Hackers |

Why Would Zuckerberg Cover His Mac’s Cam and Mic with Tape?

Mark Zuckerberg speaking at F8 Facebook’s founder Mark Zuckerberg may have just unwillingly unveiled some of his privacy protection techniques in a recent image celebrating the 500 million user milestone for Instagram.

In the photo, it is quite evident that Zuckerberg placed tape over his Macbook’s webcam and jack microphone. Plus, he doesn’t use Microsoft’s Outlook as an email client but Mozilla’s Thunderbird.

Cyber security experts explained that the Facebook CEO is far from paranoid. In fact, hackers can take over a computer so they are able to “see” through its webcam and “hear” through the microphone everything you do or say.

Experts recommend Zuck’s tactics as a Security 101 against hackers.

Yet some netizens suggested that the laptop might not be his which is highly unlikely since Zuckerberg had admitted that he doesn’t usually work in a fancy office but along with his staffers on the floor.

So, if the Macbook is his this means that even the Facebook boss is overly concerned about his privacy.

According to Snowden leaks, the U.K.-based Government Communications Headquarters (GCHQ) ran a surveillance program dubbed the Optic Nerve which captured the faces of millions of Yahoo chat users through their webcams.

FBI head James Comey admitted earlier this year that he too secures his laptop’s camera with tape. But because Zuckerberg now does it too, Facebook users may become alarmed that the rumors that Facebook may spy on them may be real.

A few weeks ago, Facebook had to dismiss accusations that it eavesdrops on its users’ phone conversations through the microphone to better target advertisements.

Security experts explained that cyber criminals can easily infect a vulnerable system with malware such as trojans which can take control over the computer’s camera, microphone and even keyboard.

Users can protect themselves through anti-virus solutions, firewalls and staying away from suspicious e-mail messages asking them to access a link. Desktop users can also unplug the camera. But laptop users have only tape or stickers on their hands.

You can also buy special stickers from The Electronic Frontier Foundation’s website. The EFF is a non-for-profit group that advocates for digital rights such as privacy and personal freedom on the Internet.

Yet in Macbooks’ case, users should be prompted if their camera is on through a green light. But hackers can bypass that system too, experts caution.
Image Source: Flickr

$25K from Pornhub to Hackers

By Leave a Comment

Pornhub to Hackers: Who’s in for $25K?

From Pornhub to hackers: “Who’s in for $25K?”

Tuesday, the popular pornography site Pornhub disclosed a hackers bounty program for site bug hacker hunting. Many jokes come to our mind, but the $25K figure is a money cold bucket of reality.

The site, owned by MindGeek, a Canadian private company, will pay ethical hackers dubbed white hat hackers to find vulnerabilities in their site and report the cracks to the administrators.

This program is being run on HackerOne, a start-up company capitalizing on bug bounty. The company began with Facebook and is now operating similar bug-finding programs for General Motors, Twitter, Dropbox, Yahoo, Uber and, you’ll never guess who else – yes, the United States Department of Defense.

Other security problem detection programs like HackerOne are gaining momentum because they can offer outside help for the internal teams working with code.

Synack and Bugcrowd are two of the companies running this type of programs. They work for sharks like Adobe, Snapchat or Square. Heavyweight tech companies like Microsoft and Google have also turned to bounty programs, but they have used their internal platforms for it.

Following the example of the “major tech players”, Corey Price, the vice president of Pornhub stated that they too want to tap into the existing hacking talent as a measure of precaution. This program would mean an addition to their development and security teams.

The bounty rewards range from $5 to $25.000. To receive the prize, hackers must report and detail the vulnerability with screenshots and code. This reporting should be, of course, disclosed only to the Pornhub admins.

More rules say hackers will not interrupt the porn service of the adult entertainment website, will not use automated tools, and the bug should be reported 24 hours after its discovery.

It would take the security team up to a month to reply and depending on the complexity of the bug, up to three months to fix it.

With 60 million – wait for it – daily visitors, Pornhub is the second most popular pornographic site in the world. Yes, almost 1% of the world is accessing this porn site alone, daily. No wonder they’re taking all the available help there is.

They’ve also been the target of someone’s malware before. An advertising malicious scheme attacked the site in November 2015. They recovered and learned from the mistake.

Now, who’s first to crack, not the porn site, but a joke on this $25K from Pornhub to hackers news?

Image source: Wikimedia

Linux’s Bug Leaves the System Vulnerable

By Leave a Comment

Someone can access your system simply by hitting backspace.

Choosing the right OS for your computer can be quite a pain in the neck. There are quite a lot of them out there, each one with its own pros and cons. Some of us would look forward to Windows’s stunning graphics and amazing performances while others search for functionality. Whatever you’re looking for (apart from the droids!), Linux seem to be the perfect solution. Only thing is that Linux’s bug leaves the system vulnerable to hacker attacks.

Recently a group of techies, hailing from the Cybersecurity group, which is a part of the Polytechnic University of Valencia, has discovered a critical flaw in Linux’s backdoor security protocols. As other would put it, even a ten-year-old can hack your computer and steal your data, all because of a simple bug.

According to the Cybersecurity group, a user or rather a mischievous user can simply bypass your password screen by simply hitting the backspace key 28 times in a row. As the techie group explains, once a user hits the backspace key, the operating system returns a critical error.

Once this happens, the Grub rescue shell is initiated, and through this shell, the user can have access to any number of critical systems, including the contents stored on the local hard-drive.

A hacker can use this window of opportunity in order to destroy all the data on the hard-drive or install a rootkit which is capable of accessing your computer remotely.

Moreover, as the security group stressed out, it doesn’t matter if your have a BIOS lock or not. The Grub rescue shell is very similar to Windows’s safe mode, which you can use in order to restore lost data or uninstall undesired programs, which can’t be uninstalled using common procedures.

Of course, as the group added, this procedure would come in handy for someone who wants to steal of destroying your data, but it can also impede his plan. That’s because the said procedure requires the hacker to physical interact with your computer in order to get desired results.

We are unsure whether someone had problems because of this minor flaw, but it does point out that even complex security protocols can be easily bypassed if one looks for simple solutions.

But, according to many tech specialists, the odds of this scenario taking place are very low. And even if it were to happen, the new patches are there to ensure that no one can steal the data from your computer.

Photo credits:www.pixabay.com

ProtonMail Was Immobilized by Hackers

By Leave a Comment

Hackers took down ProtonMail’s server.

One day, you wake up thinking something on the lines of “how secure is my mail?”. Realizing that you may very well be at risk to have your account accessed, you proceed into finding another solution. How about ProtonMail? Their website seems pretty straight:” secure mail with absolutely no compromise”. But it would seem that they were wrong. Lately ProtonMail was immobilized by hackers.

So what went down at ProtonMail DC? It would seem that, recently, the “secure” mail provided has reported that a handful of notorious hackers have gotten into their database. The assailants said that in order for no one to get hurt, ProtonMail must submit to them a ransom of 15 Bitcoins (that is the equivalent of 6000 American dollars). Which the company did!

After ProtonMail coughed out the money from under the counter, the hackers decided to leave them with a little going-away gift and took their servers offline for a couple of hours.

According to the reports drafted after this first encounter, it would seem that the Company is actually dealing with two factions, each of them operating individually somewhere outside of Switzerland.

When the Company was confronted about its decision to offer the sum of the money to the assailants, official spokespersons from the Company declared that their actions were prompted by the fact that they didn’t want other companies to suffer from such attacks.

But it seem that Fate was not in their favor. Shortly after paying the ransom money, the hackers came about and issued another threat. ProtonMail was to pay them an additional sum of money. If they did not comply, a second attack will be launched on Monday night.

The Company stood fast against this new threat and refused to pay up any ransom money. And so, on the next morning, the hackers put their plan into motion. During a first surgical-strike, they managed to take the dedicated served offline. Another attacks followed shortly after this one. It seem that the cyber terrorist are after the upstream connectivity server, capable of dumping roughly 100Gbps of packets an hour.

Sources from the territory report that after the second assault, many people from Germany and Switzerland were left without an internet connection.

Prompted by the ever increasing number of cyber-attacks, ProtonMail wants do to some extensive renovations in order to increase security. The renovation will cost the Company approximately 100000 dollars. The company also started a campaign against cyber

Image source:www.wikimedia.org