

Hackers Steal Millions in Carbon Credits - cwan
http://www.wired.com/threatlevel/2010/02/hackers-steal-carbon-credits

======
patio11
Carbon credits are an attractive target for all forms of deception because
they're modeled on an institution that has a couple of hundred years worth of
bullet-proofing but do not themselves use the same, battle-tested
institutions.

For example, if I tell you "I've got here a number which represents a one
millionth part ownership in a company in a country you've never been to --
will you pay me $600 for it?", as insane as that might sound it is actually
pretty routine. You can trust that paying me $600 will effect the transfer for
the number, that the number does indeed represent a one millionth part
ownership in a company, and that the company actually exists. This is
guaranteed by an interlocking web of regulations, trusted relationships, and
whatnot which is one of the wonders of the modern era.

By comparison, carbon credits are, well, is magic a strong word? With stock
you're paying for partial ownership in something which doesn't exist but is
convenient to think about for illustrative purposes. With carbon credits
you're paying for partial ownership in something which might have existed but
didn't, and potential-but- _crucially_ -not-actual existence is convenient to
think about for illustrative purposes.

My private suspicion is that carbon credits probably involve outright fraud on
a scale that would shame Communist agricultural ministers.

~~~
rue
This reminded me of the pork futures warehouse :)

------
ugh
Why the talk about politics in the comments here when this is nothing but a
plain old phishing attack? Isn't this about phishing, not regulations, good
governance, climate change or any such thing? This has nothing to do with
whether in principle carbon credits are good or bad, does it? Sure, it might
tell you something about the security of their online trading system (or about
the stupidity of the workers who fell for the phishing), but nothing else. I
don't get it. Please tell me.

------
Timothee
It reminds me of a Rolling Stone article about how Goldman-Sachs has been
behind the regulations and systems that made the last bubbles possible. It
finishes with explaining how the next market would be carbon emissions. The
fact that carbon emissions tickets are now an item to steal is a bit worrying.

[http://www.rollingstone.com/politics/story/29127316/the_grea...](http://www.rollingstone.com/politics/story/29127316/the_great_american_bubble_machine)

------
jdietrich
I'm getting some serious future shock here - two weird science-fictional
ideas, combined in an unexpected manner, seem to result in weird^2 rather than
the expected 2weird.

It's apt that someone should mention Terry Gilliam's Brazil; This news item
seems to evoke the same general feeling - being awestruck by a society that
resembles a perpetual-bureaucracy machine.

------
lionhearted
In the past, I wished for a sane and cautious government. I wished for a
government run by intelligent and cautious people who believe in incremental
progress and are skeptical of new bureaucracy. I wanted a government where
leaders are accountable and individuals are protected first as individuals. I
wanted the primary job of politicians to be to role models and advocates,
looking to encourage voluntary good behavior rather than legislating it.

I'm starting to think that's impossible.

And if it is impossible, then I want the biggest, most ridiculous frigging
circus imaginable. I want more regulation, regulations contradicting other
regulations, courts getting into feuds with other courts, criminals stealing
bureaucratic credits. If good governance is impossible, then at least let the
bureaucracy be entertaining. Bring on the circus. More bailouts, more
surveillance, more legislation, more courts, more politicians, more taxes,
more programs, more agencies. Bring on the circus - if good government is
impossible, then at least let us be entertained.

~~~
s3graham
Have you got a 27B/6? <http://www.youtube.com/watch?v=eosrujtjJHA>

------
theprodigy
this just goes to show that social engineering is the most important part of
being a hacker. That is a good payout 4 million in one day for a simple
phishing site.

I know stealing is wrong, but I am impressed with their execution.

It also enforces the belief that network security is more dependent now on
educating the people that use it.

