The end was nigh...

The world ended for around an hour this past week when *gasp* Facebook, Instagram and Tinder were down. There was mass hysteria on Twitter with people freaking out as if the world was literally ending. We have now reached the moment in time when humans are too dependent on social media.

Facebook says the outage "occurred after we introduced a change that affected our configuration systems."

That's it. A simple thing that companies do every day and this time it didn't work. They were not hacked despite Lizard Squad tweeting about it. But these days it seems easier to blame hackers for DDoS attacks than ever believing that a company can make a mistake.

In other news, we're still rushing headlong into the reality of Idiocracy.

My Buffer Overfloweth...

While doing research into the latest assignment I found a pretty cool tutorial so you can try out your own Buffer Overflow attack. While I did not try it myself (I ain't got time for that!) and it looks like I will need a few more skills under my belt, it could be something to play around with in the future.

In other news, the government and law enforcement are corrupt. (But that isn't really news.)

Barrett Brown, a journalist, is now in serving a prison sentence of 5 years for federal charges of obstructing a search warrant, making Internet threats and being an accessory to unauthorized access of a protected computer.

In this case the obstructing a search warrant is for hiding his laptop, making Internet threats (towards the douchebag FBI agent that threatened his Mother and of course no charges were brought against the agent) and the last one is a load of bullshit;

The sentencing ends nearly three years of legal wrangling for Brown, who first attracted the attention of law enforcement officials in 2011 when he copied a hyperlink to data stolen in a hack of security think tank Strategic Forecasting, or Stratfor, from one Internet Relay Chat (IRC) channel to another. The hack reportedly yielded 200 gigabytes of data, including e-mails and credit card information from Stratfor clients, which include the US Army, US Air Force and Miami Police Department. 

Despite Brown's lack of hacking skills, prosecutors argued that the act of posting a link to the data made him a party to the crime. Seeking to have the charge dismissed, Brown's attorneys argued in a court motion (PDF) that Brown did not "transfer" the stolen data but merely republished a public link to information that was already in the public domain.

 Now this is especially worrisome, even for the general public, because copying and pasting links is not a new thing nor is it hard. Anyone can do it and probably has done it.

While the hyperlink charge was ultimately dropped, Brown said the prosecution revisited the link charge during a December sentencing hearing as "relevant conduct" that should be considered in deciding Brown's punishment.

"The fact that the government has still asked you to punish me for that link is proof, if any more were needed, that those of us who advocate against secrecy are to be pursued without regard for the rule of law, or even common decency," Brown said in a presentencing statement to the court.

 We live in a time when we have governments spying on their own people and getting away with it. When whistle blowers are seen as anti-American and a society that values its privacy but condemns those that try to show the corruption. It is about time the people see the what is happening and do something about it.

#JeSuisCharlie: How a terror attack is now a malware attack

Organized malware proponents are using a tragic terror attack as a basis to spread malware. This time they are taking advantage of the tragic shootings in France at Charlie Hedbo and around the country. 

According to this Forbes article the malware is hidden within a picture of a newborn baby with a hospital wrist band that states Je Suis Charlie. The malware contained is a remote access toolkit that gives access to take over the machine.

These type of attacks have happened in the past; the Red Cross in the aftermath of the earthquake in Haiti is a prime example.

Don't click random links folks.

As a follow up to my previous post, it seems that I was not totally off base with my distrust of the FBI and their claim stating the North Koreans were the hackers in the Sony incident. The evidence just doesn't add up.

North Korea and stupid movies...

While on winter break between terms a movie called The Interview was scheduled to be released. It sounded like just another of Seth Rogen and James Franco's stupid movies. Overall it was terrible. I admit it I watched it. However there was no way I'd ever pay for it and I didn't. Which in itself is a good thing because it would have been a colossal waste of money.

The entire controversy surrounding the movie is that, supposedly*, hackers (which the FBI states was the North Korean government) attacked Sony and released a bunch of information including personal information on employees and celebs. (* - I don't believe a damn thing news outlets or the FBI/CIA/NSA say without more proof.) There were also threats of terrorist attacks on theaters that screened the movie domestically. Sony caved in and the movie was not released. Then the actors, President and consumers pressured Sony to release it. They released in some theaters but mostly it was released online. Overall it was a good way to release movies and I hope that Sony will look to that in the future.

Now in the aftermath, the President has imposed sanctions against North Korea. I don't believe for a second that this will stop the hacking of Sony or any other top tier companies. However maybe this attack will strengthen the security measures Sony uses and helps educate their employees on how to protect themselves at work and at home.



C|Net article on the sanctions.