1
48 MAY/JUNE 2011 Texas Robbers Busted after Facebook Bragging Our thanks to the Associated Press for reporting on how four Texans were indicted by federal prosecutors after apparently bragging about their $62,000 bank embezzlement exploits. After leaving messages such as ‘I’m rich’ and ‘Wipe my teeth with hundreds’ (sic), Ol’ Slackey was amused to learn that one individual in the group of 18–22 year-olds is extremely remorseful for what he is accused of doing. Well, so his lawyer says. But they all do, don’t they? http://bit.ly/izoszj Pen Testing a Cop Car It was interesting to hear about US pen tester, Kevin Finisterre. After being hired to pen test a city’s IT resources, his due diligence led him to test a cop car. Kevin managed to hack into the car’s on-board digital recorder and get a live feed from the dash-cam. By the end of the hack, Finisterre accessed the DVR hard drive and could see with cams and hear through the microphones in the police cruiser. By using default passwords, he was able to upload, download and even delete video feed files that had been collected from cop cars. “Those stored files from DVRs might be meant for evidence in court cases”, said The Register, reporting on the tests. All good fun, until you realize that Finisterre has discovered what may be a generic flaw in Verizon’s mobile cellular data service, which has profound implications for mobile data users. Oo-er... http://bit.ly/lqhQZi Vatican Magazine Says Hackers Do God’s Work It seems that computer hackers embody classic Christian virtues, a Vatican Slack space publication says, and should not be perceived negatively. Come again? Yes, that’s right – according to MSNBC, in praising the hackers for their ‘joyful application of intelligence to problem solving’, hackers are effectively aligning themselves with the teachings of Christianity. No, I’m not making this up. Honestly... http://bit.ly/fze0ws Say Hello to GPS Spoofing GPS jammers – which block satnav systems from operating – have been around for some time, but how about GPS spoofing? It seems that crackers have found a way of feeding false coordinates into GPS- driven apps on smartphones, allowing them to ‘check in’ on FourSquare (a popular online travel app on Facebook) at bizarre locations such as Tripoli (say hi to the Colonel for me) and the White House Oval Office (well hello Mr President). There’s even a fake GPS app for use on Android handsets apparently, but as several researchers have observed, people still take a set of GPS coordinates as gospel when it comes to locating someone. Yes they do, and a number of criminal prosecutions have based a lot of their evidence on GPS tracking. If GPS can be spoofed, no matter how light-heartedly, this could get serious. For now, though, look at me, checking into 10 Downing Street. Hello Prime Minister! http://bit.ly/f4VOCZ Stolen Laptop Snaps Man’s Picture It seems that a ‘somewhat simple’ alleged thief of a laptop has had their picture taken on the very laptop he apparently stole. According to Colorado police, a photo was taken by a security feature on the stolen laptop, but the police can’t be sure who it is. “We don’t know if he’s the person who stole the laptop or someone who just opened it when the feature was enabled, but he’s obviously someone we want to talk to”, a police spokeswoman told the Denver Post. The thief didn’t just nick the laptop from the unfortunate soul in Boulder, they also stole an iPod and a cell phone. The good news is that there’s a $1,000 reward... http://bit.ly/f7JBlI Pravda Website Infects Users Our thanks to Softpedia for reporting that the English-language section of the Pravda website was serving up malware for several days during May. Google’s safe browsing service apparently picked up that the Russian government site was subverting its bourgeois readers with malware and IT security vendor F-Secure flagged it up. As the newswire observed: “The english.pravda.ru website is an important source of Russian news for English speakers, so it is likely to get a significant number of foreign visitors.” Mikko Hypponen, F-Secure’s CRO, meanwhile, said: “An attack like this is particularly devious. An end user might go to the same news website every morning for years, learning to trust it.” “Then one day it has become dangerous and will take over your computer, just by opening your favorite page”, he explained. http://bit.ly/j7bqz6 Anyone who wants to share their grumbles, groans, tip-offs and gossip with the author of Slack Space should contact [email protected]. Smile for the camera! Thou shall not criticize hackers

Slack Space

Embed Size (px)

Citation preview

Page 1: Slack Space

48 MAY/JUNE 2011

Texas Robbers Busted after Facebook BraggingOur thanks to the Associated Press for

reporting on how four Texans were indicted

by federal prosecutors after apparently

bragging about their $62,000 bank

embezzlement exploits.

After leaving messages such as ‘I’m rich’

and ‘Wipe my teeth with hundreds’ (sic),

Ol’ Slackey was amused to learn that one

individual in the group of 18–22 year-olds

is extremely remorseful for what he is

accused of doing. Well, so his lawyer says.

But they all do, don’t they?

http://bit.ly/izoszj

Pen Testing a Cop Car

It was interesting to hear about US pen

tester, Kevin Finisterre. After being hired

to pen test a city’s IT resources, his due

diligence led him to test a cop car.

Kevin managed to hack into the car’s

on-board digital recorder and get a live feed

from the dash-cam.

By the end of the hack, Finisterre

accessed the DVR hard drive and could

see with cams and hear through the

microphones in the police cruiser. By using

default passwords, he was able to upload,

download and even delete video feed files

that had been collected from cop cars.

“Those stored files from DVRs might be

meant for evidence in court cases”, said

The Register, reporting on the tests.

All good fun, until you realize that

Finisterre has discovered what may

be a generic flaw in Verizon’s mobile

cellular data service, which has profound

implications for mobile data users. Oo-er...

http://bit.ly/lqhQZi

Vatican Magazine Says Hackers Do God’s WorkIt seems that computer hackers embody

classic Christian virtues, a Vatican

Slack spac

epublication says, and should not be

perceived negatively.

Come again? Yes, that’s right –

according to MSNBC, in praising the

hackers for their ‘joyful application of

intelligence to problem solving’, hackers

are effectively aligning themselves with the

teachings of Christianity.

No, I’m not making this up. Honestly...

http://bit.ly/fze0ws

Say Hello to GPS Spoofing

GPS jammers – which block satnav systems

from operating – have been around for

some time, but how about GPS spoofing?

It seems that crackers have found a

way of feeding false coordinates into GPS-

driven apps on smartphones, allowing

them to ‘check in’ on FourSquare (a

popular online travel app on Facebook) at

bizarre locations such as Tripoli (say hi to

the Colonel for me) and the White House

Oval Office (well hello Mr President).

There’s even a fake GPS app for use

on Android handsets apparently, but as

several researchers have observed, people

still take a set of GPS coordinates as gospel

when it comes to locating someone.

Yes they do, and a number of criminal

prosecutions have based a lot of their

evidence on GPS tracking. If GPS can be

spoofed, no matter how light-heartedly,

this could get serious.

For now, though, look at me, checking

into 10 Downing Street.

Hello Prime Minister!

http://bit.ly/f4VOCZ

Stolen Laptop Snaps Man’s Picture It seems that a ‘somewhat simple’ alleged

thief of a laptop has had their picture taken

on the very laptop he apparently stole.

According to Colorado police, a photo

was taken by a security feature on the

stolen laptop, but the police can’t be sure

who it is.

“We don’t know if he’s the person

who stole the laptop or someone who just

opened it when the feature was enabled,

but he’s obviously someone we want to

talk to”, a police spokeswoman told the

Denver Post.The thief didn’t just nick the laptop

from the unfortunate soul in Boulder, they

also stole an iPod and a cell phone. The

good news is that there’s a $1,000 reward...

http://bit.ly/f7JBlI

Pravda Website Infects Users

Our thanks to Softpedia for reporting

that the English-language section of the

Pravda website was serving up malware

for several days during May.

Google’s safe browsing service

apparently picked up that the Russian

government site was subverting its

bourgeois readers with malware and IT

security vendor F-Secure flagged it up.

As the newswire observed: “The

english.pravda.ru website is an important

source of Russian news for English

speakers, so it is likely to get a significant

number of foreign visitors.”

Mikko Hypponen, F-Secure’s CRO,

meanwhile, said: “An attack like this is

particularly devious. An end user might go

to the same news website every morning

for years, learning to trust it.”

“Then one day it has become dangerous

and will take over your computer, just by

opening your favorite page”, he explained.

http://bit.ly/j7bqz6

Anyone who wants to share their grumbles, groans,

tip-offs and gossip with the author of Slack Space

should contact [email protected].

Smile for the camera!

Thou shall not criticize hackers