Everything is broken Next time you think your grandma is uncool, give her credit for her time helping dangerous Russian criminals extort money from offshore casinos with DDoS attacks.
] breaks down the reasons why computers are so hackable by exploring the realities of how software is made and used.
“The good news is that there are solutions. The weakness of mass surveillance is that it can very easily be made much more expensive through changes in technical standards: pervasive end-to-end encryption can quickly make indiscriminate surveillance impossible on a cost-effective basis. The result is that governments are likely to fall back to traditional, targeted surveillance founded upon an individualized suspicion. Governments cannot risk the discovery of their exploits by simply throwing attacks at every “endpoint,” or computer processor on the end of a network connection, in the world. Mass surveillance, passive surveillance, relies upon unencrypted or weakly encrypted communications at the global network level.
Edward Snowden submits written testimony to an EU committee investigating mass surveillance, and answers questions.
The testimony takes place 3 days ahead of his highly anticipated SXSW appearance, to take place later today. Snowden is expected to speak about privacy, security, mass surveillance programs, free speech and whistle-blowing in a rare remote video appearance before a live audience.
Kansas Congressman Mike Pompeo finds this “deeply troubling” in a letter he's sent to the organizers of the conference.
Meanwhile, people who wish to #asksnowden questions can use the hashtag on Twitter. The talk is to take place at 12pm PT, today.
In a survey performed in 2012, Incapsula found that 49% of the visitors to 1,000 selected sites were human
, compared to a growing percentage of "good bots" like search engines, and "bad bots" including hackers, scrapers, spammers and spies of all sorts. Last year, human web visitors accounted for 38.5% of site visitors
, with an increased percentage of search engines and other good bots, and similar ratios for the "shady non-human visitors." [more inside]
While Jacob Appelbaum grabbed headlines with his NSA revelations
at this year's Chaos Communication Congress
, other presentations provided equally fascinating insight into how the world works. Learn how data mining is bringing perpetrators of genocide to justice
), how an artist uses different concepts of secrecy landscapes
) to keep tabs on clandestine activities, and how India's surveillance state continues to grow
previously [more inside]
"During his civil lawsuit against the People's Republic of China, Brian Milburn
says he never once saw one of the country's lawyers. He read no court documents from China's attorneys because they filed none. The voluminous case record at the U.S. District courthouse in Santa Ana contains a single communication from China: a curt letter to the U.S. State Department, urging that the suit be dismissed. That doesn't mean
Milburn's adversary had no contact with him." [China Mafia-Style Hack Attack Drives California Firm to Brink
Three conventions compared in the great geek sexism debate
They were a couple of blokes from a small city in in England who started out messing around with instruments. Paul played the guitar and drums, and Phil the saxophone, but both were interested in electronic music by the likes of Kraftwerk. Phil also liked hip-hop, and Paul got into acid house in the late 1980s. One afternoon, Paul slapped together a happy little song based on a sample from a now-forgotten instrumental cover version of some pop hit
, and called the little ditty Chime
. Even before it was pressed on vinyl, DJs were asking for it, and Orbital
was born. [more inside]
In 1984, Congress passed a law called the Computer Fraud and Abuse Act
, in the wake of some high profile incidents of hacking
. Designed to prosecute hackers, the law is written vaguely enough that it has, in recent years, been used (with varying degrees of success) to prosecute people violating terms of an employer's computer usage policies
, or in the infamous case of Lori Drew
, a Terms of Service agreement.
But today, the 9th circuit court of appeals ruled that employees can not be prosecuted under the CFAA for violating an employer's computer use policies, dealing a blow to the Obama administration’s Justice Department, which is trying to use the same theory to prosecute alleged WikiLeaks leaker Bradley Manning
On October 18, Wired embedded
a reporter with both Anonymous and the #Occupy movement, calling both "a new kind of hybrid entity, one that breaks the boundaries between “real life” and the internet, creatures of the network embodied as citizens in the real world." The first entries in Quinn Norton's ongoing special report: Anonymous 101: Behind the Lulz
were posted today. Coverage from Wired's other special report, Occupy: Dispatches from the Occupation
are already online. NPR: Members Of Anonymous Share Values, Aesthetics [more inside]
"Hackers of the world are uniting and taking direct action against our common oppressors - the government, corporations, police, and militaries of the world
" says LulzSec (previously)
in their latest release, Chinga La Migra
. "We are releasing hundreds of private intelligence bulletins, training manuals, personal email correspondence, names, phone numbers, addresses and passwords belonging to Arizona law enforcement. We are targeting AZDPS specifically because we are against SB1070 (previously) and the racial profiling anti-immigrant police state that is Arizona.
is a new track from nerdcore rapper ytcracker (previously)
People who use Sony don't make very good passwords
. "None of this is overly surprising, although it remains alarming. We know passwords are too short, too simple, too predictable and too much like the other ones the individual has created in other locations. The bit which did take me back a bit was the extent to which passwords conformed to very predictable patterns, namely only using alphanumeric character, being 10 characters or less and having a much better than average chance of being the same as other passwords the user has created on totally independent systems." [more inside]
Sony's PlayStation Network and Qriocity have been down since April 20 2011 due to an illegal intrusion. Today Sony announced
that user data - birthdate, user name, password, e-mail address, possibly credit card information, and more - has been compromised for its 69
million users, exposing them to identify theft amongst other things. [more inside]
An anonymous hacking outfit called "Gnosis" has infiltrated Gawker Media
, hijacking the front page
and leaking the company's internal chat logs, source code, and content databases along with the usernames, email addresses, and passwords of over 1.3 million users
(including Gawker staff). The attack, which was motivated by what the group describes as the "outright arrogance"
with which the company's bloggers taunted anonymous imageboard 4chan (semi-previously)
, affects every site in the Gawker network, including Gizmodo, Kotaku, Lifehacker, Jezebel, Deadspin, Jalopnik, and io9. While most of the leaked passwords are encrypted, more than 200,000 of the simpler ones in the torrent file have been cracked, and the links between account names and email addresses are in plaintext for all to see. Since the integrity of Gawker's encryption methods remains in doubt
, it is recommended that anyone who has ever registered an account on any Gawker property change their passwords immediately, especially if the same log-in information is used for other services.
When the Xbox Kinect
) was released a month ago, it promised a new era of controller-less gaming. The system is certainly selling well
heading into the holidays, but reviews so far are mixed. The minor injuries
are expected, but with some less than impressive
early game releases, some think that the system is only partially living up to its pre-release hype
. But what happens when open source software fanatics get their hands on this new technology? [more inside]
The University of East Anglia's Climatic Research Unit
suffered a security breach
this week. Hackers made off with thousands of email correspondences between some of the world's top climate scientists, and posted them to the Internet1
Tony Hake has posted an article
at The Examiner, highlighting what he feels are the most egregious examples of scientists manipulating and hiding data to support the established theories about Climate Change. Some of the scientists involved counter
that the quotes are taken out of context, and that "People are using language used in science and interpreting it in a completely different way".
1 I'm not going to link to them, but the Examiner article mentions where to get them.
Sunday night 60 Minutes
aired a segment on the state of cyber crime & cyber terror which included the extraordinary claim that unknown hackers were behind massive power outages in Brazil in 2005 & 2007. Now Wired Magazine's Threat Level
blog says that's just not true. According to two studies
(PDF, Portuguese) by the Brazilian government it was buildup of soot on insulators that caused the blackouts, not super-hackers demonstrating their abilities. Is the US Intelligence Community passing around false information
to justify its relevance?
Neurosecurity: security and privacy for neural devices.
"An increasing number of neural implantable devices will become available in the near future due to advances in neural engineering. This discipline holds the potential to improve many patients' lives dramatically by offering improved—and in some cases entirely new—forms of rehabilitation for conditions ranging from missing limbs to degenerative cognitive diseases. The use of standard engineering practices, medical trials, and neuroethical evaluations during the design process can create systems that are safe and that follow ethical guidelines; unfortunately, none of these disciplines currently ensure that neural devices are robust against adversarial entities trying to exploit these devices to alter, block, or eavesdrop on neural signals. The authors define 'neurosecurity'—a version of computer science security principles and methods applied to neural engineering—and discuss why neurosecurity should be a critical consideration in the design of future neural devices." [Via Mind Hacks]
became interested in alternative comics at the tender age of nine [according to Wikipedia]
after watching Harvey Pekar reading one of his stories in a documentary [most likely this one]
. Fast-forward a decade or so, and Ed's getting the call from Pekar himself
, asking Ed to draw some comics for him
. [more inside]
The best criminal hacker is the one that isn't caught — or even identified. These are 10 of the most infamous unsolved computer crimes
as selected by PC Magazine. However, some do get caught. Here are nine of the most infamous criminal hackers
to ever see the inside of a jail cell. PCMag also reached back into the early days of computing and dredged up the most inspiring examples of hacker brilliance
they could find. [more inside]
Possibly the first computer attack to inflict physical harm on the victims:
"I don't fall over and convulse, but it hurts,"... "I was on the phone when it happened, and I couldn't move and couldn't speak."
Online communities to become more 'all-encompassing.'
If you join the SHC community on Sears.com, all web traffic to and from your computer thereafter will be copied and sent to a third party marketing research firm - including, for example, your secure sessions with your bank! The Sears.com proxy will send your logins and passwords along with a cleartext copy of all the supposedly secure data. But wait, it gets better
: you can only view the true TOS once the proxy has already been installed. [more inside]
Ever admired those hard-working hackers, toiling away to get you the programs you've always loathed to have? Have you ever dreamt of exploring the innards of someone else's computer but have held back due to those pesky legalities? If you said yes to either of the above questions or just want to play an online hacking simulation, then SlaveHack
is the website for you. [more inside]
The organisers of New Zealand hacking convention Kiwicon
have created some PR the only way they know how, l33t h4x0ring. Using a XSS
bug in NZ's largest newspaper the NZ Herald
there. The URL got passed around and soon ended up with genuine media coverage
in NZ Herald's biggest competitor Stuff
. An earlier effort on the NZ Computerworld site was quickly fixed and got no media coverage.
Interesting "New Yorker" article
about online extortion via DDoS attacks. Call me naive and underinformed, but I had little understanding of how this works.
"In the most common scenario, the bots surreptitiously connect hundreds, or thousands, of zombies to a channel in a chat room. The process is called “herding,” and a herd of zombies is called a botnet."
. As featured on the BBC: Hackers re-invent political protests
Links ordered by quality, roughly. Some slightly NSFW with some NSFW connections. Various links include sound.
The art of abstraction
: 'the idea that anyone who creates anything is a hacker.'
Republican Dirty Tricks
"From the spring of 2002 until at least April 2003, members of the GOP committee staff exploited a computer glitch that allowed them to access restricted Democratic communications without a password. Trolling through hundreds of memos, they were able to read talking points and accounts of private meetings discussing which judicial nominees Democrats would fight -- and with what tactics.
The office of Senate Sergeant-at-Arms William Pickle has already launched an investigation into how excerpts from 15 Democratic memos showed up in the pages of the conservative-leaning newspapers and were posted to a website last November." They just can't get Nixon out of their system, huh?
A new twist on paying for Internet porn
Although no mention of porn in the CNN story
. Anyone ever been threatened like this?
Don't be fooled by fake blogger.com.
Crackers are after your Blogger password.
"Then we realized that somehow an insane god had taken control of our world and was out to kill us all."
Subscribers of the multiplayer online game "Shadowbane" were in for a shock Tuesday evening when they realized the game system had been hacked, and the rules fundamentally altered, and not in a good way (unless you happen to like mayhem). While this ended up being a "no harm, no foul" scenario, as everything was eventually set right, it was breaking new ground in terms of the uses of hacking. In a world where characters in these games are sold via EBay, and nearly half a million people subscribe to Everquest, how long before legitimate (non "fun and games") version of what just happened occurs?
Some ten months ago, Tim Lutero's weblog was hacked and all the entries were erased.
The person allegedly responsible for the hack is a weblogger who won 'Highly Commended' status in Guardian Unlimited
's 'Best British Blog'
competition six months ago.
If the allegations can be proven, should this award stand?
Hackers to the rescue!
This is where the real war is being fought folks....
"Hacked by Patriot, Freedom Cyber Force Militia"
Kevin Mitnick, a hacker who went without trial in the US for years, has finally been freed from his computer-free probation today. Buy his stuff on ebay
, or buy his book
. Or don't, it's really up to you.
While trying to pull up a favorite website
I find the USG (Unix Security Guards)
, a group of so called pro Islamic hackers, have shut the site down.
It's all well and good to be protesting the Middle East conflict by interrupting a night of jolly surfing, but why a rock and roll website?
Damn hacktivist groups
Good job punks!
The FBI on hacking vs. The Russians
That is crazy! 100 hundred years for hacking computers when there are people that actually hurt other people - maliciously...rapists, murderers, US politicians...
"If Russian hackers can be convicted on evidence obtained by the Americans through hacking, it means the U.S. secret services may use further illegal means of obtaining information in Russia and in other countries," an FSB spokesman told Interfax on Thursday.
Not only that, but the seriously...can this sort of thing just slide by?
You must hack.
It's your duty as an American. Godspeed, dear patriots.
Out of all the groups of people
that annoy the heck out of me (telemarketers, ricers and scientologists to name a few) I still cannot help but crack up when I read something written in 1337 hacker
talk. Thank God they don't rule the world
Congress is about to consider an entertainment industry proposal that would authorize copyright holders to disable PCs used for illicit file trading
. "The measure would permit copyright holders to perform nearly unchecked electronic hacking if they have a "reasonable basis" to believe that piracy is taking place."