Skip to main content

The Internet Archive hackers still have access to its internal emailing tools

An image showing a laptop with “Error” notifications on the screen
Photo by Amelia Holowaty Krales / The Verge

Early this morning, I received an email from “The Internet Archive Team,” replying to a message I’d sent on October 9th. Except its author doesn’t seem to have been the digital archivists’ support team — it was apparently written by the hackers who breached the site earlier this month and who evidently maintain some level of access to its systems.

I’m not alone. Users on the Internet Archive subreddit are reporting getting the replies, as well. Here is the message I received:

It’s dispiriting to see that even after being made aware of the breach 2 weeks ago, IA has still not done the due diligence of rotating many of the API keys that were exposed in their gitlab secrets.

As demonstrated by this message, this includes a Zendesk token...

Continue reading…



from The Verge - All Posts https://ift.tt/HUeyLb3
Labels:

Comments

Post a Comment

Popular posts from this blog

Pandora Stories lets artists add commentary to their own playlists

Pandora launched Stories today, a tool that lets artists and creators add voice commentary to their own playlists. The Stories feature merges podcasts with music playlists, and is meant for artists to add context to an album, or for podcasters to experiment with new storytelling formats. The feature is part of Pandora AMP, the streaming service’s free Artist Marketing Platform that helps creators promote their work. To kick off the launch, Pandora’s prepared some Stories by artists like John Legend and Daddy Yankee, who tell listeners their personal stories interspersed between their own songs. There’s also a Stories playlist called Love Songs That Aren’t Really Love Songs , which includes commentary on individual songs like a podcast... Continue reading… from The Verge - All Posts https://ift.tt/2Xz1oNc
Post a Comment
Read more

Minneapolis hiring social media influencers for former police officers’ trials

George Floyd died in police custody in May 2020 | Getty Minneapolis is hiring social media influencers to share “city-generated and approved messages” during the trials of four former city police officers charged in the May 2020 killing of George Floyd, according to the Minnesota Reformer . The Minneapolis city council approved the plan on Friday, which calls for six influencers to be paid about $2,000 each to spread the city’s messages with Black, Native American, Hmong, and Latino communities. The goal is to “address/dispel incorrect information” by using “trusted messengers,” part of a program the city refers to as its Joint Information System to share “timely and relevant information” with the public during the trials. “Through the Communications and Neighborhood and Community Relations... Continue reading… from The Verge - All Posts https://ift.tt/3q1AY3x
Post a Comment
Read more

Android Addition Opens FIDO Password Killer to Billions

The FIDO Alliance hammered another nail into the passwords coffin with the announcement that devices running Android 7.0 or higher will be compatible with FIDO2. Certification of Android 7.0+ means devices running those versions of Google's mobile operating system will support FIDO2 out of the box or through a software update. FIDO2, introduced last year, provides a FIDO Web authentication standard that combines the World Wide Web Consortium's Web Authentication specification with FIDO's Client-to-Authenticator protocol. from TechNewsWorld https://ift.tt/2GQVG4f
Post a Comment
Read more