Hacker News: deeqkah

New comment by deeqkah in "Cryptogams and the NSA (fiction)"

deeqkah — Sun, 16 Jun 2013 08:18:53 +0000

I honestly couldn't get through reading this in it's entirety as i was laughing too hard. I've saved the page so i could finish later.

Clever, utterly insane and timely.

New comment by deeqkah in "Yahoo Starts Scanning Emails"

deeqkah — Sun, 02 Jun 2013 08:35:36 +0000

Seems like a subtle advertisement for StartMail, honestly. Google has been doing this for years. I see the op has a previous submission for StartMail, too.

Any reason for that or is it just an attractive application/service to you? I mean, if it's something we should have a better look at, let us know.

New comment by deeqkah in "Mac malware signed with Apple ID infects activist’s laptop"

deeqkah — Fri, 17 May 2013 22:12:36 +0000

There was a relevant update to iTunes last night (or earlier this week) for both OS X and Windows. It is usually these types of updates i keep an eye out for, as it is most importantly an update to certificate validation.

CVE-2013-1014 as it impacts iTunes for Mac OS X v10.6.8 or later, Windows 7, Vista, XP SP2 or later (http://support.apple.com/kb/HT5766) -

"Impact: An attacker in a privileged network position may manipulate HTTPS server certificates, leading to the disclosure of sensitive information

Description: A certificate validation issue existed in iTunes. In certain contexts, an active network attacker could present untrusted certificates to iTunes and they would be accepted without warning. This issue was resolved by improved certificate validation."

There were almost forty other CVEs for iTunes on Windows. And just a last bit - the discussion and quality of submissions here at Hacker News has taken a substantial fucking nose dive in the last year. I change my name every so often, but i can tell you that i've been here long enough to say that.

Feedback Control & the Coming Machine Revolution, by Raffaello D'Andrea

deeqkah — Fri, 29 Mar 2013 17:38:09 +0000

Article URL: http://www.youtube.com/watch?v=C4IJXAVXgIo

Comments URL: https://news.ycombinator.com/item?id=5461886

Points: 2

# Comments: 0

OpenBadges 1.0 (Recognize & Verify Online Learning)

deeqkah — Tue, 26 Mar 2013 14:19:37 +0000

Article URL: http://www.openbadges.org/about/

Comments URL: https://news.ycombinator.com/item?id=5443425

Points: 1

# Comments: 0

New comment by deeqkah in "The Ultimate Bookmarking Tool Is Finally Here"

deeqkah — Wed, 13 Mar 2013 15:00:42 +0000

What i found most interesting about this is the slimmed down nature of what you collect. In the video, when you showed the grid of things you've collected... it was really appealing.

I think the real strength of this would be in it's technical implementation; how not-annoying is it in my browser, is it resource heavy, how can i adjust it etc, and then the community around it.

Which is where i think there would have to be some real differences between Pinterest. If you give the user the option to share (or not!) what he/she has collected with other people (perhaps a dedicated page), and played with the idea of how users could interact with each other ("This is what Julie collected on Tuesday," - then i think this idea could have even more potential than it already does.

Good luck to you folks. As i said this is really interesting.

Google Play: Potentially Unwanted

deeqkah — Tue, 12 Mar 2013 17:45:19 +0000

Article URL: http://www.f-secure.com/weblog/archives/00002521.html

Comments URL: https://news.ycombinator.com/item?id=5363507

Points: 2

# Comments: 0

New comment by deeqkah in "Hacker News Parody Thread"

deeqkah — Wed, 06 Mar 2013 00:44:23 +0000

The first thing i did when i opened your link knowing it was a parody was to check how many responses to the article there were. And there were too many. Way too many.

Comments on Hacker News more often than not go into the meta almost immediately, and constantly, so there's usually one comment with well over half of the op's responses nested under it. I use a userscript for HN for this exact reason.

It's upsetting, to be honest.

New comment by deeqkah in "Why was my email leaked?"

deeqkah — Thu, 28 Feb 2013 23:25:31 +0000

You know, it's funny because i got a very clever Pay Pal phishing e-mail this morning, linking to a PHP script hosted on renault-astrakhan.ru

What's worse is that i sent invitations to dropbox time ago to people that i have to now contact and say "Please be aware of this phishing e-mail disguised as a Pay Pal e-mail."

+1 for an alternative service, to be honest. Dropbox is very well done, but this is a good reason to stop using their service if they can't secure their clients' information.

It would greatly benefit them if they found the root of the problem, and reported if it were indeed an issue with them or one of the clients for dropbox.

New comment by deeqkah in "Stuxnet Missing Link Found, Resolves Some Mysteries Around the Cyberweapon"

deeqkah — Tue, 26 Feb 2013 22:42:50 +0000

In the David Sanger article published in the Times attributing Stuxnet to the US/Israel, this bit really struck me -

"One day, toward the end of Mr. Bush’s term, the rubble of a centrifuge was spread out on the conference table in the Situation Room, proof of the potential power of a cyberweapon. The worm was declared ready to test against the real target: Iran’s underground enrichment plant."

And i don't mean to stray off Stuxnet here, but just really quickly: The chosen-prefix collision attack used in signing the Windows Update malware (FLAME) also suspected of being from the US was a never before published variant.

The computing power alone was on the order of $200k, and makes you wonder what else the NSA or the national labs have up their sleeves.

New comment by deeqkah in "The Department Of Homeland Security Is Now Bitching At Me On My Blog"

deeqkah — Sun, 24 Feb 2013 07:06:57 +0000

"And third, for fuck’s sake, you are the Department of Homeland Security. What happens to me the next time I got through TSA at the airport, or try to cross the border into Canada? Do you think I may perhaps be on a “list” and have some difficulties?"

Nice FUD, bro. With what DHS has to do on a day to day basis, your fucking boat isn't making any impressions outside of one office's circle of employees.

If that office failed to serve for whatever reason, and you called them out then congrats on being a good citizen. But suggesting something as big as what you just did is more than a little fear mongering.

But yeah, sorry to hear about your bad day.

An internet-wide port scan in one 7MB GIF, by HD Moore

deeqkah — Sun, 24 Feb 2013 06:34:24 +0000

Article URL: http://digitaloffense.net/ports.gif

Comments URL: https://news.ycombinator.com/item?id=5273143

Points: 29

# Comments: 10

New comment by deeqkah in "A Chinese Hacker's Identity Unmasked"

deeqkah — Sun, 17 Feb 2013 16:46:30 +0000

How did this get posted? I Posted this last week.

https://news.ycombinator.com/item?id=5221484

A Chinese Hacker's Identity Unmasked

deeqkah — Thu, 14 Feb 2013 19:24:44 +0000

Article URL: http://www.businessweek.com/articles/2013-02-14/a-chinese-hackers-identity-unmasked

Comments URL: https://news.ycombinator.com/item?id=5221484

Points: 5

# Comments: 0

New comment by deeqkah in "Online Activists: Extremists Hurt Cause"

deeqkah — Thu, 31 Jan 2013 15:04:01 +0000

Just a heads up - Since submitting this at around 730am EST, Politico has changed the article's title (which the submission mirrored).

Online Activists: Extremists Hurt Cause

deeqkah — Thu, 31 Jan 2013 12:01:43 +0000

Article URL: http://www.politico.com/story/2013/01/online-activists-extremists-hurt-cause-86963.html

Comments URL: https://news.ycombinator.com/item?id=5144563

Points: 1

# Comments: 1

New comment by deeqkah in "Man tracks down stolen iPhone using location app, resulting in fist fight"

deeqkah — Wed, 09 Jan 2013 21:27:01 +0000

Link to the video - https://www.youtube.com/watch?v=gOWGEArhKU8

A Flash 0Day Was Reportedly Used In the CFR.org Attack

deeqkah — Sat, 29 Dec 2012 06:39:48 +0000

Article URL: http://blog.fireeye.com/research/2012/12/council-foreign-relations-water-hole-attack-details.html

Comments URL: https://news.ycombinator.com/item?id=4981349

Points: 3

# Comments: 1

New comment by deeqkah in "Chinese Hackers Suspected in Cyber Attack on Council on Foreign Relations"

deeqkah — Fri, 28 Dec 2012 20:23:14 +0000

That's a solid source they have -

"Investigators said the computer attackers that targeted CFR were able to set up a covert network capable of identifying, encrypting and sending stolen information found in targeted and infected computers back to a secret command and control computer."

And they even mentioned that Internet Explorer versions 8 and above were vulnerable. I really hope the AV companies or someone puts together a nice White Paper about this.

But before that, i hope that IE vulnerability isn't a 0day.

New comment by deeqkah in "Anatomy of a botnet: Rapid7 researchers dissect Skynet"

deeqkah — Tue, 11 Dec 2012 04:26:55 +0000

"What the Skynet botnet creator realized, is that he could build a much stronger infrastructure at no cost just by utilizing Tor as the internal communication protocol, and by using the Hidden Services functionality that Tor provides."

This is not good, as this kills sinkholing the C&C. Add to that the ease by which this can be obfuscated from AV detection (it's already 15Megs of random data), and you'll have some storms brewing on the horizon.

Looking at the net as the weather, i have to say very recently it's been pretty stormy out. My mail server's been getting hit badly by spam that it hasn't in the past been hit by.

I wonder if the Tor developers could provide any insight on this. If i were them i'd be facepalming like "This is why we can't have nice things."