CIA traitor spy thrown in the clink for selling secrets to China. Stack Overflow, TeamViewer admit: We were hacked... Here's a quick catch-up of all things infosec beyond what we've already reported this week. Stack Overflow becomes Hack, oh no, no! Popular programmer watering-hole Stack Overflow revealed on Friday it was hacked by a miscreant on May 5. The cyber-intruder was discovered six days later when they tried to gain more privileges …
I remember talk of TV (the app) as having been compromised. I didn't find the answer provided by TV as reassuring. How cool is it that non-disclosure of the breach was spun as being a 'good' thing. Just like in the name of 'National Security'. Anything flies these days it seems.
Yeah... not telling anyone about a hack is always a good idea for Share Holders and Protection of Profits.
Digs into El'Reg search back to June 2016
https://www.theregister.co.uk/2016/06/01/teamviewer_mass_breach_report/
"the biz said. "There is no security breach at TeamViewer."
https://www.theregister.co.uk/2016/06/03/teamviewer_beefs_up_security/
https://www.theregister.co.uk/2016/06/06/teamviewer_sorry/
It was the was the last straw for me, I took my subscriptions elsewhere. Especially after a few other issues I had with them. This level of dishonest is not on, and I also thought it was illegal now? Anyone going to sue them?
In general I'd agree with you: if there is nothing to hide, then get it out in the open. However, it does depend upon the attack and what exactly was compromised and, if no user data was compromised then disclosure could be misinterpreted. And, the degree of disclosure will indeed sometimes be coordinated with the authorities while investigations continue.
""Our systems detected the suspicious activities in time to prevent any major damage," TeamViewer's comms director Martina Dier claimed in an email to The Register."
This can mean so many things...
i.e. we noticed our development/test systems were hacked when we had problems migrating things to production. Closer examination revealed that no production users were affected apart from old data we used for testing. We had not tools to monitor active attacks but fortunately stumbled upon this one. Hopefully things are better now.
Or it could mean they have robust systems in-place that detected the attack, notified staff who monitored the attack closely before shutting it down and ensuring systems were not affected by the attacks.
Given many of the publicised attacks over recent years, I would need evidence it was the latter as when details leak, it is typically the former.
Also remember how TeamViewer was so adamant that they weren't hacked, while users were getting unauthorized Amazon bills from their TeamViewer-started purchase sessions?
https://www.teamviewer.com/en/company/press/statement-on-potential-teamviewer-hackers/
Oh yes. I could hope that users sue, just to send a lesson, but I doubt such a thing will happen.
This is actually a good example of why the pervading concept of an account is a Bad Thing.
There is literally nothing valuable in a SO account other than the personal information used to define the account itself. The worst possible outcome of someone stealing your login is the possible loss of reputation if their use of it reflects badly on you. But you have personal contact information in there that they might steal and use elsewhere.
All SO should really have is an ID that you can prove ownership of - perhaps with a key pair. If that were used, there would be no need to contact those 250 users because SO would have had nothing valuable to be stolen.
So why do these accounts exist ? Perhaps because of history. Perhaps because someone wants to collect identities with a view to some future monetisation. I don't know,
El reg, why don't you accept a public key login instead of holding my email contact details ?
One major reason is to provide an extra obstacle to the mass creation of accounts. Since each account needs a unique email address, a spammer would need to create separate addresses for each account created. Yes, they could set up a mailserver and have a nearly infinite supply of those, but a monitor could notice this and ban all addresses under the domain they're using. So that means they have to use publicly available accounts, most of which have some method of preventing a very large number of accounts from being set up in short order or by one user. This also lets them report things should a user do something like break the law, and provides them a method of communicating with the user if the user needs to, for example resetting the password, informing of data breaches, etc. Most of this would not work anymore given a key-based authentication system, so people don't do it so often.
"Former CIA intelligence officer Kevin Patrick Mallory, 62, of Leesburg, Virginia, was sent down for two decades on Friday for selling American national defense secrets to a Chinese spy."
The things Americans have to do to make sure they have a roof over their head in their old days...
"This case is one in an alarming trend of former US intelligence officers being targeted by China and betraying their country and colleagues."
was followed immediately in the article by this:
"The US Department of Homeland Security’s cybersecurity officials, who are supposed to keep hackers out of Uncle Sam's systems, have been reportedly pressured to set their day jobs aside and go defend the US-Mexico border..."
What can we do to round out the trifecta started by insufficient compensation and managerial incompetence?
Very good question and I'm certainly going to test it out!
For those that don't already know modern laser office copiers add an almost invisible yellow dot pattern to all prints and copies that can be traced back to the serial number of the machine. If you have a 25x magnification tool you can see it.
"the hacker broke into production systems via an insecure development build".
so the build was 'insecure' and got bullied into giving up the info ?
on top of my own disorders I now have to keep track of those for my dev spaces...
And you have total confidence that what you have replaced it with has not been hacked, compromised or is vulnerable. These problems only appear IF they are disclosed or someone finds out.
The very nature of all these remote support applications is a security pain in the arse, however you look at it.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
