Hacktivism: a policy of hacking, phreaking or creating technology to achieve a political or social goal.
The word “Hacking” is appearing more and more frequently in the news of tech world recently. From Anonymous to the more recent one Lulzsec, and also the localized group of hackers in Malaysia, GaySec.
Since the event of Sony PlayStation Network was hacked (and obviously I’m affected since i cant play my online game for like a month), I had been wanted to write my little thought of this phenomena, but at that time I’m thinking, oh maybe not that many people were affected by this, but seriously I’m wrong.
GaySec, which starting to appear on my twitter and RSS feed in these few days, had done something that really make me goes, oh no, maybe this isn’t only happening in country like US and UK. First GaySec news which get my attention is the streamyx hack. They claimed that they had successfully hacked into the streamyx user database and get all the customer details. But at the time I’m reading that, the full database download link is already taken down by them, till today, they don’t release the database of the Streamyx hack. While the official respond of TM Net is really short and simple, saying that the data obtained is an old copy of the data, and they had improved their security, but still makes me worry.
I tried to change my Streamyx password few days ago, and i find it very difficult. I keep getting error message that dont allow me to change my password, saying my old password is wrong, and when i try to enter a password that is secured, only then i found out the textbox only accept up to 8 digits. OMG. How much money i pay TM Net each month, and they treat their customer’s private data like… they just dont care? Come on.
Tell you one real story, when Im calling TM Net customer service, try to find out why I cant change my password, and why they only allow 8 digit password, try to guess what the customer service personal tells me, she says “Just use a simple password”. Haha what a joke is it. Use a simple password… $@^&#$@%^$ Oh one more even more ridiculous thing, while talking to the customer service personal, at one point she even asked me to tell her my password… I was like err…. but i told her anyway since the password at that time was “password”, so secure oh! Haiz.
Allowing only 8 digit password is consider as quoted “TM places data protection as its topmost priority”, well maybe this is a joke. Or because maybe we Malaysian just dont care, as long as we can still torrent, and download educational materials using streamyx, we dont care what password we are using. Speaking for myself which my streamyx login password had been “abc123” for about 6 months, and was “password” for some time and then now its something else, 8 digit of course.
And what just happened right before I write this blog post, Nuffnang had been hacked. Well, you might know that Nuffnang is the blog advertising company which is extremely popular in Malaysia as well as many other Asia countries, they had been hacked by GaySec too, and over 30,000 customer data including email addresses, and hashed password and registration data is released. Being a nuffnang user myself, im very worried and as soon as i had read this, i checked the database which i had downloaded and luckily, my data is not including in the database released currently, but Im sure its on GaySec’s hand, and they can release it whenever they want.
I’m very disappointed Nuffnang’s system is not safe either, and I know for sure that nothing is really secured on the internet. Well, just change your password if you use the same password for all the services.
Is the whole hacktivism thing good or bad? Im not sure, I do understand that their aim is to raise awareness and warn those company that their system is flawed, but I do not agree that publishing all the users information out there is the correct way to do so. But I understand that if they dont do so, they probably wont get the attention they deserved… so… It bugs me to know that everything we put online isnt safe, but we cant keep everything offline also… And I myself cant live my life without the Internet connection…
Am I happy about what GaySec is doing? Yes and No. I hope they do raise the awareness for company in Malaysia to start looking into their data and start to secure it. And on the other hand that Im worried because many local websites do have my personal data, and I dont think many of them are doing a good job protecting it.
Well, what can I do? Just wait and see and do all things necessary to protect my own data especially my password.
UPDATE: Nuffnang has given their official words regarding the hack, and everything seems working ok right now. Good for them.