New Site: Have I Been Pwned?

Computer security specialist Graham Cluley tips us to a website that has compiled the jillions of email addresses recently exposed when hackers obtained the membership accounts of popular websites.

Enter sites like “Have i been pwned?”, created by computer scientist Troy Hunt. Have I Been Pwned makes it easy for you to search for your email address amongst the hundreds of millions of accounts exposed, following breaches at Adobe, Gawker, Yahoo and others. It’s important to realise that Have I Been Pwned *doesn’t* have a database of your passwords. Troy isn’t interested in your passwords (or the hassle of securing them). He just wants to make it easier for folks to tell if they were one of those who were affected, and where they might have accounts which are at risk. Right now, Troy’s project is limited to scanning the exposed databases of Adobe, Stratfor, Gawker, Yahoo and Sony to see if a particular email address is contained within. Clearly, the more that list grows the more useful his service will be. But as more stolen user databases are publicly disclosed and made known to him, Troy says he plans to add to the list. I can certainly imagine this becoming a useful free service for people who may have fallen victim through no fault of their own.

Check your accounts here.

Read more »

Posted in: computers,hacking,internet

White House Proposes Stiffer Penalties in Computer Hacking Legislation

This week, President Obama announced a legislative initiative designed to strengthen the penalties for convicted computer hackers. The initiative proposes a mandatory 3-year prison term upon conviction of a number of computer crimes; the sentence would be served consecutively to any other convicted counts.

The computer fraud and abuse act is already on the books.  Obama's proposal is aimed at introducing stiffer mandatory penalties - something like Michigan's mandatory two year consecutive sentence for a weapons-related conviction. 

The initiative also introduces a broad definition of a "critical computer infrastructure", seeking to regulate the reporting of breaches of such infrastructure(s).  A critical computer infrastructure includes the delivery of critical government services, telecommunications, finance and banking, emergency services, and oil, gas, water and electricity production. 

That covers just about everything but Face Book.

Another interesting facet of the President's cyber-legislative proposal is adding computer hacking to the list of crimes covered by RICO (Racketeering-Influenced and Corrupt Organizations Act), the act used successfully over the decades to convict mobsters and mob bosses.

We do live in an age where secure transactions are critical to our daily life.  In such a culture, cyber-crooks and hackers may be paying a higher price for their misdeeds if President Obama's proposal gets any legislative legs.

www.clarkstonlegal.com

info@clarkstonlegal.com

Read more »

Posted in: computer,computer fraud and abuse,cyber crime,hacking,President Obama,RICO,telecommunications