MariaDine
25th October 2010, 10:10
Samy Kamkar, an American who in 2005 forced the administrators to shut down the MySpace site, ensures that no one has your personal information adequately protected on the Web
He is now in Portugal and gave an interview and conferences about the theme.
http://clix.expresso.pt/hackersk WATCH VIDEO HERE- HE TALKS IN ENGLISH
IN THE INTERVIEW
When in October 2005, Samy Kamkar, then 19 years, developed a malicious program (worm) that allowed him to raise a million friends on MySpace in just 20 hours, was far from imagining that the feat would render him more popularity than really wanted.
Indeed, the attack on the social network for those days that was the delight of netizens and the media coverage of judicial proceedings that followed, gave him the star status in the firmament of the hacker community.
The three-year suspended sentence, plus 90 days of community service and a ban on Internet access, in addition to compensation never revealed, already part of the past and Kamkar, now 24, is co-founder of Fonality, a company that sells telephone exchanges that use the technology of voice over IP (Internet Protocol).
But it is as a lecturer at the invitation of the Foundation OWASP (Open Web Application Security Project), an organization whose mission is to support the development of secure Web applications, which conducts a tour of Europe, having already passed through London, Leeds, Dublin, Brussels , Stockholm, Copenhagen and Lisbon.
Privacy on the Net, died!
ISCTE - Lisbon University Institute, the audience was small to accommodate all those who heard Kamkar declare the death of privacy on the Net, after showing how it is technically possible to determine the physical location of a user. How?
First of all we have to find the physical address of the router (MAC address) through which Internet users access the Net, using for this purpose at a site with a malicious program, which is necessary to attract the possible victim.
Typically, only the computers connected to a router can obtain this address. However, the javascript program is passed by a computer on that network and achieves such "registration" of the router.
Already in possession of such a MAC address, launches a search in the database that serves as support for Google Street View, so getting to know the GPS coordinates of the router in question.
But how does Google have this information? Because the cars that collect images for Street View also pick up signals from wireless networks and record in your database such the MAC addresses, in addition to the location where they were detected.
Despite the recent controversy surrounding Street View, it seems that Google was not obliged to delete this database MAC addresses.
The Express sought to confirm the existence of Google with this information in the database in question, but until the publication of this article had no answer.
To publicly disclose the technical details of such operations, all that Kamkar want to warn against the risks. "The average user and even some coaches do not have the slightest idea of what your exposure to data subject on the Internet," he warns.
While not forgetting the sentence to a suspended sentence of three years and the tremendous sense fright when he saw the police break into your house, a few weeks after the attack on MySpace, and learn everything you could have written one byte (from the computer with CD) the hacker has given way to computer security expert.
Cookie eternal
And it was the role of the expert Samy Kamkar has recently launched another warning, this time related to a weakness detected in version 5 of HTML, the markup language used to produce pages for the Web
According Kamkar, the latest version of HTML that will be available starting in 2012 may explain, like no other, the privacy of Internet users. Here's how.
Will certainly be very few sites that do not want to know more about who visits them: what country they come, how long the visit, etc..
One of the techniques used to obtain such information is to host an Internet user's computer small text file where such data are recorded. In this file is given the cookie name.
-------------------------------
Numbers
€ 80,000 million
Is the value that each year, according to the IAB - Interactive Advertising Bureau, online advertising market is unable to generate power for not commercially use the information of Internet users.
Atualmnente, the user may at any time, delete the files and told to avoid they get saved on your hard disk. But if HTML5 is used as it is being developed, site administrators and its advertisers may create cookies that they will never be able to delete them in staying hidden or temporary boards. This new generation of cookies was named by Samy Kamkar as "Evercookies" (cookies eternal).
---------------------
Result: The habits of Internet users will be any more exposed than ever to curiosity and commercial interests of companies and advertisers.
If it is true that the current cookies already you can monitor the activity of any Internet user, you can register one evercookie information on any purchases made online, email messages sent and received, among other habits much more intimate.
-------------------
Self-learning
Hugo Cruz / ISCTE-IUL
Samy Kamkar, 24, was born in Pittsburgh, Pennsylvania. At 13 he moved weapons of baggage to Los Angeles, California, where he would finish high school.
He then decides to start working as a computer systems administrator, at first, and as a programmer, later.
Unlike most software engineers who deal with daily, all he knows, he taught himself.
In 2005, it would eventually come to the history of hacking as the author of the worm (malicious software) Web 2.0 era. Target: MySpace. The "Samy Worm" allowed him to raise a million friends in just 20 hours and would force the managers to stop this social networking site to fix the problem.
According to Samy Kamkar, it was the U.S. government and not the MySpace who filed a complaint. On January 31, 2007, finally comes to an agreement and was sentenced to three years' probation. Today, it says "sorry" and assures that he will not do it.
He is now in Portugal and gave an interview and conferences about the theme.
http://clix.expresso.pt/hackersk WATCH VIDEO HERE- HE TALKS IN ENGLISH
IN THE INTERVIEW
When in October 2005, Samy Kamkar, then 19 years, developed a malicious program (worm) that allowed him to raise a million friends on MySpace in just 20 hours, was far from imagining that the feat would render him more popularity than really wanted.
Indeed, the attack on the social network for those days that was the delight of netizens and the media coverage of judicial proceedings that followed, gave him the star status in the firmament of the hacker community.
The three-year suspended sentence, plus 90 days of community service and a ban on Internet access, in addition to compensation never revealed, already part of the past and Kamkar, now 24, is co-founder of Fonality, a company that sells telephone exchanges that use the technology of voice over IP (Internet Protocol).
But it is as a lecturer at the invitation of the Foundation OWASP (Open Web Application Security Project), an organization whose mission is to support the development of secure Web applications, which conducts a tour of Europe, having already passed through London, Leeds, Dublin, Brussels , Stockholm, Copenhagen and Lisbon.
Privacy on the Net, died!
ISCTE - Lisbon University Institute, the audience was small to accommodate all those who heard Kamkar declare the death of privacy on the Net, after showing how it is technically possible to determine the physical location of a user. How?
First of all we have to find the physical address of the router (MAC address) through which Internet users access the Net, using for this purpose at a site with a malicious program, which is necessary to attract the possible victim.
Typically, only the computers connected to a router can obtain this address. However, the javascript program is passed by a computer on that network and achieves such "registration" of the router.
Already in possession of such a MAC address, launches a search in the database that serves as support for Google Street View, so getting to know the GPS coordinates of the router in question.
But how does Google have this information? Because the cars that collect images for Street View also pick up signals from wireless networks and record in your database such the MAC addresses, in addition to the location where they were detected.
Despite the recent controversy surrounding Street View, it seems that Google was not obliged to delete this database MAC addresses.
The Express sought to confirm the existence of Google with this information in the database in question, but until the publication of this article had no answer.
To publicly disclose the technical details of such operations, all that Kamkar want to warn against the risks. "The average user and even some coaches do not have the slightest idea of what your exposure to data subject on the Internet," he warns.
While not forgetting the sentence to a suspended sentence of three years and the tremendous sense fright when he saw the police break into your house, a few weeks after the attack on MySpace, and learn everything you could have written one byte (from the computer with CD) the hacker has given way to computer security expert.
Cookie eternal
And it was the role of the expert Samy Kamkar has recently launched another warning, this time related to a weakness detected in version 5 of HTML, the markup language used to produce pages for the Web
According Kamkar, the latest version of HTML that will be available starting in 2012 may explain, like no other, the privacy of Internet users. Here's how.
Will certainly be very few sites that do not want to know more about who visits them: what country they come, how long the visit, etc..
One of the techniques used to obtain such information is to host an Internet user's computer small text file where such data are recorded. In this file is given the cookie name.
-------------------------------
Numbers
€ 80,000 million
Is the value that each year, according to the IAB - Interactive Advertising Bureau, online advertising market is unable to generate power for not commercially use the information of Internet users.
Atualmnente, the user may at any time, delete the files and told to avoid they get saved on your hard disk. But if HTML5 is used as it is being developed, site administrators and its advertisers may create cookies that they will never be able to delete them in staying hidden or temporary boards. This new generation of cookies was named by Samy Kamkar as "Evercookies" (cookies eternal).
---------------------
Result: The habits of Internet users will be any more exposed than ever to curiosity and commercial interests of companies and advertisers.
If it is true that the current cookies already you can monitor the activity of any Internet user, you can register one evercookie information on any purchases made online, email messages sent and received, among other habits much more intimate.
-------------------
Self-learning
Hugo Cruz / ISCTE-IUL
Samy Kamkar, 24, was born in Pittsburgh, Pennsylvania. At 13 he moved weapons of baggage to Los Angeles, California, where he would finish high school.
He then decides to start working as a computer systems administrator, at first, and as a programmer, later.
Unlike most software engineers who deal with daily, all he knows, he taught himself.
In 2005, it would eventually come to the history of hacking as the author of the worm (malicious software) Web 2.0 era. Target: MySpace. The "Samy Worm" allowed him to raise a million friends in just 20 hours and would force the managers to stop this social networking site to fix the problem.
According to Samy Kamkar, it was the U.S. government and not the MySpace who filed a complaint. On January 31, 2007, finally comes to an agreement and was sentenced to three years' probation. Today, it says "sorry" and assures that he will not do it.