| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4E85F10A.2090803@oneechan.org> Date: Fri, 30 Sep 2011 11:40:42 -0500 From: Laurelai <laurelai@...echan.org> To: full-disclosure@...ts.grok.org.uk Subject: Re: VPN provider helped track down alleged LulzSec member -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 9/30/2011 9:46 AM, Paul Schmehl wrote: > IOW, there is no honor among thieves. > > This isn't a new concept. > > --On September 30, 2011 3:31:06 PM +0100 Darren Martyn > <d.martyn.fulldisclosure@...il.com> wrote: > >> By screw you over I did not intend to mean "sell you out". I meant a more >> criminal fucking over - where they backdoor the box (Hey, physical access >> and its THEIR server) and steal your criminal assets... i.e. steal, say, >> your formgrabber data (and keep it), jack your botnet, etc... SOme of >> them guys do just that. The domain "khant.info" used to be a "free botnet >> service" where one could use Khant's servers to run a botnet. It was >> marketed toward script kiddies, and after a few short months he ran off >> with their bots and their money :) >> >> Just an example of how common it is for a "bulletproof host" or such to >> fuck you over. >> >> >> On Thu, Sep 29, 2011 at 2:56 PM, xD 0x41 <secn3t@...il.com> wrote: >> >> >> User location determines Judicial Jurisdiction - how is that irrelevant? >> >> it is NOT atall.. he is kidding himself.. >> I already said just ONE country where i could happily commit crimes, in >> the usa or uk from, and thru, panama. >> simple as that, they wont execute crap unless you commit fraud etc, on >> theyre home. >> cheers. >> xd >> >> >> >> >> >> >> On 29 September 2011 23:54, Louis McCoy <louie@...landlighthouse.com> >> wrote: >> >> >> User location determines Judicial Jurisdiction - how is that irrelevant? >> >> >> On 9/29/2011 9:27 AM, Benji wrote: >> >> No, you are wrong. >> >> >> Either; the vpn provider complied with court order, or they face the >> legal ramifications of not doing so. User location is irrelevant. >> >> >> On Thu, Sep 29, 2011 at 2:04 PM, xD 0x41 <secn3t@...il.com> wrote: >> >> >> indeed :) >> but, it is how a proper anon person would operate, well, tht is how i >> once did... >> anyhow, it is to broad, and, yes, i qwould never believe in bulletproof, >> unless i have used it maybe, for 10yrs, thru 10 botnets ;P wich, is very >> rare but funnily, possible. >> webhosters, are even more corrupt and better at hiding data.. face it, >> if the vpn provider had not shat themself, then it would be a non story. >> >> >> >> >> >> >> On 29 September 2011 23:00, Benji <me@...ji.com> wrote: >> >> >> 'Abuse' emails and court orders are very different. >> >> >> On Thu, Sep 29, 2011 at 1:59 PM, xD 0x41 <secn3t@...il.com> wrote: >> >> >> err, you are limited in those countries dude... id really checkup on that >> ... maybe some but, yea i agree, i dont think any hosting is anon, but, i >> sure know i have kept an anon dedis in past, and was VERY easy to avoid >> handing anything over. Unless they had personally seized from my company, >> i was allowed to basically get away with, and if i want to, again, could >> do the same 'anonymously' and, indeed keep those details, away. >> it is not frigin hard dude, where did Yyou get the idea, that is not >> hard to move a user around boxes :P >> and rename them, etc etc etc, always change ipv6 tunnels... there is >> somany ways, you obv have not ran a dedicated server in a company >> environment coz boi, they hide nets on legit hostin now, legit >> apparently* companies...and they do it using those simple means, and, >> even show logs of them 'removing and deleting' files of the apprent 'bad >> user' , this is, a whole different level than even needing to deal with >> cops.. so, you are scared too much by laws wich can be smokescreened. >> Run a dedis, or simply ask a admin, howmany abuse they get, and howmany >> users they actually rm ;) >> you would want this service, on your vps ? >> i surely wouldnt,. i know, with me, if i offer anon, you stay damn anon, >> if you bring cops to MY HOUSE, then i may have to try and, simply keep my >> darn data secure ey ? >> how about that ? >> simple methods, defeat simple plans benji. >> xd >> >> >> >> >> >> On 29 September 2011 22:53, Benji <me@...ji.com> wrote: >> >> >> Yes they do. If you buy a server in America for example, even if you are >> located in Russia, they are required by federal law to hand over your >> details wherever you may reside. I dont know where you've obtained this >> idea that they can't. >> >> >> Just because something is advertised as 'anonymous' doesnt mean it's 'so >> anonymous you can break the law' and anyone using a EU/US-related country >> to do this is either stupid or naive. >> >> >> On Thu, Sep 29, 2011 at 1:50 PM, xD 0x41 <secn3t@...il.com> wrote: >> >> >> They advertised as anonymous VPN to 'everyone'. >> Then, that would mean, especially NOT locally, thats something wich is >> also, subject to federal laws though so, in its own country, the provider >> may have to, nomatter whats advertised, BUT outside of country customers, >> should not be handed over. >> isp's here dont do it, and havent, for like 20 yrs, they also do not >> take down people,issue nor execute other peoples 'takedown orders', there >> is many reasons for this but basically, they loose money from it. >> Anyhow, in UK, you maybe right, but outside of there, then, they should >> have maybe not advertised as anononymous vpn services for everyone and >> anyone. thats obvious crap we know now. >> anyhow, cheers, >> xd >> >> >> >> >> >> On 29 September 2011 22:45, Benji <me@...ji.com> wrote: >> >> >> Im sorry, why is it 'worrying' that a vpn provider that was a UK business >> and was located in the UK, is subject to UK law? >> >> >> >> >> >> On Thu, Sep 29, 2011 at 9:51 AM, Darren Martyn >> <d.martyn.fulldisclosure@...il.com> wrote: >> >> >> Again, I hope this does not fail to send. >> The reasoning behind the "Pure Elite" recruitment channel was A: to >> recruit some talented people (and, by all accounts, there were some >> talented programmers there) and B: development and idle talk. Now more >> interesting was the reasoning behind the name - by putting the developers >> and coders and potential recruits in a channel named "Pure Elite", it was >> essentially an ego boost for the new guys, made them feel valued, etc, >> when in fact most were but pawns to be used (IMHO). >> >> This co-operation between VPN providers and LEO, while being nothing new >> - remember how hushmail caved in - is indeed worrying for those of us who >> are privacy advocates as well as security researchers. >> >> On a more direct note, Laurelei, do not presume that you know all there >> is to know about them. Doing so would be foolish. (Now don't go assuming >> that I hate you, I bear you bugger all ill-will, etc). >> Good day. >> >> >> >> >> On Wed, Sep 28, 2011 at 5:44 AM, Laurelai Storm <laurelai@...echan.org> >> wrote: >> >> >> >> Its all good dude. What really concerns me is that vpn providers might >> give over logs to oppressive regemes. TOR is starting to look better and >> better. >> >> >> On Sep 27, 2011 11:40 PM, "GloW - XD" <doomxd@...il.com> wrote: >> > never did... was only for one buttcheek kid that i was alittle pissed >> and >> > thinking things wich, prolly were wrong at the time... >> > I am adult enough to apologise for what happened back then, and >> hopefully it >> > is just, cool. >> > :) >> > cheers, your loved by many, you just have many trollers to :sp >> > take care , >> > xd >> > >>> >>> On 28 September 2011 14:32, Laurelai Storm <laurelai@...echan.org> wrote: >> > >>>> Im suprised, someone on the internet who *doesn't * hate me :p >> >> On Sep 27, 2011 11:29 PM, "GloW - XD" <doomxd@...il.com> wrote: >> >> > Hello Laurelai , >> >> > Oh i agree it is still a terrible precedent to be set.. I dont even >> know >> >> > where, legally, i stand anymore... >> >> > It is rather disturbing, nomatter WHO it was laurela. >> >> > I am all for the hatred against the VPN provs, and this is not just >> >> > happening here, and i made a BIG statement about this, and privacy, >> in my >> >> > channel on efnet, first as i saw it. >> >> > >> >> > Then saw a torrentfreak feed,of someone who was an owner of a huge >> >> torrent >> >> > site, was handed to authorities, not by the hoster, no... but by the >> >> > frigging payment handler, ie paypal or alertpay most likely. >> >> > >> >> > This is not good, it makes a grey could now over what is 'anon' and >> what >> >> > isnt. and thats a bad thing for us all. >> >> > To much fraud is causing this, thats plain and simple.Abusing >> places like >> >> > Sony, and, major banks, only make the authorities turn to politics, >> whom >> >> in >> >> > turn can bully with federal and state laws of ANY country, i think >> this >> >> is >> >> > the dangerous part wich is affecting lulzsec members or whoever was >> apart >> >> of >> >> > it, and, i mean efnet is no recruiting grounds for decent hkrs. >> >> > Simple as that, you know it, maybe thru word of mouth ok, but not >> alone >> >> by >> >> > being in channels but that network, is one federal hideout >> now..and, that >> >> is >> >> > every channel, if it is not being spied (yea they have a module >> >> > m_spychannel.c or similar, wich, they actually had without >> realising, >> >> asked >> >> > a friend, to code for them. >> >> > This was rejected by me/her,but i believe they have the module >> running >> >> now. >> >> > So, what was to stop them adding theyre own hidden spy mode to it >> :s look >> >> at >> >> > what they did to my old channel #haqnet, they introduced drinemon >> and a >> >> > bunch of other things, when it could have been simply worked out >> with >> >> > words.. but anyhow, i will not brood on the past, i hope this is >> mutual >> >> > Laurelai, I have nothing bad to say about you, and in turn, expect >> the >> >> same. >> >> > Respect for respect dear. >> >> > I do agree with you about the situation and, as you can see, am not >> >> holding >> >> > 9undisclosed) crappy things wich happened along time ago, over one >> >> idiotic >> >> > kid, on efnet, whom now i know you do not associate with. So, i want >> >> that, >> >> > to be laid rest now.. please. >> >> > And, we can only hope that the greater common sense will prevail and >> >> > hopefully, places will be forced to proove anonymity in some way, >> wether >> >> > that be by showing people email interaction with requester's of >> peoples >> >> > info, or anything simple even, wich would be then a standard for >> VPN, I >> >> do >> >> > not use them but, if i bought anonymous vpn, id expect exactly >> >> that,without >> >> > political interaction and grey areas about who and what is now >> legal and >> >> not >> >> > legal on the internet, on chatrooms, and on even websites. >> >> > ok, thats plenty, cheers! >> >> > xd >> >> > >> >> > >> >> > On 28 September 2011 13:41, Laurelai <laurelai@...echan.org> wrote: >> >> > >> >> >> On 9/27/2011 10:10 PM, sandeep k wrote: >> >> >> >> >> >> Lolz members was really insane ,i m not why to use that crapy hma. >> >> >> On Sep 27, 2011 8:36 PM, "Ferenc Kovacs" <tyra3l@...il.com> wrote: >> >> >> > yeah, and usually the same goes for calling others "kids" ;) >> >> >> > >> >> >> > On Tue, Sep 27, 2011 at 10:30 PM, GloW - XD <doomxd@...il.com> >> wrote: >> >> >> >> #pure-elite , rofl... yes indeed :P >> >> >> >> hehe... nice story tho...funny about the elite channel thing... >> why >> >> do >> >> >> ppl >> >> >> >> tag themselves as elite? usually when they are not... >> >> >> >> ohwell, thats efnut :s (irc sucks) >> >> >> >> xd >> >> >> >> >> >> >> >> >> >> >> >> On 27 September 2011 19:03, Darren Martyn >> >> >> >> <d.martyn.fulldisclosure@...il.com> wrote: >> >> >> >>> >> >> >> >>> Hope this sends correctly, new email client and all... But >> seeing as >> >> it >> >> >> is >> >> >> >>> an international investigation many people have been bending >> over >> >> >> backwards >> >> >> >>> to assist LEO on this. HMA and perfect privacy were the VPN's >> of >> >> choice >> >> >> for >> >> >> >>> them it would appear, oh, and he was part of the #pure-elite >> channel >> >> on >> >> >> that >> >> >> >>> IRC server, and hence, considered by LEO and others as "Part of >> >> >> LulzSec". >> >> >> >>> >> >> >> >>> TL;DR, this is nothing new. >> >> >> >>> >> >> >> >>> On Tue, Sep 27, 2011 at 6:53 AM, Laurelai Storm < >> >> laurelai@...echan.org >> >> >> > >> >> >> >>> wrote: >> >> >> >>>> >> >> >> >>>> And the guy wasnt even a part of lulzsec >> >> >> >>>> >> >> >> >>>> On Sep 26, 2011 10:37 PM, "Jeffrey Walton" >> <noloader@...il.com> >> >> >> wrote: >> >> >> >>>> > On Mon, Sep 26, 2011 at 8:47 PM, Ivan . <ivanhec@...il.com> >> >> wrote: >> >> >> >>>> >> >> >> >> >>>> >> >> >> >> >> >> >> http://www.h-online.com/security/news/item/VPN-provider-helped-track-down >> -alleged-LulzSec-member-1349666.html >> >> >> >>>> > Though HMA claims they complied with a court order, it >> looks as >> >> if >> >> >> >>>> > they facilitated a law enforcement request. The US and the >> FBI >> >> have >> >> >> no >> >> >> >>>> > jurisdiction in the UK. >> >> >> >>>> > >> >> >> >>>> > Jeff >> >> >> >>>> > >> >> >> >>>> > _______________________________________________ >> >> >> >>>> > Full-Disclosure - We believe in it. >> >> >> >>>> > Charter: >> http://lists.grok.org.uk/full-disclosure-charter.html >> >> >> >>>> > Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> >>>> >> >> >> >>>> _______________________________________________ >> >> >> >>>> Full-Disclosure - We believe in it. >> >> >> >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> >> >> >>>> Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> >>> >> >> >> >>> >> >> >> >>> _______________________________________________ >> >> >> >>> Full-Disclosure - We believe in it. >> >> >> >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> >> >> >>> Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> >> >> >> >> >> >> >> >> >> _______________________________________________ >> >> >> >> Full-Disclosure - We believe in it. >> >> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> >> >> >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> >> >> >> >> > >> >> >> > >> >> >> > >> >> >> > -- >> >> >> > Ferenc Kovács >> >> >> > @Tyr43l - http://tyrael.hu >> >> >> > >> >> >> > _______________________________________________ >> >> >> > Full-Disclosure - We believe in it. >> >> >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> >> >> > Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> >> >> >> >> >> >> _______________________________________________ >> >> >> Full-Disclosure - We believe in it. >> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> >> >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> >> >> >> >From my understanding they used the channel as a possible >> recruitment >> >> >> ground, though only 6 people were officially a part of lulzsec , i >> find >> >> it >> >> >> disturbing that law enforcement considers being in an irc channel >> >> tantamount >> >> >> to being a part of lulzsec. >> >> >> >> >> >> _______________________________________________ >> >> >> Full-Disclosure - We believe in it. >> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> >> >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> >> >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> > > > Providers that steal other peoples hacks don't last long in the underground. People take that personally :) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJOhfEJAAoJEMtrOhzH8m1pIlAP/1lt7/q+VKEC80I8LrYbaqFn wiGYUZCzUims6wZ5hXJ2nSx42jVIeTnlNNIiOwcMHRY9GBWLnbSp6C7xbF1CugiX NGlEQJc4ssFNL5Q2WwbVgl6sxbHs9ZTFZrWGZx6rNJKxvRIjZA2nkuottkioizL4 cEIGwSs+1H3GY8CV5PdHXdikJ+jsVGrmo7x8cwD/FoTMXRc+AjaGA3jsV5fp8627 B6Ev6Zq6dHJIdpUMRe1j6U2BmjgtXgMvwq1FdO11+0rO97YWFWqfgQG/xCPZi1rg oZ2sT8HdKOIapJ3PtpWKXJAM+BgVJ/8UWDJOVsLTt9ojQ8n9hukEt5rv4ECtHZLu M8rNsU1k+ko4ggFLKYnr7BcbOLnXNyX098eXuELF1te001Y0tt6DAJ5cps6ILZzK AHj+CVxdLTh2SUOPk1gLJZVySwPhb7SxB2c9wd9lwN4RwzfzoidaIQUrMVcZCPdt zfW5C1HOY0qZmwyLWUlFvrZminQzsoH52O+1Fdc2g8s2dIQIt19lqBKgJg8U6SWV SmUimy2FZQRt0MnGhc27PmeP7D4cfoTu5H0wde5vsfw95O1QGTLoOatsGDYKXIUN t69NAH/twUk1/izc/m399Ns4Q/mfOQ8bpnRw6pcTBtNOiBboED2u2JxP0Ez3IFet Wnp8xsGfe7ftX8Go/My+ =5IuM -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists