Paul Moreno, an Ecuadoran blogger, discovered a flaw in the country's national online identity database, which he demonstrated by hijacking the identity of President Rafael Correa. He was briefly arrested, but was released after a vociferous Twitter campaign that prompted action from the president, who personally ordered Moreno's release. Moreno triumphantly announced his victory on Twitter.
Citing a Wired story on password security, Moreno set out on Nov. 26 to demonstrate a security flaw in DatoSeguro with an attention-getting proof of concept scheme: accessing President Correa’s account. He began by doxing the president, and once equipped with Correa’s date of birth and a national identification number — obtained via online searches — he had two of the three pieces of information he needed. The third was a set of two numbers from an identity card, which he simply guessed. With that, he had access to Correa’s account.
“Out of curiosity, I noticed one time that the fingertip digits in the IDS are all very similar,” he wrote on his blog. “There’s a V or an E or an A followed by various numbers: V23444 – E5444 and so on…combinations that are very simplistic, apparently. The system asked me for the third and fourth numbers of the fingertip digits. With the first combination, I got the numbers right and my account was created. After verifying the email the system sends, I had access to all Rafael Vicente Correa Delgado’s so-called secure data. It took me about half an hour, maybe less.”
Blogger Jailed After Password-Hacking Ecuador’s President [Wired/Mat Honan]
Since 1987, Doonesbury has been pricking Trump's bubble, and Trump hates it; Trump even instructed the ghost writer on "his" "book" Surviving at the Top to devote several pages to denouncing Trudeau as unfunny (you can read all of Trudeau's Trump strips in last year's Trump retrospective collection, Yuge!).
MJ Carlson calls this photo from a 1980s computer science textbook "the most glorious stock photo of all time." She is correct.
Daniel writes, "An obsessive programmer, frustrated with not only the inefficiencies of mainstream OSes like Windows, but what he sees as their 'imperialistic oppression,' built an entire operating system using a subleq architecture. Subleq is a OISC, a language with only a single command. It lacks the most basic features of programming languages, and yet […]
The human eye is a beautiful, incredible thing, but it’s far from perfect, especially when it comes to examining objects up close. Capable of magnifying objects up to 1,000 times, this portable microscope camera lets you see wonders hidden to your regular vision, and it’s on sale today for $38.99. Don’t let its compact size fool […]
There’s no shortage of apps available for your Mac, and, while it’s great to have options, this overabundance makes it difficult to find the apps worth installing on your computer. Thankfully, there’s the Pay What You Want: The Ultimate Mac Bundle ft. 2Do to simplify the process, which boasts 10 of the best Mac apps out […]
Sleek, minimalist, and convenient, Apple’s AirPods are a popular pick for those looking to upgrade to Bluetooth audio, but not everyone can afford the hefty $160 price tag. Whether you’re on a budget or just want something a little different, we’ve rounded up four pieces of audio gear that make for convenient Bluetooth listening, and […]