Skip to main content

The Internet Archive hackers still have access to its internal emailing tools

An image showing a laptop with “Error” notifications on the screen
Photo by Amelia Holowaty Krales / The Verge

Early this morning, I received an email from “The Internet Archive Team,” replying to a message I’d sent on October 9th. Except its author doesn’t seem to have been the digital archivists’ support team — it was apparently written by the hackers who breached the site earlier this month and who evidently maintain some level of access to its systems.

I’m not alone. Users on the Internet Archive subreddit are reporting getting the replies, as well. Here is the message I received:

It’s dispiriting to see that even after being made aware of the breach 2 weeks ago, IA has still not done the due diligence of rotating many of the API keys that were exposed in their gitlab secrets.

As demonstrated by this message, this includes a Zendesk token...

Continue reading…



from The Verge - All Posts https://ift.tt/HUeyLb3
Labels:

Comments

Post a Comment

Popular posts from this blog

Pandora Stories lets artists add commentary to their own playlists

Pandora launched Stories today, a tool that lets artists and creators add voice commentary to their own playlists. The Stories feature merges podcasts with music playlists, and is meant for artists to add context to an album, or for podcasters to experiment with new storytelling formats. The feature is part of Pandora AMP, the streaming service’s free Artist Marketing Platform that helps creators promote their work. To kick off the launch, Pandora’s prepared some Stories by artists like John Legend and Daddy Yankee, who tell listeners their personal stories interspersed between their own songs. There’s also a Stories playlist called Love Songs That Aren’t Really Love Songs , which includes commentary on individual songs like a podcast... Continue reading… from The Verge - All Posts https://ift.tt/2Xz1oNc
Post a Comment
Read more

Android Addition Opens FIDO Password Killer to Billions

The FIDO Alliance hammered another nail into the passwords coffin with the announcement that devices running Android 7.0 or higher will be compatible with FIDO2. Certification of Android 7.0+ means devices running those versions of Google's mobile operating system will support FIDO2 out of the box or through a software update. FIDO2, introduced last year, provides a FIDO Web authentication standard that combines the World Wide Web Consortium's Web Authentication specification with FIDO's Client-to-Authenticator protocol. from TechNewsWorld https://ift.tt/2GQVG4f
Post a Comment
Read more

Nintendo Switch Online reaches more than 100 retro games

Illustration by Alex Castro / The Verge Nintendo has hit a milestone with the ever-growing library of retro games included in its Nintendo Switch Online service. The next batch will take the number of available games past 100, with five new titles resulting in a total of 104. In keeping with recent form , the latest additions are, well, not necessarily blockbuster releases. Here’s the list: Caveman Ninja: Joe & Mac , a prehistoric action game released in arcades and ported to the SNES by Data East in 1991 Magical Drop 2 , a 1996 Data East puzzle game for the SNES that was originally on the Neo Geo but never previously got a Western release Super Baseball Simulator 1.000 , a SNES baseball game released by Culture Brain in 1991 Spanky’s Quest , a 1991 SNES action game by Natsume... Continue reading… from The Verge - All Posts https://ift.tt/3eXBE7D
Post a Comment
Read more