Build Date: Sun Mar 30 15:40:58 2025 UTC

It may be just an opinion, but it's mine.
-- Miss Conduct

Egghead emails internet hoax

by Pao Tzu

2001-01-08 20:57:12

Pao Tzu: On The Beat

egghead.com frightens millions of users with credit card fraud hoax.

Dec 23, 2000 - egghead.com emails customers about hacker intrusion
...
...
(two weeks pass)
Jan 8, 2001 - egghead.com reports no credit card data stolen

For two weeks customers of this popular electronic retailer worried that their credit card numbers had been stolen. Rumours spread quickly to message boards where scores of newbies claimed they had been charged $10 by a telecom company in Moscow, Russia as a result of the egghead hack. Cnet, ZDnet, thestreet, and all the other lame shit corporate news sites speculated that egghead had lost its entire 3.7 million (or 3.5 million, or 2.7 million, depending on the article & publisher) credit card number + address + shipping address database.

An anti-egghead site, eggheadsucks.com, posted speculations that the 40-bit ssl encryption egghead.com uses for authentication was too weak. Let us examine this fully. If the system was accessed by knowing a 40-bit key, then that would be equivalent to a "password" of about 6 random characters. This is only about a trillion possibilities. The cost of decrypting such long codes would have cost upwards of a million dollars as recently as 1995, but I am confident that this has fallen to around $25,000 or the equivalent of a few hacked boxes.

Anyone who has experimented with RC5 cracking knows that it is always possible to get people to volunteer their CPU cycles to crack cipher keys. DES, a 56-bit code, was easily cracked. DES is 65536 times as strong as 40-bit. The only browsers that still max out at 40-bit encryption are old fucked up windows 3.1 versions of Netscape and IE. An argument could be made that this was exactly who egghead.com was catering to. With computer hardware being among the top commodities purchased over the internet, it is entirely reasonable to assume that some percentage of egghead.com customers were using some oldschool, barely ssl-capable version of Netscape or IE, which they were running on a $50 486 they purchased directly from egghead.com.

To make matters worse, the only reason cipher code is limited to 40-bit is because of bunk ass laws in the U.S. about the export of secure cryptography. The U.S. government even took Phil Zimmerman to court over the RSA encryption. The excuse the U.S. makes is what if the Cali Cartel, Iraq, and Bin Laden had 4K RSA encryption, there might be Heroin or Cocaine selling in the U.S. and nuclear bombs being traded using encrypted usenet messages. Well, fuck that, anyone who has ever done cocaine or crack knows that it is not all that bad. Just as anyone who has ever used encryption probably has scores of disks that they can't even decrypt because they lost the disk with the GPG key on it.

To top it all off, EGGS stock is at an all-time low, selling for well under a dollar a share. Nobody knows who to blame, eggs for sucking, hackers for being too sneaky, or customers for being so stupid as to trust a company with their credit card information. The real culprit is the grand puppeteer of all evil, the USA.

Over. End of Story. Go home now.

ixian@pigdog.org

T O P   S T O R I E S

Net Flotsam

Net Flotsam

California Glory Hole attracts huge crowds

by Baron Earl

A glory hole at Napa's Lake Berryessa is drawing huge crowds. According to Chris Lee, the general manager for the Solano County Water Agency, the glory hole hasn't been active since 2019, and only restarted operations on Feb 4. (More...)

Police State Chronicles

Police State Chronicles

Republican State Senator busted after soliciting a teenage girl

by Baron Earl

Republican State Senator Justin Eichorn of Minnesota was arrested for soliciting a teen girl on Monday just hours after he introduced a bill proposing "Trump derangement syndrome" (TDS) as a form of mental illness. (More...)

Virus in America

Virus in America

Parents claim measles is not that bad after having only one child die

by Baron Earl

The parents of a Texas girl who died from the measles are defending their decision not to vaccinate their daughter. "She says they would still say 'Don't do the shots,'" an unidentified translator for the parents said. "They think it’s not as bad as the media is making it out to be." (More...)

-tarded

-tarded

Delusional rich man tries to fire town staff

by Baron Earl

"I'm mayor now" said write-in mayoral candidate and founder of Pirate’s Booty Snacks Robert Ehrlich after losing the election for Mayor of Sea Cliff, NY. Then he tried to take over the Village Hall and fire everyone. (More...)

Billionaire Assholes

Billionaire Assholes

Musk claims Xitter security is staffed by idiots

by Baron Earl

Earlier this month Xitter experienced a massive outage. In an interview, Musk told Fox Business that he believes the attack came from "IP addresses originating in the Ukraine area." (More...)

Special Ideas

Special Ideas

The Future Ain't What It Used To Be

by Flesh

Ideas have taken horrifying shape and rooted into our modern reality. (More...)

Spam Assassin - a mail filter to identify spam

C L A S S I C   P I G D O G

AfterAction

After Action Reports

High Availability Guinness Stress Test

by El Snatcher

All too often we forget the incredible depth of technology behind the weekly ritual of TNiPN@*. We tend to only become aware of the strategy of High Available Guinness (HAG) when it rises to the forefront during a complete and utter venue failure. Yet we should all be super grateful that this system exists. (More...)

snatcherworld

SnatcherWorld

Deep Inside Linus Torvalds

by El Snatcher

Ratsnatcher gets HOT HOT HOT in this classic road tale that looks at the steamy underworld of Bay Area Linux advocacy. Loosen your collar for this one! (More...)

cambodia

Pigdog in Cambodia

Clowns Take on God in Mysterious Annual Ceremony

by Oliver Green

Last Sunday's (the 6th) Grimaldi Service at a small church in East London was a red-letter day for clowns worldwide. About a hundred old-school red-nosed clowns made the sombre trip to darkest Dalston to pay their respects to clowns who died in the last year and to thank God for the gift of laughter in a bizarre ceremony presided over by the eccentric Reverend Clown Roly, resplendent in a garish red lumberjack shirt with oversized gold lapels. (More...)

on_the_beat

Pao Tzu: On The Beat

A Different Shade of Clone

by Pao Tzu

A Blast from the Past! Pao Tzu goes over and under the crucial variables in the production and consumption of Salvia Divinorum. A must read for psychonauts of all stripes. (More...)

viva_la_musica

Viva La Musica

Brother Wayne Lays Down the Truth

by Flesh

Flesh interviews Wayne Kramer of MC5. (More...)

Space

Space, the Final Frontier

Interviewing the SETIguy

by Siduri

Pigdog brings you SETI astronomer Seth Shostak to bring you the truth about Ay-leens (More...)

Quickies

Baron Earl

SpaceX Has Finally Figured Out Why Starship Exploded, And The Reason Is Utterly Embarrassing

El Destino

'Star Trek TNG Theme, but the theme is coming from the Enterprise-D

El Destino

Devo is coming to Oakland in 2025

El Destino

Hell as a cheery vintage Hollywood musical

El Destino

JD Vance adviser posted on Reddit for years about use of cocaine, ‘gas station heroin,’ other drugs

El Destino

Half a century later, DEVO does an NPR "Tiny Desk Concert"

El Destino

Whatever happened to Fry's Electronics?

El Destino

Turkeys Terrorize NASA Research Center In Mountain View

El Destino

An AI-generated "sad girl with piano" performs the text of the MIT License as a song

El Destino

US intelligence officer finally explains Roswell: secret flying U.S. balloons for monitoring Soviet nuclear tests
More Quickies...

Main | Authors | Categories | Features | Columns | Reviews | Interviews | Archives | Search | Feedback | RSS

Main | Authors | Categories

Features | Columns | Reviews | Interviews

Archives | Search | Feedback | RSS

Copyright © 1998-2025 Pigdog Journal