Cyberfreek on Twitter  

   

CyberFreek Follows:  

   

With all of the talk lately within Cyber Security, leaking information, the GOV watching you and all, here is another news item that might interest you.  The NSA supposedly contributed information to Android Source code.

Read the Article Here

Think about this for a second. If they contributed towards Android, don't you think they also contributed towards Apple, RIM and Microsoft as well ?  Do we know about these others yet? Oh that's right, Android while the most popular Mobile and Tablet OS is still a target for all the others. So it really makes sense to leak this article in the hopes that this may turn your head away from Android.  Fat chance eh ?

What is the ultimate goal here?  To watch you? To track your every move? Or to put a kill switch in all devices to stop you from posting on your blog, facebook, or other social media site?

Who knows what the reasons are and who knows what the exact lines of code are that were "contributed".  I sincerely doubt that you will find  [NSA code Here] comments in the source.

But it does leave you to wonder why are they doing this IF this story is true.   I guess it's another thing that makes you go hmmmm....

 

Oh boy.  Here we go.

A group that calls themselves "Gray Hat Hackers" today posted various sites including an Air Force, NASA and a Harvard University Project website that they are vulnerable to certain hacks.  But the story goes on to tell that the sites were already patched.

The article is here.

I love this for reasons I will explain. But they go on in the article to state:

“We are not Anonymous Version 2 and we are not against the US Government,” the group said in a post on Pastebin. The Unknowns have offered to test websites and alert the owners of any weaknesses without releasing hacked information. “We're here to help and we're asking nothing in exchange,” its message said.

Please.  Lets get something straight.  If you hack a site WITHOUT consent, you are a black hat, NOT a Gray Hat. "Oh but we are here to help and ask nothing in exchange", yeah right.  There is no such thing as a free lunch.

Hacking without consent is still hacking illegally.  Product the infamous "get out of jail card" and we will think otherwise.

Again, from the article:

Gray hat hackers, as the name suggests, traditionally fall in between white hat hackers — security experts who conduct penetration testing and other procedures to help organizations identify weaknesses — and black hat hackers, who engage in outright criminal behavior. Gray hats might cross legal lines, but only to expose vulnerabilities without profiting from the hack or causing serious damage.

Wrong.  A Gray Hat will NOT post, brag or put anything out in the media as was done here.  Fine line?  Fine if that makes you happy, but it is still hacking without consent.  If you believe this and lower your guard to these type of scams, then you deserve everything you get thrown at you.  From my neck of the woods, you are either White (with consent with the purpose to help a potential victim, with permission), Black ( go head, you'll get caught some day)  or if you consider yourself Gray, you will screw up sooner or later. Posting publically with the "aim to help" also shows that you are willing to expose information, no matter how limited.  But exposure it still is and that is STILL Black Hat.  Like I said, fine line to some, clearly defined to others.

Your take ?

I just get so annoyed by those bragging or saying that they are out to help, without permission.  Its just another scam to lower your guard.  Don't fall for it.  If you want a professional Hacker to pen test your system(s), do it properly.  Get the right permissions in writing and with proper disclosure rules.Protect yourself on both sides of the issue.

If you want to disclose later, that is up to the company you contracted with , not you and NOT the media.  Bored ? Got more time on your hands than you know what to do with? Prove your skills and join a professional team.  This Gray Hat stuff is and will burn you in the long run.  Be extremely careful. There are now laws and will continue to be newer laws introduced that will keep splitting hairs.  What you consider Gray today will be Black before the end of the day.

 

Steve

Wow, with all of the talk of infrastructure Security, SCADA and how our Government should be protecting its constituents,  here is another case for neglect and misguided intentions.

When will our leaders understand that the infrastructure must be protected.  What good is a military or government when the power is shut off, no clean water, etc ?

Click here to read more:   Cyber Security Shortchanged in US Smart Grid Push

   

Advertisement

   
© Cyberfreek.com 1997-2022