Skip navigation
Help

hackers

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.
Original author: 
Dan Goodin

Josh Chin

The Chinese hackers who breached Google's corporate servers 41 months ago gained access to a database containing classified information about suspected spies, agents, and terrorists under surveillance by the US government, according to a published report.

The revelation came in an article published Monday by The Washington Post, and it heightens concerns about the December, 2009 hack. When Google disclosed it a few weeks later, the company said only that the operatives accessed Google "intellectual property"—which most people took to mean software source code—and Gmail accounts of human rights activists.

Citing officials who agreed to speak on the condition that they not be named, Washington Post reporter Ellen Nakashima said the assets compromised in the attack also included a database storing years' worth of information about US surveillance targets. The goal, according to Monday's report, appears to be unearthing the identities of Chinese intelligence operatives in the US who were being tracked by American law enforcement agencies.

Read 7 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Jon Brodkin


Prototype of a system for preventing ATM theft.

Reuters

A criminal serving a five-year sentence "for supplying gadgets to an organized crime gang used to conceal ATM skimmers" has invented a device that prevents ATMs from being susceptible to such thefts, Reuters reported today.

Valentin Boanta, who is six months into his sentence in a Romanian prison, developed what he calls the SRS (Secure Revolving System) which changes the way ATM machines read bank cards to prevent the operation of skimming devices that criminals hide inside ATMs.

Boanta's arrest in 2009 spurred him to develop the anti-theft device to make amends. "When I got caught I became happy. This liberation opened the way to working for the good side," Boanta told Reuters. "Crime was like a drug for me. After I was caught, I was happy I escaped from this adrenaline addiction. So that the other part, in which I started to develop security solutions, started to emerge."

Read 5 remaining paragraphs | Comments

0
Your rating: None

I found out yesterday that George Hotz, the hacker most known for unlocking the original iPhone and hacking the PS3, is now studying at my alma mater, Carnegie Mellon University. CMU has a bash.org clone for saving ridiculous quotes in IRC and around the computer science campus, and geohot already has some great ones in there.

amwatson: George, you have to start working on the assignment! If you don't, you won't have time to run on the supercomputer!
geohot: Don't worry. I have my own supercomputer!
amwatson: ...You have your own 256-core machine?
geohot: Yeah! Well, I have a botnet...

<geohot> I'm permitted to own Sony products. I'm just not permitted to touch them inappropriately.

< Tony0> I like geohot's method of forcing himself to suck less with vim
< Tony0> apparently he rebound the arrow keys to backspace.
< gwillen> I,I vim is properly appreciated in the original Klingon

Oh, geohot! More great quotes at cmubash.org. Thanks, Dannel!

0
Your rating: None

Screen Shot 2012-04-02 at 9.27.20 AM

It’s hard being a hacker’s darling. Pastebin is a dox dumping site – as well as a useful tool for programmers and writers who want to share a piece of text or store it for later – and it is facing what could be a termed a problem of popularity. Because groups like Anonymous have used the service to dump sensitive information, the company has been banned in Turkey and Pakistan and, more important, has become the target of DDOS attacks by kiddies who want to test their exciting new scripts. The result? A company that is, by all metrics, growing, now needs to spend money and solicit volunteers to protect itself from its biggest fans.

After a BBC story noted Pastebin’s problems, the site’s owner, Jeroen Vader, received a number of offers to help police the site for free. The monitors will pull down questionable content when users report seeing it using the site’s interface.

“Exactly how many people will be hired is not known yet. What is surprising is the amount of offers that I received in the mail since the publishing of the BBC article. It’s quite amazing how many people are willing to help out as volunteers,” he said.

He said Pastebin is seeing 17 million unique visitors per month and that he’s getting more DDOS attacks than he currently can handle. “Fighting these certainly is no fun,” he said. His goal is to create a space that is used more for code and text sharing than information dumps.

Anonymous isn’t happy with this move, recommending its minions use a Pastebin clone, PasteBay, instead. PasteBay claims to be uncensored and unmonitored, something that I’m less inclined to trust than a dude who is just trying to run a legal business by working within the confines of international law.

Owner of #Pastebin plans to hire moreStaff toHelp police"sensitive information"posted to the site. bbc.com/news/technolog… (use #pastebay)


Anonymous Sweden (@AnonOpsSweden) April 02, 2012

0
Your rating: None

somehwat-mad-completely-mad-u-mad-MADAD.jpg

Patrick Gray of the Risky Business security podcast wrote a funny rant about why many who work in computer security are secretly chuckling at the antics of hacker/cracker/prankster entity Lulzsec.

"They're posting proprietary developer code. They're bringing back Tupac and Biggie. They're advising Nintendo on more secure httpd configurations. And they're issuing funny press releases via Twitter and Pastebin," Patrick writes.

But more to the point, professional consultants have been trying to teach the I.T. world these fundamental lessons about security for ages—now, thanks to LulzSec, the world is finally listening.

It might be surprising to external observers, but security professionals are also secretly getting a kick out of watching these guys go nuts.

I wrote my first article on information security around May 2001. It was about the Sadmind worm and it ran on the letters page of the IT section of The Age newspaper in Melbourne.

"Geez," I thought to myself. "If awareness isn't raised about the unsuitability of these computamajiggies for srs bizness, we could encounter some problems down the track."

So for the last ten years I've been working in media, trying to raise awareness of the idea that maybe, just maybe, using insecure computers to hold your secrets, conduct your commerce and run your infrastructure is a shitty idea.

No one who mattered listened. Executives think it's FUD. They honestly think that if they keep paying their annual AV subscriptions they'll be shielded by Mr. Norton's magic cloak.

Security types like LulzSec because they're proving what a mess we're in. They're pointing at the elephant in the room and saying "LOOK AT THE GIGANTIC FUCKING ELEPHANT IN THE ROOM ZOMG WHY CAN'T YOU SEE IT??? ITS TRUNK IS IN YR COFFEE FFS!!!"

There is no security, there will be no security. The horse has bolted, and it's not going to be the infrastructure that's going to change, it's going to be us.

"Why we secretly love LulzSec: Elephant in room visible. Cans open. Worms everywhere." (risky.biz)

 

0
Your rating: None