Thursday, December 17, 2015

There're 35.000 unsafe data bases on Internet and increasing

"In this moments there're at least 35.000 MongoDB data bases available publicly, without authentication, on Internet", has written the founder of Shodan search engine, after the recent data theft of 13 millions user of MacKeeper. We'll explain this information and also the data about the global increase of data bases thefts, a serious failure in the launching of Linux and the last adventure of the popular iPhone hacker George Hotz.

John Matherly, founder of Shodan, has written on his blog the number of unsafe MongoDB data bases on the network has increased in 5.000 since the last time counted, in July. Today are 35.000, hosted mainly in Amazon, Digital Ocena and Aliyun (Alibaba). The principal problems in these data bases are the non-update to new versions and safer configurations and the unused of firewalls.

The health data, the most exposed

Knowing that, we don't surprising the steal of data bases still increasing. According to the Identity Threat Resource Center, in 2015 it would have counted 750 big data thefts that would have exposed 177 millions data. This means an increase of 0.8% in relation to 2014. The data most chased by the criminals are focused in the health sector (68,4%), governmental sector (19,2%), business sector (9,1%) and bank sector (2,8%).

28 spaces

But the great new of today isn't about a data theft but a enormous failure on Linux, specifically in his launching. It was discovered by two researchers of the Valencia University, who presented it in the past edition of the IX STIC CCN-CERT conference. The failure can reproduce in determined circumstances and give access to the machine without password. You only have to press the space bar 28 times in the authentication phase. If the computer resets or appears a rescue screen, the GRUB launch is vulnerable.

"This is driving, yeah"

 We finish describing the last adventure of a great hacker of our times, Geroge Hotz, the first who hacked iPhone and Playstation. Now he's focused in the creation of his own car without driver. The article says Tesla asked him to work with them, and Hotz answered he prefers working in his own car, a tuned Acura ILX with a self-driving technology designed by himself, with a radar system based in laser, cameras and other stuff. The car, of course, works with Linux.

As Hotz says, in a world where the cars (and almost everything) are become in computers, who's better than a hacker to design it? 


Post a Comment