Everything is broken Next time you think your grandma is uncool, give her credit for her time helping dangerous Russian criminals extort money from offshore casinos with DDoS attacks.
] breaks down the reasons why computers are so hackable by exploring the realities of how software is made and used.
posted by dobie
on May 21, 2014 -
“The good news is that there are solutions. The weakness of mass surveillance is that it can very easily be made much more expensive through changes in technical standards: pervasive end-to-end encryption can quickly make indiscriminate surveillance impossible on a cost-effective basis. The result is that governments are likely to fall back to traditional, targeted surveillance founded upon an individualized suspicion. Governments cannot risk the discovery of their exploits by simply throwing attacks at every “endpoint,” or computer processor on the end of a network connection, in the world. Mass surveillance, passive surveillance, relies upon unencrypted or weakly encrypted communications at the global network level.
Edward Snowden submits written testimony to an EU committee investigating mass surveillance, and answers questions.
The testimony takes place 3 days ahead of his highly anticipated SXSW appearance, to take place later today. Snowden is expected to speak about privacy, security, mass surveillance programs, free speech and whistle-blowing in a rare remote video appearance before a live audience.
Kansas Congressman Mike Pompeo finds this “deeply troubling” in a letter he's sent to the organizers of the conference.
Meanwhile, people who wish to #asksnowden questions can use the hashtag on Twitter. The talk is to take place at 12pm PT, today.
posted by fantodstic
on Mar 10, 2014 -
"During his civil lawsuit against the People's Republic of China, Brian Milburn
says he never once saw one of the country's lawyers. He read no court documents from China's attorneys because they filed none. The voluminous case record at the U.S. District courthouse in Santa Ana contains a single communication from China: a curt letter to the U.S. State Department, urging that the suit be dismissed. That doesn't mean
Milburn's adversary had no contact with him." [China Mafia-Style Hack Attack Drives California Firm to Brink
posted by vidur
on Nov 28, 2012 -
"Hackers of the world are uniting and taking direct action against our common oppressors - the government, corporations, police, and militaries of the world
" says LulzSec (previously)
in their latest release, Chinga La Migra
. "We are releasing hundreds of private intelligence bulletins, training manuals, personal email correspondence, names, phone numbers, addresses and passwords belonging to Arizona law enforcement. We are targeting AZDPS specifically because we are against SB1070 (previously) and the racial profiling anti-immigrant police state that is Arizona.
is a new track from nerdcore rapper ytcracker (previously)
posted by finite
on Jun 23, 2011 -
People who use Sony don't make very good passwords
. "None of this is overly surprising, although it remains alarming. We know passwords are too short, too simple, too predictable and too much like the other ones the individual has created in other locations. The bit which did take me back a bit was the extent to which passwords conformed to very predictable patterns, namely only using alphanumeric character, being 10 characters or less and having a much better than average chance of being the same as other passwords the user has created on totally independent systems." [more inside]
posted by -->NMN.80.418
on Jun 7, 2011 -
Sony's PlayStation Network and Qriocity have been down since April 20 2011 due to an illegal intrusion. Today Sony announced
that user data - birthdate, user name, password, e-mail address, possibly credit card information, and more - has been compromised for its 69
million users, exposing them to identify theft amongst other things. [more inside]
posted by Foci for Analysis
on Apr 26, 2011 -
An anonymous hacking outfit called "Gnosis" has infiltrated Gawker Media
, hijacking the front page
and leaking the company's internal chat logs, source code, and content databases along with the usernames, email addresses, and passwords of over 1.3 million users
(including Gawker staff). The attack, which was motivated by what the group describes as the "outright arrogance"
with which the company's bloggers taunted anonymous imageboard 4chan (semi-previously)
, affects every site in the Gawker network, including Gizmodo, Kotaku, Lifehacker, Jezebel, Deadspin, Jalopnik, and io9. While most of the leaked passwords are encrypted, more than 200,000 of the simpler ones in the torrent file have been cracked, and the links between account names and email addresses are in plaintext for all to see. Since the integrity of Gawker's encryption methods remains in doubt
, it is recommended that anyone who has ever registered an account on any Gawker property change their passwords immediately, especially if the same log-in information is used for other services.
posted by Rhaomi
on Dec 12, 2010 -
The University of East Anglia's Climatic Research Unit
suffered a security breach
this week. Hackers made off with thousands of email correspondences between some of the world's top climate scientists, and posted them to the Internet1
Tony Hake has posted an article
at The Examiner, highlighting what he feels are the most egregious examples of scientists manipulating and hiding data to support the established theories about Climate Change. Some of the scientists involved counter
that the quotes are taken out of context, and that "People are using language used in science and interpreting it in a completely different way".
1 I'm not going to link to them, but the Examiner article mentions where to get them.
posted by Who_Am_I
on Nov 20, 2009 -
Neurosecurity: security and privacy for neural devices.
"An increasing number of neural implantable devices will become available in the near future due to advances in neural engineering. This discipline holds the potential to improve many patients' lives dramatically by offering improved—and in some cases entirely new—forms of rehabilitation for conditions ranging from missing limbs to degenerative cognitive diseases. The use of standard engineering practices, medical trials, and neuroethical evaluations during the design process can create systems that are safe and that follow ethical guidelines; unfortunately, none of these disciplines currently ensure that neural devices are robust against adversarial entities trying to exploit these devices to alter, block, or eavesdrop on neural signals. The authors define 'neurosecurity'—a version of computer science security principles and methods applied to neural engineering—and discuss why neurosecurity should be a critical consideration in the design of future neural devices." [Via Mind Hacks]
posted by homunculus
on Jul 8, 2009 -
Online communities to become more 'all-encompassing.'
If you join the SHC community on Sears.com, all web traffic to and from your computer thereafter will be copied and sent to a third party marketing research firm - including, for example, your secure sessions with your bank! The Sears.com proxy will send your logins and passwords along with a cleartext copy of all the supposedly secure data. But wait, it gets better
: you can only view the true TOS once the proxy has already been installed. [more inside]
posted by ikkyu2
on Jan 3, 2008 -
Interesting "New Yorker" article
about online extortion via DDoS attacks. Call me naive and underinformed, but I had little understanding of how this works.
"In the most common scenario, the bots surreptitiously connect hundreds, or thousands, of zombies to a channel in a chat room. The process is called “herding,” and a herd of zombies is called a botnet."
posted by dersins
on Oct 7, 2005 -
Hackers target Cell Phones
With the connectivity of cell phones to the internet, hackers have begun to target cell phones, programming prank calls, placing calls to wherever and erasing the software in the phone.
posted by Lanternjmk
on Mar 11, 2002 -
How to hack grey matter
A big security loophole with grey matter powered sites is out there. It lets anyone have the username and password to these sites. Luckly there is a fix for it which can be found here
posted by thebwit
on Feb 23, 2002 -
FBI warns Microsoft XP users
"The FBI is urging computer users to unplug and don't play when it comes to addressing serious security flaws found in Microsoft's new Windows XP program."
"Microsoft admitted this week that there are several serious glitches in the new software. "
posted by headlemur
on Dec 22, 2001 -
Microsoft's newest version of Windows....
billed as the most secure ever, contains several serious flaws that allow hackers to steal or destroy a victim's data files across the Internet or implant rogue computer software. The company released a free fix Thursday.
A Microsoft official acknowledged that the risk to consumers was unprecedented because the glitches allow hackers to seize control of all Windows XP operating system software without requiring a computer user to do anything except connect to the Internet.
posted by bkdelong
on Dec 20, 2001 -
The dangerous app with the unlikely name allows users to snatch data being passed over wireless networks, eventually capturing passwords to the network.
posted by o2b
on Nov 29, 2001 -
Silicon Valley backs Senate bill
that would allow companies to report computer network attacks to the government without having to worry about the public finding out. The reasoning: it would encourage
more companies to report the problems and help the
government track down the culprits. A similar bill
is in the House.
posted by thescoop
on Sep 25, 2001 -
Up to 20% of the internet vulnerable
to a virus. There is a new Linux worm virus. Apparently, it steals passwords, installs and hides other hacking tools on infected systems, and then uses those systems to seek other servers to attack. Sys admins are advised to run a check on their servers and upgrade their BIND version.
posted by borgle
on Mar 25, 2001 -
AIPAC Hacked, Credit Card numbers exposed.
This morning the Web site of the American Israel Public Affairs Committee was defaced by Doctor Nuker of the Pakistan Hackerz Club
. I didn't think anything of it which was why I missed getting the mirror the first time around.
Apparently this is a pretty large organization according to my co-worker, a former Washingtonite. It's the biggest American Jewish lobbying organization in the US from what I hear... which is going to piss people off when they realize their credit card information was leaked in the defacement.
posted by bkdelong
on Nov 2, 2000 -
Western Union's site
is down, as hackers have accessed their "secure" database
. Western Union's only suggestion so far is to tell all customers to cancel their credit card accounts. Is anything really
secure on the internet? Do you trust amazon to hold your credit card numbers, Wells Fargo to keep your checking account private, and Kozmo employees not to pilfer your credit card numbers for fun?
posted by mathowie
on Sep 10, 2000 -
They bagged the kid who was responsible
for all those Denial-of-Service attacks a couple of months ago. He's Canadian.
Here's an interesting legal question: could the US extradite him? The crimes were committed in the US, but he was in Canada at the time he did it, since he worked through the Internet. Whose laws apply?
(By the way, I've seen no indication that the US is considering extradition; I was just curious whether they could
posted by Steven Den Beste
on Apr 19, 2000 -
Uncle Sam wants YOU
to solve the internet's problems. President Clinton announced yesterday that, due to a complete lack of knowledge about the internet, it will cost $2 billion in 2001 to develop anti-hacker secuity. Plus they intend on subsidizing college costs for computer science majors that agree to work for the government. Hey if he'd give me just one million dollars, I'd be able to pay off my school costs and hunt down hackers personally, like Boba Fett
posted by Awol
on Feb 11, 2000 -
Last night Kevin Mitnick
was on 60 minutes (the gist of the interview is quoted here
), and I have to say he came off as an utterly harmless geek. He was an information junkie that enjoyed the challenge of cracking firewalls. He never profited from his activities and the affected companies made up their monetary losses. It's a shame he was forced to waste away in prison instead of offer his security expertise to the affected companies.
posted by mathowie
on Jan 24, 2000 -