Posting this here first, my thoughts to follow. Random thoughts below are draft :). Random thoughts on the matter We still need a single identifier in Malaysia (IC Number), this is administrative necessity. LHDN needs to check your bank accounts, Election Commission needs to know you’re not double-voting..etc. But that single identifier should not be used as an authenticator. No one should...
I keep this blog to help me think, and over the past week, the only thing I’ve been thinking about, was sayakenahack. I’ve declined a dozen interviews, partly because I was afraid to talk about it, and partly because my thoughts weren’t in the right place. I needed time to re-group, re-think, and ponder. This blog post is the outcome of that ‘reflective’ period. The...
I know the picture is a bit hard to read, but I wanted to make sure I had a detailed enough picture to understand the ‘innards’ of sayakenahack. Sometimes when you’re building stuff on the fly, and bottom-up, it’s good to take a step back, and have a top-down view. I’ll be expanding this post over time, wanted to get my thoughts down quickly on paper before I moved...
OK, this is my last post on sayakenahack.com, and I’ve got a script scheduled to run at Sunday midnight to tear down the database. So if you wanna check, you better do it now, cause in 3 days time, it’ll be gone. *poof* But here are my thoughts on this whole debacle — and it’s going to get emotional, so don’t say I didn’t warn you. So let’s start with the...
Why does sayakenahack have dummy data? If I enter “123456” and “112233445566” I still get results. I was struggling with answering this question, as some folks have used it to ‘prove’ that I was a phisher. We’ll get to that later, for now I hope to answer why these ‘fake’ IC numbers exist in the sayakenahack. Firstly, I couldn’t find a...
On the 19th of October, Lowyat.net reported that a user was selling the personal data of MILLIONS of Malaysians on their forum. Shortly after, the article was taken down on the request of the MCMC, only to put up again, a couple of days later. Lowyat later reported that a total of 46.2 Million phone numbers were exposed, and the data included IC numbers, Addresses, IMSI, IMEI and SIM numbers as...
I haven’t blogged in a while because I’m busy studying (yes, studying) for my OSCP certification. But what happened over the week, was just to mind-blowingly stupid to ignore. Here’s what happened…. A Taiwanese company released a game titled Fight of Gods, which as the name implies, has Gods fighting among themselves. But the developers didn’t ‘just’ use...
The fact that this RM2 company manage to raise RM500 million should be news enough, but claims that it lost all it’s money to ‘hackers’ is too hilarious for me to ignore. If you haven’t heard, a get-rich-quick scheme called JJPTR, claimed it lost RM500 million to hackers, which even with today’s depreciating ringgit would exceed a value of USD100 million. For...
Channel News Asia posted last week that hackers could steal your info by just knowing your phone number. Woah!! Must be some uber NSA stuff right–but no, it was a couple of guys with Metasploit and they required a LOT more than ‘just’ the phone number. The post was an add-on to a current affairs show called Talking Point, that aired an episode last week about cybersecurity...
Would North Korea ever declare war on Malaysia? Probably not. But nothing is predictable when you’re dealing with a erratic despot who killed his own uncle with an anti-aircraft gun. Realistically though, few nations have the resources and political will, to launch a war, half-way across the world. And neither Malaysia nor North Korea are one of those ‘few’ nations. But what if...