Skip to content

Category: Hackerterrorcybercyber

Secure defaults kind of matter…

snyk writes on secure defaults:

Before version 2.6.0 hipster data “store” did not by default require authentication (wait, what?) and also did bind to * instead of 127.0.0.1.

As a result, by default, each MongoDB data “store” has been accessible from the entire internet.

Scanners such as Shodan provide an index to all such MongoDB installations on the entire Internet. Enterprising anonymous “hackers” have monetized this opportunity by accessing these installations over the Internet, encrypting the data and then accepting Bitcoin for the decryption password – or scamming the installations owner, assuming that people who put production data on internet-wide installations with unauthenticated access deserve to be conned and then conned over again.

Other hipster data stores, including Elastic Search, CouchDB and Redis, are known to have similar access properties. NoSQL might actually mean “NoSequrity”.

Leave a Comment

Sending letters the CIA way

Palaeofuture has an interesting article on sending letters, the CIA way.

When you file a Freedom of Information Act (FOIA) request with a federal agency, they’ll often send you physical letters in the mail. When I got my first response letter from the CIA, I was a little surprised to see some old-fashioned, anti-spy tech on the back of the envelope. As you can see from the photos above and below, there’s no way to open the envelope without making it clear you’ve been messing with it.

The author has been inquiring about the how and why, and despite the inquiry not being a formal FOIA request got an answer.

The “gummed kraft sealing tape” the agency uses is three inches wide, and the indications from the response to my FOIA request suggest that the agency buys it in 450-foot rolls.

The article does have a part and an order number for the tape, in case you have need for it.

5 Comments