Someone apparently really doesn’t like Justin Bieber. The teen pop sensation had several of his YouTube videos “hacked” yesterday. The perpetrators injected hate speech into the videos as well as information (FALSE!) claiming that Justin had died in a car accident. There were also redirects to external adult sites and other nefarious places.

YouTube has been forced to fix the flaw, which originated in the comments section. The hackers placed executable code strings into the comments of targeted videos which ran when people watched the clip. YouTube parent company Google said that the problem was fixed within two hours of its discovery. “We took swift action to fix a cross-site scripting (XSS) vulnerability on the site.” a spokesperson said. “Comments were temporarily hidden by default within an hour, and we released a complete fix for the issue in about two hours.”

Cross-site scripting (XSS) vulnerabilities are relatively simple attacks that allow hackers to place code into web pages. On YouTube, the script kiddies used JavaScript and HTML – two commonly-used coding languages found on web pages. In most cases, the code was harmless. However, it was used to deliver links and redirects to questionable websites in some instances. Considering the age group of the population who watch Justin Bieber videos, I feel this was a pretty sick way of exposing kids to things they shouldn’t be seeing.

It takes a seriously unbalanced and immature group of people to do this.

Justin Bieber YouTube Videos Hacked

Yesterday, I stood on the side of Goatse Security and white-hat hackers everywhere. While I still remain on that side of the fence, many people are quickly re-aligning themselves. The hacker known on Goatse Security as “weev” was arrested today on several drug-related charges after the FBI showed up at his home with a search warrant. No details have been released about the search warrant itself, or whether it was related to the AT&T mess.

Andrew Auernheimer was found to have cocaine, ecstasy, LSD, and schedule 2 and 3 pharmaceuticals in his possession. He faces four felony charges of possession of a controlled substance and one misdemeanor possession charge, and is being held in the Washington County Detention Center located in Fayetteville, Arkansas.

Things like this are why many people roll their eyes at the mention of white-hat hackers. Only those who really know their security stuff tend to stand behind them unconditionally. Take a look around the web today at how many people are completely blasting this young man and his team over the AT&T security breach – laying the blame completely in his court. This is exactly what the folks at AT&T were hoping for… something that would shift the blame away from them.

White-hat hackers are those who spend their time looking for security flaws in websites, programs and even hardware. They make a comprehensive case and then approach the company(ies) involved. In this instance, it needs to be noted once again that Weev did NOT go public with what he had learned until AFTER AT&T had resolved the issue. Had a malicious hacker identified this problem, they would have never notified AT&T, Gawker or anyone else. They would have simply had a field day with the treasure-trove of information at their fingertips.

Should Andrew be in trouble for the drugs found in his home? Abso-freaking-lutely! However, I still maintain that he is not the one that should be blamed for the massive security breach on AT&Ts website. THEY caused the problem. Andrew discovered it and did his part to help fix it.

Goatse Security Hacker Arrested on Drug Charges

It astounds me to see all of the fingers being pointed at Goatse Security this morning. Several prominent blogs are backtracking today in light of the FBI investigation. When this security hole was first brought to light last week, most people agreed that the folks at Goatse were great guys for identifying and publicizing this exploit – one that could have had some serious effects had it gone unnoticed. Today, however, I’m seeing people quietly wondering how soon these white hat hackers will be punished.

In my opinion, the fingers should be pointing directly at AT&T. They are the people who allowed the iPads to be breached to begin with. If it weren’t for white hat hackers, many thousands of security holes on devices would go undiscovered – until the bad type of hackers found them. If anything, people like those at Goatse Security should be rewarded and applauded for what they do. Their team didn’t set out to hurt anyone. They had a suspicion and investigated. It’s not their fault they were right. It’s also not their fault that AT&T then took several days to even communicate the problem to their customers.

TechCrunch only gives out their Crunchie award during their annual ceremony. However, they have decided to award one now to Goatse Security for their work in this investigation. Even if you don’t like the name of the security team, you have to admit (once you read everything about this mess) that what they did was the right thing to do.

AT&T is a huge company. Perhaps they’re hoping to use that fact in order to shift the blame to someone else (namely Goatse Security) for something they should have found and fixed themselves? I’m glad to see that they plan to “cooperate fully” with the FBI investigation. At the end of the day, it’s the communications conglomerate who should be left holding the bag.

iPad Security Breach: Who Should be in Trouble?

According to research conducted at both Facebook and LinkedIn, an increasing number of people have job descriptions that include the word “ninja” in the title. Both sites have in-house researchers who look at all of the junk that is posted on their respective sites and then try to make sense of it. That is a job I definitely wouldn’t want to have.

According to the chief scientist for LinkedIn, “From 2002 to 2007, there was an increase in job titles using the word “ninja” to designate a position requiring a high level of skill. “Evangelist” and “guru” were other titles that rose during the same period, although guru has since dropped in popularity.” Perhaps someone who decides they are the newest social media god (or goddess) will now call themselves a “Social Media Ninja.” Ohhh I know! Maybe Gordon Ramsay is a Kitchen Ninja!”

Are you a ninja?

• Is the Canadian Harmonized Sales Tax a trap?
• Have you downloaded anything from Steam for your Mac yet?
• Seattle’s Hotel Max is a 2010 SoMe award winner.
• Does Diskeeper HyperFast for SSD actually work?
• What’s so bad about greed?
• Grab a pillow to write all of your messages on.
• Will the iPhone 4.0 operating system include Facebook functionality?
• Criminal hackers are having the best year of their lives.
• What are your thoughts about school bullying?
• Are you interested in bees?
• After a long wait, Microsoft Office 2010 has been released.
• Do Macbooks hold their resale value over time?
• The iPad Wi-Fi issues will be addressed in a software update.
• Another iPhone prototype has been found.
• What utilities or apps for Ubuntu are the best?
• What type of headphones do you prefer?
• The Twitterific iPad app lets users upload media with ease.
• Hard drive performance is dropped significantly with noise.
• Genes involved in coloring our eyes have been discovered and identified.

You don’t have to be a ninja to grab the latest software and apps we’ve been able to find for you.

Are You a Ninja?

I read an interesting post on Lockergnome today, written by my friend Ron. Ron cites a study that shows that only about 18% of teens today write in a blog. Only about 8% of them are Twitter users. However, about 55% regularly take part in other social networks, such as MySpace.

The original study claims that perhaps the low blogging percentage is due to the fact that teens are secretive by nature. They don’t want the world to know what they’re up to. If that were the case, then how do you explain all of the information overload on their MySpace pages? Ron brings up an excellent point of his own: when adults and parents show up, teens tend to withdraw.

With so many adults blogging these days, does it stand to reason that could be why our kids are not? Do they not want to be like us? Could they fear our reading what they are doing? What are your thoughts on this?

Ron’s article is excellent, and brings up much food for thought. There were also any number of other great things posted in our little corner of the world today. I hope you were able to read some of it!

• Is Microsoft really doomed to fail, as some people like to believe?
• When you come to a fork in your life’s road, how do you know which way to go?
• New testing methods may detect some types of cancer even earlier.
• Comcast rebadges a bad idea as Xfinity.
• Syncing your iPhone ringtones isn’t as difficult as it appears to be.
• If you’re in the market for a GPS system, Amazon has some amazing deals right now.
• Hackers buy and sell your accounts and information, so beware.
• Teens are becoming more of a target audience for tech evangelists.
• If you have more than one computer, do you actually use them all?
• Will Chrome be your next browser?
• Could eBay really be telling their members not to contact them?
• What was the first video game you ever remember playing?
• AppRats brings YouTube integration to Facebook.
• Steve Wozniak complained, but no one listened.

Don’t forget to stop by our Downloads and Software Center to find deals on the hottest software, applications and games!

Are Adult Bloggers Ruining it for Kids?

Online advertising is so pervasive that most people barely glance at it. Advertising has become part of the Internet landscape. One way that advertisers are hoping to stir interest is to put their advertising on social network sites like Facebook and Twitter. For example, on Twitter, you would see someone you follow post a link. A click leads to advertising. This has been called in-stream advertising. It carries the weight of someone with whom you have some familiarity online, and it increases the chances that you will click and look at that link.

This type of advertising also provides hackers and criminals another way to access your computer. That person you follow online may have his/her account hacked and may be unknowingly serving up malicious links.

This is just one scheme to deliver malware to your computer. By the time this paragraph is read, there will be new means to spread malware. The daily news will trigger another flood of malware. There is no doubt that the criminals are fast and creative. There are big dollars to be had and easy targets to be found online.

That is why security programs are necessary for protecting your computer from these infections. We repeatedly urge our readers to protect themselves and inform their friends and family. Some of your friends and family may not have the slightest interest in computer security. Those are the people who become easy targets.

You may hear the argument from these people that they are careful online. However, no one can be vigilant 100% of the time. There are drive-by downloads that can install malware on your machine, without your even having to click a link. Sometimes, a person is just tired and errors are made. Hackers count on such errors and an absolutely necessary protection is an excellent security regime on your computer. You should have an anti-virus, a firewall, and at least one anti-spyware program running at all times. For an anti-spyware program, we are recommending SUPERAntiSpyware. We have an excellent deal for you that offers real time protection:

SUPERAntiSpyware has real-time blocking of threats! Prevent potentially harmful software from installing or re-installing! First Chance Prevention examines over 50 critical points of your system each time your system starts up and shuts down to eliminate threats before they have a chance to infect and infiltrate your system.

The program offers much, much more and you can read about it at the links provided. SUPERAntiSpyware will detect and remove spyware, adware, malware, Trojans, dialers, worms, keyloggers, hijackers, rootkits, and many other types of threats. This program is easy to use and it is effective. SUPERAntispyware is being offered at a special rate for our readers. There is a ten dollar ($10.00) saving, until December 3, 2009.

This is a program that is highly recommended within the security community. People who work on these pages use it and recommend it, too. We use it. We need it and so do you. We are trying to make it as easy and as economical as possible for you to protect yourself and your computer.

Tempting You to Click

Cisco Systems uses this program. The Drug Enforcement Administration (USA) uses this program. The Exchange Bank uses this program. McCain Foods Limited uses this program. What program is it? It is Invisible Secrets, and the client list is impressive. Privacy and security are important to these companies and institutions – it is essential to computer protection. This is a preventative measure that individual computer users have to recognize because there is so much information on just one hard drive.

Not only is identity theft rampant, but there are things on the your home computer, work machine, or laptop that are simply private. You not only want protection from outside hackers, you want to safeguard against nosy friends, colleagues and family members.

Invisible Secrets 4 not only encrypts your data and files for safe keeping or for secure transfer across the Internet, it also hides them in places that on the surface appear totally innocent — such as picture or sound files or Web pages. These types of files are a perfect disguise for sensitive information. Using our file encryption software nobody — not even your wife, boss, or a hacker — would realize that your important papers or letters are stored in your last holiday pictures, or that you use your personal Web page to exchange messages or secret documents. With Invisible Secrets 4 file encryption software, you may encrypt and hide files directly from Windows Explorer and then automatically transfer them by email or via the Internet.

We have Invisible Secrets 4 available to our readers at a 40% discount.

Invisible Secrets works on Windows NT / 2000 / XP and Vista. This offer ends June 18th, 2009.

Here’s a question: Why isn’t this program standard on every laptop? With business laptops, government laptops, and personal laptops going missing every day, this security program should be on every portable machine, as well as desktop. This would be an enormous security step in the right direction for dealing with sensitive information that is breached and it would completely bypass the subsequent nightmare of paying for identity theft protection. It’s simple and it’s effective.

If you need large multiples of this program, please let us know. We will try to negotiate a good price for those companies that may need many copies for laptops holding those confidential files. For the individual user, think of the files, emails, pictures, passwords, and other bits of information that you don’t want people to access. That is exactly why we went after this privacy/security program for our readers… and our thanks to the Invisible Secrets people for this generous offer.

Protecting Your Privacy and Security

Add to iTunes | Add to YouTube | Add to Google | RSS Feed

Do you want to be a Certified Ethical Hacker?

I know you think you’re a “hacker” because you run scripts that someone else wrote, but… no. It takes a lot more skill than that. It takes education. In some cases, that education may have been attained through experience. Need a jump start?

Izea approached me and asked if I’d be interested in taking an ethical hacking course valued at $2,995. I said: “Sure, let me get my wallet. ARE YOU CRAZY?!” I’m not a security advisor, nor do I want a career in code. That would certainly be a small price to pay for training that could lead to bigger and better contracts if I happened to be in that line of work.

If you’ve ever called yourself a hacker (but weren’t anything more than a glorified script kiddie), here’s your chance to redeem yourself… at least, as far as certification is concerned. I’m not sure you can consider yourself a real hacker until you have the respect of your peers. Still, that shouldn’t keep you from attaining as much knowledge as you possibly can.

Okay, so what if I gave one of YOU access to the full ethical hacking course from EC-Council?

You’d have a chance to learn (or reinforce your understanding of) security fundamentals, penetration testing, computer forensics, disaster recovery, secure programming, and more. All you have to do to qualify for this giveaway is leave a valid comment as to why you’re deserving of it.

Remember that punctuation, usage, grammar, and spelling count – if you’re not willing to throw back a decent paragraph, what makes you think you’d be competent enough to handle such a course? So, give us your story.

Why should you become the next certified ethical hacker? Tell me why! Again, I’d request that you put a little thought into this. If you’re wanting this because of your current or future career, I do believe your reasons should reflect that passion!

Want to embed this video on your own site, blog, or forum? Use this code or download the video:

<object width="425" height="350"><param name="movie" value="http://www.youtube.com/v/fP3aIPKFWWU"></param><param name="wmode" value="transparent"></param><embed src="http://www.youtube.com/v/fP3aIPKFWWU" type="application/x-shockwave-flash" wmode="transparent" width="425" height="350"></embed></object><br /><a href="http://chris.pirillo.com/">Chris</a> | <a href="http://live.pirillo.com/">Live Tech Support</a> | <a href="http://media.pirillo.com/">Video Help</a> | <a href="http://feeds.pirillo.com/ChrisPirilloShow">Add to iTunes</a>

How to Become an Ethical Hacker

This is Rodrigo Anonimo’s submission for the HP Magic Giveaway. Feel free to leave comments for this article as you see fit – your feedback is certainly welcomed! If you’d like to submit your own how-to, what-is, or top-five list, you can send it to me. Views and opinions of this writer are not necessarily my own:

When you think about security, you probably think of your own physical security. There are other kinds of security that you should be concerned about. When you are working on the computer, your personal information can be at risk. You should be concerned about network security, and what can you do to protect yourself. In fact, your credit/debit card is part of some kind of Network. This article explains threats and solutions for a computer network.

Viruses are the first threat to be concerned with when using the Internet. A computer virus is a small application which is downloaded while you visit a web site, or can be embedded in something you download. There are different kinds of viruses, but the most common are Trojan horses and Worms. If you know about the Trojan horse back in history, you should know that it was a threat pretending to be a gift, and that’s what Trojan viruses are. The program claims to do one thing (it may claim to be a game) but instead does damage when you run it, such as corrupting your hard drive. Worms are like bacteria in the human body, and they can reproduce and pass themselves on to other people. The worms have the ability to copy and paste and pass themselves to other computers. A worm is the most risky virus in a network because it can spread to other computers, and make the network crash.

You may be asking yourself, who makes all of these things? People who make the viruses and other security threats call themselves hackers. There are two types of hackers, White Hat hackers and Black Hat hackers. A hacker is someone who modifies something that already exists, and makes changes to it. For example, they can do reverse engineering which allows them to modify an existent computer program to make it work better… or to completely trash it. When one is using the hacked program, their computer can completely crash or the program can spy on the infected computer. The same thing applies to computer hardware.

There are tons of securities tools, but none of them are one hundred percent secure. The best bet is to enable firewalls on your computer to protect yourself from hackers. You must also get an AntiVirus software, to protect yourself from the different types of Viruses. Be careful when you buy your AV software. Make sure you buy from a well-known brand of AV. Also – make sure you have a WPA password for your wireless network. This type of key is harder to crack/hack. The last thing to do is to make sure the operating system is up to date with all security patches and fixes.

You will never know if you are hundred percent secure, and any kind of security is not one hundred percent safe. Having a little knowledge of what dangerous threats can do for a computer can be very helpful.

Is Your Network Secure?

Confirmed Gnomedex Discussion Leader: Phil Torrone. Last year, “pt” was a smash hit. With his inter-presentation hacks, he quickly became the most popular geek at Gnomedex 5. More people went home talking about the hardware mods he demonstrated than we would have anticipated. With Gnomedex 6.0 being “a higher resolution,” we’re resolved to giving him a bit more time to explore his geekier side. If a physical product can be hacked, pt can hack it. If a physical product can’t be hacked, pt will find a way – and then share his knowledge with the rest of the world.

Phil Torrone