FBI tracking device found; disassembled

[ifixit] has apparently grown tired of tearing apart Apple’s latest gizmos, and their latest display of un-engineering has a decidedly more federal flair. You may have heard about Yasir Afifi’s discovery of a FBI-installed tracking device on his car back in October of last year. Apparently, the feds abandoned a similar device with activist Kathy Thomas. Wired magazine managed to get their hands on it, and gave it to ifixit to take apart. There’ve even posted a video.

The hardware itself isn’t that remarkable, it’s essentially a GPS receiver designed before the turn of the century paired with a short range wireless transceiver. The whole device is powered by a set of D-sized lithium-thionyl chloride batteries which should be enough juice to run the whole setup for another few decades–long enough to outlast any reasonable expectations of privacy, with freedom and justice for all.

DoJ and FBI now issuing command to botnet malware

Looks like the FBI is starting to get pretty serious about fighting malware. Traditionally they have attacked the servers that activate and control botnets made up of infected computers. This time they’re going much further by taking control of and issuing commands to the botnets. In this instance it’s a nasty little bug called Coreflood, and they’ve been given permission to take the yet-unheard-of step by a federal judge.

An outside company called Internet Systems Consortium has been tapped to do the actual work. It will call upon the malware on infected computers and issue a command to shut it down. That falls short of fixing the problem as Coreflood will try to phone home again upon reboot. This gets back to the initial problem; we won’t ever be able to stop malware attacks as long as there are users who do not have the knowhow (or simply don’t care) to protect and disinfect their own computer systems.

How long do you think it will be before some black hat comes up with a countermeasure against this type of enforcement?

[via Gizmodo]

The phone phreaking files

[Jason Scott] curated a nice collection of links related to [Phil Lapsley]‘s work on phone phreaking. [Lapsley]‘s book, The History of Phone Phreaking, will be released in 2009. Meanwhile phone phreak enthusiasts can peruse his site and bone up on some interesting material, including documents that revealed the inner workings of the telephone switchboard(PDF), and the Youth International Party Line (YIPL)/Technological American Party (TAP) FBI files(PDF), which is really intriguing for the various doodles and conversations that were documented. If you have some spare time, we definitely recommend sifting through it.

[via Waxy]

MySpace cofounder Tom Anderson former hacker

MySpace users are very familiar with the visage of their first “friend” and MySpace cofounder [Tom Anderson], but did you ever wonder what he used to do before he became everyone’s friend? TechCrunch’s investigative reporting revealed that [Tom] was a hacker in the eighties who hacked into the Chase Manhattan Bank computer system, which attracted the attention of the FBI. Under the handle “Lord Flathead”, he became the leader of a black hat hacker group by the time he was fourteen. His activities (along with those of other hackers) led to one of the largest FBI raids in California history. Because he was a minor at the time, he was not arrested, but put on probation in exchange for an agreement to stop committing computer crimes. This definitely makes having [Tom Anderson] on your friends list just a bit more interesting, doesn’t it?

[via Digg]

Possible entrapment scenario in hacking case

[Brian Salcedo] made headlines a few years ago as a hacker who attempted to break into Lowe’s corporate network. He is currently serving a nine-year prison sentence, one of the longest sentences for a computer hacking offense. Recent events surrounding a different hacking case have revealed that the buyer he worked for, [Albert "Segvec" Gonzalez], was a Secret Service informant. [Salcedo] claims that were it not for [Gonzalez]‘s threats, he would not have committed the hacking offense. While the Secret Service may not have even been aware of [Gonzalez's] activity with other hackers, [Salcedo] could make a case of entrapment by arguing that [Gonzalez] threatened him as a government agent in order to make him plant the sniffer in Lowe’s network.

Citibank ATM PIN heist mystery continues


For the last few months, the FBI have been investigating a breach of Citibank’s ATM transaction processing servers. We’ve seen credit card numbers get stolen before, but these compromised servers were used to collect card numbers and PINs as transactions took place. The group responsible hired people to write new cards and use them to make ATM withdrawals. The card makers would keep a percentage and launder the rest. This is just a very small part of story and the extent of the breach isn’t fully realised yet. Threat Level’s [Kevin Poulson] has the whole story on this disturbing situation.

[photo: Bryan Derballa]

Follow

Get every new post delivered to your Inbox.

Join 92,374 other followers