Lost+Found: A get-out-of-jail-free card, a free book & Facebook hacking
Too small for news, but too good to lose, Lost+Found is a compilation of the other stories that have been on The H's radar over the last seven days: the NSA's Cryptolog archive, "Wipe the drive", piracy in armament circles, keeping phishers busy, a crusade against malware, and chatty encryption checking.
- The US National Security Agency (NSA) has publicly released two decades of its internal Cryptolog magazine, which was rated top secret until recently. Now we finally know the origin of the layout template for the German CCC's Datenschleuder magazine.
- The "Wipe the drive" ISC campaign shows some obscure places where malware can anchor itself into a system. Since it is almost impossible to check them all, it makes more sense to reinstall a system.
- The former chief scientist at the arms manufacturer that is responsible for president Obama's "Marine One" helicopter fleet has been given a one-year prison sentence. The project used pirated software that was purchased from Chinese and Russian hackers.
- If you can't get rid of phishers, you can at least keep them busy for a while using the Faker.js script. The script floods phishing forms with bogus data.
- Self-proclaimed security experts from several countries have joined forces to form "Malware Crusaders" and go on virtual cyber-crook hunts in their spare time. Their motto: @MalwareMustDie! However, their call for a "crusade" for the "purity of internet" evokes some historical instances which no one could be proud of.
- The slides from the CanSecWest security conference are now available to browse. Topics this time include the security of smart TVs, iOS, and UPnP.
- With version 1.4, the developers of the encrypted WhatsApp-alternative Threema have created an interface that gives users a first-hand opportunity to check out the quality of the advertised end-to-end encryption.
(djwm)