Monday, October 28, 2013

Spy me if you can

It’s my first class of the semester at New York University. I’m discussing the evils of plagiarism and falsifying sources with 11 graduate journalism students when, without warning, my computer freezes. I fruitlessly tap on the keyboard as my laptop takes on a life of its own and reboots. Seconds later the screen flashes a message. To receive the four-digit code I need to unlock it I’ll have to dial a number with a 312 area code. Then my iPhone, set on vibrate and sitting idly on the table, beeps madly. I’m being hacked — and only have myself to blame.

Last article by Professor Adam L. Penenberg begins with vibrant. It tells how he challenged months ago Nicholas Percoco, senior vice president of Spider Labs, and his ethical hacking team, to perform a personal penetration test (or personal pentesting). It was not the first time for him to do something similar: 15 years ago he asked a detective to figure out details of his personal life, and well, he did, using only information available and accessible via online.

Certainly in the cloud there is more information than we would like to imagine. Spanish researcher Chema Alonso boards on his last post a thorny issue: the amount of e-mails from Gmail that are available to anyone. He adds a mocking headline about the current trend of naming "leak" to anything : "79,400 Gmail URLs indexed in Google is not a leak". Interestingly, after this incident to notify Google, and the "evasive" answer from the big G, 50,000 of those URLs are volatilized.

The most serious incident in the cloud over the past weekend has been starred by an unofficial descendant of another Google service, Reader. Some Feedly users saw their accounts started spamming Facebook with messages without rhyme or reason, or were told that they were sharing very freak content. Feedly immediately cut the bleeding, but still thousands of users have had to manually delete their publications.

And the worst news in Spain, home of this Research Center, was released yesterday by the newspaper El Mundo. It was not unexpected, but even that it’s a great scope (and scoop): as it was easy to imagine, the NSA also spied million phone calls in Spain, up to 60 in one single month. The headline has been collected even by some English-language media, including NBC News. To top it, the NSA itself has gone to the news this weekend because of an alleged unlawful access to their servers. The Agency said it was nothing to care about, but a scheduled and controlled system break.

We talked at the beginning of this post about cloud security. Let’s close it the same way, thanks to the new whitepaper by Help Net Security, entitled "Security and the cloud, a perfect matching pair”.


We invite you to rate our posts, to leave your comments and to share them on social networks. Also, if you want you can follow us on our profiles. At the sidebar, you’ve got the links ;-)


Post a Comment