Tuesday, March 31, 2015

US government agents, caught doing dirty business in Tor

It is the story of the day: two officers; one from the DEA and one from the secret services; have been arrested in the United States for making profit as spies during the investigation against Silk Road, which was the most famous black market in the Tor network. Bizarre story where they exist, that we know the same day they publish that cybercrime already exceeds drug trafficking profits. 

According to the indictment of agents Carl Force, from DEA, and Shaun Bridges, from Secret Service, both played as double agents during the investigation that led to the closure of Silk Road, by selling information to the site administrators about the steps followed by the Police. Besides, they helped planning the murder of one of the contributors to the site, which ultimately was not carried out. Actually, the story is worth a film.

Another story hard to believe it's the one starred by the site Uber, which helps their users to share a car. After knowing the robbery of information from 50,000 owners of registered vehicles in Uber two weeks ago, various media warned yesterday of the sale of these credentials on the black market, between 1 and 5 dollars apiece. Surprisingly, today the company still denies there was such a theft.

While such things happen in the underworld, security research continues, for better and for worse. These days are celebrating the Blackhat Asia conference, where a former employee of Tesla has unveiled a device with an open source program that can connect to electric cars computers, change its settings and find faults, either to solve or to exploit it, according to the moral standing of the attacker. He sells his gadgets for $60.

Finally, a story from the Birmingham University sets an interesting line of inquiry against malicious code: studying how we use the computer, how we gesticulate, our speed typing, how we open a program... so the computer knows us, and also knows if who is conducting an action is us or someone external, as an intruder or malicious code. The same can be applied as a two-factor authentication: if you don't type your password as you usually do, then something is wrong.

This Tuesday, which incidentally is the World Backup Day, has left us some interesting news. Good time to plan a backup, isn't it?.


Post a Comment