this post was submitted on 11 Feb 2024
818 points (98.2% liked)

linuxmemes

21198 readers
269 users here now

Hint: :q!

Sister communities:

Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
    • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
    • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.

    • Please report posts and comments that break these rules!

    founded 1 year ago
    MODERATORS
    poopsmith
    zephyr
    rtxn
    818
    classic opsec mistake (discuss.tchncs.de)
    submitted 9 months ago by [email protected] to c/linuxmemes
    48 comments fedilink hide all child comments
     

    cross-posted from: https://discuss.tchncs.de/post/10692187

    so, the company was Vastaamo. was because it got bankrupt after the breach, and GDPR violations.

    the "hacker"(or rather cracker) was extradited from France to Finland.
    you can read about how terrible the company's security was here: https://tietosuoja.fi/en/-/administrative-fine-imposed-on-psychotherapy-centre-vastaamo-for-data-protection-violations

    or watch mental outlaw's video on the matter, or the Wikipedia article on the breach.

    now there are several things that shouldn't have happened (e.g.: don't do these things on your main OS, have root access disabled, etc.), but I'll leave that to you experts.

    you are viewing a single comment's thread
    view the rest of the comments
    [–] [email protected] 115 points 9 months ago* (last edited 9 months ago) (1 children)

    you're underestimating people's capability to make such mistakes. remember silk road? the guy used the same username in two places, and gave his email id(which had his full name) in one of them.

    [–] [email protected] 36 points 9 months ago (1 children)

    Really who the fuck creates an email for that kinda thing with full names !

    [–] [email protected] 59 points 9 months ago (1 children)

    it was late 2000s(he was arrested in 2013, before snowden leaks). and the guy wasn't a "hacker". he created the website where stuff(both legal and illegal) was sold. so, you have to keep that perspective in mind.

    [–] [email protected] 8 points 9 months ago* (last edited 9 months ago) (2 children)

    Oh yeah i remember that guy i i thought you were talking about someone else. And in my opinion they should just free him he has done more time that he should have to whie other bigger criminals than him with money are running around free . But still it was a very noob mistake of course unless he did it delibretly because he didn't care about anonymity.

    [–] [email protected] 7 points 9 months ago

    it's USA. don't expect much.

    [–] [email protected] 3 points 9 months ago

    If you're facilitating drung sales in tor anonymity should be your main priority.