Slashdot Mirror


Kinko's Spy Case Illustrates Public Terminal Risk

tealwarrior writes "CNN reports in this story that a hacker by the name of Jiang was charged with installing keystroke loggers to record passwords in 14 differnet kinkos in New York. These were then used to open bank accounts online. The article mentions Jiang signing people up for accounts with GoToMyPC then then using their own machine to open bank accounts. Also mentioned are similar schemes perpetrated at Boston College." Be careful out there, folks. Sometimes there's even sneakier things than just stealing one's cookies.

10 of 383 comments (clear)

  1. Funny thing, the name... by jkrise · · Score: 3, Funny

    Sometime back, Passport passwords were hacked: Muhammed from Pakistan.

    Adobe's eBook reader was cracked : Skylarov.

    and now, Jiang.

    Why isn't it Rob or Pete or Chris, ever??

    -

    --
    If you keep throwing chairs, one day you'll break windows....
    1. Re:Funny thing, the name... by mirko · · Score: 2, Funny

      Or perhaps it's an attack on the US by people who don't love freedom :)-

      Do you mean "whatever formerly related to the France" ? ;-)

      --
      Trolling using another account since 2005.
    2. Re:Funny thing, the name... by digidave · · Score: 2, Funny

      They seem to be smart enough to avoid you.

      --
      The global economy is a great thing until you feel it locally.
  2. Re:Out-of-order username & password entry by lewiz · · Score: 2, Funny

    I bet they're after you aren't they?

  3. Re:Clarification Please! by rat7307 · · Score: 2, Funny

    That's what I thought too... they used a lowecase k so I was thinking kinko=pervert or something..

    Jiang was charged with installing keystroke loggers to record passwords in 14 differnet kinkos in New York.

    Make that statement seem so much worse if you saw it like I did.... :]

    --
    Burma?
  4. Re:is this viable for a class-action lawsuit? by Anonymous Coward · · Score: 3, Funny

    yep, you went to the hacked store. Jiang says your password was "lutefisk" but fortunately you only used it to access nude pictures Cowboy Neal.

  5. Re:Magic Lantern by Anonymous Coward · · Score: 2, Funny

    They could keep the log in RAM and then as long as the computer didn't crash but instead shut down normally, flush the buffer to dis.... ...oh it's a windows app hey. damn. kills that idea.

  6. we can be reassured.... by lfourrier · · Score: 3, Funny
    Kinko's spokeswoman Maggie Thill said the company takes security seriously and believes it has "succeeded in making a similar attack extremely difficult in the future." She would not provide details, saying that to do so could make systems less secure .

    They obviously really understand security...

    note (for the humour-impaired) : this is irony

  7. Security through Obscurity by Caharin · · Score: 2, Funny

    Quote from article:
    Kinko's spokeswoman Maggie Thill said the company takes security seriously and believes it has "succeeded in making a similar attack extremely difficult in the future." She would not provide details, saying that to do so could make systems less secure.

    Security through obscurity- my favorite.

    --
    By reading this sig, you agree to be bound by all terms and conditions I choose.
  8. Re:is this viable for a class-action lawsuit? by squarefish · · Score: 2, Funny

    The reason I'd like to see them get sued is because they knew that this had happened and made zero effort to contact their customers who may have been effected by this ASAP- I really feel that this type of disclosure is their responsibilty and I'm insulted that I had to find out about it via public news sources when they hadn't even notified their customer service reps about the possibility of inquiries regarding this.

    This is not a situation I wanted to be in, but I was in NY for the conference and considered the network security at h2k2 to be considerably worse- it was much more of a known risk, fresh password lists were being post on boards every day.

    with Kinko's being a paid service, I would expect a higher quality of service. If you goto a restaurant and they serve you the wrong food, you get them correct it right away. if you goto the dry cleaners and your clothes come out worse, you make them cover it. it's a quality of service issue. In this case I would expect to be notified ASAP by a company that I paid and trusted the service of, even if the discovery of the issue came up a year later. I don't know if I've been effected by this or not bacause they haven't disclosed the particular stores or dates involved, and in my opinion they should have been required to do so.

    So, to finish this off- I don't know if I suffered any loss from this or not, I haven't noticed anything yet, but I wasn't looking and certainly didn't expect to see a story like this that may have effected me a year afterwards. Whether anyone suffered a loss or not, there should be something done so that the security of their customers isn't as at risk and they should have mechnism in place to notify those customers if something does happen- it's called customer satisfaction.

    --
    Creationists are a lot like zombies. Slow, but powerful and numerous. And they all want to eat our brains.