Can there be such a thing as a "cyber moonshot?"

There's been considerable discussion since the Billington Cybersecurity Summit of the prospect of a "moonshot" for cybersecurity. The US Administration is expected to announce something along these lines over the next few weeks, and a fireside chat at the Summit gave two senior Federal officials an opportunity to discuss it. What are we to make of the very idea of a cyber moonshot?

There's long been a tendency in the United States to look to large engineering achievements as organizing myths of public action. Consider the transcontinental railroad of the later 19th Century, the Panama Canal of the early 20th, the Manhattan Project of the Second World War, and, of course, the moonshot itself, Project Apollo. All of these were large cooperative efforts devoted to achieving a single goal, and all were successful in a remarkably short period of time. They all had important secondary effects: the introduction of a widespread telecommunications network, methods of controlling yellow fever and malaria, nuclear power generation, and all of the widely used consumer products generally thought to have originated in NASA.

So these projects have tended to provide an organizing myth for public action. But consider another myth, Archilochus's passage on the hedgehog and the fox. "The fox knows many things," he wrote, "but the hedgehog knows one big thing."

Moonshots are problems for hedgehogs. They're complicated but well-structured, with dependencies that quickly become clear. And above all, they have a clearly defined end state they're designed to achieve: The golden spike is driven into the rails at Promontory Point. The SS Ancon passes through the Gatun Locks. Fat Man detonates at Trinity Site. Apollo 11 splashes down safely near the USS Hornet. If there's to be a cyber moonshot, it should be the case that cybersecurity is this kind of well-structured problem. And we should know, clearly and unambiguously, when we've solved it.

More later on the fox, but for now we'll consider the case for skepticism about what the hedgehog might handle.


I absolutely love the blocky, petite iPhone 5S. Second to the discontinued 4-inch iPhone SE, the 5S is one of the last truly small smartphones. But Apple giveth, and Apple taketh away. Despite discontinuing the iPhone 5S/SE form factor, the company gave iPhone 5S users a glorious gift: iOS 12.

In the past, if you had an old iPhone, updating to the latest operating system was a bit of a gamble. Software bugs might pop up or performance might slow down. But iOS 12 does the opposite. It's not a glitzy feature-packed update. Instead, it does a lot of behind-the-scene housekeeping that actually makes the iPhone 5S faster. It's a welcomed update and I definitely recommend downloading it.


iPhone 5S with iOS 12 is fast

In 2013, the iPhone 5S launched with the A7 chip, the first 64-bit processor in any smartphone. Though it's 5 years old, that same processor allows the phone to run Apple's newest OS.

Even when iOS 12 was still in beta, we noticed improvements in speed, especially when it came to opening apps like Safari and Instagram. For example, if I wrote an iMessage in iOS 11, the keyboard took its time to appear. But in iOS 12, it takes about half a second less. Most of these speed improvements are fractions of a second. But like Richard Pryor's penny-shaving scheme in Superman 3, those fractions add up.

I should note that I didn't see huge improvements across all apps. Facebook, Maps and Weather showed little to no noticeable speed boosts. But unlike previous major iOS updates, the iPhone 5S never felt bogged down.

Below are actions where I observed speed improvements when running iOS 12:

IOS 12 VS. IOS 11

Action How much faster was iOS 12 than iOS 11
Opening Instagram 0.5 seconds
Opening Mail 0.25 second
Opening Safari (completely loading 3.5 seconds
Opening Maps Identical
Slide to open camera from lock screen 0.5 second
Keyboard pops up (in Messages) 1 second
Share sheet comes up (in Safari) 1 second
Siri completing a request 0.5 second

Get new features for your iPhone 5S

There are a bunch of new features in iOS 12 available for younger iPhones, but some are left off from the 5S. You won't find AnimojiMemojiAR app support, the Measure app or Message photo filters.

However, I did gain pretty much everything else including new Don't Disturb options in Control Center and Screen Time to view how much I used my phone and apps. Here are a few other notable additions to the iPhone 5S:

Siri Shortcuts

Shortcuts allow Siri to complete complex tasks with a single command. You can build your own or use Shortcuts someone else created. My favorite is one for converting videos to GIFs. I should warn you that some Shortcuts can take seconds to activate, leaving you staring impatiently at Siri's rainbow graphics flowing from one side of the screen to the other.

Notification grouping

It's not the sexiest feature, but grouping notifications by app is a huge step toward getting more out of that 4-inch screen. And there is something satisfying about dismissing a bunch of notifications with a single swipe from the lock screen.

Group FaceTime Calls

The good news is you can now talk to 32 of your iPhone-owning friends via FaceTime at once. The downside is that the iPhone 5S only supports audio Group FaceTime calls. I tried Group FaceTime call with 28 people and it worked, albeit it was chaotic with that many people talking.

Customize Control Center

I like being able to customize what's in the Control Center Panel. I added buttons for screen recording, QR scans, the magnifier and Apple Wallet.

New battery graphs

No matter how good this software upgrade is, there's no getting around the fact that I'm using a phone with a 5-year-old battery. So I welcome any and all information I can get about what's draining it. Under the battery menu in Settings, there is a graph showing your phone's battery level since the last charge. Another graph shows off activity.

Consider this before upgrading

Despite my overwhelmingly positive time with iOS 12 on my iPhone 5S, there are a couple things to be wary about before you upgrade.

Whether it's via iCloud or just though iTunes, be sure to backup your data. Hopefully you already backup your phone, but in case it's been awhile, take the time to protect your information before taking the leap to iOS 12.

Next, check your storage. Your phone needs roughly 2GB of space to install iOS 12. To do this, go into Settings > General > Storage & iCloud Usage. There you can view how much storage your phone has and what's using it. If you need more room, there are a bunch of things you can remove to open up space.

Last, despite iOS 12 speeding up things on your phone, it does take time to download and install. I recommend starting the process before you go to bed, or while you're doing something else like laundry or cleaning the house. You can also load iOS 12 onto your phone via iTunes which is much faster.

Once you clear all these hurdles and get iOS 12 on your phone, enjoy your new-ish tiny phone that Apple managed to keep afloat after so many years.



One of the most destructive malware families ever seen is back, and researchers think its authors are gearing up to again take aim at the Middle East.

A new version of the Shamoon data-wiping malware has emerged, marking the third time the destructive virus has been seen in the wild – and researchers believe a new campaign may be imminent.

First spotted in 2012 in the attack on Saudi Aramco, Shamoon has the ability to destroy files on infected machines and overwrite the master boot (MBR) to cripple infected PCs. This wiper capability proved to be extraordinarily damaging to the Saudi oil giant, knocking 30,000 of the company’s workstations offline for almost a month. Shamoon then went underground for about four years before re-emerging in 2016 as Shamoon2. Like the original Shamoon malware, the updated version also destroyed computer hard drives by wiping the MBR and the data. It also targeted petrochemical targets and the Saudi Arabian central bank system before disappearing again.

Now, according to Chronicle security researchers, two new samples were uploaded into VirusTotal on Monday, Dec. 10, 2018, originating in Italy. Curiously, they have a hard-coded trigger date that’s set for a year ago, on Dec. 7, 2017 – but, Chronicle hasn’t spotted the malware yet in any campaigns (although an attack this week on Saipem in Italy could be Shamoon’s work — more on that in a moment).

“The reappearance of this malware is very interesting,” said Brandon Levene, head of applied intelligence, speaking to Threatpost. “The trigger date can lend itself to multiple potential lines of thought.”

For instance, the older date could indicate that the malware itself is old but only recently discovered – a scenario Levene said is unlikely given that the malware would have still executed if used after the trigger date is passed. Another possibility is that the malware was pre-built and is now ready to deploy in advance of a campaign. “The actors could have used an intentional historic trigger date to immediately start destructive operations,” Levene told us.

Or, equally concerning, “actors had access to an environment of interest and wanted to guarantee execution of their destructive payload, so they set a trigger date far in the past,” Levene said.

He added that his team has not able to determine who created the sample or who uploaded it to VirusTotal. However, “seeing Shamoon in the wild again is highly unusual given its highly targeted nature,” Levene said. “This leads me to assume that a new target was selected.”

Upon analysis, these “Shamoon3” samples closely match historic versions of the malware. However, aside from the trigger date, a notable difference from previous variants the nature of the credential list contained in the samples.


With the holidays fast approaching, are you looking to buy presents online?

The holiday season has become synonymous with online shopping. This isn't really surprising as physical stores usually attract crowds of deal hunters. This often conjures up images of throngs of people waiting in line outside the store, some even camping out. This activity is tolerable for some and even fun for others. However, for many others, it's not worth the hassle.

Why would it be, when there are perfectly legitimate and convenient alternatives online?

Well, for one thing, many people shop online without first thinking about their security. Most people are led to believe -- or want to believe -- that all e-commerce sites are secure. This isn't completely true. With so much personal and financial information being exchanged, online shoppers aren't the only ones enjoying the holiday rush -- cybercriminals are too!

Still, it's possible to add security to your e-commerce transactions by using a virtual private network. A VPN can help you enjoy your online shopping experience without worrying about falling prey to cybercriminals.

The Cybercrime Problem

First, here are some of the pressing reasons for securing e-commerce transactions in the first place.

As you know, e-commerce stores usually require you to register with their site in order to enjoy their services. This involves trusting them with your personal information, usernames, passwords, and credit card details -- information that you'd rather did not fall into the wrong hands.

The thing is, cybercriminals know this fact. They will descend to any depth just to get their hands on such information. How exactly do they do this?

KRACK Attacks

KRACK (key reinstallation attack) is a severe replay attack on the WiFi Protected Access protocol that secures WiFi connections.

An attacker gradually matches encrypted packets seen before and learns the full keychain used to encrypt the traffic by repeatedly resetting the nonce transmitted in the third step of the WPA2 handshake. This attack works against all modern WiFi networks.

Simply put, KRACK attacks can intercept sent data by infiltrating your WiFi connection, no matter which major platform you're on (Microsoft Windows, macOS, iOS, Android, Linux, OpenBSD and others). These attacks require the attacker to be within the range of the WiFi connection they're trying to infiltrate, which means they might lurk somewhere near or inside your home, office or school.

MitM Attacks

In a MitM (Man-in-the-Middle) attack, the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.

This attack can succeed only when the attacker can impersonate each endpoint to the other's satisfaction, delivering results as expected from the legitimate ends.

In the context of e-commerce transactions, these attacks are done on unprotected WiFi networks like the ones you find in airports, hotels and coffee shops. This is actually one of the reasons I often suggest that people stay away from public WiFi unless they're packing some security software.