Displaying items by tag: Hacking

Remember how we told you about Jim Conte and his plan to make anonymous posting a thing of the past (and in some cases illegal)? When we covered that we talked about the technological and financial barriers to doing this as well as some of the implications of the law. Well we have an actual example of how removing anonymity from the web can be abused (and how it directly relates to the section about political commentary).

In a bold move AntiSec (part of the Anonymous movement) has decided to release what they claim is 1.7GB of files from a branch of the US Department of Justice. Unlike many other dumps which have been on Pastebin this time they chose to use The Pirate Bay. We are guessing that it has to do with the size of the dump (a fairly hefty 1.7GB), but could also be partly due to issues that have popped up with Pastebin and their decision to remove dumps like this as quickly as possible. Then dump was been tweeted about on the twitter feed PlanetHacks who has claimed responsibility for posting the file (the name of the person tweeting about it is Joke which makes us Wonder…). According to the Twitter feed the attack was “a local file inclusion to obtain an encrypted password, and decrypted it afterwards.”

With all that is going on in the “hacker” world there is more drama today as someone is possibly claiming to maybe know who The Jester is. The catch, well it might be The Jester himself. To fill you in on a little background information; The Jester (also known as th3j35t3r) has made something of a name for himself in his activities against WikiLeaks, Anonymous, and other sites that do not agree with his politics. He has styled himself as a vigilante hacker and one that has the “power” to take down sites single handedly (with the right DDoS tools).

Wow, who would have thought that a site like The Pirate Bay would ever be taken down by a DDoS attack (Distributed Denial of Service), but that is exactly what it looks like is happening to the world famous torrent listing site. What makes the situation interesting is thinking about who might be behind the attack and, of course why? So let’s walk through a few likely scenarios and a few that are a little off the deep end.

The Department of Homeland Security has issues some very unusual warnings for companies that handle the US Natural Gas Pipelines. The three Amber warnings claim that a concerted intrusion attempt is being made on the command and control centers for this infrastructure service that is responsible for roughly 25% of the power produced in the US. What makes these warnings unusual is the detail and the fact that companies have been told not to do anything to block the intrusions unless they threaten the actual operation of the service.

Remember the article that we posted a couple of weeks ago stating that one thing that Anonymous has done is highlight security concerns that corporations would rather keep hidden? Well it turns out that the recent hack on the China Electronics Import & Export Corp (CEIEC) through an outsourced email provider sina.com was all about highlighting security. We had said more than once that the outsourcing of information into the cloud creates a security hole that is miles wide. Still we see this happening more and more as it becomes “cost effective” to allow someone else to deal with security.

Today’s copyright, patent and intellectual property laws are something to read. If you have an extra couple of days that you do not mind losing you should read through some of them. They are astonishing in their complexity and how they take are working not to help foster invention, but to make sure that competition is limited. In fact, many Americans might be interested to know that our own National Anthem would be considered in violation of Copyright.

There is a lot of talk in the news about a very old piece of malware. This malicious code was called DNSChanger and was part of a criminal enterprise that intended to route people’s traffic through their own servers instead of the intended servers. This opened the victims up to countless other potential infections. The Malware was discovered back in 2004 and had a small amount of fame for its time. The impact of this particular infection was rated into the millions of Windows based PCs. Although the malware was identified and six people were arrested for it, the authorities did not know what to do about the infected systems (which is VERY odd).

If there is one thing that you can say Anonymous has done that has a measurable positive effect it is exposing the level of Corporate and Government Ignorance. Ignorance is not an admissible excuse any longer in this day and age and is often used in court when someone says they did not know they were breaking the law. Since this is generally accepted why is anyone willing to give companies that show massive amounts of ignorance (which is just really lack of forethought or cost cutting) when it is discovered that their systems are not secure? We are shocked that this is at all acceptable considering the data breaches going back as far as 2009. Still we continually hear about this product or that network is suddenly discovered to be insecure. Exactly how is that possible?

The online movement known as Anonymous had a fairly busy weekend and even managed to push their “fun” into Monday. According to several of the Anonymous twitter accounts they are now rather upset at PasteBin. It seems that the owner of PasteBin is unhappy about the uses that Anonymous has put his “code sharing” site to. He laments that it was never intended for the sharing of sensitive information and has even stated he is going to hire additional workers to help remove these types of posts. This had an interesting effect on the collective where tweets saying things like “Srsly Pastebin, f*** you - @Pastebin to hire staff to tackle hackers' 'sensitive' posts” .