I love a bit of internet piracy as much as the next person, but Sydney man Evan McMahon took it a bit too far. He was sentenced to a 2 year and 2 month intensive correction order and 200 hours community service for operating three "account generator" websites: HyperGen, Autoflix, and AccountBot. Evan used a technique called credential stuffing to find accounts on Netflix, Spotify, and Hulu and then sold access to those accounts to other people for a fraction of the price of a legit account. The FBI tipped off the AFP about Evan back in March 2019. Up until then Evan received over $680,000 via multiple PayPal accounts running these sites.
An IT system called Horizon used by UK post offices has been blamed for at least 39 wrongful criminal charges against workers accused of stealing money. According to the judge, "defendants were prosecuted, convicted and sentenced on the basis that the Horizon data must be correct, and cash must therefore be missing, when in fact there could be no confidence as to that foundation". The post office saw an accounting error on the computer and instead of investigating it, just charged an innocent worker with theft, ruining their life. Since 1999, 736 people were prosecuted based on evidence generated by Horizon. An additional 22 cases to the 39 cleared last week are under review.
Apple has been sued by two separate groups in the US, both taking issue with purchases made on iTunes and the App Store. The first case reckons Apple is misleading people when using the word "buy" on iTunes content, as Apple can (and has) made content unavailable at its discretion. The judge in this case didn't like Apple's argument that "no reasonable consumer would believe" that buying something off iTunes means it will be available indefinitely, so this issue will be debated. The other case is to do with what happens to all that content you buy linked to an Apple ID (in this scenario, over US$24,000 worth) when an Apple ID is shitcanned. Is it fair you can't access stuff you paid for when your account is terminated?
Minutes before Biden was inaugurated as US President earlier this year, AS8003 began announcing huge chunks of IP addresses belonging to the US Department of Defense that have been private for decades. By mid-April over 175 million unique IPv4 addresses were now "public" on the internet - making the US DoD the biggest AS (collection of IP addresses belonging to a single entity) in the world. To make this story even weirder is that the Pentagon chose an unknown company, Global Resource Systems LLC, to be the name attached this valuable resource. Yesterday, The Washington Post got a response from the Pentagon about what's going on - apparently this is a "pilot effort" to "assess, evaluate and prevent unauthorized use of DoD IP address space".
📻 Loose Change - Hotel
😎 The Sizzle is curated by Anthony "@decryption" Agius and emailed every weekday afternoon.
💬 Did you know that The Sizzle has a Slack group? Join in and chat with other subscribers like you.
💳 Paid subscriber looking to manage your billing info? Visit the customer portal.
The Sizzle is created on Wathaurong land and acknowledges the traditional owners of country throughout Australia, recognising their continuing connection to land, water and community. I pay my respect to them and their cultures and to elders both past and present.