Penetration Testing mailing list archives
Re: Smells Funny: Looking for help against Chinese Hacking Team
From: Dotzero <dotzero () gmail com>
Date: Sun, 11 Jan 2009 19:37:18 -0500
On Sat, Jan 10, 2009 at 1:20 PM, jc <antihacker.jc () gmail com> wrote:
While I can't speak for others, by nature I'm paid to be paranoid. It goes with the career, that and realizing no one will exclaim, "Thanx for keeping us safe" -- rather, more like, "Why couldn't you keep us safe...?" The negatives are expounded long before the positives....metrics, people, information be dammed (your 'Atta-Boy!' mileage may vary)...
Nothing wrong with being paranoid... within bounds. Sometimes they really are out to get you. I say this after roughly a week on limited sleep dealing with something.
...So when I look back on the thread, with further research on stings, setups, and phishing scenarios, I get the feeling this was some kind of troll, some kind of experiment, some kind of juicy target, a lawful honeypot if you will.
Looked back at the thread. Maybe so, maybe no.
Does anyone else get the same sort of creepy-crawly feeling? When I look at the way it was written, and the obvious vulnerabilities/clues given, it smells to good to be true. Or is this level of innate incompetence the norm?
I would argue that this level of competence IS the norm, particularly from people who think they are going to get a $200 solution to their security emergency.
Do I need to leave the building and get some fresh air? Speak Human instead of Binary? Or does something not smell right about the whole thing a month later?
Whatever works for you. I try to deal with things as dispassionately as possible. Why does it matter if it is a troll or not? It's a pretty open list so I assume that there are trolls and that there are watchers here. Just a few thoughts.
Current thread:
- Smells Funny: Looking for help against Chinese Hacking Team jc (Jan 11)
- Message not available
- Message not available
- Re: Smells Funny: Looking for help against Chinese Hacking Team Adriel T. Desautels (Jan 11)
- Message not available
- Message not available
- Message not available
- Re: Smells Funny: Looking for help against Chinese Hacking Team Dotzero (Jan 11)
- <Possible follow-ups>
- RE: Smells Funny: Looking for help against Chinese Hacking Team northbayts (Jan 11)