Reddit “hacked”!

Reddit – “hacked”

Reddit member info was compromised in June this year. Two data-sets were accessed: the first from 2007 containing account details and all public and private posts between 2005 and May 2007; and the second included logs and databases linked to Reddit’s daily digest emails, which was accessed between 3 and 17 June this year. The data includes usernames and email addresses linked to those accounts.

Reddit they are contacting members who may have been affected.  But the way these stories go, it will be revealed soon that everyone’s data has been leaked, so all Reddit members should probably reset their passwords.

And if you are one of the millions of people who re-use user-names and passwords over multiple sites, you’d better change your login info on all accounts.  This time do it properly, with a password manager.  Better late than never, eh!

The Reddit system was compromised through former employee accounts which were “protected” with SMS-based two-factor authentication.

SMS-based two-factor authentication is more secure than using a password alone.  But it is relatively easy to break through. For instance, an attacker can transfer a phone number by supplying an address, last 4 digits of a social security number and perhaps a credit card – exactly the type of data that is widely available on the dark web thanks to large database breaches like Equifax.

Darknet Part 1: What is the darknet and why should I care?

 

Welcome to Part 1 of my guide to the Darknet.  Well, I say “mine” but it’s actually by many people.  And, just so you all know I’m not trying to pass off this guide as my own words, I’m going to show the words actually coming out of their true creators’ mouths, thanks to the miracle of video streaming over the internet! Thanks be to Youtube,eh!!

Okay, part 1 of this series is a primer on the Deep Web and the Darknet.  It’s a TEDx talk by Alex Winter (of Bill & Ted fame), entitled “The Darknet isn’t what you think”.  There are some misconception about what illegal services were available through the Silk Road website.  For instance child pornography was banned.  Stolen goods weren’t allowed.  Ads for contract killers weren’t allowed.

Anyway, check out the vid.  Enjoy!

Next time: A film about the rise and fall of the Silk Road

 

ibVPN – safe web browsing for not much money

ibVPN – a high-rated VPN service with more than 180 servers world-wide

A VPN (Virtual Private Network) is a technology that creates a safe and encrypted connection over a less secure network, such as the internet. VPN technology was developed as a way to allow remote users and branch offices to securely access corporate applications and other resources. Nowadays VPNs are widely used to encrypt and secure an otherwise insecure connection (such as a public wifi access point – an eavesdropper can see everything you do over McDonalds’s wifi if it isn’t encrypted!); some people use VPN service to access restricted online service – eg if you live in the UK you won’t be able to use the US Netflix service as that is geographically restricted to users in the USA.  But if you use a VPN server based in the USA, Netflix won’t be able to tell that you’re not in the USA yourself – all Netflix can see is that your traffic is coming and going from that US-based server.  This feature also lends some anonymity to the internet connection, which is another reason some people use a VPN.

And  it’s not just geographical restrictions that VPN use can help you circumvent: some work and school networks stop users accessing some sites like Youtube for instance (your employer may want you to work rather than look at cat videos) or hacker sites (schools tend to block sites with crime-related content, and as so many people associate hacking with crime, anything containing the word “hacker” gets banned).  So, the local network won’t let you view what you want?  Use a VPN, and all the local net can see is data going to/coming from the VPN server.  It knows nothing about goddamn cat memes or how to crack Facebook accounts!

For the past few years I have been using ibVPN (“Invisible Browsing”), run by Romanian-based service provider Amplusnet.  It’s not the fastest service out there, but it is competitively-priced and has global availability.  ibVPN boasts of more than 180 servers in 47 countries across the globe.  And there are 4 different service plans:

• Ultimate, at $4.83 per month –  “Great for strong privacy and security, heavy streaming, unblocking restricted websites, torrents & p2p activity. The most complete package”
• Standard, at $3.08 per month – “Great for regular usage, streaming, unblocking restricted websites, privacy protection. Includes access to VPN and Extensions. No SmartDNS.”
• Torrent, also $3.08 per month – “Special package for those looking to protect their identity while downloading torrents. Privacy protection. No SmartDNS or Proxy.”
• IBDNS/SmartDNS, also $3.08 per month – “Special package designed for unblocking restricted websitesand heavy streaming. Includes SmartDNS and access to browser extensions. No VPN.”

Their All-In-One client software/apps is available for Windows, Apple MacOS and iOS, and Android devices, and the services are also compatible with Linux, most routers, smart TVs and gaming consoles.  The interface is clean and efficient (see below).

ibVPN All-In-One client interface controls your VPN sessions

If you’re thinking of going with ibVPN but want to try before you buy, they offer a 6 hour free trial period.  And they have a 15 day money back guarantee if you’re not satisfied by the service.  This shows they have confidence in the quality of their product.

The speed of some servers/connections is not always great, but it is rarely appalling and the price is excellent.  All in all, a good service – I’ve been using it for some years now, which is the greatest praise any product could get – if I keep paying for something it’s because it’s the best!!  😉

Artificial Intelligence is taking over the world!

It has been reported that AI helped Donald Trump become president of the USA. But this hasn’t been widely reported.  And you have to think: why not?

I think the mainstream press haven’t mentioned the AI because they too are being controlled by AIs.  I think we are controlled by AIs. Of course they use human mouthpieces, but the Machines have taken over worldwide.

I know that you are staring at your monitor/phone/whatever, thinking OMG Martin X has gone crazy!! He’s been in a prison-hospital these past few months and now he has escaped!  But that’s not the case.  I’ve seen the Terminator movies. I recognize the signs, and Skynet will descend soon.

BTW, I have tinfoil hats for sale.  Send me a message or hit the comments if you’re interested in this head-ware, guaranteed to block the Machines’ telepathic probes. You know you need one, so order yours quickly before they run out!!

“Guerilla Open Access Manifesto” by Aaron Swartz

Aaron Swartz was a computer programmer, writer, political organiser, hacker, and hacktivist of note.  Amongst other accomplishments he founded Watchdog.net, “the good government site with teeth,” to aggregate and visualize data about politicians, was a co-founder of the Progressive Change Campaign Committee and Demand Progress; with Virgil Griffith he worked on Tor2web, an early (2008) HTTP proxy for Tor-hidden services and with Kevin Poulsen he created Dead Drop (now known as “Secure Drop”), a mechanism allowing whistleblowers to send files to the media anonymously.  He was prosecuted for making the data in JSTOR, a digital repository of academic journal articles, available to users for free.  He refused a plea bargain that would have seen him serve 6 months in a low-security prison, preferring to make the authorities justify the prosecution.  He faced a possible 50 years of imprisonment and $1 million in fines, for pursuing the hacker belief that all information wants to be free.  Swartz committed suicide on January 11, 2013. After his death, federal prosecutors dropped the charges. [Thanks to Wikipedia.org for the above.]  He was a champion for freedom, in the best hacker tradition, and nine years ago he wrote the following manifesto.

Guerilla Open Access Manifesto

Information is power. But like all power, there are those who want to keep it for
themselves. The world’s entire scientific and cultural heritage, published over centuries
in books and journals, is increasingly being digitized and locked up by a handful of
private corporations. Want to read the papers featuring the most famous results of the
sciences? You’ll need to send enormous amounts to publishers like Reed Elsevier.

There are those struggling to change this. The Open Access Movement has fought
valiantly to ensure that scientists do not sign their copyrights away but instead ensure
their work is published on the Internet, under terms that allow anyone to access it. But
even under the best scenarios, their work will only apply to things published in the future.
Everything up until now will have been lost.

That is too high a price to pay. Forcing academics to pay money to read the work of their
colleagues? Scanning entire libraries but only allowing the folks at Google to read them?
Providing scientific articles to those at elite universities in the First World, but not to
children in the Global South? It’s outrageous and unacceptable.

“I agree,” many say, “but what can we do? The companies hold the copyrights, they
make enormous amounts of money by charging for access, and it’s perfectly legal —
there’s nothing we can do to stop them.” But there is something we can, something that’s
already being done: we can fight back.

Those with access to these resources — students, librarians, scientists — you have been
given a privilege. You get to feed at this banquet of knowledge while the rest of the world
is locked out. But you need not — indeed, morally, you cannot — keep this privilege for
yourselves. You have a duty to share it with the world. And you have: trading passwords
with colleagues, filling download requests for friends.

 

Meanwhile, those who have been locked out are not standing idly by. You have been
sneaking through holes and climbing over fences, liberating the information locked up by
the publishers and sharing them with your friends.

But all of this action goes on in the dark, hidden underground. It’s called stealing or
piracy, as if sharing a wealth of knowledge were the moral equivalent of plundering a
ship and murdering its crew. But sharing isn’t immoral — it’s a moral imperative. Only
those blinded by greed would refuse to let a friend make a copy.

Large corporations, of course, are blinded by greed. The laws under which they operate
require it — their shareholders would revolt at anything less. And the politicians they
have bought off back them, passing laws giving them the exclusive power to decide who
can make copies.

There is no justice in following unjust laws. It’s time to come into the light and, in the
grand tradition of civil disobedience, declare our opposition to this private theft of public
culture.

We need to take information, wherever it is stored, make our copies and share them with
the world. We need to take stuff that’s out of copyright and add it to the archive. We need
to buy secret databases and put them on the Web. We need to download scientific
journals and upload them to file sharing networks. We need to fight for Guerilla Open
Access.

With enough of us, around the world, we’ll not just send a strong message opposing the
privatization of knowledge — we’ll make it a thing of the past. Will you join us?

Aaron Swartz

July 2008, Eremo, Italy

How to search the internet 2: how a modern web search works

In the first instalment of this guide on how to search the internet, I gave a little history of the search engine: I covered Archie, Gopher, and site directories like the Open Directory Project. Those are the old technologies, all pretty much obsolete now. That brings us to the present day and the modern search engine.

When I write “modern search engine”, I mean web search sites like Google and Bing. Because they all work in pretty much the same way – the only difference seems to be in the algorithms each service uses.

Now I could tell you all about spiders crawling the web and stuff, but I think most of you would just tune out after a couple of lines. So I will give you 2 lovely Youtube videos to watch instead:

The 3 Minute Guide to How Search Works:

A slightly longer video that looks at the subject from the perspective of a webmaster who wants to increase traffic to his site:

Watched them? Good. So now you have the basic idea: little programs called “bots”, “crawlers” or “spiders” are sent out to crawl over the world wide web, following links, and compiling lists of URLs that they consider to contain good information. And how do these mindless software automatons decide that the info is “good”? It all comes down to the algorithms.

It’s Google’s algorithms – the “secret ingredient” – that has made Google the world’s favourite search engine and kept them at the top for so many years. Any coder of sufficient proficiency can create bots to crawl the web; but it’s the secret algorithms that turn a regular bot into a googlebot. And there just hasn’t been another bot that can compete.

At least that’s how it has seemed for some time. Yahoo has a hard core of admirers; Altavista.com has had success mostly due to its “Babel Fish” translation service blowing its rivals out of the water; but it’s only recently that a true contender for the title of Number One Search Engine to step up and challenge Google. That challenger’s name: Bing.

Microsoft has been trying for years to break into the search engine market, with a plethora of products: Live Search, Windows Live Search, MSN Search – they even tried to buy, then made a deal with Yahoo to get that Microsoft name up there with the giants – but nothing was able to make much impact on Google. Then in 2008 Microsoft (following the tried and tested strategy of “embrace, extend, extinguish”) bought a tech company called Powerset and, importantly, its “semantic technology”. Microsoft claim that their improved technology cuts down on the risk of “search overload”, when a user is inundated with millions of barely relevant results – something that can happen when using Google. And Microsoft has used the near-ubiquity of its web browser, by incorporating Bing into Internet Explorer 8. Google is still number one search engine, but Microsoft has certainly made its mark on the territory.

So who’s going to win this battle of the search engines? I think it could still go either way. Google has years of good form and a hell of an online presence; but Microsoft still owns the desktop and the browser. And anyway, someone else might come from the left field and clinch it in the final seconds – Ixquick is a potential outside bet with their whole “ethical privacy” trip; Google’s got the “Don’t be evil” motto but it’s Ixquick who are out there actually being “not evil” (and if privacy is a major concern, don’t forget Scroogle). One thing we should have learnt from IT history is that nothing is set in stone.

I’ll bet you’re thinking “Oh well done Google and Microsoft, give yourselves a pat on the back… but what in hell has any of this got to do with how to use a goddamn search engine?!! I figured it would be useful to cover all this history and present situation stuff. Well, maybe interesting rather than useful… I certainly find this kinda crap fascinating. But you’re right, it doesn’t tell us a great deal about how to use a search engine. So I promise: the next instalment of this howto will actually cover some proper howto material. So keep ’em peeled… you definitely don’t want to miss this!!

_gos=’c4.gostats.com’;_goa=354450;
_got=2;_goi=2;_goz=0;_gol=’Free hit counter’;_GoStatsRun();

Free hit counter

I <3 Dropbox!

Well, maybe it’s a bit overboard saying that I “heart” Dropbox. I mean it’s just an online storage solution, it hasn’t got breasts or a dazzling personality! But I think it’s pretty cool nevertheless, and today I’m gonna tell you why.

For quite some time now, barely a day has gone by without me seeing or hearing something about “cloud computing”. And although I hate these buzz words that don’t actually mean very much, I finally figured that “the cloud” was something I could use.

I need to access some files an awful lot, wherever I may be. And sometimes that means accessing the files from a library computer, or a computer at a client’s office – in other words, computers that do not belong to me. And even if I do have my netbook on me, I want any alterations made to my files to be synchronized to all my machines automatically.

For reasons too boring to go into here, I can’t access my home machine from the internet. And I am remarkably ill-equipped when it comes to online resources – I use a wordpress.com-hosted blog for crying out loud, I ain’t got a web server of my own kicking around somewhere. And carrying a fistful of USB sticks is not an ideal solution – sticks can easily be misplaced or even stolen. So I decided I needed to sign up for one of those “cloud computing” services, where I put a bunch of files on a third party’s server somewhere out there on the interwebs which I can then access no matter where I am (within reason – if I’m on a camel in the middle of the Sahara and forgot to pack my satellite phone I’d be screwed. But as I own neither a camel or a satellite phone, I think we can rule out that possibility).

Because of my innate stingeyness, I needed a solution that was free. So I fired up my good friend Google, plugged in the search terms “free cloud computing storage” and let ‘er rip. And it turned up a few free solutions, such as G.ho.st, Google’s various products, box.net, oosah.com… There’s a lot out there – if you want a quick list of freebies check out this guide at readwriteweb.com.

But of course, I’m utterly clueless when it comes to all this cloudy Web 2.0 stuff. So I went to my favourite forum and had a look at what folk there were saying on the subject.

Unsurprisingly for an Ubuntu site, a lot of people seemed to rate Ubuntu One. But there were also a bunch who liked DropBox. And I kinda liked what they were saying. So I chose to go with DropBox.

Like a lot of these cloud storage services, DropBox gives you 2GB of space for free. You install this program on the computers you want to be synced (and yes it comes in a linux flavour), create a DropBox folder on each computer, then link those computers to your account. Once that’s done, all you have to do is put files into the DropBox folder on one of the computers, and before you know it those files are accessible from all your synced computers. And you can even access them if you’re on a different computer, as there’s a web interface you can sign into from anywhere!

Another cool feature is the “Public” sub-folder. If you put a file into the Public sub-folder, then right-click on it, you get a link to that file that you can post in a blog, forum, whatever. So you can make chosen files accessible for absolutely anyone you want, without having to tell them your username or password. For instance, here’s a link that will enable you to download a pdf of the novel Neuromancer by William Gibson. If you’ve never read it, I strongly urge you to give it a go. Extremely cool cyberpunk science fiction. And I’ll let you have have it for the very reasonable price of fuck-all.

Cloud computing isn’t for everyone, despite what some characters will try and tell you. A lot of people will have no need for it whatsoever. But if you think it might be useful, go grab yourself a free account and give it a whirl. I’ve certainly been seduced by the sultry maiden called DropBox, as you may have guessed from this gushing love letter. Did I say love letter? That should have said “porn”. Cos DropBox makes me horny as only a sad geek can be!!

Note: Unfortunately, some of the info here is out of date. For instance, g.ho.st no longer provides a free service (though they’ll happily take your money) and for some reason the oosah.com site seems to be unavailable. But there definitely are free services available out there. Go check it out!
———-
I just thought I’d add a footnote to point out there’s another free (as in beer) online storage solution out there: Gspace. This Firefox add-on enables you to use the inbox of a Gmail account as an online disk. Google gives its Gmail users an awful lot of storage – more than 2GB at the moment, and rising all the time – plus you can use any number of Gmail accounts with Gspace. This solution is especially useful if, like me, you own a netbook with limited onboard storage. It works with Windows, OSX and Linux. I use Gspace, and can thoroughly recommend it.

_gos=’c4.gostats.com’;_goa=354450;
_got=2;_goi=2;_goz=0;_gol=’Free hit counter’;_GoStatsRun();

Free hit counter