Re: VPN providers and any providers in general...

[xD 0x41 <secn3t () gmail com>]

hmm.. yes interesting..

On the flip side would it be that hard for a malicious person who works at a
VPN provider to blame it on a customer? I don't think that's what has
happened in this case, but hypothetically what is to stop a rouge employee
from abusing the trust that a LE official might have and doctoring logs sent
to them?

Absolutely nothing :)
This is where, as i was saying... a shell owner/employee, could easily make
any police run in circles simply trying to get a decent tap on something...
this is where it gets cloudy... but, this is what is being questioned on
this threead to...
I guess we have gotten somewhere.
A. Do NOT use VPN and shell services, to commit crime
B. Do NOT commit crimes, in USA,especially those of a large-scale cyber
nature,and
C. I apprently am laurelai and, i like popcorn (both are false)
Cheers!
xd


On 5 October 2011 14:30, adam <adam () papsy net> wrote:

> That raises a good question: could a good enough defense attorney convey
> that point to a judge well enough to get the charges dismissed? Then again,
> if they really believed a VPN service would protect them (even while
> violating their agreement with said provider) - there's probably at least
> *some* evidence on their machine implicating them. In the event that
> there's not though, I do wonder how it would play out.
>
> It'd make for a relatively easy set-up, if that were to work the way you
> suggested. You could doctor all of the logs to implicate them, and even go
> as far as to use the same software/configuration that they use. No matter
> how true their "I have no idea what you're talking about" actually is, the
> logs plus added "evidence" could likely be enough.
>
> That entire thing reminds me of something I thought about after watching
> "to catch a predator" a couple of times. You'll notice that in most cases,
> the "predators" respond the same way: they play stupid, pretend not to know
> what's going on, etc. Imagine if you knew someone in real life that worked
> at a pizza delivery place. Now also imagine that you hated said person.
>
> The "undercovers" on that show are all pretty predictable, and some of the
> tactics they use are present in every single bust. Keeping that in mind, and
> with enough research, you could easily find one of their undercovers online.
> Now imagine starting a dialogue with one of them, pretending to be the
> person who works at a pizza place (for sake of simplicity, we'll call him
> Mike). Imagine sending pictures of Mike to the undercover, talking about
> having sex with her, sending her nude pictures of "you" or other people, and
> so on.
>
> Then wait for one day that you know Mike person is working (and that you
> know undercover would be willing to meet). Figuring out the former would be
> a simple call to the pizza place "Hey [name], do you know what time Mike
> comes in today?" From there, you could tell the undercover that you'll come
> in your pizza delivery car so that no one suspects anything, so that
> she recognizes you, whatever - and tell her that you'll bring a pizza (maybe
> even go as far as to figure out her favorite kind for added "evidence").
>
> During the day, lots of pizza places only have one or two drivers present.
> You could sit outside the pizza place and wait for [other driver] to leave
> and Mike to arrive (or do something to cause [other driver] not to make it
> back to the pizza place, e.g. slashing one of his tires on a fake delivery).
> There's lots of different ideas that could be implemented, as long as the
> end result is that you can guarantee Mike will be delivering the pizza. At
> which point, you call and request a delivery to undercover's house. Mike
> shows up there, undercover invites him inside and asks him to sit down - and
> at that point, Chris Hansen comes walking out. Even though everything Mike
> would say is indeed true, it'd sound like BS if we believed he had been
> talking to the undercover for a couple of months. He'd "play stupid" and
> would be charged with felony offenses of trying to entice a child/yada yada.
>
> In that situation, even if he could somehow come up with proof that he was
> set up - no one's gonna believe a pervert. It's just something that I've
> thought about a lot, and I wonder how many others have as well (and I
> especially wonder if anyone has ever attempted it).
>
>
> On Wed, Oct 5, 2011 at 12:06 AM, Laurelai <laurelai () oneechan org> wrote:
>
> >  On 10/4/2011 7:52 PM, adam wrote:
> >
> > > > Its frightening how much power judges have, and how poorly they
> > are overseen.
> >
> >  Definitely agree there. Some of the civil cases are disgustingly bad,
> > due to there being no media attention and no real oversight. The civil case
> > mentioned above is a good example, and all of the excessive child support
> > orders even further that.
> >
> >  On topic: I haven't read every single reply here, but from what I've
> > seen: no one has mentioned the VPN provider being held personally
> > responsible. Being that the attacks originated from machines they own, if
> > they failed to turn over user information, could it really be that difficult
> > to pin the attacks on them and convince a judge that they were responsible?
> >
> > On Tue, Oct 4, 2011 at 9:37 PM, Jeffrey Walton <noloader () gmail com>wrote:
> >
> > >  On Tue, Oct 4, 2011 at 10:32 PM, adam <adam () papsy net> wrote:
> > > > > >
> > > http://www.justice.gov/usao/eousa/foia_reading_room/usam/title9/crm00754.htm
> > > > Did you actually read the link you pasted?
> > > > [...] and "criminal penalties may not be imposed on someone who has not
> > > been
> > > > afforded the protections that the Constitution requires of such
> > > criminal
> > > > proceedings [...] protections include the right [..]
> > > > Then take a look at the actual rights being referenced. Most of which
> > > would
> > > > be violated as a result.
> > > > In response to 0x41 "This is ONCE you are actually in front, of the
> > > > judge...remember, it may take some breaking of civil liberty, for this
> > > to
> > > > happen... "
> > > > No, you're absolutely right. That's the point here. Contempt is
> > > attached to
> > > > the previous court order, there wouldn't be a new judge/new case for
> > > the
> > > > contempt charge alone. All of it is circumstantial anyway, especially
> > > due to
> > > > how much power judges actually have (in both criminal AND civil
> > > > proceedings).
> > >  Its frightening how much power judges have, and how poorly they are
> > > overseen. Confer: Judge James Ware, US 9th Circuit Court (this is not
> > > a local judge in a hillbilly town).
> > >
> > > Jeff
> >
> >  Also a good point.
> >
> > On the flip side would it be that hard for a malicious person who works at
> > a VPN provider to blame it on a customer? I don't think that's what has
> > happened in this case, but hypothetically what is to stop a rouge employee
> > from abusing the trust that a LE official might have and doctoring logs sent
> > to them?
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/