So, how exactly does a network analyst like Edward Snowden get access to top secret information stored at the NSA? Sure, as a contractor you get a password so you can analyze the network, but you can only go so deep into the servers without tapping the fiber optic at the data center itself in Utah.
[image: Inline image 1] Basic computer lab setup for a hacker http://sumihacks.blogspot.com/2012/01/basic-lab-setup-for-hacker.html If any respondents here have read Kevin Mitnik's book about hacking, you would already know it is through "social engineering" that most hackers get at secret data. Social engineering is not complicated: first you simply ask someone for their password.Or, you call them on the phone and trick them into revealing their password.It's that simple. In Mitnick's case he posed as a computer tech co-worker on the telephone. Once you get a password, it's only a few small clicks to get at the root level of the server where you can run a script of your own that changes everything and makes you the invisible administrator. Sound implausible that anyone would give just out their password? Go figure. "A civilian NSA employee recently resigned after being stripped of his security clearance for allowing former agency contractor Edward Snowden to use his personal log-in credentials to access classified information, according to an agency memo obtained by NBC News." 'Snowden Swiped Password From NSA Coworker' NBC News: http://www.nbcnews.com/news/snowden/password/<http://www.nbcnews.com/news/investigations/exclusive-snowden-swiped-password-nsa-coworker-n29006> Hacker Reading List: 'Ghost in the Wires' by Kevin Mitnick Back Bay Books, 2011 'We Are Anonymous: Inside the Hacker World of LulzSec, Anonymous, and the Global Cyber Insurgency' by Parmy Olson Little, Brown and Company (June 5, 2012) 'Tubes: A Journey to the Center of the Internet' by Andrew Blum, HarperCollins, 2012 'Hackers: Heroes of the Computer Revolution' by Steven Levy O'Reilly Media; 1 edition (May 19, 2010) 'Crypto: How the Code Rebels Beat the Government--Saving Privacy in the Digital Age' by Steven Levy Viking, 2001 'Crypto Anarchy, Cyberstates, and Pirate Utopias' by Peter Ludlow Bradford Book, 2001 'Code and Other Laws of Cyberspace' by Lawrence Lessig Basic Books (July 13, 2000) 'Hacking' The Art of Exploitation, 2nd Edition by Jon Erickson No Starch Press, 2008 'How to Disappear: Erase Your Digital Footprint, Leave False Trails, and Vanish without a Trace' by Frank M. Ahearn Lyons Press, 2010 'Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground' by Kevin Poulsen Crown, 2011 On Fri, Dec 13, 2013 at 6:47 AM, Richard Williams <[email protected]>wrote: The Darkside Hacker > > Kevin Mitnick, known as the Darkside Hacker, was at one time the > most-wanted computer criminal in the United States. Law enforcement > officials convinced a judge that he had the ability to "start a nuclear war > by whistling into a pay phone." One state attorney told the judge that > Mitnick could somehow dial into the NORAD modem via a payphone from prison > and communicate with the modem by whistling to launch nuclear missiles. > > According to Douglas, Mitnick managed to hack into some of the country's > most powerful -- and seemingly impenetrable agencies such as the DMV, SSA, > and the FBI, and large companies, including PacBell, Motorola, Nokia, and > DEC. Using "social engineering" and conning employees into giving him > private information and maneuvering through layers of security. Using > hacker techniques and social engineering Mitnick gained access to data that > no one else could. > > The 2012 graphic novel Wizzywig by Ed Piskor is a close allusion to the > story of Mitnick, with the main character's name replaced with Kevin > Phenicle. The novel parallels the entire story of Mitnick under the > codename "Boingthump", from his early days of phone phreaking. > > Think your information and your computer is secure? You can yourself a lot > of trouble by just sending your IP address and password to Kevin Mitnick at > 2245 N. Green Valley Parkway, Suite 411, Henderson, NV. LoL! > > Work cited: > > 'Hacker Culture' > by Thomas Douglas > University of Minnesota Press > pp. xxiv > > > See More: > > 'Hackers' > Directed by Iain Softley > Starring Jonny Lee Miller, Angelina Jolie, Renoly Santiago, Matthew > Lillard, Lorraine Bracco and Fisher Stevens. > > [image: Inline image 1] > > Read more: > > 'The Hacker Manifesto' > http://www.phrack.org/issues.html?issue=7&id=3&mode=txt > > 'Hackers: Heroes of the Computer Revolution' > by Steven Levy > > 'The Art of Deception' > by Kevin Mitnick > > 'The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, > Intruders & Deceivers' > by Kevin Mitnick > > 'Ghost in the Wires: My Adventures as the World's Most Wanted Hacker' > by Kevin Mitnick > Foreword by Steve Wozniak > > > On Thu, Dec 5, 2013 at 8:57 AM, Richard Williams <[email protected]>wrote: > >> Massive Hacker Attack! >> >> According to SpiderLabs, "...'123456' was the most widely used password >> and 'password', '123,' and '111111' were also among the top entries. Three >> of the most used passwords are 'password', 'sex' and 'god', not >> particularly in that order. Admins love to use 'god' as their password- it >> gives them a feeling of power. >> >> So, let's review some password protocols: >> >> 1. Do not use the same password for all your online activities. >> 2. Use a seven word combination of letters, numbers, and symbols for your >> password with at least one letter in caps. >> 3. Do NOT write down your password down on a Post-it note and affix it >> to your computer monitor. >> 4. Never reveal your password to anyone, including your significant other. >> 5. Change you password frequently - at least once a month, in order to be >> on the safe side. >> 6. DO IT NOW - don't wait until tomorrow to change your password. >> >> "Two million passwords for social media and email accounts have been >> released online by hackers, IT security experts have discovered." >> >> Metro UK: >> http://metro.co.uk/two-million-facebook-gmail-and-twitter-passwords-stolen<http://metro.co.uk/2013/12/05/two-million-facebook-gmail-and-twitter-passwords-stolen-by-criminal-gang-4216332/> >> >> >> On Mon, Dec 2, 2013 at 10:27 AM, Richard Williams >> <[email protected]>wrote: >> >>> The programmer is God and Hackers are the prophets of Information >>> Technology. >>> >>> So, if you are a hacker, it would be evil to not share your data and >>> your code with the rest of the world, to save mankind from ignorance - a >>> moral imperative for the hacker. The hacker's world view is libertarian- >>> they believe that powerful individuals are taking over the Internet and >>> controlling our thoughts through the media, violating our privacy. All the >>> while posting reams of information about themselves. Go figure. >>> >>> "Because he knows the power of the technology he has mastered, he knows >>> how distressingly fragile the barrier is between freedom and >>> censorship--it's a simple matter of who writes the code. Underlying it all >>> was the hacker belief that the world could be perfected if enough of us >>> tapped society's vast reserves of knowledge and put it to proper use." >>> >>> Read more: >>> >>> 'So Open It Hurts' >>> What the Internet did to Aaron Swartz >>> New Republic: >>> http://preview.tinyurl.com/ala5v77 >>> >>> >>> On Sun, Dec 1, 2013 at 8:36 PM, Richard Williams >>> <[email protected]>wrote: >>> >>>> Reuters - A computer hacker was sentenced on Monday to three years and >>>> five months in prison for stealing the personal data of about 120,000 Apple >>>> Inc iPad users, including big-city mayors, a TV network news anchor and a >>>> Hollywood movie mogul... >>>> >>>> 'U.S. computer hacker gets three-and-a-half years for stealing iPad >>>> user data' >>>> http://tinyurl.com/c72z58j >>>> >>>> >>>> On Sat, Nov 2, 2013 at 12:42 PM, Richard Williams <[email protected] >>>> > wrote: >>>> >>>>> "On Thursday, the 21-year old San Antonio native will enter La Tuna >>>>> Federal Correction Institute in Anthony, TX to begin a one-year and one >>>>> day >>>>> sentence for breaching Sony Pictures Entertainment in May 2011 as a member >>>>> of Anonymous offshoot, LulzSec." >>>>> >>>>> 'The $600,000 Joyride' >>>>> San Antonio Current: >>>>> http://sacurrent.com/news/the-600-000-joyride<http://sacurrent.com/news/the-600-000-joyride-local-hacker-and-former-lulzsec-member-on-why-he-went-to-prison-1.1576274> >>>>> >>>>> >>>>> On Sat, Oct 19, 2013 at 9:24 AM, Richard Williams < >>>>> [email protected]> wrote: >>>>> >>>>>> Let's see, on the one hand we have the personal privacy advocates, >>>>>> like Edward Snowden and Wikileak's Julian Assange, and the Electronic >>>>>> Frontier Foundation. >>>>>> >>>>>> And, on the other hand we have social networking sites like Mark >>>>>> Zuckerberg's Facebook and micro blogging sites like Evan Williams's >>>>>> Twitter. >>>>>> >>>>>> And, in the middle we've got the FBI, IRS, CIA, NSA, ATF and the HS. >>>>>> >>>>>> And, you got your black hats and your white hats; you got your >>>>>> hackers and pirates; and you've got your worms and trojan horses. >>>>>> There's a >>>>>> PC on every desk, all running Microsoft Windows software. >>>>>> >>>>>> So, now Obama wants you to log on to a government site and enter all >>>>>> your personal data. Go figure. >>>>>> >>>>>> "It also represents a dangerous normalization of 'governing in the >>>>>> dark,' where decisions with enormous public impact occur without any >>>>>> public >>>>>> input." >>>>>> >>>>>> 'Snowden Says He Took No Secret Files to Russia' >>>>>> New York Times: >>>>>> http://www.nytimes.com/snowden<http://www.nytimes.com/2013/10/18/world/snowden-says-he-took-no-secret-files-to-russia.html?_r=0> >>>>>> >>>>> >>>>> >>>> >>> >> >
