Day: June 18, 2011
With Google’s new Search Image you can explore the web in an entirely new way by beginning your Google search with an image. With this feature you can learn more about images on the web and your own photos.
Most importantly for designers and photographers it’s now possible to find violations of copyright.
It’s especially easy to use with the Google Chrome plugin.
The mischievous hacking group LulzSec has posted an unusually serious statement to mark their 1,000th tweet, and for the first time it explains in some detail why they’ve gone on a month-and-a-half long hacking spree claiming the likes of PBS, SonyPictures.com, and an FBI affiliate as victims.
In one way the statement seeks to justify the group’s server breaches and data thefts as a warning to anyone who uses the Internet: that we are too complacent about the security of our data online.
This is what you should be fearful of, not us releasing things publicly, but the fact that someone hasn’t released something publicly.
In other words, just because it hasn’t been announced that someone has stolen our email passwords, that doesn’t mean it hasn’t happened. There are plenty of “blackhat” hackers out there pilfering data in the same way, but they don’t announce it to the world, LulzSec says, or how easy the process was. After announcing its hack on SonyPictures.com, for instance, LulzSec pointed out that Sony had not encrypted user information and passwords, but stored them in plain text. Still, this argument is partly a matter of circumstance – the group could have been doing the same thing 15 years ago but not been able to make the same point about the susceptibility of our data.
LulzSec also admits that they carry out their attacks because doing so is fun and “lulz”-worthy. While this logic will resonate with anyone who regularly visits image boards like 4chan, a piece of Internet real estate where unidentified users often collaborate on pranks, many will still question this logic:
Most of you reading this love the idea of wrecking someone else’s online experience anonymously. It’s appealing and unique, there are no two account hijackings that are the same, no two suddenly enraged girlfriends with the same expression when you admit to killing prostitutes from her boyfriend’s recently stolen MSN account.
And right now, the group seems to have gone beyond caring about the consequences:
We’ve been entertaining you 1000 times with 140 characters or less, and we’ll continue creating things that are exciting and new until we’re brought to justice, which we might well be. But you know, we just don’t give a living f*** at this point.
Ultimately, LulzSec with their quickly-amassed 187,000 Twitter followers, are aware that they’re only enjoying a brief moment of fame.
You’ll forget about us in 3 months’ time when there’s a new scandal to gawk at, or a new shiny thing to click on via your 2D light-filled rectangle.
The state ends with “Thank you, bitches, Lulz Security.”
Read the whole thing here.
Nobody yet knows for certain whether they have been allocated 2012 Olympic event tickets. Until June 24, when confirmations arrive, there remains the risk that some people will have been the victim of cybercrime.
Until this uncertainty and the concern it has created has abated, below are some top tips courtesy of VADition on what do if you are concerned about the risks you may have been exposed to during the Olympic ticket application process.
1. If an ‘Olympics’ related sum has been taken from your account, do not assume that it is bona fide just because it says ‘Olympics Tickets 2012’ or some other official sounding reference. Contact your bank or card provider to query the origin of the transaction.
2. If you receive any correspondence pertaining to be from the Olympics authorities, read it carefully for spelling errors, peculiar language or anything else that doesn’t look quite right. If in any doubt, share the correspondence with the Olympics authorities yourself before accepting that any of the information is true, or following any instructions on it.
3. If you need to access the Olympics ticket website again, do so by entering the full website address manually into your browser window. Do not click any links you have received or used before, as these can be spoofed (i.e. redirect to another address different from the one you see on the page).
4. If your bank or card provider proactively contacts you regarding any specific bank transaction, or about your account in general, remain extremely vigilant to phishing threats and be cautious about disclosing any personal information.
5. Continue to routinely check your bank statements carefully. If your account details have been stolen, it could be some considerable time before the thief decides to take advantage.
6. For more guidance, consider a government endorsed, independent provider of authoritative advice like Get Safe Online. Or consider placing a fraud alert on your credit reports. Your bank should be able to help you do this.
SEGA Pass, the gaming company’s member database and online network, has been hacked.
SEGA took the SEGA Pass system offline Thursday. Friday morning, it sent an email to Pass members alerting them that an unauthorized and unidentified third party had gained access to the SEGA Pass database.
Members’ email addresses, birth dates and encrypted passwords were obtained in the attack, according to the company.
SEGA is also telling members that it has reset their passwords, that all access to SEGA Pass has been temporarily suspended and that Pass users should consider changing their passwords on other sites.
No party has stepped up to claim responsibility as of yet, though hacker group LulzSec tweeted at SEGA Friday morning: “We want to help you destroy the hackers that attacked you. We love the Dreamcast, these people are going down.”
The full contents of the email SEGA sent to Pass members can be seen below, courtesy ofPlaystationlifestyle.net:
As you may be aware, the SEGA Pass system has been offline since yesterday, Thursday 16 June.
Over the last 24 hours we have identified that unauthorised entry was gained to our SEGA Pass database.
We immediately took the appropriate action to protect our consumers’ data and isolate the location of the breach. We have launched an investigation into the extent of the breach of our public systems.
We have identified that a subset of SEGA Pass members emails addresses, dates of birth and encrypted passwords were obtained. To stress, none of the passwords obtained were stored in plain text.
Please note that no personal payment information was stored by SEGA as we use external payment providers, meaning your payment details were not at risk from this intrusion.
If you use the same login information for other websites and/or services as you do for SEGA Pass, you should change that information immediately.
We have also reset your password and all access to SEGA Pass has been temporarily suspended.
Additionally we recommend you please take extra caution if you should receive suspicious emails that ask for personal or sensitive information.
Therefore please do not attempt to login to SEGA Pass at present, we will communicate when the service becomes available.
We sincerely apologise for this incident and regret any inconvenience caused.
We are contacting all our members with these recommendations.
If you have any further questions please contact SEGA customer support on firstname.lastname@example.org
Image courtesy of Flickr, Redherring1up