It’s the oldest and easiest hacking style in the book: social engineering. Getting people to give up key passwords or other info, or getting them to click on a malicious link which gives you control of their computers. I work in a place where cybersecurity is not just an afterthought but a primary function of our IT department, and we test these types of schemes annually. Even where I work, almost 20% of staff fall for our phishing tests routinely.
This could have been a lot worse, though. It sucks to lose money, but by now most folks should know better than to click on those sorts of schemes. And I have my own personal opinions about bitcoin and the other systems and feel like “this is what happens” when you trust such things. They’re great for criminals, and terrible for consumers.
I’m all for shitting on crypto currency, but this is not a design flaw, Bitcoin works as it was intended.
The issue in this story is with the shitty security at Twitter. Really shitty security.
Bitcoin has been around for over a decade and the basic design has not been defeated. There is a lot of bad stuff you can say about it but it’s design is unparalleled.
It can very well be working as intended, and that intended design to be flawed. A system that guarantees transactional resiliency but ignores traceability is fundamentally flawed IMHO.
I believe you are conflating two different things here. This bitcoin issue goes far beyond this twitter hack.
just flip the friggin switch for good. anybody out there want to stand up and say they are not sorry they ever got involved with twitter? i dumped mine a couple of years ago and believe me my mental state was much improved. and i wasn’t a tenth as active as most people on it. it is a cesspool.
Me. On the other hand I might be listproof or something…apparently horribles like spamming lists and adding people to the list, and there’s a list addr. blocking to be done if they show up. Come to think of it, there’s also that guy who invented the interpretation of ‘reasonable fee’ to charge fees for Open Access stuff (which is true if you’re Wiley Blackwell, half the time) who I still wanted to think nice things about (Esser’s good at iOS machination.)
eta: On the other hand, maybe it’s not the best way to go read the NYT, and its draw isn’t on the slowing side of the imploding newsrooms equation/problem/gloaming.
Twitter says hack of key staff led to celebrity, politician, biz account hijack mega-spree
Twitter has offered its initial analysis of the Wednesday mass hijacking of prominent twits’ accounts – and suggested it all kicked off after its staff fell for social engineering.
Judging from leaked screenshots of Twitter’s internal systems circulating online and seen by El Reg , it appears one or more miscreants were able to gain direct or indirect access to an administration panel used by Twitter employees to configure accounts, by tricking or coercing the social network’s staff.
Alright, money should always be traceable, let’s abolish cash money. Why are you so in favour of having your transactions traced?
Bitcoin transactions are actually very traceable by design, it’s only by using some clever tricks like bitcoin tumblers you get some level of obfuscation. But even that is still mostly reversible if you want to do the effort.
So you are basically arguing that one of the most openly traceable monetary systems is flawed because it’s not trackable enough?
This story is very much about the Twitter hack. The hackers use bitcoin as their tool for cashing in on that hack, but that is not the story, that is a well known technique, it’s not news.
Also, I was underhelmed. Like in A BITCOIN SCAM? Are you kidding me? Those guys got handed the keys to the inner sanctum, and they go like “yeah, well, I’m going to draw some graffiti on the wall saying If you worship our God then HE will give back to you and put a jar in front of it”. Then, the high priests came around, closed the sanctum, got rid of the graffiti and everyone was like “oh, they really shouldn’t have done that, and we need better protection of our sanctum”.
Could we just shut down the temple, stop worshipping invisible men in the sky, and put Jack back in the box, with all his priests?
I’m no longer amazed when I see hackers fail to make the most of the assets they acquire. You know what happens 99.99% of the time someone’s email gets hacked? The account gets used for sending spam.
Someone gains access to your basic communication channel, that usually contains years of backlogs of intensely personal and sensitive communications, can be used to reset passwords to all kinds of other accounts, and they just ignore that and only send spam?
I believe we are blessed with most hackers and scammers being unimaginative and unambitious.
Are they not buying the hacker creativity jumpstart script? Those things are just in there next to the book anthologies (in scanned PDF) and Continental Statute (docx), right? Probably watered down with a bunch of copies of sports stats that trail off into the 2040s. [Revisits toolbar for Firevaldi Graymarket toggle.]
Every transaction is forever carried in the blockchain, identifying the pair of accounts at each end of it. How is that untraceable? Isn’t it just a question of forensic creativity?
