Mac Worm uses Reddit for botnet propagation

It’s a little old now, I’m surprised I hadn’t blogged about it before now, but I feel it’s still an interesting little exploit to mention.

From my naive understanding of the exploit, it masks itself as a Java-esque app and trys to gain port listening access surreptitiously.

The novel part is that once it can, it searches Reddit for a partial MD5 hash based on the current date, which would return a list of ips published by a former /u/vtnhiaovyd on a former r/minecraftserverlists.

These IPs are of course C&C servers, from which the worm gets further commands.

It’s all been long cleaned up, but I still find it an amusing and novel little worm.



Canadian American Business Council calls for ‘hackathon’ to solve US/Canada border delays

Yes yes I know Maclean’s is Maclean’s but this really just seems to be a standard newswire piece from The Canadian Press, and the Maclean’s site is prettier than most Canadian news sites at the moment.

That aside, it seems… intriguing that “the business community is urging governments to seek solutions from private-sector whiz kids”, as the article puts it.

And while that might be the most condescending description of hackathon goers ever made, the idea could produce some helpful ways of reducing the delay at the border.

But what I think might hamper the project the most, if it does happen, is that I doubt they will accept any ideas that alter current laws and standards of security.

What would decrease border delays more than anything would be a demilitarization of the border altogether. I doubt that such change will come anytime soon though, and certainly not from a hackathon of “private-sector whiz kids”.


Should Wiretapping Be Legalized? (1954)

Echoing my thoughts after finding this on Reddit, I still find this video interesting on so many levels.

Regardless of what side you fall on the debate of lawful interception, it’s revealing that we had almost the exact same debate 60 years ago.

Replace Communism with Terrorism, Phones with the Internet, and the FBI with the NSA, and you have strikingly similar arguments made about lawful interception today.