Slack space
1
48 OCTOBER 2008 Slack space The world’s dumbest hacker? You’ve seen America’s dumbest criminals on TV − now make way for the world’s dumbest hacker. A prime candidate for this role must be 21-year-old Shahee Mirza, a student from Bangladesh, who decided it might be a good idea to hack the web portal of the Rapid Action Battalion, his country’s elite security force. Insanely, however, whilst hacking the Bangladeshi equivalent of the SAS, Shahee left his name and email address on the site, along with the message: “defaced from Bangladesh”. And no, it wasn’t a set-up, as Shahee and three pals were arrested within 24 hours of the hack. He now faces up to 10 years in prison for his actions... http://tinyurl.com/5alrc6 MySpace co-founder, aka Lord Flathead Our thanks to internet weblog TechCrunch for reporting that MySpace co-founder Tom Anderson is actually 37 years old, not 32 as he claims online. But it gets worse, as TechCrunch says that Anderson was a teenage hacker way back in the 1980s when, aged just 14, he went by the name Lord Flathead (you can’t make this stuff up you know), gaining unauthorised access to Chase Manhattan Bank. The teen MySpace guru is reported to have ended up being part of the largest FBI raids in Californian history, although - contrary to some newswire reports of the era - he was never arrested, as he was under-age at the time. The FBI reportedly confiscated all his expensive PC kit and concluded that sequentially dialling all the numbers in his area until he hit a modem tone wasn’t real hacking, especially since the bank allegedly didn’t use a password on its modem ports. Oh my, how things have changed online... http://tinyurl.com/5sncz8 A forensic iPhone dream As well as being a highly desirable mobile phone, the Apple iPhone is also a forensic auditor’s dream, it seems, as it logs every website its owner visits, storing it in memory for a very long time. According to Jonathan Zdziarski, a famous iPhone cracker (it says here), even though the iPhone deletes screenshots as the Safari web browser is closed, it’s a relatively easy task to undelete the relevant images - until that area of the storage memory is overwritten, of course. But, says Zdziarski, since the screenshots are compressed, it takes a lot for the relevant areas of iPhone memory storage to be overwritten. In a webcast, the iPhone expert said there’s currently no way to stop this happening. “I’m kind of divided on it. I hope Apple fixes it because it’s a significant privacy leak, but at the same time, it has been useful for investigating criminals,” he said. Incidentally, during his webcast, Zdziarski explained how it is possible to by-pass an iPhone’s passcode in order to gain full access to it. But that’s a story for another day... http://tinyurl.com/4zj6lt UK Plod website scooped up by German opportunist IT staff covering for the NHTCU (National Hi-Tech Crime Unit) were embarrassed to admit that the unit’s domain name registration recently expired and was re-registered by a German entrepreneur. As regular readers of Infosecurity will know, the NHTCU closed its doors back in April 2006 when its staff and resources were transferred over to SOCA (the Serious Organised Crime Unit), although the website remained ‘lit’ with a re-route to the SOCA site - just in case there were any stragglers around. Germany entrepreneur Uwe Matt re-registered the NHCTU domain name during August, since then a number of third-party sites, including the BBC, have continued pointing at the site from their pages. The million dollar question, of course, is what Uwe Matt is planning to do with the site now he has it registered? Answers on a big bank note to the usual address please... http://tinyurl.com/66ar2b Anyone who wants to share their grumbles, groans, tip-offs and gossip with the author of Slack Space should contact [email protected] Bad apple: You can delete, but not hide Will Uwe Matt cash in on his sneaky opportunism?
-
Upload
inmaculada -
Category
Documents
-
view
212 -
download
0
Transcript of Slack space
48 OCTOBER 2008
Slack spac
eThe world’s dumbest hacker?You’ve seen America’s dumbest criminals on TV − now make way for the world’s dumbest hacker.
A prime candidate for this role must be 21-year-old Shahee Mirza, a student from Bangladesh, who decided it might be a good idea to hack the web portal of the Rapid Action Battalion, his country’s elite security force.
Insanely, however, whilst hacking the Bangladeshi equivalent of the SAS, Shahee left his name and email address on the site, along with the message: “defaced from Bangladesh”.
And no, it wasn’t a set-up, as Shahee and three pals were arrested within 24 hours of the hack.
He now faces up to 10 years in prison for his actions...http://tinyurl.com/5alrc6
MySpace co-founder, aka Lord Flathead Our thanks to internet weblog TechCrunch for reporting that MySpace co-founder Tom Anderson is actually 37 years old, not 32 as he claims online.
But it gets worse, as TechCrunch says that Anderson was a teenage hacker way back in the 1980s when, aged just 14, he went by the name Lord Flathead (you can’t make this stuff up you know), gaining unauthorised access to Chase Manhattan Bank.
The teen MySpace guru is reported to have ended up being part of the largest FBI raids in Californian history, although - contrary to some newswire reports of the era - he was never arrested, as he was under-age at the time.
The FBI reportedly confiscated all his expensive PC kit and concluded that sequentially dialling all the numbers in his area until he hit a modem tone wasn’t real hacking, especially since the bank allegedly didn’t use a password
on its modem ports. Oh my, how things have changed online...http://tinyurl.com/5sncz8
A forensic iPhone dreamAs well as being a highly desirable mobile phone, the Apple iPhone is also a forensic auditor’s dream, it seems, as it logs every website its owner visits, storing it in memory for a very long time.
According to Jonathan Zdziarski, a famous iPhone cracker (it says here), even though the iPhone deletes screenshots as the Safari web browser is closed, it’s a relatively easy task to undelete the relevant images - until that area of the storage memory is overwritten, of course.
But, says Zdziarski, since the screenshots are compressed, it takes a lot for the relevant areas of iPhone memory storage to be overwritten.
In a webcast, the iPhone expert said there’s currently no way to stop this happening.
“I’m kind of divided on it. I hope Apple fixes it because it’s a significant privacy leak, but at the same time, it has been useful for investigating criminals,” he said.
Incidentally, during his webcast, Zdziarski explained how it is possible to by-pass an iPhone’s passcode in order to gain full access to it.
But that’s a story for another day...http://tinyurl.com/4zj6lt
UK Plod website scooped up by German opportunist
IT staff covering for the NHTCU (National Hi-Tech Crime Unit) were embarrassed to admit that the unit’s domain name registration recently expired and was re-registered by a German entrepreneur.
As regular readers of Infosecurity will know, the NHTCU closed its doors back in April 2006 when its staff and resources were transferred over to SOCA (the Serious Organised Crime Unit), although the website remained ‘lit’ with a re-route to the SOCA site - just in case there were any stragglers around.
Germany entrepreneur Uwe Matt re-registered the NHCTU domain name during August, since then a number of third-party sites, including the BBC, have continued pointing at the site from their pages.
The million dollar question, of course, is what Uwe Matt is planning to do with the site now he has it registered?
Answers on a big bank note to the usual address please...http://tinyurl.com/66ar2b
Anyone who wants to share their
grumbles, groans, tip-offs and gossip with
the author of Slack Space should contact
Bad apple: You can delete, but not hide
Will Uwe Matt cash in on his sneaky opportunism?
is0507_p48.indd 48 09/10/2008 11:14:37
