8 years ago
21
John McAfee: Ashley Madison database stolen by lone female who worked for Avid Life Media
Yes, it is true. Ashley Madison was not hacked - the data was stolen by a woman operating on her own who worked for Avid Life Media. The reason that I am so late to the second act of the Ashley Madison affair is that, without a supercomputer, it has taken over a week to finish the analysis of the massive data dumps that the perpetrator has so generously provided us with.
Continue Reading
http://www.ibtimes.co.uk
Join the Discussion
Err. Sorry John. I have a penis, and I have and do refer to some people as scumbags.
I have one too, and I'd refer to John McAfee himself as a scumbag.
true but combing over the rest of the manifesto where they declare men as cheating dirtbags and the tone of the article its not hard to play devils advocate and easily see this as a female employee.
now to be extremely un pc idk why it wouldnt be apparent women wouldnt be as fit to be in a powerful position of a company that lets men cheat
I was under the impression that men and women used that website to cheat..
I though that, too, but Gizmodo is claiming that, of the 5.5 million female profiles,
Pretty funny. Or maybe just sad.
I saw that the website adultfriendfinder had similar statistics. It's interesting, do you think they let their members know? "Hey, most of the girls you meet on here are actually just scammers. The number of actual women on our site is really low."
Scumbag is even gender neutral, anyone can be a scumbag.
And it's not exclusive to American and Canadian English.
The title is a little misleading, its speculation at this point based on the article. And the overall tone of the article doesn't sound like there was any benefit to combing through all the data like the author points out. Its mostly the vastness of the data and the manifesto wording. As for the reasoning, employees are also segregated off from data, even an IT worker in a company this size would likely not have access to the financial data unless they were high ranking so that argument is a little weak. Not saying this is not what happened, its just guessing at this point.
Okay the human who wrote this is a jackass. One, why does he have to so greatly emphasize that the leak was done by a woman who did not hack but just had access. As if because she's a woman that inherently means she is incapable of hacking. I think it's important to know how it happened, but he seems to very stuck on the fact that she's a woman and she did not hack.
Two, why would only women use the term scumbags? I'm pretty sure that's not a thing.
Even if it was some crazed woman leaking information out of male hatred, this guy is equally as batshit. I'm glad I already think McAfee software sucks ass.
Also apparently being a know it all jackass is his thing: http://www.ibtimes.co.uk/john-mcafee-i-know-w...ed-sony-pictures-it-wasnt-north-korea-1483581
I don't know why this made me so mad.
Sounds like you haven't been exposed to much of John McAfee, lol. This is how he always is.
Also, I don't know how much of this is true, but he says the software went to crap after he left. He himself says that it's terrible.
Yeah I haven't. I just know that his software has plagued computers of the elderly for ages.
Because John McAfee is a scumbag.
If you want to know more about that, just read his Slashdot interview : http://interviews.slashdot.org/story/14/04/06.../interview-john-mcafee-answers-your-questions
Drug dealer? This guy is whack.
Darnit! You beat me to the post! ;)
I like the analysis of the dump. While it made a number of nebulous assumptions, I thought it was pretty well reasoned. It makes sense that an external threat could care less about things like IP addresses of all the AM servers, floor plans of the offices (wtf?), and actual mysql DB dumps.
Will be interesting to see where this leads.
What's special about that? A DB dump is the first thing I'd do if I wanted to steal data.
Sure, a dump done with SHOW DATABASES, SHOW TABLES, DESC foo, SELECT FROM foo if you only can do SQL injection, or maybe dump using mysqldump if you find some mysql credentials.
But logging into the DB-server via ssh as root and copying /var/lib/mysql/? That sounds like an unnecessary amount of work for an attacker (but is easy to do for an insider).
Not really, you only need a priviledge escalation exploit. Most companies aren't very dilligent in updating their servers and it's not that hard to enter via a known exploit.
So that person had insider knowledge of the techonology stack because he or she made a mysql dump instead of blindly copying the tables? Really?
AM was a PHP site, MySQL is exactly the database I expected it to have. Looks like I had insider knowledge too!
They dumped DBs / Repos / Mail, one would hope that they all resided on separate servers...
So? They still all are on the same network. If you are undetected (and if you found a good entry, you usually stay undetected), you can scout around for pretty much anything you want.
Oh just stating that they should have been separate. If they weren't... /facepalm (I know separation wouldn't have stopped it, just saying that all things on one is just asking for trouble).