now browsing by tag
A Parkville man was sentenced Wednesday to federal prison after pleading guilty to computer hacking and child pornography charges.
Jacob Raines, 38, was sentenced in U.S. District Court in Kansas City to six years in prison.
Raines pleaded guilty in May to charges of computer intrusion and using a computer to view child pornography over the internet.
The computer intrusion charge involved Raines using a remote server to copy proprietary source code files and file folders from his former employer.
Never miss a local story.
When serving a search warrant in that case, investigators found thousands of sexually explicit images and videos of children, including toddlers and infants.
His attorney on Wednesday argued for a sentence of four years in prison, while prosecutors asked for seven years.
Tucson Police are on the scene of a reported shooting in the central part of the city. Officers responded to the call at approximately 9:15 a.m. Thursday near North Alvernon and East Third Street. Right now, there is no word on suspects, or the condition of the person who was shot. Stay with KVOA News 4 Tucson for updates on-air, online, and on your mobile device.
Once, though, Mr. Lu, 57, seemed to swagger with confidence as the official directed by Mr. Xi to tighten the Communist Party’s stranglehold over the internet.
After his appointment to run the Cyberspace Administration of China in 2014, Mr. Lu became an outspoken and intimidating gatekeeper of China’s internet. With his speeches and flamboyant dressing down of technology companies, he became an emblem of China’s increasingly unapologetic internet controls.
He chided American internet companies. Yet while visiting the United States, he was welcomed by powerful technology executives, including Tim Cook of Apple and Jeff Bezos of Amazon. At Facebook headquarters, Mark Zuckerberg showed Mr. Lu his copy of a book of Mr. Xi’s speeches.
In 2014, when asked why foreign social media sites such as Facebook were blocked in China, Mr. Lu denied any knowledge of the practice.
Newsletter Sign Up
Continue reading the main story
Thank you for subscribing.
An error has occurred. Please try again later.
You are already subscribed to this email.
“I have never used any of these websites so I don’t know if they have been shut down,” he said. “Your website is on your home soil. How can I go over to your home and shut it down?”
The next year, Mr. Lu denied that China engaged in internet censorship.
“It is a misuse of words if you say ‘content censorship,’” Mr. Lu said. “But no censorship does not mean there is no management.”
To quell what was perceived as a freewheeling social media, Mr. Lu went after some of the country’s biggest internet personalities. At private dinners he threatened them, and on national television he scolded them. He also limited the functions and purged many of their accounts.
Yet his high profile was also a liability.
In China, government officials are generally dull and predictable, and Mr. Lu stood out, and often raised eyebrows. Even as his star was rising, rumors swirled about his possible fall from grace. At the World Internet Conference he helped create, he could be seen smoking cigars with a Cuban telecom official and power-walking in sweats for exercise in the morning.
Continue reading the main story
Still, he showed an impressive creativity at times. As head of the Cyberspace Administration of China, he asked the songwriter of the Beijing Olympic anthem to write a rousing choral number for his agency. In the chorus, employees warbled about China as “an internet superpower.”
The announcement of the investigation could help clear the air ahead of the World Internet Conference, scheduled for two weeks from now in Wuzhen, a canal town in eastern China. Presented as a sort of Davos of the internet, the meeting was conceived as a way to show off China’s new influence over the technology industry.
Analysts said that despite the public strutting of Mr. Lu, he had difficulty turning the Cyberspace Administration into a powerful regulator. Created in 2014, the agency was tasked with managing an internet and technology sector already overseen by several ministries as well as China’s security organizations and the military.
Mr. Lu will be succeeded by Xu Lin, who worked directly under Mr. Xi when he was briefly party secretary of Shanghai in 2007.
Continue reading the main story
BEIJING—Lu Wei, a propaganda officer for China’s Communist Party who in recent years personified its effort to shape the global internet, on Tuesday became the first major political figure to come under corruption scrutiny since President Xi Jinping’s second term began last month.
Mr. Lu, a former director of China’s top internet regulator, is being investigated for alleged “serious violations of discipline,” the party’s disciplinary agency said in a one-sentence statement, using a common party euphemism to describe corruption.
Three years ago, EFF exposed how hundreds of law enforcement agencies were putting families at risk by distributing free ComputerCOP “Internet safety” software that actually transmitted keystrokes unencrypted to a third-party server. Our report also raised serious questions about whether the company was deceiving government agencies by circulating a bogus letter of endorsement from a top official in the U.S. Treasury Department.
This month, our suspicions were confirmed. A document obtained through the Freedom of Information Act shows that, in response to EFF’s research, the Treasury Department’s Inspector General launched an investigation into ComputerCOP. The final report concluded that the company had, in fact, doctored a government letter to improperly convince law enforcement agencies to spend asset forfeiture funds to buy the product.
Unfortunately, the report shows that ComputerCOP dodged criminal prosecution because the statute of limitations expired. Nevertheless, the records should serve as the final nail in the coffin for this software. It was bad enough that the software was proven dangerous; it is even worse for law enforcement agencies to do business with a company that federal investigators caught forging documents.
ComputerCOP is a CD-ROM (now also available on a USB storage stick) that promises to help parents protect their children from Internet predators. More than 240 agencies signed contracts with ComputerCOP, often worth tens of thousands of dollars. But the software was less about safety than it was about self-promotion. Elected law enforcement officials—including sheriffs, mayors and district attorneys—placed their images on the cover and recorded promotional videos about how the software was the “first step” to protecting children online. By and large, the “free” software giveaway was used to generate positive media coverage. In Arizona, for example, the software project was spearheaded by the Maricopa County District Attorney’s press officer, rather than a member of the Internet Crimes Against Children team. Marketing materials proclaimed that the software was a “Perfect Election and Fundraising Tool!”
Law enforcement agencies often paid for ComputerCOP with asset forfeiture funds, that is, money seized from suspected criminals during investigations. When agencies assist in federal investigations, they sometimes receive a portion of the money through a process called “equitable sharing.” As part of its marketing materials, ComputerCOP circulated a letter from the director of the Treasury Executive Office for Asset Forfeiture, which oversees equitable sharing spending, that seemed to endorse the product.
EFF obtained this letter through a state-level public records request, and it immediately struck us as odd. The letterhead seemed off-kilter, some of the text was misaligned, and the letter was undated, unsigned, and did not even include the full name of the person it was addressed to. (EFF separately discovered ComputerCOP had falsely claimed endorsements by the ACLU and National Center for Missing and Exploited Children.)
So, we filed a FOIA request with the Treasury Department to obtain the original letter, if one existed. Not long after, the Treasury Department issued a fraud alert for the letter, and the Treasury Department Inspector General launched a formal inquest.
New FOIA documents show that, after a multi-year investigation, the Inspector General concluded that ComputerCOP had indeed “altered the 2001 letter from TEOAF and made it appear to be blanket permission for all law enforcement agencies to use equitable sharing funds to purchase the software.” Indeed, ComputerCOP made this claim on the rate card it provided to agencies.
As part of its investigation into the letter, Treasury investigators sent questionnaires to 240 agencies that had purchased ComputerCOP. Of the few dozen that responded, three law enforcement agencies—the Peabody Police Department in Massachusetts, the Alaska Department of Public Safety, and the Greene County Sheriff’s Office in Missouri—told Treasury that the fraudulent letter had directly influenced their decision to purchase the product.
The closed investigative report indicates the Treasury Inspector General was unable to send the case for prosecution “due to the fact that the three year statute of limitations on the offense had lapsed.” Instead, after discussions with the Justice Department and the U.S. Marshal Service, Treasury concluded it was enough for ComputerCOP to cease using the altered letter and to post a disclaimer on their website.
Unfortunately, it may be time for the Treasury Department to re-open the case. While ComputerCOP did once advertise the disclaimer, EFF could no longer find that language anywhere on its website.
Making matters worse, the company’s website now claims that the keylogging feature “is not intrusive in any way.” This is an outrageous claim considering that this type of technology is more commonly deployed by stalkers and malicious hackers, and, in certain circumstances, its use could violate wiretapping laws.
For the most part, law enforcement purchases of ComputerCOP have significantly declined since we issued our first report. However, the company does continue to find buyers. For example, the Lake County Sheriff’s Office, Florida purchased 1,000 copies for $5,975 in 2017, according to SmartProcure. Meanwhile McGruff the Crime Dog was handing out copies as recently as this summer at a community screening of the film “Elf.”
To law enforcement agencies, here’s some rock-solid advice: before you purchase so-called Internet safety software, spend a few moments on the Internet researching whether the software is actually safe and above board.
ComputerCOP is neither.
China’s former top internet regulator and censor is being investigated by the ruling Communist Party’s anti-corruption arm, the agency said Tuesday.
The party’s anti-graft watchdog agency said in a brief statement on its website that Lu Wei is suspected of “serious violations of discipline.” Until Tuesday’s announcement, Lu had been deputy head of the party’s propaganda department.
Lu was known as a hard-liner responsible for leading the government’s efforts to tighten control over domestic cyberspace and championing the party’s position that governments have a right to filter and censor their countries’ internet.
He wielded enormous power over what 700 million Chinese internet users could view online and acted as gatekeeper for technology companies wishing to do business in China.
No details were given in Tuesday’s announcement, which comes after a party congress at which President Xi Jinping was given a second five-year term as party chief. Lu is the most senior Chinese official to be investigated since the party congress closed late last month.
Lu was suddenly replaced as cyberspace chief in June last year by his deputy, Xu Lin. Lu held on to his concurrent position of deputy head of propaganda but kept what observers thought was an uncharacteristically low profile.
Appointed in 2014 as China’s top internet regulator, Lu held high-profile meetings with top executives from foreign technology and internet companies, including Apple chief executive Tim Cook, Microsoft’s Satya Nadella, and Facebook founder Mark Zuckerberg.
Lu took a hard line in demanding tough security checks on imported foreign tech products and keeping out foreign internet companies and social networks like Facebook in the name of preserving social stability.
Lu’s departure from the position has not led to any changes or easing of such demands and restrictions on information.
In recent years China has pushed cybersecurity regulations aimed at limiting technology imported from the West, which Beijing officials say is necessary given Edward Snowden’s allegations of U.S. spying via “backdoors” inserted in exported U.S.-made hardware.
Lu worked his way up the ranks of China’s official Xinhua News Agency from a reporting job in the city of Guilin in southern Guangxi province in the early 1990s to becoming the agency’s vice president from 2004 to 2011. He was vice mayor of Beijing from 2011 to 2013.
The personal computer of an NSA worker who took government hacking tools and classified documents home with him was infected with a backdoor trojan, unrelated to these tools, that could have been used by criminal hackers to steal the US government files, according to a new report being released Thursday by Kaspersky Lab in response to recent allegations against the company.
The Moscow-based antivirus firm, which has been accused of using its security software to improperly grab NSA hacking tools and classified documents from the NSA worker’s home computer and provide them to the Russian government, says the worker had at least 120 other malicious files on his home computer in addition to the backdoor, and that the latter, which had purportedly been created by a Russian criminal hacker and sold in an underground forum, was trying to actively communicate with a malicious command-and-control server during the time Kaspersky is accused of siphoning the US government files from the worker’s computer.
“Given that system owner’s potential clearance level, the user could have been a prime target of nation states.”
Costin Raiu, director of the company’s Global Research and Analysis Team, told Motherboard that his company’s software detected and prevented that communication but there was a period of time when the worker had disabled his Kaspersky software and left his computer unprotected. Raiu says they found evidence that the NSA worker may have been infected with a second backdoor as well, though they saw no sign of it trying to communicate with an external server so they don’t know if it was active on his computer.
“Given that system owner’s potential clearance level, the user could have been a prime target of nation states,” Kaspersky notes in its new report.
Kaspersky has come under scrutiny after anonymous US government sources told several newspapers last month that some time in 2015 the company colluded with Russian government hackers to steal the cache of classified documents and tools that the NSA employee—working for the spy agency’s Tailored Access Operations hacking team—had improperly taken from an NSA computer and placed on his home system. Israeli intelligence sources reportedly told the US that Kaspersky employees or Russian government hackers used the Kaspersky software to search the NSA worker’s machine—as well as the machines of other customers—using keywords such as “top secret” to specifically uncover classified documents that contained this marking.
Believing that Kaspersky either then passed files from the NSA worker’s machine to the Russian government or helped government hackers obtain them, the Department of Homeland Security has issued a ban on Kaspersky products from civilian government systems, while the FBI and lawmakers have launched a public campaign that has darkened Kaspersky’s reputation and so far resulted in Best Buy canceling a lucrative contract to install the company’s software on machines sold in its stores.
Kaspersky has acknowledged that its software detected and collected the NSA hacking tools from the worker’s computer as part of its normal functionality in identifying malicious files on customer machines, but insists that the company deleted the classified documents once an analyst realized that the software had collected more than malicious tools. The company also insists that it never passed those tools or classified documents to the Russian government or to anyone else. But revelations that the worker’s computer was infected with a known backdoor and other malware raises the possibility that if the Russian government did obtain the NSA tools that were on the worker’s computer, it might have done so through means that didn’t involve Kaspersky.
“It looks like a huge disaster the way it happened with running all this malware on his machine. It’s almost unbelievable,” says Raiu.
The NSA declined to comment for this story.
In an attempt to get to the bottom of the allegations against it, Kaspersky says it conducted a thorough internal investigation involving workers both in the US and elsewhere that included speaking with the analyst who discovered the NSA tools and reviewing company logs that contained every signature the company has ever sent to customer machines to search for malware.
The logs show that in September 2014, Kaspersky sent out a series of so-called “silent signatures” while investigating a new malicious toolset it was calling “Equestre” at the time. In March 2014, Kaspersky had discovered a malicious and sophisticated component on a machine in the Middle East that it suspected was part of a large nation-state toolset it had never seen before.
Over many months, Kaspersky wrote and distributed dozens of signatures to customer machines, refining the search terms over time, to uncover more components in the toolset. One signature in particular (HEUR:Trojan.Win32.Equestre.m) tagged more than 4,000 suspicious files on customer machines around the world, but one of the most intriguing was a zip archive that it tagged on a machine in Maryland on September 11, 2014. That archive turned out to contain 37 hacking tools belonging to the Equestre toolset, or what later came to be known as the NSA’s Equation Group spy kit. But when the Kaspersky software collected the archive to examine it, a Kaspersky analyst discovered that it contained more than malicious Equation Group tools—a legitimate target of the Kaspersky antivirus software; it also had files containing source code and four Word documents that bore classified markings on them.
The file names of the Word documents included words like “test plan” and “revision history,” indicating they were documentation for some of the Equation Group tools contained in the archive.
“If you’re a software developer, these are the kinds of normal documents that you write, together with your product,” Raiu says. “They were related to the software development of this malware.”
Raiu says the analyst doesn’t recall, three years after the incident, what the exact classification markings on the Word documents were, but says they were similar to markings that had been found on documents leaked in 2013 by Edward Snowden such as “top secret/noforn.” After the Kaspersky analyst brought the source code files and Word documents to the company’s CEO, Eugene Kaspersky, he was instructed to delete them immediately.
“The reason we deleted those files and will delete similar ones in the future is two-fold; We don’t need anything other than malware binaries to improve protection of our customers and secondly, because of concerns regarding the handling of potential classified materials,” said the company in a statement. The company says after the incident occurred, it established a policy requiring all malware analysts going forward to “delete any potential classified materials that have been accidentally collected during anti-malware research or received from a third party.”
The company didn’t respond to questions about when precisely it instituted this policy, nor did it provide a written copy of the distributed policy before publication of this article.
The company asserts that it never shared the archive with any third parties and that it never found any evidence that a third party breached its network to intercept the archive after Kaspersky collected it. The company also heavily encrypts traffic from customer machines to its network, and asserts that this would make it infeasible for anyone attempting to intercept the traffic enroute and read it.
Notably, Raiu says the Kaspersky software actually detected malicious files in more than one zip archive on the worker’s computer, but it collected only the one archive for analysis. Metadata from the deleted archive and the other archives the Kaspersky software tagged on the worker’s machine indicate that the archives were not actually on the worker’s hard drive but were stored on removable media—such as USB drive or some other removable media the worker had plugged into his machine—when the Kaspersky software detected malware them.
In sifting through the log of signatures sent to customers over the years, Raiu says the company never found any signatures that used keywords such as “top secret” or “classified” to conduct improper searches of customer machines, and he says no one at the company can send a signature to customer machines without it being approved by a senior signature developer.
But the company did find one circumstance in 2015 where an analyst used “*secret*.*” in a signature designed to search for a malware family known as TeamSpy. The attackers behind TeamSpy searched victim computers using a string of hardcoded wildcard search terms, that included the words “secret” and “saidumlo,” which means secret in Georgian. For this reason, a Kaspersky analyst created a silent signature in 2015 that would search for these wildcard terms and others to uncover TeamSpy infections. Kaspersky believes the sources of recent media stories saying they searched for customer computers using “secret” as a search term may be confusing this incident with the incident that occurred earlier in 2014 when the company collected the Equation Group tools from the NSA worker’s machine.
In the course of its investigation, Kaspersky examined every incident in which its software triggered an alert on the machine purportedly belonging to the NSA worker. This is how it discovered that not only did its software find the NSA’s Equation Group hacking tools on the computer, it also uncovered dozens of other malicious files during the same time period, including a backdoor that infected the machine around 11:30 PM on October 4. The worker’s home machine got infected with the backdoor after he tried to install a pirated version of Microsoft Office.
Not only is pirated software notorious for containing malware, but the worker apparently intentionally disabled his Kaspersky detection software to install the pirated software. The worker disabled it in order to run a tool known as a keygen that would generate a software key that would allow him to run the pirated Microsoft Office software on his machine. But that key-generation software turned out to contain a backdoor known as “Smoke Bot,” “Smoke Loader,” and “Mokes” that was purportedly created by a Russian hacker in 2012 and sold on a Russian underground forum. That backdoor was already being detected by Kaspersky and other antivirus scanners in November 2013, so it was no surprise that the software discovered it on the worker’s machine in 2014.
Raiu describes it as a very small backdoor that has the ability to download and run additional plugins from an attackers’ command servers; it runs them in an infected machine’s memory instead of storing them on the hard disk, making it more stealth than some other malware that installs files directly on the hard drive.
“It’s high-end stuff,” he says.
It was after the NSA worker installed the pirated Office software and re-enabled the Kaspersky scanner that Kaspersky detected the backdoor on his computer—along with other malicious files including Java exploit code, various viruses, adware, and run-of-the-mill hacking tools, such as a password dumping tool, the company says. The Kaspersky software detected that the backdoor was trying to communicate with a URL—http://xvidmovies[.]in/dir/ind… to be a malicious command-and-control server.
The domain had been registered in April 2012 by someone who appeared to be of Indian nationality, but that registration expired in May 2014, and got picked up two months later by someone purportedly in China by the name “Zhou Lou,” and using the email address “email@example.com.” The domain was still registered to this person—which could be a fake identity—in 2014 when the NSA worker’s computer was trying to communicate with it. That registration expired in July 2015 and Raiu says no one has re-registered it after that. Kaspersky recently sinkholed the command servers and have found at least 1,000 other victim machines infected with the backdoor trying to communicate with the malicious domain.
Asked about Kaspersky’s discovery of multiple malware samples on the NSA worker’s home computer, Rob Joyce, the Trump administration’s top cybersecurity adviser who was head of the NSA’s elite hacking division when the TAO worker took the NSA files home and put them on his work computer, declined to respond to Kaspersky’s findings but reiterated the government’s contention that Kaspersky software should be banned from government computers.
“Kaspersky as an entity is a rootkit you run on a computer,” he told Motherboard, using the technical term for stealth and persistent malware that has privileged access to all files on a machine.
He acknowledged that software made by other antivirus companies has the same potential for misuse Kaspersky has but said, Kaspersky is “a Russian company subjected to FSB control and law, and the US government is not comfortable accepting that risk on our networks.”
The Western Australian government has awarded nearly AU$350,000 to Edith Cowan University (ECU) to investigate the risks and benefits of internet-connected children’s toys.
Researchers from the ECU’s School of Arts and Humanities will use the funding to examine the implications of internet-connected toys on children’s privacy and safety, the university said on Friday.
Dr Donell Holloway, who is leading the research, said the proliferation of internet-connected toys necessitates new policies to protect children’s privacy.
“Children only see these as just another toy, perhaps with some special or extra abilities. But they are not necessarily thinking of privacy,” Holloway said in a statement.
“We need regulations that clearly define who owns the huge amounts of children’s data that is being collected and work out how we can ensure that children and their parents can control and hopefully retain ownership of their data.”
Last month, an investigation by the Norwegian Consumer Council and security firm Mnemonic found internet-connected smartwatches for children contain a number of security vulnerabilities that allow hackers access to track the wearer’s location, eavesdrop on conversations, or even communicate with the child user.
The investigation additionally found that with some of these devices, data is transmitted and stored without encryption.
According to another security researcher Troy Hunt, CloudPets maker Spiral Toys had left 2.2 million children’s voice recordings and account information of more than 820,000 users exposed, leading to hackers stealing and ransoming user data on multiple occasions.
Two weeks prior to that German regulators warned that the My Friend Cayla doll could compromise the privacy of children, though fears around children’s privacy had intensified with the release of the interactive talking Hello Barbie doll in 2015 and subsequent claims from researchers that the doll had cybersecurity flaws.
The ECU research project will, however, also look into the potential benefits of internet-connected toys on children.
“It’s not all doom and gloom. There are plenty of positives to these toys. But the toy industry has moved along fairly quickly without pausing to think through some of these issues,” Holloway said.
Last year, the Office of the Australian Information Commissioner found that 71 percent of IoT devices and services used by Australians failed to adequately explain how personal information was collected, used, and disclosed.
Over the past year, the need for privacy and security standards in Australia has been heavily advocated for, though nothing has come to fruition yet.
As a precursor to those standards, the Internet of Things Alliance Australia this week published its data best practice guide for B2C IoT device and service providers, outlining principles around customer protection, accountability, customer empowerment, cyber protection, customer data transparency, data minimisation, and customer data control.
PREVIOUS AND RELATED COVERAGE
When IoT devices are everywhere, the security headaches just get worse.
The federal government has committed AU$4 million worth of grants for the creation of entrepreneurial workspaces for children across the country.
While many remain concerned about the security of connected devices, a growing number of Australians are getting comfortable with the idea of paying via the Internet of Things.
CloudPets connected stuffed animals recently leaked 2.2 million voice recordings of parents and children, due to poor database security.
A number of major advertisers and agencies have pulled tens of millions of dollars in health care ads from Outcome Health amid questions about whether the Chicago-based health information and advertising startup misled clients about its performance.
At the same time, Outcome Health’s high-profile chief operating officer, Vivek Kundra, who formerly served as chief information officer under then-President Barack Obama, resigned from the company, effective Friday.
Outcome Health — launched in 2006 while its founders, including CEO Rishi Shah and current President Shradha Agarwal, were students at Northwestern University — delivers pharmaceutical ads to patients on screens it places in doctors’ offices. The screens, free to doctors, show educational programming. Outcome Health makes money off the ads.
One of the agencies that pulled ads is waiting for verification that Outcome Health provided accurate information about the number of screens on which its ads are played before going forward. Another, though, said it is done with the company, at least for now. The moves, which were first reported by The Wall Street Journal, come in the wake of an investigation by the paper last month.
The Journal reported that some employees charged pharmaceutical companies for ads on more video screens than Outcome Health had installed.
The company has since denied routinely misreporting information to customers and has placed three employees on leave. It hired former U.S. Attorney Dan Webb to conduct an internal review of the allegations. Shah said in a statement Monday that the company remains confident in its ability to deliver what customers expect, though the internal investigation is ongoing.
Shah also said the industry in which Outcome Health operates lacks auditing standards, and he believes the company is “positioned to lead the industry in defining” third-party validation.
Outcome Health is reviewing more than 250 ad campaigns that ran on its network this year, Shah said in the statement, and will turn files over to a third-party auditor for independent verification. It’s working with some customers to make plans to move forward, Shah said.
When getting rid of your old electronics like cellphones and computers, whether selling them, or throwing them away, do you think twice about the private data you’re leaving behind?
A Contact 5 investigation found many of you, even government agencies and computer experts themselves are not.
Contact 5 went fishing for personal information with Alan Crowetz of Infostream. “These days when it comes to hackers and the bad guys, information is power,” said Crowetz.
It’s information that’s sometimes left on computers their owners don’t want anymore, and end up selling. “Finding out social security numbers, finding passwords, finding financial information, that’s almost more valuable than money these days,” said Crowetz. “This is a great source to find information that people don’t think twice about disposing of.”
WHAT ARE HACKERS LOOKING FOR?
Contact 5 used popular sites like Craigslist and Ebay for our search, while Crowetz told us what exactly the hackers and bad guys would be looking for in the perfect computer. We did this, so we could tell you how to protect yourself when selling.
“For me, I want to find things that are older. Those are much more likely to be a target because it’s less likely to be a computer knowledgeable person and the older they are, the more data that’s on there,” said Crowetz.
Crowetz says bad guys will also be looking at what version of Windows is on a computer. Crowetz says when someone wipes a computer clean before selling, they usually re-load the newer versions of Windows back on it, to make it more desirable. If the computer you’re looking to buy has an older version of Windows, it may mean the person never wiped the computer in the first place.
“If they say 5 or 6 years old, they’ve probably wiped and reloaded it. But if they say it’s only 3-4 years old, you know there’s a decent chance this is the original, they have not done anything,” says Crowetz.
So watch out if someone starts asking about what version of Windows you use, “there’s usually ulterior motives,” said Crowetz. “If I am a hacker, I am going to take the time to ask questions.”
Be clear, in your advertisements, that you wiped the computer and re-loaded it before selling it, advises Crowetz.
“Most of the time, the right way to wipe a computer takes hours and people are not willing to do that, even when someone has erased and reformatted their computer, they can pull that data out really easily.”
Or if you work in computers, write it down as well. “Here’s a good example here. I am a computer technician. Already I’m not interested,” said Crowetz while shopping on Ebay.
Laptops are also more convenient to hack, according to Crowetz. “A lot of times you can grab passwords off laptops.”
And even if your computer doesn’t turn on, that doesn’t mean the data is gone. “What they don’t realize is that even if the computer doesn’t work, the hard drive still does. I can still take that hard drive out and look at the data. So that’s a good sign, there’s a chance they didn’t wipe this computer,” Crowetz told us about one advertisement.
WHAT WE FOUND
Contact 5 bought 4 computers. One from Craigslist, two HP computer towers from the Palm Springs Police Department and one from Ebay.
The laptop from Craigslist was securely wiped. The computer towers from the Palm Springs Police Department Crowetz said still had some data.
“I found it really surprising, those weren’t wiped at all. However they lucked out. They put special software on there, so you can’t tamper, you can’t save information, almost nothing on the computer. They didn’t erase it, which is still concerning to me, makes me wonder if they’re getting rid of other accounting computers, and not erasing the data,” said Crowetz.
Now for the 4th, belonging to the Erie family: “It is alarming. And I’m a guy who deals with security and stuff, I should be used to this kind of thing. But this is just so bad,” said Crowetz.
We could see every website the 6 person family had used from 2005 to 2010, when the computer was used. There were millions of emails, pictures of the children.
There was also tax returns belonging to the children. “I can use social security numbers to open up credit cards, bank accounts. I have enough personal information on there, I can reset their passwords for their bank accounts,” said Crowetz. “It’s a pedophile’s perfect scenario, it’s identity theft perfect scenario.”
An incredible return for a computer available to anyone for just $40. A computer that was also dead, but the hard drive still worked just fine. “I might as well be holding a 10,000 bill in my hand right now,” according to Crowetz.
But not only did the Erie’s put themselves at risk, they also endangered thousands of others. Christine’s husband used the computer for work, he had personal information on more than 10,000 former or potential clients on the laptop.
“It’s a list of people who are looking for financial advice. You can’t even imagine how valuable that would be to a bad guy. In this case I know these people have money, because it shows their income, I have their email address, their phone number, that really gives me a great way to steal their identity or reach out to them to scam them. If I just ripped off 1% of these people I would be rolling in the dough,” Crowetz says.
“I can sell this to another bad guy on the dark web who might buy this from me for a $1000. Instant return.”
We tracked down Christine Erie, one of the owners of the computer. She told us, “it didn’t work, hadn’t turned on in probably 5 years. Probably sitting in the closet for ten.”
She said she did put a magnet to the computer before giving it away, because she “had heard you could put a magnet up to it, and it would wipe everything. And we had a big round magnet and I tried that but I guess it didn’t work.” As we found, it didn’t.
Christine Erie called the entire situation, “scary.”
“Thankfully you guys bought it,” Christine told Contact 5.
WHAT TO DO WHEN SELLING OR DONATING AN OLD COMPUTER
Crowetz’s first piece of advice? It’s probably not worth it to even sell in the first place.
“Is it really worth 30, 40 dollars for the risk you’re taking to sell an old computer,” said Crowetz.
But if you do want to, here’s a couple things to think about.
1. Take the hard drive out, and destroy it.
2. DBAN.org: It’s a free program that scrubs data from a hard drive.
3. Take your computer to an expert and have them wipe it.
WHAT HACKERS LOOK FOR IN A USED COMPUTER:
Whenever Caitlin Schmidt posts new content, you’ll get an email delivered to your inbox with a link.
Email notifications are only sent once a day, and only if there are new matching items.
Whenever Caitlin Schmidt posts new content, you’ll get an email delivered to your inbox with a link.
Email notifications are only sent once a day, and only if there are new matching items.
MARANA, AZ (Tucson News Now) –
A Marana police officer has been fired following an investigation into computer tampering and criminal charges have been filed against her.
Two other officers have also resigned “in lieu of termination,” said Sgt. Chriswell Scott, the Marana Police Department’s Public Information Officer.
On Wednesday, Nov. 1, the MPD reported a fourth officer is under investigation. That officer, whose name has not been released, is on imposed leave.
According to the direct indictment in the Pima County Superior Court, former officer Dionysius Cazares is facing two felony counts of computer tampering, obtaining confidential information.
“On or about the 17th Day of September, 2017, Dionysius Cazares exceeding authorization of use or without authorization, committed computer tampering by knowingly obtaining information required by law to be kept confidential or records that are not public record, by accessing a computer, computer system or network, belonging to ACJIS,” the indictment states.
The indictment was filed Tuesday, Oct. 10. The Marana Police Department said Cazares was terminated effective Oct. 27.
The ACJIS or Arizona Criminal Justice Information System is a statewide network housing various databases on persons and property in the state, according to the Department of Public Safety website.
On Oct. 17, Cazares appeared in court for an arraignment. The 31-year-old officer, who was not in custody, entered a plea of not guilty.
Two other officers resigned, according to Sgt. Scott, because they are being investigated. Officer Daniel Nicholas resigned Oct. 19 and officer Kyla Sylvia resigned Oct. 20.
Sgt. Scott said Cazares is the only officer facing criminal charges at this time.
Marana Police Chief Terry Rozema was unavailable to talk to Tucson News Now prior to this report being filed.
But Sgt. Scott said Chief Rozema is not at liberty to discuss the open investigation, especially while Officer Cazares is eligible to appeal. State law prohibits the department from commenting during the appeal process. She has 10 business days to file for appeal, with the deadline being Nov. 9, Scott said.
Sgt. Scott said Marana Police could not release any additional information during the ongoing internal investigation by their department. The criminal investigation was “being handled in-house,” Sgt. Scott said.
According to department records, Cazares was hired June 29, 2015. According to an official photo on the City of Marana website, she was sworn into office in July 2016.
Cazares’ case management conference is set for Nov. 16.
Copyright 2017 Tucson News Now. All rights reserved.
, the New Orleans rhythm-and-blues singer whose two-fisted boogie-woogie piano and nonchalant vocals, heard on dozens of hits, made him one of the biggest stars of the early rock ’n’ roll era, died on Oct. 24 at his home in Harvey, La., across the Mississippi River from New Orleans. He was 89.
OC parents worry about kid’s health amid investigation into flutes possibly containing bodily fluids – KABC
An Orange County parent headed to her local police station to drop off a flute her daughter used that may be contaminated with a music instructor’s bodily fluids.
The flute is one of many flutes that will be part of a disturbing investigation the state’s Department of Justice is conducting.
“Sick to my stomach, couldn’t sleep at night. My stomach is still turning. I tried to reach out to other parents who may have not heard about it,” parent Gina said.
According to officials, the instruments may contain sperm and other bodily fluids of a music instructor who was an independent contractor for several Southern California schools.
Three districts in Orange County have schools that are part of the investigation: Newport Mesa Unified School District, Capistrano Unified School District and Fountain Valley School District.
“I feel extremely violated for my daughter. Extremely violated,” Gina said.
In June, Gina’s 11-year-old daughter brought home a flute from the Flutes Across the World program. Now, the mother is worried about her daughter’s health.
“I mean it’s just disgusting. We don’t know if it’s just bodily fluid. I mean should we have our kids tested?” she said.
The instructor’s identity has not been released. The U.S. Postal Service is taking the lead in the investigation against him, but officials did not explain why the agency was in charge or how it was involved in the case.
Each Orange County district informed parents through emails or a letter about the possible contamination. District officials also urged parents to take the flutes their children may have and submit them for the investigation.
Now many parents are left wondering what they tell their children.
“I couldn’t explain it to her last night. I didn’t know how. She knew me. She saw me getting sick to my stomach, but she didn’t know exactly what was going on,” Gina said.