AusCERT Facebook photo hack may be a test case

By on
AusCERT Facebook photo hack may be a test case

A brute force attack which guessed Facebook URLs may be a breach of Commonwealth and State computer crime laws.

An incident at the AusCERT conference where Facebook photos were taken from a user profile without authorisation and published may be a test case for Commonwealth and state computer crime laws, according to Queensland Police.

In a presentation at the BSidesAu conference held in tandem with AusCERT, an IT security expert siphoned personal photographs from a private Facebook account of the wife of another IT security professional.

Police responded to a complaint of an “alleged hacking incident that saw private material obtain” and arrested Fairfax journalist Ben Grubb at the AusCERT conference. 

Police also seized the journalist’s iPad.

Responding to questions by SC Magazine today, Detective Superintendent Brian Hay said that the incident could be considered a test case for computer crimes laws.

“We are investigating issues of that nature,” Hay said. “Some aspects of it can most certainly be a test case. It is fair to say that jurisdictions are coming to grips with cyber based investigations.”

The exploit presentation was designed to demonstrate a well-known vulnerability in Facebook in which URL addresses linking to photographs in a profile set to private were obtained in a brute force style attack.

While the attack did not crack usernames or passwords, it may have contravened Commonwealth and State computer crime laws which outlaw unauthorised access to electronic files, police said.

The Commonwealth Criminal Code Act states that “access to data held in a computer… by a person is unauthorised if the person is not entitled to cause that access, modification or impairment.”

Other laws also prevent use of a telecommunications carriage service to harass or menace.

The accessed photos may be considered a proceed of crime.

Speaking of the avenues of investigation, Hay said “other actions have been put in place”.

 “We may have people out there that think it is their right to do this. The reality is the online environment is an extension of the community.”

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

You must be a registered member of iTnews to post a comment.
| Register

Poll

How should the costs of Australia's piracy scheme be split?
Rights holders should foot the whole bill
50/50
ISPs should foot the whole bill
Government should chip in a bit
Other
Flash is heading towards its grave, and that's...
Great! Good riddance
Sad! Flash had some good qualities
Irrelevant. I don't care
What's Flash?
View poll archive

Whitepapers from our sponsors

What will the stadium of the future look like?
What will the stadium of the future look like?
New technology adoption is pushing enterprise networks to breaking point
New technology adoption is pushing enterprise networks to breaking point
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
The next era of business continuity: Are you ready for an always-on world?
The next era of business continuity: Are you ready for an always-on world?

Log In

Username:
Password:
|  Forgot your password?