Notícias da semana/Maio

1. Por qual razão o ex-membro do LulzSec Sabu teve redução de pena?

"As a reward for his extensive cooperation helping prosecutors hunt down his fellow hackers, the government is seeking time served for the long-awaited sentencing of top LulzSec leader Hector Xavier Monsegur, also known as 'Sabu.'""


"According to the document, authorities approached Monsegur at his New York home on June 7, 2011 at which point he needed little convincing to cooperate. He quickly admitted guilt to criminal conduct before he was even charged with any crime and even spilled the beans to authorities about past crimes he had committed for which they had no knowledge of his role."


But his most extensive assistance led to the arrest of fellow LulzSec members, including Ryan Ackroyd, aka “Kayla” of Doncaster, United Kingdom; Jake Davis, aka “Topiary” of London; Darren Martyn, aka “pwnsauce” of Ireland; Donncha O’Cearrbhail, aka “palladium” of Ireland; Mustafa Al-Bassam, aka “T-Flow” in the UK; as well as Hammond, Ryan Cleary and Matthew Keys, a former Reuters employee accused of inciting members of Anonymous to hack one of his former employers.

Working at the direction of law enforcement for three years, sometimes into the late evening and early morning, Monsegur drew his fellow hackers into online chats designed to confirming their identities and whereabouts.

“During some of the online chats, at the direction of law enforcement, Monsegur convinced LulzSec members to provide him digital evidence of the hacking activities they claimed to have previously engaged in, such as logs regarding particular criminal hacks,” the government notes. “When law enforcement later searched the computers of particular LulzSec members, they discovered copies of the same electronic evidence on the individuals’ computers. In this way, the online nicknames of LulzSec members were definitively linked to their true identities, providing powerful proof of their guilt.

“Other times, at the direction of law enforcement, Monsegur asked seemingly innocuous questions designed to elicit information from his co-conspirators that, when coupled with other information obtained during the investigation, could be used to pinpoint their exact locations and identities,” the document reveals.

Link: Government Seeks Seven-Month Sentence for LulzSec Leader ‘Sabu’

2. Após colaborar intensamente com o governo, Juíz não condena ex-lulzsec

"Judge Loretta Preska determined that the seven months Monsegur, known by his hacker handle “Sabu,” spent in pre-trial detention was sufficient punishment for one of the most active hackers in the Anonymous collective and the vocal leader of the splinter group Lulzsec. Monsegur will be subjected to one year of supervised release that will include monitoring of his computer use, and he may yet be forced to pay restitution to the victims of his hacking."

Link: Lulzsec Leader and Informant ‘Sabu’ Let Off With Time Served

3. Trecho do livro No Place to Hide

O jornalista Gleen Greenwald lançou recentemente o seu livro sobre os vazamentos feitos pelo Snowden. Abaixo o primeiro capítulo traduzido.

Link: No Place to Hide

4. XMPP: Criptografia Mandatória!

Após mais de 70 servidores e administradores assinarem um manifesto de boas práticas de segurança no XMPP, semana passada foi o prazo limite para os servidores terem aplicado essas mudanças. Os usuários dos servidores que não aplicaram as especificações - como o Google - não poderão se comunicar de forma insegura com esses servidores.

Boa hora para você incentivar seus amigos a mudarem de serviço. E quem sabe passar para uma política mandatória de criptografia forte nas suas comunicações ;)

Link: Mandatory encryption on XMPP starts today

5. GCHQ: o que eles sabem sobre os nossos dispositivos que nós não sabemos?

Há alguns meses atrás, os jornalistas do The Guardian sofreram ultimato do governo britânico: ou entregavam os materiais classificados vazados por Snowden ou destruiam tudo. O jornal decidiu que o melhor a fazer seria destruir os documentos de forma segura. A GCHQ foi chamada para fazer e verificar o processo.

Para a surpresa de todos, a GCHQ não destruiu os computadores inteiros e nem estavam apenas interessados nos HDs. Chips e outros componentes dos computadores foram alvos.

"During our invesitgation, we were surprised to learn that a few very specific components on devices, such as the keyboard, trackpad and monitor, were targeted along with apparently trivial chips on the main boards of laptops and desktops. Initial consultation with members of the technology community supported our identification of the components and that the actions of GCHQ were worth analyzing further."


"We examined all the destroyed components, and while much was destroyed, our intial investigation will look to find out more about the following components targeted by GCHQ:

  • keyboard controller chip
  • trackpad controller chip
  • inverting converter chip"

Leia o resto da matéria no site.

Link: What does GCHQ know about our devices that we don't?

6. Snowden não é bem vindo no Stockholm Internet Forum

"The next European meeting of internet activists will be held in Sweden at the end of May. The “Stockholm Internet Forum” focusses on global development as well as surveillance. However, the world’s most important digital rights activist is not welcome: Edward Snowden"

Link: Swedish Foreign Ministry prevents Snowden’s invitation