Global Nerdy

The good news: Tampa Bay is the location of one of the biggest high-tech stories of the year!

The bad news: It’s because the breach that everyone calls the “Twitter Hack,” in which several verified accounts were used to scam people out of an estimated $100,000 in a single day, has been traced to a 17 year-old Tampa resident named Graham Ivan Clark. His story has been published in the New York Times article, From Minecraft Tricks to Twitter Hack: A Florida Teen’s Troubled Online Path.

The scam

The scam involved hijacking the Twitter accounts of celebrities, politicians, businesspeople, and other “blue check” people and using them to post tweets like the one below:

It didn’t matter that offers to “double your money” from Jeff Bezos, Barack Obama, Kanye West, and Kim Kardashian were simply too good to be true, even with the appeal of “giving back” to help ameliorate the suffering caused by COVID-19. Enough people with enough disposable income to invest in cryptocurrency were fooled.

The exploit

In order to pull off the scam, he would need access to these “blue check” accounts. There are a handful of ways to do it:

1. With Twitter, you can log in with your username (which is publicly known) and a password. A weak password — that is, one that’s easily guessed, or one of those lazy passwords that too many people use — makes for an easy target. This might work for accessing one or two accounts, but not for a lot of them.
2. Exploiting some weakness in Twitter’s software or infrastructure to gain access to their system. In spite of the stories you hear about hackers, this is a high-effort, low probability-of-success scenario.
3. Social engineering: Fooling or intimidating the people who run, administer, or maintain a system in order to get them to let you into that system, or provide enough useful information to do so.

The initial reports indicate that Clark took the social engineering route and convinced someone at Twitter that he was a fellow employee, and as a result, got access to a customer service portal. Vice’s Motherboard posted some redacted screenshots of what this portal:

This shouldn’t be all that surprising — the human element is often the most “hackable” part of a system:

In the end, this scam is best described as “high-concept, low-skill.” In fact, the way they went about it has been described as “extremely sloppy.”

The Bitcoin addresses listed in the tweets turned out to be traceable to Coinbase accounts belonging to Clark’s accomplices, who registered them with their real driver’s licenses. One of them even did so from their home IP address, an amateur move that’s been a staple of computer heist movies and TV series since WarGames, and it was a key plot point in Hackers.

The NYT TLDR

You should read the New York Times piece on Clark, but if you want the highlights, here they are:

• He is 17 years old, a recent high school graduate, and he lived by himself.
• A Minecraft player since the age of 10, Clark became known as “as an adept scammer with an explosive temper who cheated people out of their money,” according to people who knew him.
• A former Minecraft friend said this of Clark: “I knew he really wanted money and he was never in the right mind-set. He would do anything for some money.” Another friend describes him this way: “He’d get mad mad. He had a thin patience.”
• Family life, as the NYT puts it: “Mr. Clark and his sister grew up in Tampa with their mother, Emiliya Clark, a Russian immigrant who holds certifications to work as a facialist and as a real estate broker. Reached at her home, his mother declined to comment. His father lives in Indiana, according to public documents; he did not return a request for comment. His parents divorced when he was 7.”
• In 2016, he played in Hardcore Factions — Minecraft with PvP and all the baggage that goes along with it — and built a YouTube audience while doing so. He also scammed fellow Minecraft players: “One tactic used by Mr. Clark was appearing to sell desirable user names for Minecraft and then not actually providing the buyer with that user name. He also offered to sell capes for Minecraft characters, but sometimes vanished after other players sent him money.”
• Under the handle “Open”, he gained a reputation for being “a scammer, a liar, a DDOSer”:

• Of course, he eventually migrated to Fortnite.
• Around the same time, he joined the OGUsers forum. The NYT: “His OGUsers account was registered from the same internet protocol address in Tampa that had been attached to his Minecraft accounts, according to research done for The Times by the online forensics firm Echosec.” On OGUsers, he also disappointed customers by failing to meet his end of the bargain after being paid.
• Want to guess where in Tampa he lives? The NYT posted this photo of his apartment. Let’s see if any of you have good satellite image/map image search-fu:

(My guess is Wesley Chapel, judging from the architecture, artificial lake, and the availability of “stroads” in which to open up the throttle on his BMW. What do you think?)

• He moved from Minecraft to Bitcoin.
• He was also into SIM swapping, again to relieve victims of their cryptocurrency. Last year, he was involved in the theft of almost $900K worth of Bitcoin, when hackers SIM swapped the phone of a Seattle tech investor. By doing so, they gained access to several of the investor’s accounts. Clark was one of them. Despite being caught by the Secret Service, he wasn’t arrested because he was a minor.
• He made enough money to live in an apartment by himself, drive a BMW 3 series, maintain an expensive gaming setup, and own a gem-encrusted Rolex.

Local news could use some local techie help

In my old home town of Toronto, whenever a story like this broke out, the local news stations went to the tech community to get background information. I was often one of those community members consulted:

Unfortunately, there isn’t such an arrangement here in Tampa, so local news’ coverage has had me rolling my eyes. I suppose it made for some good entertainment:

Maybe we Tampa Bay techies need to get on their radar and become go-to people for information when stories like this arise.

At the very least, local news should have The Undercroft on speed dial to provide some much-need background info and context when the story’s about a system being compromised.

Hello, Tampa Bay techies, entrepreneurs, and nerds! Welcome to the weekly list of online-only events for techies, entrepreneurs, and nerds based in an around the Tampa Bay area.

Keep an eye on this post; I update it when I hear about new events, it’s always changing. Stay safe, stay connected, and #MakeItTampaBay!

Monday, August 3

• Tampa Bay Tech Career Advice Forum — Monday Coffee Talks @ 9:00 AM to 10:00 AM
• North Port Toastmasters Meets Online!! @ 6:30 PM to 8:00 PM
• South Tampa Toastmasters — Kick Start Your Week Every Monday night Zooming with People Who Inspire! @ 7:00 PM to 8:15 PM

Tuesday, August 4

• Tampa bay Agile — v-Lean Coffee @ 7:30 AM to 8:30 AM
• Venice Area Toastmasters Club #5486 @ 7:30 AM to 9:00 AM
• Clearwater Renaissance Speakers Toastmasters @ 12:00 PM to 1:00 PM
• Tampa Bay Tech Career Advice Forum — LinkedIn 101 @ 3:00 PM to 4:30 PM
• Young Professionals of Tampa Bay Networking Group — Speed Networking, Virtual Style ~You’ll Still get to meet in small groups! @ 5:00 PM to 7:00 PM
• Agile Mindset Book Club — Collaboration Explained by Jean Tabaka, Book Club Discussion (4 parts) @ 6:00 PM to 7:00 PM
• cYbor Security Meetup — How to be a Ghost- OPSEC for Researchers (Classified Series) @ 6:00 PM to 8:00 PM
• WordPress St Pete Meetup @ 6:30 PM to 8:30 PM
• Tampa Hackerspace —  THS Member Meeting @ 7:00 PM to 8:00 PM

Wednesday, August 5

• Tampa Bay Connections — Business over Breakfast Tampa Bay @ 7:30 AM to 9:00 AM
• IIBA Tampa Bay — Lunch and Learn Series: Part 1: Dashboards and Robots @ 11:30 AM to 12:30 PM
• Heart of Agile Weekly Coffee Corner @ 12:30 PM to 1:45 PM
• Network After Work Tampa – Networking Events — New Media Marketing Trends 2020 @ 2:00 PM to 4:00 PM
• Tampa Bay Agile — SM Guild-DevOps @ 6:00 PM to 8:00 PM
• Tampa Bay Business Intelligence and Data Analytics — Monthly Meeting – Getting Started with Databricks (Virtual) @ 6:00 PM to 8:00 PM
• Tampa Writers Alliance — Flash Fiction Contest (submissions no later than July 21st) @ 6:30 PM to 8:30 PM
• Tampa Hackerspace — Using the Expert II LX Vinyl Cutter @ 7:00 PM to 9:00 PM
• Carrollwood Toastmasters Meetings now conducted Online using Zoom @ 7:00 PM to 8:30 PM

Thursday, August 6

• Disrupt the Bay (discount code: NOLIMIT) @ Thursday 9:00 AM to Friday 2:00 PM
• Dynamic Talks: Tampa — [Webinar] Interpretable ML for Enterprise Applications @ 11:00 AM to 12:00 PM
• Tampa Bay Tech Career Advice Forum — The Job Seekers Lunch Hour @ 12:00 PM to 1:30 PM
• Sarasota Speakers Exchange Toastmasters @ 12:00 PM to 1:00 PM
• Network After Work Tampa – Networking Events — Powerful Speaking Made Simple: Show Up Powerfully and Command the Room @ 2:00 PM to 3:00 PM
• Tampa Tech and Beer — Change adoption in a rapidly evolving marketplace @ 5:00 PM to 6:00 PM
• Tampa Bay Investors & Traders — Stocktwits Meetups — Winning Wall Streets Money with Stocks, Futures, Options, Forex, Cryptocurrency @ 6:30 PM to 8:00 PM
• GREY MATTERS: The Forum For Open Minds @ 6:30 PM to 8:30 PM

Friday, August 7

• USA Windows Virtual Desktop User Group — USAWVDUG: An introduction to Windows Virtual Desktop Spring Update @ 12:00 PM to 2:00 PM
• Tampa Bay Tech Career Advice Forum — Make the Most out of Working with Recruiters @ 3:00 PM to 4:30 PM

Saturday, August 8

• Nerd Night Out — NNO Book Club: Beasts of Extraordinary Circumstance @ 1:00 PM to 3:00 PM
• Tampa-Orlando Software QA/DEV Meetup — Mock Interviews with Hiring Managers for Software QA Positions @ 2:00 PM to 4:00 PM
• Thinkful Webinar | Intro to Data Science: Python Fundamentals @ 4:00 PM to 6:00 PM

Sunday, August 9

No tech, entrepreneur, or nerd events have been listed for this date…yet!

Do you have an upcoming event that you’d like to see on this list?

If you know of an upcoming event that you think should appear on this list, please let me know!

Join the mailing list!

If you’d like to get this list in your email inbox every week, enter your email address below. You’ll only be emailed once a week, and the email will contain this list, plus links to any interesting news, upcoming events, and tech articles.

Join the Tampa Bay Tech Events list and always be informed of what’s coming up in Tampa Bay!

The Suncoast Developers Conference, a free online conference for developers organized by Suncoast Developers Guild, happens this Saturday, August 1st, from 10:00 a.m. to 3:00 p.m.! Register here to join in on the geeky fun.

The conference will be made of bite-size (15 minutes or shorter!) presentations by Tampa Bay techies and demos of capstone projects by Suncoast Developers Guild alums. Here’s the schedule, which is subject to update:

Time	Presentation
10:00 a.m.	Opening ceremony (Suncoast Developers Guild) Badges? We don’t need no stinkin’ badges! (Jason L Perry) Will it Scale? (Robert Bieber)
11:00 a.m.	Demo: Smash Bros Combo (Kento Kawakami) Your Friendly Neighborhood Type System (Dylan Sprague) Demo: Evolution X (Cody Banks & Abtahee Ali) The Rubber Duck Pal Program (Daniel Demerin)
12:00 p.m.	Furry Friends (Colter Lena) Demo (Trent Costa) Don’t Crash! CSS-Modules in React (Dylan Attal) How to start your own Coding Podcast 101 (Vincent Tang)
1:00 p.m.	Pull Requests, and the Developers Who Love Them (Michele Cynowicz) Demo: Rollerblade Buyers Guide (Abe Eveland) Post Bootcamp Reflections: Rebuilding my capstone in React Native (Liz Tiller) Create games, visual novels, and fast food dating sims (and learn programming) with Ren’Py! (Joey deVilla)
2:00 p.m.	Demo (Rob Mack) “You do belong here” and other affirmations and ways to beat imposter syndrome. (Michael Traverso) A Taste Of Docs As Code (Kat Batuigas)

Once again, it’s free-as-in-beer (and not free-as-in-mattress) to attend, and all you need is an internet connection! Register here.

Since opening their doors in the summer of 2018, Suncoast Developers Guild’s coding school has graduated over 100 students, and before that, they taught people to code in their previous incarnation as the Tampa Bay branch of The Iron Yard.

In another life, I was a developer evangelist who travelled across North America and I saw tech scenes from Palo Alto to Peoria. I can tell you that one of the signs of a healthy tech community in a small- to medium-sized city is a coding school that acts as a social/technical/gathering place. If your city had one, things were looking up for local techies. If not, it was a safe bet that the place was experiencing a brain drain.

Here in Tampa Bay, Suncoast Developers Guild fills that vital role, and it does so spectacularly. They’re a key part of the heart and soul of tech in the area, and it shows in their efforts, such as events like this.

Thanks, Suncoast Developers Guild! I’ll see you on Saturday!

Here’s the TLDR:

• What: An online workshop where Tampa Bay’s best-known tech lawyer and IP attorney, Brent C.J. Britton, will talk about the intellectual property issues surrounding hackathons.
• When: Tonight! As in Thursday, July 30th, 2020, from 6:00 to 7:30 p.m.
• How/Where: This Zoom meeting.

Let’s face it: The purpose of many (but not all) hackathons — even if it’s not the primary purpose — is to promote one or more tech company’s wares or services, or to act as a scouting exercise to find new talent. This is especially true when a hackathon is organized or sponsored by a for-profit company and especially when they encourage or require you to use one of their products, services, or APIs.

What if you participate in a hackathon held by a for-profit company and your idea is a really good one? Who owns it?

This workshop will be led by Brent C.J. Britton, local IP/techie lawyer, and generally the first guy I run to when I face some kind of intellectual property issue (and yes, I have, when a copyright troll was getting up in my business).

Check it out tonight!

Here’s Brent’s bio:

Brent Britton is the only graduate of the prestigious MIT Media Lab to become a lawyer. Brent holds degrees from the University of Maine, the The Media Lab at the Massachusetts Institute of Technology, and Boston University School of Law. He is Managing Partner for the Tampa office at De La Pena & Holiday LLP, where he advises companies on emerging business and technology law, intellectual property, complex commercial transactions.

 

Brent is the author of Ownability, How Intellectual Property Works and one of the most interesting and entertaining speakers in the Tampa Bay area on Startups, IP and related matters. He is recommended on Linkedin by a futurist as: “Visionary, pragmatic, insightful and full of life with a capital L”.