Slack Space
1
48 MAY/JUNE 2011 Texas Robbers Busted after Facebook Bragging Our thanks to the Associated Press for reporting on how four Texans were indicted by federal prosecutors after apparently bragging about their $62,000 bank embezzlement exploits. After leaving messages such as ‘I’m rich’ and ‘Wipe my teeth with hundreds’ (sic), Ol’ Slackey was amused to learn that one individual in the group of 18–22 year-olds is extremely remorseful for what he is accused of doing. Well, so his lawyer says. But they all do, don’t they? http://bit.ly/izoszj Pen Testing a Cop Car It was interesting to hear about US pen tester, Kevin Finisterre. After being hired to pen test a city’s IT resources, his due diligence led him to test a cop car. Kevin managed to hack into the car’s on-board digital recorder and get a live feed from the dash-cam. By the end of the hack, Finisterre accessed the DVR hard drive and could see with cams and hear through the microphones in the police cruiser. By using default passwords, he was able to upload, download and even delete video feed files that had been collected from cop cars. “Those stored files from DVRs might be meant for evidence in court cases”, said The Register, reporting on the tests. All good fun, until you realize that Finisterre has discovered what may be a generic flaw in Verizon’s mobile cellular data service, which has profound implications for mobile data users. Oo-er... http://bit.ly/lqhQZi Vatican Magazine Says Hackers Do God’s Work It seems that computer hackers embody classic Christian virtues, a Vatican Slack space publication says, and should not be perceived negatively. Come again? Yes, that’s right – according to MSNBC, in praising the hackers for their ‘joyful application of intelligence to problem solving’, hackers are effectively aligning themselves with the teachings of Christianity. No, I’m not making this up. Honestly... http://bit.ly/fze0ws Say Hello to GPS Spoofing GPS jammers – which block satnav systems from operating – have been around for some time, but how about GPS spoofing? It seems that crackers have found a way of feeding false coordinates into GPS- driven apps on smartphones, allowing them to ‘check in’ on FourSquare (a popular online travel app on Facebook) at bizarre locations such as Tripoli (say hi to the Colonel for me) and the White House Oval Office (well hello Mr President). There’s even a fake GPS app for use on Android handsets apparently, but as several researchers have observed, people still take a set of GPS coordinates as gospel when it comes to locating someone. Yes they do, and a number of criminal prosecutions have based a lot of their evidence on GPS tracking. If GPS can be spoofed, no matter how light-heartedly, this could get serious. For now, though, look at me, checking into 10 Downing Street. Hello Prime Minister! http://bit.ly/f4VOCZ Stolen Laptop Snaps Man’s Picture It seems that a ‘somewhat simple’ alleged thief of a laptop has had their picture taken on the very laptop he apparently stole. According to Colorado police, a photo was taken by a security feature on the stolen laptop, but the police can’t be sure who it is. “We don’t know if he’s the person who stole the laptop or someone who just opened it when the feature was enabled, but he’s obviously someone we want to talk to”, a police spokeswoman told the Denver Post. The thief didn’t just nick the laptop from the unfortunate soul in Boulder, they also stole an iPod and a cell phone. The good news is that there’s a $1,000 reward... http://bit.ly/f7JBlI Pravda Website Infects Users Our thanks to Softpedia for reporting that the English-language section of the Pravda website was serving up malware for several days during May. Google’s safe browsing service apparently picked up that the Russian government site was subverting its bourgeois readers with malware and IT security vendor F-Secure flagged it up. As the newswire observed: “The english.pravda.ru website is an important source of Russian news for English speakers, so it is likely to get a significant number of foreign visitors.” Mikko Hypponen, F-Secure’s CRO, meanwhile, said: “An attack like this is particularly devious. An end user might go to the same news website every morning for years, learning to trust it.” “Then one day it has become dangerous and will take over your computer, just by opening your favorite page”, he explained. http://bit.ly/j7bqz6 Anyone who wants to share their grumbles, groans, tip-offs and gossip with the author of Slack Space should contact [email protected]. Smile for the camera! Thou shall not criticize hackers
Transcript of Slack Space
48 MAY/JUNE 2011
Texas Robbers Busted after Facebook BraggingOur thanks to the Associated Press for
reporting on how four Texans were indicted
by federal prosecutors after apparently
bragging about their $62,000 bank
embezzlement exploits.
After leaving messages such as ‘I’m rich’
and ‘Wipe my teeth with hundreds’ (sic),
Ol’ Slackey was amused to learn that one
individual in the group of 18–22 year-olds
is extremely remorseful for what he is
accused of doing. Well, so his lawyer says.
But they all do, don’t they?
http://bit.ly/izoszj
Pen Testing a Cop Car
It was interesting to hear about US pen
tester, Kevin Finisterre. After being hired
to pen test a city’s IT resources, his due
diligence led him to test a cop car.
Kevin managed to hack into the car’s
on-board digital recorder and get a live feed
from the dash-cam.
By the end of the hack, Finisterre
accessed the DVR hard drive and could
see with cams and hear through the
microphones in the police cruiser. By using
default passwords, he was able to upload,
download and even delete video feed files
that had been collected from cop cars.
“Those stored files from DVRs might be
meant for evidence in court cases”, said
The Register, reporting on the tests.
All good fun, until you realize that
Finisterre has discovered what may
be a generic flaw in Verizon’s mobile
cellular data service, which has profound
implications for mobile data users. Oo-er...
http://bit.ly/lqhQZi
Vatican Magazine Says Hackers Do God’s WorkIt seems that computer hackers embody
classic Christian virtues, a Vatican
Slack spac
epublication says, and should not be
perceived negatively.
Come again? Yes, that’s right –
according to MSNBC, in praising the
hackers for their ‘joyful application of
intelligence to problem solving’, hackers
are effectively aligning themselves with the
teachings of Christianity.
No, I’m not making this up. Honestly...
http://bit.ly/fze0ws
Say Hello to GPS Spoofing
GPS jammers – which block satnav systems
from operating – have been around for
some time, but how about GPS spoofing?
It seems that crackers have found a
way of feeding false coordinates into GPS-
driven apps on smartphones, allowing
them to ‘check in’ on FourSquare (a
popular online travel app on Facebook) at
bizarre locations such as Tripoli (say hi to
the Colonel for me) and the White House
Oval Office (well hello Mr President).
There’s even a fake GPS app for use
on Android handsets apparently, but as
several researchers have observed, people
still take a set of GPS coordinates as gospel
when it comes to locating someone.
Yes they do, and a number of criminal
prosecutions have based a lot of their
evidence on GPS tracking. If GPS can be
spoofed, no matter how light-heartedly,
this could get serious.
For now, though, look at me, checking
into 10 Downing Street.
Hello Prime Minister!
http://bit.ly/f4VOCZ
Stolen Laptop Snaps Man’s Picture It seems that a ‘somewhat simple’ alleged
thief of a laptop has had their picture taken
on the very laptop he apparently stole.
According to Colorado police, a photo
was taken by a security feature on the
stolen laptop, but the police can’t be sure
who it is.
“We don’t know if he’s the person
who stole the laptop or someone who just
opened it when the feature was enabled,
but he’s obviously someone we want to
talk to”, a police spokeswoman told the
Denver Post.The thief didn’t just nick the laptop
from the unfortunate soul in Boulder, they
also stole an iPod and a cell phone. The
good news is that there’s a $1,000 reward...
http://bit.ly/f7JBlI
Pravda Website Infects Users
Our thanks to Softpedia for reporting
that the English-language section of the
Pravda website was serving up malware
for several days during May.
Google’s safe browsing service
apparently picked up that the Russian
government site was subverting its
bourgeois readers with malware and IT
security vendor F-Secure flagged it up.
As the newswire observed: “The
english.pravda.ru website is an important
source of Russian news for English
speakers, so it is likely to get a significant
number of foreign visitors.”
Mikko Hypponen, F-Secure’s CRO,
meanwhile, said: “An attack like this is
particularly devious. An end user might go
to the same news website every morning
for years, learning to trust it.”
“Then one day it has become dangerous
and will take over your computer, just by
opening your favorite page”, he explained.
http://bit.ly/j7bqz6
Anyone who wants to share their grumbles, groans,
tip-offs and gossip with the author of Slack Space
should contact [email protected].
Smile for the camera!
Thou shall not criticize hackers
