Rolling Stone chronicles the lifestyle exploits of Albert Gonzalez, which you can find here in the USA Today article here. Unfortunately I cannot provide a link to the actual RS article because it is paid only. You can find it at your local newsstand.
From the AP wires:
Latvia’s police confirmed on Thursday they had unmasked the man who became a folk hero for hacking tax office data to reveal fat salaries still being paid to state officials despite an official austerity drive.
“Neo” became famous earlier this year for publishing the tax office data of highly paid state officials, some of whom continued to receive salaries that went into thousands of lats or who got bonuses even as the government was cutting old age pensions, raising taxes and reducing spending.
I guess he swallowed the Red Pill.
Posted in News
Tagged data, hacker, Latvia, neo
Data stolen from HSBC in 2006 and 2007 still carry an impact. In this case around 15,000 people could suffer tax consequences. (Naturally, the issue of whether they sheltered money and cheated on their taxes is a separate issue.) The impact is worldwide.
A former IT employee of Swiss subsidiary HSBC Private Bank (Suisse) SA, identified by French authorities as Herve Falciani, obtained the information between late 2006 and early 2007, the bank said. The accounts, held by individuals worldwide, were all opened before October 2006..
Ultimately this means that the value of data is dependent on it’s relationship to the relevant state of affairs. Put differently, if a credit card account is inactive that data is worthless if someone attempts to use it. If the inactive data ties one back to fraud that occurred last year, it’s still relevant.
In the case of HSBC, the accounts reflect who was (potentially) cheating on their taxes in 2006. If the statute of limitations has not run out the information is still valuable.
Did you know that your car has a blackbox similar to airplanes? Most car companies use an open platform that allows this blackbox data to be downloaded and analyzed in order to aid investigations. In the February 22nd, 2010 issue of Newsweek, Matthew Philips reported that Toyota uses a closed data system. Unfortunately this article is not online so I cannot link to it, but it is on page 12 of the current issue.
The article gives no indication whether or not the data is encrypted or encoded. It is my guess that it’s an uncrypted proprietary format. To me it seems unlikely that Toyota would go though such efforts to protect/encrypt data that they claim is not designed for accident reconstruction but namely intended to “aid research on safety systems such as airbags.”
Given the Toyota recall, we see the double edged nature of closed systems: on one hand, the data is protected from eyes outside Toyota; on the other hand, the lack of transparency (and non-compliance with industry open standards) leaves it vulnerable to attack by the larger justice system for being potentially negligent about the technical malfunctions that leads to a higher crash rate.
I’m not sure I like it when Governments do this kind of stuff.
On Tuesday, German Finance Minister Wolfgang Schaüble said the government had agreed to buy a CD from an anonymous informant that contains the stolen bank details of up to 1,500 people who are suspected of evading German taxes by stashing their money in Swiss bank accounts.
I will most likely write more on this case through bloginfosec.com.