Hey folks, Secure your networks!
I know we have some information pertaining to such things such as:

http://informationleak.net/index.php?p= ... s&id=47803
http://informationleak.net/index.php?p= ... s&id=47851
http://informationleak.net/index.php?p= ... s&id=47800
http://informationleak.net/index.php?p= ... s&id=47808
http://informationleak.net/index.php?p= ... s&id=47847


but in case you never read it, perhaps now is the time... or maybe its too late.

Anyone out there reading this have an insecure wireless network and live in Europe?
If so, theres a chance you just got "hacked" by Google.

Yeah. Its not ALL over the papers QUITE yet, but heres the skinny:
Apparently Google's Street View cars were collecting more than images and coordinates. They are also actively searching out SSIDs from wireless networks, and collecting info such as mac addresses and such of the APs... which isnt terrible, really... except that they were
also grabbing data off insecure (aka open) networks as well.
What we're looking at here is quite possibly the worlds largest collective wardrive. Crazy.

So for those non-techy people, this means that those Google Street View cars were sniffing the air and grabbing up information (not sure exactly what yet) from open or insecure networks, which COULD (note the emphasis on COULD) have been lists of MAC addresses on the network (how many devices and possibly what they are and where they are from according to the OID as well as the operating system) lists of sites visited - including searches, usernames and passwords (depending on content encryption methods), particular software and/or services being used, even phone conversations (in the case of VOIP systems)



Woa.

So Friday Google apologized and in summary said, "Hey, sure we got some SSIDs and MACs, but we dont have any information on what was going on within the network".
http://googlepolicyeurope.blogspot.com/ ... -cars.html

Then later Google said, "Whoops, ok, so we DO have some information on what was going on within the networks after all. Not much information was gleaned from the operation however... just about 600 gigs worth."
http://googleblog.blogspot.com/2010/05/ ... pdate.html

Holy poop.
Well...
Now it seems Google will stop its Street View cars from collecting Wi-Fi network data entirely.
Probably wise, in my opinion.

Moral of this story?
Encrypt up folks. That is all.

Matter relating to the matter:
http://blogs.pcmag.com/securitywatch/20 ... ifi_pa.php
http://blogs.forbes.com/firewall/2010/0 ... ers-wi-fi/
http://googlepolicyeurope.blogspot.com/ ... -cars.html
http://googleblog.blogspot.com/2010/05/ ... pdate.html
http://www.huffingtonpost.com/2010/05/1 ... 77015.html
http://www.pcworld.com/businesscenter/a ... k=rel_news
http://www.pcworld.com/article/196423/g ... ials.html/
http://static.googleusercontent.com/ext ... Letter.pdf

Hey remember when I said that hacking was just being creative and sometimes lucky?
Of course you dont. I barely remember writing it. http://informationleak.net/index.php?p=news&id=51085
Anyways, heres a great example:

A Turkish guy named Bora Kırca ("Kur-jah" which Im told by my Turkish speaking friend means "breaking" or "break you" which is pretty much too good to be true considering the following:

This dude apparently likes a group named "Accept" (http://www.youtube.com/watch?v=req-oDf2ZRc) and he tweets "accept pwnz" - pretty standard so far, right?
...but instead of seeing this post, he sees twitter user "pwnz" follows him.

lolwat?

A few more experiments and the next thing you know he starts doing exactly what you would have done.
Made famous people follow you.

Then the Turkish version of 4chan picked it up...
The someone translated it in English...
... and that my firends is how heavy metal hacked Twitter.

and so in closing, if you were looking for exploits in this, why are you still reading this when you could have a dummy account set up and start sending stings like #login, #recover, #sendbacon to the test account to see what happens - The way I see it if "accept" is a command, theres gotta be more.

Good story at least, dont you think?
Rock on, Accept. Rock on.

Comcast just got the appeal it was looking for after suing the FCC, saying that FCC doesn't have the power to regulate it.

Yeah I know, I write about this kind of thing entirely too much. Everyone seems to like posts on tying light in knots and such, and believe me, I do too - its just that I often dont have any time to write something worth reading and when I see stuff like this I feel a duty to share whats going on with as many people as possible in the hopes that the public (see:consumer) can take some steps to do what they feel is right. Call me a dreamer.

That being said...
In case you havent been following this like most of the country, what happened was this:

Comcast blocked bitorrent (p2p) traffic outright on its networks.

This meant that their customers no longer had access to many services.

The FCC stepped in and told Comcast they must stop blocking web access and fully disclose its traffic management practices to subscribers

Comcast sued the FCC to overturn its order

... and now the order was overturned.

Ok, so what does this all mean? Im not really even sure.
I mean, Comcast can now block or degrade services to whatever it feels like, apparently, which sucks for Comcast customers. On the other hand however, the court didn't rule that Net Neutrality itself isn't constitutional - just that the FCC didn't have the power to enforce it... which isnt a terrible thing either.

So whats good about either?
Whats good is that its possible that Comcast can use the data shaping to streamline its network, making it faster and more reliable.

The good news about the FCC not having have the power to tell Comcast, or any ISP for that matter to be net neutral is that something like that could give the FCC way too much power and could end up in a government run/owned internet. As we've seen seen in Iran, Italy, China, (etc) and more recently Australia, the moment regulators get their hands on anything will try to slowly squeeze the freedom out of it.

So whats bad about either?
Whats bad is that Comcast can pretty much do whatever it wants with its traffic, which means many services can be blocked or degraded to the point of uselessness at will, for no reason other than "Because we say so". For instance if Mircosoft decides to pay Comcast enough for it to use their search engine (Bing) exclusively then Comcast could block google and all google services if it wanted to in order to ensure it gets its paycheck from Microsoft. Of course, thats an extreme example, but if it all goes bad then look back at this post a few years from now and be awestruck at my apparent uncanny predictive abilities.

Whats bad is that no one (including the FCC) can stop Comcast from doing something like the above example. Whats worse is that many many people (myself included) like in "mini-monopoly" areas where one ISP is the only game in town, or any others arent anywhere near the speed and/or cost to be comparable.

Mad? Don't write on your facebook page... CONTACT YOUR ISP NOW. I already did, so now I'll post it around. I hope you do both as well.
So what now? Honestly I dont even know what to think anymore. I suppose I would personally rather have a bad ISP (Comcast) than a bad government (FCC). Its much easier to switch an ISP than a country.

Hopefully some more interesting posts to come...
Oh, look! Reference links and opinions!

http://www.dailytech.com/US+Federal+Cou ... e18068.htm
http://www.nytimes.com/2010/04/07/technology/07net.html
http://pacer.cadc.uscourts.gov/common/o ... 238302.pdf
http://online.wsj.com/article/SB1000142 ... stpop_read
http://arstechnica.com/tech-policy/news ... ocking.ars
http://techdirt.com/articles/20100406/0930118895.shtml

There is so much stuff going on right now with ridiculous copyright and censorship scenarios that its hard to keep up with them, or even believe its real. Sadly, its real all right.

Here's an example:
Ever hear of Encyclopedia Dramatica? No? Honestly, who cares. Its kind of like the offensive version of wikipedia.

Here's the situation:
Apparently theres an article on Aborigines (native Australians) that the Australian Human Rights and Equal Opportunities Commission (HREOC) is upset about... and I dont doubt it.

Here's the WTF factor:
They are threatening to take the site admin (Joseph Evers) to court where he faces fines!

This is really wacky because Mr Evers is a US citizen on US soil and the site with the article is hosted on US soil, where we have this little thing called the 1st Amendment that protects free speech. Apparently the HREOC doesn't give a rats ass about that as they cited some case from 2002 where some websites content was considered published in Australia since it was viewable in Australia even though it was served in the USA!

I decided to write something up before I needed it. Its filed under "IL take down response". Here it is for your review:

Dear _______________, [foreign gov institution]

First I would like to thank you for contacting Information Leak! We love to hear from you!
Now then, onto the matter at hand:
After painstakingly reading over the [legal threat, take down notice] that you have issued to us, we would like to reply with accordance and respect as such:

HA HA HA HA HA HA HA HA HA!...
(slight pause for a deep breath while wiping tears from eyes)
...AHA HA HA HA HA HA HA HA HA!

Whew. Thanks so much for that onslaught of hilarity.
As much as we enjoy your comedic stylings, we will have to ask you to please refrain from wasting valuable manpower, effort and time contacting us about such matters that are guaranteed to us under the American Constitution, and apply to us as we are hosting in the USA and the site admin/founder/owner lives in and is a natural born citizen of the USA.
The topic of the correspondence you have sent is probably one of the reasons we do not live in your shitty country and probably (see: likely) pray for it to be wiped from the face of the Earth at the universes earliest convenience.

We are upset (see: not really) that you do not share the same ideals as us and wish you the best (see: not really) in your future endeavors.

So long and thanks for all the fish!
-Information Leak

So here's something to ponder HREOC (by the way, you have THE WORST acronym I have ever had the displeasure of trying to remember) as long as we are doing some wacky shit:

I saw a video of a woman driving a car in Australia. This is restricted in Saudi Arabia under Sharia. Please send that woman to Saudi Arabia immediately to be reprimanded according to Sharia law. Ive also seen some Aussies drinking in public on various internet videos, and also demand that these individuals be deported to Saudi Arabia to be flogged in accordance with Sharia law.

Ok, HREOC... all kidding aside though, fuck off. Seriously.

Note: the language and opinion in this and every other post on Information Leak is protected under the 1st Amendment of the US Constitution. Any attempt to remove the rights guaranteed by the 1st Amendment may prove difficult due to the 2nd. Have a nice day.

References/facepalms:
http://www.blog.encyclopediadramatica.com/?p=84
http://www.hreoc.gov.au/racial_discrimi ... index.html
http://www.cbsnews.com/8301-504083_162- ... 04083.html
http://www.tgdaily.com/business-and-law ... us-website
http://www.techdirt.com/articles/201003 ... 8580.shtml
http://news.ninemsn.com.au/technology/1 ... ce-charges

I can finally use this old joke Ive been holding onto for years. Ready?

"Why is Italy shaped like a boot?"
"Because you cant fit all of that bullshit in a shoe."

Ok, please stop groaning and/or chuckling and lets get to the "WTF now?" section of this post.
Actually, rather than go over the whole thing myself in this instance I thought it best if it came right from the horses mouth since it was well summarized in my opinion (in this case the horse is Matt Sucherman, Googles VP and Deputy General Counsel for Europe, Middle East and Africa):



Seriously. You aren't dreaming. This actually happened.
I say if this is how its going to be, pull the net out of Italy altogether. Nothing is safe according to this suit. You now potentially can be liable as a provider for any/all content users submit. This means any medium that users can insert anything into (pictures, video, text) could be potentially offensive and therefore as a safety measure must be removed from Italian access or face legal repercussions.

This means twitter, all social networking sites, all photo and video sharing sites such as photobucket and imageshack, all forms of chat, and even email.

The overall implications of this are astounding.

Attention Italy!
The abbreviation of your country has just been changed from IT to IY!
Your country will no longer share the same abbreviation as "Information Technology".
That perk has been revoked.

Now that I think of it, making sure access to information is monitored for "abusive material" has been done in Italy before.
Im trying to remember who was responsible for that...
Oh yeah, now I remember. Berlusconi.
No, wait... that's who is doing it now...
I was thinking of someone else...



Mussolini! Thats who it was! Whatever happened to him?
Its coming back to me now.
Wasnt he shot in the chest, then kicked, and spat on, hung upside down on a meathook and stoned?


Check this out if you would like to see just some of the day-to-day censorship the Italian citizenry are subjected to.
http://www.chillingeffects.org/search-c ... le.it&q1='
Try a few searches. Kinda crazy. Never guessed that was happening did you?

Here's is another interesting article on Italian censorship:
http://edri.blogactiv.eu/2008/09/26/the ... italy-but/

I really hope that the Italian public wakes up and starts doing something about this type of thing.
Maybe pulling the plug on Italy would be a much needed slap in the face to incite and wake the general public.

Related reading for further proof that this isnt a bad joke like the one I told:
http://googleblog.blogspot.com/2010/02/ ... italy.html
http://news.yahoo.com/s/ap/20100224/ap_ ... ogle_trial
http://www.dailytech.com/Italy+Convicts ... e17766.htm
http://www.tgdaily.com/business-and-law ... ourt-rules
http://www.pcmag.com/article2/0,2817,2360396,00.asp
http://news.bbc.co.uk/2/hi/technology/8533695.stm
http://online.wsj.com/article/SB1000142 ... TopStories
http://money.cnn.com/2010/02/24/technol ... onviction/


Update:

I swear I may strangle someone over this situation.

Heres a generalization of some comments Ive heard.
Note C = comment and R = rebuttal.

C: Google is responsible for what it has on its servers much like a property owner is responsible for what happens on their property.
R: The government is not responsible when you crash your car while using their property (the road). You are not responsible if 20 white supremacists decide to hold a meeting on your front lawn without your knowledge.

C: Google should filter the videos posted.
R: No way is that possible, especially when a site like youtube is free. Also, if by some miracle Google was able to have a staff that was able to keep up with the amount of video uploaded daily - (every minute, 20 hours of video is uploaded to YouTube - http://www.youtube.com/t/fact_sheet - for once I will let you do the math on how many staffers working 8 hour shifts that would take, please email me your answers and equatations ) who are these staffers to decide whats deemed "unacceptable"? Whats acceptable in some countries isnt in others. Its a nearly if not completely impossible task.

Back on point though, This ruling is scary.
What this means is that if a host is responsible for what its users say/do, then by that logic the following applies:

All telecom companies are liable for the content on their wires if I call someone up and abuse them. Imagine prank callers bankrupting the telcoms from the resulting lawsuits?

Carriers and shippers are liable for their content if I deem a package or item I receive to be offensive in some manner (OMG this packaging looks kind of like nipples!)

If I get on a flight and get into a confrontation with another passenger, the airline is liable.

I got an email about Viagra that I find offensive! The ISP and email provider are liable!

I just received my newspaper and found an article offensive. Looks to me like the post system has a lawsuit on its hands!

I typed "tit mouse" into googles image search and was offended at some of the results! Googles liable AGAIN!

Some kid just walk past me wearing a t-shirt with an offensive slogan on it. Quick! Sue the retailer he bought it froms executives!

I could go on and on (actually, I kind of did... sorry) but to summarize, the way to solve this issue in my opinion is to just completely pull your services from the entire country. Let them sit there with no outside stimulus related to you in any way that may possibly offend them and cause them to file more lawsuits.
Maybe the affected public will start removing the people in power that are making these incredibly stupid decisions.
Maybe.