ITsecurity
twitter facebook rss

Mystery surrounds the fate of torrent site publichd.se

Posted by Kevin on June 2, 2014

Torrent sites come and go. They come with the promise of substantial revenue and go with the threat or actuality of legal action. Publichd.se is/was a fairly recent arrival, and achieved remarkable success. Now it has suddenly disappeared without a trace or explanation. It arrived towards the end of 2012 and grew first rapidly and […]

Don’t Spy On Us – a day of action

Posted by Kevin on June 2, 2014

A ticket only event hosted by the Don’t Spy On Us campaign at the Shoreditch Town Hall this coming Saturday is already sold out. It’s a day of action to mark the anniversary of Edward Snowden’s first leaked documents. The Don’t Spy On Us campaign, which includes Privacy International, Liberty, Article 19, Open Rights Group, […]

There is no ‘right to be forgotten’; and Google won’t forget you anyway

Posted by Kevin on June 2, 2014

A lot of guff has been written about last month’s ECJ ruling that search engines must abide by European data protection laws. Much of this centres around the world’s media claiming that a right to be forgotten now prevails in Europe. Here are just three examples from the last few days: Google sets up ‘right […]

What’s with the TrueCrypt warning?

Posted by Kevin on June 1, 2014

TrueCrypt, the free open source full disk encryption program favoured by many security-savvy people, including apparently Edward Snowden, is no more. Its website now redirects to its SourceForge page which starts with this message: WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues This page exists only to help migrate existing data […]

More on the Avast breach and the hash used

Posted by Kevin on May 29, 2014

My understanding is that the hash formula used by Avast to store its forum users’ passwords was $hash = sha1(strtolower($username) . $password); This is the formula built into the SMF open source forum software used by Avast. It is both good and bad. It confirms that the hash was salted (with the user’s username); but […]

Avast forum hack demonstrates we need password storage disclosure

Posted by Kevin on May 29, 2014

A blog post early this morning by Avast Software CEO Vince Steckler announced The AVAST forum is currently offline and will remain so for a brief period. It was hacked over this past weekend and user nicknames, user names, email addresses and hashed (one-way encrypted) passwords were compromised. AVAST forum offline due to attack Avast’s […]

Antipodean iOS ransomware

Posted by David Harley on May 28, 2014

Wherever you live, now is the time to take advantage of Apple’s 2FA for Apple ID credentials.

Hector (Sabu) Monsegur to be sentenced while Hammond sits in prison

Posted by Kevin on May 26, 2014

A common cry in Anonymous circles is ‘Free Jeremy Hammond; Fuck Sabu’. Jeremy Hammond is currently serving a ten-year prison sentence for his involvement in the Stratfor hack. Sabu (real name Hector Xavier Monsegur) will be sentenced tomorrow for his role in Lulzsec and many other hacks. He is expected, on FBI request, to walk […]

The eBay hack, the loss of 140 million records, and the PR fiasco

Posted by Kevin on May 24, 2014

There are two functions to PR: the first is to shout the good news from the hilltops, while the second is to bury the bad. When bad news hits, PR says very little. Bad news has hit eBay. It admitted Wednesday that it had been hacked – but it actually gives very little information. This […]

The Master Troll, Weev, delivers a masterpiece of trolling

Posted by Kevin on May 21, 2014

It is always a pleasure to see a master at work; and Andrew Weev Auernheimer is not known as a master Troll without good reason. He was arrested, charged with hacking AT&T, sentenced to three years in prison, and eventually released after the case against him was thrown out on appeal. See here for background. […]