lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 3 Oct 2011 12:56:00 +0100
From: Darren Martyn <d.martyn.fulldisclosure@...il.com>
To: secn3t@...il.com
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: VPN providers and any providers in general...

True, I know some hackers who really apply the "Ballmers Peak" (
http://xkcd.com/323/) principle... They simply need to dry up :)

On Mon, Oct 3, 2011 at 12:51 PM, xD 0x41 <secn3t@...il.com> wrote:

> Well, statistics show that most crime is done on some form of drug, and
> drug addiction is probably about 90% of most major crime evens, so, i think
> this gives people of the IT nature, a much higher chance, staitstically
> speaking, it would be of more benfit to simply rehab them, rather than make
> them a possible statistic of the 'rotation' count most harder crims have.
> ok,. im out!
> xd
>
>
>
> On 3 October 2011 22:38, Darren Martyn <d.martyn.fulldisclosure@...il.com>wrote:
>
>> Well, thanks for the logical response :)
>>
>> Many people want these "evil hackers" locked up and such, but doing so
>> will only achieve the folowing (in my opinion):
>> A: Cost money.
>> B: Turn them into a more hardened criminal.
>> C: Cost the community a useful person who could be beneficial to them.
>>
>> Consider that Davis is 18, Cleary only 19, and other people arrested are
>> about the same age. What the law enforcement and judicial bodies dealing
>> with them must realize is that they are dealing with intelligent young
>> people, who simply chose the wrong path. What they need is not a prison
>> stay, but some rehabilitative treatment, perhaps councilling to help them
>> find the right path, and a better sense of morality.
>>
>> Hell, in some cases the mere arrest itself scared people straight. Having
>> a bloody SWAT team blow the bloody doors off is enough to reangline* most
>> young mens moral compass!
>>
>> Of course, jailing them can be used to "send a message" that "this is not
>> acceptable" and such, but that has *less* merit than *using* them for good.
>> All one does by sending a message is make those still out there feel more
>> persecuted, and persecuted people lash out, doing more damage, and the cycle
>> continues.
>>
>> *This computers spellcheck is not working, it wants to use Cyrillic!
>>
>> On Mon, Oct 3, 2011 at 12:28 PM, xD 0x41 <secn3t@...il.com> wrote:
>>
>>> Ok.. my final posts on this matter i think... and opinons,
>>>
>>>
>>> (No, seriously, I wonder what your opinions are on rehabilitative rather
>>> than punitative measures to be taken against criminal hackers, assuming
>>> fraud was *not* involved, and what benefit they can be to the community and
>>> whether it outweighs the negative effects of not making examples of them).
>>>
>>> It does outweigh, for, each time a perso is jailed it costs you, me, and
>>> anyone wh works, money.
>>> We can re3duce the harm, by education and counselling. Especially forced
>>> hours per-week basis, of counselling with a qualified psych, possibly before
>>> release even better.
>>> I think the IQ level is higher, therfore, there is a 'smarter' chance of
>>> it happening, asmuch as theyre hacking, theyre also gaining tremendus
>>> knoledge, many do go into IT sec, we just cannot see those cases really..and
>>> when we do, theyre usually yrs after the thing has happened, but, i could
>>> think of a few EU based guys who are hapily workin for huge co's, making
>>> massive cash, evven maker of Morphine, HolyFather, admittedly went into Av,
>>> and made rootkits for years.
>>> So, for sure, why put them in jail, it is just going to 'harden' , like
>>> anyone will when ones back is up against the wall, as it will be in jail
>>> ofc.
>>> I think rehab, rather than retalliate.
>>>
>>> Bedtme here for me :)
>>> I enjoy your posts, and i think the whole topic has much merit in these
>>> lists, other than just about a cpl of websites, pople forget that it is
>>> still about, the freedom to even, do a simple pentest , really thats the
>>> crux of it.
>>>
>>> So, i think,some method used by psychology, could very easily work,
>>> especially because, these guys are usually VERY smart, and, the can still be
>>> 'saved' unlike some hardened armed-robber/burglar...
>>> The chance of rehab, is specially high because of the intellectual
>>> platform it takes  just to be at a simple or mediate level of the scale, in
>>> terms of 'hacking' in hgeneral.
>>> cheers,
>>> xd
>>>
>>>
>>>
>>>
>>> On 3 October 2011 22:17, Darren Martyn <
>>> d.martyn.fulldisclosure@...il.com> wrote:
>>>
>>>> Thanks for the input, I will be putting this as a debate soon for thew
>>>> Law Society in the Uni I attend, to see what the legal guys think.
>>>>
>>>> The issue in the example is not fraud, but damage done to the servers
>>>> (lets assume root/deface) and perhaps leaking of stolen data - the case I am
>>>> using as an example would be, for example, the "LulzSec" breaches. How hard
>>>> would they get f*cked on an international scale if arrested? How many
>>>> countries will try extradite them?
>>>>
>>>> In my opinion, they should be simply charged, tried and convicted in
>>>> their country of residence and be done with it - there is no benefit to
>>>> society as a whole to be gained from hanging them three or four times a
>>>> piece, as I reckon given a good shock and such, they come out with a
>>>> newfound respect for authority and may even be of some benefit to the
>>>> security community and the community as a whole. Locking them up merely
>>>> turns them further toward criminal lives - and remember, all hackers *have*
>>>> potential to do good as well as evil, it is just a matter of their choice.
>>>> Given a *shove* toward the right decision is more beneficial in the end.
>>>>
>>>> "Discuss"...
>>>>
>>>> (No, seriously, I wonder what your opinions are on rehabilitative rather
>>>> than punitative measures to be taken against criminal hackers, assuming
>>>> fraud was *not* involved, and what benefit they can be to the community and
>>>> whether it outweighs the negative effects of not making examples of them).
>>>>
>>>> On Mon, Oct 3, 2011 at 9:34 AM, xD 0x41 <secn3t@...il.com> wrote:
>>>>
>>>>> Could just lok at the recent david cecil case here in .au.
>>>>> It does say alot, because he did breach some bigger networks.. and he
>>>>> was committing 'smaller' scale fraud but, still fraud, however, his main
>>>>> problem was what he did to a governemnt site, wich was deface it for
>>>>> personal gain, not profit.
>>>>> It is the latest case wich would be valid of this.
>>>>> still.. intresting infos... good stuff.
>>>>> xd
>>>>>
>>>>>
>>>>> On 3 October 2011 19:16, Darren Martyn <
>>>>> d.martyn.fulldisclosure@...il.com> wrote:
>>>>>
>>>>>> Going back to my own example, say all three are first world countries,
>>>>>> and A and C are in the EU whilst B is the US. All nations involved have good
>>>>>> diplomatic relations and preexisting extradition treaties, and to add
>>>>>> interest to it, lets say the LEO in B and C helped the investigation. The
>>>>>> criomes would be non-financial, but say, large scale hacks and such. I will
>>>>>> use Jake Davis's case as a "canary case" for this though...
>>>>>>
>>>>>> On Sun, Oct 2, 2011 at 12:31 AM, xD 0x41 <secn3t@...il.com> wrote:
>>>>>>
>>>>>>> Ah, the legend of the mailing-list himself, has spoken.
>>>>>>> not knowing you, for all i have seen, your a pathetic sack of
>>>>>>> rubbish, and really, what we are discussing, if you had ANY clue, wich obv
>>>>>>> dont, is simply how far our own freedom is going.
>>>>>>> You are an idiot.
>>>>>>> Have a nice day.
>>>>>>> xd
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On 2 October 2011 08:45, andrew.wallace <
>>>>>>> andrew.wallace@...ketmail.com> wrote:
>>>>>>>
>>>>>>>> On Sat, Oct 1, 2011 at 5:50 AM,  <Valdis.Kletnieks@...edu> wrote:
>>>>>>>> > On Sat, 01 Oct 2011 09:16:11 +1000, xD 0x41 said:
>>>>>>>> >
>>>>>>>> >> As you also said, murder is a no brainer in any place...well,
>>>>>>>> maybe not iraq
>>>>>>>> >> or afghanistan just yet :P lol..
>>>>>>>> >
>>>>>>>> > Iraq, for all its problems, is still a place with a somewhat
>>>>>>>> functional
>>>>>>>> > judicial system. The court system may be broken, but you in
>>>>>>>> general *will* at
>>>>>>>> > least appear in a courtroom with a judge and be pronounced guilty
>>>>>>>> before you're
>>>>>>>> > punished.
>>>>>>>> >
>>>>>>>> > I was actually thinking more along the lines of  totally failed
>>>>>>>> states such as
>>>>>>>> > Somalia, Sudan, or the contested parts of Afghanistan, where you
>>>>>>>> can't be tried
>>>>>>>> > for murder because there isn't a court to try you *in*.
>>>>>>>> >
>>>>>>>>
>>>>>>>> Have you not grown old of talking to children on mailing lists?
>>>>>>>>
>>>>>>>> ---
>>>>>>>>
>>>>>>>> Andrew Wallace
>>>>>>>>
>>>>>>>> Independent consultant
>>>>>>>>
>>>>>>>> www.n3td3v.org.uk
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Full-Disclosure - We believe in it.
>>>>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ