Category: legal

Mansfield Radio Station Hacked

Now this is class, a great example of a childish, yet sophisticated attack on an local radio station.    The station is Mansfield 103.2 FM a small local independent radio station based in Mansfield, Nottingham.   Since June 2017 the station has found it’s frequency hijacked by an unknown individual who has been transmitting an adult song called ‘The Winker’s Song’ sung by errmm Ivor Biggun (scroll down for song).

This is of course pretty funny, although some people of course have been offended.  The problem is that it’s actually quite difficult to stop this happening.   The attacker is obviously using some sort of high powered mobile transmitter, and the police would have to catch someone in the act to do anything.

It is apparently a criminal act with the communications regulator Ofcom trying to track the offender several times without success.  They have Spectrum Engineering Officers (cool job title!) working with the radio station in an attempt to identify the culprits.

Having listened to Mansfield 103.2 many years ago, I suspect it will have probably brought them a few more listeners waiting for the next attack.   The prankster had better be careful though as the kill joys have pointed out that maliciously causing radio interference carries a maximum punishment of two years imprisonment and an unlimited fine.

I for one would look carefully to people who have an association with the radio company, perhaps a disgruntled ex-employee.   The song selected has to be a big clue – it is of course a rude little ditty about mastrubation which basically loops through the words – “I’m a W*nker” to a George Formby type soundtrack.   It is also introduced by a male voice with a local Nottinghamshire accent, that song is a message dedicated to someone in the radio station I suspect.

To save you all googling – here’s the song –

The prankster also seems to be trying a little comedic timing too, with the latest hijack taking place half way through a live family broadcast from a local Mansfield event.    Hopefully he’ll now stop, because he’s bound to get caught eventually and we need more proper hackers around like this guy.

Maybe though, perhaps he’s a millionaire super hacker who’s adapted some long range drones with a radio transmitters controlled by a secure VPN and will never actually be caught – just the drone shot down. Only to mysteriously return and play the same song every time Nigel Farage does a radio interview somewhere, excellent….

 

 

UK Users to Receive Piracy Warning Letters

A couple of weeks ago I sat in the front room of an elderly neighbour, on the TV screen was a Premier League football match being broadcast on Sky Sports.    I was surprised because I knew this chap struggled on a basic pension and the Sky Sports package is not cheap!   However I then noticed the digital box, it was not the standard Sky digital  box but a custom TV media box complete with VPNs.

For a few pounds a year to cover updates, this box was pre-installed with a version of Kodi and a few extras which granted free access to every single Sky subscription channel.  The cost of these channels if paid for legitimately would be over a hundred pounds a month, yet the cost for these was virtually nothing.  The box even simulated the Sky selection screen which meant that this 80 year old man was happily surfing at the cutting edge of digital piracy.

A New Breed of Digital Pirate?

It turns out his nephew has installed it and he’d been using it for several months.   He was blissfully unaware that technically he was stealing all this content from Sky and to be honest I didn’t feel the need to spoil his enjoyment by telling him

The reality is that in the UK and indeed across the world, digital piracy is starting to hit the mainstream.  In millions of households, neat little digital boxes sit happily under TVs streaming illegal copies of US cable channels or UK satellite channels.  It’s got to the point that it’s so common that most people don’t even consider it illegal, something like taping a radio programme or copying a DVD.  After all why pay a fortune monthly to some huge media conglomerate when you can purchase a pre-installed media streamer that supplies the same for nothing.

It does of course, cost the media companies huge amounts of lost revenue and obviously they are trying to stop this.  In the UK this month, will see the first phase of action designed to stop this behaviour.  The biggest ISPs in the UK will all be sending out emails to any individual who’s internet connection is being used to download copyrighted material illegally.

It’s been discussed for years but has always been postponed for a variety of reasons.   For example there was a lot controversy when copyright holders started using a practice dubbed as speculative invoicing.  These were basically demands for money threatening legal action against anyone who’s internet connection was being used to download copyrighted material – you can read about in this article – Bittorrents Monitored.   The issue has never been detecting the downloads but rather what actions can be taken, legally it was very difficult to prove an individual was responsible even if their internet connection was being used.

The letters will be sent in the form of emails, and will simply inform the user that their internet connection is being used to download copyrighted material and information about where it can be obtained legitimately.    There will be no threats, fines or further action and critics have pointed out that it will have little effect.   The action will only target P2P users, those who download using torrents and file shares – however the use of these methods has fallen dramatically over the last few years.  The majority of people who view copyrighted material now stream directly using these TV boxes and programs such as Kodi which are slightly more difficult to detect.

It is likely that these users will be targeted later although who knows how long this will take.

The Big Business Hackers

When you imagine a team of highly skilled hackers attempting to make money, most people will probably think of some criminal exercise of exploitation, cyber crime or extortion.   You certainly wouldn’t think of the stock market or investment firms profiting directly from this sort of enterprise – yet it seems this is exactly what is happening.

Hacking is going mainstream and it looks likely that there will be a lot more profit going legitimate than through the standard ransom or blackmailing routes.   Others will perhaps argue that these new methods are pretty much the same as the criminals use.

The story arises from the tactics of a company called MedSec a cyber security firm which has recently started up.  They investigated a range of hospitals and medical hardware for potential security issues and identified one medical devices company to be at particular risk – St Jude Medical Incorporated, more specifically the pacemakers and defibrillators they make.

At this point MedSec faced a classic, traditional ‘hackers dilemma’ – you find a serious vulnerability – what do you do?   For the ethical hacker it often represented a difficult choice particularly if a little digital trespassing was involved.  Many individuals have found themselves behind bars after attempting to inform a company or organisation about a vulnerability in their software or network, while some have been praised and rewarded.   The MedSec guys though have a plan to inform and profit at the same time, although the ethics seem fairly dubious to many.

They approached an investment firm run by Carson Block called Muddy Waters Capital LLC with their money making initiative.   The idea was unusual, MedSec team would prepare all the evidence demonstrating the problems with the medical devices, however before making this public the investment company would take out a short position on the parent company of St Jude Medical.    Basically they would both make money if the share price fell in response to the negative news.

Sounds like insider dealing? Perhaps, although it is assumed legal advice was taken before this unusual tactic  – here’s a MedSec representative justifying their tactics.

Convinced? Nope me neither, I suspect they may be in trouble for using this tactic. Where will it end ? The false concern about patients using these medical devices to try and justify their money making scheme was particularly hard to believe. Currently the tactic seems to have paid off though with the share price falling significantly and presumably making the ‘short’ position profitable.

Facebook Crime – Removal Scam

There is a very real and fundamental problem with buying and selling anything using social media, identifying whether the person you are dealing with is legitimate. Think about it, normally when you find a trader or company they will have premises, registered offices, land lines. You may have responded to an advert or directory listing, all these things take time and money to set up.

Now let’s compare that with a Facebook Company page, which takes two minutes and no verification. In fact, you can set up a Facebook page for a fictitious company and then add hundreds of fake likes and reviews in an hour or so. The result can look extremely legitimate and representative of a well respected, reliable company or tradesman. It’s not hard to do and costs very little money, what is more if you’re reasonably careful almost impossible to trace back.

moving-312082_640

 

 

This is unfortunately what happened to Becky Szenk and her partner Mark Higgins when they moved from their flat in Wolverhampton.

They needed to find a inexpensive removal firm, and like many of us turned to the social media site Facebook to see if they could find someone. They managed to find one of those ‘man with a van’ services and immediately contacted them to book his services. Many of us do exactly the same, only last month I booked a roofing contractor who came up in a Facebook search. My experience was good despite my lack of care, however it was a very different story for Becky Szenk.

The removal guys turned up on time, and two of them quickly and efficiently loaded up their worldly possessions into a large transit van. What was notable was the speed in which they completed the task, loading up in about 45 minutes and driving off to the pub that they had invested their savings in.  Or so they thought, in fact that was the very last time they saw their stuff – the men and their possessions were never seen again.

“I have never cried more in my life than I did on Friday afternoon – I am so distraught that they have taken my engagement ring and my baby’s toys.”
Becky Szenk

It’s not an isolated case, police have reported several similar incidents just within the West Midlands area of the UK.  It is an easy crime to perpetrate, you can easily hide your tracks and the payoff can be extremely large – the possessions lost by Betty Szenk and her partner were estimated in the region of £10, 000.

 

May you Rot in Hell – Ask Toolbar

I don’t swear much, in fact there are only three things that are likely to make me swear at all. In no particular order – my teenage son, printers and the Ask Toolbar.

I try to avoid the first two whenever possible, however I am forever plagued by the scourge that is the Ask Search toolbar.  You’ve probably come across it too, in fact if you don’t stay constantly aware the little bastard will certainly install it on your computer at some point.  In case you don’t know what I’m talking about here’s a reminder and the origin of about 99% of the installs.

asktoolba2r

This screen which most of us skip through in nano-seconds during the install of one of the 100 yearly Java updates is where you’ll get caught.  I know it’s there and it’s always getting me, you click on next and in the corner of your eye you just catch a glimpse of the ‘Add Search App by Ask.’, but it’s too late your mouse has already registered your click and continues.   You have just requested that one of the most pervasive and irritating pieces of adware be installed on your computer and have signed your agreement to whatever horrors are contained in the Ask.com Terms and Conditions.

There are hundreds of different versions of this vile search add on, which produce a variety of annoying results.  Depending on which version you have the misfortune to install, you’ll get your search results modified, adverts inserted into your browsing, your home page altered and forced to use the Ask search engine.   I hate it vehemently, it is also a complete bugger to remove as is usually the case.

Finally now though the industry is beginning to act on the sort of hate that this toolbar generates.  It’s only achieved any sort of legitimacy from piggy backing the Java install, and it’s probably done some severe damage to Oracle’s reputation.   Now Microsoft has finally classed it as malware and it’s security products now remove the accursed toolbar.  Well to be more accurate, Microsoft have classified it as ‘unwanted software’ which is like classifying leprosy as an unwanted skin condition.  I presume that’s to prevent legal wranglings and arguments over the definition of ‘malware’ – even though it is.

It’s not perfect, not all versions of the Ask toolbar are included only the earlier advert injecting ones, so you’ll still have to be on your guard. I presume it’s still in the Java Runtime installer but fortunately I’ve cut down on my drinking and haven’t accidentally installed that for a while.