

Visitors to Sochi Olympics will be instantly hacked - bdehaaff
http://sports.yahoo.com/news/visitors-to-sochi-olympics-will-be-instantly-hacked-201318818.html

======
jewbacca
Someone on Reddit seems to be claiming to have contacted the researcher behind
this story:

\----

Right technical post/description of how not to use technology coming up.

 _TL; DR_ I guess if you can't operate a box then there isn't much hope of
being able to operate a phone or a laptop.

# Phone:

User logs onto public wifi and was asked to run setup program to access
internet, setup program was actually malware. Note, this was a "user initiated
action" and whilst I realise that many people just download and run anything
without even checking the permissions anyone with even a modicum of technical
knowledge would not have been caught out by this. Also this would not affect
iPhones since they cannot run apps that are not distributed via the app store.

# Do not EVER use public wifi.

* log into reddit and then anyone within wifi range can steal your reddit session (same for all sites that don't enforce https on every page).

Ever seen that message that says "we couldn't verify the certificate for
mail.google.com" (or similar) when accessing emails? This is because the
people operating the wifi are intercepting secure traffic which means they can
intercept any password sent over the network, so if you have mail configured
and you click ok when that warning comes up (which 90% of users do
unfortunately because it just looks like a normal alert rather than a really
serious security warning) then they will have your email password.

# Mac laptop:

I actually don't know how this was done, I've contacted the guy from the video
and he said he will write up a technical post on Friday. Out of the box, new
macs only run code from the App Store so unless that setting was changed (in
which case saying it was hacked is bullshit rather than a simplification) I
just don't see how it could have become infected.

Edit: Found out that they downloaded an antivirus software from a dodgy site
and followed the instructions to allow it to run. If people are going to
follow instructions to disable security on their computer then there really
isn't much that can be done to help them.

# Windows Laptop:

They opened an email attachment in office and clicked "allow macros". Again,
not something that a clued up user would do. Still something that Microsoft
could handle better - make it something that has to be preconfigured rather
than just giving the user the option since there really isn't any good reason
for most consumers to be running macros.

# In summary:

Nothing new to see here and only one of the pieces of installed malware was of
Russian origin so basically this is just a bit of a smear campaign. Sure the
free wifi may be more dodgy over there than in the US/UK (yay for Britain) but
it is not a problem limited to Russia, I had the same problem in Sri Lanka and
public wifi is not secure and should never be used.

\----

u/daniel_chatfield

[http://www.reddit.com/r/videos/comments/1x2t3j/all_visitors_...](http://www.reddit.com/r/videos/comments/1x2t3j/all_visitors_to_sochi_olympics_hacked_immediately/cf7sbwo)

~~~
osipov
It is a bit offtopic but since you brought up the smear campaign -- the
campaign is much broader than just the hacking, it includes the LGBT rhetoric
[http://www.blacklistednews.com/The_Olympics_of_Hate_in_a_Nat...](http://www.blacklistednews.com/The_Olympics_of_Hate_in_a_Nation_of_Anti-
Gay_Laws%3F_/32494/0/38/38/Y/M.html)

~~~
herokusaki
Are you suggesting there being a connection there?

~~~
timje1
The gays must be coming to hack your laptop, in order to smear Russia.

------
atmosx
So let me get this into perspective: A US journalist is worried that _Russian
hackers_ [1] will _hack_ into his computer the _moment_ he turns it on at
Sochi.

Of course if the Olympics were held in Washington, he wouldn't be perplexed.
He would probably be so sure about it, that it wouldn't even be worth
mentioning.

This post is an prominent example of propaganda: No technical details, just
pure old FUD for the masses. Why and How did this came up in HN's frontpage
(we're supposed to me technically speaking, above average when it comes to
computers), is beyond me.

[1] Tall guys, short blond hair, speaking English with as Russian accent as
you can get, having obvious temper-control problems and always heavily armed
(K-7 and a couple of bombs, just in case) even when sitting on a 11.6" inch
laptop. Sorry, I forgot to add that they are probably sitting on a cold
basement in Syberia.

~~~
tripzilch
*Cyberia.

------
thogenhaven
Gotta love American hypocrisy: "Proving yet again what a fabulous idea it was
to stage the 2014 Winter Olympics in Russia, NBC has discovered that all the
Games' attendees can expect to immediately get hacked as soon as they get to
Sochi."

Wouldn't the US do the exact same thing if it was in the US?

~~~
sneak
I'm sure the US is doing the exact same thing at Sochi, though likely with a
bit more targeting.

~~~
honestanon
FIFY: I'm sure the US did this during the 1996 Atlanta Summer Olympics. A lot
of international leaders attended. I'm sure the was lots of targeting.

------
voltagex_
I'm gonna need to see some better sources for this claim. I mean, it's not
unbelievable but it's lacking in technical detail.

~~~
pyromine
I agree, this article gives little to any depth and makes broad claims with
little substantial info. I think we all could discern that there would likely
be a lot of more nefarious online activity surrounding these Olympics, but
surmising that everyone will near immediately get their devices hacked is a
bit much.

~~~
TwoBit
I gotta think that the primary concern is WiFi hotspots. It's easy to create a
bogus hotspot that spies on your communications.

~~~
nwh
Call it Apple Store and the vast majority of iOS devices will connect to it
automatically.

------
gnur
Instantly is a bit a overstatement. Whenever you connect to a public wifi
hotspot and don't use some kind of tunnel (ssh/vpn) you run the risk of
automatically downloading malware. Which isn't any different then any other
place in the world. Whenever I connect to a public wifi hotspot I use a ssh
tunnel, I wish them good luch injecting any malware in that stream.

------
eps
You can tell it's going to be an excellent article when a flight to Sochi
takes 75 hours.

------
midas007
Assume that hotels, regardless of country, are filming, tapping the phone and
the internet.

The other bit to realize is that there will be sex, around 100k condoms worth.
That's 35 condoms per athlete on _average_. Certainly there's dirty laundry
incentive for news and political orgs.

~~~
TwoBit
I'm pretty sure those athlete sex reports are highly exaggerated. Those
numbers are based on a ridiculous calculation where they took the number of
condoms shipped to the Olympics and divided it by the number of athletes.

~~~
chris_wot
You think it's just a few athletes having lots of sex? No wonder they are so
fit!

~~~
sanswork
I think they are forgetting all the people visiting the city for the olympics
that aren't competing in their numbers.

~~~
adaml_623
Actually these stories are generally talking about the number of condoms
available to the athletes in the athletes 'village'. But generally the condoms
are branded for the event (like everything else) and hance are souvenired in
large numbers distorting any estimates of athlete nookie.

------
stale
"Proving yet again what a fabulous idea it was to stage the 2014 Winter
Olympics in Russia..."

I should have stopped reading right there :)

------
blueskin_
No detail. How were they 'hacked'? How did they notice?

------
product50
I have judged Marissa Mayer because of this article making into Yahoo Sports.
Nothing has changed.

