<-- got pwned I spent 90% of the time with my Windows (I like koolaid. deal with it) laptop on a 4g My-Fi up in my room, and had my droid 2 global on 3G most of the time.
Saturday-ish, I noticed alot of "hey, what's your password again?", and said "NO YOU" to most of them, but didn't really have a sense that they were suspect until I read this thread. Saturday around noon I got this email in my gmail inbox... FROM "MYSELF". """ Hello, Eric. I have your laptop, and it won't let me log off your account. I was wondering if you could tell me? Anytime I go on to my account, it always directs me to yours. Do you mind informing me on how to log off your account for good? I have no intention of hacking or sabotaging your account. Thank you, Aislyn P.S. I fixed your laptop. I believe you left it at the dump. """ I promptly responded with something along the lines of, "Describe my laptop...... and go ________ yourself", closed all existing google sessions, changed my password a few times, and enabled 2 factor authentication. The only ongoing issue I've noticed is my feeling of regret that whoever sent the email will never be able to respond my reply. :-( On Wed, 10 Aug 2011 14:17:25 -0400, coderman <[email protected]> wrote: > lots of misunderstanding... > > On Wed, Aug 10, 2011 at 2:21 AM, coderman <[email protected]> wrote: >> ... some characteristics: >> >> - full active MitM against CDMA and 4G connections from Rio to carriers. > > 802.16/ClearWire/Sprint4G > > did not have LTE to test with. > > > >> how to tell if you *MAY HAVE* met the beast at Rio: >> .. > > of course many of these seem innocuous or unrelated. that's the point > and why attacking via these methods was effective. > > there are situations where signal and link would be bad just given > congestion and noise floor. > > however i am speaking to particular effects when the MitM was taking > over a connection from target to the carrier and redirecting through > itself. this was done in a manner that causes some effects described. > > > > sorry media, no inquiries. i bet you can find people to talk to; try > reddit and twitter: > > http://www.reddit.com/r/netsec/comments/jeis7/full_disclosure_def_con_19_hackers_get_hacked/ > http://twitter.com/?q=defcon+cdma#!/search > http://twitter.com/#!/search/defcon%204G > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- Eric McCann University of Massachusetts, Lowell Department of Computer Science One University Avenue Olsen Hall, Room 304 Lowell, MA 01854 Lab: 978.934.3385 Email: [email protected] Homepage (lab): www.cs.uml.edu/robots Homepage: www.emccann.net _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
