triangle

The V16 wanted to replace the triangle and reduce risks. They have ended up proving that they can also create them

by

On January 1, 2026, it will be mandatory to carry in the car an approved V16 beacon. The introduction of this device is surrounded by a great controversy regarding its implementation, its real usefulness or the emergence of illegal devices. What has just been discovered is that more than 250,000 beacons are affected by serious cybersecurity vulnerabilities. It is the umpteenth disaster that affects these devices. what has happened. Luis Miranda Acebedo, cybersecurity expert, has published a complete and in-depth analysis of the digital security (or rather, lack thereof) of one of these V16 beacons. Specifically, the Help Flash IoT model, which is especially striking because the person who distributed it is Vodafone and the operator confirmed months ago that it had sold more than 250,000 units in Spain. The document and its conclusions are worrying. Vulnerabilities everywhere. In his analysis Miranda explains that although the analysis only focuses on this device, “the security problems found in the communications part seem to be common to all devices.” Specifically, the errors found by this expert for that part were the following: Sending data in plain text– The beacon transmits exact GPS coordinates, IMEI and network parameters without any encryption. Anyone who intercepts the signal can read them. Lack of authentication and integrity: There are no mechanisms to verify that the server is legitimate or to ensure that the message has not been modified along the way. Susceptibility to false stations– It is possible to spoof a cell tower to intercept traffic, block alerts from being sent, or inject false data. Private APN Exposure– Although this beacons a private Vodafone network, the connection commands and keys are exposed on the debug port, making the network accessible to an attacker. The V16 Help Flash IoT beacon is a real trick. Image: Luis Miranda Acebedo. OTA updates, another disaster. The problems are not only limited to that part of the V16 beacon’s communication with the APN and the servers of each provider, but are also present in the OTA (Over-The-Air) update system: Insecure update: Simply press the power button for 8 seconds to activate a maintenance Wi-Fi network. The name (SSID) of the Wi-Fi and its password are identical (HF-UpdateAP-5JvqFV), they are “harcoded” in the firmware. Not only that: Miranda tested two different units and those credentials coincided, which leads him to think that they are the same in the 250,000 devices sold by Vodafone. unsecure HTTP: To download the new firmware, the HTTP protocol is used without further ado, not the secure version (HTTPS), allowing an attacker to intercept and modify the file in transit. No digital signature: The device does not verify the authenticity of the firmware, and accepts any file sent to it, allowing the installation of malicious software. DNS Spoofing– By not using DNSSEC it is trivial to trick the device into connecting to a fake server controlled by a cybercriminal. Open debug port: The port is also physically accessible without a password, allowing you to view all the logs and extract sensitive information from the hardware. Hacking a beacon is easy and cheap. The researcher explained that it is possible to buy a device that simulates a telephone antenna (500-1,000 euros). Using a Rasperry Pi 4 or a laptop, free software can be used to “intercept and manipulate the “secure” communications of these beacons.” After running a proof of concept, he managed to hack a beacon in 60 seconds and install malicious firmware that allowed him to have full control of the beacon. With this firmware it could send false locations, access the operator’s private APN, generate massive false alarms or turn the beacon into a brick. What Netun says. The company that manufactures these beacons, Netun Solutions, has sent out a press release to try to clarify these risks. Exposed data: The signature indicates that the beacon transmits geolocation, a device identifier and some technical parameters. They admit that this data can be exposed, but they emphasize that there is no transmission of personal data such as license plates or user IDs. Logical: they are not associated with the beacons. Plain text: Netun officials explain that the decision to send plain text was made to “guarantee long-term interoperability and robustness.” Private APN: It is also noted that the beacons connect through a private APN and a VPN from the operator, but Miranda explained how the connection parameters are exposed on the serial port. Physical access and removing the eSIM are enough for an attacker to connect to that private network. Netum in turn points out that physical access means that “the impact is limited to that specific unit.” OTA problems: Regarding the OTA functionality that also shows a vulnerability, Netun states that this function has been disabled through firmware updates. Improbable mass attacksFinally, those responsible point out that massive attacks could only be carried out by compromising a large number of beacons. They also explain that the Netun platform “limits the number of frames that each SIM can send” and the frequency of sending. What Vodafone says. At Xataka we have contacted Vodafone, and one of their spokespersons tells us the following: “The V16 beacons approved and marketed by Vodafone Spain constitute an adequate system that complies with current regulations for road emergency signaling. In particular, Help Flash IoT is certified in accordance with the regulations required by the General Directorate of Traffic (DGT) for connected V16 beacons, meeting the necessary technical requirements in terms of visibility (sufficient light intensity), resistance, flash reliability, signal duration, etc. These requirements also include the data communication protocols of the beacon with the servers. The V16 beacons have internal security mechanisms and the Vodafone network provides an additional layer of security with controls that ensure that communication is made from the beacon authorized by the network. On the other hand, the beacons integrate NB-IoT connectivity, which guarantees that the beacon is only used for location in an emergency by authorized entities with the user’s knowledge. The communication that passes through Vodafone … Read more

In Spain there is a “black triangle” of fires between Ourense, Zamora and León. And it is not explained only by heat

by

The drawing is bleak. If you open Google Mapsactivate the “fire” function And you take a look at the map of Spain you will see that much of the flames that are devouring the mountain of the country (and some populated areas) seem to concentrate on a particular ‘triangle of fire’ between the provinces of Ourense, León and Zamora. There are the fires of Mozyuelas de la Caballea, Yeres or that of Queixa Chandrexawhich have already razed thousands and thousands of hectares. It is not the only region of Spain punished by the flames, but the big question is … Why do forest fires seem to be primed right in that region? The Spain that burns. It is not being a good August for the mountains of the country. According to The last report of the Ministry of Environment (Miteco), still incomplete because its technicians do not have the data of the large active fires, so far this year the flames have devastated 138,800 ha. And that is the calculation to August 10, so it does not include the devastated surface during the last week. To better understand what this data is, remembering that between January and the first week of September 2024 the forest fires burned 43,655 ha or that throughout 2023 they had calcined 89,000. If we look back, at the last decade, there was only one more disastrous exercise than the current one: 2022, when at this point of the year they had burned Around 215,000 hectares. Is the whole country the same? No. The flames have punished to a greater or lesser extent Andalusia, Estremadura, Castilla-La Mancha, Catalonia and the regions of Valencia and Madridto quote only some examples, but there is a specific area of the Peninsula that is suffering from the dentelladas of the fire with special virulence: the triangle formed by the provinces of Ourense, León and Zamora. Tan a Fast look To Google Maps to check it. There is Chandrexa de Queixa, which has affected more than 17,000 ha And it is already considered The most destructive of the history of Galicia. Also that of Mozyuelas de la Carballedathat passed from Zamora to León and has calcined several dozens of hectares. Looking for the causes. The big question is … why do that region hit so much fury? What are the causes? The question is interesting because it is not an isolated phenomenon: there are populations, like Castromil’sbetween Ourense and Zamora, who have resigned themselves to deal with fire every year. For the impact of the flames on the ‘triangle’ between Zamora, León and Ourense He wondered Recently in X Francisco M. Azcárate, professor of ecology, biology and environmental sciences. And its entry response is interesting: the succession of forest fires in that region of the Peninsula cannot be attributed to pyologists or negligence. Or that is not the only cause at least. In the background there are more complex structural reasons that have to do with the characteristics of that area or changes in the use of the territory. Meteorology earrings. “Climatically, the area fits perfectly with ecosystems that, naturally, have a high frequency of important fires,” Azcárate starts Before aiming the influence of the rainy season, during which biomass accumulates, and dry, marked by the mass of dry and very flammable vegetation. To this factor is added the frequency of fires in humid Mediterranean climates or the effect of climate change, which influences extreme temperatures and “extends the risk season.” The fire wave has in fact coincided with Another heat which began in early August and that already stands out as one of The most durable Since at least the 70s, which is when the historical Aemet starts. Although it is not an inflexible guideline, experts have not been warning that the fight against forest fires is especially complex when the known as the known as ‘Rule 30-30-30’: Temperatures above 30ºC, wind gusts of more than 30 km/Hy a humidity of less than 30%. Click on the image to go to Tweet. The perfect cocktail. Not only do climatic conditions or heat wave influence, which has spread far beyond the Ourean-Leon-Zamora triangle. Another of the keys that explains the impact of fires in that concrete area of the Peninsula must be sought, Azcárate points out, on the ground and orography. “The region has acidic and little fertile soils. This favors more flammable plant communities, due to the composition of plants’ tissues,” The expert reflects. At stake also enters the orography of that region, marked by an “abrupt relief” that hinders the access of “erratic and strong” seals that can abruptly change the direction of the flames. A few years ago Civio analyzed The main fires recorded in Spain throughout the 2007-2016 decade and discovered that in almost 80% of cases (153 of 196) the gusts exceeded 30 km/h, which could influence the evolution of fire. Something more than weather and orography. Not everything is climate, meteorology, orography or soil characteristics. In the fires it is influencing another factor than You are talking a lot During the last days: the depopulation of the rural one (which is usually accompanied by the abandonment of fields and a change in forest management), something that starts from the provinces of Ourense, Zamora and León They know well. “In general in Spain there has been rural, population and peoples abandonment and depopulation is a food for fires,” Celso Coco warnsfire expert and forest management in The opinion-the mail of Zamora. And what does that suppose? “The consequence is that in those areas where it was worked, it was grown, it was granted, natural vegetation has been installed and there is no use of them, which has increased the forest area greatly. This continuity of vegetation, without management, results in a vulnerable landscape,” duck. In their opinion, forest fires “have existed, exist and exist” and constitute “a natural process”, but changes in the landscape have affected their impact: where they were previously found with land … Read more

A bomb is directed to Ukraine from the US. It is called GLSDB and is Boeing’s antidote to the “offensive triangle” of Russia

by

Two news in the last hours reflect to what extent the war in Ukraine is a nonsense. On the one hand, the United States has confirmed that he is arguing with Putin LAs lands and energy plants that would find the long -awaited fire. On the other, a package is directed from Washington to Ukraine. Inside, some bombs They promise to change the current Russian advantage in the invasion. The “offensive triangle”. They counted several analysts over the weekend that as the war in Ukraine enters its fourth year, Russia has perfected a strategy that, although it has not achieved decisive advances on the battlefield, is Erosioning systematically the abilities and moral of the Ukrainian forces. The approach, called by British experts such as the “offensive triangle,” combines infantry, attack drones and planning pumps to subdue Ukrainian forces at constant pressure. Tactics has been particularly effective due to Current situation of Ukrainewhich faces the reduction of western military supplies, exacerbated by the decision of the Trump administration of freeze shipments of arms and all cooperation in intelligence (now reactivated both). Although Russia still does not achieve significant strategic advances, its approach is achieving an accumulation of small victories at a high human and material cost. The key role of UMPK. One of the most novel and effective elements of this strategy has been the intensive use of UMPK planning pumpswhich have allowed Russia revive your air capacity without exposing your enemy fire planes. These bombs, which transform conventional ammunition into low -cost precision weapons, have been a key factor for Russia since Your introduction in 2023. Unlike western systems such as The JDAM from the United States (used for more than 25 years), Russian UMPK prioritize quantity over precision. Although its accuracy is less than that of its western counterparts, its explosive power is devastating. Plus: These ammunition have proven to be particularly effective against Ukrainian trenches and bunkers, since even a close impact can destroy well prepared fortifications. It is estimated that Russia will increase its production of 40,000 UMPK bombs in 2024 70,000 in 2025which will mean an even greater challenge for Ukraine. American aid: GLSDB. The response of Ukraine to the Russian offensive triangle will arrive thanks to the reactivation of military aid and intelligence cooperation in the United States. To be more exact, a New improved version of the GROUND-LAUNCHED SMALL DIAMETER BOM (GLSDB). The bomb, which debuted on the Ukrainian battlefield months ago, had a disappointing performance, especially due to the advanced electronic warfare capabilities of Russia, which led to its use was suspended. However, with the growing need for long -range armament after the decrease in reserves of Atacms missilesGLSDB has been reevaluated and modified to counteract electronic interference and improve its effectiveness. The modifications. According to Reutersthe new versions of the GLSDB include structural reinforcements to better withstand launch tensions, in addition to an optimization in Your GPS navigation systemwhich would do it more resistant to blocking and supplantation of signals (Jamming/Spoofing). In fact, to validate these improvements, 19 launch tests were carried out recently. We remember that the bomb was developed by Boeing and Saab, a precision weapon released from the ground with remote attack capacity. Its design is based on the combination of two existing components. On the one hand, the small diameter pump GBU-39/B (SDB), used in air attacks. On the other, the M26 rocket engine, which is used in multiple launcher systems m270 mlrs and M142 Himars. How it works. The system allows the GLSDB to be triggered as if it were a rocket to use and, after reaching a certain altitude, displays retractable wings that allow it to plan without propulsion to its target, using its inertial navigation system and GPS. Its scope is approximately 150 kmwhich makes it especially useful for Ukraine in its attempt to attack Russian infrastructure and supply lines at a great distance. The initial problem. Although Saab had ensured that GLSDB had high precision (with a margin of error of only one meter), reports from the front suggest that their vulnerability to the Russian electronic warfare It was greater than expected. Russia has demonstrated an effective capacity to Block GPS signalswhich affected the precision of the GLSDB and reduced its effectiveness. Interestingly, the aerial version of the SDB has worked well in the Ukrainian Air Force, which has raised doubts about why the land version suffered interference problems. It is suggested that the greatest flight distance in GLSDB may have amplified the impact of GPS signal loss. Strategic importance and versatility. Be that as it may be despite its initial problems, GLSDB is still A key piece In the Ukrainian military strategy. Its great reach places the pump above the 227 mm rockets used in the MLRS and Himars, which allows deep attacks without the need for expensive tactical ballistic missiles such as the same Atacms. In addition, it has the advantage of being compatible with multiple launch platforms, including the MLRS M270 and the Himars M142which facilitates its integration into the Ukrainian Arsenal. Plus: Another important factor is the availability of components, since both M26 engines and GBU-39/B pumps have broad “stock” in the US and other allies, which makes the GLSDB pump a viable and scalable option to maintain the pressure on Russia and cope with that moscow wear war with Your offensive triangle. Image | Saab In Xataka | Russia has crowded a surprising blow to Ukraine: 100 soldiers walking for four days inside a gas pipeline In Xataka | The problem of Ukraine is not just the lack of weapons. The US has a “button” to deactivate the artillery already sent

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.