An anonymous reader quotes KrebsOnSecurity: On Thursday, a Ukrainian man who hatched a plan in 2013 to send heroin to my home and then call the cops when the drugs arrived was sentenced to 41 months in prison for unrelated cybercrime charges. Separately, a 19-year-old American who admitted to being part of a hacker group that sent a heavily-armed police force to my home in 2013 was sentenced to three years probation. Sergey Vovnenko, a.k.a. “Fly, ” “Flycracker” and “MUXACC1, ” pleaded guilty last year to aggravated identity theft and conspiracy to commit wire fraud. Prosecutors said Vovnenko operated a network of more than 13, 000 hacked computers, using them to harvest credit card numbers and other sensitive information… A judge in New Jersey sentenced Vovnenko to 41 months in prison, three years of supervised released and ordered him to pay restitution of $83, 368. Separately, a judge in Washington, D.C. handed down a sentence of three year’s probation to Eric Taylor, a hacker probably better known by his handle “Cosmo the God.” Taylor was among several men involved in making a false report to my local police department at the time about a supposed hostage situation at our Virginia home. In response, a heavily-armed police force surrounded my home and put me in handcuffs at gunpoint before the police realized it was all a dangerous hoax known as “swatting”… Taylor and his co-conspirators were able to dox so many celebrities and public officials because they hacked a Russian identity theft service called ssndob[dot]ru. That service in turn relied upon compromised user accounts at data broker giant LexisNexis to pull personal and financial data on millions of Americans. Read more of this story at Slashdot.
Archive for February 19th, 2017
An IBM security researcher recently discovered something interesting about smart cars. An anonymous reader quotes CNN: Charles Henderson sold his car several years ago, but he still knows exactly where it is, and can control it from his phone… “The car is really smart, but it’s not smart enough to know who its owner is, so it’s not smart enough to know it’s been resold, ” Henderson told CNNTech. “There’s nothing on the dashboard that tells you ‘the following people have access to the car.'” This isn’t an isolated problem. Henderson tested four major auto manufacturers, and found they all have apps that allow previous owners to access them from a mobile device. At the RSA security conference in San Francisco on Friday, Henderson explained how people can still retain control of connected cars even after they resell them. Manufacturers create apps to control smart cars — you can use your phone to unlock the car, honk the horn and find out the exact location of your vehicle. Henderson removed his personal information from services in the car before selling it back to the dealership, but he was still able to control the car through a mobile app for years. That’s because only the dealership that originally sold the car can see who has access and manually remove someone from the app. It’s also something to consider when buying used IoT devices — or a smart home equipped with internet-enabled devices. Read more of this story at Slashdot.
Freshly Exhumed quotes Hackaday: The famous HAARP antenna array is to be brought back into service for experiments by the University of Alaska. Built in the 1990s for the US Air Force’s High Frequency Active Auroral Research Program, the array is a 40-acre site containing a phased array of 180 high-frequency antennas and their associated high-power transmitters. Its purpose is to conduct research on charged particles in the upper atmosphere, but that hasn’t stopped an array of bizarre conspiracy theories. A university space physics researcher will actually create an artificial aurora starting Sunday (and continuing through Wednesday) to study how yjr atmosphere affects satellite-to-ground communications, and “observers throughout Alaska will have an opportunity to photograph the phenomenon, ” according to the University. “Under the right conditions, people can also listen to HAARP radio transmissions from virtually anywhere in the world using an inexpensive shortwave radio.” Read more of this story at Slashdot.
The RSA Conference “is perhaps the world’s largest security event, but that doesn’t mean that it’s necessarily a secure event, ” reports eSecurityPlanet. Scanning the conference floor revealed rogue access points posing as known and trusted networks, according to security testing vendor Pwnie Express. storagedude writes: What’s worse, several attendees fell for these dummy Wi-Fi services that spoof well-known brands like Starbucks. The company also found a number of access points using outdated WEP encryption. So much for security pros… At least two people stayed connected to a rogue network for more than a day, according to the article, and Pownie Express is reminding these security pros that connecting to a rogue network means “the attacker has full control of all information going into and out of the device, and can deploy various tools to modify or monitor the victim’s communication.” Read more of this story at Slashdot.
After years of work, a fan has finally completed a MAME version of Atari’s unreleased game Primal Rage II this week, one more example of the emulator preserving digital history. Long-time Slashdot reader AmiMoJo quotes MAME.net: Way back in 1997, Nicola Salmoria merged a few stand-alone arcade machine emulators into the first Multiple Arcade Machine Emulator. Could he have possibly imagined the significance of what he’d built? Over the past two decades, MAME has brought together over a thousand contributors to build a system that emulates more machines than any other program. But MAME is more than that: MAME represents the idea that our digital heritage is important and should be preserved for future generations. MAME strives to accurately represent original systems, allowing unmodified software to run as intended. Today, MAME documents over thirty thousand systems, and usably emulates over ten thousand. MAME meets the definitions of Open Source and Free Software, and works with Windows, macOS, Linux and BSD running on any CPU from x86-64 to ARM to IBM zSeries. A 20th-anniversary blog post thanked MAME’s 1, 600 contributors — more than triple the number after its 10th anniversary — and also thanks MAME’s uncredited contributors. “if you’ve filed a bug report, distributed binaries, run a community site, or just put in a good word for MAME, we appreciate it.” I’ve seen MAME resurrect everything from a rare East German arcade game to a Sonic the Hedgehog popcorn machine. Anybody else have a favorite MAME experience to share? Read more of this story at Slashdot.
“For many disabled residents, who may spend 12 hours a day or more in Second Life, the most important moments and relationships of their lives happen inside the virtual world, ” reports Backchanel. “For them, the fevered fantasies of a decade ago have become reality: Second Life is where they live.” mirandakatz shares this article: Wagner James Au, who has written extensively about Second Life, estimates they may account for roughly 20 percent of users. Some active members estimate the number higher — at as much as 50 percent… Abundant research shows imagining movement, without actually moving the body, can have positive effects on motor skills, balance, and learning… Studies suggest the therapeutic benefits of virtual reality extend beyond movement disorders — to chronic pain, cognitive functioning in people with ADHD and PTSD, and social skills for people on the autism spectrum. The article describes a 90-year-old former nurse, now living in a retirement community, who’s spent eight years living in a Second Life archipelago called “Virtual Ability Island” with over a thousand other members. “Watching her avatar hike trails and dance gave her the confidence to try things in the physical world that she hadn’t tried in a half decade — like stepping off a curb or standing up without any help.” Read more of this story at Slashdot.