Four senators on Friday asked Army Secretary Mark Esper to outline steps the service is taking to keep military families safe, in the wake of a Reuters investigation that linked numerous cases of elevated blood-lead levels in young children to the presence of lead-based paint in family housing at five Army installations. “We ask that you provide our offices with a detailed briefing as soon as possible outlining the immediate and long-term mitigation strategy to keep military families safe, provide medical treatment for those potentially or previously affected, make long-lasting repairs, and finally, provide legislative proposals or guidance on legislation needed to hold maintenance contractors accountable,” wrote Sens. Tim Kaine (D-Va.), David Perdue (R-Ga.), Mark Warner (D-Va.) and Johnny Isakson (R-Ga.). … Space and Naval Warfare Systems Command’s (SPAWAR) Old Town Complex headquarters on Naval Base Point Loma in San Diego suffers from environmental hazards, including pest infestation, along with other facility issues, such as leaking roofs and inefficient heating and cooling systems, according to a report by the Naval Inspector General. SPAWAR spent $26 million on facility problems from 2013 to 2016, but it did not to correct the deficiencies, reported Navy Times. The building’s open-air, saw-tooth design contributed to the problems. “The large, open buildings provide shelter to numerous pests,” the report states. “Bird droppings and feathers accumulate throughout.” … Wichita State University, Kan., received a $2.5 million grant from the Office of Economic Adjustment to support initiatives that strengthen and diversify the regional advanced manufacturing supply chain, increase the quality and scope of defense technologies, and increase the competitiveness and sustainability of defense-impacted businesses, according to a press release. The award will provide funding for programs at the National Institute for Aviation Research, including work on automated fiber placement in composites manufacturing, cold spray technologies for the restoration of aircraft parts, the 3D printing of new tooling systems and feasibility studies related to hypersonic aircraft.Navy photo by Steven Davis Dan Cohen AUTHOR
Selima Rahman and Iqbal Hasan Mahmud TukuBangladesh Nationalist Party (BNP) has picked Selima Rahman and Iqbal Hasan Mahmud Tuku as standing committee members after over three years of the party’s national council.Party’s senior joint secretary general Ruhul Kabir Rizvi came up with the announcement at a press conference at BNP’s Naya Paltan central office on Wednesday, reports UNB.After BNP’s council on 19 March 2016, the party announced the name of 17 standing committee members.Selima Rahman and Iqbal Hassan Mahmud were made vice-chairmen at that time.Of the 17-stading committee members, ASM Hannan Shah, MK Anwar and Tariqul Islam died at different times.With the appointment of the duo, the total number of the BNP standing committee members now has risen to 16.
Share Mallory Falk/KERATwo protesters hold signs criticizing President Donald Trump’s visit to El Paso on Aug. 7, 2019, to meet with first responders and survivors of the mass shooting that occurred on Aug. 3, 2019.President Donald Trump and First Lady Melania Trump visited El Paso Wednesday afternoon to meet with first responders and survivors of Saturday’s mass shooting.Those who greeted the president include Gov. Greg Abbott, Sen. John Cornyn, Sen. Ted Cruz, El Paso Mayor Dee Margo and others.Residents, however, turned out in force to protest the visit.It was hot and humid at El Paso’s Washington Park, but hundreds of protesters were there holding signs that declared: “Not Welcome,” “Brown and Proud,” and “Fuera Trump,” which translates to “Trump Get Out.”Callie Weston brandished a large sign that read “Ban Assault Weapons Now.”The evening of the shooting, which killed 22 people, she said she visited asylum seekers at a local detention center.“And I said them, ‘You realize, you were safe. You were one of the few people in El Paso, because you were locked up in a detention center, you were safe,’” said Weston.Also in Washington Park was Karen Powers, who staffed a table registering people to vote. She said Trump was not welcome in her city.“It’s like inviting the murderer to the funeral to me,” she said. “I think it’s that gross.”Many of the demonstrators carried signs blaming Trump directly for inspiring the alleged shooter through his anti-immigrant rhetoric.Richie Huerta was one of the demonstrators and said he thinks assault weapons should not be available to civilians.“We’re not fighting a war here. Now it seems that’s what it looks like,” he said. “I know people need a handgun or whatever to have for their own protection and everything, but you don’t need those kind of rifles here in the United States. Leave that to the Army.”Less than a mile away, Trump was at the University Medical Center meeting with their staff and other first responders — as well as survivors of the shooting.There were smaller crowds of protesters near side streets of the hospital.Back at the Walmart where the shooting took place, El Pasoans continued to gather near a memorial outside the store. According to reports from the El Paso Police department, some protest groups began “clashing against each other.”Before coming to El Paso, Trump also visited Dayton, Ohio where a mass shooting took place early Sunday morning killing 10 people including the shooter.
By J. K. Schmid, Special to the AFROA $15 minimum wage bill left Maryland’s general assembly conference committee Tuesday.The bill is a reconciliation of measures that passed both houses by veto-proof margins this session.The senate bill passed 32-15.Sen. Cory V. McCray, a Democrat representing Baltimore City, cast the last vote, a vote in the bill’s favor.“I feel pretty good about it in reference to all the working folks back home in the city of Baltimore,” McCray told the AFRO. “And I know that it’ll help working families across the state of Maryland, so I’m pretty excited.”The bill appears to enjoy wide support across the state from the grass roots to leadership at the county and Baltimore City level.“It’s important to acknowledge that the Howard County Executive Calvin Ball was supportive of this legislative initiative,” McCray said. “Baltimore County’s John Olzewski, Angela Alsobrooks of Prince George’s, Marc Elrich in Montgomery County, but also Madame Mayor, who also came down and gave testimony about Senate Bill 280.”Baltimore Mayor Catherine E. Pugh joins the list of county executives after vetoing a $15 minimum wage bill March 2017.McCray’s ideal bill would seek to secure adequate funding for Maryland’s Developmental Disability Administration hiring programs and demand more exacting verification that tipped workers will earn the mandated minimum wage as it increases (an amendment proposed by Brian Feldman) over the upcoming years.Maryland’s minimum wage currently rests at $10.10 per hour. Both bills call for a general raise in the minimum wage to $15 per hour by January of 2025. The senate bill allowed for exemptions for Maryland’s smallest businesses, giving businesses with fewer than 15 employees until 2028 to raise their minimum wage.“That’s the one amendment that gave me pause, and may get worked out in conference committee,” McCray said. “The year that we’re currently in is 2019, they wouldn’t reach the minimum wage until 2028. So I’m not sure if you would agree, but that’s a long time.”Like many bills it’s a compromise, particularly over when Maryland workers will get a raise in line with Maryland’s ranking as one of the wealthiest states in the nation.“We do understand that businesses have to make adjustments and there is a need to phase the bill in over time,” Ricarra Jones told the AFRO. “Of course, we wish that it would have been sooner, but we are glad that a few years from now, working families will receive much-needed, very long overdue raises.”Jones is a longtime advocate and political organizer for the “Fight for 15.”“It’s going to take them a few extra years than we hoped for, but nevertheless we’re excited that it’s going to be happening and we still have a big hurdle to overcome, with the governor possibly vetoing the legislation when it hits his desk,” Jones said.Maryland’s legislature is only in session for a few more weeks, and Baltimore’s minimum wage bill veto wasn’t overridden due to defections and no-shows and scheduling that allowed the bill to expire.“We’re just hoping that what we’ve been doing is going to continue to work,” Jones said. “Like having these conversations, having actual workers call elected officials and saying ‘hey, I need you to stay strong on this,’ and ‘thank you for your support on this initially, but we have another hurdle and we need you continue to vote for this.’”Hogan has not committed to veto the bill; it could pass with or without his signature.So we’re not planning to switch up our efforts, things have been working so far. Just the pressure from making calls is the most powerful way to get the attention of elected leaders,” Jones said.
Citation: Team Prosecco dismantles security tokens (2012, June 27) retrieved 18 August 2019 from https://phys.org/news/2012-06-team-prosecco-dismantles-tokens.html RSA SecurID Expands Support for Mobile Platforms Explore further RSA SecurID SID800 Authenticator Token (Phys.org) — As password systems alone prove inadequate to protect information on computers against hackers, security customers have taken the advice of vendors to step up to tokens, those online security credentials that add an extra layer of protection at login. The token is designed to generate a six-digit security code that is unique to the person’s credential. The rise of two-factor authentication has been accepted as the way to go for governments and corporations trying to bolster their information security. This week, though, leading token vendors are hearing news they can do without. © 2012 Phys.Org An international team of computer scientists figured out how to extract the keys from RSA’s SecurID 800 model in as few as thirteen minutes. The token heists were performed by a group calling themselves Team Prosecco. If they could figure the way to break in so quickly, then that places troubling questions about the efficiency of cryptographic keys being used to log into sensitive corporate and government networks, the kinds of keys stored on “hardened” security devices used by governments and businesses. One argument often heard among security vendors defending their token systems is that attempts, though possible, would take so long and be so difficult that risks are minimal.The team reports that their token attack also works against older versions of the Estonian national ID card. In the case of the Estonians ID system, they were able to figure out how to forge a digital signature in about 48 hours.Their method consisted of both modifying and improving the “Bleichenbacher” attack on RSA PKCS#1v1.5 padding.Bleichenbacher’s padding oracle attack was published in 1998. The method they use is called the “padding oracle attack.” It involves slightly modifying encrypted text thousands of times. If the system views the extra padding as a valid encryption, the attacker learns something about the original text until eventually the whole thing becomes known. As the researchers report, “We show how to exploit the encrypted key import functions of a variety of different cryptographic devices to reveal the imported key. The attacks are padding oracle attacks, where error messages resulting from incorrectly padded plaintexts are used as aside channel.”When the oracle (server) responds, it leaks data that may allow attackers to decrypt messages without knowing the encryption key. The team has refined the method to the point where the number of calls is significantly reduced to reveal the key. The attack also works against other widely used security tokens than just that one particular model, SecurID 800, from RSA. All of the companies involved were notified before the paper was published, says the research team.RSA’s SecurID 800 model took the shortest time to open at thirteen minutes. A device model made by Siemens took 22 minutes. A device model made by Netherlands-based Gemalto took 92 minutes. The researchers will be describing their successful exploits in a paper presented at the CRYPTO 2012 (the 32nd International Cryptology Conference) in Santa Barbara, California, in August. The accepted paper is titled “Efficient Padding Oracle Attacks on Cryptographic Hardware.” The document is an Inria (the French National Computer Science Research Institute) study.Not all security watchers, however, are convinced that the study is useful. An RSA blog posting, written by Sam Curry, said “Don’t believe everything you read,” and that “Your SecurID Token is Not Cracked.” He went on to say that “This is not a useful attack. The researchers engaged in an academic exercise to point out a specific vulnerability in the protocol, but an attack requires access to the RSA SecurID 800 smartcard (for example, inserted into a compromised machine) and the user’s smartcard PIN. If the attacker has the smart card and PIN, there is no need to perform any attack, so this research adds little additional value as a security finding.” This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.