Meddling

It would’ve worked, too, if it weren’t for those meddling kids!

There are 614 posts filed in Meddling (this is page 24 of 62).

Stolen Target Credit Cards and the Black Market: How the Digital Underground Works | The State of Security

This is a fascinating account of what’s happening with those 40 million credit cards that were recently stolen from Target.

With the Target data breach, many are wondering how criminals can profit from the use of the stolen credit cards. The card holders themselves will not be responsible for any of the charges, so how is it that criminals are able to make money from stolen credit cards?I have been involved with several cases where organized crime rings have been unveiled, many of these have had connections to Russian and Eastern European groups. These groups generate a significant profit through stolen property acquired through burglaries, shoplifting, identity theft, credit card skimming and carding. Many underestimate the complexity of some of these networks and the revenue they generate.

via Stolen Target Credit Cards and the Black Market: How the Digital Underground Works | The State of Security.

Former UNC-Chapel Hill professor indicted in academic scandal

Orange County District Attorney Jim Woodall has charged former UNC professor Julius Nyang’oro with obtaining property by false pretense for accepting money for a class he didn’t teach.

Julius Nyang’oro, the former chairman of the Department of African and Afro-American Studies at the University of North Carolina at Chapel Hill, was indicted Monday by an Orange County grand jury on a charge related to an academic scandal at the school.

Nyang’oro could face up to 30 months in prison if he is convicted of obtaining property by false pretense, which is a felony. Investigators said he accepted $12,000 for teaching a class that never happened.

The university reclaimed the money through garnishment of his final paycheck.

While I am mad as anyone that UNC condoned cheating, I think the false-pretense charge is ridiculous. You would have a harder time convincing me that UNC didn’t know this was going on, that UNC wasn’t fully aware of what Nyang’oro was doing, than convincing me that Nyang’oro somehow hoodwinked the university. These things don’t happen in a vacuum. The professor has done this work many times before with no compensation. It was the university’s idea to pay him this particular time and by then it should have been “caveat emptor.”

Again, I can’t stand cheaters and I think the book should be thrown at UNC for their misdeeds. However, this charge won’t result in justice. It will result in quite an interesting trial, though, as Nyang’oro and his attorney summon some very uncomfortable witnesses to testify at his defense.

via Former UNC-Chapel Hill professor indicted in academic scandal :: WRAL.com.

Blog Crossed Buns: Deconstruction of a Hack

Last week, I noticed an attack against my webserver very similar to this one. It doesn’t appear to have been successful, which is good.

Like any fellow server maintainers out there, I know that I will occasionally be the target of an anonymous persons ire. This week it was my turn. I run an Apache server with PHP for my personal projects, nothing important. I also run a number of apps to help me manage my server, like BASE to monitor my snort logs overkill for a personal server, yes I know, and phpMyAdmin to manage the database portion.

I made the mistake of thinking that one of my apps was secure, and the further mistake of not updating it to the most recent version of an app. I blame my busy schedule with school and work for not keeping it more up to date. Today, phpMyAdmin was the culprit.

via Blog Crossed Buns: Deconstruction of a Hack.


Update: Here’s code similar to that which someone attempted to post to my site. And here’s another site which got hit in a similar way.

A liberal plant

I joined a Facebook group for Desert Storm Veterans a while back, fascinated by the old war photographs veterans were sharing. Lately, though, a few right wingers were posting trollop from Glenn Beck and Rush Limbaugh, as if this was of interest to everyone. I was about to loudly complain to the group moderator or even considering leaving the group when I saw the moderator’s pinned post at the top of the page:

This is not a sales group anyone trying will be banned….This is also a Free Speech Zone and it will not be sensored [sic.]

Well if the wingnuts are going to post right-wing bullshit in the group then I’m going to counter it with some left-wing nuggets of truth. For every dumbshit post from World Net Daily I’ve been posting some liberal counterpoint.
Continue reading

NSA infiltrates links to Yahoo, Google data centers worldwide, Snowden documents say

Eric Schmidt spoke out about this NSA spying today.
GOOGLE-CLOUD-EXPLOITATION1383148810

The National Security Agency has secretly broken into the main communications links that connect Yahoo and Google data centers around the world, according to documents obtained from former NSA contractor Edward Snowden and interviews with knowledgeable officials.

By tapping those links, the agency has positioned itself to collect at will from hundreds of millions of user accounts, many of them belonging to Americans. The NSA does not keep everything it collects, but it keeps a lot.

via NSA infiltrates links to Yahoo, Google data centers worldwide, Snowden documents say – The Washington Post.

The NSA isn’t the only one who’s tracking your websurfing

TigerDirect_Facebook_ad
I did some searches on TigerDirect’s website for some solid state drives. Lo and behold, Facebook presents me with an advertisement from TigerDirect for … wait for it … solid state drives!

This isn’t the first time I’ve seen an eerily similar ad from TigerDirect (and others) show up on my Facebook page. This kind of thing happens all the time on the web: private companies track your every move. Your online purchase and websurfing information gets stored and correlated in a marketing database. You almost can’t visit a website without being tracked in some way.

No wonder the NSA can’t resist vacuuming up information from American Internet companies.

Obama May Ban Spying on Heads of Allied States

How nice that President Obama is contemplating the end of spying on friendly foreign leaders. I’m glad that German Chancellor Angela Merkel will soon enjoy freedom from NSA spying. Now, what does it take for millions of law-abiding American citizens to get the same deal?

WASHINGTON — President Obama is poised to order the National Security Agency to stop eavesdropping on the leaders of American allies, administration and congressional officials said Monday, responding to a deepening diplomatic crisis over reports that the agency had for years targeted the cellphone of Chancellor Angela Merkel of Germany.

via Obama May Ban Spying on Heads of Allied States – NYTimes.com.

Police Protective Fund still suckering people

A friend posted a list compiled by Tampa Bay Times of America’s worst charities today so, knowing there’s a special place in Hell for scumbags who rip people off in the name of charity, I decided to check it out.

Lo and behold, spot number twenty was held by one of my favorite charities, the Police Protective Fund (PPF). You may recall I profiled the Police Protective Fund back in 2008 after I got a call from a solicitor seemingly trying his best to sound like a police officer.

According to tax records, PPF raised about $50 million from 2001 to 2010. Of that, roughly $15 million went to pay its solicitors. Oh, and as for the first responders PPF claims to assist, those brave men and women received $260,000 over that timeframe. That’s about $29,000 a year.

What most people don’t know is that the Police Protective Fund is a North Carolina corporation with its registered office at a corporation service on Hillsborough Street. I wonder if our fine attorney general would like to check these folks out. After all, they want to help cops, right? Why not help our state’s top cop investigate them for possible fraud?

70.3 million French phone records, 30 days: US envoy summoned after new NSA report draws ire

Here’s a story on the outrage expressed by our allies regarding NSA spying. What the article doesn’t mention is that these countries also engage in exactly the same kind of spying, against the US and other countries. In light of this, their protests ring a bit hollow.

The U.S. National Security Agency swept up 70.3 million French telephone records in a 30-day period, according to a newspaper report Monday that offered new details of the massive scope of a surveillance operation that has angered some of the country’s closest allies.

via 70.3 million French phone records, 30 days: US envoy summoned after new NSA report draws ire – The Washington Post.

Your D-Link router may have a backdoor

Another example that if you don’t own the source code to your software, you can’t be fully sure what it does.

A curious computer security professional published findings Saturday that deconstructed the firmware code for some D-Link router devices and discovered a backdoor built directly into the code. By changing the user-agent in a web browser to “xmlset_roodkcableoj28840ybtide,” a user could bypass the security on the device and get online or control the higher functions of the router.

via Your D-Link router may have a backdoor | The Raw Story.