Journalist believes his phone was hacked by spooks at HOPE X, will upload image for forensics


#1

[Permalink]


#2

I haven’t been to one, but people go to hacking / security conferences without electronics that aren’t burners or part honeypot? I mean, it’s one thing to bring important stuff to a tech conference, but most everyone at one of these is a bit paranoid for good reason and are security experts.


#3

Man, what a fucked-up thing tech has become. Nobody would worry about his car getting stolen at a locksmiths’ conference.


#4

My thought is that it seems more like a lockpicker’s conference, and people are carrying around a bunch of exposed locks with information lockpicking on the inside. Also, pranks are apparently a popular part of the culture. As a nobody, I’d be more worried my car would have its horn replaced with a Rickrolled horn. With a bit of planning, it would not be hard to do a factory reset and sell something on eBay “Like new”.


#5

It sounds like “honeypot” is exactly what’s going on here.


#6

There are always “questionable” people in audiences at hacker cons. A few are probably feds. The rest are just guys sending invisible rays into the heads of speakers, who then get paranoid about “those people.”

No actual evidence that any of these folks were nefarious (though his phone did get hacked in an unrelated to the panel thing since it didn’t happen there).


#7

Or you can actually know what you’re doing and you probably won’t get hacked.

Some people bring burners. Other people, say, turn off their wifi and bluetooth and never let anyone touch their laptops but them.

As an addendum, I’ve gone to every Blackhat and DEFCON for six years and was at Hope-X. None of my stuff has ever been hacked or damaged…


#8

…that you know of.


#9

I could say the same of you. Given my work, it would be pretty obvious if I was hacked.


#10

So why do all your posts say “Report This Man To Homeland Security If Seen On The Internet” below them?

Edit: Oh, wait, do you not see that?


#11

That sounds kind of like stuck hardware buttons, to be honest. The same key combo that does a screenshot might do something like reset the phone to a non-rooted state if held during power up or reset.


#12

You are absolutely right. The only thing I’m sure of is that I’m not absolutely sure.


#13

I’m just shocked that his password is actually ‘hunter2’.


#14

No way man… a certain key combination will boot into bootloader mode, but no android phone do anything without you selecting options in the bootloader menu.

@PhasmaFelis like others pointed out, it’s mostly for the lulz and because they can. If you’re this kind of guy (someone working on WL stuff or anything to do with people who’ve been jailed) then you should operate with an expectation that someone from a TLA will try to hack your stuff. I am also somewhat surprised that he took his everyday driver, if he actually did. A phone with a freshly flashed ROM that you know is clean would be the best option IMO - even better than a dumbphone because dumbphones have exploits that you aren’t able to patch or mitigate.


#15

O.o

He seems to be aware of cyanogenmod’s hack-ability and the dangers of being rooted, but then admits he’s running an old version of cyanogenmod… you know… the ones that were updated because of security holes? Sheesh.

After all, even rooted CyanogenMod phones are easy targets for hacking.

“My phone—the battery is still out—was running an old version of CyanogenMod, seven or nine, can’t remember, and I’m working on getting someone to write-block and image it so we can crowd-source forensics into it.”


#16

Willing to bet it was hacked by someone noticing that he’d left one or another service on (wifi, BT, hell–USB dongle) and did what hackers do to such devices–got into it for the lulz.
Of course, I tl;dr’ed the article, so it’s possible he took every precaution and The Man really is out to get him.
And yeah, daily driver to the HOPE X conference? What could possibly go wrong?


#17

So, I can tell you a couple of things about this situation.

  1. The guy claims that he never put this phone on the wifi at HOPEx
  2. He claims that he didn’t “click anything”
  3. I lost 2+ hours of my Sunday evening to trying to connect with this guy so that I could fix his phone, but he didn’t follow my directions, come meet me in Brooklyn, or contact me on the phone number that I gave him. (You can see a portion of the events on my Twitter account at http://twitter.com/lishevita and scroll back to Sunday the 20th of July.) In the end he said that someone else was going to help him, but then he posted his report from HOPEx making it clear that he didn’t get any such help afterall.

Me? I’m a little annoyed because a) he wasted a chunk of my time when I could have been hanging out with my friends for nothing and b) it seems like he was more after attention than actually getting anything fixed.

When I gave him my phone number he said that he couldn’t call me because he didn’t have a working phone. What about borrowing a friend’s phone? What about using a PAYPHONE? (It’s New York, I saw some pay phones in the hotel lobby even!) There was no logical reason he couldn’t call me.

When I told him on Twitter that I would not be able to decrypt his PGP email because I was on my phone, not my laptop, and that he should CALL ME at the number I sent him, he ignored me. He sent me PGP encrypted email anyway.

I would have loved to meet up with him and grab an image of his phone for later forensics AND reflash his phone with a clean copy of Cyanogenmod. In fact, I prepared two USBs for that purpose that I was going to give to him to keep after the grand adventure was over. (I didn’t want any USBs that touched his devices to then touch my own, if you know what I mean.)

If he wanted help, he would have gotten it that night. He was clearly setting himself up for publicity, not actual help.


#18

This topic was automatically closed after 5 days. New replies are no longer allowed.