Hackers – Marinate Well Before Cooking

A couple of interesting stories around hacking turned up this week, neither of which made the hackers look particularly smart.

In the first, we have the hacking demonstration that occurred at this week’s AusCERT security conference on Australia’s Gold Coast.

In a nutshell, one security person decided to demonstrate that privacy settings on Facebook don’t actually provide a high level of privacy.

There are many ways that this sort of thing can be demonstrated, but this security person decided that he would do this by using some photos of the wife of a competitor, and utilising a brute force hack method to get access to the data.

I’m not entirely sure of the professionalism of taking that approach, and especially of using the images of the competitor’s wife and child to make his point; why not just have an employee set up a dummy account? The same point could then be made in a much more professional manner, I feel.

Be that as it may, the hack was demonstrated and publicised, but then the Qld Police decided to get involved, spilling their marinade all over their faces by arresting smh.com.au journalist Ben Grubb for merely doing his job and writing an article on the presentation.

Why was Grubb arrested? The police felt that Grubb’s iPad may have contained some evidence about and alleged crime that may have been committed. Grubb refused to provide his iPad to the police, and so in a gesture of friendliness and professional police work, they arrested him to get access to the iPad.

Not a good look, and their excuses, when offered seemed to be, basically, laughable.

The second item relates to a resident of Blaine, Minnesota, in the USA. 45 years old Barry Vincent Ardolf seems to be the ultimate nice neighbour. He hacked into the wireless network of a neighbour, posed as that neighbour, and proceeded to make threats against the US Vice President.

Clearly a delightful guy, he changed his plea to guilty just two days into his trial, and in so doing, plead guilty to charges of identity theft, distribution and possession of child pornography, unauthorized access to a protected computer, as well as making threats to the President and successors to the presidency of the USA.

Some quite tasty morsels amongst that lot, aren’t there?