Jails vs VMs | TechSNAP 110 | Jupiter Broadcasting

Jails vs VMs | TechSNAP 110

A security breach become a lesson for us all. We’ll make some lemonade from a bad situation, and arm you with what you need to protect your self.

Plus Demonoid users get phished, a batch of your questions, and much much more.

On this week’s TechSNAP.

Use our code tech249 to score .COM for $2.49!

Purchase anything at Amazon.com
Purchase anything at Think Geek using this link
Purchase anything at Newegg using this link
Contribute directly on our donation page or check out our advertising options and reach millions of amazing people!
Grab our Chrome Extension and auto-tag your shopping session for us!

<a href="https://jblive.wufoo.com/forms/s7x2p7/" title="Sign up for the Jupiter Signal!">Fill out my Wufoo form!</a>

[asa]0387026207[/asa]

[asa]B006YTPR2W[/asa]

Name.com is a domain name registrar
usernames, email addresses, passwords, and credit card account information may have been accessed by attackers
Name.com claims to use strong cryptography on the passwords and credit card information
Specifically 4096bit RSA encryption for the credit card data, with the key stored at a separate remote location which was not accessed
No details on how the passwords were ‘encrypted’. A twitter update says they were ‘hashed and salted’ but word on the algorithm/implementation
According to the email sent to Name.com users, the attack appears to have been an attempt to steal the domain of one specific large Name.com customer
Special steps are being taken for customers who no longer have access to the email address that their account is tied to

“In July 2012 the popular semi-private BitTorrent tracker Demonoid suffered a huge DDoS and hacker attack”
Demonoid’s servers in the Ukraine were later seized by authorities
This week, a site called D2.vu appeared claiming to be the resurrection of the site
Former users of Demonoid were informed of the sites return via email, suggestion the person running the new site had access to the original members database
The site was found to be serving malware and was shutdown by the hosting company
TorrentFreak tracked down some information on the the owner of the site, who appears to be chinese and own a number of other chinese sites
It is unlikely that the return of the site was real, because it was hosted on a single low power virtual server, rather than a series of dedicated servers
The hosting company suggests that the malware may have actually come from the ads embedded on the page, but it seems more likely that the site was a large phishing scam
If you got such an email, and signed up or attempted to login to the site, it is suggested that you change any passwords that are the same anywhere else
If you recall a previous episode of TechSNAP, an attacker used the combined databases from a number of different hacked sites including LinkedIn and Gawker, to compromise more than 1000 paypal accounts of users who used the same password