FEMA Phones Hacked, Calls Made To Mideast and Asia 241
purplehayes writes "A hacker broke into a Homeland Security Department telephone system over the weekend and racked up about $12,000 in calls to the Middle East and Asia.
The hacker made more than 400 calls on a Federal Emergency Management Agency voicemail system in Emmitsburg, Md., on Saturday and Sunday, according to FEMA spokesman Tom Olshanski."
In FEMA's defense (Score:5, Funny)
Re:In FEMA's defense (Score:5, Insightful)
Hey, it would be a little 'justice'...considering how badly FEMA screwed over many from the area.
Just another example of the incompetence of this Federal government agency. From my experience with them, and most all other govt agencies that have to deal with large numbers of people...sadly, the incompetence, red tape, and waste of money is a common denominator.
And now...we're wanting to put THEM in charge of our medical care? Scary.
Re:In FEMA's defense (Score:4, Funny)
Re:In FEMA's defense (Score:5, Funny)
Did anyone else "hear" that in Abe Simpsons voice?
"Epa! Eeeepaaa!"
Re: (Score:2, Interesting)
Hey, it would be a little 'justice'...considering how badly FEMA screwed over many from the area.
Once upon a time, people believed these words: "Ask not what your country can do for you, but what you can do for your country!" Though, I doubt you can figure out what I'm getting at.
Re:In FEMA's defense (Score:5, Informative)
"Ask not what your country can do for you[...]
I recognize these words. I think these were uttered by JF Kennedy, the man who started the war in Vietnam, sent thousands of American conscripts to die there, all while snorting coke off Marilyn Monroe sweet butt (and while his brother the Attorney General Bobby Kennedy wiretapped Martin Luther King and other civil rights leaders).
No wonder that asshole didn't want us asking what our country could do for us.
[...] but what you can do for your country!"
You actually believe that shit? Talk about "useful idiots"...
Re: (Score:3, Funny)
Re: (Score:2)
Re:In FEMA's defense (Score:5, Insightful)
Re: (Score:3, Insightful)
Sure, and people are stupid for living in California with its earthquakes and wildfires, and people are stupid for living in the midwest with the tornados, and people are stupid for living pretty much anywhere in the U.S. with the yellowstone caldera overdue to blow, and people are stupid for living . . .
Pensacola has had the misfortune to be hit by several hurricanes. By your logic, you are a fool to still live there.
And for all of the smug idiots who think they are paying for me to live in what should be
Re: (Score:3, Interesting)
Houses in California are earthquake resistant, by law, and you're not *supposed* to be able to build in wildfire prone areas. You'll notice when they do come, very small numbers of properties are damaged compared to say a hurricane because they're mostly burning empty land.
The fact that the only flood insurance available in NO is government subsidized should give you some indication of relative risk.
Re: (Score:2, Insightful)
And now...we're wanting to put THEM in charge of our medical care? Scary.
Well, as a Canadian I can tell you that you're right, health-care run but bureaucrats is a bit scary. But, there is a bit of a problem with the alternative: the nature of heath-care is such that unless you are VERY rich, you want insurance. The problem with insurance is that it's not their job to heal you, it's their job to make money - and they are very good at it.
So, an incompetent bureaucrat managing my health care dollars is still much better than an insurance company.
PS: This goes for car insurance t
Re:In FEMA's defense (Score:4, Insightful)
The big, really big, in fact just simply enormous problem with where the US healthcare system is heading is that you will have an incompetent bureaucracy subcontracting management to an insurance company. Worst of both worlds.
If you think the problem is bad now, just wait until we fix it! (attrib: somebody or other, use Google if you must know)
Re: (Score:2, Insightful)
I'm a little uncertain as to why you think private insurance provides more efficient health care? If anything, private insurance makes more profit by denying as much health care as possible.
Re: (Score:2)
Re:In FEMA's defense (Score:4, Informative)
The DEA is already employing private security for their raids. [boingboing.net]
Re: (Score:3, Informative)
He's wearing a Blackwater t-shirt. It doesn't mean he's actually a Blackwater contractor. I also don't see any reason for the DEA to hire Blackwater for something like this.
Re: (Score:2)
i wouldn't mind living in a SR world.. would be kinda neet
Re: (Score:2, Insightful)
Re: (Score:2)
Re: (Score:2)
>I'm not the GP, and no I don't advocate privately run police forces.
You mean vote for an unknown dude with a winning smile as sheriff or something?
Re: (Score:2)
I don't think anyone would, knowing that Liquid Ocelot could take control of all of them.
Re: (Score:3, Interesting)
Yeah...and you end up paying like 60%+ or more in taxes on what you make? No thank you...I'd rather take my money and do it myself. I set up a HSA, max it out with money pre-tax, and pay as I go. I get discounts from physicans on office visits and tests when they find I'm paying for myself. I have a high ($1200) deductible account ONLY for disasterous emergency care
Who hacks phones anymore? (Score:2, Offtopic)
Re:Who hacks phones anymore? (Score:5, Interesting)
You kids and your IP telephony. Get off my lawn!
Re:Who hacks phones anymore? (Score:5, Interesting)
I saw this on Yahoo news this morning (and submitted it, apparently my submission wasn't the first). It looked to me like the purpose of the hack was to discredit the DHS, which is FEMA's parent organization.
Note that all the calls went to middle east countries, including Afghanistan and Yemen, both Taliban havens. IMO the hacker did the US a great service by exposing FEMA's incompetence. Katrina is fading in folks' memories and "Brownie", who took the fall for that cluster fuck, is long gone but the agency is still apparently still incredibly dysfunctional and run by incompetents.
Excellence and failure both start at the top. When the head guy is incompetent, he will hire incompetents.
Re: (Score:3, Informative)
Re:Who hacks phones anymore? (Score:5, Insightful)
If you haven't noticed, the best way to get a bigger budget and more power is to be incompetent. That's the supposed reason why DHS was created in the first place.
If you subsidize stupidity, that is all you'll ever get.
Re:Who hacks phones anymore? (Score:5, Insightful)
I'd like to offer a dissenting opinion on the FEMA issue in New Orleans. States are supposed to have some kind of emergency preparedness of their own. It's not enough to just fall apart and beg for FEMA to save you. FEMA's traditional role has been to show up late and provide sustaining support in the aftermath of an event, not to be the first responders at the moment of crisis. Many other states understand this. Texas (a nearby neighbor who ended up bearing the brunt of the NO disaster refugees) for example rarely needs FEMA - when hurricanes head for Texas, they deploy their local resources to remedy the immediate situation.
The problem with the NO disaster was not FEMA. The problem was the bankrupt, ineffective, unprepared, and completely corrupt local and state governments in the area who had nothing to offer their citizens when disaster struck.
Re:Who hacks phones anymore? (Score:4, Interesting)
This is the "piss on you an say it's raining" school of government indulged in by the Bushies and all their forbears back to Goldwater. When you deliberately place incompetents in government, you undermine it. There's nothing essential about incompetence anywhere, not even that giant bastion of incompetence, big business.
There is much better evidence for incompetent (but nonetheless gigantically paid) CEOs than for incompetent public servants. Public servants are subject to sunshine laws that would make the aforementioned CEOs run away screaming in terror. Libertarian duckspeak like the above paragraph just looks more and more ridiculous each year.
Hacker? (Score:5, Informative)
Re:Hacker? (Score:5, Funny)
He used a whistle found in a cereal box.
Re:Hacker? (Score:5, Funny)
Re: (Score:2, Funny)
Actually he is old school and trained himself to fart at 2600hz...
Re:Hacker? (Score:4, Insightful)
Yes, the correct term is Phreaking [wikipedia.org], but come on, this is the AP....you expect them to get that right?
Re:Hacker? (Score:4, Interesting)
this is the AP....you expect them to get that right?
No, but I do expect Slashdot to get it right.
Re:Hacker? (Score:4, Funny)
this is the AP....you expect them to get that right?
No, but I do expect Slashdot to get it right.
I'd say "you're new here", but your id is low enough that I have to resort to "you should know better."
Re: (Score:2, Interesting)
I bet a dollar that there was some sort of default password left intact, so it was
da fault of the installer. Thats the oldest school phreak in the book.
I remember in the 80's when we used to wardial to find computers and PBX's,
a friend and I discovered a DEC owned PBX with a dial in, input code, dial out line.
The code was only 4 digits long so before we brute forced it with a sequential
attempt, we kept trying to spell different 4 letter words. Lo and behold, the passcode was
ROCK, typed on the touch tone key
Re: (Score:3)
Re: (Score:2)
I thought phreakers became extinct back in the 80s
Re: (Score:2, Insightful)
For example - GAY used to mean happy. It doesn't, anymore... because the majority of people no longer think of it that way. Therefore, if you're GAY, you're homosexual, not happy.
Same thing with Pirate/hacker.
get a life, and move out of your mom's basement.
Re:Hacker? (Score:4, Funny)
"If the majority of society has changed the meaning of some workds (hacker/pirate), then the meaning has changed for THE MAJORITY, which now makes you WRONG."
Please tell the biologists to stop misusing bisexual, then. Also tell physicists that quantum leap actually means a big change, not a small one.
Re:Hacker? (Score:4, Informative)
See? Apologism and insults.
As if the rightness or wrongness of something depends upon how many people accept it. The majority can be wrong. Just because a use is accepted in everyday use, doesn't make it right. If you have to cite definition 3 to defend use of a word....
It follows that any struggle against the abuse of language is a sentimental archaism, like preferring candles to electric light or hansom cabs to aeroplanes. Underneath this lies the half-conscious belief that language is a natural growth and not an instrument which we shape for our own purposes.
- George Orwell
http://www.resort.com/~prime8/Orwell/patee.html [resort.com]
'But languages change'
There's evolution and there's corruption. By allowing the corruption of the word hacker, people who are hackers in the correct sense are lumped in with those in the incorrect sense. Now we have to come up with another word for those who are hackers in the original sense... when we already had words for both! By allowing copyright infringement to be called piracy, they are associating it with something far more sinister than kids swapping files. If some Germans were Nazis, it would be wrong to call all Germans Nazis, wouldn't it? Unless we water down what we originally meant by Nazi.
We think in language. Propagandists use this against us all the time. "It's not murder... it's execution."
Another clip from Orwell:
Consider for instance some comfortable English professor defending Russian totalitarianism. He cannot say outright, "I believe in killing off your opponents when you can get good results by doing so." Probably, therefore, he will say something like this:
While freely conceding that the Soviet regime exhibits certain features which the humanitarian may be inclined to deplore, we must, I think, agree that a certain curtailment of the right to political opposition is an unavoidable concomitant of transitional periods, and that the rigors which the Russian people have been called upon to undergo have been amply justified in the sphere of concrete achievement.
____
An Anonymous Coward saying something silly throwing in some childish ad hominem passes for insightful?
At least have the courage of your convictions. If you're you going to slam someone, don't hide behind anonymity where you can't be held accountable. You could try posting like an adult, and then you could make your point without cowering.
Re: (Score:2)
Re: (Score:2)
Bravo!
Re: (Score:2)
Where's King Knut when we need him?
Hacker and pirate are far from the only words to have shifted meaning since the advent of the Jargon File. This points to a larger issue: specialized language ("jargon") that has been assimilated by the mainstream will not maintain a consistent definition. Expecting it to do so--or actively attempting to make it do so--is futile.
Re: (Score:2)
I don't expect to have to do that where 'experts' are supposed to be 'editors'.
Re: (Score:3, Insightful)
Changes in language can be classified as "ignorance" only by the same logic that Iraq can be classified as "Successful." As has been said before: language changes. Dealing with that change, or ordering it back like Knut ordered back the tide, is entirely up to you.
But please do not expect people to appreciate or respect you when you're being irrelevant.
Re: (Score:2)
And has also been said before: So what - that doesn't cause random errors made by uninformed ignoramuses to magically become correct usage.
Yes, it does (Score:2)
As has been said before: language changes
And has also been said before: So what - that doesn't cause random errors made by uninformed ignoramuses to magically become correct usage.
That's exactly the process by which language changes, dude. When people start using terms incorrectly and people don't understand what they mean, those people are wrong. When the incorrect usage overtakes the correct usage and more people will understand the "incorrect" usage, then it's no longer "incorrect." Use of the outdated form may in fact come to be incorrect later on.
Language is about conveying meaning. Any language rules that exist, exist to standardize and facilitate communication. That means
Re: (Score:2)
Re: (Score:2)
Phone Hacking (Score:2, Funny)
I never understood why someone would or could make exhorbatent amin long distance phone calls. The only thing I can figure out is that some nerd was busy talking to his girlfriend on vacation.
While (Idiot.onphone) {
"Hang up!"
"You!"
"No You!"
"No You Hang up!"
}
Re:Phone Hacking (Score:5, Funny)
I'm sure there's a flaw in that theory, but I just can't put my finger on it.
Who is valuing these minutes? (Score:5, Interesting)
Twelve Grand?! Is this another indicator of inflation? Who is billing this out? For 12 grand the phone companies should give you a phone that will work for life, from anywhere, to anywhere. Are the same people responsible for claiming that a quarter of schwag has a "street value" of fifty grand?
Re: (Score:2, Informative)
Twelve Grand?! Is this another indicator of inflation? Who is billing this out? For 12 grand the phone companies should give you a phone that will work for life, from anywhere, to anywhere. Are the same people responsible for claiming that a quarter of schwag has a "street value" of fifty grand?
Well look at it this way. $12,000 in calls divided by the 400+ calls would bring it to less than $30 per call. For anyone who has made calls to overseas knows that the rates are freakin expensive.
For example from the FCC [fcc.gov]
Here are sample costs for calls to France from the U.S. at basic and discounted rates:
Basic Rate is $1.77-2.77 per minute
Note: The actual rates and terms from companies you choose may be different than those shown.
Re: (Score:2, Informative)
No, it's the rate charged for this. Seriously. This same thing happened at one of my previous jobs and it left us with a $20K+ bill that we disputed with the phone company over a period of weeks.
Re: (Score:2)
Thast not a lot. They probably dont have an international plan, so they were charged ala carte fees.
For those of us used to VOIP, its crazy, but phone companies still charge out the wazoo for calls.
Re: (Score:2)
They should just call it the "You made us look stoopid" tax.
Re: (Score:2)
Re:Who is valuing these minutes? (Score:5, Informative)
Personally I've always thought people stupid enough to call weed "schwag" would be stupid enough to pay 50 grand for a quarter of it.
"Schwag" refers to the quality of the weed, like "middies", "kind" and "dank". "Schwag" refers to brownish, dry, shakey crap with seeds and stems (usually outdoor bud grown in Mexico). A quarter of schwag isn't worth much more than $20-$30 (at least on the east coast).
Verizon guy (Score:5, Funny)
He kept calling that damned annoying Verizon guy.
"You're in Thailand now? Can you hear me now?"
No Skype? (Score:2)
Re:No Skype? (Score:5, Funny)
So he doesn't have a Skype account?
Pfft! Who needs Skype when you have the FEMA Phone! Yes! With the FEMA Phone you can call anywhere in the World for FREE! And if you act now, you can get your own FEMA Trailer for Free!
Subject to criminal prosecution and penalties. Offerer is not responsible for purchaser's stupidity.
Re: (Score:2)
Re:No Skype? (Score:4, Funny)
What's scary is that I read the disclaimer at 3x actual talking speed.
Incompetence... (Score:4, Insightful)
DHS is like the laughing stock of government security. Being PBX Phreaked with a 15 year old hack is just bad... Hope the next administration isn't this incompetent.
Re: (Score:3, Interesting)
Hope the next administration isn't this incompetent.
I'd say it wasn't possible to have a worse President, but I thought I'd never see a worse President than Carter, either. Bush proved me wrong on that one, now I worry and just keep my fingers crossed. I'm not too thrilled with either McCain or Obama, and will be voting against both of them.
Re: (Score:2)
Really? And just who will you be voting for?
Re: (Score:2)
Either Libertarian candidate Bob Barr or Green Party candidate Cynthia McKinney. It doesn't matter as both will lose, but I'll be casting a vote against Corporate Party candidates McCain and Obama.
Re: (Score:2)
Interesting. I didn't think about ether of those. While I'm sure that both will lose compared to tweetledee and tweetledumbass but that might be just a damn good idea. I think there should be one more option on the ballot. A "none of the above" that expresses a no confidence in any of the candidates.
Re: (Score:2)
There's a fifth party as well, the Constitution party, but I'm not sure if they're on the ballot in Illinois. I'm fairly certain the Greens and Libbies are.
Re: (Score:2)
Ah that's obvious, for the groove minister [is.gd]!
Re: (Score:2)
Default password? (Score:3, Interesting)
Government Accounting (Score:5, Funny)
400 calls totalling $12,000.
That is, about $30 per call.
And from the article: "Most of the calls were about three minutes long, but some were as long as 10 minutes."
As long as 10 minutes? Not only did FEMA have a badly configured phone system, they must have had some of the crappiest call plans I could possibly imagine. I mean, where were the calls terminating? The moon?
Your tax dollars at work.
Re: (Score:2)
They probably had a no-bid phone contract from KBR shoved down their throats over at DHS. And since DHS workers aren't in the civil-service union, there's no whistleblower protection, so nobody squawked.
Re: (Score:2)
Oops, knee jerked a little too fast. FEMA, dammit, not DHS. I hate it when screw-ups don't ratify my world-view.
Re: (Score:2)
Expensive rate (was:Government Accounting) (Score:3, Insightful)
Assuming the phone was "off the hook" for the entire 48 hours and only one call is placed at any given time, that's 2880 minutes, or $4.17 a minute. Any phone company charging that kind of rate per minute will get call into the capital by state utility commission (AT&T charges just over a buck a minute for cellphone roaming calls originating in Asia.)
Hackie, (Score:2)
What a surprise (Score:2, Insightful)
If anybody ever doubted that these clowns are better at sucking up tax dollars and destroying the US Constitution than providing security, look no further for the proof.
Osama must be laughing his ass off.
Re: (Score:2)
Osama is long dead, so no he is not laughing.
Re: (Score:2)
Baseline security is not a 'small technical problem'. All the easy stuff should be done, always. ESPECIALLY if you are under a branch with the word "security" in it. I wonder how many public exposed routers these clowns have running telnet. Probably with ssh alongside. WTF?
Re: (Score:2)
Thanks for saving me the problem of responding to somebody who just doesn't get it.
Silly (Score:3, Insightful)
Hacking PBXes was ok 15 years ago.
Hacking them now is pretty much guaranteed to get him caught.
Oh well...
But he assured the hole has since been closed... (Score:5, Insightful)
"I don't know who it was or what they did or didn't do, but I assure you they fixed it."
Cracker, not hacker... (Score:2)
I mean really, I know the /. janitors are determined to bring tabloid-standard reading levels in, but you'd think they'd at least get *that* bit right.
Re: (Score:2)
I think you meant "phreaker", not cracker.
-b
Misappropriation (Score:2)
With that little bit of semantics out of the way, I wonder what system they were running. Audix perhaps?
Emmittsburg? (Score:2, Informative)
oh come on... (Score:2, Informative)
Captain Crunch (Score:2)
It was Captain Crunch [wikipedia.org]
Actually, this is /. I suppose I didn't really need that link did I?
what was the point? (Score:3, Interesting)
is this terrorism? or just plain old hacking?
what's the point of breaking into a federal telephone system to call asia and the middle east?
surely if you have the know-how to pull that off, you could have gotten the calls for free anyway?
so what was the point? was it a diversion? or a lesson hack?
Re: (Score:2, Interesting)
The 400 calls aren't necessarily consecutive.
Many times these hacks are done to provide low cost calling to immigrants calling back home. $20 bucks can buy you almost unlimited phone time to talk to your entire village back home.
Re: (Score:3, Insightful)
Re: (Score:3, Funny)
So, while illegally wiretapping citizen lines, the government *should* have been wiretapping itself...
Re: (Score:2)
The $12,000 is not that hard to believe given the following:
1. have you ever seen what the "regular" phone company charges for international calls? Why do you think that there is such a huge market for things like Skype and the "International Phone Cards" you see in every gas station here in SC?
2. Many countries' phone companies add charges to the phone calls, and of course the phone companies pass those back to the customer. Why should it cost more to call Japan than to call China? It does, because the Jap
Re: (Score:3, Interesting)
Its quite possible the person who broke into the PBX also sold the information on how to make 'free' calls to wherever which would result in multiple people accessing it simultaneously thus making it possible to rack up $12,000+ in very short periods of time.
Re: (Score:2)
Also, in many hacking cases the quoted damages include the cost of hiring someone to patch the security vulnerability. I'm sure that in this situation that is also true; i.e., that $12,000 is a $500 phone bill and a $11,500 consultant fee.
-b