FaceBook Profile Leak

Hacker Ron Bowes used a scraper to grab the name and profile URL of 171 million FaceBook users. You might think he would sell this information. But he did not. Instead he blogged about it on the Scull Security blog. He also uploaded the data in text files as a 2.8 gigabyte torrent to the Pirate Bay.

Bowes used a script that interrogated the Facebook public profile directory. All of this is publicly available data. Search engines like Google have access to this information already. You can tell whether your data is publicly available on FaceBook by seeing whether "search for me on FaceBook" is set to everyone in your settings. You can also see whether "enable public search" is checked in your settings.

I am going to download this large torrent and see what this data is all about. Probably will just get usernames and URLs. Then perhaps I can write a small program that scrapes the profiles and builds up my own database. Not sure if I have enough bandwidth, disk space, and processing power to do that. We shall see.

WikiLeaks Disclosure

It seems WikiLeaks is the big story these days. I read about them on the front page of my local paper. There were links to their recent disclosure all around the web. What they did was post a massive amount of classified information about the war in Afghanistan.

I downloaded all the data from WikiLeaks and am still waiting to be impressed. It seems that what they have is a whole lot of small reports of incidents. There is more formatting than actual content there. You get a blurb about some Afghanistan incident. You have counts of if anybody got killed. And they tag whether it was friend or foe.

In my mind, I was thinking there would be some juicy details of being there in the war. Instead I got a huge amount of small entries which were initially classified by the government. Maybe I will uploaded all this data to a database. WikiLeaks makes it easy by providing scripts to uploaded the data. However I still think I will not be wowed by their data. All they show is that there is a source willing to give them classified government information. The actual data is a bit boring. Next.

Old School Hacking

Check out a book online called Hackers : Heroes of the Computer Revolution. This book covers monumental events from the hacking world of the 1970's and 1980's. Let's look at the topics of some of the chapters.

Of course they need to talk about the Homebrew Computer Club. It was a meeting for electronics hobbyists. They first met in 1975. The meeting was held in a garage in California. Apple cofounder Steve Wozniak attended.

Woz gets his own chapter. He build his own computer before personal computers were around. It was based on the Motorola 6502 processor. Of course Woz worked with Steve Jobs back in the early days.

The book talks about the origins of Altair BASIC. It was created by Microsoft ihn the early days. The thing was immediately pirated, causing Bill Gates to write a letter to the thieves. This is the BASIC that was involved in the creation of the now defunct Doctor Dobb's Journal.

BitTorrent Contest

BitTorrent is sponsoring a contest. You got to design an app that uses their software development kit. The SDK is restrictive in that you can only code in HTML and JavaScript. The top prize is a grand and prime app placement.

Hey. I bet anybody could use an extra thousand for toys. However I cannot imagine you making any money off an app for BitTorrent. These users are trading files for free. They want stuff for free. If you try to sell the app, somebody is going to get ahold of your app and trade it for free.

Still I find this an interesting challenge. Too bad I am concentrating on learning how to write applets in Java right now.

Ideas From War Games

I am watching War Games 2, the movie. Started out looking like a serious B movie. There are no real stars in this thing. However there are some interesting ideas in there.

The government put a type of war games on the Internet. This game offered real cash for people who could get to level 5. However those who made it got targeted for surveillance.

The problem was that the computer that tried to get players and track them got smart. This program is called Ripley. Too bad it did not need human intervention.

I did get a few laughs out of the main character doing some hacking. He gained the trust of his neighbor. Then he used his neighbor's online banking account to "borrow" some cash.

The main character also dealt with stolen credit cards, and also some prepaid phone cards. The dude liked playing online games. He also was a true to heart hacker.

Robin Sage

Some time ago, a woman named Robin Sage started appearing on social networks. She was supposed to be in her twenties. She was supposed to have worked for the Naval Network Warfare Council. As you might expect, she was getting connected with military personnel.

The online persona looked good. Her picture was hot. She was allegedly a grad of MIT. And she interned at the National Security Agency. It turns out this profile was fabricated. A hacker put it together as part of an experiment.

The funny thing is that the online persona networked with military top brass. She even got some job offers extended to her. The tragedy is that, through her military contacts, the hacker was able to get a lot of information about troop movements in Iran and Iraq. Nice.

A nice picture, and some early assumptions, caused the scam to pick up momentum. Luckily some skeptics dug deep and discerned the sham. Beware who you meet online. Often they are not who they seem.

Face Camoflage


I just read a blog post at SocialBeat on techniques to disguise your face from recognition software. People be posting their image to the web on sites like FaceBook. And there is software that is growing smart at figuring out who you are just from your picture. This is kind of like a Big Brother future. But the software is only so smart. A little mask can throw the software off track.
Now nobody is saying you need to make sure you go out looking like cat woman. You can maybe just touch up your face using photoshop before you post it online. Then you can remain below the radar from the image trackers online.
I think what we really need is some type of image processing which can mask your face from the image processing, but leave it looking the same for humans. Sounds like a good research project. You could start with the actual facial recognition software. Then you could try out different subtle hacks to the image to make it confuse the software. Or you could reverse engineer the code in the facial recognition software, and find its weakness. That's even better.