hack

Ashley Madison – An Affair to Hack

Posted on by Helena

An Affair to Remember, or an affair to hack –

Avid Life Media, which is the Toronto based parent corporation of Ashley Madison, is facing a class-action lawsuit in which users are suing for breech of contract due to the security breach.

Ummm, does that mean all their names will become public in the lawsuit?

The Toronto police are advising everyone who has been hacked to report it to the police department… Doesn’t seem like a particularly good move if you are trying to remain anonymous. My understanding is that most of the names can not be accessed unless you have access to the shadow world within the internet. Not easily accessible, those that use this shadow world are either in law enforcement, or users themselves, or both. In other words, if you are concerned your spouse will find you, they would have to be in that same shadow world… partaking of all that it entails…like you.

The site boasts the ability to have extra-marital affairs discreetly – meaning you are a liar, a thief and a con-man, and we are happy to have you aboard! Worse – most of the women they show, all 5% of the entire clientelle, either don’t even exist, or, are not a part of the site, or have been radically photoshopped.

So who is the person behind the sensation? Noel Biderman, a married, self professed atheist Jew who believes that the ten commandments are outdated… He claims to believe in monogamy unless his wife were to gain weight, become less attractive, or not satisfy all his various boudoir desires. The media lapped up his business plan stating that everyone cheats anyway, this just gives them a better outlet, more opportunities, and no strings up front. Commonplace, let’s ramp it up a few notches. Morality? Ethics? No problem, we let you be the sinful, transient, womanizer that you’ve always dreamed of being. YUM!

But isn’t this akin to prostitution? And aren’t some of the women on the site prostitutes? Thereby making Noel – a pimp? To make matters worse, a legal Nevada brothel is using the hack to bolster business by claiming he can provide people with all the fantasies and extra-marital affairs they want without any personal data uploaded ever.  FYI – brothels, a form of pimping and prostitution, are only legal in Nevada…just in case you didn’t know.

WOW, what a deal!

What is the legal definition of prostitution? Engaging in, offering or soliciting acts for monetary consideration or for something ‘of value’. A pimp is someone who knowingly offers a prostitute per an agreement of exchange in valuable consideration. And while these are illegal, the thin line comes into play wherein the exchange is deemed an “Escort Service’. The ONLY distinction is the claim that the service being offered is not sexual in nature, but simply social.

Ashley Madison implied in their advertising that their service was sexual in that it was allowing extra-marital affairs. Their slogan, “Life is short, have an affair” supports that cause. Affairs are generally considered sexual. According to Wikipedia the definition of an affair is “a sexual relationship”. According to marriage.about.com, an affair is “a romantic and emotionally intense sexual relationship…”. According Merriam Webster dictionary, an affair is “a secret sexual relationship between two people”.

The common theme? An affair is about sex – selling sex is illegal – pimping sex for money is illegal.

Therefore, legally, it would appear that promoting ‘an affair’, given the definition states that it is a sexual relationship, and taking money for this promotion could very well constitute pimping and prostitution. Madame Noel… And while hacking is illegal, going after the hackers and not the legality of this ‘prostitution ring’ seems inauthentic and confoundingly criminal.

So who is responsible for the hacking? No one knows for sure – see my previous article on Happy Hackers – and many are making huge accusations, profound analysis, and pointing a gnarly finger, ALL in conjecture. Some think it is a disgruntled employee, others point to the fact that Ashley Madison execs themselves were hacking other sites and thus it could be retaliation, maybe it was the ‘First-Wives Club’, look out Bette Midler they’re going to blame you!

Given the statements by the hacking group, Impact Team, it would seem that it is retaliatory, but it could be even a client and given the nature had similarities to the Anonymous hackers in seeking justice within a criminal setting, it would seem that Ashley Madison might best tread carefully for information may be more damaging than rewarding…

The Happy Hackers

Posted on by Helena

Can Hackers Be Traced?

Computers are a tricky thing. Hacking is the genius behind the nominal IT geek. Recently, I was convinced my computer had been hacked. I took my PC to a local micro tech center, waited an hour and a half to be seen, told the techy exactly what I had said on my written form 1 hour and 1/2 ago, only to have him diddle around for a minute or two and advise me that finding a hack or hacker is virtually impossible. He recommended dumping all my files onto a flashdrive, cleaning my computer, and starting anew.

Wonderful…

But this made me wonder about all the accusations being levied at various countries for hacking into the Pentagon, Sony, Credit Card companies, Healthcare companies etc… Do they really have a clue who is doing the hacking?

The simple answer is – not really. They use ‘educated guesses’ more often than not.

Could the educated guesses be disguised as propaganda? Yes.

Example in point. North Korea was accused of hacking into Sony. Of course, they adamantly denied the claim. And we can’t trust anything that comes out of their mouth. But, what if – they didn’t? Then who did?

There are a number of prominent hacking groups in the world:

  1. Anonymous
  2. Chaos Computer Club
  3. Lizard Squad
  4. Lulzsec

And then there are government backed hackers:

  1. Tarh Andishan – Iranian
  2. Syrian Electronic Army – Syria
  3. Reconnaissance General Bureau – North Korean
  4. Unit 61398 – China
  5. Apt28 – Russia
  6. Hidden Lynx – China

Each group has a target genre. For example, Lizard Squad dedicates itself to random attacks on games and playstations with no real purpose involved other than to create disruption and irritation. Lulzsec attacks social media and media sites, also just for funzies. The Syrian Electronic Army attacks primarily government sites in the Middle East, Europe and US defense contractors, and media sites for propaganda. Hidden Lynx is a hit on demand hacking group that will target whomever for the right price.

Hackers are feverishly working on the ever more aspiring target, Electrical Grids. But the most lucrative hack is to grab identities and sell them to the highest bidder. Companies include Anthem, Home Depot, JP Morgan chase and Ebay to name a few. And the number of hacks per company can be as high as 1000 or more annually.  Hacking into airline reservations has really no verifiable benefit to the hacker except maybe some sort of ego prestige as it is only designed to disrupt. Hackers like to play with oil companies, causing outages, spills and disrupting activities. Too often, it is a game of sorts with little that can be done to prevent it and even less to find the source.

It used to be that IP addresses could be traced, but they are forever changing and can be diffused with multiple locations across a variety of countries thereby covering the tracks. While the media might comment that “Chinese Hackers…” or “Russian Hackers…” were the culprit, more often than not they haven’t much to go on except a ‘general location’ that could very well be the US operating in Siberia.

What we do know is that we don’t know much. And cyber security has become so prominent across the globe that threats and hacks are common. A mere yawn. The cost is not though with numbers ranging from $100 billion annually to $1 trillion. And while the Chinese might be doing the hacking, or the Russians, or Syrians, or whoever, that is of no consequence, the consequence is who signed the contract, who ordered the hit…

The more we rely on the internet, the more vulnerable we become.  Electronic cars – a hackers delight, electronic kitchen gadgets, easy.  But like all theft, the value of the end game is the big pat on the back in their world.  Can we prevent a hack?  Not really, we are pions in the world, they have no interest in individual computers per se, waste of energy.  Hacks into your identity will more often than not be a result of information spinning in the cloud with every company we do business with – schools, healthcare facilities, IRS, credit cards, wherever the most data is stored.

The Happy Hackers world is a shadow, it follows us everywhere, sometimes long, sometimes short, but never truly disappears until the sun goes down.