Samy Kamkar
Encyclopedia
Samy Kamkar is a security researcher, possibly best known for creating the Evercookie
and the MySpace
worm Samy (XSS)
, as well as his discovery that the Apple iPhone
, Google Android and Microsoft Windows Phone
mobile devices transmit GPS and Wi-Fi information to their parent companies.
, the first self-propagating cross-site scripting worm, onto MySpace
. The worm carried a payload
that would display the string "but most of all, Samy is my hero" on a victim's profile. When a user viewed that profile, they would have the payload planted on their page. Within just 20 hours of its October 4, 2005 release, over one million users had run the payload, making Samy the fastest spreading virus of all time. The worm caused MySpace to crash. Kamkar pled guilty to a felony charge of computer hacking in Los Angeles Superior Court, and he agreed to not use a computer for three years. Since 2008, Kamkar has been doing independent computer security research and consulting.
, a cookie that "apparently cannot be deleted".
Evercookie
Evercookie is a JavaScript-based application which produces zombie cookies in a web browser that are intentionally difficult to delete.-Background:A traditional HTTP cookie is a relatively small amount of textual data that is stored by the user's browser...
and the MySpace
MySpace
Myspace is a social networking service owned by Specific Media LLC and pop star Justin Timberlake. Myspace launched in August 2003 and is headquartered in Beverly Hills, California. In August 2011, Myspace had 33.1 million unique U.S. visitors....
worm Samy (XSS)
Samy (XSS)
Samy was an XSS worm developed to propagate across the MySpace social-networking site. At the time of release, it gained significant media attention....
, as well as his discovery that the Apple iPhone
IPhone
The iPhone is a line of Internet and multimedia-enabled smartphones marketed by Apple Inc. The first iPhone was unveiled by Steve Jobs, then CEO of Apple, on January 9, 2007, and released on June 29, 2007...
, Google Android and Microsoft Windows Phone
Windows Phone
Windows Phone is a mobile operating system developed by Microsoft, and is the successor to its Windows Mobile platform, although incompatible with it. Unlike its predecessor, it is primarily aimed at the consumer market rather than the enterprise market...
mobile devices transmit GPS and Wi-Fi information to their parent companies.
Samy Worm
In 2005, Kamkar released the Samy wormSamy (XSS)
Samy was an XSS worm developed to propagate across the MySpace social-networking site. At the time of release, it gained significant media attention....
, the first self-propagating cross-site scripting worm, onto MySpace
MySpace
Myspace is a social networking service owned by Specific Media LLC and pop star Justin Timberlake. Myspace launched in August 2003 and is headquartered in Beverly Hills, California. In August 2011, Myspace had 33.1 million unique U.S. visitors....
. The worm carried a payload
Payload (software)
Payload in computing is the cargo of a data transmission. It is the part of the transmitted data which is the fundamental purpose of the transmission, to the exclusion of information sent with it solely to facilitate delivery.In computer security, payload refers to the...
that would display the string "but most of all, Samy is my hero" on a victim's profile. When a user viewed that profile, they would have the payload planted on their page. Within just 20 hours of its October 4, 2005 release, over one million users had run the payload, making Samy the fastest spreading virus of all time. The worm caused MySpace to crash. Kamkar pled guilty to a felony charge of computer hacking in Los Angeles Superior Court, and he agreed to not use a computer for three years. Since 2008, Kamkar has been doing independent computer security research and consulting.
Evercookie
In 2010, Kamkar released EvercookieEvercookie
Evercookie is a JavaScript-based application which produces zombie cookies in a web browser that are intentionally difficult to delete.-Background:A traditional HTTP cookie is a relatively small amount of textual data that is stored by the user's browser...
, a cookie that "apparently cannot be deleted".