Build Date: Fri Feb 13 01:40:16 2026 UTC

"Role models." Harharharharhar.
-- Tjames Madison

Egghead emails internet hoax

by Pao Tzu

2001-01-08 20:57:12

Pao Tzu: On The Beat

egghead.com frightens millions of users with credit card fraud hoax.

Dec 23, 2000 - egghead.com emails customers about hacker intrusion
...
...
(two weeks pass)
Jan 8, 2001 - egghead.com reports no credit card data stolen

For two weeks customers of this popular electronic retailer worried that their credit card numbers had been stolen. Rumours spread quickly to message boards where scores of newbies claimed they had been charged $10 by a telecom company in Moscow, Russia as a result of the egghead hack. Cnet, ZDnet, thestreet, and all the other lame shit corporate news sites speculated that egghead had lost its entire 3.7 million (or 3.5 million, or 2.7 million, depending on the article & publisher) credit card number + address + shipping address database.

An anti-egghead site, eggheadsucks.com, posted speculations that the 40-bit ssl encryption egghead.com uses for authentication was too weak. Let us examine this fully. If the system was accessed by knowing a 40-bit key, then that would be equivalent to a "password" of about 6 random characters. This is only about a trillion possibilities. The cost of decrypting such long codes would have cost upwards of a million dollars as recently as 1995, but I am confident that this has fallen to around $25,000 or the equivalent of a few hacked boxes.

Anyone who has experimented with RC5 cracking knows that it is always possible to get people to volunteer their CPU cycles to crack cipher keys. DES, a 56-bit code, was easily cracked. DES is 65536 times as strong as 40-bit. The only browsers that still max out at 40-bit encryption are old fucked up windows 3.1 versions of Netscape and IE. An argument could be made that this was exactly who egghead.com was catering to. With computer hardware being among the top commodities purchased over the internet, it is entirely reasonable to assume that some percentage of egghead.com customers were using some oldschool, barely ssl-capable version of Netscape or IE, which they were running on a $50 486 they purchased directly from egghead.com.

To make matters worse, the only reason cipher code is limited to 40-bit is because of bunk ass laws in the U.S. about the export of secure cryptography. The U.S. government even took Phil Zimmerman to court over the RSA encryption. The excuse the U.S. makes is what if the Cali Cartel, Iraq, and Bin Laden had 4K RSA encryption, there might be Heroin or Cocaine selling in the U.S. and nuclear bombs being traded using encrypted usenet messages. Well, fuck that, anyone who has ever done cocaine or crack knows that it is not all that bad. Just as anyone who has ever used encryption probably has scores of disks that they can't even decrypt because they lost the disk with the GPG key on it.

To top it all off, EGGS stock is at an all-time low, selling for well under a dollar a share. Nobody knows who to blame, eggs for sucking, hackers for being too sneaky, or customers for being so stupid as to trust a company with their credit card information. The real culprit is the grand puppeteer of all evil, the USA.

Over. End of Story. Go home now.

lurid@pigdog.org

T O P   S T O R I E S

Viva La Musica

Viva La Musica

Thunder on The Frontage Road

by Flesh

The Crossroads are real and The Blues is a place; The enduring myth of Robert Johnson (More...)

Net Flotsam

Net Flotsam

California Glory Hole attracts huge crowds

by Baron Earl

A glory hole at Napa's Lake Berryessa is drawing huge crowds. According to Chris Lee, the general manager for the Solano County Water Agency, the glory hole hasn't been active since 2019, and only restarted operations on Feb 4. (More...)

Police State Chronicles

Police State Chronicles

Republican State Senator busted after soliciting a teenage girl

by Baron Earl

Republican State Senator Justin Eichorn of Minnesota was arrested for soliciting a teen girl on Monday just hours after he introduced a bill proposing "Trump derangement syndrome" (TDS) as a form of mental illness. (More...)

Virus in America

Virus in America

Parents claim measles is not that bad after having only one child die

by Baron Earl

The parents of a Texas girl who died from the measles are defending their decision not to vaccinate their daughter. "She says they would still say 'Don't do the shots,'" an unidentified translator for the parents said. "They think it’s not as bad as the media is making it out to be." (More...)

-tarded

-tarded

Delusional rich man tries to fire town staff

by Baron Earl

"I'm mayor now" said write-in mayoral candidate and founder of Pirate’s Booty Snacks Robert Ehrlich after losing the election for Mayor of Sea Cliff, NY. Then he tried to take over the Village Hall and fire everyone. (More...)

Billionaire Assholes

Billionaire Assholes

Musk claims Xitter security is staffed by idiots

by Baron Earl

Earlier this month Xitter experienced a massive outage. In an interview, Musk told Fox Business that he believes the attack came from "IP addresses originating in the Ukraine area." (More...)

www.fewmets.net

C L A S S I C   P I G D O G

AfterAction

After Action Reports

High Availability Guinness Stress Test

by El Snatcher

All too often we forget the incredible depth of technology behind the weekly ritual of TNiPN@*. We tend to only become aware of the strategy of High Available Guinness (HAG) when it rises to the forefront during a complete and utter venue failure. Yet we should all be super grateful that this system exists. (More...)

cyberbillies

Cyberbillies

Cyberbilly, Discovery of

by binky

I just came across this coolio essay by Pigdog Journal Science Editor binky wedged between two staves in the back corner of the submissions barrel. It's on the origin of the cyberbilly and is definitely de rigeur for any serious student of this fascinating sociological movement. (More...)

viva_la_musica

Viva La Musica

Highway 49 Revisited

by Frankenstein Jones

Datelined "Historic Mariposa," the fateful press release came in like an angry wind, announcing the release of a self-produced album, "Ordinary Hero," by occasional Pigdog contributor Thom Stark, in the language and tone of a Major Event, setting off a brief firestorm around the pigdog mailing list. (More...)

weird_science

Weird Science

Light and Time and Bars

by Patient Joab

Patient Joab's scientifick editorial discusses aspect of the space-time-beer continuum never before processed by sub-bush-robot minds!!! Too fabulantastic to contempulate! (More...)

consumers

Consumers in Action

El Destino vs. Comdex

by El Destino

One of our star reporters was sent to Comdex by his employer. El Destino reports live from the biggest, geekiest trade show in the world. (More...)

on_the_beat

Pao Tzu: On The Beat

Grow better illegal mushrooms than lousy "Psilocybe fanaticus"

by Pao Tzu

Disclaimer: PaoTzu's a1 illegal mushroom cultivation cookbook is meant for educational purposes only. Be aware of the techniques used by hardcore criminals! Protect your children! Read, learn, educate. Do not try this at home. (More...)

Quickies

El Destino

When I Invited All of You Over to Watch "The Big Game," I Assumed You Knew I Was Talking about Human Chess

El Destino

It's the future - and they're now selling electric flying cars

Ersten Wiles

Elon Musk is Above the Law

Ersten Wiles

US "Homeland Security" Twitter account seemingly run from Israel

El Destino

The last days of social media

El Destino

'I Drank Every Cocktail'

El Destino

Echoes from 1998 - the Johnnie Royale quote server

El Destino

The Pentagon Disinformation That Fueled America’s UFO Mythology

El Destino

A Company Reminder for Everyone to Talk Nicely About the Giant Plagiarism Machine

El Destino

The Hobo Handbook
More Quickies...

Main | Authors | Categories | Features | Columns | Reviews | Interviews | Archives | Search | Feedback | RSS

Main | Authors | Categories

Features | Columns | Reviews | Interviews

Archives | Search | Feedback | RSS

Copyright © 1998-2026 Pigdog Journal