You can now hack your car legally a printer can also be a fake cellphone Tower and did the Murai Botnet actually take down
Liberia all that coming up now on threat wire
[Introduction]
Greetings, I am Shannon Morrison
This is threat wire for Tuesday, November 8, 2016 your summary of the threats to our security privacy and internet freedom first off
I want to give a big thanks to our patrons at patreon.com slash threat wire you fund the making of this show?
So thank you for letting us bring you to security news every single week our first story
To hack or not to hack that is the question when it comes to your personal devices
Generally, you would want to have all of the manpower that you would need but for many devices
It's been illegal to reverse engineer their software code, or hack the hardware
the DMCa section 1201 gave companies the ability to submit a lawsuit
Against any consumer if that consumer hacked their own devices devices that they had purchased or items that they had owned
Sony and John Deere Tractors had both sued and threatened to sue consumers respectively
Allowing customers the ability to hack their own device will have a positive
Impact it will allow security researchers to legally reverse engineer code on copyrighted [devisors] and potentially steer
Manufacturers Towards greater privacy and security awareness the digital Millennium copyright Act was updated
Just last year by the library of Congress's copyright office to allow for exemptions on certain types of hardware and software
including forms of security research and digital repair of vehicles, so yes
You can now legally hack your car the exemptions went into effect late last week and are on a two-year trial
period Just two years
Security researchers must use a controlled lab for their own testing so that it doesn't endanger other individuals
I feel like I shouldn't have to say that but you know just don't hack people you're not allowed [to] hack if all goes well
The ban against reverse engineering could be lifted for good after [the] next two years
[Trolololololol]
law in a great example of the poorest security that we face by using cellphone signals
Julian Oliver a hacker and artist in Berlin
created a fake cellphone tower
Inside a regular office printer like any printer that you would find in pretty much any office
And he called it the stealth cell tower oliver used a raspberry Pi Ax blade rf Sdr
- GSM antennas and an HP laserjet
1320 to set this up and allowed the device to [man-in-the-Middle] voice calls and Sms messages Via GSM
Similarly to the IMSi Catchers called stingrays that saw their moment in the spotlight when government documents were released publicly
Stealth cell tower sits near its victims in a regular office printer and spoofs cell towers kind of [duh]
So when a cell phone connects to it it can send the phone a text it can read a text and it can even print
The text messages out on a piece [of] paper since it's inside a printer the device can also call a user and play
Mp3s over the speaker in a person's phone
Oliver wanted to demonstrate the privacy flaws that we deal with on a day-To-day on cell connections and
Suggested using encryption apps like signal which is encrypted end-to-end so even if a phone does accidentally connect to a spoof tower
It'll still be encrypted he also mentions that this could be illegal depending on your country so just don't try this at home
But if you do the code is on his website
Everybody freaked out
Last week tons of Media Outlets reported that the Mirai
Botnet which uses
Insecure internet of things devices to send tons of garbage data at a victim in an attempt to make their servers basically puke
Was used to take down an entire
Country that being Liberia in Western Africa a tldr version and actually didn't take down the entire
Country Clickbait wtF the claim was that a ddos attack was maintained against a telecom that owns the one submarine
internet cable that goes into liberia and that the attack was of more than
500 gigabits per second now while Akamai does report a lower traffic level in
Liberia during the day of the attack this could also be because that was a national holiday in Liberia, the
Submarine cable monitoring system showed
No downtime for that day and multiple sources did confirm that Mirai was used against a telecom provider
But no data shows that it took the entire country offline so moral of the story
Look for multiple sources that can provide actual data to a claim and be skeptical of what you read on the internet
Don't click on those clickbait titles now. We do have [a] comment of the week this week last week
I asked should counter hacking be legal and our comment of the week comes from Sarah Dee who writes in the real world you [have]
a Moral
And in most places legal right to defend yourself and others against
Unjustified attacks in the uk we have lost surrounding the concept of [self-defense]
Using reasonable Force as I understand it the us has similar laws not to mention the whole [second] [amendment] thing
Hacking can certainly be considered a weapon and in my honest opinion
there's a strong moral argument that counter hacking is simply a form of self-defense, [so] long as [you're] within the boundaries of
Reasonable Force which usually boils down to you can use enough force [to] stop the attack
But any additional Force is considered revenge rather than self-defense
Thank you so much, Sarah. Dee for your comment
[of] course you can share your comments on today's stories below for a chance to be featured in next week's episode
Thank you again for being patrons of threat wire as well
You can contribute on patreon.com slash threat wire to get your name on threat wired net which was just updated for our november
Patrons as well as your own for baby in the shell like these ones. [I] know one of those personally I know peter
He's adorable. He's such a long cat that he can actually reach up to an ice machine and get ice out of a refrigerator
He is so long if everyone that watches the show donates $1 per [month]. We would successfully cover all of our fees like rent
We got bills to pay like electricity plus
I want to get a new camera for the show
Now of course if you cannot contribute you can give the show a thumbs up and you can subscribe on YouTube comm Slash Hack 5
Definitely helps and it gets the word out [there] [to] a lot more people
I want to see if we can get this episode to [two] [thousand] likes this week
I know that we can do it. I know you guys are watching the show so just hit that little like button
It doesn't hurt and you can find all of our episodes links to our social networks in other ways to contribute over at threat wire
Dotnet with that. I am Shannon morse. I will see you on the internet
My apple box is a skateboard
