lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CALCvwp47CaLwUBZ=fRFZmniAQmPsbELKhUULVRqxTtH5Q_MQFg@mail.gmail.com>
Date: Thu, 29 Sep 2011 22:50:32 +1000
From: xD 0x41 <secn3t@...il.com>
To: Benji <me@...ji.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: VPN provider helped track down alleged
	LulzSec member

They advertised as anonymous VPN to 'everyone'.
Then, that would mean, especially NOT locally, thats something wich is also,
subject to federal laws though so, in its own country, the provider may have
to, nomatter whats advertised, BUT outside of country customers, should not
be handed over.
isp's here dont do it, and havent, for like 20 yrs, they also do not take
down people,issue nor execute other peoples 'takedown orders', there is many
reasons for this but basically, they loose money from it.
Anyhow, in UK, you maybe right, but outside of there, then, they should have
maybe not advertised as anononymous vpn services for everyone and anyone.
thats obvious crap we know now.
anyhow, cheers,
xd


On 29 September 2011 22:45, Benji <me@...ji.com> wrote:

> Im sorry, why is it 'worrying' that a vpn provider that was a UK business
> and was located in the UK, is subject to UK law?
>
>
>
> On Thu, Sep 29, 2011 at 9:51 AM, Darren Martyn <
> d.martyn.fulldisclosure@...il.com> wrote:
>
>> Again, I hope this does not fail to send.
>> The reasoning behind the "Pure Elite" recruitment channel was A: to
>> recruit some talented people (and, by all accounts, there were some talented
>> programmers there) and B: development and idle talk. Now more interesting
>> was the reasoning behind the name - by putting the developers and coders and
>> potential recruits in a channel named "Pure Elite", it was essentially an
>> ego boost for the new guys, made them feel valued, etc, when in fact most
>> were but pawns to be used (IMHO).
>>
>> This co-operation between VPN providers and LEO, while being nothing new -
>> remember how hushmail caved in - is indeed worrying for those of us who are
>> privacy advocates as well as security researchers.
>>
>> On a more direct note, Laurelei, do not presume that you know all there is
>> to know about them. Doing so would be foolish. (Now don't go assuming that I
>> hate you, I bear you bugger all ill-will, etc).
>> Good day.
>>
>>
>> On Wed, Sep 28, 2011 at 5:44 AM, Laurelai Storm <laurelai@...echan.org>wrote:
>>
>>> Its all good dude. What really concerns me is that vpn providers might
>>> give over logs to oppressive regemes. TOR is starting to look better and
>>> better.
>>> On Sep 27, 2011 11:40 PM, "GloW - XD" <doomxd@...il.com> wrote:
>>> > never did... was only for one buttcheek kid that i was alittle pissed
>>> and
>>> > thinking things wich, prolly were wrong at the time...
>>> > I am adult enough to apologise for what happened back then, and
>>> hopefully it
>>> > is just, cool.
>>> > :)
>>> > cheers, your loved by many, you just have many trollers to :sp
>>> > take care ,
>>> > xd
>>> >
>>> >
>>> > On 28 September 2011 14:32, Laurelai Storm <laurelai@...echan.org>
>>> wrote:
>>> >
>>> >> Im suprised, someone on the internet who *doesn't * hate me :p
>>> >> On Sep 27, 2011 11:29 PM, "GloW - XD" <doomxd@...il.com> wrote:
>>> >> > Hello Laurelai ,
>>> >> > Oh i agree it is still a terrible precedent to be set.. I dont even
>>> know
>>> >> > where, legally, i stand anymore...
>>> >> > It is rather disturbing, nomatter WHO it was laurela.
>>> >> > I am all for the hatred against the VPN provs, and this is not just
>>> >> > happening here, and i made a BIG statement about this, and privacy,
>>> in my
>>> >> > channel on efnet, first as i saw it.
>>> >> >
>>> >> > Then saw a torrentfreak feed,of someone who was an owner of a huge
>>> >> torrent
>>> >> > site, was handed to authorities, not by the hoster, no... but by the
>>> >> > frigging payment handler, ie paypal or alertpay most likely.
>>> >> >
>>> >> > This is not good, it makes a grey could now over what is 'anon' and
>>> what
>>> >> > isnt. and thats a bad thing for us all.
>>> >> > To much fraud is causing this, thats plain and simple.Abusing places
>>> like
>>> >> > Sony, and, major banks, only make the authorities turn to politics,
>>> whom
>>> >> in
>>> >> > turn can bully with federal and state laws of ANY country, i think
>>> this
>>> >> is
>>> >> > the dangerous part wich is affecting lulzsec members or whoever was
>>> apart
>>> >> of
>>> >> > it, and, i mean efnet is no recruiting grounds for decent hkrs.
>>> >> > Simple as that, you know it, maybe thru word of mouth ok, but not
>>> alone
>>> >> by
>>> >> > being in channels but that network, is one federal hideout now..and,
>>> that
>>> >> is
>>> >> > every channel, if it is not being spied (yea they have a module
>>> >> > m_spychannel.c or similar, wich, they actually had without
>>> realising,
>>> >> asked
>>> >> > a friend, to code for them.
>>> >> > This was rejected by me/her,but i believe they have the module
>>> running
>>> >> now.
>>> >> > So, what was to stop them adding theyre own hidden spy mode to it :s
>>> look
>>> >> at
>>> >> > what they did to my old channel #haqnet, they introduced drinemon
>>> and a
>>> >> > bunch of other things, when it could have been simply worked out
>>> with
>>> >> > words.. but anyhow, i will not brood on the past, i hope this is
>>> mutual
>>> >> > Laurelai, I have nothing bad to say about you, and in turn, expect
>>> the
>>> >> same.
>>> >> > Respect for respect dear.
>>> >> > I do agree with you about the situation and, as you can see, am not
>>> >> holding
>>> >> > 9undisclosed) crappy things wich happened along time ago, over one
>>> >> idiotic
>>> >> > kid, on efnet, whom now i know you do not associate with. So, i want
>>> >> that,
>>> >> > to be laid rest now.. please.
>>> >> > And, we can only hope that the greater common sense will prevail and
>>> >> > hopefully, places will be forced to proove anonymity in some way,
>>> wether
>>> >> > that be by showing people email interaction with requester's of
>>> peoples
>>> >> > info, or anything simple even, wich would be then a standard for
>>> VPN, I
>>> >> do
>>> >> > not use them but, if i bought anonymous vpn, id expect exactly
>>> >> that,without
>>> >> > political interaction and grey areas about who and what is now legal
>>> and
>>> >> not
>>> >> > legal on the internet, on chatrooms, and on even websites.
>>> >> > ok, thats plenty, cheers!
>>> >> > xd
>>> >> >
>>> >> >
>>> >> > On 28 September 2011 13:41, Laurelai <laurelai@...echan.org> wrote:
>>> >> >
>>> >> >> On 9/27/2011 10:10 PM, sandeep k wrote:
>>> >> >>
>>> >> >> Lolz members was really insane ,i m not why to use that crapy hma.
>>> >> >> On Sep 27, 2011 8:36 PM, "Ferenc Kovacs" <tyra3l@...il.com> wrote:
>>> >> >> > yeah, and usually the same goes for calling others "kids" ;)
>>> >> >> >
>>> >> >> > On Tue, Sep 27, 2011 at 10:30 PM, GloW - XD <doomxd@...il.com>
>>> wrote:
>>> >> >> >> #pure-elite , rofl... yes indeed :P
>>> >> >> >> hehe... nice story tho...funny about the elite channel thing...
>>> why
>>> >> do
>>> >> >> ppl
>>> >> >> >> tag themselves as elite? usually when they are not...
>>> >> >> >> ohwell, thats efnut :s (irc sucks)
>>> >> >> >> xd
>>> >> >> >>
>>> >> >> >>
>>> >> >> >> On 27 September 2011 19:03, Darren Martyn
>>> >> >> >> <d.martyn.fulldisclosure@...il.com> wrote:
>>> >> >> >>>
>>> >> >> >>> Hope this sends correctly, new email client and all... But
>>> seeing as
>>> >> it
>>> >> >> is
>>> >> >> >>> an international investigation many people have been bending
>>> over
>>> >> >> backwards
>>> >> >> >>> to assist LEO on this. HMA and perfect privacy were the VPN's
>>> of
>>> >> choice
>>> >> >> for
>>> >> >> >>> them it would appear, oh, and he was part of the #pure-elite
>>> channel
>>> >> on
>>> >> >> that
>>> >> >> >>> IRC server, and hence, considered by LEO and others as "Part of
>>> >> >> LulzSec".
>>> >> >> >>>
>>> >> >> >>> TL;DR, this is nothing new.
>>> >> >> >>>
>>> >> >> >>> On Tue, Sep 27, 2011 at 6:53 AM, Laurelai Storm <
>>> >> laurelai@...echan.org
>>> >> >> >
>>> >> >> >>> wrote:
>>> >> >> >>>>
>>> >> >> >>>> And the guy wasnt even a part of lulzsec
>>> >> >> >>>>
>>> >> >> >>>> On Sep 26, 2011 10:37 PM, "Jeffrey Walton" <
>>> noloader@...il.com>
>>> >> >> wrote:
>>> >> >> >>>> > On Mon, Sep 26, 2011 at 8:47 PM, Ivan . <ivanhec@...il.com>
>>> >> wrote:
>>> >> >> >>>> >>
>>> >> >> >>>> >>
>>> >> >>
>>> >>
>>> http://www.h-online.com/security/news/item/VPN-provider-helped-track-down-alleged-LulzSec-member-1349666.html
>>> >> >> >>>> > Though HMA claims they complied with a court order, it looks
>>> as
>>> >> if
>>> >> >> >>>> > they facilitated a law enforcement request. The US and the
>>> FBI
>>> >> have
>>> >> >> no
>>> >> >> >>>> > jurisdiction in the UK.
>>> >> >> >>>> >
>>> >> >> >>>> > Jeff
>>> >> >> >>>> >
>>> >> >> >>>> > _______________________________________________
>>> >> >> >>>> > Full-Disclosure - We believe in it.
>>> >> >> >>>> > Charter:
>>> http://lists.grok.org.uk/full-disclosure-charter.html
>>> >> >> >>>> > Hosted and sponsored by Secunia - http://secunia.com/
>>> >> >> >>>>
>>> >> >> >>>> _______________________________________________
>>> >> >> >>>> Full-Disclosure - We believe in it.
>>> >> >> >>>> Charter:
>>> http://lists.grok.org.uk/full-disclosure-charter.html
>>> >> >> >>>> Hosted and sponsored by Secunia - http://secunia.com/
>>> >> >> >>>
>>> >> >> >>>
>>> >> >> >>> _______________________________________________
>>> >> >> >>> Full-Disclosure - We believe in it.
>>> >> >> >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> >> >> >>> Hosted and sponsored by Secunia - http://secunia.com/
>>> >> >> >>
>>> >> >> >>
>>> >> >> >> _______________________________________________
>>> >> >> >> Full-Disclosure - We believe in it.
>>> >> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> >> >> >> Hosted and sponsored by Secunia - http://secunia.com/
>>> >> >> >>
>>> >> >> >
>>> >> >> >
>>> >> >> >
>>> >> >> > --
>>> >> >> > Ferenc Kovács
>>> >> >> > @Tyr43l - http://tyrael.hu
>>> >> >> >
>>> >> >> > _______________________________________________
>>> >> >> > Full-Disclosure - We believe in it.
>>> >> >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> >> >> > Hosted and sponsored by Secunia - http://secunia.com/
>>> >> >>
>>> >> >>
>>> >> >> _______________________________________________
>>> >> >> Full-Disclosure - We believe in it.
>>> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> >> >> Hosted and sponsored by Secunia - http://secunia.com/
>>> >> >>
>>> >> >> >From my understanding they used the channel as a possible
>>> recruitment
>>> >> >> ground, though only 6 people were officially a part of lulzsec , i
>>> find
>>> >> it
>>> >> >> disturbing that law enforcement considers being in an irc channel
>>> >> tantamount
>>> >> >> to being a part of lulzsec.
>>> >> >>
>>> >> >> _______________________________________________
>>> >> >> Full-Disclosure - We believe in it.
>>> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> >> >> Hosted and sponsored by Secunia - http://secunia.com/
>>> >> >>
>>> >>
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ