[Infowarrior] - A Group 'Hacked' the NSA's Website to Demonstrate a Widespread Bug
Richard Forno
rforno at infowarrior.org
Wed Mar 4 13:13:32 CST 2015
A Group 'Hacked' the NSA's Website to Demonstrate a Widespread Bug
Written by
Lorenzo Franceschi-Bicchierai
March 3, 2015 // 07:28 PM EST
A group of researchers only needed $104 and 8 hours of Amazon’s cloud computing power to hack the NSA’s website. And their feat was made possible by a bug that, ironically, was practically created by the NSA itself and its anti-encryption policies from 20 years ago.
The NSA’s site was just the guinea pig to demonstrate a newly-disclosed internet flaw called FREAK.
The bug, first disclosed on Monday by Akamai, allows an attacker to intercept a supposedly secure connection between people using Android or Apple devices and thousands, if not millions, of websites. This gives the hackers the chance to impersonate said website and steal confidential data like passwords and logins.
Now, as crypto expert Matthew Green correctly pointed out, this wasn’t really a “hack.” Mounting a man-in-the-middle attack against NSA.gov is not the same as hacking the NSA (as an always-appropriate XKCD cartoon illustrates)…….
< — .>
http://motherboard.vice.com/read/a-group-hacked-the-nsa-website-to-demonstrate-widespread-bug-freak
--
It's better to burn out than fade away.
More information about the Infowarrior
mailing list