Category Archives: Hacker

“News of the World” Phone Hacking Scandal

News International today announced that this Sunday’s edition of the News of the World newspaper would be the last edition and that the newspaper was closing down. Ostensibly the reason is that a phone hacking scandal had a irretrievably stained the name of the newspaper but the suspicion is that there’s far more to the closure.

For non-UK residents, it’s an astonishing story that involves several alleged crimes and some disgraceful behaviour. First of all, News of the World (NOTW) is one of the biggest selling Sunday newspapers with around 40% of the market and 2.8 million readers. It’s been going for 168 years and while considered a tabloid paper, it has been instrumental in revealing other scandals involving politicians and other well-known figures.

The scandal itself is that around six years ago, a private investigator used by the newspaper is alleged to have hacked into the voice mailboxes of over 4,000 people, including royal aides, sports stars, celebrities and politicians. Even worse, it is further alleged that the mailboxes of soldiers killed in Iraq and murder victims were hacked into. In particular, the alleged deletion of messages on Milly Dowler’s phone is suggested to have given hope to her parents that she was still alive when she had been killed.

Rumours of the hacking arose when the newspaper published stories that could only have been discovered from personal messages. The private investigator and the journalist involved were sent to prison back in 2007 and at the time, a police investigation suggested that the two individuals involved acted alone. In 2009, the Guardian newspaper claimed that thousands of mailboxes had been hacked and that the practice was well known and routine. The Metropolitan Police refused to re-open the investigation. It has also now been alleged that NOTW made payments to the police in return for information. The hacking of the mobile phone’s voice mail was not sophisticated. The private investigator simply relied on the fact that most people did not bother changing the default PIN on their voice mailbox.

Over the past week, as the revelations of the alleged hacking continued, public opinion turned against NOTW. Major advertisers in the paper withdrew their contracts, unwilling to be associated with the unfolding scandal. It was perhaps inevitable that the NOTW would have to close but it seems harsh to punish the current staff for the activities of their predecessors.

The intrigue continues as the parent company, News International, is keen to buy out the remaining shares in BSkyB. However, this had raised concerns that one single company would own too much of the UK media – News International owns the The Times too. The suggestion has been made that by closing one newspaper, NOTW, this will reassure the regulatory authorities but there are also now questions about whether News International is fit and proper to take over BSkyB. It is rumoured that News International will launch a Sunday edition of a sister newspaper The Sun. The domains “” and “” were registered two days ago, though it’s not clear by who registered them

It’s an amazing scandal and totally despicable – some of the stuff you couldn’t make up. If there’s one thing to be learnt from the scandal, it’s make sure you change the default PIN on your mobile phone’s voice mailbox.


Is it the Browser, or the People Using the Browser?

Another breach of security, at another big name.  Or is it?  The recent announced breach of email and personal information comes to us from Google and those with Gmail accounts.  The “attacks” have come from China, and affected “top U.S. officials.”  But reading the fine print in all of the articles out there about this latest “breach,” brings up the same cause:

targeted attacks…duped victims into revealing their Gmail passwords through e-mails that pose as people or companies known to end user.”

In other words, phishing.  The users themselves were to blame for letting the hackers into their accounts.

If I leave my car unlocked and full of things like GPS devices, iPods, digital cameras, backpacks, the purchases we just made at Macy’s and the Apple Store, we can’t complain that someone stole our stuff.  If you let the crook into your living room, you can’t complain that he stole your television!

The fact is, there are always going to be people trying to rip us off.  That’s the way the world is, whether we like it or not.  We lock our cars, and the doors to our houses, because that’s the best way to keep out the bad guys.  It’s not fool proof, of course, but it reduces the chances of a theft by a whole bunch.

The same needs to be the case for use when it comes to our computers.  Not taking an extra 30 seconds to check the legitimacy of an email from someone, and to be suspicious of anyone asking for my username or password, I have successfully avoided getting a virus, a trojan, malware, or worse yet, my personal information.  In other words, I’ve never been hacked.

I’m not smarter than anyone else, I’m sure of that.  What I am is skeptical, and cautious.  I still only read email in text form (not html).  I know what my friends sound like when they write to me in an email, and I will recognize when they don’t sound like themselves.  I use strong passwords, and answer my “challenge questions” with false information that I will easily remember but that no one else can figure out.

I don’t consider this recent “attack” as a hack, as much as it is a crook taking advantage of people who have left themselves open to theft.  That crook is always looking for a way to get what is yours.  It is up to me to make sure he doesn’t have an open door to walk through.  “Top government officials” should know enough not to be phished.  And if they don’t know enough, then why aren’t they being trained to be more cautious?

This alone amazes me. It’s not that hard to be cautious, to keep a suspicious mind, and to take a few extra minutes to verify that where you’re clicking, and what information you are entering, is really something you should be doing.

Is Google supposed to take responsibility for this recent attack?  I sure don’t think so.  Place the blame where it belongs:  on the user.

Barnes & Noble Nook Color e-Reader

Over this past weekend I ended up purchasing a $250 dollar Barnes & Noble “Nook Color” e-reader from a Best Buy store. It has a very bright, clear 7” diagonally measured widescreen capacitive glass touch screen display.

Barnes & Noble ships the Nook Color with a specialized, tightly locked-down version of Android that promotes access to the Barnes & Noble store content. It includes the Android web browser, along with a couple of games and the Pandora music service app. With the latest 1.2 version of Barnes & Noble’s Nook Color Android, they also give access to email and currently about 170 or so apps that can be purchased from the Barnes & Noble app store.

I’ll be perfectly honest here. What persuaded me to buy the Nook Color was watching a number of different YouTube videos of Nook Color units that had been hacked to run different versions of Android. As it turns out, the Nook Color is a very hacker-friendly device. The Nook Color’s WiFi radio contains Bluetooth, which Barnes & Noble’s Android does not yet take advantage of, though alternative versions of Android can and do enable Bluetooth on the device.

The Nook Color is manufactured by Foxconn, the same Chinese manufacturers that make the iPad, iPod, and many other modern consumer electronics devices. The Nook Color is a very nice piece of hardware. It has a 1.1 gigahertz Atom processor that’s backed down to 800 megahertz in order to help conserve battery life. Also when the unit is asleep very little battery power seems to be consumed.

There are several different approaches to be taken from outright replacing the Barnes & Noble Android, rooting it to allow the full Android store, to running alternative versions of Android from the included Micro-SD card reader slot built-in to the unit, leaving the Barnes & Noble Android intact.

After a weekend of experimental hacking, here are my conclusions. Though the Barnes & Noble Android is fairly limited, it offers quite a nice experience. I’ve determined that I want to keep that Barnes & Noble Nook Color experience untouched. It is quite valuable as an e-reader that offers multimedia functionality.

I can, and am, experimenting with a couple of different versions of Android running directly from a couple of different Micro-SD cards. I have a Micro-SD version of Android 2.2, as well as a version of Android 3.0. The Nook will automatically attempt to boot first from the Micro-SD reader, so when I want to boot into the built-in Barnes & Noble Android, I simply turn the unit off, eject the Micro-SD chip, and turn the unit back on.

While searching the Internet for information, I came across a website ( is selling pre-configured Micro-SD chips running either Android 2.2, or Android 3.0. I ended up ordering a 2.2 version, which I won’t receive for a few days. These pre-built versions contain a boot loader, which allows the user to select which operating system to load without having to eject or insert the Micro-SD chip each time.

I am perhaps more of a unique case, since I spend most of my time in my truck. I already have the latest version of the iPod Touch, which gives me 95% percent of iPad functionality in a smaller package. When my truck is parked, my MacBook Pro is almost always online. The only use I could come up with for a tablet would be for use as a nice screen to watch video on, or an e-reader, since other uses are already covered between my iPod Touch, my MacBook, and my Sprint Evo Android smartphone. At upwards of $1,000 for a fully-configured iPad 2.0, that’s a price that’s just too steep for these functions. However, at $250 dollars for a very capable piece of hardware that can easily be made to do other things, along with something to experiment with, it starts to really become interesting.

Barnes & Noble should be commended for the Nook Color. As stated before, it is an excellent piece of hardware. It’s been a long time since I was in a Barnes & Noble brick & mortar store, and until now I haven’t felt compelled to buy any e-books from them online. However, now that I have the Nook Color I’ve started out an experimental subscription to Popular Science magazine. So far I’m enjoying the experience. The Nook Color uses the ePub format, and also uses Adobe technology to display color magazine and newspaper publications.

My hope is that since the Nook Color is so hackable, it will act as a doorway to reward Barnes & Noble.


Pursuit Of The Ultimate Media Extender

Hacked Apple TVFor some time now I’ve been experimenting with different ways of getting Internet-based video to my widescreen LCD HD televisions.

Often people think, why not simply hook up a regular desktop computer up to the TV. A desktop computer can be set up to play back virtually any video file type. The problem is, desktop and laptop computers are optimized for use on a desktop, not from a living room chair.

Is the ultimate media extender a set top box of some sort? The trouble with most set top boxes is that they are either walled gardens, or they miss the boat in very important ways.

A media extender should be able to play files stored on a home network, as well as be able to easily stream from services such as Netflix, Hulu, etc. Once set up, everything should be accessible through a simple remote control. Also, for my purposes, I’m willing to pay up to $250 for a box for each television in my house. It should also be able to play ripped DVD collection files that have been ripped to a central home server or network attached storage device.

I’ve hit on an interesting combination that seems to do everything I want it to that involves hacking a standard Apple TV and adding Playon TV server software to another computer on my home network. Playon TV software sells for $39.99.

Recently I purchased a commercial Apple TV hack called ATV Flash, which sells for $49.95. You download either the Windows or Mac version and install it on your computer. When you run the program it will ask you to insert an empty USB memory stick that it will write the installation files to. Then you plug the USB memory stick into your Apple TV and power it up. It will upgrade the Apple TV to be able to play a much wider variety of files, as well as adding Boxee and XMBC playback. It also retains all of the standard Apple TV functionality.

Next, I added the Playon TV software to my HP Windows Home Server. It could have easily been any other computer on my home network that meets the software’s minimum performance requirements. Once Playon TV was installed, I added my credentials for my Netflix account, as well as my Hulu account.

Finally, on my hacked Apple TV I simply start the XBMC application and navigate to UpNP devices on my home network, where Playon TV shows up. I now have access to Hulu and Netflix right on my Apple TV.

The Apple TV itself does not have enough processor horsepower to play back Netflix or Hulu Flash streaming without stuttering and freezing. However, playing it through the Playon TV software causes much of the processing to take place on my Windows Home Server machine, which has plenty of horsepower. Playon TV works by converting the Hulu and Netflix Flash streams into UpNP streams that the hacked Apple TV running XMBC can easily play without stuttering.

So, with this setup I’ve got access to all of my regular iTunes material, including HD and SD video podcasts, as well as a wide variety of streaming material from popular services such as Netflix and Hulu. It would be easy for me to buy additional Apple TV units, apply the ATV Flash hack to them, and attach them to other HDTV’s in my house.

No more Hackintosh Netbook?

Well apparently according to some sources like PCWorld, the newest update of Snow Leopard will kill the Hackintosh. 10.6.2 will not run on the ATOM processor, therefore knocking out all the instruction sets for any netbook running that version. Therefore, you will have to stay in a lower level to keep the machine running.

I really don’t understand why Apple is so Anti-hack. iPhone bricks – Palm Pre doesn’t get iTunes – now the hobbiest is not allowed to play? What’s next: controlled net neutrality? (you think I’m kidding, but I would guess if Apple had it’s way, there would be an iNternet)

We get it, Apple: You had the contracts with UMax and Motorola. Macintosh clones of ten years ago where you pulled those licenses. You even go against Psystar so they don’t profit off your work. But going against the tinkerer? Going against the core Geek?

Remember Apple – you run on an Open Source architecture in FreeBSD. While I’m not saying you should Open the OS, you might find that giving people the option may turn them to Apple products faster. They will flock to something they are used to. What is to stop someone from writing code that could closely mimic the Apple OS? What about someone that just writes code to make an OS that could Rival MacOS? Android, perhaps?

And while I will not cry Antitrust on this, I do have to ask the question: Why would I go with something that is so closed? I am wondering if they should re-review their 1984 commercial where the woman ran down the aisle with a hammer to smash out conformity. Who would have thought the old guy on the screen was Apple itself?

BTW – there is no mention on if these instruction set changes will affect any desktop Hackintosh system. You might just be safe….

…for now…

Stop Using AdobeReader, says F-Secure

New information released this morning by F-Secure widens the already-known threat to users of the free AdobeReader.  The security holes in AdobeReader are allowing infiltrating “backdoors” to be installed, and the most common target at the moment are government domains.  This does not mean you are safe just because you don’t work for the government.  Adobe has yet to create the appropriate patches for the all of the existing flaws, which surround primarily web browser plugins rather than the AdobeReader program itself.

Alternative PDF-readers are available for free, but these also have been found to have flaws.

There is no easy solution, but accepting all updates available from Adobe is a good start.  Even though the update process is cumbersome and many of us cancel the process before it can complete, accepting those updates may be your best protection.  Also, as all geeks know, don’t accept/open PDF’s from unreliable sources (like those coming in emails with Ukrainian domain names).  Opener beware!

Hacker tries UFO Defense?

In a totally bizarre interview a hacker that is facing extradition to the United States claims that when he hacked into a NASA computer system on a supposed “dial up connection” that he found proof of UFO existence. Well the interview on Wired just gets really weird. One thing for sure when and if he gets extradited to the United States the Insanity defense will work good. [Wired]

Hacker tries UFO Defense?

In a totally bizarre interview a hacker that is facing extradition to the United States claims that when he hacked into a NASA computer system on a supposed “dial up connection” that he found proof of UFO existence. Well the interview on Wired just gets really weird. One thing for sure when and if he gets extradited to the United States the Insanity defense will work good. [Wired]

MPAA is charged with hiring a Hacker!

As you all know the MPAA sued some time ago but it is being alleged that the MPAA paid a hacker $15,000 to steal information from the company which supposedly included e-mail and company trade secrets. If these allegations prove to be true this could turn out to be a pretty big deal of corporate espionage of the worst kind. Collecting information then using that information to sue the company. I am not a lawyer but it looks like to me that if this proves to be true that the MPAA will have some explaining to do and may be in some pretty hot wire.

A attorney for said: “We have very significant proof of wrongdoing and the MPAA’s involvement,” Rothken said. “We think it’s ironic for the MPAA to claim that they are protecting the rights of the movie studios and then go out and pirate other people’s property.”

From Cnet: “One MPAA executive is quoted in Torrentspy’s lawsuit as saying: “We don’t care how you get it,” referring to the alleged assignment to dig up information on Torrentspy. ”

Either way this is gonna get very ugly in the process. [CNET]