TIME intelligence

U.S. Journalist Receives Five Years in Jail for Linking to Hacked Data

Europe Hacking Startfor
The home page of the Stratfor website is seen on a computer monitor in London Wendesday Jan 11, 2012. Cassandra Vinograd—AP

Barrett Brown must also pay $890,000 in restitution

An American journalist loosely affiliated with the Anonymous hacking collective was sentenced to 63 months in jail by a Dallas federal judge on Thursday for linking to hacked data from private global intelligence firm Stratfor in 2011.

Barrett Brown, 33, initially faced a sentence of over 100 years until he pled guilty last year to three reduced charges of obstructing a police search, issuing online threats and involving himself in the sharing of Stratfor data, reports the BBC.

“The government exposed me to decades of prison time for copying and pasting a link to a publicly available file that other journalists were also linking to without being prosecuted,” Brown said in a statement before the hearing.

Free speech activists allege Brown’s prosecution is based on his investigations into U.S. cybersecurity and intelligence contractors. He created Project PM in 2010 to probe intelligence leaks on a crowdsourcing platform.

“The U.S. government decided today that because I did such a good job investigating the cyber-industrial complex, they’re now going to send me to investigate the prison-industrial complex,” Brown said in a public statement after the sentencing, according to The Guardian.

The hacker responsible for the Stratfor data breach, Jeremy Hammond, 30, is currently serving a 10-year prison sentence.

TIME Music

Israeli Man Arrested for Hacking Madonna’s Computer and Leaking Music

Madonna in New York in 2013.
Madonna in New York in 2013. Dimitrios Kambouris—Getty Images

The singer called the theft "a form of terrorism"

Israeli police arrested a man Wednesday who they suspect hacked into Madonna’s computer late last year and leaked demo versions of songs from her upcoming Rebel Heart album.

A month-long investigation from the cybercrime wing of Israel’s Lahav 433, an FBI-like organization, led authorities to arrest a 39-year-old, according to The Hollywood Reporter. A statement from Lahav 433 said it worked closely with the FBI and that the suspect allegedly “broke into the personal computers of several international artists over the past few months and stole” unreleased music that he then traded for money. Police put a gag order on the alleged hacker’s name, though local media in Israel have begun identifying the man as a former reality show contest from one of Israel’s singing competition programs.

Madonna, who in December rushed to release six songs from the album on iTunes in the wake of the leak, called the theft “a form of terrorism.”

Similarly, Björk announced Tuesday that she would suddenly release her new album, Vulnicura, on iTunes after the record leaked over the weekend, two months ahead of schedule.


TIME Security

Teen Arrested For Holiday Attacks on PlayStation and Xbox

2014 BET Experience At L.A. LIVE - Fan Fest - AT&T, Geico, Poetic Jeans, Sneaker Con, Tennis, Xbox, Health And Wellness, Nickelodeon, Centric Centrified,  LA to the Bay
A general view of atmosphere at the Fan Fest - AT&T, Geico, Poetic Jeans, Sneaker Con, Tennis, Xbox, Health And Wellness, Nickelodeon, Centric Centrified, LA to the Bay during the 2014 BET Experience At L.A. LIVE on June 29, 2014 in Los Angeles, California. Rich Polk—Getty Images for BET

Both services went down around Christmas

An 18-year-old has been arrested in England for his alleged involvement in denial-of-service attacks that crippled Microsoft’s Xbox Live and Sony’s PlayStation Network over the winter holidays. In a denial of service attack, loads of bogus traffic are sent to a targeted server in hopes of knocking it offline.

The South East Regional Organised Crime Unit, a regional law enforcement agency in England said Friday that the man was arrested on suspicion of unauthorized access to computer material, unauthorized access with intent to commit further offenses and threats to kill.

The teen is also accused of “swatting,” or purposefully providing false information about a crime to law enforcement so that they respond to a location with tactical units. The head of the SEROCU’s cyber crime unit said that the 18-year-old had made hoax calls to U.S. officials using Skype, which lead to SWAT teams being deployed unnecessarily. The SEROCU said it has been working closely with the FBI on the case.

Both Xbox Live and PlayStation network were knocked offline Christmas Day due to denial-of-service attacks that prevented console owners from playing certain games online or streaming movies. A hacking group called Lizard Squad claimed responsibility for the attacks.

TIME Security

The 7 Biggest Lies You’ve Been Told About Hacking

Getty Images

Hacking remains closer to your Facebook and email passwords than you may think

This story was originally published at the Daily Dot.

Online security is increasingly an issue rich for headlines as everyone from movie studios and celebrities to major retailers and CENTCOM find themselves the victims of digital infiltrators. However, “hacking” is also a very technical issue and, like many technical issues, one the media often gets wrong.

So as a citizen of the 21st century, it’s increasingly important to arm yourself with some basic facts about hacking, cybersecurity, and the real threats they pose, as well as those they don’t. With that in mind, here are seven common misconceptions you might have about hacking.

1) Taking down a site is akin to hacking that site

One of the most common headline-grabbing moves by so-called hackers is to take down their site through a DDoS attack. A group calling itself Lizard Squad has been using this method to take down the networks of Playstation and Xbox Live. It’s a common method of protest by the hacker collective Anonymous, which has used it against such varied entities as the Westboro Baptist Church and, most recently, French jihadists.

These are not “hacks,” however, in the traditional sense of the term. A “hacker” is defined by the National Initiative for Cybersecurity as “an unauthorized user who attempts to or gains access to an information system.” Taking down a website or even a server does not take so much effort and certainly doesn’t demand infiltrating the host of the target. All you need is a simple distributed denial of service, or DDoS.

A DDoS is a network of computers all sending data packets towards one server with the goal of overloading said server. Far from many individuals sending data from their computers, however, the most common form of DDoS consists of networks of computers—typically hacked for this purpose without their owners knowing—all being used to flood a particular target.

Read the rest of the story at the Daily Dot.

TIME Innovation

Five Best Ideas of the Day: January 8

The Aspen Institute is an educational and policy studies organization based in Washington, D.C.

1. The same features that make cities hubs for innovation may spur inequality. Smart policies can strike a balance.

By Richard Florida in CityLab

2. Solar power can provide hot meals for the masses.

By José Andrés in National Geographic’s The Plate

3. A simple way to make a huge difference in the lives of foster kids: college scholarships for youth ‘aging out’ of the system.

By Jennifer Guerra at National Public Radio

4. When we include women in post-conflict peacekeeping, they do a better job of managing resources to prevent future war.

By Priya Kamdar in New Security Beat

5. It’s time to build a more secure internet.

By Walter Isaacson in Time

The Aspen Institute is an educational and policy studies organization based in Washington, D.C.

TIME Ideas hosts the world's leading voices, providing commentary and expertise on the most compelling events in news, society, and culture. We welcome outside contributions. To submit a piece, email ideas@time.com.

TIME movies

Theaters Pull Sony’s The Interview After Hacker Threat of Violence

Stars of 'The Interview' James Franco and Seth Rogen, left and center, appear on 'Good Morning America' on Dec. 15, 2014 Ida Mae Astute

The studio said it would support theaters' decisions not to show the movie

Some movie theater chains are pulling Sony’s film The Interview from their lineups in the face of the threat of a Sept. 11-style attack against theaters who screen the upcoming movie. Hackers who go by the name Guardians of Peace and who stole untold amounts of sensitive data from Sony Pictures Entertainment made the threat on Tuesday. The hackers oppose the release of Sony’s comedy, which portrays the assassination of North Korean leader Kim Jong Un.

Sony reached out to movie theater owners following the threat to say the studio is going forward with plans to release the film, but that it would support theaters’ decisions not to show the movie…

Read the rest of the story from our partners at NBC News

TIME Media

Is Reading Executives’ Hacked Emails Really Any Better Than Peeping at Hollywood in Its Birthday Suit?

Sony Pictures Classic 68th Annual Golden Globe Awards Party
Scott Rudin and Amy Pascal attend the Sony Pictures Classic 68th Annual Golden Globe Awards Party held at The Beverly Hilton hotel on January 16, 2011 in Beverly Hills, California. Jean Baptiste Lacroix—WireImage

Nick Gillespie is the editor in chief of Reason.com and Reason.tv.

Reading hacked emails is hardly any better than being a Peeping Tom

It was just a few months ago that everybody and his grandmother was truly livid—or at least feigned anger before firing up our search engines—when hackers released naked pictures of celebrities ranging from Jennifer Lawrence to Kate Upton to Dave Franco. Curiously, such outrage is almost completely missing in the media’s response to the massive hack attack against Sony Pictures Entertainment, which may be linked to the North Korean government and has dumped private emails, contracts, files of unreleased movies, and more all across the Internet.

This time around, there is unapologetic prurience at the chance to get a real behind-the-scenes look at an industry long notorious for its wicked, backbiting, and hypocritical ways. Big-shot producer Scott Rudin tells Sony co-chair Amy Pascal he thinks Angelina Jolie is “a minimally talented spoiled brat”? A-List director David Fincher is as difficult as Hitler was anti-Semitic? Tell us more!

Whatever the differences in public responses, the episodes underscore two basic points that are worth learning fast: First, nobody cares about other people’s privacy, especially if the divulged material is juicy enough. Second, privacy is itself a highly fluid concept that will have probably changed yet again by the time you finish reading this article. Once upon a time, for instance, the Supreme Court ruled that federal agents didn’t need warrants to tap phones. Privacy is invented more than it is discovered.

The deep pull of hacked naked pictures of celebrities isn’t simply that we common people get to see the stars in their birthday suits. After all, many celebrities have either bared all on their day jobs and hyper-realistic Photoshopped fakes of everyone from Sarah Palin to Joe Biden already haunt the Internet like Banquo’s ghost (there are probably full-junk shots of him online too). It’s that these are images that were not meant to be seen by the mere public (indeed, that was the lure of early celebrity sex tapes that, often as not, may have been made with the intention their being leaked). They promise some sort of secret knowledge of the “real” star that Hollywood has always tried to obscure in its manipulation of public images. In an age of Wikileaks, Edward Snowden, and–more importantly–TMZ, we don’t just want to see the finished product, we want to see what’s behind the curtain. And what execs really think of the stars they pay so well.

That’s true from the hacked emails and documents from Sony. When studio executive Clint Culpepper calls rising comedian and movie star Kevin Hart “a greedy whore” for demanding payment to do “social media” on a movie, it’s the sort of revelation that confirms all of our nastiest intuitions. The hypocrisy on display in the emails—a movie mogul pissed at a performer asking for money?—is nothing short of electrifying.

Similarly, when studio head Pascal and Oscar-winner Rudin—both public, liberal supporters of Barack Obama—start dishing race-based jokes about the president, we know we’re finally on the inside of a walled fortress built to protect phonies. “Should I ask him if he liked Django [Unchained]?” quipped Pascal in a note to Rudin written shortly before she was about to meet Obama at a fundraiser. “12 Years [a Slave],” replied Rudin.

This isn’t to say that there aren’t moments of something approaching valor and artistic courage. It’s widely believed the hack has some connection to The Interview, an upcoming comedy in which Seth Rogen and James Franco play bumbling journalists tasked by the U.S. government to assassinate North Korean dictator Kim Jong Un (that country’s officials have denied any involvement while denouncing the film as a “terrorist act”). After Sony proposed edits to the movie’s finale, apparently to make the movie less offensive to Korean communists, Rogen pushed back, telling Pascal, “This is now a story of Americans changing their movie to make North Koreans happy.” Good for Rogen, but when the star of Zack and Miri Make a Porno is the conscience of your industry, you might have bigger problems than learning how to turn on a firewall and encrypt your data.

There’s no question that Sony, like Apple in the nude photos hack, didn’t do enough to prevent the exposure. In 2011, Sony’s Playstation network was hacked, costing the company $171 million in damages and repair. Amazingly in the wake of that, Sony reportedly didn’t even encrypt sensitive data such as passwords and employees’ Social Security numbers.

The saving grace for Sony and victims of hacks may be that as it becomes increasingly difficult to keep secrets from determined hackers, the public will become less and less judgmental. Even a few decades ago, the release of nude photos was enough to cost Miss America her crown. However mortified they might be personally, none of the celebrities outed in the nude picture hack can claim much if any damage to their professional life. So it is with Hollywood hypocrisy and scandalous personal behavior, which has never been in short supply.

Short of revelations of serious crime—such as the rape allegations Bill Cosby is facing—the public will simply consume any behind-the-scenes drama as something akin to a bonus track on a DVD. If anything, expect seemingly unauthorized “hacks” to become strategically deployed to pique curiosity about projects. Certainly, The Interview is a more interesting movie when we know that studio executives wanted to tone it down.

And expect Hollywood players—phonies that they are—to be the most forgiving of all. Rudin and Pascal have already apologized for their “racially insensitive remarks” and Pascal has begun a ritualized apology tour by phoning the Rev. Al Sharpton and promising to go on the tax-avoiding MSNBC host’s show. Pascal has even managed to air kiss Angelina Jolie, the object of withering scorn in one of the most widely discussed email exchanges with Rudin. Most important, though, Rudin and Pascal have reportedly also forgiven each other for their harsh comments. Because in Hollywood, after all, it’s who you know that counts most of all.

TIME Ideas hosts the world's leading voices, providing commentary and expertise on the most compelling events in news, society, and culture. We welcome outside contributions. To submit a piece, email ideas@time.com.

TIME cybersecurity

This Is the Most Shocking Document in the Entire Sony Hack Leak

Sony Hack
A logo of Japan's Sony Corporation is displayed at its headquarters in Tokyo on May 14, 2014. Kazuhiro Nogi—AFP/Getty Images

It's not sexy, but it shows how bad things really are

The hacking of vast amounts of internal Sony data continues to generate headlines. On Dec. 8, the aliases of nearly a dozen Hollywood celebrities were leaked. That is in addition to unreleased films, employee salaries, scripts, and other sensitive documents spilling out online. The hackers responsible are reportedly making increasingly threatening demands on the company.

The episode is likely to continue given the sheer volume of data obtained. And that may be the most significant aspect of the leak itself. According to security expert Brian Krebs, the scope of the breach is enormous:

According to multiple sources, the intruders also stole more than 25 gigabytes of sensitive data on tens of thousands of Sony employees, including Social Security numbers, medical and salary information. What’s more, it’s beginning to look like the attackers may have destroyed data on an unknown number of internal Sony systems. Several files being traded on torrent networks seen by this author include a global Sony employee list, a Microsoft Excel file that includes the name, location, employee ID, network username, base salary and date of birth for more than 6,800 individuals.

To get a sense of the size, consider this filetree posted by Krebs, included in the leaked data. It’s not juicy like a celebrity’s secret code name or the musing of Sony employees about Adam Sandler’s career. But this mere skeleton of some of the information stolen is shocking in its scope.

Read More: The 7 Most Outrageous Things We Learned From the Sony Hack

Sony Filetree
Brian Krebs

Your browser, Internet Explorer 8 or below, is out of date. It has known security flaws and may not display all features of this and other websites.

Learn how to update your browser