Archive for the ‘LulzSec’ Category
We’ll dig into bitcoin and explain what it is, and how it works. Is there a future for this Cryptocurrency?
Plus Sony is in the news again, and its not good… And we talk about a new ruling on how far your bank has to go to protect you from cyber criminals.
Direct Download Links:
Subscribe via RSS and iTunes:
Topic: Sony hacked yet again
- Lulzsec has compromised a few more Sony properties in the last week
- at 11 a.m. EST on June 6, Lulzsec leaked the source code to the Sony PSN Developers Network
- This could allow people to find more flaws with the Sony system very quickly
- This also opens up the possibility of a ‘private’ version of the PSN network, allowing owners of hacked playstations to get the benefits of a number of PSN services without cost or worrying about being identified.
- The fact that Lulzsec was able to access the source code also opens up the possibility that they could have made changes to the code, allowing all sorts of mayhem (unlocking paid content for everyone, or damaging the users by streaming all credit card transactions offsite somewhere)
- Lulzsec also uses an SQL injection attack against Sony Pictures, and was able to export 150,000 records from a database of more than 4.5 million records
- SQL injection attacks are very common, with the number that have been successfully executed against Sony in the last 2 months, one would expect that would have made efforts to repair some of their software
- One apparent member of Lulzsec, Robert Cavanaugh, was taken in to custody by the FBI. Lulzsec claims he is not a member.
- Lulzsec also compromised a Nintendo server and published it’s configuration file as proof. No corporate or customer data was taken.
- Lulzsec has also started going after sites affiliated with the FBI
- In addition, Lulzsec has taken responsibility for compromising Fox TV, and publishing a list of X-Factor contestants.
Topic: RSA Admits SecurID tokens compromised
- RSA is expected to have to replace all 40 million tokens that are in use world wide
- Popular users of RSA SecurID Tokens: The Pentagon, Lockheed Martin and other military contractors, World of Warcraft, PayPal/eBay, major account holders at some banks
Topic: US Court ruling to define ‘Reasonable Security’
- An ongoing court battle is nearing an end, the final ruling will likely determine the standard for how much commercials banks must do to protect their customers from cyber thieves.
- The case stems from an incident where a construction company that used online banking to do it’s payroll, had it’s PC compromised with the ZeuS trojan. The botnet operators managed to siphon $588,000 out of the companies account using a series of ACH transfers over the course of 7 days.
- The Bank managed to recover $243,406 of the funds, leaving the contractor on the hook for the remaining $345,445
- The bank had recently changed its policies to require users to answer one of their security questions for each transaction. This change actually made it easier for the botnet operators to capture the answers to these questions, which allowed them to initiate their own transfers
- Guidelines established in 2005 by the Federal Financial Institutions Examination Council (FFIEC) require two-factor authentication
- The bank claims it was doing two factor authentication by checking the username/password (something you know) and a ‘device id’ (something you have). The device ID appears to have been nothing more than the browser string, which is easily faked, or in this case, circumvented by the ZeuS trojan, which users the victims own browsers on their own PC to initiate the fraudulent transfers.
Topic: Bit Coin farmers raided by police for suspected pot farm
- A local law allowed the police to get a warranty for any property that used more than an average amount of electricity each month
Topic: What is bitcoin?
Bitcoin is a digital currency created in 2009 by Satoshi Nakamoto. It is also the name of the open source software designed in order to use this currency.
Bitcoin is one of the first implementations of a concept called cryptocurrency, which was first described in 1998 by Wei Dai on the cypherpunks mailing list.
Building upon the notion that money is any object, or any sort of record, accepted as payment for goods and services and repayment of debts in a given country or socio-economic context, Bitcoin is designed around the idea of using cryptography to control the creation and transfer of money, rather than relying on central authorities.
Isn’t it just a fake vaporware currency?
- It’s already valued at $200 million USD.
- There are various definitions of success here. Bitcoin may always see value as simply serious competition to PayPal.
- Bitcoin’s value is as “fake” as the dollar, or many other things we as a people agree to collectively assign value to.
Ugh.. Another virtual money? Linden dollars, Xbox Points, Atari Credits, ENOUGH!!
- bitcoin goes beyond just another online “virtual dollar”.
- It’s distributed P2P nature means no single controlling interest can shutdown your account, or refuse a transaction, or charge a transfer fee.
- No single controlling party can impact the value of the bitcoin.
- Bitcoin could have the potential to unify everything to a single online currency.
- Users value would move with them between games/services. This is more critical to those with limited funds to spend on these types of services/games.
- Mining bitcoins gives advantages that level the playing field to those who otherwise can not economically participate in the common up-sale environments found with online gaming and services.
What are the REAL issues?
One pool to rule them all?
deepbit.net: If too much of the network power goes to one pool, don’t we just create a single point of failure? MANY in the bitcoin community are very worried about deepbit.net aproaching 50% of the mining power of the network. Many are calling/asking for miners to switch to new pools to balance things out.
What about the Exchange?
Mt. Gox is the #1 way to get cash into Bitcoin, if this site were taken down by the gov, or something else, it would be a massive blow to the value of bitcoin.
What is next?
More places* need to accept bitcoin, this is starting to happen more and more:
- Your Transceiver Memory Hardware Cable Superstore! – Now taking bitcoin
- The Bitcoin 2 Credit Card Service
- Bitcoin Classifieds
- Silk Road
- Official Bitcoin wiki list of sites that take bitcoin (very long)
*The online porn industry could really win big here. Bitcoin for porn could be huge. Anonymous money, that can be generated via your GPU.
Safley transfer bitcoin between parties with escrow?
Bitcoin for a little fun?
How to Mine & Get Started with Bitcoin:
Download any of these bitcoin miners:
- m0mchil’s GPU miner (recommended for GPU)
- jgarzik’s CPU miner
- Diablo’s GPU miner
- puddinpop’s GPU/CUDA miner
- Ufasoft’s CPU miner
How can bitcoin help business like JB?
Donate some coins: 1CirPhywbP9qNEL1CH8dTMPiqSfY1SmV4m
Community pooling, with a network “fee” that goes to support the network. The community mines for each other, and the network. Fans helping fans.
- Could less reputable sites hide/embed this JS code to steal your CPU cycles? YES.
- Could it become a way to replace Ads on a site? Maybe…
Follow Chris’ always up-to-date obsession feed with bitcoin!
Want to know more about bitcoin?
- Contact us on the show, if we get enough interest we’ll keep you updated via the show!
- Join the discussion in the Colony, a few TechSNAP fans are already mining away in there!