Welcome to e.Woke #48: SNS Stealing SSNs
This is e.Woke #48! So much has happened this week, but we got your back with all the important updates! Quick summary: Facebook continues to disappoint, hotels are hacker paradises, and the Russians are back. Let’s get right into it!
Facebook should really consider opening a chatline that is only for reporting pages with stolen data (SSNs, credit card numbers, addresses, etc). Social security numbers and other personal data have been posted all throughout FB for the last couple years, and Facebook never took the posts down until recently. Some of the posts were from several years ago, and were able to be found through a simple Google search. Here is what Matt Mitchell of CryptoHarlem had to say about this incident, “On their end, it’s pure laziness to wait for an abuse report to stop post that are following a doxing template-”. So, Facebook has data collecting personality tests and groups sharing stolen SSNs. Nice.
Have you ever stayed at a hotel and locked your key inside your room? The appropriate reaction would be to tell staff and ask for a new key, right? Not for hackers apparently! Tomi Tuominen and Timo Hirvonen are two hackers who work for the cybersecurity firm F-Secure, and they were able to find out a way to create a “Master Key” that would be able to unlock any hotel door. How? “Since staff keys typically work throughout the building, hackers usually target cleaning staff or managers whenever attempting to clone a key that can open any room in the hotel. Keys that use RFID, or electromagnetic fields, for instance, can be cloned easily without raising suspicion. Even just walking by hotel staff with an RFID reader concealed in a messenger bag is usually enough to capture a card.”. Maybe stay with a relative next time you’re out of town.
Kendall Scudder, a Democrat from Dallas, had to take his website down because of Russian hackers. Scudder took the page down after discovering Russian coding and connections to Russian websites were on his server. Scudder’s campaign communication director also reported some fraudulent activity in March after page visitors reported possible phishing. This was Scudder’s response to the attack “We won’t be sidetracked by anything — whether it’s foreign hackers or our opponent’s domestic dark money. I’ll stand against any attack on democracy and American values.”. Kind of sounds like something Captain America would say, but Scudder will obviously not be shaken by the Russians.
We have a good understanding when it comes to what technology is being used by our local police, but we don’t know everything. Minnesota’s Supreme Court could help change that. “Webster’s request to Hennepin County officials sought a variety of records, and included a request for the agencies to search officials’ email messages for keywords related to biometric technology, such as “face recognition” and “iris scan.” This is a huge possible win for gaining information about how biometrics are used and stored.
Dead Men Unlock No Phones. Seriously though. Tampa Police shot and killed 30-year-old Linus F. Phillip and tried to unlock his phone postmortem. It did not work and they were unable to access Phillip’s phone. “Police have repeatedly tried to unlock phones with dead fingers, but if it’s ever worked, we haven’t heard about it. It’s perhaps not surprising. We don’t know what type of phone Phillip had, but fingerprint sensors such as Apple’s Touch ID use capacitive touch, picking up on the slight electrical charge that runs through living skin in order to read a fingerprint at a subdermal level.”. Although this is not technically illegal, it is incredibly disrespectful and invasive.
Digital Security Tips, Resources, and Guides: