Saturday, August 20, 2011

Talkin’ bout security

Yes, it’s another post dedicated to Annonymous. It’s another #FFF (Fuck FBI Friday) and today they released over 1GB of private emails and documents belonging to Vanguard Defense Industries(VDI), a defense contractor that sells arms to law enforcement, military, and private corporations. As they say, the emails belong to Senior Vice President of VDI Richard T. Garcia, who has previously worked as assistant Director to the Los Angeles FBI office as well as the Global Security Manager for Shell Oil Corporation. Read all about the release here. (it’s not really eye friendly, I know. Guys, red font on a black background. Really!?)

I found the following part of the release very interesting: “Have fun with the data of Mr. Garcia, former Assistant Director to the L.A. FBI office who now sells his cybersecurity "skills" to the Military and Government for brazen amounts of money.”

Why “skills”, you must be wondering. While the release was being uploaded, they published the webmail link too, and Mr. Garcia’s username and password, so you can browse through his email by yourself. After almost 3 days of public exposure, the guy found out his email was hacked and changed his password.

(photo taken from here)

Wonder what his old password was? Take a deep breath: Gloria88. Without even knowing a single thing about this guy, I’m betting on it that Gloria is his daughter’s name, and 1988 is the year she is born. I mean… COME ON!!! You don’t need to be a hacker to hack that! You don’t even need any computer skills. All you need is a computer, an internet connection and a list of close family members names. A brute force attack with no more than 20 attempts will do the job.

Yes, they do illegal stuff. Yes they hack. Yes they get into people’s computers and publish private stuff to the whole world. Yes it’s prohibited by law. But they are trying to prove a point. I quote: “#FFF shows once more that federal contractors don't even care about the "security" they are selling. They just care for the $$$.”

I don’t even want to imagine how Macedonian security agents demonstrate their security “skills”.  Half of them have their wife’s names as their computer password for sure. No capital letter, no birth year attached to it. Just first name. Raw.

 

0 comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...
Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | 100 Web Hosting