Category Archives: Controversial Laws

4 Ways to Hack a Facebook Account

It’s not nearly as hard as it should be… you definitely don’t have to be a professional hacker to pull it off. Here’s 4 ways you can hack into someone else’s Facebook account without doing anything too strenuous or unimaginable.

The easiest way to “hack” into someone’s Facebook is more a social engineering feat than one of computer genius. Just figure out someone’s Facebook email login, then go to the Facebook login page and click “Forgotten your password?”. Type in the victim’s email and if their account comes up, click “This is my account.”

key loggerFacebook will ask if you’d like to reset the password using the victim’s emails, which obviously won’t help you an just click “No longer have access to these? It will ask How can we reach you? and you can type in an email that you have that also isn’t linked to any other Facebook account. Then it will ask you a security question. If you’re close friends with the person, you likely know the answer. If you’re not, make an educated guess and in 24 hours you can login to their account. if you can’t figure out the question, click “Recover your account with help from friends” and click three friends that are in cahoots and can give you the password or make three fake Facebook accounts and get the person to add you before any of this stuff happens. Then you’re in.

Another option? Use a keylogger, or a program that can record each stroke own the keyboard that a user makes without their knowledge. The software has to be downloaded manually on the victim’s computer and will automatically start capturing keystrokes as soon as the computer is turned on and remain undetected in the background. The software can then be programmed to send you a summary of all the keystrokes via email. CNET provides Free Keylogger.

If you’re afraid you might be susceptible to key logger, use fireball, install a password manager, update you software and change your passwords every so often.

Then there’s the option of phishing. It’s not for beginners because you have to design a fake Facebook login page, and if the victim logs in, the information will be sent to you instead of Facebook’s server. You’d also need a web hosting account. There are guides on how to clone a website that you can use, and detailed instructions you can follow, if you really want to do it.

internet cookieIf you don’t want to be susceptible to this trick, be sure not to click on links provided through weird emails. Also check the URL before you click on it using CheckShortUrl or unshort.me. Antivirus and web security software is also helpful here.

The final method? Steal the cookies that allow a website to store information on a user’s hard drive and retrieve it later. You can access your victim’s account by cloning those cookies and tricking Facebook into thinking the hacker’s browser is already authenticated. Fire sheep collects cookies and stores them in a tab on the side of the browser so you can get in.

Brendan Eich Takes on Ads

Branden Eich is famous for his part in rewriting the Web; his creation of JavaScript, the world’s most used programming language, ended Internet Explorer’s web browser monopoly and opened the door for other browsers to proliferate and change the way people experienced the internet.

His first browser was Mozilla Firefox, but he stepped down from his position as the CEO of Mozilla in 2014 amid loud criticisms of his donations to same-sex marriage ban initiatives in California. Now he’s working on his next browser project: Brave.

Brave is a startup dedicated to developing a browser that changes how internet ads are published and paid for. The browser would block advertisements and attempts to track user data, but replace those advertisements with ads that are less intrusive and use less of a device’s computing resources to run. Advertising revenue will go to site owners and users themselves; publishers would be getting 55 percent of the revenue generated by the ad, which trumps the percentage they get from more established advertising networks. The company advertising would then pay its own advertising network partners 15 percent and keep 15 percent for itself. The final 15 percent would flow back into the browser users’ pockets, though I don’t really get how. Users could opt out of ads altogether by donating to their favorite websites.

The idea behind Brave is to give more power to web users, who are just beginning to be able to make real decisions about their surfing experience based on the browser they choose. If Brave is a success, it will be the first browser to show so much respect for an internet user’s privacy. For now, every time you load a page you’re opting into whatever policies an ad network has in place. “…so we invert this power structure and have the browser be an important part of the system instead of this passive window,” explained Eich.

That said, Eich isn’t out to eliminate internet advertising by any means. He understands that the internet cannot function without its main source of funding, and that ad-blocking software could create major funding issues for a lot of websites.

“Most people aren’t ready to pay for their content,” Eich claimed. “Some aren’t well off enough to pay for subscriptions, some don’t know how or don’t want to trust their credit card to a paywall…They like free-riding, or even starting a war.”

“You may never click on an ad, but even forming an impression from a viewable ad has some small value. With enough people blocking ads, the Web’s main funding model is in jeopardy.”

Brave hopes to allow those who prefer to not see ads still support sites through donations, allowing for those websites losing out on advertising funding to be funded directly by their users. Everyone else can support sites by viewing ads that Eich hopes will be “more relevant, less intrusive, and not so creepy” as the status quo.

Brave claims that if it shares data it finds, it will always by anonymized and that it cannot be shared without the user opting in.

Apple CEO Stands Strong Against FEDs on Encryption

encryption3Last Sunday, Apple CEO Tim Cook took part in an interview on the CBS new program 60 Minutes in which he asserted the rights of tech companies to provide encryption services to their clients.

“There’s all kinds of sensitive information on smartphones today,” claimed Cook. “You should have the ability to protect it. The only way we know how to do that is to encrypt it.”

Cook noted that Apple was still willing to comply with search warrants served on it by law enforcement officials.

FBI Director James B. Comey disagrees, believing encryption is only remains a legal service because of a lag between legislators and inventors: “Unfortunately, the law hasn’t kept pace with technology, and this disconnect has created a significant public safety problem… We call it ‘Going Dark’ and what it means is this: Those charged with protecting our people aren’t always able to access the evidence we need to prosecute crime and prevent terrorism, even with lawful authority.”

“We have the legal authority to intercept and access communications and informant pursuant to court order, but we often lack the technical ability to do so,” added Comey.

Plenty of security and tech advocates take issue with Comey’s initiative to ban encryption services.

“A proposal to protect our security by weakening our security is going in the wrong direction,” asserted executive director of the Electronic Frontier Foundation Cindy Cohn.

“If the government were to suggest that no one put locks on their doors because if we were a terrorist it would be harder to get into our house, we would think that was a bad idea… This is pretty much the digital equivalent of that.”

supercompute2Cohn makes an excellent point; as large scale hacks become commonplace, government agencies are finding that sometimes not even they can keep their sensitive data under wraps. If they have access to everyone’s data, or make that data more accessible to everyone, terrorists won’t be the only users made more vulnerable.

Berin Szoka, the president of TechFreedom, claims that this issue presents a historic crossroads in American history and the history of the internet:

“This is really a binary issue. Are you going to allow end-to-end encryption by the operating system makers or not? Once you say no, you start down this road without stopping the really smart bad guys from continuing to use encryption on their devices.”

CEO of Accellion Yorgen Edholm believes the government can achieve its goals by walking a separate path: “If the government law enforcement agencies are looking for an encryption compromise, maybe they should look outside the tech sector for it… Encryption can always be broken by people who have supercomputers- the government has more supercomputers than anyone else. So the government has the resources to decrypt anything. It’s just that those resources have to be made available to local law enforcement… That compromise wouldn’t make it easier for the bad guys to get into my privacy just because the government wants to have the computer equivalent of a wiretap.”

 

UK Police Crack Down on Young Cybercriminals

The UK has made headlines for turning the heat up on young hackers.

lizard stresser“Over the past few years, the NCA [National Crime Agency] has seen the people engaging in cybercrime becoming younger and younger,” Richard Jones explained. Jones is the current head of the Prevent team at the NCA’s Cyber Crime Unit.

Jones explained that a recent online attack tool known as Lizard Stresser was actually created by 7 people under the age of 18.

The NCA’s clamping down on teenage offenders come as part of the Cyber Choices campaign, which was in turn prompted by the fact that an NCA study revealed the average age of people involved in its investigations was only 17 years of age. The study also found that very few teenagers in the UK actually understood what constituted a cybercrime and what the legal consequences were.

Cybercrimes are common among young hackers who don’t actually want to steal anything or do any horribly catastrophic harm; often viruses are created solely to see how far they spread so that the hackers behind them can reap the bragging rights. Unfortunately, in this age of more serious hacking and cyberterrorism, many governments have no sense of humor for this new form of teenage pranking.

blackshades ratThe National Crime Agency’s Cyber Crime Unit was astounded after uncovering certain information during Operation Dermic in 2014. The operation was pitted against users of a remote-access Trojan (known as a Rat) called Blackshades. After an in-depth investigation of the origin of the Blackshades Trojan, a total of 17 arrests were made. During a follow-up, the National Crime Agency’s Cyber Crime Unit underwent over 80 “cease and desist” visits to people that they had found guilty of purchasing the Blackshades Trojan. Over 500 emails and letters were additionally sent out to people found responsible for purchasing the cybercrime kit that allows for the generation of the Blakshades remote-access Trojan. To the National Crime Agency’s Cyber Crime Unit’s surprise, a large portion of the people contacted due to buying or somehow being involved with the kit were under the age of 20 and still living at home with their parents. In fact, the youngest Blackshades buyer was just 12 years old.

The issue highlights the fact that programmers and hackers are becoming younger and younger, so ill-conceived cybercrimes are being enacted by younger and younger cybercriminals, often in a more experimental than malicious mindset. Early access to computers and the internet will yield an unprecedented generation of computer users, a generation that governments are struggling to educate in terms of the law and the consequences for breaking it. At the same time, laws regarding cybercrime are still forming and lawmakers are attempting to adapt to the constant need for new legislation in a world they weren’t trained to oversee.