lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 4 Oct 2011 22:26:46 -0700
From: coderman <coderman@...il.com>
To: secn3t@...il.com
Cc: full-disclosure@...ts.grok.org.uk, Laurelai <Laurelai@...echan.org>
Subject: Re: VPN providers and any providers in general...

On Tue, Oct 4, 2011 at 9:04 PM, xD 0x41 <secn3t@...il.com> wrote:
> ...
> This is where, as i was saying... a shell owner/employee, could easily make
> any police run in circles simply trying to get a decent tap on something...

yeah, then they just take whole provider, e.g.:

"On Sept. 22nd, Microsoft filed for an ex parte temporary restraining
order from the U.S. District Court for the Eastern District of
Virginia against Dominique Alexander Piatti, dotFREE Group SRO and
John Does 1-22. The court granted our request, allowing us to sever
the known connections between the Kelihos botnet and the individual
“zombie computers” under its control. Immediately following the
takedown on Sept. 26th, we served Dominique Alexander Piatti, who was
living and operating his business in the Czech Republic, and dotFREE
Group SRO, with notice of the lawsuit and began discussions with Mr.
Piatti to determine which of his subdomains were being used for
legitimate business, "


short of it is basic =
 be a discerning customer.
- vpn providers that don't log are better than logging for any period
no matter how short.
- vpn providers that are technically competent are better than those
which will expose you through leaks or when cracked.
- vpn providers resistant to jurisdictional and payment processor
pressure are better than those using easily coerced services, third
parties, or vendors.
- no vpn provider is resistant to you being an ass. if you raise big
heat directly and exclusively on a VPN provider you are both stupid
and subject to them cutting your service if not dumping your logs.
this can be said another way: don't be stupid :)


the incompetent and twofaced should be exposed however. i hear
attrition.org likes to keep lists and name names ...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ