back to article Equifax's malvertising scare, Chromebook TPM RSA key panic, Cuban embassy sonic weapon heard at last – and more

We almost wanted to feel sorry for Equifax, were it not for the fact that the credit biz takes to IT security like a duck to an acid bath. After a brutal few weeks under the spotlight, on Wednesday night it suffered another hacking scare. When's it going to end? Visitors to one of Equifax's customer support webpages couldn't …

  1. Empire of the Pussycat

    cuba noise sounds like cicadas or other noisy insects

    many moons ago in india one outside my window turned itself up to eleven

    middle of the night, no way to sleep, also impossible to find the little bugger and shoo it away

    1. Joe Werner Silver badge

      Re: cuba noise sounds like cicadas or other noisy insects

      Yes. Once had a girlfriend with a chameleon. That of course was silent, but its food could make quite some noise :) somehow I doubt this is the sonic weapon you are looking for...

      As a side note: a few decades back there was a wave of sicknesses after consuming a certain popular soft drink in Germany and the Netherlands and possibly elsewhere. They never found anything wrong with the product itself, but concluded it was a non-cebo effect (nasty version of placebo), it was mostly among teenagers (1999?). I'm not saying this is what happened in Cuba, but it is one of the possible (maybe quite unlikely) explanations. Maybe combine this effect with really targeting one or two persons, and then the rest of the group will follow suite...

    2. nagyeger
      Coat

      Re: cuba noise sounds like cicadas or other noisy insects

      Naah,

      My guess is it was just someone trying to play the violin on the wrong side of the bridge. Or slightly more seriously, a few really badly configured baby monitors or network-over-mains in the embassy electrics doing bad things to the the tube lighting. Someone should stick an oscilloscope on the live wire and start turning things off one by one.

      1. patrickstar

        Re: cuba noise sounds like cicadas or other noisy insects

        It's probably some random electronics making the noise, like you said. The recording sounds an awful lot like a dodgy switched-mode power supply...

        Combine this with some classic mass hysteria - of which there are many, many historic examples - and you have a winner.

        1. Destroy All Monsters Silver badge
          Alien

          Re: cuba noise sounds like cicadas or other noisy insects

          Wasn't there an episode of U.F.O. where the invaders brain-controlled S.H.A.D.O. personnel by hacky noises on the radio?

          What does Moonbase have to say to this?

  2. Ken Moorhouse Silver badge

    This sound may break your brain

    Could one explanation be some kind of Point-to-Point communications link?

    1. Anonymous Coward
      Anonymous Coward

      Re: This sound may break your brain

      You'd think people affected might remember hearing that sound being blasted at them, but apparently only a few do, so I'm not sure how that, and the unattributed nature of the recording's origin, justify all the certainty under the "Sonic Weapon REVEALED!" headlines. ISTM that a rather more plausible explanation is in this Guardian article - but then that wouldn't fit in with the current Adminstration's anti-Cuba stance, would it?

      1. Mad Hacker

        Re: This sound may break your brain

        The symptoms are measurable including brain swelling and hearing loss. While I don't think a sonic weapon can cause brain swelling it seems to be more than mass hysteria.

        1. Richard 12 Silver badge

          Re: This sound may break your brain

          The nocebo effect is believed to be quite powerful. It's been implicated in quite a number of rather nasty incidents.

          It is however very difficult to study, as ethics committees tend to frown upon studies that are expected to cause harm, however minor.

          1. Sean Houlihane

            Re: This sound may break your brain

            Cure (ISBN: 9780385348157) has a reference to a study where a nocebo was correlated with small doses of a toxic drug and was then sufficient to cause death when applied on its own (in animals). This is interesting since it implies the pathway doesn't depend on reasoning (as supported by placebos being effective even when the subject knows its a placebo)

  3. macjules

    Curses!

    Thankfully this wasn't a dastardly plan by the Chocolate Factory to spy on journalists,

    Yes it was.

  4. Anonymous Coward
    Anonymous Coward

    About time this kind of bullshit was called out...

    Won't stop overuse of Slurpy-Analytics or websites hosting Facebook & Google widgets which phone home with juicy info even on non-users...

    "A third-party analytics provider, which measures and reports the performance of sites, was used by Equifax - it was pwned it seems."

    1. ecofeco Silver badge

      Re: About time this kind of bullshit was called out...

      Some of us have been cursing for some time the use of ridiculous amounts 3rd party external servers on websites.

  5. Loud Speaker

    SMPS

    Sounds like a faulty or over-loaded Switch Mode Power Supply to me. Possibly in multiple cheap or defective "energy efficient" fluorescent lights.

    1. Danny 14

      Re: SMPS

      dodgy emergency lighting inverters too. we had a noisy inverter in the ceiling that threw out a lot of emf once.

      1. Yet Another Anonymous coward Silver badge

        Re: SMPS

        But this is Cuba, a global technology superpower that has held the USA in terror for more than 50years. They are hardly likely to have crappy 3rd world florescent lights

  6. patrickstar

    "By switching up some of the parameters in the GET request, and supplying a stranger's valid T-Mobile US number, he could pull up their account details, such as their email address and handset's unique IMEI number."

    This, of course, is more 'hacking' than what weev did against AT&T (he just enumerated id's in the request if I'm not mistaken). And he got thrown in jail for it.

    1. MachDiamond Silver badge

      This, of course, is more 'hacking' than what weev did against AT&T (he just enumerated id's in the request if I'm not mistaken). And he got thrown in jail for it.""

      Yes, Weev just added an additional number to a URL and AT&T's system kicked back a bunch of info. It was more of a case of an unpublished (and unsecured) web page not true hacking. I have all sorts of pages that aren't linked anywhere that I use to put semi-private photo galleries, work in progress that isn't particularly sensitive etc. If somebody can guess the page name, they can have a look at my photos of a Wishbone Ash show or the next iteration of my web site. I even have reference text files that I maintain for writing articles. Boring stuff in the main other than the Wishbone Ash photos. Go see them if they're in town. The band is incredibly tight and classic rock is timeless.

      The legal system is clogged up with older people that didn't grow up with computers, don't want to learn them, yet are tasked with passing judgement over what is and isn't malicious hacking. Weev doesn't help himself by generally being unpleasant.

      1. Ken Moorhouse Silver badge

        unpublished web page

        Some courier companies used to use this technique. If the tracking number looks like it might be a sequential number, rather than a hashed value, incrementing or decrementing by one would often give details of someone else's delivery (I kid you not). They didn't even use a checksum to guard against legitimate typos. One one would hope that this kind of thing is a thing of the past.

        1. I3N
          Pint

          Re: unpublished web page

          Yes, I remember the days when on a ... sorry can't finish that thought ... so I'll take the fifth with a little Master Sgt. Schultz and a pint ...

        2. Destroy All Monsters Silver badge

          Re: unpublished web page

          incrementing or decrementing by one would often give details of someone else's delivery (I kid you not).

          I can confirm.

  7. Hero Protagonist

    Sonic attack

    "We'll keep an eye on this as it develops"

    Shirley you mean an ear?

    1. Destroy All Monsters Silver badge

      Re: Sonic attack

      In any case, you better go fast!

  8. 101

    Sounds fishy to me...

    ....could it be some secret transmitter in the cellar gone awry?

  9. I3N
    Boffin

    Never progressed far enough in that project to see if it worked ...

    Guess no one has had a copy of "The Big Brother Game" by Scott French, August 1976 [didn't someone reference Wishbone Ash and then old]

    Thought it had to do with the ear being non-linear not the air - Fastl H., Zwicker E. (2007) The Ear’s Own Nonlinear Distortion. In: Psychoacoustics. Springer, Berlin, Heidelberg

    Interesting to see that the Japanese thought the technology infeasible in the 1980's

    So on the wiki, along with a bit of confusion about the value of the entry ....

    Sound from ultrasound - Parametric array

    Since the early 1960s, researchers have been experimenting with creating directive low-frequency sound from nonlinear interaction of an aimed beam of ultrasound waves produced by a parametric array using heterodyning.

    Ultrasound has much shorter wavelengths than audible sound, so that it propagates in a much narrower beam than any normal loudspeaker system using audio frequencies. Most of the work was performed in liquids (for underwater sound use).

    The first modern device for air acoustic use was created in 1998,[1] and is now known by the trademark name "Audio Spotlight", a term first coined in 1983 by the Japanese researchers[2] who abandoned the technology as infeasible in the mid-1980s.

    A transducer can be made to project a narrow beam of modulated ultrasound that is powerful enough, at 100 to 110 dBSPL, to substantially change the speed of sound in the air that it passes through.

    The air within the beam behaves nonlinearly and extracts the modulation signal from the ultrasound, resulting in sound that can be heard only along the path of the beam, or that appears to radiate from any surface that the beam strikes.

    This technology allows a beam of sound to be projected over a long distance to be heard only in a small well-defined area;[citation needed] a listener outside the beam hears nothing.

    This effect cannot be achieved with conventional loudspeakers, because sound at audible frequencies cannot be focused into such a narrow beam.[citation needed]

  10. razorfishsl

    Looks like they finally got a recording of Jennifer Lopez singing.

  11. Destroy All Monsters Silver badge
    Devil

    Funny stuff

    "The sounds that kills you" now on Youtube and Putin's "go look for your pokepoints in this here ghetto for some cultural enrichment easter egg" now in the El Reg webzine.

    What a time to be alive!

  12. wheelbearing
    Thumb Down

    Equifax - so everyone has given up fighting crappy 3rd party scripts?

    Big organisations routinely use and force their website users to accept loads of scripts written / hosted and delivered by a host of much smaller 3rd party outfits often of quite dubious provenance. They seem to do this because it's easier / cheaper than trying to either do the thing the script is suppose to do themselves (which is often totally useless to the site visitor) and can then dodge responsibility and blame the 3rd party when things go wrong. I can't be the only one fed up with this kind of stuff.

    1. Fatman

      Re: Equifax - so everyone has given up fighting crappy 3rd party scripts?

      Then you most likely have never heard of NoScript.

      One way to deal with third party scripts.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like