=108).

This unknown marker is also supposed to have 15457 bytes of data, but the last message (negative trailing) informs us that this is less.

Another more subtle anomaly is the entropy of the data in the Huffman table (e=7.26...): this looks high for a Huffman table.

With jpegdump, we can dump the content of the data of the Huffman table in marker 5:

This data looks random, and not like a normal Huffman table. For comparison, here is a Huffman table dump of the first image we analyzed:

You can see that in this table, the data is far less random.

Let's see if we can find anything interesting in this random looking data. First we look for strings in the data starting with marker 5 (position 0xae):

We can clearly see an IP address, and something that resembles BASE64 data or the path of a URL.

URLs used by Metasploit payloads encode data, and I have a tool to try to decode this data (metatool.py). Let's try this here:

This confirms that this is a Metasploit exploit: metatool can extract the payload UID, platform and architecture, and also the timestamp when I created the payload.

 

This is how I proceed when I analyze data structures: I take an overal look at the structure, checking if all expected elements are there. And if I find anomalies, I take a closer look.

I my next diary entry, I will do this for the image in the PDF I was analyzing.

 

Didier Stevens
Microsoft MVP
blog.DidierStevens.com DidierStevensLabs.com

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.