lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4E85F10A.2090803@oneechan.org>
Date: Fri, 30 Sep 2011 11:40:42 -0500
From: Laurelai <laurelai@...echan.org>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: VPN provider helped track down alleged
 LulzSec member


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
On 9/30/2011 9:46 AM, Paul Schmehl wrote:
> IOW, there is no honor among thieves.
>
> This isn't a new concept.
>
> --On September 30, 2011 3:31:06 PM +0100 Darren Martyn
> <d.martyn.fulldisclosure@...il.com> wrote:
>
>> By screw you over I did not intend to mean "sell you out". I meant a more
>> criminal fucking over - where they backdoor the box (Hey, physical access
>> and its THEIR server) and steal your criminal assets... i.e. steal, say,
>> your formgrabber data (and keep it), jack your botnet, etc... SOme of
>> them guys do just that. The domain "khant.info" used to be a "free botnet
>> service" where one could use Khant's servers to run a botnet. It was
>> marketed toward script kiddies, and after a few short months he ran off
>> with their bots and their money :)
>>
>> Just an example of how common it is for a "bulletproof host" or such to
>> fuck you over.
>>
>>
>> On Thu, Sep 29, 2011 at 2:56 PM, xD 0x41 <secn3t@...il.com> wrote:
>>
>>
>> User location determines Judicial Jurisdiction - how is that irrelevant?
>>
>> it is NOT atall.. he is kidding himself..
>> I already said just ONE country where i could happily commit crimes, in
>> the usa or uk from, and thru, panama.
>> simple as that, they wont execute crap unless you commit fraud etc, on
>> theyre home.
>> cheers.
>> xd
>>
>>
>>
>>
>>
>>
>> On 29 September 2011 23:54, Louis McCoy <louie@...landlighthouse.com>
>> wrote:
>>
>>
>> User location determines Judicial Jurisdiction - how is that irrelevant?
>>
>>
>> On 9/29/2011 9:27 AM, Benji wrote:
>>
>> No, you are wrong.
>>
>>
>> Either; the vpn provider complied with court order, or they face the
>> legal ramifications of not doing so. User location is irrelevant.
>>
>>
>> On Thu, Sep 29, 2011 at 2:04 PM, xD 0x41 <secn3t@...il.com> wrote:
>>
>>
>> indeed :)
>> but, it is how a proper anon person would operate, well, tht is how i
>> once did...
>> anyhow, it is to broad, and, yes, i qwould never believe in bulletproof,
>> unless i have used it maybe, for 10yrs, thru 10 botnets ;P wich, is very
>> rare but funnily, possible.
>> webhosters, are even more corrupt and better at hiding data.. face it,
>> if the vpn provider had not shat themself, then it would be a non story.
>>
>>
>>
>>
>>
>>
>> On 29 September 2011 23:00, Benji <me@...ji.com> wrote:
>>
>>
>> 'Abuse' emails and court orders are very different.
>>
>>
>> On Thu, Sep 29, 2011 at 1:59 PM, xD 0x41 <secn3t@...il.com> wrote:
>>
>>
>> err, you are limited in those countries dude... id really checkup on that
>> ... maybe some but, yea i agree, i dont think any hosting is anon, but, i
>> sure know i have kept an anon dedis in past, and was VERY easy to avoid
>> handing anything over. Unless they had personally seized from my company,
>> i was allowed to basically get away with, and if i want to, again, could
>> do the same 'anonymously' and, indeed keep those details, away.
>> it is not frigin hard dude, where did Yyou get the idea, that is not
>> hard to move a user around boxes :P
>> and rename them, etc etc etc, always change ipv6 tunnels... there is
>> somany ways, you obv have not ran a dedicated server in a company
>> environment coz boi, they hide nets on legit hostin now, legit
>> apparently* companies...and they do it using those simple means, and,
>> even show logs of them 'removing and deleting' files of the apprent 'bad
>> user' , this is, a whole different level than even needing to deal with
>> cops.. so, you are scared too much by laws wich can be smokescreened.
>> Run a dedis, or simply ask a admin, howmany abuse they get, and howmany
>> users they actually rm ;)
>> you would want this service, on your vps ?
>> i surely wouldnt,. i know, with me, if i offer anon, you stay damn anon,
>> if you bring cops to MY HOUSE, then i may have to try and, simply keep my
>> darn data secure ey ?
>> how about that ?
>> simple methods, defeat simple plans benji.
>> xd
>>
>>
>>
>>
>>
>> On 29 September 2011 22:53, Benji <me@...ji.com> wrote:
>>
>>
>> Yes they do. If you buy a server in America for example, even if you are
>> located in Russia, they are required by federal law to hand over your
>> details wherever you may reside. I dont know where you've obtained this
>> idea that they can't.
>>
>>
>> Just because something is advertised as 'anonymous' doesnt mean it's 'so
>> anonymous you can break the law' and anyone using a EU/US-related country
>> to do this is either stupid or naive.
>>
>>
>> On Thu, Sep 29, 2011 at 1:50 PM, xD 0x41 <secn3t@...il.com> wrote:
>>
>>
>> They advertised as anonymous VPN to 'everyone'.
>> Then, that would mean, especially NOT locally, thats something wich is
>> also, subject to federal laws though so, in its own country, the provider
>> may have to, nomatter whats advertised, BUT outside of country customers,
>> should not be handed over.
>> isp's here dont do it, and havent, for like 20 yrs, they also do not
>> take down people,issue nor execute other peoples 'takedown orders', there
>> is many reasons for this but basically, they loose money from it.
>> Anyhow, in UK, you maybe right, but outside of there, then, they should
>> have maybe not advertised as anononymous vpn services for everyone and
>> anyone. thats obvious crap we know now.
>> anyhow, cheers,
>> xd
>>
>>
>>
>>
>>
>> On 29 September 2011 22:45, Benji <me@...ji.com> wrote:
>>
>>
>> Im sorry, why is it 'worrying' that a vpn provider that was a UK business
>> and was located in the UK, is subject to UK law?
>>
>>
>>
>>
>>
>> On Thu, Sep 29, 2011 at 9:51 AM, Darren Martyn
>> <d.martyn.fulldisclosure@...il.com> wrote:
>>
>>
>> Again, I hope this does not fail to send.
>> The reasoning behind the "Pure Elite" recruitment channel was A: to
>> recruit some talented people (and, by all accounts, there were some
>> talented programmers there) and B: development and idle talk. Now more
>> interesting was the reasoning behind the name - by putting the developers
>> and coders and potential recruits in a channel named "Pure Elite", it was
>> essentially an ego boost for the new guys, made them feel valued, etc,
>> when in fact most were but pawns to be used (IMHO).
>>
>> This co-operation between VPN providers and LEO, while being nothing new
>> - remember how hushmail caved in - is indeed worrying for those of us who
>> are privacy advocates as well as security researchers.
>>
>> On a more direct note, Laurelei, do not presume that you know all there
>> is to know about them. Doing so would be foolish. (Now don't go assuming
>> that I hate you, I bear you bugger all ill-will, etc).
>> Good day.
>>
>>
>>
>>
>> On Wed, Sep 28, 2011 at 5:44 AM, Laurelai Storm <laurelai@...echan.org>
>> wrote:
>>
>>
>>
>> Its all good dude. What really concerns me is that vpn providers might
>> give over logs to oppressive regemes. TOR is starting to look better and
>> better.
>>
>>
>> On Sep 27, 2011 11:40 PM, "GloW - XD" <doomxd@...il.com> wrote:
>> > never did... was only for one buttcheek kid that i was alittle pissed
>> and
>> > thinking things wich, prolly were wrong at the time...
>> > I am adult enough to apologise for what happened back then, and
>> hopefully it
>> > is just, cool.
>> > :)
>> > cheers, your loved by many, you just have many trollers to :sp
>> > take care ,
>> > xd
>> >
>>>
>>> On 28 September 2011 14:32, Laurelai Storm <laurelai@...echan.org>
wrote:
>> >
>>>> Im suprised, someone on the internet who *doesn't * hate me :p
>> >> On Sep 27, 2011 11:29 PM, "GloW - XD" <doomxd@...il.com> wrote:
>> >> > Hello Laurelai ,
>> >> > Oh i agree it is still a terrible precedent to be set.. I dont even
>> know
>> >> > where, legally, i stand anymore...
>> >> > It is rather disturbing, nomatter WHO it was laurela.
>> >> > I am all for the hatred against the VPN provs, and this is not just
>> >> > happening here, and i made a BIG statement about this, and privacy,
>> in my
>> >> > channel on efnet, first as i saw it.
>> >> >
>> >> > Then saw a torrentfreak feed,of someone who was an owner of a huge
>> >> torrent
>> >> > site, was handed to authorities, not by the hoster, no... but by the
>> >> > frigging payment handler, ie paypal or alertpay most likely.
>> >> >
>> >> > This is not good, it makes a grey could now over what is 'anon' and
>> what
>> >> > isnt. and thats a bad thing for us all.
>> >> > To much fraud is causing this, thats plain and simple.Abusing
>> places like
>> >> > Sony, and, major banks, only make the authorities turn to politics,
>> whom
>> >> in
>> >> > turn can bully with federal and state laws of ANY country, i think
>> this
>> >> is
>> >> > the dangerous part wich is affecting lulzsec members or whoever was
>> apart
>> >> of
>> >> > it, and, i mean efnet is no recruiting grounds for decent hkrs.
>> >> > Simple as that, you know it, maybe thru word of mouth ok, but not
>> alone
>> >> by
>> >> > being in channels but that network, is one federal hideout
>> now..and, that
>> >> is
>> >> > every channel, if it is not being spied (yea they have a module
>> >> > m_spychannel.c or similar, wich, they actually had without
>> realising,
>> >> asked
>> >> > a friend, to code for them.
>> >> > This was rejected by me/her,but i believe they have the module
>> running
>> >> now.
>> >> > So, what was to stop them adding theyre own hidden spy mode to it
>> :s look
>> >> at
>> >> > what they did to my old channel #haqnet, they introduced drinemon
>> and a
>> >> > bunch of other things, when it could have been simply worked out
>> with
>> >> > words.. but anyhow, i will not brood on the past, i hope this is
>> mutual
>> >> > Laurelai, I have nothing bad to say about you, and in turn, expect
>> the
>> >> same.
>> >> > Respect for respect dear.
>> >> > I do agree with you about the situation and, as you can see, am not
>> >> holding
>> >> > 9undisclosed) crappy things wich happened along time ago, over one
>> >> idiotic
>> >> > kid, on efnet, whom now i know you do not associate with. So, i want
>> >> that,
>> >> > to be laid rest now.. please.
>> >> > And, we can only hope that the greater common sense will prevail and
>> >> > hopefully, places will be forced to proove anonymity in some way,
>> wether
>> >> > that be by showing people email interaction with requester's of
>> peoples
>> >> > info, or anything simple even, wich would be then a standard for
>> VPN, I
>> >> do
>> >> > not use them but, if i bought anonymous vpn, id expect exactly
>> >> that,without
>> >> > political interaction and grey areas about who and what is now
>> legal and
>> >> not
>> >> > legal on the internet, on chatrooms, and on even websites.
>> >> > ok, thats plenty, cheers!
>> >> > xd
>> >> >
>> >> >
>> >> > On 28 September 2011 13:41, Laurelai <laurelai@...echan.org> wrote:
>> >> >
>> >> >> On 9/27/2011 10:10 PM, sandeep k wrote:
>> >> >>
>> >> >> Lolz members was really insane ,i m not why to use that crapy hma.
>> >> >> On Sep 27, 2011 8:36 PM, "Ferenc Kovacs" <tyra3l@...il.com> wrote:
>> >> >> > yeah, and usually the same goes for calling others "kids" ;)
>> >> >> >
>> >> >> > On Tue, Sep 27, 2011 at 10:30 PM, GloW - XD <doomxd@...il.com>
>> wrote:
>> >> >> >> #pure-elite , rofl... yes indeed :P
>> >> >> >> hehe... nice story tho...funny about the elite channel thing...
>> why
>> >> do
>> >> >> ppl
>> >> >> >> tag themselves as elite? usually when they are not...
>> >> >> >> ohwell, thats efnut :s (irc sucks)
>> >> >> >> xd
>> >> >> >>
>> >> >> >>
>> >> >> >> On 27 September 2011 19:03, Darren Martyn
>> >> >> >> <d.martyn.fulldisclosure@...il.com> wrote:
>> >> >> >>>
>> >> >> >>> Hope this sends correctly, new email client and all... But
>> seeing as
>> >> it
>> >> >> is
>> >> >> >>> an international investigation many people have been bending
>> over
>> >> >> backwards
>> >> >> >>> to assist LEO on this. HMA and perfect privacy were the VPN's
>> of
>> >> choice
>> >> >> for
>> >> >> >>> them it would appear, oh, and he was part of the #pure-elite
>> channel
>> >> on
>> >> >> that
>> >> >> >>> IRC server, and hence, considered by LEO and others as "Part of
>> >> >> LulzSec".
>> >> >> >>>
>> >> >> >>> TL;DR, this is nothing new.
>> >> >> >>>
>> >> >> >>> On Tue, Sep 27, 2011 at 6:53 AM, Laurelai Storm <
>> >> laurelai@...echan.org
>> >> >> >
>> >> >> >>> wrote:
>> >> >> >>>>
>> >> >> >>>> And the guy wasnt even a part of lulzsec
>> >> >> >>>>
>> >> >> >>>> On Sep 26, 2011 10:37 PM, "Jeffrey Walton"
>> <noloader@...il.com>
>> >> >> wrote:
>> >> >> >>>> > On Mon, Sep 26, 2011 at 8:47 PM, Ivan . <ivanhec@...il.com>
>> >> wrote:
>> >> >> >>>> >>
>> >> >> >>>> >>
>> >> >>
>> >>
>> http://www.h-online.com/security/news/item/VPN-provider-helped-track-down
>> -alleged-LulzSec-member-1349666.html
>> >> >> >>>> > Though HMA claims they complied with a court order, it
>> looks as
>> >> if
>> >> >> >>>> > they facilitated a law enforcement request. The US and the
>> FBI
>> >> have
>> >> >> no
>> >> >> >>>> > jurisdiction in the UK.
>> >> >> >>>> >
>> >> >> >>>> > Jeff
>> >> >> >>>> >
>> >> >> >>>> > _______________________________________________
>> >> >> >>>> > Full-Disclosure - We believe in it.
>> >> >> >>>> > Charter:
>> http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> >>>> > Hosted and sponsored by Secunia - http://secunia.com/
>> >> >> >>>>
>> >> >> >>>> _______________________________________________
>> >> >> >>>> Full-Disclosure - We believe in it.
>> >> >> >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> >>>> Hosted and sponsored by Secunia - http://secunia.com/
>> >> >> >>>
>> >> >> >>>
>> >> >> >>> _______________________________________________
>> >> >> >>> Full-Disclosure - We believe in it.
>> >> >> >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> >>> Hosted and sponsored by Secunia - http://secunia.com/
>> >> >> >>
>> >> >> >>
>> >> >> >> _______________________________________________
>> >> >> >> Full-Disclosure - We believe in it.
>> >> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >> >> >>
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > --
>> >> >> > Ferenc Kovács
>> >> >> > @Tyr43l - http://tyrael.hu
>> >> >> >
>> >> >> > _______________________________________________
>> >> >> > Full-Disclosure - We believe in it.
>> >> >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> > Hosted and sponsored by Secunia - http://secunia.com/
>> >> >>
>> >> >>
>> >> >> _______________________________________________
>> >> >> Full-Disclosure - We believe in it.
>> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >> >>
>> >> >> >From my understanding they used the channel as a possible
>> recruitment
>> >> >> ground, though only 6 people were officially a part of lulzsec , i
>> find
>> >> it
>> >> >> disturbing that law enforcement considers being in an irc channel
>> >> tantamount
>> >> >> to being a part of lulzsec.
>> >> >>
>> >> >> _______________________________________________
>> >> >> Full-Disclosure - We believe in it.
>> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >> >>
>> >>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>>
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>>
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>>
>>
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>>
>>
>
>
>
Providers that steal other peoples hacks don't last long in the
underground. People take that personally :)
 
 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
 
iQIcBAEBAgAGBQJOhfEJAAoJEMtrOhzH8m1pIlAP/1lt7/q+VKEC80I8LrYbaqFn
wiGYUZCzUims6wZ5hXJ2nSx42jVIeTnlNNIiOwcMHRY9GBWLnbSp6C7xbF1CugiX
NGlEQJc4ssFNL5Q2WwbVgl6sxbHs9ZTFZrWGZx6rNJKxvRIjZA2nkuottkioizL4
cEIGwSs+1H3GY8CV5PdHXdikJ+jsVGrmo7x8cwD/FoTMXRc+AjaGA3jsV5fp8627
B6Ev6Zq6dHJIdpUMRe1j6U2BmjgtXgMvwq1FdO11+0rO97YWFWqfgQG/xCPZi1rg
oZ2sT8HdKOIapJ3PtpWKXJAM+BgVJ/8UWDJOVsLTt9ojQ8n9hukEt5rv4ECtHZLu
M8rNsU1k+ko4ggFLKYnr7BcbOLnXNyX098eXuELF1te001Y0tt6DAJ5cps6ILZzK
AHj+CVxdLTh2SUOPk1gLJZVySwPhb7SxB2c9wd9lwN4RwzfzoidaIQUrMVcZCPdt
zfW5C1HOY0qZmwyLWUlFvrZminQzsoH52O+1Fdc2g8s2dIQIt19lqBKgJg8U6SWV
SmUimy2FZQRt0MnGhc27PmeP7D4cfoTu5H0wde5vsfw95O1QGTLoOatsGDYKXIUN
t69NAH/twUk1/izc/m399Ns4Q/mfOQ8bpnRw6pcTBtNOiBboED2u2JxP0Ez3IFet
Wnp8xsGfe7ftX8Go/My+
=5IuM
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ