Tag Archives: hacking

A Tiny Little Data Breach

03 Saturday Apr 2021

Posted by in News and Notes

Comments Off on A Tiny Little Data Breach

Tags

, ,

Just another day in the Cult of Free:

A user in a low level hacking forum on Saturday published the phone numbers and personal data of hundreds of millions of Facebook users for free online.

The exposed data includes personal information of over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India. It includes their phone numbers, Facebook IDs, full names, locations, birthdates, bios, and — in some cases — email addresses.

If at this point, you’re still on Faceberg, then you are indeed what Markie Z calls you – a dumb fuck.

Google’s 1.2 Billion Record Oops

23 Saturday Nov 2019

Posted by in News and Notes

Comments Off on Google’s 1.2 Billion Record Oops

Tags

, , ,

Quite the breach there, Google.

For well over a decade, identity thieves, phishers, and other online scammers have created a black market of stolen and aggregated consumer data that they used to break into people’s accounts, steal their money, or impersonate them. In October, dark web researcher Vinny Troia found one such trove sitting exposed and easily accessible on an unsecured server, comprising 4 terabytes of personal information—about 1.2 billion records in all.

While the collection is impressive for its sheer volume, the data doesn’t include sensitive information like passwords, credit card numbers, or Social Security numbers. It does, though, contain profiles of hundreds of millions of people that include home and cell phone numbers, associated social media profiles like Facebook, Twitter, LinkedIn, and Github, work histories seemingly scraped from LinkedIn, almost 50 million unique phone numbers, and 622 million unique email addresses.

“It’s bad that someone had this whole thing wide open,” Troia says. “This is the first time I’ve seen all these social media profiles collected and merged with user profile information into a single database on this scale. From the perspective of an attacker, if the goal is to impersonate people or hijack their accounts, you have names, phone numbers, and associated account URLs. That’s a lot of information in one place to get you started.”

Maybe linking al those accounts wasn’t a good idea. Of course, it made logging in so easy. Faster access to the cat videos and such.

What Goes Around, Euro Style

15 Monday Jul 2019

Posted by in News and Notes

Comments Off on What Goes Around, Euro Style

Tags

, , , , ,

Galileo is down, God help the EU. The spy “navigation” system is offline, has been, and questions abound. A cyber attack?

Galileo, the EU’s global navigation satellite system, has been down for four days, since July 11, following a mysterious outage. All Galileo satellites are still non-operational, at the time of writing.

According to a service status page, 24 of the 26 Galileo satellites are listed as “not usable,” while the other two are listing a status of “testing,” which also means they’re not ready for real-world usage.

The European GNSS Agency (GSA), the organization in charge of Galileo, has not published any information in regards to the root of the outage, which began four days ago, on Thursday, July 11.

On that day, the GSA published an advisory on its website alerting companies and government agencies employing the Galileo system that satellite signals have degraded and they “may not be available nor meet the minimum performance levels.”

The agency warned that the Galileo system “should be employed at users’ own risk.”

That admonishment sounds par for the standard operating course. Most haven’t heard of this system before, nor do they care now. I first learned of it nearly 20 years ago, at a Federalist Society luncheon in DC. A friend from Germany, a then-JD candidate already possessed of a Ph.D. is computer science something, wouldn’t stop talking about it. We all have our issues. He warned me bluntly that the EU was setting up something far beyond GPS and that they were intent on maintaining secrecy. He said, and I believed him, that his attempts to access information about the then-fledgling project, resulted in his computer being “zapped” repeatedly. They did it to him. Someone has done it to them. And, the world turns…

Dangerous Devices to Ban? – (New) Cars and Government

12 Monday Mar 2018

Posted by in News and Notes

Comments Off on Dangerous Devices to Ban? – (New) Cars and Government

Tags

, , , , , ,

Two blurbish news features from FP News. We now summarize some of the day’s prepperish stories for reader convenience (and traffic driving…).

NRA vs. FLA

The State of Florida, acting partly on pressures from teenagers, quickly passed a ban on gun ownership by those under age 21. Yes, in Florida, teenagers aren’t old enough to own guns but they are old enough to direct public policy. Curious.

This will surely halt all violent crime in the Sunshine State. There are no criminals (or terrorists) over 21 and everyone knows criminals (and terrorists) respect and obey the law… It is certainly NOT a first step (third, 28th…) towards total gun control.

More on Car Computer Hacking

This isn’t something exactly new. The danger has been publicized for a few years. But it is real. The most prevalent problem is that your phone has been synced and your information is vulnerable (like banking, passwords, etc.). Then, there’s the issue of someone hacking the car and using the controls to kill you. Car companies and our ever-so-benevolent government have known about this and done next to nothing.

The manufacturers are working on even more mobile killing computers and the gubmit is after guns. This all makes good sense as guns kill 1/3 as many Americans as cars.

Either way – you are largely on your own. Be advised.

car-hacking-jeep

Hacker News.

Pokemon was Worse than We Imagined

13 Friday Oct 2017

Posted by in News and Notes

2 Comments

Tags

, , , , , ,

Last year I repeatedly warned about the threats of Pokemon Go! Both:

The sheer stupidity of it; and

The information security risks (corporate).

Yet even I did not suspect the ultimate purpose behind the game.

My dear liberal friends, you were on to something. The Russians used Pokemon to hack last’s year Black Mass and prevent the coronation of the Coughing Queen.

Russian efforts to meddle in American politics did not end at Facebook and Twitter. A CNN investigation of a Russian-linked account shows its tentacles extended to YouTube, Tumblr and even Pokémon Go.

One Russian-linked campaign posing as part of the Black Lives Matter movement used Facebook, Instagram, Twitter, YouTube, Tumblr and Pokémon Go and even contacted some reporters in an effort to exploit racial tensions and sow discord among Americans, CNN has learned.

I tried to warn everyone.

nimbus-image-1507914640659.png

A Case for James Bond

12 Friday May 2017

Posted by in News and Notes

Comments Off on A Case for James Bond

Tags

, , , , , ,

Hackers are demanding money to unlock computers in multiple countries following a massive ransom-wear attack. England is particularly hard hit.

LONDON — Hackers exploiting data stolen from the United States government conducted extensive cyberattacks on Friday that hit dozens of countries around the world, severely disrupting Britain’s public health system and wreaking havoc on tens of thousands of computers elsewhere.

Hospitals in Britain appeared to be the most severely affected by the attacks, which aimed to blackmail computer users by seizing their data. The attacks blocked doctors’ access to patient files and forced emergency rooms to divert people seeking urgent care.

Corporate computer systems in many other countries — including FedEx of the United States, one of the world’s leading international shippers — were among those affected.

The kicker is that the malicious software used was developed by the NSA in America – to protect us and such. Just as similar hacking tools from the CIA were recently made public, so the NSA has a hard time keeping track of its cyber weapons. Way to go, government.

In this case, people’s lives are at stake. It sounds like no British NHS patients died but they could have. They were certainly inconvenienced. This is more than a breach of privacy. This is an act of terrorism or of war. It should be treated as such. Perhaps one government can clean up the mess caused by another.

Tracking down the hackers will be very difficult. Still, I imagine it could be done. And it should be. Theresa May should turn MI6 loose with orders to hunt down and eradicate the vermin – in Africa, Russia, Mexico – wherever they’re hiding.

And maybe the Military-Security Complex can do a better job of managing its monsters. That, or just not have them.

arogermoore

Eon / United Artists.

Russian Hacking White Paper

30 Friday Dec 2016

Posted by in Legal/Political Columns

1 Comment

Tags

, , , , , , ,

The agency which either allowed hacking of the U.S. State of Georgia or did the hacking (DHS) and the agency that stood by while the ATF sold or gifted 30,000 military weapons to Mexican drug cartels (FBI/DOJ [SIC]) have released a joint report on Russian hacking into the 2016 U.S. election.

nimbus-image-1483110493403

Make of this what you will. A truly exciting holiday read.

Hack Attack

26 Sunday Jul 2015

Posted by in News and Notes

Comments Off on Hack Attack

Tags

, , ,

You love your new car. Navigation, Bluetooth, satellite radio – its the best of everything on wheels. It’s also wide open for remote hacking. I’ve warned about this all year.

The issue is back in the news following a deliberate hacking and takeover of a new Jeep – here and here.

IMG_0724-582x437

Wired.

No one warns like the automotive master, Eric Peters: Eric on the Jeep hack.

First they hacked the Google car. Now, it appears, they – “they” being hackers – could, in principle at least, take over half-a-million Jeeps (and other Fiat-Chrysler vehicles) equipped with in-car WiFi.

They’ve already done so in fact with one.

Chrysler says they have a fix and have issued a recall notice. Don’t drive a Jeep? Happy motoring.

Flyin’ N Spyin’

17 Sunday May 2015

Posted by in News and Notes

Comments Off on Flyin’ N Spyin’

Tags

, , , , , , , ,

A little while back I did a popular series on the electronic dangers lurking inside your new automobile.  I started with a post on a 60 Minutes segment on auto computers and their susceptibility to hacking.  I expounded thereon once Senator Ed Markey of Massachusetts released a damning report on the vulnerability and the complete lack of defense provided by auto manufacturers.  The Markey Report is worth a read.

Next I sounded the alarm on the Federal government’s efforts to track you via computers – even in your car.  I noted some might welcome the intrusion – for the children and such.  If these nuts fly commercial in addition to driving, then they will be further elated.  News comes that a disgruntled techie was able to hack into the controls of an airliner and temporarily take over the flight.

The malicious nerd:

hacked the in-flight entertainment system, or IFE, on an airplane and overwrote code on the plane’s Thrust Management Computer while aboard the flight. He was able to issue a climb command and make the plane briefly change course, the document states.

“He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights…

Just so you know, you are now at risk on the road and in the sky.  I’m sure the TSA is hard at work on a remedy.  Maybe passengers will be barred from bringing any electronic devices aboard.  Maybe they’ll have to fly naked.  At any rate, the problem will still exist, but with a host of new issues to accompany.

Things are out of hand.  In the good old days it took a couple of thugs armed with box-cutters to destroy an airplane.  Now, any dork with a smart phone can do the job.

Drivin’ N Spyin’

08 Sunday Feb 2015

Posted by in Legal/Political Columns, News and Notes

4 Comments

Tags

, , , , , , , , , ,

By this title I mean no disrespect to that most excellent Southern rock band, Drivin’ N Cryin’.  I also did not mean to watch 60 Minutes tonight but I did – at least one segment.

Drivin’ had a great song, Lost in the Shuffle, which, among other things, recounted the theft of a Mercedes.  (Perrin is going somewhere with this …. hang on.)

The segment I watched on 60 Minutes was about DARPA Dan, the man with the plan to protect the cyber land…  Here’s the CBS link.  Among many other interesting topics reporter Lesley Stahl covered the increasing risk that a new car (any new car) can be easily and remotely hacked by way of its on-board computers.  Once a hacker gains control he can do ANYTHING with the car, including crash it.  And, they didn’t just talk about it – they did it on camera.

carcrashcone

(CBS News.)

“Kathleen Fisher, a DARPA veteran, says a modern car is really a computer on wheels. You’ve seen the ads of your GPS or smartphone linked to the dashboard. But this way your car could be hacked and taken over remotely.”

“Using a laptop, the hacker dialed the car’s emergency communication system and transmitted a series of tones that flooded it with data. As the car’s computer tried sorting it out, the hacker inserted an attack that reprogrammed the software, gaining total remote control.”

Scary stuff.  Tomorrow Senator Ed Markey of Massachusetts (D, naturally) will release a report (CBS calls it scathing) about the dangers inside your dashboard.  I’m not one to cheer anything the government does but Ed may be on to something.

The new “infotainment” technology modern cars are equipped with has troubled me for a while.  I’ve heard rumors that several universities, the Pentagon and the European Auto Agency have come to similar conclusions.

I will dissect the Markey Report and add my thoughts here.

Two more things:

First, the whole CBS segment was permeated with the aura (and smell) of big, technocratic government.  You know.  Something alarms them so they come up with a solution.  The solution is worse than the problem.  They want you to praise them for the new problem/solution.  Same old song.

Second, DARPA!  Gregg and Darpa?  No.  DARPA means Defense Advanced Research Projects Agency.  They do some cool stuff.  And, some scary stuff.  They have literally brought Ray Bradbury’s Mechanical Hound to life – Google or Youtube “DARPA Big Dog.”  Watch a few of the videos.  NOT TONIGHT!  You might not be able to sleep.  Oh, and until I have gone over the Markey Report, keep an eye on your car…

bigdog

(Not your Grandpa’s Fido.  Google.)