lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 4 Oct 2011 20:46:21 +1100
From: xD 0x41 <secn3t@...il.com>
To: Darren Martyn <d.martyn.fulldisclosure@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: VPN providers and any providers in general...

Honestly, i dont use VPN, dont know alot about them, but when a company says
" we will hide you..come to us.. " , i guess some people take this, as a
meaning that they can commit crime, wich is obviously not the case... I dont
use VPN, I dont believe in them, i dont need them, and, I am NOT laurelai
for the final time i will say to that idiotic kid trying to say i am, I do
not speak in "lololo" , and anyone who knows me, would know i aint her/him,
whoever it is.
Anyhow, yes, well... i am slowly seeing that obviously, appearances can be
very decieving , but then again, I would not expect to get away with crime
on *any* service nowdays, it is crime afterall... and it is on the grander
scale, according to press even, wich pushes it forward even harder..
anyhow, nite time here, sleeping time... but i will wake to a million emails
i guess again :s it is a good tiopic, but also not an excuse for people to
start putting up "free *blah*" and such, because some of these cases simply
CANNOT be helped, by law... thats just how it is in some countries, they are
stricter (once arrested), than when i guess some other countries are..
regarding europe, and arabic areas, and the jails there... i can only say,
each case must be looked at very closesly, and then maybe see why in each
case, athe arrest wasmade, and maybe there is some pattern... (the
press...mainly).
cheers,and gnite,
xd


On 4 October 2011 20:27, Darren Martyn <d.martyn.fulldisclosure@...il.com>wrote:

> Ok, well I suppose we can avoid spamming the list with our off topic
> ramblings and get back to the topic on hand (and behave like adults, which I
> assume all of you'se are), and clear up a few things up.
>
> VPN's and such can serve as a method to stop people on the local network
> from sniffing your connection (assuming a reliable encryption scheme is in
> place, and you have not been MITM-ed during the key exchange or whatever -
> crypto is NOT my interest!). However, we can reliably assume that the VPN
> provider can sniff your connection and compromise your "safety" per se, and
> that they WILL cooperate with Law Enforcement.
>
> Even running your own VPN (OpenVPN) on a VPS you purchase is still risky,
> as the VPS provider can simply take over the box. Etc.
>
> TL;DR, VPN's are not as safe as some believe for protecting ones anonymity.
> They WILL roll over for LEO and such. Not to mention threats on the LAN
> could compromise you, but I do not know much about how that works on the
> crypto side (however, if someone wants to enlighten me I would be grateful,
> it has piqued my curiosity!)
>
> Also, NOT surprised the provider rolled over in THAT case.
>
> *footnote for Christian, etc. I apologise for inciting a bit of off topic
> ranting, merely discussing morals, and how they affect people, and how often
> people do silly things when their logic/morality is compromised, often by
> narcotics and such. But that is for a discussion on morals and the
> psychology/sociology of "cybercriminals". The ensuing debate about
> psychadelics and coding was probably my fault, but hey, people have varied
> interests, no? If we are going to act our age (adults, I presume) on this
> list at least display some tolerance for other peoples discussions, and keep
> the anger off the list.
>
> On Tue, Oct 4, 2011 at 8:06 AM, Ferenc Kovacs <tyra3l@...il.com> wrote:
>
>> http://vpn.hidemyass.com/vpncontrol/legal.html
>>
>> "VPN Data
>>
>> What we store: Time stamp and IP address when you connect and
>> disconnect to our service."
>>
>> ...
>>
>> "Legalities
>>
>> Anonymity services such as ours do not exist to hide people from
>> illegal activity. We will cooperate with law enforcement agencies if
>> it has become evident that your account has been used for illegal
>> activities."
>>
>> people should read the TOC, AUP and privacy policy especially if they
>> are planning to use that service for illegal activities.
>>
>> As I mentioned before it is hard to expect that a VPN provider will
>> risk his company for your $11.52/month, and maybe they would try it
>> for some lesser case, but what Lulsec did was grant, so I'm not
>> surprised that they bent.
>>
>> On Tue, Oct 4, 2011 at 1:09 AM, xD 0x41 <secn3t@...il.com> wrote:
>> > maybe they are law abiding companies? :)
>> >
>> > Who were advertising themselves, and acting like they would NEVER do the
>> > dirty by handing over any payment records etc... wich is half the reason
>> i
>> > believe the people use theose ones, advertising to protect you.. not to
>> give
>> > your infos up, for really, no reason. as they did.
>> > Law abiding or not, then they should be advertising as a law abiding
>> > company, and not acting like some hackers-oparadise vpn service.
>> > xd
>> >
>> >
>> > On 4 October 2011 06:16, Ferenc Kovacs <tyra3l@...il.com> wrote:
>> >>
>> >> On Mon, Oct 3, 2011 at 10:35 PM, Laurelai <laurelai@...echan.org>
>> wrote:
>> >> > On 10/3/2011 10:42 AM, Antony widmal wrote:
>> >> >> Using an external VPN provider to cover your trace clearly shows
>> your
>> >> >> incompetency and your idiot assumption.
>> >> >> Trying to blame the VPN provider rather than accepting your mistake
>> >> >> and learning from it clearly show your 3 years old mentality.
>> >> >>
>> >> >> Also, could you please stop posting as GLOW Xd as well ?
>> >> >> We do not need your schizophrenic script kiddie "lolololol", "xD",
>> >> >> hugs,  spamming on this mailing list.
>> >> >>
>> >> >> You being on this mailing list is once again not the best idea.
>> >> >>
>> >> >> Thanks,
>> >> >> Antony
>> >> > Actually XD and me are two different people. Second issues of privacy
>> >> > are always relevant, not understanding that law abiding individuals
>> >> > should always be concerned about companies that hand over personal
>> info
>> >> > at the request of an authority figure are the ones with three year
>> old
>> >> > mentalities.
>> >>
>> >> maybe they are law abiding companies? :)
>> >> this whole fuss wouldn't have happened, if everybody could just stay a
>> >> law abiding citizen.
>> >>
>> >> --
>> >> Ferenc Kovács
>> >> @Tyr43l - http://tyrael.hu
>> >>
>> >> _______________________________________________
>> >> Full-Disclosure - We believe in it.
>> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >
>>
>>
>>
>> --
>> Ferenc Kovács
>> @Tyr43l - http://tyrael.hu
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ