lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <op.vz0hhrl8fb6qtc@emlt>
Date: Wed, 10 Aug 2011 14:54:53 -0400
From: "Eric McCann" <nuclearmistake@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: DEF CON 19 - hackers get hacked!

<-- got pwned

I spent 90% of the time with my Windows (I like koolaid. deal with it) laptop on a 4g My-Fi up in my room, and had my droid 2 global on 3G most of the time.

Saturday-ish, I noticed alot of "hey, what's your password again?", and said "NO YOU" to most of them, but didn't really have a sense that they were suspect until I read this thread.

Saturday around noon I got this email in my gmail inbox... FROM "MYSELF".

"""
Hello, Eric. I have your laptop, and it won't let me log off your account. I was wondering if you could tell me? Anytime I go on to my account, it always directs me to yours. Do you mind informing me on how to log off your account for good? I have no intention of hacking or sabotaging your account. Thank you,
  Aislyn

P.S. I fixed your laptop. I believe you left it at the dump.
"""

I promptly responded with something along the lines of, "Describe my laptop...... and go ________ yourself", closed all existing google sessions, changed my password a few times, and enabled 2 factor authentication.

The only ongoing issue I've noticed is my feeling of regret that whoever sent the email will never be able to respond my reply. :-(





On Wed, 10 Aug 2011 14:17:25 -0400, coderman <coderman@...il.com> wrote:

> lots of misunderstanding...
>
> On Wed, Aug 10, 2011 at 2:21 AM, coderman <coderman@...il.com> wrote:
>> ... some characteristics:
>>
>> - full active MitM against CDMA and 4G connections from Rio to carriers.
>
> 802.16/ClearWire/Sprint4G
>
> did not have LTE to test with.
>
>
>
>> how to tell if you *MAY HAVE* met the beast at Rio:
>> ..
>
> of course many of these seem innocuous or unrelated. that's the point
> and why attacking via these methods was effective.
>
> there are situations where signal and link would be bad just given
> congestion and noise floor.
>
> however i am speaking to particular effects when the MitM was taking
> over a connection from target to the carrier and redirecting through
> itself. this was done in a manner that causes some effects described.
>
>
>
> sorry media, no inquiries. i bet you can find people to talk to; try
> reddit and twitter:
>   http://www.reddit.com/r/netsec/comments/jeis7/full_disclosure_def_con_19_hackers_get_hacked/
>   http://twitter.com/?q=defcon+cdma#!/search
>   http://twitter.com/#!/search/defcon%204G
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>


-- 
Eric McCann
    University of Massachusetts, Lowell
    Department of Computer Science
    One University Avenue
    Olsen Hall, Room 304
    Lowell, MA  01854
Lab:  		   978.934.3385
Email:           emccann@...uml.edu
Homepage (lab):  www.cs.uml.edu/robots
Homepage:        www.emccann.net

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ