That NBC story 100% fraudulent

[qwertywarrior]

just as i suspected i pointed these out when they were first televised

pretty much american propaganda

http://blog.erratasec.com/2014/02/that-nbc-story-100-fraudulent.html

 

Yesterday (Feb 5 2014) NBC News ran a story claiming that if you bring your mobile phone or laptop to the Sochi Olympics, it'll immediately be hacked the moment you turn it on. The story was fabricated. The technical details relate to going to the Olympics in cyberspace (visiting websites), not going to there in person and using their local WiFi.

 

The story shows Richard Engel "getting hacked" while in a cafe at Sochi. It is wrong in every respect.

1. They aren't in Sochi, but in Moscow, 1007 miles away.
2. The "hack" happens because of the websites they visit (Olympic themed websites), not their physical location. The results would've been the same in America.
3. The phone didn't "get" hacked; Richard Engel initiated the download of a hostile Android app onto his phone.

I had expected the story to be about the situation with WiFi in Sochi, such as man-in-the-middle attacks inserting the Blackhole toolkit into web pages exploiting the latest Flash 0day. But the story was nothing of the sort.

 

Instead, the hacking in the story was due to the hostility of Olympic themed websites. The only increased danger from being in Russia is geolocation. Google uses your IP address to increase the of rank local sites, so you'll see more dodgy Russian sites in the results. You can disable this feature in your Google account settings.
 

Absolutely 0% of the story was about turning on a computer and connecting to a Sochi network. 100% of the story was about visiting websites remotely. Thus, the claim of the story that you'll get hacked immediately upon turning on your computers is fraudulent. The only thing that can be confirmed by the story is "don't let Richard Engel borrow your phone".

 

That leaves us with the same advice that we always give people:

1. don't click on stuff
2. patch your stuff (browser, Flash, PDF)
3. get rid of the really bad stuff (Oracle's Java)
4. don't click on stuff
5. oh, and if you really are in Sochi, use VPN over the public WiFi

I gleaned these details from Kyle Wilhoit, the expert quoted in the story, and his Twitter feed. He's working on a blog with the full technical details. I'm sure it'll be great, with lots of details about what hackers can find with Maltego, the dangers of hostile websites, and so on -- the sort of great information totally lost in the nonsense that is the NBC story.

 

 

 

By the way, the easy way to figure out where journalists commit fraud is by watching for "passive voice". Journalists normally avoid passive voice, preferring stronger language. But, when they need to hide things, they passive voice to cover up details. Saying "was hacked" covers up the fact that Richard Engel hacked himself by knowingly downloading a hostile Android app. In other word, active voice wouldn't have worked, because it would have required identifying who put the virus on the phone. He couldn't report that a "hacker put the virus on the phone" because the hacker didn't, Richard Engel did. He couldn't very well have reported, in the active voice, "I downloaded the virus". Thus, the passive voice, "the phone was hacked", avoiding this inconvenient detail of who did what.

[XTankSlayerX]

Its like fox news with their "Video games cause violence"

 

At what point are we going to stop blindly trusting news stations? Hopefully not soon.

 

EDIT: It would be hilarious if this were untrue too lol

[qwertywarrior]

Its like fox news with their "Video games cause violence"

 

At what point are we going to stop blindly trusting news stations? Hopefully not soon.

http://en.wikipedia.org/wiki/Fairness_Doctrine

this should be reinstated

[XTankSlayerX]

http://en.wikipedia.org/wiki/Fairness_Doctrine

this should be reinstated

I don't live in the US but for the sake of the people down there they really should

[beebskadoo]

Anything to cause fear in the viewer, that's what big news agencies bank on. it's what makes them grow. My suggestion, stop watching them!

[Kilerbomb]

The media makes the internet look like the instant you go on it you get hacked. Like others have said, all they want to do is invoke fear on the public. Unfortunately, all of my tech-incompetent family members believe the shit that the media spews out. Of course they don't listen to me, even though I have a relatively large knowledge of tech.

[Scionyde]

Wouldn't surprise me if this were the case. Used to get my news from NBC, but it seems like they're just as bad as Fox news now (albeit maybe with a little more of a liberal slant). It's kinda gotten to the point where I just skip American media and check BBC news, even if they aren't perfect either.

[Guest]

I don't live in the US but for the sake of the people down there they really should

The new is like this everyday it's nothing new no use telling anybody

[Ethnod]

there should be some kind of fine or penalty for them for fabricating stories like this when they know for sure that they are wrong, even when its clear that a small amount of due diligence would have revealed the truth they should be punished. This kind of behaviour is BS in any circumstances never mind from a major news organisation

[Jaybird]

like all information...

[Akolyte]

No American person should ever go to a russian domain, most of them a choca block full of malware.  

[hal9001]

According to pcmag.com,

(http://www.pcmag.com/article2/0,2817,2451360,00.asp?fullsite=true)

"The segment suggested that there was something unique about Russia; that your devices were more at risk in the country than in the U.S. or elsewhere. But in a behind-the-scenes video posted online by NBC, we find that the real culprit is lax security. None of the devices powered up in Russia (the duo were in Moscow, not Sochi) were running anti-virus software, which is asking for trouble wherever you are. Meanwhile, the devices were infected only after Engel downloaded them."

It's a long article, but to sum it up, the experiment was done in Moscow, not Sochi and they did what the "average" user would do and opened obviously non legitimate pop-up windows.

This reminds me of the WAN Shows spent talking about unfair experiments because this was sure one of them!

[qwertywarrior]

repost

http://linustechtips.com/main/topic/112304-that-nbc-story-100-fraudulent/

[martinrox1568]

The entire nbc story was blown WAAAYY out of proportion, likely due to the non-tech savy  reporters. I mean, did you see how the guy opened the macbook air box. Anyone that has opened a mac is probably dieing of laughter after watching just those 5 seconds. This can happen anywhere, not sure why they made such a stupid report of it. "The moment you turn on your devices in the terminal, they are vulnerable", which is bullshit

[DefinitelyNotAPedophile]

You can't just connect to a wifi hotsptot and get hacked. You have to allow the program to be downloaded. It doesn't matter if it's on a phone or a PC. Even if it does downloads without you saying yes, it will give you a notification that it is downloading