| View previous topic :: View next topic |
| Author |
Message |
BoneKracker
Veteran
Joined: 14 Mar 2006
Posts: 1488
Location: U.S.A.
|
 Posted: Fri Apr 27, 2012 3:08 am Post subject: Anonymous hacker pwns self |
 |
|
This is the guy who posted a bunch of police officer's names, addresses and email addresses online after penetrating LAPD servers. He posted a jpeg taken on his own spartphone, and the FBI got his location from the EXIF data, which included a geotag.
| Quote: | CSO — The recent arrest of Higinio O. Ochoa III, of Galveston, Texas -- allegedly a member of the Anonymous-linked CabinCr3w --generated considerable amusement (and some unbearably bad puns) when it was reported that the FBI tracked him down using photos he had posted of his girlfriend's breasts (covered somewhat by a bikini top).
But the more interesting -- and sobering -- message of the case is that someone known as an elite hacker was busted because he forgot, or didn't know, about the fact that EXIF data (location, camera type, and other image information) is included in every photo taken with a smartphone. He forgot, or didn't know, that others can extract that information.
That the photos were a bit racy is incidental. They could have been artsy shots of a landscape or snapshots of a sporting event. The problem for somebody who is trying to cover his tracks is that the images are embedded with data that will tell an investigator where and when they were taken.
Ochoa, 30, who is charged by the FBI with hacking into US law enforcement agencies and posting online the home addresses for police officers, including those of more than 100 Los Angeles police officers, is a Linux administrator. Why he didn't think about the risks of posting photos embedded with geo-tagging -- common knowledge to most people who organize their photos by date and location on programs like iPhoto -- is a question Ochoa is probably asking himself.
According to the FBI, Ochoa allegedly tweeted in February using the handle @Anonw0rmer, directing followers to a site where he had posted information stolen from various law enforcement agency websites.
At the bottom of the site was an image of a woman, now identified as his girlfriend, with a sign reading "PwNd by w0rmer & CabinCr3w |
http://www.cio.com/article/705177/Embedded_Data_Not_Breasts_Brought_Down_Hacker
Too bad he didn't know about exiftool.
_________________
Oldthinkers unbellyfeel INGSOC.
-- Headline of a document on Winston Smith's terminal in his cubicle at the Ministry of Truth, seen briefly in the background in one scene of the movie rendition of Nineteen Eighty-Four. |
|
| Back to top |
|
 |
dmitchell
Veteran
Joined: 17 May 2003
Posts: 1154
Location: Austin, Texas
|
| Posted: Fri Apr 27, 2012 3:22 am Post subject: Re: Anonymous hacker pwns self |
|
|
| BoneKracker wrote: | | Too bad he didn't know about exiftool. |
You're one to talk. :wink:
_________________
Your argument is invalid. |
|
| Back to top |
|
|
BoneKracker
Veteran
Joined: 14 Mar 2006
Posts: 1488
Location: U.S.A.
|
| Posted: Fri Apr 27, 2012 3:38 am Post subject: Re: Anonymous hacker pwns self |
|
|
| dmitchell wrote: | | BoneKracker wrote: | | Too bad he didn't know about exiftool. |
You're one to talk.  |
I didn't know about exiftool until I spent 30 seconds doing 'emerge -s exif'. It's now on my computer.
I did, however, know about exif data and that there are various utilities which can edit it. I also didn't post a photo of my girlfriend's breasts under my evil anonymous hacker alias after committing a felony.
Why is it you who always catches my ninja edits?
_________________
Oldthinkers unbellyfeel INGSOC.
-- Headline of a document on Winston Smith's terminal in his cubicle at the Ministry of Truth, seen briefly in the background in one scene of the movie rendition of Nineteen Eighty-Four. |
|
| Back to top |
|
|
BoneKracker
Veteran
Joined: 14 Mar 2006
Posts: 1488
Location: U.S.A.
|
| Posted: Fri Apr 27, 2012 3:41 am Post subject: |
|
|
Wow, this is from its man page. Apparently there are quite a few different file types that have such metadata embedded. I only knew about a handful of these. These are the ones exiftool can manipulate (read, write, create):
| Code: | File Types
------------+-------------+-------------+-------------+------------
3FR r | EIP r | LNK r | PAC r | RWZ r
3G2 r | EPS r/w | M2TS r | PAGES r | RM r
3GP r | ERF r/w | M4A/V r | PBM r/w | SO r
ACR r | EXE r | MEF r/w | PDF r/w | SR2 r/w
AFM r | EXIF r/w/c | MIE r/w/c | PEF r/w | SRF r
AI r/w | EXR r | MIFF r | PFA r | SRW r/w
AIFF r | F4A/V r | MKA r | PFB r | SVG r
APE r | FFF r/w | MKS r | PFM r | SWF r
ARW r/w | FLA r | MKV r | PGF r | THM r/w
ASF r | FLAC r | MNG r/w | PGM r/w | TIFF r/w
AVI r | FLV r | MOS r/w | PICT r | TTC r
BMP r | FPX r | MOV r | PMP r | TTF r
BTF r | GIF r/w | MP3 r | PNG r/w | VRD r/w/c
CHM r | GZ r | MP4 r | PPM r/w | VSD r
COS r | HDP r/w | MPC r | PPT r | WAV r
CR2 r/w | HDR r | MPG r | PPTX r | WDP r/w
CRW r/w | HTML r | MPO r/w | PS r/w | WEBP r
CS1 r/w | ICC r/w/c | MQV r | PSB r/w | WEBM r
DCM r | IDML r | MRW r/w | PSD r/w | WMA r
DCP r/w | IIQ r/w | MXF r | PSP r | WMV r
DCR r | IND r/w | NEF r/w | QTIF r | WV r
DFONT r | INX r | NRW r/w | RA r | X3F r/w
DIVX r | ITC r | NUMBERS r | RAF r/w | XCF r
DJVU r | J2C r | ODP r | RAM r | XLS r
DLL r | JNG r/w | ODS r | RAR r | XLSX r
DNG r/w | JP2 r/w | ODT r | RAW r/w | XMP r/w/c
DOC r | JPEG r/w | OFR r | RIFF r | ZIP r
DOCX r | K25 r | OGG r | RSRC r |
DV r | KDC r | OGV r | RTF r |
DVB r | KEY r | ORF r/w | RW2 r/w |
DYLIB r | LA r | OTF r | RWL r/w |
Meta Information
----------------------+----------------------+---------------------
EXIF r/w/c | CIFF r/w | Ricoh RMETA r
GPS r/w/c | AFCP r/w | Picture Info r
IPTC r/w/c | Kodak Meta r/w | Adobe APP14 r
XMP r/w/c | FotoStation r/w | MPF r
MakerNotes r/w/c | PhotoMechanic r/w | Stim r
Photoshop IRB r/w/c | JPEG 2000 r | APE r
ICC Profile r/w/c | DICOM r | Vorbis r
MIE r/w/c | Flash r | SPIFF r
JFIF r/w/c | FlashPix r | DjVu r
Ducky APP12 r/w/c | QuickTime r | M2TS r
PDF r/w/c | Matroska r | PE/COFF r
PNG r/w/c | GeoTIFF r | AVCHD r
Canon VRD r/w/c | PrintIM r | ZIP r
Nikon Capture r/w/c | ID3 r | (and more)
|
_________________
Oldthinkers unbellyfeel INGSOC.
-- Headline of a document on Winston Smith's terminal in his cubicle at the Ministry of Truth, seen briefly in the background in one scene of the movie rendition of Nineteen Eighty-Four. |
|
| Back to top |
|
|
notageek
Tux's lil' helper
Joined: 05 Jun 2008
Posts: 78
Location: Bangalore, India
|
| Posted: Fri Apr 27, 2012 3:49 am Post subject: |
|
|
Lame. You don't need to emerge exif stuff. Just right click and see its properties.
_________________
What looks like a cat, flies like a bat, brays like a donkey, and plays like a monkey? |
|
| Back to top |
|
|
BoneKracker
Veteran
Joined: 14 Mar 2006
Posts: 1488
Location: U.S.A.
|
| Posted: Fri Apr 27, 2012 4:06 am Post subject: |
|
|
| notageek wrote: | | Lame. You don't need to emerge exif stuff. Just right click and see its properties. |
What the fuck "right-click"? Does that allow you to edit the EXIF data? Does it allow you to do it to batches of files?
Besides, I don't have icons, which are fundamentally useless wasters of time and resources, especially if you are trying to operate on large numbers of files.
_________________
Oldthinkers unbellyfeel INGSOC.
-- Headline of a document on Winston Smith's terminal in his cubicle at the Ministry of Truth, seen briefly in the background in one scene of the movie rendition of Nineteen Eighty-Four. |
|
| Back to top |
|
|
notageek
Tux's lil' helper
Joined: 05 Jun 2008
Posts: 78
Location: Bangalore, India
|
| Posted: Fri Apr 27, 2012 4:24 am Post subject: |
|
|
lol, says the man who didn't know what exif was 2 minutes ago.
_________________
What looks like a cat, flies like a bat, brays like a donkey, and plays like a monkey? |
|
| Back to top |
|
|
marens
Apprentice
Joined: 05 Aug 2004
Posts: 172
|
| Posted: Fri Apr 27, 2012 5:44 am Post subject: |
|
|
| Read that as hacking LDAP servers. |
|
| Back to top |
|
|
aidanjt
Veteran
Joined: 20 Feb 2005
Posts: 1101
Location: Rep. of Ireland
|
| Posted: Fri Apr 27, 2012 6:51 am Post subject: |
|
|
| marens wrote: | | Read that as hacking LDAP servers. |
C'mon, even real life LDAP developers barely understand that shit.
_________________
| juniper wrote: | | you experience political reality dilation when travelling at american political speeds. it's in einstein's formulas. it's not their fault. |
|
|
| Back to top |
|
|
nomilieu
n00b
Joined: 22 Nov 2011
Posts: 24
|
| Posted: Fri Apr 27, 2012 1:48 pm Post subject: |
|
|
| aidanjt wrote: | | marens wrote: | | Read that as hacking LDAP servers. |
C'mon, even real life LDAP developers barely understand that shit. |
I believe it. I wrote a script recently for easily querying our LDAP server via curl.
LDAP is straight-up no-excuses weird as all get-out. |
|
| Back to top |
|
|
barul
Guru
Joined: 28 May 2010
Posts: 417
Location: France
|
| Posted: Fri Apr 27, 2012 2:04 pm Post subject: |
|
|
I'm wondering how he could not know that. At least, on 4chan, everyone knows about it.
_________________
Save the penguins, burn the flags! |
|
| Back to top |
|
|
BoneKracker
Veteran
Joined: 14 Mar 2006
Posts: 1488
Location: U.S.A.
|
| Posted: Fri Apr 27, 2012 9:15 pm Post subject: |
|
|
| notageek wrote: | | lol, says the man who didn't know what exif was 2 minutes ago. |
I didn't say I didn't know what EXIF was, spudwinkle. I knew very well what EXIF was. I probably knew what EXIF was before you had your first camera.
I said I did not know of the "exiftool" application.
_________________
Oldthinkers unbellyfeel INGSOC.
-- Headline of a document on Winston Smith's terminal in his cubicle at the Ministry of Truth, seen briefly in the background in one scene of the movie rendition of Nineteen Eighty-Four. |
|
| Back to top |
|
|
BoneKracker
Veteran
Joined: 14 Mar 2006
Posts: 1488
Location: U.S.A.
|
| Posted: Fri Apr 27, 2012 9:18 pm Post subject: |
|
|
| nomilieu wrote: | | aidanjt wrote: | | marens wrote: | | Read that as hacking LDAP servers. |
C'mon, even real life LDAP developers barely understand that shit. |
I believe it. I wrote a script recently for easily querying our LDAP server via curl.
LDAP is straight-up no-excuses weird as all get-out. |
LDAP has 'slapcat'. No other database has a more awesomely-named tool. It's impossible to use without thinking about bitch-slapping lolcats.
_________________
Oldthinkers unbellyfeel INGSOC.
-- Headline of a document on Winston Smith's terminal in his cubicle at the Ministry of Truth, seen briefly in the background in one scene of the movie rendition of Nineteen Eighty-Four. |
|
| Back to top |
|
|
pjp
Administrator
Joined: 16 Apr 2002
Posts: 16029
Location: Colorado
|
| Posted: Fri Apr 27, 2012 9:59 pm Post subject: |
|
|
| notageek wrote: | | Lame. You don't need to emerge exif stuff. Just right click and see its properties. |
BinkyOS?
_________________
lolgov. 'cause where we're going, you don't have civil liberties.
In Loving Memory
1787 - 2008 |
|
| Back to top |
|
|
pjp
Administrator
Joined: 16 Apr 2002
Posts: 16029
Location: Colorado
|
|
| Back to top |
|
|
BoneKracker
Veteran
Joined: 14 Mar 2006
Posts: 1488
Location: U.S.A.
|
| Posted: Fri Apr 27, 2012 10:35 pm Post subject: |
|
|
I wonder how long before she stops coming to visit him in prison.
_________________
Oldthinkers unbellyfeel INGSOC.
-- Headline of a document on Winston Smith's terminal in his cubicle at the Ministry of Truth, seen briefly in the background in one scene of the movie rendition of Nineteen Eighty-Four. |
|
| Back to top |
|
|
pjp
Administrator
Joined: 16 Apr 2002
Posts: 16029
Location: Colorado
|
| Posted: Fri Apr 27, 2012 11:25 pm Post subject: |
|
|
If she visits, just the once.
_________________
lolgov. 'cause where we're going, you don't have civil liberties.
In Loving Memory
1787 - 2008 |
|
| Back to top |
|
|
|
Off the Wall
