While The Last One Was A Hoax 123-reg Has Actually Deleted People’s Websites

A few days ago we reported on the fact that a company had apparently deleted itself, news which later turned out to be a hoax as part of a bad marketing scheme. For people who used 123-reg, a website hosting company in the UK, the joke may be on them as the company has actually deleted people’s websites.

123-reg has around 800,000 customers within the UK, hosting around 1.7 million sites, said that similar to the hoax, an error was made during “maintenance”, resulting in data from one of their servers being deleted.

The firm issued a statement saying that the company they were working on “restoring … packages using data recovery tools”, a process that is slow and not always effective, as people noted to the previous hoax. 123-reg has recommended that those with backups of their sites should use them to rebuild their sites, as the company itself didn’t have backups of the customers sites.

While the fault is reported to have only affected “67 out of 115,000” servers, it was caused by an automated script. An audit of 123-reg’s scripts is now being conducted and any deletion will now require human approval in the future, something that I’m sure the many companies that have lost business because of this blunder are less than comforted by.

JavaScript Projects Were Broken After Left-Pad Was Unpublished

Tuesday afternoon and you start running your brand new JavaScript for the website you’re working on. You’ve been working on it for days and have been enjoying it working only to find it breaks. The reason your project, among hundreds of JavaScript Projects, was broken for hours because someone unpublished a piece of their work known as Left-pad.

As people create more and more complex programs they often rely on code written by others in modules or tools, in this case, the module was titled left-pad and was taken down my creator Azer Koçulu after lawyers representing instant messaging app, Kik, targeted one of Koçulu’s many modules for having the same name. While this wouldn’t cause problems for many, left-pad whose sole purpose is to pad the left-hand side of strings (or sentences) with zeroes or spaces, is used in projects like Node and Babel, most popular pieces of work that are used in many other projects themselves.

With left-pad removed from NPM (a packet manager that helps developers organise their use of other modules or packages), the projects suddenly found themselves unable to retrieve the code, ultimately falling over in style. With just under 2.5 million downloads in the last month alone according to NPM you can tell just how many projects could have been broken by a single action.

In order to solve this problem Laurie Voss, CTO and co-founder of NPM took a step that many consider unprecedented and republished the previously removed left-pad 0.0.3. This action was apparently prompted by the new owner and allowed Voss to end the day knowing that he was “sleeping fine tonight”.

Website Hopes To Explain Dyslexia

Technology can do wonderful things. From giving someone the ability to walk to letting you read news from anywhere in the world on a device as small as your palm. In the latest move to use technology to help people, a website looks to help explain Dyslexia to people who don’t quite understand how the illness works.

Someone looks to help others understand how people with Dyslexia see writing and have done so through a website which actually contains the first paragraph from Wikipedia describing the condition. You can find the original text here but if you are interested in seeing how Dyslexia affects people you may be more interested in this site.

The text appears to scramble itself, replacing one character with another while others move around all over the paragraphs. This is how some people would describe dyslexia, making even the simplest of sentences difficult to understand while large paragraphs become like ancient texts to those affected. As someone who suffers from dyslexia, I can understand what it is getting at. The simplest of texts can become difficult and while others say they “understand” being able to compare the experience to something like what the website shows goes a long way to helping people, both dyslexic and not, understand one another and the difficulties a subtle condition like this can have on everyday life.

MIT’s Polaris Hopes To Speed Up Your Browsing Online

Sadly the experience on some websites these days can very quickly be summed up by the word “loading”. We like our pictures, our videos and some even like ads, the problem being is that everything you view on the internet has to come from somewhere and that is where the loading comes in. MIT and Harvard want to give you a hand and help speed up your browsing online.

MIT’s Computer Science and Artificial Intelligence Lab (CSAIL) and Harvard have gone and created a framework that focuses on those things you have to download to view your favourite sites. With everything from images to Javascript downloaded to your computer, the new project, titled Polaris will help download all those different features in the most efficient sequence possible, avoiding the constant pinging and server routing that comes with traditional browsing.

Polaris was in fact built using JavaScript, something which means that any browser and website can use the new system, the only requirement is that the server the sites on is running Polaris in the first place.

The plan for Polaris is to open-source the framework, meaning you could soon find it in every site and browser you use, and with it showing reductions of up to 34% in loading time on websites, you can get one more cat video in on your lunch break.

Judge Rules That FBI Tor Hack Must Be Revealed to Lawyer

FBI this, FBI that. It would seem that the FBI just can’t help but keep out of the news these days with Apple Vs the FBI seeming to turn companies against the government, but this is not the only case where the FBI is having trouble. The other case is when they were able to hack over 1,000 computers on the infamous Tor network, leading to a series of convictions. The Judge presiding over the case has now stated that the defence lawyer should be provided with the code used to hack their computers.

Colin Fieman is the federal public defender working on the case and has requested that they are given access to a copy of the code used to identify his client. In a response to Motherboard, Fieman stated that the code would include “everything”, including the methods used to bypass security features of the Tor Browser.

Vlad Tsyrklevith is the defence’s consulted expert on code and he has since received the “code” used, but it seems that the FBI were holding out with several key elements missing from the code. This included the exploit used to break into the defendant’s computer, a key feature that should be provided in the case with the agreement that “subject to the terms of the protective order currently in place” they would have access to the code used to identify and potentially, charge, the defendant.

It would seem the FBI can’t stop getting caught short, with this case drawing criticism because of the use of a single warrant to hack an unknown number of computers located around the world. This wouldn’t have been so bad if the FBI hadn’t kept the site which contained illegal materials online, effectively meaning that the FBI were distributing the same thing they are now prosecuting people for.

Companies Face Criminal Charges for Notifying You of Spying

The government is at the heart of a major debate regarding your information and their attempts to gain access to them. With everything from encryption to the latest in a long stream of bad ideas, making companies who inform you when people are attempting to read your information pay criminal charges.

The Snoopers Charter, or by its proper name the Investigatory Powers Bill, would not only require sites to keep up to twelve months worth of your details, including your visited sites, but would also give government agencies access to this information, all while government officials have been requesting backdoor access to encrypted data that could be easily accessed by the authorities (not to mention any hacker who finds the backdoor).

A small side note on the bill states that the bill “will ensure that a communications service provider does not notify the subject of an investigation that a request has been made for their data unless expressly permitted to do so”. This means that companies would have to be told they can tell you, rather than being told to keep it a secret.

With companies like Yahoo, Twitter, Facebook and Google already alerting you when they believe your account is being spied upon, making it illegal for companies to warn you that people are delving into your personal life could quickly come back and cause issues, both legally and morally.

Image courtesy of Beta news

Anonymous Claims They Are Responsible for Crippling Turkey

Anonymous has made recent news with taking part in and claiming hacks against several large groups, their latest campaign being targeted against ISIS (now more commonly known as ISIL or Daesh), with splinter groups even supporting the FBI with information. Now it would seem that they are not only directly attacking the group but also those that might support it.

According to reports from Radware and a claim from their own twitter stating that they had been part of the an operation that took down some of Turkey’s websites.

The group claims that they are targeting ISIS due to Erdogan’s support of ISIS and directly funding them by purchasing oil from the group.

With several servers working with peaks of 200 GBPS the attack is stated to have left more than 400,000 websites down across turkey and internet traffic throughout the country intermittent at best.

The attack was so bad that eventually all traffic to the country was cut off in an attempt to shut down the attack, however, the attacks was still going on several days later.

The claims are considered strong with Anonymous later posting links to a news site claiming that a telephone found on an ISIS commander contained messages from Turkish Intelligence Services.

One thing can be said for sure, though, Anonymous are known for conducting large-scale cyber attacks and organising something like this would not be out of the ordinary for them.

Huge Steam Error Exposes User Details!

Steam is a worldwide service designed to help you and your friends purchase and play games with a sense of security and unity. This doesn’t mean it’s perfect though as we found out this Christmas with a bunch of users reporting seeing other people’s details.

Reported on Reddit users were claiming that not only were their information displaying in another language it was also showing other usernames and information related to their accounts. While this may sound trivial the kind of information wasn’t, with everything from Steam Wallet balances, purchase histories and PayPal information being met with some contact information. While there has been no official word from Valve has of yet, but the steam services

While there has been no official word from Valve has of yet, but the steam services did go offline for a period before being brought back to life with a fix.

Steam Database, a service that keeps watch on steam from its sales to its services, reported that while it was being exposed the information was read-only. This means that people could only see your information, not change it. They go on to stress that it is not a hack but most likely a misconfiguration in Valve’s caching mechanisms. They then recommend asking Steam to forget your payment information as “Valve have proven multiple times that they’re unable to keep their security standards to a high level”.

Block Star Wars Spoilers With a Little Help

Star Wars the Force Awakens is set to be one of the largest films of the year and with generations of followers waiting for the big release this Thursday it was only a matter of time before people started posting spoilers or concepts that could ruin the film if you can’t make it to the cinema in time. The BBC posted an article explaining several ways to avoid spoilers (or the film altogether), ranging from moving country to retreating from the online world as a whole.

We at eTeknix understand that this may not always be possible (who can go without their memes these days?). One approach someone has taken is a similar one to something people use every day, an adblocker. Adblockers detect ad’s on a website and unless whitelisted, stop them from loading avoiding the onslaught of sounds and videos that loud on most web pages. Force Block, a chrome extension, aims to do the same but with spoilers for the highly anticipated film.

With a white list function you can add websites you think are being flagged incorrectly but otherwise upon loading a page you are met with a dimmed web page and a warning stating that you could be ruining the film in one of many different messages inspired by the films.

Proposed “Online Safety Bill” Being Debated In the House Of Lords

Guess whose back? Indeed after a short hiatus I am back and raring to be creative concerning my written articles for eTeknix, although, in reality it has only been around 6 weeks since my last piece. So, what to write? I know, let’s delve into the proposed “Online Safety Bill” which is currently being debated in the UK courtesy of the House of Lords.

According to reports on the government’s own Parliament website, the bill is being debated at the “1st sitting committee stage” and proposes a law to compel “internet service providers and mobile phone operators to provide an internet service that excludes adult content” This includes provisions to offer strict and compulsory age verification checks to NSFW sites and also a role for Ofcom. There are also proposals to educate parents through digital on demand programme services and a licensing scheme for such websites.

It will be interesting to see how the debate develops and also the challenges of implementing such a law, after all, ISPs will first have to define what constitutes an “adult” website before blocking it to individuals who are under the age of 18. A further interesting angle is the proposal to “require electronic device manufacturers to provide a means of filtering internet content”.

Logically these proposals are unworkable and may in all probability be circumvented by various tech means; there is also the question of legitimate and educational sites that might fall under the banner of such a law. Another aspect which could cause concern is the proposed age verification checks, the only way this could be implemented is for a mechanism to be introduced to verify consumers through official identification without it being intercepted by hackers and a myriad of external cyber threats.

Image courtesy of echo

SHA1 Ending Could Block People From Secure Websites

When you connect to websites you sometimes find yourselves on a secure site, this means that the communications between your computer and the website are encrypted. One of those encryption technologies used is called SHA1.

SHA1 is a hashing function that is designed to hide what you send online, due to its vulnerabilities though its soon to be retired. While stopping the use of old and insecure technologies is a great step, Facebook and Web security firm CloudFlare have warned that when SHA1 stops being supported around 7% of the world’s browsers can’t support the new standard being put in place, SHA256.

Both Facebook and Cloudflare have announced a new mechanism that will allow websites to connect using SHA256, but if you can’t use it their new technology will allow you to continue using SHA1.

While Facebook is rolling the new mechanism across their websites and Cloudflare to websites they host. For other companies who want to adopt the new mechanism, it will be made open source, granting the entire world access to the technology, in the hopes that the tens of millions of people who would be affected can still connect and use the internet without disruption.

While new technologies fixing the problems of the last generation is always a good thing, is the impact of cutting millions of users off from their sites worth it?

GCHQ Could Be Fined For Latest Series Of Job Adverts

GCHQ are known for their presence within the UK as the cyber spies, the first and last defence against digital threats within the UK. In recent years though they have not had the best image, with incidents like being given permission to spy on politicians, recommending users store their passwords in software and do away with remembering them and breaching human rights with their internet surveillance. Their latest issue may be something a little more low-tech, with their latest job adverts possibly resulting in them being fined.

Hackney council has stated that they will fine and ask that GCHQ clean up their advertisements as they didn’t have permission to create the advert in Shoreditch.

https://twitter.com/JamesLiamCook/status/664064611642163200/photo/1

Featuring a pun on their name, combined with a web address, the adverts were created by using a technique called reverse graffiti. This means that instead of applying paint or another material atop the surface, you use a stencil and a power washer to remove and clean off the top layer of dirt, resulting in a white depiction of your stencil.

The adverts have also been spotted in Manchester, Birmingham, Wolverhampton and Leeds.  GCHQ claim that they were led to believe that Hackney Borough Council had an issue with clean graffiti on street furniture, not pavements.

If only they had a copy of the email that people sent with this information…

Dell Sorry and Rushes To Fix Security Issue

Yesterday we reported on a security issue that came pre-installed on Dell machines, resulting in a potential security risk to both your details and opening up your system into being tricked about if a website is ‘secure’ or not. It would seem that they have been quick and keen to fix this issue, releasing information on how to fix the problem on machines.

First up, if you are using a Dell machine we recommend you use the test site that’s been set up. If this website appears fine, with a padlock in your browser, without displaying a warning then it means that your computer is currently running the eDellRoot certificate.

In order to remove it, you can either use the following process listed below or you can use the uninstaller app provided here. If you want to remove it manually then follow the steps below:

  1. Go to the start menu, type “mmc” and press enter
  2. Go to File -> Add/Remove Snap
  3. Pick certificates and press add
  4. Choose computer account and press next
  5. Choose local computer and press finish
  6. Press Ok
  7. Expand Certificates and Trusted Root Certification Authorities
  8. Pick the certificates folder and check to see if eDellRoot is present
  9. If eDellRoot is present, right click and press delete.

If you want to see the full steps listed provided by Dell you can find the file here. With these steps, you can ensure one less threat to your machine and as such your digital life. It will be interesting to see how Dell reacts to this issue and moves forward in the coming weeks.

Comodo Fixes Issue Which Resulted In Banned Certificates

Have you ever noticed that padlock symbol in your address bar when you go on a website, such as eBay or your emails? These symbols actually mean something, they mean that the website has been verified by an SSL certificate, these are provided by an external company and are designed to let you know that your websites are safe and secure. So can you imagine what that means when bad certificates are issued?

Comodo is one of the companies that provide online certificates and has had to fix just that problem when they released a fix for a bug which issued several certificates after the rules for providing those certificates changed. In a post on their forum, Rob Stradling, Comodo’s senior research and development scientist, posted that eight certificates were issued but didn’t end the post there.

Stradling then went on to state that Comodo may not be the only company to have this problem,

We found non-compliant certificates issused by quite a number of other CAs, but I’ll document these in another post.

With the fix released only two hours after they discovered the bug, the hope is that the padlock can stay a symbol of security and safety online.

Why You Haven’t Heard about the Thing You Can’t Say on Facebook

Have you ever heard about the social media website Tsu.co? I’m going to guess that most of you haven’t, and that’s mostly because we now know that;

  • The first rule of Facebook is you don’t talk about Tsu
  • The second rule of Facebook is you don’t talk about Tsu
  • The third rule of Facebook is you don’t talk about Tsu

Actually, it’s not just Facebook directly, but also Instagram and Messenger are actively blocking any instance of the web address, so much so, that Facebook has backdated the ban, deleting more than 1 million Facebook posts, including images, videos and comments that ever mentioned Tsu.co.

So what the hell is going on? I hear you ask.

“We’re persona non grata,” said Sebastian Sobczak, who founded Tsu. “You can type in all sorts of seedy websites, and you can get to them. But not us. We don’t exist.”

Tsu, a new social network which claims to share advertising revenue with its users. The site keeps 10%, you keep 45% and you friends which you invited split the rest. If that sounds a little bit like a pyramid scheme, it’s because it’s pretty obvious it is. Of course, people love money, so there’s certainly an incentive to use the service over the current business models at Facebook, but to me, it sounds a little too good to be true and not worth the hassle.

“Tsu said it had been receiving a decent amount of traffic from Facebook, averaging more than 2,534 visits a day. When that dropped to zero, Tsu appealed to Facebook, arguing that it didn’t violate Facebook’s terms of service, because it did not pay users to push content to Facebook.” said CNN.

“We do not allow developers to incentivize content sharing on our platform because it encourages spammy sharing,” said Melanie Ensign, a Facebook spokesperson.

If Facebook didn’t ban this, there’s a chance that social media channels could quickly become flooded with links to Tsu, as people try to earn extra revenue, suddenly sharing your photos becomes financially motivated, rather than just socialising. Facebook has now marked the links as spam as of September 25th.

Is Facebook trying to stop a competitor stealing their users, or is this a smart move to block what could be seen as a scam in the long run? Who knows, but one thing is for certain, you sure as hell can’t type Tsu.co into Facebook to talk about it.

Overclockers UK Launched a New Website Design

This morning we first thought that our friends from Overclockers UK had trouble with their website again, which would have been a logical scenario thinking of all the recent attacks on British-based online shops. However, the news wasn’t all as bad as we though and the page started to work again shortly after and showed us a brand new design instead.

Some users might still experience a 503 error now and then until the cache updates. If you should run into any 503 loading troubles, just leave the browser tab open a little while and try to refresh a few minutes later and you should be good to go.

Interested to see if this was a company-wide redesign, I visited Caseking DE to see how their site looked now. To no surprise, it looks pretty much identical, it just uses Caseking’s blue colour scheme instead of the Overclockers black one.

Overclockers UK is also celebrating the new web design with some great deal. One example on an awesome deal is the 250GB Samsung 850 EVO drive for only £59.99. That deal is only valid today, so hurry over to Overclockers.UK and get yourself a cheap and great new SSD. (Limited to one per customer).

UK E-tailers Taken Offline by DDoS Attacks

Yesterday, UK based e-tailers were the apparent victims of a DDoS attack that took Aria Technology, Novatech, and Scan Computers websites offline. Channelweb reported that Aria Taheri, the owner of Aria Technology said that after the business’s website was down for a few hours in the afternoon they received an email demanding a payment of 16.66 Bitcoins (£2,871.43). In the email, it stated that if they did not pay up that the culprits would try to take down the site for the entire Wednesday. Taheri also said that he understands that the problems being experienced by the companies are from the same DDoS attack, and that the other companies had received ransom emails as well.

Elan Raja III, the director of Scan said, “Scan are aware there has been some disruption in traffic and is investigating the cause”. Interestingly enough, today if you are trying to connect to Scan’s website you will notice that it is now protected by CloudFlare DDoS protection.

Back in February 2013 Aria website was hacked but they caught the people responsible by putting up a reward. Now they are hoping that the tactic will work again and are posting up a £15,000 bounty. So if you know who did the attack it is your time to cash in. The day that the culprits are threatening to attack Aria is their “prime day” where low prices normally drive a lot of business on its site. There will be no ransom paid as that will be sending the wrong message to nefarious parties.

Taheri went on to say, “These kinds of attacks are only designed to affect our website and make it inaccessible. However, [our customers’] information is 100 percent secure as we are PCI DSS compliant which is quite a strict web-security protocol. Also, the website unavailability will last for only a short period – a matter of hours – so the customers can always come back at a later time. We are not going to encourage more of these hackers by giving them Bitcoins, because that would only encourage others to come to us and blackmail us more. The message to the hackers is that I will spend a significant amount of money to bring them to justice. Our track record shows that we have done that before, and based on that track record I am fairly confident we can do that [again].”

Overwatch May Have Accidentally Been Revealed For Consoles

Blizzard has a large catalogue of games, ranging from the hugely successful World of Warcraft (soon to include an expansion pack named Legion) and the latest to the multiplayer online battle arena games (MOBA) Heroes of the Storm. The latest game to be revealed by Blizzard is titled Overwatch and will feature first-person shooter action in objective based arenas. What this means is that you may be running around shooting but your team will always have an objective. While initially slated for release on PC and with a beta coming later this month, it may not be that long until we see it on consoles thanks to some eagle-eyed website browsers.

Spotted by some users and then posted on Twitter, the users noticed that the description meta tag for the website detailed not only it being a team shooter but that it was also for “PC and consoles”.

It may not be that long before we see the game announced for consoles, but that is not to say that PC players will suffer because of this. Blizzard has a history of bringing games to consoles which were first released on PC, such as the hugely successful RPG Diablo 3.

Would you prefer to play Overwatch on your PC or your console? Leave us your thoughts in the comments.

Roaming The Open World Of GTA V Money Generator Scams

Grand Theft Auto is a franchise which has captured the imagination of fans with an engrossing open player world and also regular updates which never fail to entertain. But, with every tech development lays the reality of scammers and hackers who regularly target consumers with the notion of “free” items which are not as generous as they appear to be.

This time around it’s the good old-fashioned money generator scams which are attempting to persuade GTA V players with the promise of free money to be used within the game. So, what are the potential traps for those who stumble onto the wrong site and decide to commit a bit of GTA of their own?

Example – gta5moneyserver(dot)com

This site is in the business of counterfeiting news articles from popular legitimate websites, this is with the aim of touting its own service while convincing consumers of its own credibility. There are problems which are easy to spot; firstly, the articles are badly written which is a red flag in itself; secondly, none of the articles appear on the genuine sites if cross referenced and the formatting is uneven.

OK, let’s imagine I believe this, I don’t of course, that would be idiotic, the perpetrators of the site would need to implement a technique in order to send users free GTA cash. According to them, they have “exploited a cloud server through a very private 264bit encrypted DNS IP”  If a user submits a gamer tag through the site then he/she would be promoted to fill in a scam survey, which has plagued the internet for what seems like forever and a day. You won’t be receiving your coins anytime soon so it’s best to avoid.

All sites purporting to offer free in-game, well, anything, that is not from an official URL address site or provider is in all probability too good to be true. It will either contain a survey, virus or some .exe file which is little more than a fake, it might also ask for personal details which is also to be avoided. Oh, and while you’re at it, avoid any sites which “offer” in game Money, free DLC generators, rank improvements, account unbanning and any kind of DNS code tricks.

These scams will vary in order to seem relevant, but it will be in all likelihood the same outcome.

Thank you malwarebytes for providing us with this information.

Cracking Millions Of Ashley Madison Passwords In Quadruple Quick Time

Signing up to a dating site which offers the platform for affairs while expecting all your data to remain safe looks to be rather stupid, after the many revelations which have been exposed concerning the Ashley Madison website. If the owners thought it could not be embarrassed any further, a cracking team by the name of Cynosure prime, not affiliated with Amazons video service, has cracked roughly 11 million passwords in just 10 days.

They managed this with help from an error implemented by Ashley Madison themselves, this involved breaking the passwords which were secured using MD5 (Message Digest Algorithm) which is a faster algorithm but far less secure than others. Using the second leak of data as a study group, cynosure prime attacked the md5 tokens, the passwords were set to bcrypt which is much more secure and therefore should have been harder to crack. Problem is, cynosure prime found that the commit was changed on the 14th June 2012 to 1c833ec7, this meant accounts could be cracked which had been created prior to this date with “simple salted MD5”.

What was expected to take years to solve only took 10 days to expose such naïve security protocols within Ashley Madison’s tech structure. The era of basic security has long since ended and businesses need to understand the scale of threats which are targeting their valuable data, Mrs Madison won’t be the last to experience such data loss. This should also be yet another warning against the crusade to ban effective encryption which is an essential tool to protect consumers from web-based data theft.

If you have a spare few minutes then by all means take a look at the full detailed explanation of the techniques used to crack the passwords, its worth a read.

Thank you cynosureprime for providing us with this information.

Image courtesy of winknews

WHSmith Contact Us Sends Email To Companies Mailing List

Online shopping is a big thing, and companies like to keep track of what you’re buying and even send you the odd offer here or there, you brought a TV so why not buy a sound system for 20% less? Normally these offers mean we sign up with some sort of password and email combination, and you expect them to store these and be safe. In recent years we’ve seen some sites hacked and their details published online, but today it would seem that WHSmiths has taken it a step further with their contact us form emailing everyone who had registered for magazines with the company!

In a statement, WHSmiths stated that “I-subscribe [the company responsible for their magazine subscriptions] have immediately taken down their ‘Contact Us’ online form which contains the identified bug, while this is resolved”. They stressed in their discussion with the Guardian newspaper that it was “a bug not a data breach”.

The emailed not only included the information such as the person’s name and the message they wished to send but was sent to a large list of contacts, thus exposing their details to a wider than wanted audience.  Some of the earlier messages contained not only their real names and emails but also postal addresses and phone numbers.

With data security at its highest and customers, both paying, and interested parties, worried about the extensive breaches and accidents, will companies soon look at different ways of storing information where these accidents could happen less?

Thank you The Guardian for the information.

Image courtesy of Corporate Marks and Spencers

WikiLeaks Julian Assange Fears he will be “Assassinated”

Let’s for a minute contemplate the appearance of Julian Assange, he looks as if he is attempting to apply for this year’s role of Santa at a shopping centre. He might be slowly losing his marbles considering a few of his comments concerning his stay at the Ecuadorian embassy during an interview with The Times Magazine.

Can I source this link? Noooo, why? Behind a paywall, oh where else can I find a summary, I know, the many sources on the internet of course. Anyway, Julian Assange fears he will be assassinated if he steps onto either a balcony or out the door of the embassy. This is technically possible, although he might need to move further away from the building than that for it to look less obvious. Now for the weird, the following comments are his views on being “droned”

I’m a white guy,” Mr Assange said. “Unless I convert to Islam it’s not that likely that I’ll be droned, but we have seen things creeping towards that.”

I am just going to let that sink in for a sec, he also describes receiving bomb and death threats and he has also not been able to have any fresh air or sunlight for 3 years. His situation could be resolved in the next 2 years by which point his hotel stay at the embassy will be nearer five years.

Julian Assange is controversial yet has, through Wikileaks, been able to expose many a scandal which has included Surveillance and also disgraceful military practices. His situation depends on your viewpoint, many spectators have formed a conclusion that he does indeed have a target on his head, but it’s difficult to quantify his situation, after all, where will he be in 5 years.  Let’s hope he re-enters the world otherwise officials will start charging him per night for his room.

Thank you huffingtonpost for providing us with this information.

99% Of Women Profiles On Ashley Madison Were Fake

Oh, well I am not surprised but here we go, the well reported data breach on dating website Ashley Madison has exposed a wealth of information including a huge proportion of fake profiles.

Impact Team who were the group behind the hack, announced that it was releasing the information in part because Ashley Madison had duped consumers over the male to female account ratio on its website. At the time, the hackers claimed that 90-95% of the accounts on Ashley Madison were male with “thousands” of fake female profiles. It turns out the group were correct but underestimated the figures ever so slightly.

After careful scrutiny of the data in order to verify that 5.5 million female accounts were indeed fake, the information reveals that many accounts were created with a single localhost IP of 127.0.0.1. This was along with thousands of accounts which listed AshleyMadison.com email address as their primary contact point including organized accounts which stated 100@ashleymadison.com, 200@ashleymadison.com and so on.

Another piece of information which is certainly revealing conveys the last log in date a user has checked their inbox, this data is logged by the site even if the user only checks it once. It reveals a huge 20,269,675 men checked their messages while only 1492 woman viewed their inbox. Well, just look at those odds, even Ray Winstone cannot market this appealingly for Bet 365.

I do feel these sites offer the majority a false sense of possibility with reality far less forgiving; it conveys the level of information which can be harvested by third parties if not stored correctly. The irony to all this is that Ashley Madison offered a platform where people could cheat on their other half which is deplorable, yet far less possible than previously thought considering the number of fake profiles.

Thank you extremetech for providing us with this information

Image courtesy of huffingtonpost

DDOS Attacks Reach Record Numbers in Q2 2015

The State of the Internet report from Akamai has revealed an alarming statistic concerning the prevalence of DDOS attacks. Shockingly, there was a 7 percent increase compared to the last quarter and up 132 percent from the same time last year. More worryingly, Q2 2015 contained, 12 “mega attacks” which features a peak of 1,000 gigabits per second and 50 million packets per second. One example lasted a total of 13 hours at 240 Gbps whilst most attacks revolve around a time period of 2-3 hours.

Interestingly, the data pinpoints the main source of DDOS attacks to China followed by the USA. Attackers are prioritizing their focus on online gaming networks and trying to cause utter destruction. More specifically, 35 percent of DDOS victims experienced attacks whilst using a gaming network such as Xbox Live. John Summers, VP of the Cloud Security Business Unit at Akamai said,

“The threat posed by distributed denial of service (DDoS) and web application attacks continues to grow each quarter,”

“Malicious actors are continually changing the game by switching tactics, seeking out new vulnerabilities and even bringing back old techniques that were considered outdated.”

Any DDOS attack is difficult to contest with and they’re starting to become an epidemic. Some websites are hit for political reasons, and others appear to be from vindictive people wanting to leave their mark. Whatever the motive, DDOS attacks are on the rise and a major problem for internet users.

Thank you Digital Trends for providing us with this information.

Hackers Post 10GB Stolen Data as Ashley Madison Stays Online

It has been a while since hackers attacked the online cheating site Ashley Madison where the hackers claimed that they had downloaded pretty much all relevant information about the users from the site. For those who don’t know it, Ashley Madison is an online dating site specifically designed and advertised to married people who want to cheat on their partner. A pure disgrace in my book that a site like that is allowed to stay online, but that is beside the point right now.

The hackers wanted the site to shut down and threatened to release the user data if that didn’t happen. The site didn’t give in to the blackmail as it looks to be a very lucrative operation, even though they’ve exposed for having 90-95% male profiles and most female profiles being faked by the company. I don’t think that women cheat less than men, perhaps they’re smarter about it.

Now the hackers have made good on their promise and released 10GB stolen data that includes not only usernames and emails, but also appears to contain credit card information to pay for the membership as well as many other personal information. While the site doesn’t verify the profiles in any way and it is possible to create fake profiles with any email you wish, it’s still scary how many government email addresses were found in the database.

Avid Life Media, the company behind Ashley Madison, condemned the release of the data with a statement: “This event is not an act of hacktivism, it is an act of criminality. It is an illegal action against the individual members of AshleyMadison.com, as well as any freethinking people who choose to engage in fully lawful online activities. The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror, and executioner, seeing fit to impose a personal notion of virtue on all of society. We will not sit idly by and allow these thieves to force their personal ideology on citizens around the world.”

All the information has been posted to the “Dark Web” that only can be accessed through the Tor browser. It will be interesting to see what new dirt will show up as experts dig through the data and decrypt the parts that were secured.

Thank You Wired for providing us with this information

Facebook Plans to Send Breaking News Alerts with New App

Facebook has taken an interest in the news business for some time and has pushed to take a piece of the market share since then. We’ve seen it deliver the latest breaking news on the social media platform and from what I’ve seen, the news pushed by the social media giant is really spot-on hot. But now, Facebook wants to send the hottest news straight to your phone.

They are said to be working on a new breaking news standalone app, which is still in its early stages. Once the app is released, Facebook says it will ask you to choose what news sources you like, what topics and get all the hottest news from them through push notifications. All news will link back to the original website on which it was published, but getting a 100 character push notification of your favourite news as it gets published really sounds something of a ‘must-have’ to me.

It is said that the app will have a select number of news websites, which is to be expected, but more may be added after it gets released. Since Facebook wanted to take a bite out of the news market, this new app could really bring them a small fortune. Also, having the ability to select and make deals with news websites will surely increase the social media giant’s capital in the long run, while also making a name for itself in the news market.

Thank you The Verge for providing us with this information

Russia Looking Into Blocking Facebook Over Gay Emoji

Russia has been trying to push a lot of western companies out of the country for some time now. After it closed access to Google and Intel back in 2014, the country is now looking to block the world’s most popular social media platform, namely Facebook.

Russian Facebook users have been told to stop using the platform numerous times up until now, throwing a lot of accusations. However, with the addition of gay emojis, the government now believes it has actual proof to build a case that will block the social media for good.

Russian senator, Mikhail Marchenko, called an investigation to check if the emojis in question are violating the Russian anti-gay laws. This is quite interesting, since Twitter and even Apple’s own emoji keyboard come with gay emojis.

The above leads us to believe that Russia might have something personal against the social media platform, but the saddest part is that the government has high chances of succeeding. The country’s Federal Service For Supervision of Communication, Information Technology and Mass Media closed over 10,000 up to date, so blocking Facebook will just be another addition to the latter websites. But how comfortable are you with this decision? Should a few emojis be enough to get a website banned?

Thank you Tech Radar for providing us with this information