Hackronomicon

Hackers Hacking the Hackable, FBI?

n1njr — Mon, 06 Feb 2012 16:53:31 +0000

With all of the technology and the heightened amount of security consciousness in the world you would think that the FBI as a whole would rank at the top of the secure list of agencies, of course you would be wrong.

“A law enforcement agency using unencrypted, unsecure communications is a major fumble,” said Marcus Carey who apparently spent a number of years securing communications for the U.S. National Security Agency before joining security-risk assessment firm Rapid7.

Anonymous hackers uploaded an audio file of roughly 15-minutes that contained a recording of a phone conversation of FBI agents discussing how they were going to take down Anonymous. Anonymous then tweeted “the FBI might be curious how we’re able to continuously read their internal comms for some time now.”

After the conversation was recorded and uploaded the FBI did not seem amused saying the communication “was intended for law enforcement officers only and was illegally obtained,” but added that no FBI systems were breached. It said that “a criminal investigation is under way to identify and hold accountable those responsible.”

It will be interesting to see how the rest of this story pans out as the cyber-war rages on!

SD Card Scam Scammed

n1njr — Fri, 09 Dec 2011 14:20:26 +0000

In this ever changing landscape both in the tangible world and in the virtual world, there are scams, pitfalls, rogues, thieves, spies, predators, trojans, virii, and that is just the tip of the titanic iceberg. You never know when someone is going to try to fool you into something or out of something! You may think to yourself “Nobody can fool me, I’m fool proof!” “it will never happen to me!” but now you are just fooling yourself. It is not always easy to know when you are being taken advantage of.

These problems come in all shapes and sizes from the massive to the minute. Take it from nekromant. He was recently a victim of on online purchase scam involving SD-CARDS. What he thought was going to be a bunch of 5 microSD cards, 4 GB. each, actually turned out to be a scam. The cards only had the capacity for approximately 115 MB. worth of data instead of advertised 4 GB. Did he lay down and give up or dismiss this offensive antisocial behavior? No he did not.

“Luckily, I managed to get my money back, via opening a dispute and later a claim (Scammers didn’t want to give the money back, did they?), but the cards still remained here.”

After getting his money back he also wrote a improved utility program that will check the storage capacity of any SD-Card without making the user wait forever and a day.

“To test such shitty cards there exist 2 tools: h2testw and f3. First for windows, second for linux. They figure out the real capacity for you. I didn’t like them, because they took ages to scan one 4 GiB card. And, they operated upon a upon a filesystem, that I didn’t like as well. So I wrote my own tool.”

“It’s dumb as hell, and was created while f3 was still scanning one card. And it’s a lot faster. Meet ‘scam-o-matic’.”

If you are interested in the utility you can find it <-- here -->

“It writes some preudorandom data to the card, until it detects something bad. Usually that happens when we reach the boundary of ‘good’, somewhat ‘reliable’ memory. Then it double-checks the region, and if everything is fine (e.g. no mismatches between first and second pass) it creates a partition table for you, with one partition that covers only working area of the card. Now just format it, alter the type with cfdisk, and make use of it.”

Moral of the store: Never lay down and give up when someone wrongs you in any way. Get back up dust yourself off and find a new resolve to an old problem.

Stay Vigilant!

Anonymous – Message to the American People

n1njr — Thu, 08 Dec 2011 22:38:56 +0000

Dear brothers and sisters. Now is the time to open your eyes!

In a stunning move that has civil libertarians stuttering with disbelief, the U.S. Senate has just passed a bill that effectively ends the Bill of Rights in America.

The National Defense Authorization Act is being called the most traitorous act ever witnessed in the Senate, and the language of the bill is cleverly designed to make you think it doesn’t apply to Americans, but toward the end of the bill, it essentially says it can apply to Americans “if we want it to.

Bill Summary & Status, 112th Congress (2011 — 2012) | S.1867 | Latest Title: National Defense Authorization Act for.

This bill, passed late last night in a 93-7 vote, declares the entire USA to be a “battleground” upon which U.S. military forces can operate with impunity, overriding Posse Comitatus and granting the military the unchecked power to arrest, detain, interrogate and even assassinate U.S. citizens with impunity.

Even WIRED magazine was outraged at this bill, reporting:

Senate Wants the Military to Lock You Up Without Trial

…the detention mandate to use indefinite military detention in terrorism cases isn’t limited to foreigners. It’s confusing, because two different sections of the bill seem to contradict each other, but in the judgment of the University of Texas’ Robert Chesney — a nonpartisan authority on military detention — “U.S. citizens are included in the grant of detention authority.”

The passage of this law is nothing less than an outright declaration of WAR against the American People by the military-connected power elite. If this is signed into law, it will shred the remaining tenants of the Bill of Rights and unleash upon America a total military dictatorship, complete with secret arrests, secret prisons, unlawful interrogations, indefinite detainment without ever being charged with a crime, the torture of Americans and even the “legitimate assassination” of U.S. citizens right here on American soil!

If you have not yet woken up to the reality of the police state we’ve been warning you about, I hope you realize we are fast running out of time. Once this becomes law, you have no rights whatsoever in America. — no due process, no First Amendment speech rights, no right to remain silent, nothing.

The US senate does not want us to speak. I suspect even now orders are being shouted into telephones and men with guns will soon be on their way. Why? Because while the truncheon may be used in lieu of conversation, words will always retain their power. Words offer the means to meaning and for those who will listen, the enunciation of truth. And the truth is, there is something terribly wrong with this country, isn’t there?
Cruelty and injustice…intolerance and oppression. And where once you had the freedom to object, to think and speak as you saw fit, you now have censors and systems of surveillance, coercing your conformity and soliciting your submission. How did this happen? Who’s to blame? Well certainly there are those who are more responsible than others, and they will be held accountable. But again, truth be told…if you’re looking for the guilty, you need only look into a mirror.

I know why you did it. I know you were afraid. Who wouldn’t be? War. Terror. Disease. There were a myriad of problems which conspired to corrupt your reason and rob you of your common sense. Fear got the best of you and in your panic, you turned to the now President in command Barack Obama. He promised you order. He promised you peace. And all he demanded in return was your silent, obedient consent.

More than four hundred years ago, a great citizen wished to embed the fifth of November forever in our memory. His hope was to remind the world that fairness. Justice, and freedom are more than words – they are perspectives. So if you’ve seen nothing, if the crimes of this government remain unknown to you, then I would suggest that you allow the fifth of November to pass unmarked. But if you see what I see, if you feel as I feel, and if you would seek as I seek…then I ask you to stand beside one another, one year from November 5th, 2011, outside the gates of every court house of every city DEMANDING our rights!!

Together we stand against the injustice of our own Government.

We are anonymous.
We are Legion.
United as ONE.
Divided by zero.
We do not forgive Censorship.
We do not forget Oppression.
US SENATE…
Expect us!!

NEW ‘OFF THE HOOK’ ONLINE

n1njr — Thu, 08 Dec 2011 14:27:38 +0000

The new edition of Off The Hook from 12/07/2011 has been archived and is now available online at the following location.

<-- Click Here -->

Microsoft’s 10 Immutable Laws of Security

n1njr — Fri, 02 Dec 2011 00:48:18 +0000

These laws are all common sense. When I found them I thought I would take the opportunity to post them for those of you that are far too busy to bother yourself with such trivial concepts (you know exactly who you are!):

Law #1: If a bad guy can persuade you to run his program on your computer, it’s not your computer anymore

Law #2: If a bad guy can alter the operating system on your computer, it’s not your computer anymore

Law #3: If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore

Law #4: If you allow a bad guy to upload programs to your website, it’s not your website any more

Law #5: Weak passwords trump strong security

Law #6: A computer is only as secure as the administrator is trustworthy

Law #7: Encrypted data is only as secure as the decryption key

Law #8: An out of date virus scanner is only marginally better than no virus scanner at all

Law #9: Absolute anonymity isn’t practical, in real life or on the Web

Law #10: Technology is not a panacea

click here for more details

Say Cheese! Welcome to the Internet

n1njr — Wed, 30 Nov 2011 14:14:37 +0000

If you are a private person that does not care to have your mug plastered all of the world wide web then you have undoubtedly noticed that it is getting harder and harder to keep images of yourself to yourself. With the increase in small cameras being manufactured into just about every portable gadget from phones, PDA’s, and laptops, to hats, sunglasses and even stuffed animals, it’s just about impossible to remain a shadow.

This problem is compounded even further when there are small applications that can be installed on any platform that will quietly take pictures from webcams without your knowledge or consent. Mr. Kyle McDonald programmed an application that will patiently wait and watch like a digirati sniper until it recognizes that there is a face in the frame. The system will then snap a photo of its target and quickly uploads it to the internet. This all happens without the victim’s knowledge or approval.

Taking it even further Kyle then installs this application on hundreds of public systems. Systems that are in places like the Apple store or mall computer stores where there are laptops waiting to snap pictures with their ever vigilant digital eye.

This event seems to have been all in the name of cyber mischief. However, It should stand as a warning to all. You may feel like you have the right to privacy and you may feel that you are not being watched but that ideal can quickly fade to the hard harsh reality of the epic delusion.

Kyle McDonald

Hacking In Northern Ireland

n1njr — Tue, 29 Nov 2011 16:03:09 +0000

I would just like to point out that even though the image appears to be Mr. Hain showing us the size of his penis, it simply is not the case (it clearly is an exaggeration).

Now for the news…

Former Northern Ireland secretary Peter Hain is caught up in an ongoing investigation where his computer may have been compromised by cyber criminals. These individuals are said to be private detectives and intelligence agents who are working under the direction of News International. On top of that Senior Northern Ireland civil servants may also have been hacked (Plot Thickens).

What were these individuals after you might ask? Well his system most likely contained sensitive intelligence material of course. Newspaper malpractice much? Sprinkle in some detectives from Scotland Yard’s specialist crime directorate, some Officers from Operation Tuleta, and let the allegation and speculations fly.

Were these “Hackers” paid by News International? Was a firm of private detectives offering “ethical hacking services”. I think so!

A spokesman for Mr Hain said: “This is a matter of national security and subject to a police investigation so it would not be appropriate to comment.”

Mr. Hain was Northern Ireland secretary from May 2005 to June 2007. He was involved in sensitive peace negotiations. This means that he had/has access to classified information about informers and security. Mr. Hain was asked to confirm and identify the content on his system by police investigators.

Tom Watson MP, a member of the House of Commons culture, media and sport select committee and a campaigner against phone hacking, was quoted as saying: “Phone hacking is one thing, but targeting the computers of ministers with high-security clearance takes this police investigation to another level. It also raises questions for News International about whether its management were aware.”

This particular quote strikes me as funny because it seems that Tom Watson is stating that phone hacking is a joke compared to other compromising situations.

So far a single man of the age of 52, is under investigation for this crime and was arrested last week. He may have compromised the system through a Trojan application embedded in an email messages. I would suspect that he probably used some kind of key logger software with the ability to also FTP files and look at screen activity.

Mr. Ian Hurst (a former British army intelligence agent.) had suspected that he might have been hacked as well and as far back as 2006 and speculated that the “News of the World” may have been responsible. He was quick to point out that material that was on his system showed up in a seven page fax from the BBC, which was researching a television program about hacking. He learned later that the Trojan that his system was plagued by was able to see through the webcam connected to his system so the hackers “could have actually seen me or the kids at the desk”.

The Trojan was sent by a hacker with the handle “Mr X”, a hacker he knew from his time in Northern Ireland. Mr Hurst said the hacker worked for a private investigator who in turn worked for the News of the World.

DHS Doubts Anonymous Skills

n1njr — Tue, 29 Nov 2011 14:47:53 +0000

DHS Doubts Anonymous Skills

The Department of Homeland Security has released a bulletin that accused Anonymous hackers of “expressing interest” in hacking industrial systems that control critical infrastructures. We are talking about hacking systems that control such things as gas and oil pipelines, chemical plans, water and sewage treatment facilities, and random system including power grids and air traffic controls towers.

If you want to read more on this claim you will find it HERE.

Scotland Yard Detains LulzSec Hackers

n1njr — Thu, 28 Jul 2011 22:40:56 +0000

Scotland Yard police have arrested a nineteen year old hacker known as “Topiary”. They caught up with him on the Sheland Islands off the coast of Scotland. Topiary is reported to be part of the hacker group LulzSec. They apparently detained him under the section 3 of the Computer Misuse Act and section 1 of the Criminal Law Act of 1977.

The Police are interrogating him and performing searches at two locations. The home of Topiary and the home of a 17 year old in Lincolnshire that is also said to be connected to LulzSec.

Topiary was transported to a police station in central London. It appears that they might be taking there time with this one as no charges have been filed.

YET.

Ghost In The Wires Book Review

Deviant Route — Wed, 15 Jun 2011 17:30:15 +0000

Over on Zqueakz.com, there’s a review of Kevin Mitnick’s soon to be released autobiography by Zqueakz’ husband, The Client.

It’s a good read, and I will be buying the book upon release. Check out the full review.