DECCAN HERALD

CYBER SPACE
Monday, January 19, 2015.

Hackers for hire

Matthew Goldstein, Jan 19, 2015, INYT

A man in Sweden says he will pay up to $2,000 (Rs 1,23,241) to anyone who
can break into his landlords website. A woman in California says she will pay
$500 (Rs 30,810) for someone to hack into her boyfriends Facebook and
Gmail accounts to see if he is cheating on her.
The business of hacking is no longer just the domain of intelligence agencies,
international criminal gangs, shadowy political operatives and disgruntled
hacktivists taking aim at big targets. Rather, it is an increasingly personal
enterprise.
At a time when huge stealth attacks on companies like Sony Pictures, JPMorgan
Chase and Home Depot attract attention, less noticed is a growing cottage industry
of ordinary people hiring hackers for much smaller acts of espionage.
A new website, called Hackers List, seeks to match hackers with people looking to
gain access to email accounts, take down unflattering photos from a website or
gain access to a companys database. In less than three months of operation, over
500 hacking jobs have been put out to bid on the site, with hackers vying for the
right to do the dirty work.
It is done anonymously, with the websites operator collecting a fee on each
completed assignment. The site offers to hold a customers payment in escrow until
the task is completed.

In just the last few days, offers to hire hackers at prices ranging from $100 (Rs
6,162) to $5,000 (Rs 3,08,104) have come in from around the globe on Hackers
List, which opened for business in early November.
For instance, a bidder who claimed to be living in Australia would be willing to
pay up to $2,000 (Rs 1,23,241) to get a list of clients from a competitors database,
according to a recent post by the bidder.
I want the client lists from a competitors database. I want to know who their
customers are, and how much they are charging them, the bidder wrote.
Others posting job offers on the website were looking for hackers to scrub the
Internet of embarrassing photos and stories, retrieve a lost password or change a
school grade.
The rather matter-of-fact nature of the job postings on Hackers List shows just
how commonplace low-profile hacking has become and the challenge such activity
presents for law enforcement at a time when federal and state authorities are
concerned about data security.
Hacking into individual email or social media accounts occurs on a fairly regular
basis, according to computer security experts and law enforcement officials. In
September, the Internet was abuzz when hackers posted nude photos of female
celebrities online.
It is not clear just how successful Hackers List will prove to be. A review of job
postings found many that had yet to receive a bid from a hacker.
Roughly 40 hackers have registered with the website, and there are 844 registered
job posters. From the postings, it is hard to tell how many of the job offers are
legitimate.
The site did get a favourable review recently on hackerforhirereview.com, which
specialises in assessing the legitimacy of such services.
The reviewer and owner of that site, who would identify himself only as Eric in
emails, said he gave his top rating to Hackers List because its a really cool
concept that limits the ability of customers and hackers to take advantage of one
another.

In light of the novelty of the site, its hard to say whether it violates any laws.
Arguably some of the jobs being sought on Hackers List breaking into another
persons email account are not legal. The founders of Hackers List, however,
contend that they are insulated from any legal liability because they neither
endorse nor condone illegal activities.
The website includes a 10-page terms and conditions section to which all users
must agree. It specifically forbids using the service for any illegal purposes.
Some experts say it is not clear whether Hackers List is doing anything wrong in
serving as a meeting ground for hackers and those seeking to employ them.
Yalkin Demirkaya, president of the private investigation company Cyber
Diligence, and a former commanding officer of the New York Police Departments
computer crimes group, said a crackdown would depend on whether law
enforcement officials saw it as a priority.
He said Hackers List may skate by because many of the people posting the ads
are probably overseas.
But Thomas G A Brown, a senior managing director with FTI Consulting and
former chief of the computer and intellectual property crime unit of the United
States attorneys office in Manhattan, said hacker-for-hire websites posed
problems. Hackers for hire can permit nontechnical individuals to launch
cyberattacks with a degree of deniability, lowering the barriers to entry for online
crime, Brown said.
The website, which is registered in New Zealand, is modelled after several online
businesses in which companies seeking freelancers can put projects out to bid.
Some have compared the service to a hackers version of the classified advertising
website Craigslist. Hackers List even has a Twitter account (@hackerslist), where
it announces the posting of new hacking assignments.
Still, the three founders of Hackers List are not willing to go public with their own
identities at least not yet.
After registering with the website and beginning an email conversation, a reporter
contacted one of the founders. Over a period of weeks, the founder, who identified
himself only as Jack, said in a series of emails that he and two friends had
founded Hackers List and that it was based in Colorado.

Jack described himself as a longtime hacker and said that his partners included a
person with masters degree in business administration and a lawyer.
He said that the three were advised by legal counsel on how to structure the
website to avoid liability for any wrongdoing by people either seeking to hire a
hacker, or by hackers agreeing to do a job. The company, he said, tries to do a
small background check on the hackers bidding on jobs to make sure they are
legitimate, and not swindlers.
We all have been friends for a while, Jack said in an email, adding that Hackers
List was kind of a fluke occurrence over drinks one night.
We talked about a niche and I built it right there, he said. It kind of exploded on
us, which was never expected.
Hackers List began its website several months after federal prosecutors and F.B.I.
agents in Los Angeles completed a two-year crackdown on the hacker-for-hire
industry.
The investigation, called Operation Firehacker by the F.B.I., led to the filing of
criminal charges against more than a dozen people across the country involved in
either breaking into a persons email account or soliciting a hacker for the job.
In New York, information uncovered during the investigation in Los Angeles led to
the arrest in 2013 of Edwin Vargas, a New York Police Department detective at the
time, who was charged with paying $4,000 (Rs 2,46,483) for the hacking of the
email accounts of 43 people, including current and former New York police
officers.
Vargas, who was sentenced to four months in prison, said he wanted to see whether
any of his colleagues were dating an ex-girlfriend.
The FBI investigation also involved the cooperation of the authorities in China,
India and Romania, because a number of the websites where the hackers advertised
their expertise were based overseas.
Still, the market for hackers, many of whom comply with the law and act more like
online investigators, shows no signs of slowing. Many companies are hiring socalled ethical hackers to look for weaknesses in their networks.

Track data use to avoid overcharge

Kit Eaton, Jan 19, 2015, INYT
The smartphone in your pocket gives you the power to chat, text, take selfies
and do a million other things. But it also burns through your data plan with
your wireless carrier faster than you think.
And who likes to pay that extra fee when you go over your limit?
There are, of course, built-in systems on your phone to help you track your mobile
data use. But many apps can be even more useful in keeping you on the right side
of your monthly data limit.
DataMan Next, an iOS app, is an elegant way of monitoring your iPhones dataslurping habit. Its modern design presents information clearly and swiftly. To
begin, you enter basic information like your monthly data allowance and when
your bill is due.
The apps main screen is very simple: In the middle is a big figure showing the
percentage of your monthly allowance used, and at the top is a large text alert.
When this alert says safe, accompanied by a check mark, youre in the clear.
This means the app has estimated that, at your current data consumption rate,
youll not go over your limit.
Theres also a tally of how much total data youve used and how much youve
downloaded over Wi-Fi. Best of all, the apps backdrop changes colour to warn
you when youre using too much; green for good becomes red for bad. It costs $2
(Rs 123).
An alternative is My Data Manager, which is free for both iOS and Android
phones. It has some of the same modern, minimalist design ideas as DataMan. The
apps main screen has clear graphics and text to tell you how much of your
monthly data has been used. A few other screens, accessible with a swipe, show
your data consumption habits more visually, with graphs.
Theres also a map so you can see where you tend to use mobile data more
frequently. In some places, you may think youre connected to Wi-Fi networks but,
in fact, youre not. In the Android version, My Data Manager advises you about

which apps are using more data.

My Data Manager also has nice features, such as one for setting an alarm to let you
know when youve reached your daily budget or a target, like 90 percent of the
months allowance.
Onavo Count is also popular, and it is available for both iOS and Android phones.
Its also modern in design, with clear displays so its easy to understand how much
of your data allowance youre using and how youre using it.
It works in much the same way as its rivals, although it has a few unusual features
like a report on your data life, which shows you if youre spending more of your
data budget on categories like music or movies. This information may prompt you
to think about how you use apps like Spotify to stream music on the go. The app
also lets you see how your data habits compare to other users averages.
The free Android app Data Usage is another good option. Its complexity is similar
to that of My Data Manager, and it offers some of the same features, such as
tracking shared accounts. But its design is a little more traditional, relying on plain
text and simple visualisations to keep you advised on your mobile data
consumption.
Data Usage can be customised to suit your particular needs, and this may appeal to
people who want to know how much data they use on a daily basis. A few words of
caution: This app hasnt been updated in a while on Android, which could affect
how it runs on your particular phone. It costs $1 (Rs 61) for iPhones.
Individual cellphone networks often also have apps available to help you manage
how much mobile data you use, so dont forget to search the app stores for apps
with the name of your carrier.
Ive been stung with high mobile data bills. Perhaps these apps can help you avoid
the same problem.

Tips and tricks

J D Biersdorfer, Jan 19, 2015, INYT

Twitter search
Twitters built-in search feature lets you use hashtags, names and other keywords
to seek out public tweets from other Twitter users around the Internet. The search
tool (available at the top of your Twitter accounts Web page or under the
magnifying glass icon in the mobile apps) comes in handy when you are following
a particular topic or a continuing news story.
You can even filter your search results according to people, photos, news and other
criteria by clicking the options on the left side of the webpage, or tapping the tiny
slider icon in the apps search-title bar. If there are certain topics you want to check
regularly, you can also save your searches and rerun them with a click or a tap. To
create and save a search, log into your Twitter account, enter your keywords and
click the Save button in the top-right corner of your results page. The next time you
click or tap the Search icon, your saved searches (up to 25 of them) appear in a list.
Just select the search you want to run again to reel in the latest tweets on that topic.

Q&A
Jan 19, 2015, DHNS

Q: How do I find out if my PC has a bot, and if so, how do I fix it?
If your PC is showing symptoms of having a bot (a software robot controlled by
another person or application), you should scan it with a reputable security
program and remove any malware found. Malwarebytes Anti-Malware and Panda
Free Antivirus are among the free options around if you do not have a more full-

featured paid program in mind.

Malicious software can hijack a computers processing power and Internet
connection. It does so to send spam, perform remote attacks or do other invasive
chores - and it can tax a systems resources.
Your PC may be infected if you notice certain behavior; for instance, that your
operating system and Internet-connection speed are slower than usual. Pop-up
advertisements littering the screen, frequent system crashes, unexplained error
messages or the inability to update software are other clues. Some Internet
providers, like Comcast, may also alert you if your computer hosts a bot.
Microsoft has a Safety Scanner page and other free malware-fighting tools for
Windows at www.microsoft.com/security. The company also has advice for
avoiding malware at www.microsoft.com/security/pc-security/botnet.aspx.
Q: As solid-state drives are very stable and have no moving parts, is it
necessary to do backups? If so, how frequently would you recommend doing
so? I have no particularly important material except for family photos on the
hard drive.
Solid-state drives - which use a type of memory similar to that found in portable
flash drives - lack the motorised magnetic platters and other moving parts used by
mechanical hard drives, but they are not impervious to failure. Sudden power
losses and other electronic problems can kill a solid-state drive, and data recovery
can be difficult. Linus Torvalds, the creator of the Linux operating system, even
reported a dead solid-state drive a few years ago.
If you want peace of mind about your family photos and other files in your
computer, you should back up the solid-state drive just as you would a mechanical
hard drive - and as regularly. Although you need to provide a backup drive, your
operating system is likely to include backup software to use with it.
Windows 8.1 includes a File History program for backing up personal folders and
Mac OS X comes with Apples Time Machine software, a basic backup program.
Plenty of third-party backup programs are also available, as well as online backup
services that store data on remote servers.