Author Archives: shinohai

Symantec Snake Oil Goes Rancid

Posted on by

Researches with Googles Project Zero security team announced on Wednesday a major vulnerability affecting nearly all Symnatec snake-oil antivirus products. The kernel vulnerability requires no user action, which would allow attackers to corrupt system memory without requiring users to even open an email used to trigger the flaw.

These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.

Symnatec indicated they were not aware of anyone actually exploiting the bug as of yet, and responded by making a new panacea that supposedly fixes the problem.

Preet Indicts Hondurans In Honduras

Posted on by

Evil itselfAgent of oppresion Preet Bharara handed out indictments to 6 Honduran policemen on Wednesday. These officers are not of Preet's District in Manhattan or even the United States. The officers allegedly conspired to smuggle cocaine between points that are not in the United States, though Preet assures the destination was the United States and not one of the other countries that likes cocaine too.1Undercover officers fraudulently misrepresenting themselves as Mexican narcotics wholesalers offered the officers a million United States dollars in bribes to "ensure the safe passage of tons of cocaine through the jungles of Honduras" Bharara said. The officers allegedly operated the smuggling ring over a ten year period. Last month Fabio Porfirio Lobo, the son of a former Honduran president, plead guilty to some charges and introduced the accused officers to the fake merchants. Sorry for your laws Mister World Police.

  1. This list consists of all of the countries.  

US Customs Seeks To Control Social Media Imports

Posted on by

A proposal from US Customs and Border Protection will ask visa applicants to reveal their social media identities, a move they claim will keep the country safer from terrorists. The announcement on thefederalregister.gov website stated "It will be an optional data field to request social media identifiers to be used for vetting purposes, as well as applicant contact information. Collecting social media data will enhance the existing investigative process and provide DHS greater clarity and visibility to possible nefarious activity and connections by providing an additional tool set which analysts and investigators may use to better analyze and investigate the case." No mention was made on how the agency plans to verify the data found within the social media profiles, seeing as terrorists will likely just make fake profiles or be in possession of multiple identities.

Google CEO Social Media Account Hacked

Posted on by

Hacking group OurMine, the group responsible for breaking into Mark Zuckerberg's Twitter account has claimed another victim. Google CEO Sundar Pichai had his account on Quora taken over by the hackers on Sunday, who then used the account to auto post a tweet saying "We are just testing your security". The messages and tweets were removed by Monday morning, and no statement from Google or Mr. Pichai was available. OurMine has said it will continue to hack the accounts of tech executives and celebrities, and made good on their promise by also hacking the bit.ly account of Amazon CTO Werner Vogels. OurMine claims to have made $18,400 selling it's web and social-media account security services.

Garza, Stuart Fraser of Cantor Fitzgerald, and GAW Face Class Action Suit In US Court

Posted on by

A group of investors hoping to actually recover funds from dead pyramid scheme GAW Miners and its officers filed a class-action lawsuit against the group in a US court. This is the second lawsuit to be filed against Homero J. Garza (WOT:nonperson), Stuart Fraser of Cantor Fitzgerald (WOT:nonperson), and the company originally known as Great Awk Wireless. The first indictment against Homero and GAW was issued on Qntra in October of 2014 following speculation on other venues associated with The Most Serene Republic back in August of 2014 Anno Domini. Blog comment defender of GAW and Garza "DirtFighter" (WOT:nonperson) was unreachable for comment while CryptoCoinNews, NewsBTC, CoinDesk, Bitcoinist, and other operations supposing they were Bitcoin news outlets at the time while either enabling or outright supporting the GAW scam were not solicited for comment.1

  1. Un-WoT'd nonpersons the lot of them.  

Gotomypc.com Goes To Other Peoples PC's Too!

Posted on by

In the wake of the teamviewer breach another remote desktop service, gotomypc.com has reportedly been hacked. An advisory posted to their website this morning stated:

Unfortunately, the GoToMYPC service has been targeted by a very sophisticated password attack. To protect you, the security team recommended that we reset all customer passwords immediately.

No further important details were shared, such as the number of accounts affected nor the extent of the intrusion. An "Update" published by the team around Noon EDT simply stated "We sincerely apologize for the inconvenience and frustration this issue may be causing." This article will update if a further statement is released by gotomypc.com.

Buterin's Waterfall Unveils Log Plume To Wood Chipper Ride

Posted on by

Tumultuous storms rocked the Buterin's Waterfall amusementarium Friday morning, after an alleged hack caused prices to plummet against Bitcoin. Coinmarketcap.com showed the DAO1 down -20.34%, with Ether dipping -12.07 % over the past 24 hours. A blog post on slock.it informed users that no funds would be lost due to this "race to empty" bug. To support their claims, a hand-drawn morale graph was offered for assurances. Lacking immutability, ride operators suggested "rolling back" their blockchain to make the hack's effects2 magically vanish. Sorry for your loss.

  1. The Waterfall's newest ride the DAO adds a new twist to the classic log Flume by ending with riders entering a wood chipper instead of a SplashCam(TM)(R)  

  2. And any other things that happened on the blockcain concurrently..  

Acquihired Changetip Can't Unload Actual Changetip "Business"

Posted on by

CoinDesk would like you to know that their sibling under a shared corporate parent, ChangeCoin is still reporting trouble selling the micro transaction framework ChangeTip since its sale to Airbnb back in April. (archived) Changetip/Changecoin raised almost ~4 million US dollars in it's first round of investor funding before their lack of a sustainable revenue model became an issue. Qntra has previously reported on the woes facing failed spam service back in April. As part of their money in, nothing out philosophy they raised an additional $640,00 in January 2016 after announcing they had run out of funds before the sale.

When Qntra reported on Changetip's phasing in of withdrawal fees back in December 2015 Changetip's Victoria van Eyk (WOT:nonperson) offered the following in the comments:

Please stop this kind of hate. We're not a spamming service. In fact, people use our service for good all the time – just ask any of the 20 charities we support via our platform, or any of the bloggers and musicians who have been delighted at receiving donations for their content.

I'm sorry if you've experienced spam.

The 1% withdrawal fee has always been in the plan, and has simply been prolonged for over a year now. But of course you don't focus on the awesomeness of having used a free service, you choose to focus on the fact that we're only implementing it now.
And yes, transactions cost money to hit the blockchain. Usually anything of value costs value in return.

We didn't "employ a(n) /r/Bitcoin moderator in an effort to avoid complete shunning" – that is just simply inaccurate. We employed BashCo because he was a ChangeTip supporter from the very early days, and we like compensating people for their time, energy and effort.

From my personal point of view, it's sad to see such negative posts like this. The whole community seems to want bitcoin to succeed, but they lambast and throw insults at any company working hard to do it. It's a real shame.

The Bitcoin community had a huge opportunity to help shape ChangeTip into something beautiful to use to help bitcoin adoption forward, and largely has allowed negativity to consume this possibility.

-Victoria1

  1. The lack of a GPG signature or WoT presence makes this statement's authorship not definitively verifiable though information suggests it was actually her statement, this is a challenge for those attempting to do business as WoTless nonpersons.  

US Air Force Fraud Investigations Lost

Posted on by

As mentioned in an article by Mircea Popescu's on Clinton infosec failures, United States Air Force fraud and abuse investigations dating back to 2004 were lost when a database became corrupted. Lockheed Martin did not notify the Air Force of the catastrophic failure until two weeks after it occurred. Amongst the 12 years worth of lulz lost were files belonging to the USAF Inspector General’s office that detailed personal information and allegations of cases of fraud, waste and abuse. The involved parties are seeking assistance from outside data recovery forms to assess the situation and see if any of the information can be restored. Sorry for your loss.

uTorrent Forum Hacked

Posted on by

The forum for file sharing software uTorrent was reportedly compromised on June 6, according to announcement on site. The forum was notified of the breach by Invision Power Services, Inc. which produces the software platform the forums run on. The site has approximately 385,000 users, and the uTorrent team believes that the entire user database containing hashed passwords was compromised. The attack highlights the problems with existing forum software, which has been highlighted by Mircea Popescu on trilema. Peace in our time.