What Could Hacker Do To The JW.Org Site?

by frankiespeakin 22 Replies latest social current

  • tootired2care
    tootired2care

    Once I took a bit of time and did a response header sniff, and examined their browser code and discovered they are using nginx for their proxy. Nginx does indeed have exploits, just sayin'

  • 88JM
    88JM

    personal records, lists of paedophile reports etc...

    None of that stuff will be anywhere near the JW.org website database - at the very least in some kind of firewalled intranet.

  • frankiespeakin
    frankiespeakin

    I don't know, maybe an exJW might do it for sport, a joke, cause excitement, and what not, but I don't see any money making possiblities unless some one paid for the hacking services.

    The Hacker could make a screen message come up on thier hacked site saying something like this:

    "The Man Of Lawlessness has taken over the Governing Body/Faithful&Discreet Slave and soon will start selling Kingdom Halls and branches we are calling on the faithful to Jehovah to resist such by any legal means and not give in to any strong arm tactic by the Antichrist which has gained legal control over the Governing Body to eventually sell off all Kingdom Halls to pay off Child Molestation Lawsuits".

    Or make a List of all the child molestation lawsuits that the JW can click on to verify instead of the usual nonsense found on the site.

    Or some other type of message.

  • Simon
    Simon

    Many of the suggestions of what people would like to see or do are actually illegal and would hand the WTS an easy victory ... so please don't do them!

  • frankiespeakin
    frankiespeakin

    I don't think there are any hackers on this site, I'm just thinking of possibilities, without any intention of actually doing it. But realitically someone with hacking ability and suffering from shunning it might be tempting to get back at them in some way.

    BTW what type of legal action could the Watchtower Corporation take against a hacker of thier site? I guess it all depends on what country they are living in and how malicious the hacking.

    http://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act

    The Computer Fraud and Abuse Act (CFAA) [1] was enacted by Congress in 1986 as an amendment to existing computer fraud law (18 U.S.C. § 1030), which had been included in the Comprehensive Crime Control Act of 1984. It was written to clarify and increase the scope of the previous version of 18 U.S.C. § 1030 while, in theory, limiting federal jurisdiction to cases "with a compelling federal interest-i.e., where computers of the federal government or certain financial institutions are involved or where the crime itself is interstate in nature." (see "Protected Computer", below). In addition to clarifying a number of the provisions in the original section 1030, the CFAA also criminalized additional computer-related acts. Provisions addressed the distribution of malicious code and denial of service attacks. Congress also included in the CFAA a provision criminalizing trafficking in passwords and similar items. [1]

    The Act has been amended a number of times—in 1989, 1994, 1996, in 2001 by the USA PATRIOT Act, 2002, and in 2008 by the Identity Theft Enforcement and Restitution Act....

    Protected computers [ edit ]

    The only computers, in theory, covered by the CFAA are defined as “protected computers”. They are defined under section 18 U.S.C. § 1030(e)(2) to mean a computer:

    • exclusively for the use of a financial institution or the United States Government, or any computer, when the conduct constituting the offense affects the computer's use by or for the financial institution or the Government; or
    • which is used in or affecting interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States...

    In practice, any ordinary computer has come under the jurisdiction of the law, including cellphones, due to the inter-state nature of most internet communication. (See the case history, below).

    Criminal offenses under the Act [ edit ]

    (a) Whoever—

    (1) having knowingly accessed an computer without authorization or exceeding authorized access, and by means of such conduct having obtained information that has been determined by the United States Government pursuant to an Executive order or statute to require protection against unauthorized disclosure for reasons of national defense or foreign relations, or any restricted data, as defined in paragraph y. of section 11 of the Atomic Energy Act of 1954, with reason to believe that such information so obtained could be used to the injury of the United States, or to the advantage of any foreign nation willfully communicates, delivers, transmits, or causes to be communicated, delivered, or transmitted, or attempts to communicate, deliver, transmit or cause to be communicated, delivered, or transmitted the same to any person not entitled to receive it, or willfully retains the same and fails to deliver it to the officer or employee of the United States entitled to receive it;
    (2) intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains—
    (A) information contained in a financial record of a financial institution, or of a card issuer as defined in section 1602 (n) [1] of title 15, or contained in a file of a consumer reporting agency on a consumer, as such terms are defined in the Fair Credit Reporting Act (15 U.S.C. 1681 et seq.);
    (B) information from any department or agency of the United States; or
    (C) information from any protected computer;
    (3) intentionally, without authorization to access any nonpublic computer of a department or agency of the United States, accesses such a computer of that department or agency that is exclusively for the use of the Government of the United States or, in the case of a computer not exclusively for such use, is used by or for the Government of the United States and such conduct affects that use by or for the Government of the United States;
    (4) knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period;
    (5)
    (A) knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer;
    (B) intentionally accesses a protected computer without authorization, and as a result of such conduct, recklessly causes damage; or
    (C) intentionally accesses a protected computer without authorization, and as a result of such conduct, causes damage and loss.
    (6) knowingly and with intent to defraud traffics (as defined in section 1029) in any password or similar information through which a computer may be accessed without authorization, if—
    (A) such trafficking affects interstate or foreign commerce; or
    (B) such computer is used by or for the Government of the United States;
    (7) with intent to extort from any person any money or other thing of value, transmits in interstate or foreign commerce any communication containing any—
    (A) threat to cause damage to a protected computer;
    (B) threat to obtain information from a protected computer without authorization or in excess of authorization or to impair the confidentiality of information obtained from a protected computer without authorization or by exceeding authorized access; or
    (C) demand or request for money or other thing of value in relation to damage to a protected computer, where such damage was caused to facilitate the extortion [2]

    Specific sections [ edit ]

  • Apognophos
    Apognophos

    Even if someone put up a message like that on the site, I don't think it would do any good. JWs would just click off the site in horror that apostates had infiltrated it. They probably wouldn't learn anything from the message. I don't see any good at all that would come from hacking it.

  • insidetheKH
    insidetheKH

    my guess is that they have faced a good number of cyber attacks already

  • cultBgone
    cultBgone

    Simon is right. anyone hacking the site would only serve to prove their persecution.

    Better to go after their shunning and pedophile-protecting policies in the media and legal systems.

  • frankiespeakin
    frankiespeakin

    I was just wondering about how much time a month the individual Governing Body spend looking through their Corporation's web site? Less than 5 minutes every six months is my guess.

  • Apognophos
    Apognophos

    Well, I imagine it varies by GB member. I noted in my RC summary thread that Loesch could not even say the site's address correctly. One day he said gw.org and the next he said "the j w dot web site", forgetting the "org". Somehow I doubt that he looks at the site unless a GB helper brings it up on a tablet for him to see something. More likely they would just show him the video on a projector, obviating the need to visit the site at all. The young guy, Sanderson, on the other hand, I could see visiting it fairly often.

Share this

Google+
Pinterest
Reddit