Slashdot Mirror

← Back to Stories (view on slashdot.org)

Swede Hacks Embassy Account Information From Around the World

Posted by Zonk on from the around-the-world-in-an-address-book dept.

paulraps writes "A Swedish IT consultant has caused a stir in diplomatic circles after publishing a list of secret log-in details belonging to 100 embassies, public authorities and political parties around the world. Dan Egerstad said he wasn't trying to earn money, gain publicity or get a name for himself in hacking circles. Instead he claimed that publishing the list was easier than contacting the organizations individually — and that if he had handed it to the Swedish authorities then that would have been spying."

10 of 92 comments (clear)

  1. When best intentions go wrong by Paperghost · · Score: 5, Funny

    "Dan Egerstad said he wasn't trying to earn money, gain publicity or get a name for himself in hacking circles." ....whoops.

  2. Not after fame, eh? by blind+biker · · Score: 5, Insightful

    Then why not publish the list anonymously?

    --
    "The agriculture ministry is not in charge of Gundam" - Japanese ministry official.
  3. Competent hacker, poor social engineer by SavvyPlayer · · Score: 4, Insightful

    Anonymously giving the list to a local newspaper would have achieved the stated objective.

  4. Re:Because.... by kevin_conaway · · Score: 5, Insightful

    If he DID publish the list anonymously, then the list could just as easily been dismissed (through political agreements) as completely inaccurate/wrong.

    I don't see how having a random strangers name attached to the list makes the data published any more or less accurate.

  5. The real truth by paulraps · · Score: 5, Informative

    Here's a more detailed article on the subject, ending with a highly amusing quote from Dan Egerstad about his real reason for releasing the log-in info.

    1. Re:The real truth by Rob+T+Firefly · · Score: 4, Informative

      He said he had published the list because it would have been too time-consuming to contact all 100 organizations named. Had he handed the list to the Swedish Security Service (Säpo), he would have been guilty of spying. He claimed that by publishing the list he saved himself trouble.

      "This rescues me from the shit," he said. Well, I can see how that - huh???
      --
      Slashdot Burying Stories About Slashdot Media Owned
  6. According to the Swedish Hacker by Rob+T+Firefly · · Score: 5, Funny

    Their security is borked.

    --
    Slashdot Burying Stories About Slashdot Media Owned
  7. Safety of the limelight by Opportunist · · Score: 4, Interesting

    Honestly, should I dig up something like that, I will make it as public as possible, with as much of my name on it as possible as well.

    The reason is simple: When you're in the limelight, it doesn't go unnoticed when you suddenly "vanish". Post it anonymously and they will dig you up. Hand it to some journalist and the same will happen (just that one more person goes with you). You can't simply make someone disappear when he's in the center of attention. Unless you're Copperfield and want to vanish, but that's a different matter.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  8. Re:Good intentions? by Anonymous Coward · · Score: 5, Insightful

    "he could just send out an email with a bunch of BCCs"

    Thats basically what he did. It doesn't sound like this list is very public. Its just making its way around the so-called "diplomatic" circles.

    Let's look at this from another angle. He quietly published this list, and probably notified all the affected embassies. Then, at least some of the embassies, and a few news outlets, verify the list. Then, at least some of the embassies change the passwords. Then, those news outlets are able to get comments from the embassies and the guy, and then, publish a story on it. All this happened before YOU found out about it.

    I say its a little early to fault the guy, since what he did is working just fine. Had he contacted each embassy individually, he would have had to convince each one over several emails or phone conversations. This way, he probably only had to talk to a few news outlets / embassies. Had he published the list in a local paper (i laughed out loud at this one) as another slasher suggested, the general public would probably have read copies of the emails in the affected accounts before the embassies ever knew there was a problem.

  9. Re:Cue Borat Joke Here by king-manic · · Score: 4, Funny

    Of the compromised account, ten belong to the Kazakh embassy in Russia. Around 40 belong to Uzbeki embassies and consulates around the world. So half of the 100 accounts belong to underdeveloped former Soviet republics. It seems unsurprising that many of their staff would be unfamiliar with computer systems and computer security.

    Kazakhstan is the greatest country in the world, all other countries are run by little girls. Kazakhstan is number one exporter of internet security, Other Central Asian countries have inferior internet security.

    High Five!
    --
    "There are more things in heaven and earth, Horatio, than are dreamt of in your philosophy."