Language Selection

English French German Italian Portuguese Spanish

Teen on hacking charges

Filed under
Web

With just a few touches of the keyboard, he can create absolute havoc.

Reuben - not his real name, because he is facing computer hacking-related charges in Auckland's Youth Court - is a new breed of digital delinquent: young, smart and with the power to unlock all your secrets.

His passion for the internet started at the age of 6.

"I did lots of wagging from primary schools and intermediate schools to stay home and work on the computer," he told the Herald on Sunday.

Reuben, now 16, doesn't go to school any more - he left his last school Auckland Grammar after a term because, as he says: "I didn't fit in." Since then he has completed numerous Microsoft courses. "That's easy, but school work is so boring it is not worth doing, but I know I have to do it sometime."

So now he is slowly working through the NCEA via correspondence, leaving him plenty of time to surf the internet "26 hours a day", he jokes.

He is reluctant to talk about exactly what he does, only saying he spends a lot of time chatting to friends.

But in just a few short years, he has gained notoriety for his online activities - and learned a great deal.

For example, he has managed to become the director of five companies, despite being under the age of 18. It was easy, he says. He just filled in the forms and sent them away, and no one in the Companies Office queried his identity or his age.

Now Reuben is accused of exposing flaws in Telecom's cellphone and landline message systems that police say saw him access the voicemail of police, defence staff and politicians, including Auckland mayor Dick Hubbard.

He has been charged with the unauthorised access of a computer and will appear in the Auckland Youth Court on July 14.

He is also accused of using his computer smarts to set up a company which obtained the management rights to a $1 million-plus radio frequency mistakenly deregistered by Sky Television.

On that, he is facing charges brought by the National Enforcement Unit of the Ministry of Economic Development. He also appears on those charges on July 14.

The unit declined to comment on the case. Reuben also won't comment on specifics, but he claims he is not a hacker, and has not been being deliberately malicious.

Rather, he was just letting the public know how easy it was to gain access to information on the internet. "If I shouldn't be in there, why is it so easy to get in?"

By Adrienne Kohler
The New Zealand Herald

More in Tux Machines

Security News

  • Tuesday's security updates
  • New Open Source Linux Ransomware Divides Infosec Community
    Following our investigation into this matter, and seeing the vitriol-filled reaction from some people in the infosec community, Zaitsev has told Softpedia that he decided to remove the project from GitHub, shortly after this article's publication. The original, unedited article is below.
  • Fax machines' custom Linux allows dial-up hack
    Party like it's 1999, phreakers: a bug in Epson multifunction printer firmware creates a vector to networks that don't have their own Internet connection. The exploit requirements are that an attacker can trick the victim into installing malicious firmware, and that the victim is using the device's fax line. The firmware is custom Linux, giving the printers a familiar networking environment for bad actors looking to exploit the fax line as an attack vector. Once they're in that ancient environment, it's possible to then move onto the network to which the the printer's connected. Yves-Noel Weweler, Ralf Spenneberg and Hendrik Schwartke of Open Source Training in Germany discovered the bug, which occurs because Epson WorkForce multifunction printers don't demand signed firmware images.
  • Google just saved the journalist who was hit by a 'record' cyberattack
    Google just stepped in with its massive server infrastructure to run interference for journalist Brian Krebs. Last week, Krebs' site, Krebs On Security, was hit by a massive distributed denial-of-service (DDoS) attack that took it offline, the likes of which was a "record" that was nearly double the traffic his host Akamai had previously seen in cyberattacks. Now just days later, Krebs is back online behind the protection of Google, which offers a little-known program called Project Shield to help protect independent journalists and activists' websites from censorship. And in the case of Krebs, the DDoS attack was certainly that: The attempt to take his site down was in response to his recent reporting on a website called vDOS, a service allegedly created by two Israeli men that would carry out cyberattacks on behalf of paying customers.
  • Krebs DDoS aftermath: industry in shock at size, depth and complexity of attack
    “This attack didn’t stop, it came in wave after wave, hundreds of millions of packets per second,” says Josh Shaul, Akamai’s vice president of product management, when Techworld spoke to him. “This was different from anything we’ve ever seen before in our history of DDoS attacks. They hit our systems pretty hard.” Clearly still a bit stunned, Shaul describes the Krebs DDoS as unprecedented. Unlike previous large DDoS attacks such as the infamous one carried out on cyber-campaign group Spamhaus in 2013, this one did not use fancy amplification or reflection to muster its traffic. It was straight packet assault from the old school.
  • iOS 10 makes it easier to crack iPhone back-ups, says security firm
    INSECURITY FIRM Elcomsoft has measured the security of iOS 10 and found that the software is easier to hack than ever before. Elcomsoft is not doing Apple any favours here. The fruity firm has just launched the iPhone 7, which has as many problems as it has good things. Of course, there are no circumstances when vulnerable software is a good thing, but when you have just launched that version of the software, it is really bad timing. Don't hate the player, though, as this is what Elcomsoft, and what Apple, are supposed to be doing right. "We discovered a major security flaw in the iOS 10 back-up protection mechanism. This security flaw allowed us to develop a new attack that is able to bypass certain security checks when enumerating passwords protecting local (iTunes) back-ups made by iOS 10 devices," said Elcomsoft's Oleg Afonin in a blog post.
  • After Tesla: why cybersecurity is central to the car industry's future
    The news that a Tesla car was hacked from 12 miles away tells us that the explosive growth in automotive connectivity may be rapidly outpacing automotive security. This story is illustrative of two persistent problems afflicting many connected industries: the continuing proliferation of vulnerabilities in new software, and the misguided view that cybersecurity is separate from concept, design, engineering and production. This leads to a ‘fire brigade approach’ to cybersecurity where security is not baked in at the design stage for either hardware or software but added in after vulnerabilities are discovered by cybersecurity specialists once the product is already on the market.

Ofcom blesses Linux-powered, open source DIY radio ‘revolution’

Small scale DAB radio was (quite literally) conceived in an Ofcom engineer’s garden shed in Brighton, on a Raspberry Pi, running a full open source stack, in his spare time. Four years later, Ofcom has given the thumbs up to small scale DAB after concluding that trials in 10 UK cities were judged to be a hit. We gave you an exclusive glimpse into the trials last year, where you could compare the specialised proprietary encoders with the Raspberry Pi-powered encoders. “We believe that there is a significant level of demand from smaller radio stations for small scale DAB, and that a wider roll-out of additional small scale services into more geographic areas would be both technically possible and commercially sustainable,” notes Ofcom. Read more

nginx

Case in point: I've been using the Apache HTTP server for many years now. Indeed, you could say that I've been using Apache since before it was even called "Apache"—what started as the original NCSA HTTP server, and then the patched server that some enterprising open-source developers distributed, and finally the Apache Foundation-backed open-source colossus that everyone recognizes, and even relies on, today—doing much more than just producing HTTP servers. Apache's genius was its modularity. You could, with minimal effort, configure Apache to use a custom configuration of modules. If you wanted to have a full-featured server with tons of debugging and diagnostics, you could do that. If you wanted to have high-level languages, such as Perl and Tcl, embedded inside your server for high-speed Web applications, you could do that. If you needed the ability to match, analyze and rewrite every part of an HTTP transaction, you could do that, with mod_rewrite. And of course, there were third-party modules as well. Read more

Linux and Open Source Hardware for IoT

Most of the new 21 open source software projects for IoT that we examined last week listed Linux hacker boards as their prime development platforms. This week, we’ll look at open source and developer-friendly Linux hardware for building Internet of Things devices, from simple microcontroller-based technology to Linux-based boards. In recent years, it’s become hard to find an embedded board that isn’t marketing with the IoT label. Yet, the overused term is best suited for boards with low prices, small footprints, low power consumption, and support for wireless communications and industrial interfaces. Camera support is useful for some IoT applications, but high-end multimedia is usually counterproductive to attributes like low cost and power consumption. Read more