California Highway Patrol?
What, was the guy doing all this whilst driving or something?
A California man on Thursday admitted breaking into the Facebook and email accounts of hundreds of women and stealing nude and semi-nude pictures of them. George Samuel Bronk, 23, of Citrus Heights, pleaded guilty to seven felony charges, including computer intrusion, false impersonation and possession of child pornography. He …
The California Highway Patrol < http://www.chp.ca.gov/html/mission.html > are the state police. They were merged in 1995 < http://www.chp.ca.gov/html/merger.html >.
Guess you're not a CHiPs TV fan.
The 98 Crown Victoria also had a CHIP socket that provided special features for the police 'Interceptor' version of this automobile!
The CHP is more or less the equivalent of the state police in many other states. They have jurisdiction anywhere in the state, although their primary assignment is traffic control on state highways. There is also a law enforcement organization known informally as the state police in California, but their primary job is protecting state buildings and public officials.
Helicopter, because either agency can bust perps.
"Dont put naked pictures of yourself on the fucking internet" is one lesson that could be learned, I suppose. I think a better lesson is "don't surround nudity with such walls of shame that having them be on the Internet would cause you distress." *shrug* If someone tried to blackmail me with the threat of naked pictures being spread all over the Internet, I'd just yawn. Who cares? In this day and age, being ashamed over something like that just seems silly to me.
The issue is not shame of the body, but violation of expected privacy. A woman might happily send her boyfriend intimate pictures. She is not ashamed of her nudity. Obviously she is quite proud of it. That doesn't mean she would be happy for the pictures to become public property.
On the other hand, shame might result from the activity depicted. If the woman is shown performing a sex act or just posing naked in front of a mirror, does she really want her nephews to see that ? No. Is she ashamed of her body ? No.
between shame, and... I dont know what the word Im looking for is.
there's some pretty deranged shit of me online, but you have to search hard for it; my usual handle is this one and its so ridiculously common I'm practically the John Smith of the inter-webs, and my real name is apparently under much wider use by some successful travel book dude or something, so I'm kinda covered there, too. the fact that its out there doesn't bother me. if someone tried to blackmail me personally, I wouldn't care. being labelled 'the dirty old man' at work, however, or having my wife caused embarrassment over what I might have thought was funny one a drunken evening 7 years before I met her is a different thing.
I personally wish there was more of a blanket attitude of "as long as your kids dont see it, what the fuck should I care" but you never know when you're going to run into some prudish and judgemental asshole who decides to bear a grudge because you bared your arse.
It would be nice to live in such a world, but the comments of people with both hands on their keyboard when faced with a woman with her tits out, duck-face at the camera on FB isnt "well, she looks like a nice person having some fun" its usually "vapid attention whore" and the same for a dude is somewhere between "unnnecessary, man, internet cliche" and "what the fuck is wrong with you, you degenerate pervert"
I'll point out that these people didn't POST the pictures. They SENT them via email. They also made the mistake of publicly posting the same info used to reset their passwords.
Most people have no clue of Internet security. And they also feel that email is a lot more private than it really is.
This is why I absolutely /loathe/ web designers who are too lazy to build in the ability to write your own challenge/response questions. When all you have is a pick list of common questions, then the chances increase exponentially that this information will be findable somewhere if only an individual chooses to look hard enough.
Dear web devs everywhere: when creating the password reset features for your websites please allow us to actually create three of our own challenges and enter the proper responses.
Here are some great examples off the top of my head:
Challenge: Can kill you with her delete key
Response: Sarah Bee
Challenge: Lewis Page requires
Response: Nuclear aircraft carrier
Much fun to be had!
Too lazy or incapable? Whatever happened to own responsibility and common sense?
IMO its a dual fail here. I personally sort of ridicule (not really, exaggerated a bit) people who still believe that social networks are their for them and to protect their privacy. Their not!
"If you put it on $social_network be ready to share it with the world". How hard can it be ?
I tend to agree that only picking from a list of questions is likely to lead to answers that are findable.
Knowing this myself I am more likely to give an answer that is deliberately wrong, knowing that it as long as I give the same wrong response if asked the question by this site later I get in.
I can try and give that same advice to others but am aware that as the question is usually to reset a forgotten password, then if you have forgotten that then chances are you have forgotten the wrong answer you set up for that site, which defeats the purpose.
And now i have 10 standard and non-standard challenge response "scenarios" incluing dates, times, names, questions, codes and passwords.
When i phone i need to give a different one to the web and when i am on the web i need to use certain responses and then a card reader.
Secure, yes i think so, convenient, not really... so they are all written down on a page headed "My bank security questions", computers are far less fallible than me!
Anon, obviously... i have some sense of security.
One method I've seen suggested is to have a set of memorised 'incorrect' answers to the standard challenge questions.
e.g. Mother's maiden name: Supernova
Another way is to modify your 'correct' answers by preceding them with a keyword that is unique to the site you're using.
e.g. Mother's maiden name: FaceSmith (or YahooSmith, HotSmith, etc.)
If you want to get more sneaky, choose a keyword that is not easily guessable. You can figure something out.
"One method I've seen suggested is to have a set of memorised 'incorrect' answers to the standard challenge questions.
e.g. Mother's maiden name: Supernova"
There is one minor issue with that strategy, this is supposed to be a password reset function, if you have to remember a whole series of "incorrect" answers to reset your password, you could just... I don't know... remember your password!
Presumably you've not fielded twenty support calls from people who can't think up their own challenge/response questions, thirty from people who put in any old crap and have no idea what the answer was anyway as it was just random letters, and observed that most of the rest have just typed in mothers maiden name or first pet anyway...
...I'd not actually use those particular ones. Or more accurately, I wouldn't use three challenge/response questions from the same place. I would use one from an obscure TV show I liked. Another from a fantasy novel. Another from a bit of El Reg trivia. So on, and so forth.
If you needed to (as my bank does) respond to /all three properly/ in order to reset the password, then they are exceptionally secure. You would have to get my three best friends and my fiancée in a room together to crack my challenge/response questions for the five top sites I use. The chances of someone random person who has collected a little bit of information about me from my comments on El Reg (or anywhere else) deciphering them is fairly small.
Not impossible...but then again no security is perfect. If I used the suggestion of memorizing something like "Mother's maiden name: Supernova" then i am opening up another can of worms. Either I am having to keep that relatively consistent - and thus a data leak on one site means all sites are compromised - or I run the very real risk of not being able to keep track of which challenge response questions are for which sites. even using Facebook.comSupernova and Twitter.comSupernova etc. would be guessable after a single leak.
No, I prefer using challenge response questions that have meaning to me - something that so long as I am not suffering from dementia or brain damage I will always know the answer to - but which are so utterly random in origin that your average net user is highly unlikely to discover. For example, I am a trekkie. The obvious answer to the challenge “pattern” is “buffer.” It is the first thing that pops into my mind and has been since I was about 8.
I understand this doesn’t work for all people. That’s why I see a lot of sites giving the option of “pick from a list or write your own.” The point is that for those who /are/ capable of remembering their own challenge/response pairs, the ability to do so is significantly more secure than having to use the standard questions. not offering that option is nothing more than laziness on behalf of careless developers.
Don't make us mock you. Oh, OK then...
A message sent on Facebook, within Facebook, to someone else on Facebook, is not an email. It's a Facebook post with restrictions on who can see it. It's identical to a visible-to-the-world Facebook post except in terms of who has access.
The irony here is that you follow it with "Most people have no clue of Internet security". Omit the last three words, and you're about right...
Good one, mock someone for getting it wrong, comment on irony, while ironically completely getting it wrong yourself. He didn't hack Facebook - he *used* Facebook to find personal information, with which he could use to reset the passwords to their *email* accounts. From there is where he found nude pictures.
Look at the palm of your hand please. Closer... closer... closer... <smack>
I have never understood why people stick to the security options they are given. Most systems will ask for your mother's maiden name, and that information may be in the public domain. Why provide the real information?
Surely it's much more secure to come up with a response that cannot be guessed by someone going through your family tree? There's nothing to stop you registering with your mother's maiden name as Beeblebrox if you want to.
This post has been deleted by a moderator
"The agency then contacted the California Highway Patrol "
Are they still around ? They had their own slot on TV umpteen years ago. Didn't they use some sort of scooter like motor bike ?
What are they doing investigating facebook and emails ? Do the smarmy brylcreemed execs of California still drive around the highways whilst committing their dastardly deeds ?
I think we need more stories of this nature. We need to know all about the bank robbers and the murderers in Thailand or Hawaii or Inner Mongolia that were caught after their email was traced to downtown Bellshill, or Milngavie.
Scumbag breaks into accounts of people so fucking stupid they'd stick pictures on themselves, naked, into the public domain.
What is wrong with these people? The second you decide to send anything up that wire out of your house you can basically assume you sacrifice control of it, especially to well known sites like FaceSlap that have had previous security issues!
Just something capable of actually launching proper aircraft. I have never read Lewis' articles to read "American-made is better than everything else." I have always read them to be "use off the shelf hardware that is good value for money and let some other chump pay the R&D costs."
Personally, I agree with him.
"Police have emailed 3,200 questionnaires to potential victims, but so far only 46 women have come forward."
"You have numerous pictures of me in the buff so to get the full humiliation, I'd like to come down to the police station to make a report and have all your officers have a good laugh at my expense"
Ooh, I can see the mailshot already!
"Dear Ms X, we are the police and have reason to suspect someone may have stolen naked photos of you. If you think naked or seminaked pictures of you (and/or your hot sister) may have been sent by email recently, please send us a copy (together with your name, age and phone number) so we can check them against our list to determine if you are the victim of a crime. Love and kisses from the California Highway Patrol Department."
Colleague of mine has some fairly explicit shots on FHM Girl next door thing or whatever its called. Shes 42. Comes in work and gets on with her job and noone bats an eyelid. All the fellas have checked them out of course and I guess if she found it embarrassing that her colleagues have seen her naked breasts and ass then I'm sure it would be embarrassing. But its not.
The generation being born now will have no embarrassment over nudity and these kind of stories will die. They will have got used to nude images from the first time they are allowed to use the internet and from puberty they will have got used to nude images of themselves being seen by others.
I really never understood why as a society we are so paranoid about people seeing our bits unless we are on the beach, when suddenly it stops being an issue. Each to their own I guess.
Biting the hand that feeds IT © 1998–2021