Follow-Up

There are 521 posts filed in Follow-Up (this is page 29 of 53).

Weatherford Drive burglary suspects identified

Bango Eninnaya


I heard back from Raleigh Police on the Weatherford burglary suspects. The two suspects are Bango Benjamin Enyinnaya, age 16, of 2334 Keith Drive in Raleigh; and Tyler Gregory Edwards, age 19, of 1317 Hazelnut Drive in Raleigh. Enyinnaya was charged with Felony Breaking and/or Entering, Larceny After Breaking/Entering, and Felony Probation Violation. Edwards was charged with Felony Breaking and/or Entering and Larceny After Breaking/Entering.

Tyler Edwards


Both Enyinnaya and Edwards have criminal records for breaking-and-entering. It seems around Thanksgiving of last year the two decided to go on a burglary spree. Edwards has a longer rap sheet, including an arrest in Charlotte for marijuana possession in August of 2010. He was arrested most recently on April 25th on a Failure to Appear charge.

No word on how many other burglaries these two are tied to. Raleigh Police tell me the vehicle did not belong to either suspect but was one that they had access to. That might explain the parade of strangers through our neighborhood following the break-in, returning to find the car.

Burglars busted!

Friday evening, I learned from my neighbor that two suspects who allegedly broke into my neighbor’s house have been arrested. I knew it wouldn’t take long, since the hapless burglars had fled on foot and left their getaway car in the driveway. Rumor has it that at least one of the kids was arrested when he was caught when he was breaking into another home.

Friday afternoon, I took note of a strange car making a loop down Weatherford Drive. There was a young kid in the middle of the back seat and it looked as if he were being chauffeured around. I remember from our own break-in a few years ago that police detectives will drive burglary suspects around to the homes the suspect might have burglarized, giving the suspect the opportunity to own up to each break-in. I don’t know if this is what was taking place with this kid but it made me wonder.

I haven’t heard back from my police contacts about the details of the arrests. If I get those details I’ll post them here.

Update 1:15 PM: Info on burglary suspects is here, courtesy of the Raleigh Police Department.

Computer Security Session 1: Passwords, Overview

In light of LinkedIn’s password disaster, I found this advice on choosing passwords to be very helpful:

Passwords are like housekeys for computer services. They are intended to be secrets that allow you to access resources, but deny access to others.

Here are some questions to ask yourself about passwords:

What are the passwords protecting?

If one password is breached how many other computer services become vulnerable?

Who else knows your passwords? How much do you trust them?

What services have your passwords? How much do you trust them?

How many passwords do you have to manage?

How do you manage your computer passwords?

via Computer Security Session 1: Passwords, Overview « KW FreeSkool.

A world without secrets

I felt compelled to read up on a recent email thread on the Triangle Linux User Group list that discussed the recent LinkedIn password fiasco. While the discussion didn’t really tell me anything I didn’t already know, it did get me thinking.

I decided that LinkedIn could be cut some slack for their outdated notions of what constituted password security, because the truth is that 99.9% of us also hold outdated notions of password security. That is, the vast majority of us still believe in password security when in fact there is no such thing!
Continue reading

Wade CAC getting back on track

Remember that neighborhood crisis I mentioned earlier? Well, last night was the night of the first “special meeting” to try to get the CAC back on track. Neither Dwayne Patterson and Luis Olivieri-Robert from the city’s Community Services department nor I had any idea how many members would attend the meeting, held at the Unitarian Church. It turns out that around 70 people showed up, which isn’t too shabby for a week’s notice.
Continue reading

More on the LinkedIn password breach

I found this analysis from a fellow network security geek in the UK to be quite interesting:

…which lends a little weight to the theory that the file primarily contains hashes which some script kiddie could not crack with basic tools, and hence makes us wonder what he’s done with all the ones which he did crack – and how much of the LinkedIn corpus that would represent?

He’s got a point. So many tools exist to easily crack these password hashes. I just tried hashcat on them using the standard Ubuntu dictionary file and cracked 20,000 of them in seconds using just my lowly laptop. So why would the hacker pretend to need help cracking them? Why post to a hacker forum where one is certain to face ridicule?

This leads me to speculate that the hacker is either enormously clueless or (perhaps more likely) aiming to embarrass and/or blackmail LinkedIn. Was this a staged demonstration of a hacker group’s power to disrupt a high-profile site? A warning to others, like Facebook and Google?

Another amusing aside is that just yesterday I used LinkedIn to send a message to a stranger who might know an old friend of mine. I tried several times to leave my email address in LinkedIn’s contact message but finally gave up: LinkedIn’s anti-spam measures are quite clever and blocked every iterations of email address obfuscation that I tried.

It’s amusing that LinkedIn can be so good at blocking spam to its users while being so bad on keeping their accounts secure!

LinkedIn password leak is confirmed

I did some hunting for the password hash list which reportedly includes the passwords of 6.5 million accounts. After downloading the file, I did a quick search on my password “tXrNNb706+” (which has since been changed, duh):

grep -n `echo -n tXrNNb706+ | shasum | cut -c6-40` hacked.txt

This spit out the following:

4096152:b0a6f8fba1a954de7d60bf4dbc3805d1056cf443

Boom! My hash appears on line 4,096,152. Yikes!! It’s a good thing I use unique, strong alphanumeric passwords for all of my accounts! That password was only used for LinkedIn, so I know the hash list was collected from LinkedIn.

But why is this file only 6.5 million hashes, if LinkedIn has over 161 million users? My guess is that an exploit was placed on the LinkedIn servers during a certain timeframe and during that time it collected the hashes of these 6.5 million users. My compromised LinkedIn password was last changed in December 2011, about six months ago.

The whole incident has given me reason to rethink the password problem, and the problem of authentication, to see what better methods exist for proving identity in a digital world.

Bonus link: read this detailed analysis on YCombinator (warning: heavy geek quotient).

House Creek Greenway opening in September now

I got the word about why Raleigh’s much-anticipated House Creek Greenway will be opening in early September now, rather than the July 19th I had initially mentioned. The delay comes as a result of the contractor needing to put up over 3,000 feet of railing along the top of the retaining wall.

House Creek Greenway covers some challenging topography. It’s a big project that has been anticipated for many years. While it would be great if it was open now, another few months are worth the investment to get it right.

NC Considers Making Sea Level Rise Illegal

My friend Scott Huler takes down the attempt by coastal developers and the Republican leadership in North Carolina General Assembly to pretend climate change doesn’t exist.

According to North Carolina law, I am a billionaire. I have a full-time nanny for my children, I have won the Pulitzer Prize, and I get to spend the entire year taking guitar lessons from Mark Knopfler. Oh, my avatar? I haven’t got around to changing it, but by law, I now look like George Clooney. There’s also a supermodel clause, but discussing the details would be boasting.

You think I’m kidding, but listen to me: I’m from North Carolina, and that’s how we roll. We take what we want to be reality, and we just make it law. So I’m having my state senator introduce legislation writing into law all the stuff I mentioned above. This is North Carolina, state motto: “Because that’s how I WANT it to be.”

via NC Considers Making Sea Level Rise Illegal | Plugged In, Scientific American Blog Network.

NC Democratic party votes to keep Parker

I have to say I’m totally flabbergasted by the North Carolina Democratic Party’s SEC vote to reject David Parker’s resignation. It’s a total farce.

As my friend Perry pointed out, never before has the party held a vote to reject a resignation. On the face of it it seems to me that the motion would be out of order.

I am concerned that Parker appears not to be keeping his word to step down. I’m also concerned that the vote of 269-203 show a deep division in the party. How could anyone in the party choose to support such a divisive leader (and I use that term loosely)?

As time passes, my thoughts on Parker’s trainwreck of a press conference have only been reinforced. As I said before, I have no idea whether or not sexual harassment took place. What I do know is that Parker’s explanation was so much bullshit. At best, he’s an aloof leader who failed to properly vet and supervise his employees. At worst he’s a baldfaced liar, a loose cannon who perhaps even protected a sexual predator. Neither option evokes confidence.

And for the Parker supporters to claim that others are attacking him is ridiculous. He’s the boss of the party; the buck stops with him. He’s the captain of the ship and with that authority comes responsibility. If the ship wrecks, it doesn’t matter whether he was paying attention or not, it’s his fault, period. There is no one else to blame.