Remove Ubuntu Grub Bootloader From Windows! Computer Desks & Battlestations, Sync Folders Fast!!Read More
Scooters are being hacked! Make sure you’re resetting your ad ID, but does it do anything? And Australia’s parliament has some hacks to deal with! All that coming up now on ThreatWire. #threatwire #hak5Read More
There are rare occasions when I actually feel like pulling out a pencil and paper (or my digital notepad), and writing a few paragraphs about something that I feel emotionally invested in or about.
A friend of mine posted a link to a reddit post yesterday, which featured a bunch of nude photos of celebrity women. I chose not to click on any of the photos, mostly because I like to live life without corrupting every last remaining minute.
It really got to me. And I ranted about it on twitter, and for the most part people were in agreement. But a few folks sent me the obligatory 'well, they shouldn't have put naked photos on the internet' type of messages.
I hope I can change their views within a few paragraphs.
Let's take a step back. Someone on the interwebs hacks a company's servers and finds all sorts of private things on it. Thousands upon thousands of files, most likely. And they snoop through said files in the hopes of finding something delicious. The moment arises, in the shape of a nude female figure, a celebrity in fact! Of course, they can't keep that information to themselves, no. Somehow these photos get 'leaked' online, to be shared, forever, with anyone who wants to see them.
The person gets his (or her) moment of glory! Everyone objectifies the women featured in the private photos, and thanks the hacker for their easy fap session.
But no one really thinks about the woman. Obviously, she made a mistake. She put her trust in a company, to keep her information safe. She assumed everything was okay. Maybe she was social engineered into giving out her info, along with several other celebs. (But that seems like a lot of hard work, and I like to think all those women have enough brains to know when something is shady). Or, maybe she just didn't know how to use the backup service, or forgot she signed up for it. Maybe it was a brute force attack. Who knows?? I certainly don't blame them. Everyone makes mistakes. Maybe they forgot their photos are still around! All of a sudden, probably without any hints, those private moments are now free and available to an epic fuck ton of humans across planet Earth.
Leave the celebrity bit behind for a second. Put yourself in her high heels. Men, I know it's a little hard to express any form of empathy for some, but take a moment and think about how that would impact your life. Maybe you wouldn't care, but would your wife? Your sister? Your children? Your boss? Would it embarrass you? Would you feel ashamed? Proud? Where is the humanity? What if that was your sister? Your wife?
Digging into a person's personal life such as this, doesn't just go away. Uncovering such personal information can destroy a person. Not just their career, or their relationship. It can eat away at them, year after year, never ending. People may meet them sometime in the future and constantly be reminded of the photo they saw on Reddit, or the tabloid where they read about a surgery or whatever it may be.
So, who do I blame? Well, I don't know who found a security flaw in an online cloud service, but exposing a bunch of women, objectifying them to a large degree, is not the way to fix an issue. Sure, it brings light to a bigger flaw, but victimizing lots of women based on getting a flaw fixed is NOT the way to do it. I'm sure that moment got a bunch of laughs from the person behind the attack, but I wonder if they'll still feel proud of themselves when one of those women loses her role in a movie, gets dumped, or (let's hope not) commits suicide (yes, people do kill themselves because they can't escape the pain of being bullied). Maybe she'll go to therapy? We won't know, because their strength and courage in front of a camera won't falter. THEY ARE ACTORS. I blame him/her for not directing their findings to the company who had the security flaw.
And I blame the company, even more so if they WERE notified. Had they fixed the issues, maybe photos wouldn't be leaked (or the pervert still could have, if they saved them all or still had access). I blame the company for making so many feel safe, when consumers (including celebrities) go along with what they are told.
I guess I'll just end this with a TLDR version:
Don't blame the women, they shouldn't be the story here. The story is some cloud service has been exposed as being insecure in yet another security breach, and someone decided to announce it in a rather shitty way.
Photos and lewd gossip spread like wildfire on the Internet. Once it's there, it's there. Do yourself a favor and DONT take part in the action because it makes you look like a jerk. DMCA notices are a very handy tool, and I hope these women take advantage of that, to hopefully remove some of the slander to their names. Eventually it'll die down, people will move on, but they'll still be reminded of it constantly.
Next time you see a tabloid in the grocery store, don't laugh at those that are being gossiped about. Put yourself in their shoes for a moment. The results may astound you.
I turned off comments, because I hate trolls. However, please do some further reading here.
*I wrote this at 1am Sunday night. So if some exposure of how the breach was done has been publicized since then, I didn't mention it.
I get asked this question a lot. Like, a WHOLE LOT. Every day.
"What laptop do you use on your show?" or "What laptop do you recommend?"
So I'm writing this blog to answer the age old question about Shannon's laptop.
When it comes to Linux distros, my laptop of choice for 3 years has been a small notebook called an Acer TimelineX with an old 3rd gen i3 processor. I have been using this one for my Hak5 segments for several years. It's very small (I believe 11 inches), compact, and takes a bit of a beating. I've loaded several operating systems on it and it still works to this day. I'm currently thinking about updating to a slightly larger laptop with better battery life and a larger screen / keyboard, though. While this laptop works like a charm for simple processing, it IS old and a bit too small.
I'm thinking about upgrading to the Dell XPS 13 Ultrabook. It's got an updated processor, high resolution, it's 13 inches but still weighs around 3 pounds (pretty good for toting back and forth from work) and it's damn pretty. I'd probably choose the i3 / non-touch / Windows 7 version because honestly, you don't need touch for playing in the terminal. It's also more expensive than a notebook. With that upgrade will be a price point of at least $1049.99... so there's that.
Here's another one to consider if you're wanting high-end and Apple. A Macbook Air. While I prefer the usefulness of a Windows machine that can ultimately dual boot to a Linux system or vice versa (both needed for my career, and I also grew up with Windows so I know it much better), the Mac line actually derived from the same place as Linux. Why do you think you see so many Macbooks at DEFCON? It IS an option for hackers, but personally not my first choice.
My last choice (and recent favorite) has been the new Acer Aspire S7. Disclaimer: Acer has sent me this model for long-term review. It's an expensive machine, and quite beautiful. This one runs Windows 8 and has a top-of-the-line battery, screen resolution, and processor. It's also very lightweight at under 3 pounds. I currently use this ultrabook for my podcasts on screen and I've gotten very used to the Win8 interface and touchscreen.
I have used all of these machines and I love them all. Eventually new lines will come along and take their place but if you are in the market for a laptop these have been my go-to choices. Obviously they are quite pricey (which is why I haven't upgraded!) and there are cheaper options on the market. Consider your own criteria before buying. What brands you trust, what is important to you (in the day and age of cloud computing, 1TB drives aren't needed for my own ultrabooks), and where will you be going with your laptop.
Oh, and I wasn't paid for this blog, just FYI. These are all my opinions.
This week we are checking out more expansion commands with nesting and parameters.
This time on HakTip, Shannon covers the echo command and its various uses.
This week on Haktip, we are checking out pipelines and their abilities in the terminal.
Every week, I learn something new about the Linux Terminal. And every week I'll share it with you!
This time on the show we're tunneling our traffic through multiple servers with proxychains. Plus, safe password keeping and Active Directory authentication for Linux. All that and more this time on Hak5.
This time on the show, using One-Time-Passwords in Linux for SSH authentication. We cover the theory and set up our server with a Yubikey. Plus, relay'ing without GatewayPorts, easily edit Known_Hosts, Free SSHFS in Windows and a ton more, this time on Hak5!
Continuing with SOCKS5, SSH, Public Key Pairs and fingerprints, Darren and Shannon use SSH to create a secure remotely mounted network filesystem with implementations in both Windows and Linux.
This time on Hak5, we begin a special series on proxies. Caching, filtering, security or anonymity -- whatever your reasons may be, Darren and I are exploring the ins and outs of this great technology from the ground up. All that and more!
This time on the show, automating interactive tasks in Linux, preventing your browser sessions from being tracked, graphical command-line disk usage utilities, and pushing hex over TCP with Echo. All that and more, this time on Hak5!
Watch it here!
This time on the show we’re Breaking into Windows boxes with no skillz necessary using Konboot for USB, Spear-Phishing with a WiFi Pineapple, Sudo with pipes in Linux and downloading torrents anonymously
This time on an unorthodox Hak5, producers Darren and Paul venture to Las Vegas for the NAB Show and see what the National Association of Broadcasters are up to. We find HD video mixers for under a grand, 3G and 4G bonding solutions for live streaming on the go, HDMI field recorders, extreme sports cameras and some 30 foot jibs we can’t afford or house but still want anyway. This is our technolust!