The NSA publicly released a tool for cracking software wide open, and hackers are loving it — so long as the NSA makes good on its promise not to use it to spy on them


Nakasone cyber command

  • On Tuesday, the National Security Agency made its Ghidra — its tool for reverse-engineering software — available as open source, which means anyone can use or modify it for free.
  • Anybody can use it as a free cybersecurity tool for disassembling suspicious files, analyzing malware, and testing for vulnerabilities.
  • Since the Ghidra tool is free, this increases access for people to use it in both professional and educational settings — potentially making for a safer internet, even as it could introduce new people into the profession of cybersecurity, experts say. 
  • The NSA promises that there are no backdoors or other methods of spying built in to Ghidra, but hackers have gone over the code with a fine-tooth comb to double-check that claim. 

It’s been almost a week since the National Security Agency released a free software tool for picking apart suspicious files, and security enthusiasts are already poring over the code to hunt for bugs and backdoors. And once the project’s completely online for people to modify, developers will scramble to make this tool even more powerful, experts say.

On Tuesday, the NSA released an open source project called Ghidra, a software reverse engineering framework developed by NSA’s Research Directorate for NSA’s cybersecurity mission. The secretive spy agency originally developed Ghidra to analyze attacks and cybersecurity risks on government agencies and other organizations. Like individuals and companies, government agencies are also prone to cybersecurity attacks, including ones from other countries. 

Right now, the code is only available to download, but the NSA is in the process of putting the project onto code hosting site GitHub. And once that happens, experts expect to see enhancements from amateur and professional security developers roll out soon — making the tool even more robust, and a major reason why the NSA likely chose to release a formerly closed project, experts say. As an open source project, Ghidra can be used or modified by anyone for free.

In the meantime, the release of Ghidra has provoked a frenzy of activity as malware researchers, hobbyists and even the conspiracy-minded dissect the software and put it through its paces, assessing its capabilities and seeking to allay the inevitable suspicions about the spy agency’s gift. 

"If you have security concerns about Ghidra, do what I do and install all your research tools inside a Virtual Machine," suggested MalWare Tech, a verified Twitter user with 141,000 followers.

Read more: A former Marine explains how her service helped prepare her to lead a new open source initiative for $3.3 billion startup Rubrik

Making Ghidra open source benefits NSA, experts say. It can be costly to work on improving Ghidra, but as an open source tool where anyone can modify it, an online community of developers can work to improve it much faster. It can also encourage recruitment and community interaction with th NSA, Graham says.

"The significance is that the product can be improved by the community instead of being solely funded by the NSA. Development of such a product is costly, and even the NSA doesn’t have unlimited funds. It’ll be great demonstration of the value of open-sourcing internally developed projects," Rob Graham, consultant and owner at Errata Security. told Business Insider in a Twitter DM.

What is reverse engineering?

Reverse engineering helps users recover information needed to understand cybersecurity risks. For example, when there’s a suspicious file, it can be hard to find the specific issues with that file. But with reverse engineering, a person can disassemble the file to figure out how it works and what risks it might have — essentially, working backwards.

This is similar to figuring out how a dish is prepared at a restaurant so you can make it at home. With Ghidra, people can inspect suspicious code, analyze malware and test for vulnerabilities. 

Ghidra’s technology isn’t anything new as there are currently commercial reverse engineering tools available, but as an open source tool, it increases access for people to work with reverse engineering, says Jon Amato, research director for Gartner’s technical professionals security and risk management strategies team.

"It lowers the bar for entry for people who can do reverse engineering in the industry and are frustrated and priced out for commercial tools," Amato told Business Insider.

Ghidra is not as sophisticated as some commercially available tools, Amato says, but it’s still a "good first start" for people who want to get their hands dirty with reverse engineering. Plus, right now, commercial tools can cost thousands of dollars a year. Although the NSA has released a set of other open source projects, this is the first open source tool specifically for analyzing malicious code and malware-like viruses.

"This functionality has been in freeware and commercial based tools for years," Amato said. "The problem was commercial tools were crazy expensive. [Ghidra] competes with more commercial tools in that in can do a bunch of different stuff but it can do it for free.

Amato says that this tool isn’t a general purpose security tool, but rather, a niche tool that would only be used in specialized security jobs. That being said, now that the tool is free, he believes that Ghidra will likely be used as a teaching tool in colleges and universities — giving students access to learning about this specialized type of cybersecurity technology.

"We’ll start to see this used in academic classroom environments because some of the commercial tools can be a little difficult to gain licenses for even for academic environments," Amato said. "The learning ecosystem is going to be the first and most immediate change we’ll see."


Still, some users were skeptical about the announcement. Ghidra has already been around for years, and it’s likely that the NSA has replaced its internal tools for reverse engineering, says Jerry Gamblin, principal security engineer at Kenna Security.

"It was known to exist, and because it had lost internal value and it wasn’t a tool that was going to drastically make the Internet safe, it allows them to give something back to the security community," Gamblin told Business Insider. "It’s good timing for the NSA."

The fact that it’s from the NSA may also deter some users from using this tool, but otherwise, since Ghidra’s release, the security community has already started sifting through the code to try out the code and to look for bugs.

“There is no backdoor in Ghidra,” Robert Joyce, NSA senior advisor, said at RSA on Tuesday. “This is the last community you want to release something out to with a backdoor installed, to people who hunt for this stuff to tear apart.”

Here’s what people are saying about Ghidra.


SEE ALSO: Microsoft is seriously closing the gap with Amazon in the cloud wars, according to a survey of IT professionals

Join the conversation about this story »

NOW WATCH: Here’s how North Korea’s Kim Jong Un became one of the world’s scariest dictators

from SAI

The 40 Most Insane Supercars, Concept Cars, Smart Cars, And SUVs Unveiled At The 2019 Geneva Motor Show

2019 Geneva Motor Show Supercars Concept Smart Cars SUVs

Getty Image

So far this week, we’ve introduced you to some of the wicked cool new cars that have been unveiled at the 2019 Geneva International Motor Show including the Koenigsegg Jesko, the Bugatti La Voiture Noire, and the Ferrari F8 Tributo. (That car you see above? That’s the Zenvo RSR that was on display at GIMS this week.)

Here’s another look at each…

Embed from Getty Images

Embed from Getty Images

Pretty badass, right?

Well, the Geneva International Motor Show is like nirvana for car lovers because every manufacturer, including and especially those that produce supercars and hypercars, bring out all of their new goodies each year when they reconvene in Sweden.

Here are a bunch of the rest of the most insane supercars, concept cars, smart cars, and SUVs that were on display at the 89th annual car show.

Engler F.F Superquad
Embed from Getty Images

Lamborghini Aventador SVJ Roadster
Embed from Getty Images

Mercedes Formula-e
Embed from Getty Images

Arcfox GT
Embed from Getty Images

Seat el-Born
Embed from Getty Images

GFG Kangaroo Leggera
Embed from Getty Images

Toyota Gazoo Racing
Embed from Getty Images

Pagani Huayra Roadster
Embed from Getty Images

Pininfarina Battista
Embed from Getty Images

Ginetta Akula
Embed from Getty Images

Aston Martin AM-RB 003
Embed from Getty Images

Nissan GT R50
Embed from Getty Images

Lamborghini Huracan EVO Spyder
Embed from Getty Images

Aston Martin Valkyrie
Embed from Getty Images

Fiat Centoventi
Embed from Getty Images

David Brown Speedback GT
Embed from Getty Images

Audi e-Tron
Embed from Getty Images

McLaren 720S
Embed from Getty Images

Toyota GR Supra GT4 Concept
Embed from Getty Images

Piech Mark Zero
Embed from Getty Images

Volkswagen I.D. Buggy
Embed from Getty Images

Fiat Centoventi
Embed from Getty Images

Smart forease+
Embed from Getty Images

Subaru VIZIV Adrenaline
Embed from Getty Images

Bentley Continental GT Convertible
Embed from Getty Images

Peugeot 508
Embed from Getty Images

KIA Imagine
Embed from Getty Images

Nissan IMq
Embed from Getty Images

Alfa Romeo Tonale

Mercedes-AMG GT R Roadster

Hispano Suiza Carmen

Italdesign DaVinci Electric GT

Puritalia Berlinetta GT

Aston Martin Vanquish

Nissan Formula-e

Lancia Stratos


Will cockroaches really inherit the Earth?


Big cockroaches live beneath Price Hall at Virginia Tech University. The stately, gray, five-story building, built of stone over a century ago, houses the school’s entomology department, whose faculty study the insects that flourish in our forests, farms, and, often, homes. Sometimes, these reddish-brown American cockroaches — the largest species of cockroach in the U.S. — will leave their underworld dwellings, crawl through the structure’s old pipes, and creep into Price Hall, said Dini Miller, an urban entomologist at the university. 

“I’m kind of thrilled about it,” she added.

Miller has devoted her academic career to the flat-bodied, six-legged, and often abhorred pests, developing a keen understanding of why roaches have proven so resilient in our modern world, a world where many inspect species — but certainly not all — have been eviscerated by pesticides and the destruction of their habitats. Moths, dung beetles, wasps, bees, and dragonflies have all been given well-deserved PR recently from new widely-reported research and an expertly-told front page story in The New York Times Magazine, foretelling environmental doom should we annihilate the foundation of the planet’s food web. 

A dead cockroach.

A dead cockroach.

Acknowledging that many inspect species might continue to decline in the 21st century — a time when extinction rates are about 1,000 times that of natural, expected levels — I asked Miller if the stubborn, stalwart cockroach might really inherit the Earth if other species were to bite the dust. The answer isn’t simple, but in large part it comes down to the continued success of the human race: The seven or so cockroach species we call pests, the ones we view as indestructible, have learned to thrive in our human society. That means they will continue thriving, as long as we do. 

“They’re with us forever”

“If it wasn’t for us they wouldn’t be flourishing,” said Tim Kring, the head of the Entomology Department at Virginia Tech. “But certain species have flourished because we’ve given them nice homes, food, and water.”

“So we’re with them forever,” said Miller, who paused and corrected herself. 

“Let’s put it this way — they’re with us forever.”

The indestructible roaches 

Roaches traveled across oceans to infest the United States. The worst cockroach pest, however, isn’t the American cockroach, which likely boarded New World-bound ships from Africa in the 1600s. It’s the German cockroach, which may have came from either Europe or Africa. It’s a smaller brown roach under an inch in size. 

Though German cockroaches are plentiful in the United States, there are no wild German roaches living outdoors in the nation. Instead, they’ve become domesticated critters. They all live with us. 

“[German roaches] are the ones that have evolved to live with humans,” said Miller. “They have gone from the caves to our agricultural societies, to exploring the world on ships, to flying around on airplanes. They have just come with us the whole way.”

An overnight roach trap deployed by Dini Miller in a single apartment (German roaches).

An overnight roach trap deployed by Dini Miller in a single apartment (German roaches).

Unlike German cockroaches, larger roaches — like the American cockroach or the smoky brown cockroaches of the south — aren’t wholly dependent upon our warmth and food to survive, though they’re commonly discovered in large buildings, particularly in cities. Like the roaches peeking out in old Price Hall, these roaches flourish in modern human civilization. They don’t always need to live in the shadowy corners of our homes and restaurants, but instead reside in sewers and the outdoors. Though, bigger roaches have no problem coming inside when they get hungry, thirsty, or cold. “They can just move on in when times get tough,” said Miller. 

And that’s when all roaches cause a stir, whether German, American, or something else. “People get freaked out by them,” said Santangelo. 

Even though their swarming, brown bodies may provoke disgust, their dependence on us might be why they don’t carry disease. They need us to stay a healthy, vibrant, reproducing species, which makes them well-adapted to infest our cities.   

“They don’t want to hurt our populations,” said Kring. “In a way, they’re farming us by not spreading disease to us,” he mused.

Still, we’ve certainly tried to annihilate them, using insecticides to unleash large-scale, nation-wide warfare against any roach that enters our homes. 

But the roaches have resisted. “They defeat the countermeasures we deploy,” said Rick Santangelo, a cockroach control research specialist at North Carolina State University.

“They defeat the countermeasures we deploy”

Our chemicals might knock out 99 out of 100 roaches, but the remaining one percent will prove resilient. Then, they’ll breed. “The more you’re exposed to something, the more tolerant you become to it,” said Santangelo. That’s not to say the resilient critters can’t be exterminated from your house. With the right strategically-placed poisons — like placing bait in hundreds of places around a kitchen — the roach dwellers can be expunged. But that’s just your house.

“You can get rid of them in a single structure, but we’re not gonna eradicate roaches,” said Santangelo. 

An American cockroach visits the indoors.

An American cockroach visits the indoors.

Roaches, particularly the German ones, have another potent weapon: their genes. Over millions of years, German roaches unwittingly evolved an exceptional ability to resist poisons and malicious pathogens. In a 2018 study, researchers found that the German cockroaches had expanded specific parts of their genome responsible for “detoxification,” “defense against pathogens,” and other related functions, making the bugs well-suited to thrive in filthy, inhospitable places like sewers. Of note, American and German roaches have a genome that supplies their bodies with a rich arsenal of a protein called the P450, which neutralizes toxins and can respond to a wide variety of chemical threats. 

“In a way, they’re farming us”

“All this gives them an edge in an unsanitary environment,” said Erich Bornberg-Bauer, a professor of molecular evolution and genomeinformatics at the University of Münster.

“If they would also survive World War III is unproven and we’d prefer not to find out,” added Bornberg-Bauer, who coauthored the genetics roach study.

Until death do we part

Roaches and humans are in the long-haul together. They don’t seem to mind us, but why can’t we get along with our six-legged roommates?

“It’s the shame,” said Miller. “People have a lot of shame when it comes to having insects in their home.”

“They can’t damage you. They’re just obnoxious,” she added.

But the intimate roach-human relationship, while assured for near eternity, isn’t exactly harmless.

Roaches in a trap.

Roaches in a trap.

Image: Shutterstock / Chattaphan Sakulthong

Though roaches may not carry lyme disease, like ticks, nor inject us with venom that produces ghastly lesions, like the brown recluse spider, their poop can become a serious problem during a dreaded infestation. “All of your plates, curtains, walls get covered in cockroach poop,” said Miller, noting that the problem is pervasive in poorer, inner-city environments but often unknown by other socio-economic demographics. The roach poop takes to the air and becomes an allergen, triggering wheezing, coughing, and asthma. 

Most roach species, it should be noted, aren’t unsightly pests. Many are magnificently-colored bugs, unrecognizable as a dreaded roach. They’re like the trillions of other insects out there, existing in a world rife with habitat destruction, pesticides, and a globally-disrupted climate. Many bugs simply no longer have homes. “Where there was once a forest, there’s now a cornfield,” said Kring. 

“I think there will be cockroaches left”

Although unease about insect declines can sometimes be misinterpreted or sensationalized, the unavoidable reality is that many insect populations have indeed experienced significant declines, but these plummeting numbers haven’t been observed everywhere. In some places, like protected European forests, biologists have observed an over 75 percent decline in flying insect species in under three decades. Meanwhile, scientists haven’t yet found dwindling numbers in other non-flying bug species. “I’m not saying it’s not happening, I just don’t see it in my own data,” Peter Dunn, a biologist at the University of Wisconsin-Milwaukee who has monitored flying insects for decades, noted in an interview. 

The future of wild bugs, though, is in a significantly more uncertain state than the roaches that dwell with humankind, as our homes are often safe and rife with food. It’s a welcome place to be, especially if catastrophe does strike Earth’s wild insects, should a complete and terrible environmental failure come to pass.

“I think there will be cockroaches left,” mused Dunn.

from Mashable!

‘No drama Obama’ shared his tricks for staying cool under pressure


barack obama

  • Former President Barack Obama spoke at a tech conference in Salt Lake City, Utah this week.
  • At the conference, which was organized by software company Qulatrics, Obama discussed his famous reputation for keeping cool under pressure.
  • Some of his techniques can be easily adopted in everyday life, helping you to focus on performance and tune out the distractions.

Barack Obama was famous during his presidency for always appearing cool and calm. The press sometimes called him "no drama Obama" and didn’t always mean it kindly.

He said there was some truth to the nickname when he repeated it on stage this week at a tech conference in Salt Lake City, Utah hosted by software company Qualtrics. But he said, just because he appeared calm, when he was younger he would still sometimes agonize with fear of making a mistake. 

"I have an even temperament and I don’t get too high and I don’t get too low, but that doesn’t mean that throughout the presidency and throughout my professional career that there weren’t times when I was constrained by, ‘Man I don’t want to screw this up. I don’t want ot let people down. I don’t want to be seen as having made made a mistake or having failed’," he said.

It was during his second term that he experienced a "shedding of fear" as he described it and that helped him perform better.

"There’s no doubt by the time I was in my second term I was a better president than I was in my first term and it did not have to do with analysis or policy," he said. "It had to do with what comes with any career — whether it’s sports or teaching or you name it — you get enough reps, enough repetition and familiarity with the nature of the problems that you start being focused on the task and not how-are-you-doing-on-the-task and the self-consciousness that comes with that."

He says that’s the attitude that he carried into working on the Iran nuclear deal, which sought to squash Iran’s nuclear weapons program and the Paris Climate accords, a landmark agreement between governments worldwide to jointly address climate change. (President Trump has since vowed the US would abandon participation in the Paris agreement which called for each country to make its own emissions-reduction pledge.)

By learning how to get comfortable with tackling large, complex problems, Obama says he stopped worrying about making mistakes. Instead he realized, "You know, I got this. And if I make a mistake we’ll figure out how to make up for it, we’ll learn from it."

He didn’t focus on poll numbers or pundits but focused on "advancing this vision that I have and I hope the country will share, that we create a better country," he said.

But it was more than just self-confidence that comes from experience. He also took deliberate steps to keep himself focused. This included "not reading my own press." 

He didn’t (and doesn’t) look at comments on social media, or watch the cable news pundits. That included the people berating him, but it also included avoiding people praising him. " If people were complementary, people assume you know more than you did," he joked, and that can lead to an inflated ego, which is just as detrimental.

He started to view all of that public commentary on him as a distraction, "Not useful to me in doing my job or solving a problem, but designed to feed possible anxiety."

And these techniques can work for anyone: 

  • Spend time in learner’s mode, collecting information from people who know more about the topic than you do. Obama says he’ll ask questions and keep asking them until he understands, sometimes making his experts "speak English" or explain things to him in layman’s terms.
  • Focus on the task at hand. Do your homework. Do your best and trust that if a mistake or problem happens, trust that you can do the same process to fix it and learn from it.
  • Don’t fill your head with what people are saying about you, good or bad. Make your work about the work, not about yourself.

"One way I describe it to my girls is, ironically, by taking your ego out of what you do, it will liberate you and you can ultimately perform better and more comfortably," he said.

SEE ALSO: Obama warns that if the world isn’t careful, democracy could be in danger: ‘Democracy is a garden that has to be tended’

Join the conversation about this story »

NOW WATCH: Everything we know about Samsung’s foldable phone

from SAI

25 hot cars at the 2019 Geneva Motor Show


Pininfarina Battista

The 2019 Geneva Motor Show is the first major European car show of the year. As a result, the world’s automakers go big for Geneva. Car makers pulled out all the stops to show off their latest and greatest. 

Read more: This $19 million custom Bugatti is now the most expensive new car ever sold.

In years past, Geneva has been known as the show where the next great supercars are shown for the first time. That tradition continues as it once again plays host to the latest from Aston Martin, Ferrari, Lamborghini, Koenigsegg, and Pininfarina.

The show also features a host of more practical offerings from mainstream mass market and luxury brands including Audi, Mercedes-Benz, Polestar, VW, Subaru, Honda, Toyota, Nissan, and Mazda.

Less well know brands like Russia’s new ultra-luxury brand Aurus are also featured at the show. 

Read more: Check out Vladimir Putin’s new armored presidential limo that is Russia’s answer to ‘The Beast.’

The 2019 Geneva Motor Show will be open to the public until March 17 at the Palexpo Arena in Geneva, Switzerland. 

Here’s a closer look at the 25 hot new cars at the Geneva Motor Show. 

SEE ALSO: Mazda just introduced a new small SUV that will take on rivals from Nissan, Honda, and Subaru

FOLLOW US: On Facebook for more car and transportation content!

1. Bugatti La Voiture Noire

2. Aston Martin AM-RB 003

3. Aston Martin Vanquish Vision

See the rest of the story at Business Insider

from SAI