GitHub Forced to Disable Search After Exposing Private SSH Keys

On January 23, GitHub unveiled major improvements made to the code search engine. However, the new search infrastructure has turned out to be even more efficient than expected, revealing the private Secure Shell (SSH) keys of some repositories.

On Thursday, users began to notice that SSH keys could be easily found on GitHub. Some users reported that the keys they found were associated with the production server of a major website from China and, according to SC Magazine, even ones for the Google Chrome source code repository.

Sophos experts have investigated the incident and they say that the exposed private SSH keys belong to coders who have generated public/private key pairs for secure communications with GitHub. The programmers mistakenly uploaded their private keys instead of the public ones.

Around 80 search pages of private keys have been exposed by the incident. Luckily, GitHub has rushed to disable the site’s search functionality.

On the downside, the sensitive information can still be found via a simple Google search for “site:http://github.com inurl:.ssh/id_rsa.”

“If you are determined to produce your own key pairs, do yourself a favour and be watchful which one you give out and which one you keep,” noted Paul Ducklin, Sophos's head of technology, Asia Pacific.

The main fault is of the programmers who have uploaded their private keys instead of the public ones. However, some experts argue that GitHub should blacklist some well-known private files such as ~/.ssh and ~/.gnupg.

Paul Ducklin has published an interesting advisory which details how SSL keys should be generated and labeled to avoid such incidents.

In the meantime, the latest update on the issue from GitHub reads: “Search remains unavailable. The cluster is recovering slowly and we continue to monitor its progress. Well provide further updates as they become available.”

Read more

Proof of Fake Pakbugs Crew , Zombie_KsA, and their domain

Alrighty guys, I think I just had enough with those show offs and fakers..
As many people know that PakBugs.com is NOT under zombie_ksa's control.. it's under the hand of an old PakBugs member (Spo0fer).. and now he decided to claim to be Zombie_ksa for fame..

So let me give you guys some hints and points to make things clear..

In http://www.Pakbugs.com/exposed they started saying 1337, H4x0rl1f3, Invectus, and Shadow008 are faking zombie_ksa for fame..
so let me get this clear, what fame? they hacked google, msn, bing, yahoo, and many more and they want to use Zombie's name for FAME?!?! seriously?
Isn't zombie_ksa famous for hacking google? why would people who hack google want fame by using another guys name who hacked google?? :|

and another thing, I think who wrote that thingy in the link above was a little bit confused...
you were talking about:
KhantastiC
Shadow008
Reckzor
Invectus
H4x0rLif3
1337
why did you start talking about anon cop that he hacked geo tv? :/
oh yeah I get it, you wanted to show off! =)

One more point,,
Everyone knows that Zombie_KsA hacked the supreme court of Pakistan.. and as we can see right here http://www.zone-h.org/mirror/id/15510316 that Shadow008 was in greets...
But, when those fakers saw shadow in the greets they said that zombie_ksa didn't hack that, and that another guy faked his name and his WHOLE crew members..
Now let me ask you a question... WHY would zombie_ksa be SOOOOOOO angry about his name on MSN, BING, SKYPE, and more ISRAELI website and he was NOT angry when someone faked him and his WHOLE crew and hacked his own country's domain? :/
It doesn't make any sense, does it?
PLUS, since when pakbugs has official facebook page and facebook group? lol

and ONE last point... here is a link of the old Pakbugs.com http://web.archive.org/web/*/pakbugs.com
and now check the old staff and the new ones...

anyways... that's it =)
cheers guys, never believe fakers..

Read more

Rex Mundi Hackers Blackmail Drake International, Threaten to Leak 300,000 Records

The extortionist hackers from the Rex Mundi collective are back. In the past, they attempted to blackmail Dexia Bank, AmeriCash and Webassur, but now they’ve turned their attention to Drake International, a Canadian job placement firm.

According to the hackers, the company’s systems were hacked last week. They claim to have gained access to 300,000 “confidential job applicant records” and information on the company’s clients.


“We immediately contacted Drake International to offer them not to release the data in exchange of a mere $50,000 (fifty thousand US Dollars). So far, we have unfortunately not heard back from the nice folks over at Drake,” the hackers said.

“Does this mean that they do not care about their clients and job applicants' privacy? You be the judge.”

They warn that if the company fails to make the payment by the end of this week, they will publish the entire database – which includes the details of candidates from Australia, UK, Canada and New Zealand – on Pastebin.

To demonstrate that they’ve gained access to all that data, they’ve published a small sample of job applicant and client details. The sample data includes names, email addresses, passwords, references, phone numbers and other information.

On the other hand, Drake International representatives have told Financial Post that they have no intention of paying the hackers, even though they admit that the hackers have managed to obtain names, email addresses, passwords and phone numbers.

They’re currently working on notifying all the affected individuals, advising them to change their passwords.

The company has also notified the police and they say they’re working with authorities on ensuring that their candidates and clients are protected.

Tony Scala, vice-president of marketing and client service at Drake International, has also revealed that the database breached by Rex Mundi is “very old.”

Read more

User Data at Risk on a Windows 8 – Linux Dual-Boot System

Fast Startup is one of the new features integrated into Microsoft’s Windows 8 operating system that basically allows Windows to boost faster on a dual-boot configuration.

The problem is that the tool puts locally stored data at risk when the user loads the second operating system, in most cases a Linux distribution.

The explanation is as simple as it could be. In dual-boot configurations, the Fast Startup option doesn’t shut down Windows 8 completely, but only forces it to enter a hibernation mode that allows it to reboot a bit quicker when the users sign out from the other operating system.


Since this is nothing more than a hibernation state, Windows 8 will continue to store Windows session information, including file system data belonging to FAT and NTFS partitions.

Even though these system files are actually “locked” in a memory image automatically restored when the user boots back in Windows 8 with Fast Startup, specific files could be easily removed. And here’s why.

The developers behind the ntfs-3g FUSE filesystem driver have discovered that Linux distributions may attempt to write data on Windows partitions as well, sometimes overwriting the system file stored in the memory image we were talking about. When booting back into Windows 8, Fast Startup loads the operating system, but without the missing data.

In order to overcome this problem, the software creators have introduced an update that would require any Linux distribution to mount NTFS partitions as read-only and thus block any attempt to overwrite system data locked by Fast Startup.

According to H Online, however, an official release of the ntfs-3g driver with these modifications is yet to be launched, so Windows 8 – Linux dual-boot configurations are still vulnerable to this issue.

In addition, most Linux distributions on the market, including Ubuntu, Debian and openSUSE are yet to address this problem, so blocking the operating system from overwriting Fast Startup data is impossible for the time being.

Read more

Aaron Swartz, Reddit Co-Founder, Dead in Apparent Suicide

Aaron Swartz, the 26-year-old tech prodigy and Internet activist who was also the co-founder of Reddit, has died. He was found unresponsive in his apartment and was pronounced dead, his family confirms in a statement.

Police have ruled his death one by suicide, TIME magazine reports: Aaron had hanged himself.


“Aaron’s insatiable curiosity, creativity, and brilliance; his reflexive empathy and capacity for selfless, boundless love; his refusal to accept injustice as inevitable – these gifts made the world, and our lives, far brighter,” reads the statement from his family, confirming Swartz’s passing.

“Aaron’s commitment to social justice was profound, and defined his life. He used his prodigious skills as a programmer and technologist not to enrich himself but to make the Internet and the world a fairer, better place,” the family adds.

Swartz was a firm believer that information that benefits the public should be accessible to all, so he concentrated all his efforts into making that happen.

He founded the organization Demand Progress, which was instrumental in getting the US government to back down from the purported anti-piracy law proposed last year.

He also co-founded Reddit, which has turned into one of the biggest platforms for social justice through Internet activist.

A boy wonder, Aaron used his skills to do what he considered was right, even if that meant landing him on the wrong side of the law: in April, he was to stand trial on the charge of federal data theft charge, to which he had already pled not guilty.

According to TIME, Swartz had broken into the “M.I.T. computer system and allegedly download[ed] 4.8 million documents from the subscription based academic research database JSTOR.”

Had he been found guilty, he would have faced a sentence of 35 years in jail and a $1 million (€749,681) fine.

“He was brilliant, and funny. A kid genius. A soul, a conscience, the source of a question I have asked myself a million times: What would Aaron think?” law professor and activist Lawrence Lessig says of Swartz.

Read more

Hacker Jailbreaks iPhone 5 Running iOS 6.0.2

Planetbeing, one of the prominent hackers involved with iOS jailbreaking, takes to Reddit to clear away any confusion regarding the iPhone 5 / iOS 6 jailbreak. In a nutshell, don’t hold your breath for a release until iOS 6.1.

The hacker, well known for his work on past jailbreaks, decided to stop all negative speculation about a potential untethered jailbreak for iOS 6 / iPhone 5.

So he opened a thread on Reddit where he wrote, “Yeah, I'm not really sure what all the doom and gloom is about. The fact is, I have an untethered iOS 6.0.2 JB running on my iPhone 5 right now.”

Had Planetbeing left it at that, the jailbreak community would have been up in arms at this point. Luckily, he didn’t.

“The reasons it's not released are because 1. releasing it would burn an exploit we want to save for ourselves so we can always get in to look at new firmware and help JB in the future, 2. iOS 6.1 is coming very soon and will likely break a small part of it anyway, there's no point in sacrificing the many bugs it won't break,” he explains.

In other words, the hackers cannot afford wasting months of hard work over people’s whining. The release will center on iOS 6.1. Period.

Planetbeing makes a reassuring note, saying, “Anyway, where there are 4+ bugs (that it took to get this to work), there's gotta be one or two more so while jailbreaking is getting harder, reports of its death are highly exaggerated.”

He also explains why he decided to use Reddit instead of Twitter to convey all this to his followers. The gist of it: Twitter’s 140-character limitation.

For who’s asking, iOS 6.1 shouldn’t be too far off with WWDC only six months away. Apple needs to clear developers’ desks of any old software to start focusing on the new stuff.

Read more

WikiLeaks’ Julian Assange Has Not Been Arrested, It’s a Hoax

A story published a couple of days ago on Indymedia UK, allegedly by Guardian journalist Conal Urquhart, revealed that Julian Assange – the founder of WikiLeaks – has been arrested. As it turns out, the story is a hoax.

“Sources close to this reporter have confirmed that WikiLeaks founder and international fugitive Julian Assange has been arrested by Scotland Yard detectives at a private medical clinic located just a five minutes drive from the Ecuadorian embassy at Hans Crescent, London (sic),” the article reads.

“It is believed that Assange had been feeling unwell since before christmas, and after consultation from the in-house doctor he was referred to the specialist clinic. Just before entering the clinic Assange was arrested by undercover Scotland Yard officers who swiftly took him into there custody. (sic)”

There are several things which point to the fact that this is a hoax and the most important of them is a tweet from Christine Assange, Julian Assange’s mother.

“Julian has NOT been arrested. It’s a hoax. Possibly troll distraction #Assange #Wikileaks #Aanonymous,” she wrote.

“Trolls targeting you? Don't let them distract you! That’s their aim. Continue to tweet important info to build support. #Assange,” she later added.

Furthermore, as CWZ notes, Anonymous hackers have communicated with Assange after the story about his arrest was published.

Experts from security firm Sophos have also analyzed this story and they’ve also concluded that it’s a hoax.

Paul Ducklin, Sophos’ head of technology, Asia Pacific, explains that Conal Urquhart’s articles – the journalist who allegedly published the story – don’t usually contain so many mistakes.

“So whether you're for or against Assange, you can stand down from Wikilert. He's not been arrested. As far as we can tell, he's still learning Spanish in his Knightsbridge flat,” Ducklin wrote.

Finally, the initial story posted on Indymedia has been hidden because it breaches the publication’s editorial guidelines.

Read more

Apple’s Low-Cost iPhone Actually Has a 5-Inch Screen, Redesigned Body, Says DigiTimes

If I had a dime for every DigiTimes report citing its industry sources on the hottest circulating Apple rumor I’d be blogging this from a solid gold keyboard.

That’s not to say the trade publication hasn’t been reliable in the past. It’s just that most rumors dished out by the Taiwanese site seem to take on a strange spin at times.

Take for instance today’s “iPhone-for-emerging-markets” report. In typical fashion, the site states, “Apple will roll out a low-cost version of the iPhone for China and other emerging markets in the second half of 2013,” followed by the all-too-familiar “according to supply-chain sources.” So far so good.

However, some of these sources have allegedly seen a sample of the low-cost iPhone, which (hear this) “will come with a larger display, meeting the prevailing trend for the adoption of 5-inch displays for high-end models.”

The same sources also said that the phone would have “a brand new exterior design.”

I don’t know about you, but I’m having a really hard time picturing Apple charging fewer dollars for a brand-spanking new iPhone with a bigger display and a redesigned chassis.

Read more

iOS 7 and iPhone 6,1 Appear in Usage Logs

We kick off 2013 with an exciting discovery from a developer who is familiar with Apple’s software and hardware testing, reporting new activity coming from the company's Cupertino campus that points to tests carried out using a new generation iPhone and iOS 7.

An unnamed developer showed TNW that Apple has been testing hardware bearing a new ‘iPhone6,1′ identifier.


Moreover, the developer said the device was powered by iOS 7, the next major version of Apple’s mobile operating system which not only runs on iPhones, but also on iPads and iPod touch players.

Read more

US Army Databases Hacked, Details of 36,000 Individuals Stolen

Earlier this month, unknown hackers managed to gain illegal access to the details of around 36,000 individuals who were somehow connected to the US Army command center formerly located at Fort Monmouth.

According to APP, the details of Communications-Electronics Command (CECOM) and Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR) personnel were accessed by the hackers.

Read more

Microsoft Fixes Clickjacking Vulnerability in Socl Almost 5 Months After Being Notified

Security researcher Nikhil P. Kulkarni has identified a clickjacking (User Interface redress) vulnerability in Microsoft’s social media website Socl (So.cl). The expert told the company of the flaw back in August, but they addressed it only a few days ago.

“Social Networking sites today are accessed by millions of internet users as it is the best way to stay connected with their near and dear ones. But if they aren’t careful, then they might fall prey for various scams,” the researcher told Softpedia in an email.

Read more