Reliable, Balanced Entheogen Information

     
 

Egghead emails internet hoax
2001-01-08 20:57:12


Pao Tzu: On The Beat
 
My favorite Star Track is the one where Bilbo killed the Klingons with his magic sword.
-- Mr. Bad

 

egghead.com frightens millions of users with credit card fraud hoax.

Dec 23, 2000 - egghead.com emails customers about hacker intrusion
...
...
(two weeks pass)
Jan 8, 2001 - egghead.com reports no credit card data stolen

For two weeks customers of this popular electronic retailer worried that their credit card numbers had been stolen. Rumours spread quickly to message boards where scores of newbies claimed they had been charged $10 by a telecom company in Moscow, Russia as a result of the egghead hack. Cnet, ZDnet, thestreet, and all the other lame shit corporate news sites speculated that egghead had lost its entire 3.7 million (or 3.5 million, or 2.7 million, depending on the article & publisher) credit card number + address + shipping address database.

An anti-egghead site, eggheadsucks.com, posted speculations that the 40-bit ssl encryption egghead.com uses for authentication was too weak. Let us examine this fully. If the system was accessed by knowing a 40-bit key, then that would be equivalent to a "password" of about 6 random characters. This is only about a trillion possibilities. The cost of decrypting such long codes would have cost upwards of a million dollars as recently as 1995, but I am confident that this has fallen to around $25,000 or the equivalent of a few hacked boxes.

Anyone who has experimented with RC5 cracking knows that it is always possible to get people to volunteer their CPU cycles to crack cipher keys. DES, a 56-bit code, was easily cracked. DES is 65536 times as strong as 40-bit. The only browsers that still max out at 40-bit encryption are old fucked up windows 3.1 versions of Netscape and IE. An argument could be made that this was exactly who egghead.com was catering to. With computer hardware being among the top commodities purchased over the internet, it is entirely reasonable to assume that some percentage of egghead.com customers were using some oldschool, barely ssl-capable version of Netscape or IE, which they were running on a $50 486 they purchased directly from egghead.com.

To make matters worse, the only reason cipher code is limited to 40-bit is because of bunk ass laws in the U.S. about the export of secure cryptography. The U.S. government even took Phil Zimmerman to court over the RSA encryption. The excuse the U.S. makes is what if the Cali Cartel, Iraq, and Bin Laden had 4K RSA encryption, there might be Heroin or Cocaine selling in the U.S. and nuclear bombs being traded using encrypted usenet messages. Well, fuck that, anyone who has ever done cocaine or crack knows that it is not all that bad. Just as anyone who has ever used encryption probably has scores of disks that they can't even decrypt because they lost the disk with the GPG key on it.

To top it all off, EGGS stock is at an all-time low, selling for well under a dollar a share. Nobody knows who to blame, eggs for sucking, hackers for being too sneaky, or customers for being so stupid as to trust a company with their credit card information. The real culprit is the grand puppeteer of all evil, the USA.

Over.  End of Story.  Go home now.

laredo@pigdog.org


comments powered by Disqus
 
     

 

T O P   S T O R I E S

Fixer-Upper
by Lenny Tuberose

Top Ten Reasons Morrissey Canceled a Show
by Baron Earl

Eavesdropping on Geeks: 'Star Trek: Discovery' vs 'The Orville'
by Thom 'Starky' Stark, Lenny Tuberose, 'Tricky' Rick Moen, Destino

The One Trump Conspiracy That Will Explain Everything
by El Destino

10-09

El Destino

Frank Sinatra told Donald Trump to "go fuck himself"

07-05

El Destino

Whatever happened to JenniCam's Jennifer Ringley?

05-03

El Destino

Iíve Made Millions Selling Fake Plastic Hillbilly Teeth

05-03

Baron Earl

Fyre Fest Lawsuit

05-03

Baron Earl

US Government uses drones to shoot M&Ms at endangered ferrets

05-03

Baron Earl

When will the abuse of airline passengers stop?

05-03

El Destino

Hillbilly miner turned coder wants to make Kentucky into "Silicon Holler"

03-31

El Destino

86-year-old William Shatner cast in a new romantic comedy: 'Senior Moment'

03-19

El Destino

New ransomware taunts its victims with ASCII art of Spock and Kirk

01-26

Flesh

Alex Jones is Big, Fat, And Drunk in Public.

08-01

El Destino

Amazon's secret: incest in the Kindle ad?

08-01

El Destino

Slut Walk! Sexy feminist protest, or invaders from Mars?

04-25

Daemon Agent

The Quest for the Best Cheap Beer in a Can

04-25

Eugene Leitl

Beverage science at its finest

04-16

El Destino

YouTube punishes copyright offenders with animated pirate cat

04-09

Baron Earl

Poll shows that almost half of Mississippi's Republicans think interracial marriage should be illegal

04-07

Baron Earl

Commodore64 redux - now with Linux

04-06

El Destino

George Takei demonstrates why he should be playing Spider-Man

04-01

El Destino

High school students sacrifice chickens to improve their batting average

03-31

Baron Earl

Creating a wall-hangable computer from an Ikea shadow box frame

More Quickies...