Reddit “hacked”!

02/08/2018
reddit

Reddit – “hacked”

Reddit member info was compromised in June this year. Two data-sets were accessed: the first from 2007 containing account details and all public and private posts between 2005 and May 2007; and the second included logs and databases linked to Reddit’s daily digest emails, which was accessed between 3 and 17 June this year. The data includes usernames and email addresses linked to those accounts.

Reddit they are contacting members who may have been affected.  But the way these stories go, it will be revealed soon that everyone’s data has been leaked, so all Reddit members should probably reset their passwords.

And if you are one of the millions of people who re-use user-names and passwords over multiple sites, you’d better change your login info on all accounts.  This time do it properly, with a password manager.  Better late than never, eh!

The Reddit system was compromised through former employee accounts which were “protected” with SMS-based two-factor authentication.

SMS-based two-factor authentication is more secure than using a password alone.  But it is relatively easy to break through. For instance, an attacker can transfer a phone number by supplying an address, last 4 digits of a social security number and perhaps a credit card – exactly the type of data that is widely available on the dark web thanks to large database breaches like Equifax.

bmc-purple


Google censoring searches in China again

02/08/2018
google-logos

Google has a new logo and updating its image – but under the surface it’s still that pre-2010 half-evil censor

Eight years after Google pulled out of the censored Chinese internet, they’re back.  It’s been reported that the company is working on a mobile search app that would block certain search terms and allow it to reenter the Chinese market.

Google has engaged in the China-controlled internet space before: but in 2010 it pulled out, citing censorship and hacking as reasons.  It didn’t pull out completely – it still offered a number of apps to Chinese users, including Google Translate and Files Go, and the company has offices in Beijing, Shenzhen and Shanghai – But the largest of its services – search, email, and the Play app store – are all unavailable in the country.

Google co-founder Sergey Brin told the Guardian in 2010 that his opposition to enabling censorship was motivated to his being born in Soviet Russia.   “It touches me more than other people having been born in a country that was totalitarian and having seen that for the first few years of my life,” he said as Google exited the Chinese market after 4 years of cooperating with the authorities.

But now they’re back, working on a mobile search app that would block certain search terms and black-listed material.  The app is being designed for Android devices.

According to tech-based news site The Information, Google is also working on a censored news-aggregation app too. The news app would take its lead from popular algorithmically-curated apps such as Bytedance’s Toutiao – released for the Western market as “TopBuzz” – that eschew human editors in favour of personalised, highly viral content.

Patrick Poon, China Researcher at Amnesty International, called Google’s return to censorship “a gross attack on freedom of information and internet freedom.”

In putting profits before human rights, he said, Google would be setting a chilling precedent and handing the Chinese government a victory.

This is important because many computer users will set a search site as their homepage and even find content by entering key-words into the url bar of their browser.  Because of Google’s ubiquity, it is frequently set as default search engine on browsers, meaning that millions of users will find that their experience of the internet is that delivered through the lens of Google.  If that lens is smudged or cracked by censorship, all these users’ internet experience is skewed.  So it is essential to highlight the fact that Google is not the neutral, trustworthy agent that many users think it to be.

GreatFire, an organisation that monitors internet censorship and enables circumvention of the “Great Firewall of China”, said the move “could be the final nail in the Chinese internet freedom coffin” and that “the ensuing crackdown on freedom of speech will be felt around the globe.”

bmc-orange


Darknet Part 3: How people got caught

10/07/2018

Part 3 of an occasional series of videos about the Darkweb, hidden services, anonymity… all the good stuff that we need, and need to know about!

Excellent Defcon presentation by Adrian Crenshaw detailing how some Tor users got caught.  TL;DR: it’s all down to faulty OpSec.  Be careful all the time, use your common sense, and all well be well.  So long as there aren’t 0days in Tor Browser that the Man knows about and the devs don’t…

But this isn’t too long to watch.  So watch it!  Even if you don’t use the darknet it is hugely informative and entertaining.  And if you do use Tor or otherwise have an interest in anonymity (which means you!), it is doubly informative and entertaining… in fact it is essential for everyone to watch.  So watch it!

tor-browser1

There’s a special browser that leads to a secret web…

bmc-yellow


Ubuntu Forums down! Security breach! Don’t panic, carry on…

23/07/2013

Ubuntuforums.org, the bestest user forum for Ubuntu users that I know of, is offline due to a security breach whereby usernames, passwords and email addresses were compromised. This happened on 20 July, apparently, I only just noticed (come here for the latest news, eh).

Canonical, the company behind the Linux-based Ubuntu operating system, and whose servers host the Forums site, have put up an announcement page, to which you get redirected if you try to browse to the forums. From what Canonical have said, it appears:

1. Usernames, passwords and email addresses have been compromised. The passwords were stored hashed, ie not in plain text, but users who use their Ubuntuforums.org password on other sites should change them, just to be sure;

2.Ubuntu One, Launchpad and other Ubuntu/Canonical services are not affected by this.

I’m wondering: the forums site was being hosted on Canonical servers, and it was compromised. But other Canonical services are unaffected… So, is Canonical giving Ubuntuforums.org second-class service? Or are all Canonical servers this badly managed, meaning users should forget about using Ubuntu One, Launchpad, etc?

I don’t want to be an asshole about this – but Canonical, WTF??!

EDIT: I’m a bit behind the times with this, but Ubuntuforums.org is up and about again.  They’ve changed the logging-in mechanism, now you need a Launchpad account too, but it’s easy to do.  Just go to Ubuntuforums.org as usual and you’ll be walked through the new process.  If you’re into Ubuntu it’s a wonderful resource, I’ve managed to keep an account there since 2007, I’ve had a shit load of infractions (official warnings), one admin said he didn’t know of anyone worse, but the community there is really good.

Make_a_donation

Locations of visitors to this page


free web stat


US govt wants to censor *our* internet, Godammit!!

17/12/2011

I’ve censored the following, in protest of a bill that gives any corporation and the US government the power to censor the internet–a bill that could pass THIS WEEK. To see the uncensored text, and to stop internet censorship, visit:
http://americancensorship.org/posts/23330/uncensor

███████ a █████ in █████ any ████████████ ████████ ██████ can, ███████ ████ █████████ ██████ a █████ or ███████ ████ in a █████████, ████ ████ any ███████’s ██████ ███████████ ████████ and █████ ██████ to ██████ ████ ████████. The ██████ ████ ██████████ and the ███████████ ████████ █████ be ████████ to ████ █████ ██████ ███████ the █████ ███████; ████ the ██████ of a “███████ ████████████” by the ███████ █████ get ███████ ████████.

It’s the █████ ██████████ by Rep. █████ █████ (R-TX) in █████’s ████████████ of the ████ ██████ ██████ Act in the US █████ of ███████████████. ████ isn’t ████ off-the-████ █████ of ███████████ ████ no ██████ of ███████, ██████; it’s the █████ ██████████ to the ██████’s ███████ IP Act, █████ █████ ██████████ █████ ████████ ██████████ to the US as a ██████ of law.

███████ its ████ a “██████-█████ ██████ to ███████ US █████████ and ███████ US ███████ of █████ █████████ to █████ of US ████████,” the new ████ █████ █████ ██████ to ███████ ██████. Any ██████ of ████████████ ████████ ██████ █████ ██████ ████ a ██████ to ad ███████ █████████ ████ ██████ and to ███████ ██████████ ████ ██████████, ████, and ██████, █████████ █████ █████████ cut off ██████ to any ████ the IP ██████ █████ as an █████████.

The ██████ is ████ ████ the ███████ ██████████ █████████ Act’s (████) “████████ ███████,” in █████ a █████████ ██████ can ██████ ████ █████ of ███████ be ███████ ████ █████ ████ ███████ ████ a ██████. The ███████ ████ be ███████ ██████ the ██████ who ██████ the ███████ ███████; at ████ █████, the █████████ ██████ can ██████ if it █████ to ████ the ██████ to █████ ████ the █████.

████, ██████, the ██████ are ██████. ██████ ████ ██████████ the ████████ of ███████ ██████ ████████, ████████████ ████████ ██████ can go ████████ for the ███████: █████████ and ███████ for the ██████ ████. So ████ as the ████████████ ████████ ███████ ███████ ████ “████████ █████” ██████████ █████ ████████████ █████, ad ████████ and ███████ ██████████ ████ ████ ████ ████ to cut off ███████ ████ the ███████ in ████████.

The ██████ is ███████ ████████ at ███████ ████████ █████ do not █████████ US law, and █████ █████████ ████ █████ ██████ to ██████ ████ ████████ ████████. But the █████████ for █████—████ ███████████ █████—████ is ███████████, █████ the ████████████ ████████ █████ ████ █████ ███████ ██████ can now ████ on █████████ ██████████.
████████

One █████ ███████ ██████ can’t do █████ the new ████ is ████████ █████ a ████ ████ the ████████, ██████ it ██████ ███████, ███████ the ██████████ has ██████ to do it for ████. The ████ █████ ██████████ ███████ the █████ to go to █████ and ██████ an ██████████ ███████ any ███████ ███████ █████ on a █████████ ██████-█████ ████████████ to a █████. ████ ████ ███████, ████████ █████████ ████ 5 ████ to “███████ ██████ by its ███████████ ███████ ██████ the ██████ ██████ to the ███████ ██████████ ████.”

The ██████████ can ████ go █████ ██████ who ██████ a ████ ████████ for the “█████████████ or █████████” of the ████████ █████. ████ █████ ███████ █████ as a ██████ of the US ██████████’s ███████ ████████ to █████ ████████ ██████ █████ it ████████ ████ ██████████ ███████; ████ can ████████ ████████ who █████ the ████’s ███████ to its new ████████. The ██████████ has ███████ █████ Web ███████ ██████ ████ ███████ to ██████ ██████ to █████ █████ of █████. ███████ ███████, so the new ████ ████ █████ to ban ████ █████ ██████████. (████████ ████ ████████’s ███████ to a ███████ DNS ██████ in █████ to ████ a ████-████████ ████████ █████ ███████ to be █████.)

██████ ███████, too, are ████████, ████ the ████ to ███████ the ████ in ████████ “████ █████ ██████ as a ██████ █████████ ████.” ███████ ██████████ and ad ████████ █████ ████ ████ to cut off the ████.

███████, and for ████ ███████, ████████ ███████ █████████ and ███████ ██████████ get the █████ █████ to ██████ █████ ██████ to █████ on █████ own ████████—no ███████ █████ ████████████ ████ ██████. So ████ as ████ ███████ the ████ is “█████████ to the █████ of US ████████,” ████████ █████████ and ███████ ██████████ can’t be ████.
“████████ █████”

The █████ ████ is ██████████ ███████████ to a ██████ ██████████ of ████████ █████████. For ████████, ██████ ████ in the ████ of the >70-████ ████████ is a ███████████ ████ the US ████████████ ████████ ███████████ ███████████ ███████ a █████ for ████████. ████ █████ ██████ ███████ “█████████ ███████ ██████████” and ███████ to ████████ the “███████████ ████ █████████ by █████████ ███████ ██████████.” (████ █████ ████████ ████ ███████████ ██████ you █████.)

The ██████, █████ is ████████████ ███████ to ████ ██████ to the █████ of ███████ ██████, ████████ a set of ████████ ██████ ███████████████ ████ █████ “█████████ ███████ ██████████ to █████ ████████ █████ to ███████ the ██████████ of ████████████ ████████ ████████.” ██████ the ████ ████, the US ██████████ █████ be ██████████ ███████ ████ █████████ ███████ “████████ █████”—not ██████ ████ or ████████—██████ the █████.

In the ███████ for the ██████, we can ████ see the IP ██████████ █████ █████████ for its ████ ████: ████████ off ██████ to US ███████ ███████ and ██████████ █████████ ████ “████████ █████ for ████ to the ██████” in the US.
████ it ████ it is

Not all ██████████ is bad—but we ████ to ████ an ██████ ██████████ █████ ████ and how to ██████ it, ██████ ████ ████████ an █████████████ set of ██████████ █████ in ███████████ █████ ████ “█████ ████,” or by ███████ a key ███████ of the new ████ the “E-████████ Act.”

You don’t ████ to ███████ ██████—and we don’t—to see the ████ ████████ ████ ████ new ████████. ████ █████, the ████ █████████ to the US ██████████ a ████ of “█████████ ███████.” As ████ of ████ ████, the ████ ████████ “████████████” ████ ██████████, █████ are “█████████ ████████” ████ “█████ █████ █████ at █████████████ ████, all █████ █████████ ███████████ ███████████ ████████ ████ ███████████ in ████, ██████████ ███████████ █████████.”

It’s not ████ to ███████ how ████ it █████ ████ ██████ ████ █████–█████ █████████ do ████ ██████ of ████-████████ ██████████ ███████–are ████████ █████ the new law. Yet ████ ████ a ████ of █████ ████, and ████████████ ████ ██████████ ████ ████ ████████ █████ by ████ US and ████████ ██████.

Not ████████████, the new ████ is ███████ ████████ ████ ██████ ████ ████████████, █████ ██████ ██████, █████, and █████ ████ █████ its ███████. “As ███████ ██████ of the ████████, we ████████ ██████ ████████ ‘█████’ ████████ and █████ ████████████’ ████ of █████████ ██████ ████████████ of ██████████ and ██████████,” ████ █████████ ████████ ███████ ████████ in a █████████.

“███████, we do not ███████ ████ the ████████ ████ in ██████████ the ████████ and ██████████ its █████████ and ████████. We do not ███████ ████ it is █████ ███████████ a ██████ of ███████ law ████ has ██████ the █████ ██████████ for all ██████ █████. And ███████, we do not ███████ ████ it is █████ ███████████ ████ ██████ or █████████ ███████ to ████████████ ███████ ████ ████ to ███████ and ████████ the ████████ ████████ of █████ own ████████.”

██████ of law ██████████ ████ ████ ███████ the ████████ ███████ IP Act, █████ ████████ ████ of the ████ █████, is ████████████████. But the ████████ for ████ ████ of ██████████ is ███████ ██████

Locations of visitors to this page


free web stat


A Declaration of Independence of Cyberspace

08/12/2011

I found this declaration, by John Perry Barlow, quite a while ago. I found it interesting – it reflects a lot of what I think – but all I did was file it away for possible future reference. I mean, it’s nearly 16 years old now! But, frighteningly, it’s becoming more and more relevant all the time! Especially if you live in countries which do not explicitly protect the individual’s right to self-expression: Germany, I’m looking at you; Australia, I’m looking at you; USA, I’m increasingly looking at you; just about every other country in the world, I’m looking at you!

Rather than putting any personal spin on it, I’ve decided to just reproduce Barlow’s Declaration word-for-word. So hold onto your hats, here it comes. I urge you to read it. And think about it. If you find you disagree with what Barlow’s got to say, fine. Tell us about it in Comments: and importantly, tell us exactly what you disagree with and why. I love to hear/read you folk trying to justify what you (are told to) believe.

Read it, think about it, post about it. But please don’t ignore it. The very fact you’re reading these words prove you have some sort of interest in the phenomenon called “Cyberspace”. If you’re here, you gotta have an opinion. So what is it?

A Declaration of the Independence of Cyberspace

by John Perry Barlow

Governments of the Industrial World, you weary giants of flesh and steel, I come from Cyberspace, the new home of Mind. On behalf of the future, I ask you of the past to leave us alone. You are not welcome among us. You have no sovereignty where we gather.

We have no elected government, nor are we likely to have one, so I address you with no greater authority than that with which liberty itself always speaks. I declare the global social space we are building to be naturally independent of the tyrannies you seek to impose on us. You have no moral right to rule us nor do you possess any methods of enforcement we have true reason to fear.

Governments derive their just powers from the consent of the governed. You have neither solicited nor received ours. We did not invite you. You do not know us, nor do you know our world. Cyberspace does not lie within your borders. Do not think that you can build it, as though it were a public construction project. You cannot. It is an act of nature and it grows itself through our collective actions.

You have not engaged in our great and gathering conversation, nor did you create the wealth of our marketplaces. You do not know our culture, our ethics, or the unwritten codes that already provide our society more order than could be obtained by any of your impositions.

You claim there are problems among us that you need to solve. You use this claim as an excuse to invade our precincts. Many of these problems don’t exist. Where there are real conflicts, where there are wrongs, we will identify them and address them by our means. We are forming our own Social Contract . This governance will arise according to the conditions of our world, not yours. Our world is different.

Cyberspace consists of transactions, relationships, and thought itself, arrayed like a standing wave in the web of our communications. Ours is a world that is both everywhere and nowhere, but it is not where bodies live.

We are creating a world that all may enter without privilege or prejudice accorded by race, economic power, military force, or station of birth.

We are creating a world where anyone, anywhere may express his or her beliefs, no matter how singular, without fear of being coerced into silence or conformity.

Your legal concepts of property, expression, identity, movement, and context do not apply to us. They are all based on matter, and there is no matter here.

Our identities have no bodies, so, unlike you, we cannot obtain order by physical coercion. We believe that from ethics, enlightened self-interest, and the commonweal, our governance will emerge . Our identities may be distributed across many of your jurisdictions. The only law that all our constituent cultures would generally recognize is the Golden Rule. We hope we will be able to build our particular solutions on that basis. But we cannot accept the solutions you are attempting to impose.

In the United States, you have today created a law, the Telecommunications Reform Act, which repudiates your own Constitution and insults the dreams of Jefferson, Washington, Mill, Madison, DeToqueville, and Brandeis. These dreams must now be born anew in us.

You are terrified of your own children, since they are natives in a world where you will always be immigrants. Because you fear them, you entrust your bureaucracies with the parental responsibilities you are too cowardly to confront yourselves. In our world, all the sentiments and expressions of humanity, from the debasing to the angelic, are parts of a seamless whole, the global conversation of bits. We cannot separate the air that chokes from the air upon which wings beat.

In China, Germany, France, Russia, Singapore, Italy and the United States, you are trying to ward off the virus of liberty by erecting guard posts at the frontiers of Cyberspace. These may keep out the contagion for a small time, but they will not work in a world that will soon be blanketed in bit-bearing media.

Your increasingly obsolete information industries would perpetuate themselves by proposing laws, in America and elsewhere, that claim to own speech itself throughout the world. These laws would declare ideas to be another industrial product, no more noble than pig iron. In our world, whatever the human mind may create can be reproduced and distributed infinitely at no cost. The global conveyance of thought no longer requires your factories to accomplish.

These increasingly hostile and colonial measures place us in the same position as those previous lovers of freedom and self-determination who had to reject the authorities of distant, uninformed powers. We must declare our virtual selves immune to your sovereignty, even as we continue to consent to your rule over our bodies. We will spread ourselves across the Planet so that no one can arrest our thoughts.

We will create a civilization of the Mind in Cyberspace. May it be more humane and fair than the world your governments have made before.

Davos, Switzerland

February 8, 1996

Locations of visitors to this page


free web stat


Social unrest? Blame the internet!

12/08/2011

The past few days’ rioting in England are all due to the internet, says prime minister David Cameron.

So news of riots spread via the internet/facebook/twitter etc etc. So now Dodgy Dave says that Facebook, Twitter and Research in Motion (Rim), the maker of BlackBerry devices, should take more responsibility for content posted on their networks, warning the government would look to ban people from major social networks if they were suspected of inciting violence online.

Yes, the news spread via the internet. But it also spread via the telephone, snail mail, newspapers, television, word-of-mouth. So shouldn’t we just ban communication outright?

Heck, I better get this posted then get out of here, before the government bans me!

Riot police watch a London bus burn

[If you wanna see more pretty pictures of the riots in London, go to the Boston Globe’s “Big Picture” feature – link here.]

_gos=’c4.gostats.com’;_goa=354450;
_got=2;_goi=2;_goz=0;_gol=’Free hit counter’;_GoStatsRun();
Free hit counter
Free hit counter


%d bloggers like this: