আমাদের কথা খুঁজে নিন

   

NBC Reporter's Story of Getting Hacked in Russia Is BS, Experts Say

An NBC report that claimed visitors to Russia would have their phones and computers hacked almost immediately upon arrival has come under fire from security experts who claim the segment is misleading.
In the report, NBC's Richard Engel claims that visitors are "especially exposed as soon as you try and communicate with anything" and that hackers are "counting on" people to "log on."
See also: Pretend You're Competing at Sochi While You're Really on the Couch

The report quickly became a point of skepticism among security specialists. Kyle Wilhoit, the expert involved in the NBC segment, took to Twitter to discuss the piece. He said he will be issuing a "white paper" that will clarify the details of the security flaws that Engel highlighted.
Wilhoit did express some reservations with the report, particularly with editing that may have presented evidence in a misleading fashion.
@jbrodkin @marknca I agree. Unfortunately, the editing got the best of the story. Cut a lot of the technical/context details out.
— Kyle Wilhoit (@lowcalspam) February 6, 2014
Robert Graham, owner of consulting firm Errata Security, highlighted the important details that he assembled from Wilhoit's Twitter feed on his blog.
The story shows Richard Engel "getting hacked" while in a cafe in Russia. It is wrong in every salient detail. They aren't in Sochi, but in Moscow, 1,007 miles away. The "hack" happens because of the websites they visit (Olympic themed websites), not their physical location. The results would've been the same in America. The phone didn't "get" hacked; Richard Engel initiated the download of a hostile Android app onto his phone.
An NBC spokesperson issued a response to the blog post:
The claims made on the blog are completely without merit, here's our response to each one:
1- From the very first frame it was made absolutely clear that the piece was taped in Moscow. Richard welcomed the expert to Moscow on camera, in front of a well-known Moscow landmark.
2- Of course this type of cyber attack can happen anywhere in the world, but the point we were demonstrating is that a user is more likely to be targeted by hackers while conducting search in Russia, and that such attacks happen with alarming speed from the moment a user goes online.
3- The story was designed to show how a non-expert can easily fall victim to a cyber attack when they are deceived into downloading a piece of malicious software that is disguised as a friendly message or alert. Just like any regular user, Richard went online, searched sites and was very quickly targeted and received a tailored fake message designed to trick him into downloading the software.
We also simultaneously published a 3-minute video on nbcnews.com for viewers more interested in the technical details, and it goes into more depth about how we conducted the experiment and what the results were: http://www.nbcnews.com/storyline/sochi-Olympics/behind-scenes-trapping-Russian-hackers-n22361
The devil is in the details, of course. Words like "hacked" have a wide berth and stir up fears that are easily manipulated. The truth is at the same time more boring and even more dangerous than Engel can communicate in three minutes and 45 seconds.
In reality, the security breaches Engel encountered are not exclusive to Russia. The search results there just happen to be geolocated to generate more chances to click on something malicious.
Have something to add to this story? Share it in the comments.

সোর্স: http://mashable.com

অনলাইনে ছড়িয়ে ছিটিয়ে থাকা কথা গুলোকেই সহজে জানবার সুবিধার জন্য একত্রিত করে আমাদের কথা । এখানে সংগৃহিত কথা গুলোর সত্ব (copyright) সম্পূর্ণভাবে সোর্স সাইটের লেখকের এবং আমাদের কথাতে প্রতিটা কথাতেই সোর্স সাইটের রেফারেন্স লিংক উধৃত আছে ।