Full Disclosure mailing list archives
Re: VPN provider helped track down alleged LulzSec member
From: xD 0x41 <secn3t () gmail com>
Date: Sat, 1 Oct 2011 05:29:46 +1000
ah i see.. By screw you over I did not intend to mean "sell you out". I meant a more criminal fucking over - where they backdoor the box (Hey, physical access and its THEIR server) and steal your criminal assets I have seen this, and, i could name some LARGE isp wich ALLOW c&c centres, then bust them and steal the bots, and add them to theyre own net :P lol.. then you have low level hijacks i have also noticed like, people making your own eggdrop bots 'turn' on u and ban you from your own channel.. hehe thats a fun one.. but, wraith.botpack stops that, it is specially made for nosy admins and auto shutdowns and the hashes, is plentiful on that, they are secure but, to get to this level, i guess you would want to be making your own code to run on boxes, surely i know thats been the case with most of my users, who many stagesds, came to me AFTER i had copped a few abuse, or, id simply grep my apache logs, and see like /~user-xy/ downloaded aa.exe 100kb ...400000times :P This caused me to have to move them, i found in between normal users, and hiding pests, to save money, was all about the moula* ,i simply would have had to stayup 24hrs to then steal things, so id just lock them out until i could get them to move theyre crap and, i did not allow ircds, so it was more cases of ppl using theyre shells to host bad files :s, and then m,assively downloading to linux admin'd boxes :S. this was where i learnt, it is either, make money from them staying, and simply show logs of me doing an 'investigation' and 'removal;' of the user in realtime. i ad even special scripts on hand, to totally shutdown and wipe the box, if it were accessed by the wrong places... i guess if you care enough to make money, then in only few yrs ago, i was a culprit of this, and now, i would STILL do it, and, i would generally not give a darn about theyre 'bots' orwhatever, but, id just want them moved, so, i had a cpl dedis around for specially that, if they were banned on that box, then, id usually by then have had enough... and would prolly just leave them be myself..many could not install an eggdrop, yet seemed to run some scanner fine :s anyhow, i better go enjoy my breakfast, it is 4am here :P enjoy the read, and, remember, money talks.... xheers xd ps: if i were court ordered to hand stuff over i would, just, nothing that would incriminate anyone :s why should i invole my arse, and not get paid for court time, for the govt, when, i know someone else will definately buckle anyhow, and dfo that for me :s i guess is a state of mind . On 1 October 2011 00:31, Darren Martyn <d.martyn.fulldisclosure () gmail com>wrote:
By screw you over I did not intend to mean "sell you out". I meant a more criminal fucking over - where they backdoor the box (Hey, physical access and its THEIR server) and steal your criminal assets... i.e. steal, say, your formgrabber data (and keep it), jack your botnet, etc... SOme of them guys do just that. The domain "khant.info" used to be a "free botnet service" where one could use Khant's servers to run a botnet. It was marketed toward script kiddies, and after a few short months he ran off with their bots and their money :) Just an example of how common it is for a "bulletproof host" or such to fuck you over. On Thu, Sep 29, 2011 at 2:56 PM, xD 0x41 <secn3t () gmail com> wrote:User location determines Judicial Jurisdiction - how is that irrelevant? it is NOT atall.. he is kidding himself.. I already said just ONE country where i could happily commit crimes, in the usa or uk from, and thru, panama. simple as that, they wont execute crap unless you commit fraud etc, on theyre home. cheers. xd On 29 September 2011 23:54, Louis McCoy <louie () wellandlighthouse com>wrote:User location determines Judicial Jurisdiction - how is that irrelevant? On 9/29/2011 9:27 AM, Benji wrote: No, you are wrong. Either; the vpn provider complied with court order, or they face the legal ramifications of not doing so. User location is irrelevant. On Thu, Sep 29, 2011 at 2:04 PM, xD 0x41 <secn3t () gmail com> wrote:indeed :) but, it is how a proper anon person would operate, well, tht is how i once did... anyhow, it is to broad, and, yes, i qwould never believe in bulletproof, unless i have used it maybe, for 10yrs, thru 10 botnets ;P wich, is very rare but funnily, possible. webhosters, are even more corrupt and better at hiding data.. face it, if the vpn provider had not shat themself, then it would be a non story. On 29 September 2011 23:00, Benji <me () b3nji com> wrote:'Abuse' emails and court orders are very different. On Thu, Sep 29, 2011 at 1:59 PM, xD 0x41 <secn3t () gmail com> wrote:err, you are limited in those countries dude... id really checkup on that ... maybe some but, yea i agree, i dont think any hosting is anon, but, i sure know i have kept an anon dedis in past, and was VERY easy to avoid handing anything over. Unless they had personally seized from my company, i was allowed to basically get away with, and if i want to, again, could do the same 'anonymously' and, indeed keep those details, away. it is not frigin hard dude, where did Yyou get the idea, that is not hard to move a user around boxes :P and rename them, etc etc etc, always change ipv6 tunnels... there is somany ways, you obv have not ran a dedicated server in a company environment coz boi, they hide nets on legit hostin now, legit apparently* companies...and they do it using those simple means, and, even show logs of them 'removing and deleting' files of the apprent 'bad user' , this is, a whole different level than even needing to deal with cops.. so, you are scared too much by laws wich can be smokescreened. Run a dedis, or simply ask a admin, howmany abuse they get, and howmany users they actually rm ;) you would want this service, on your vps ? i surely wouldnt,. i know, with me, if i offer anon, you stay damn anon, if you bring cops to MY HOUSE, then i may have to try and, simply keep my darn data secure ey ? how about that ? simple methods, defeat simple plans benji. xd On 29 September 2011 22:53, Benji <me () b3nji com> wrote:Yes they do. If you buy a server in America for example, even if you are located in Russia, they are required by federal law to hand over your details wherever you may reside. I dont know where you've obtained this idea that they can't. Just because something is advertised as 'anonymous' doesnt mean it's 'so anonymous you can break the law' and anyone using a EU/US-related country to do this is either stupid or naive. On Thu, Sep 29, 2011 at 1:50 PM, xD 0x41 <secn3t () gmail com> wrote:They advertised as anonymous VPN to 'everyone'. Then, that would mean, especially NOT locally, thats something wich is also, subject to federal laws though so, in its own country, the provider may have to, nomatter whats advertised, BUT outside of country customers, should not be handed over. isp's here dont do it, and havent, for like 20 yrs, they also do not take down people,issue nor execute other peoples 'takedown orders', there is many reasons for this but basically, they loose money from it. Anyhow, in UK, you maybe right, but outside of there, then, they should have maybe not advertised as anononymous vpn services for everyone and anyone. thats obvious crap we know now. anyhow, cheers, xd On 29 September 2011 22:45, Benji <me () b3nji com> wrote:Im sorry, why is it 'worrying' that a vpn provider that was a UK business and was located in the UK, is subject to UK law? On Thu, Sep 29, 2011 at 9:51 AM, Darren Martyn < d.martyn.fulldisclosure () gmail com> wrote:Again, I hope this does not fail to send. The reasoning behind the "Pure Elite" recruitment channel was A: to recruit some talented people (and, by all accounts, there were some talented programmers there) and B: development and idle talk. Now more interesting was the reasoning behind the name - by putting the developers and coders and potential recruits in a channel named "Pure Elite", it was essentially an ego boost for the new guys, made them feel valued, etc, when in fact most were but pawns to be used (IMHO). This co-operation between VPN providers and LEO, while being nothing new - remember how hushmail caved in - is indeed worrying for those of us who are privacy advocates as well as security researchers. On a more direct note, Laurelei, do not presume that you know all there is to know about them. Doing so would be foolish. (Now don't go assuming that I hate you, I bear you bugger all ill-will, etc). Good day. On Wed, Sep 28, 2011 at 5:44 AM, Laurelai Storm < laurelai () oneechan org> wrote:Its all good dude. What really concerns me is that vpn providers might give over logs to oppressive regemes. TOR is starting to look better and better. On Sep 27, 2011 11:40 PM, "GloW - XD" <doomxd () gmail com> wrote:never did... was only for one buttcheek kid that i was alittlepissed andthinking things wich, prolly were wrong at the time... I am adult enough to apologise for what happened back then, andhopefully itis just, cool. :) cheers, your loved by many, you just have many trollers to :sp take care , xd On 28 September 2011 14:32, Laurelai Storm <laurelai () oneechan org> wrote:Im suprised, someone on the internet who *doesn't * hate me :p On Sep 27, 2011 11:29 PM, "GloW - XD" <doomxd () gmail com>wrote:Hello Laurelai , Oh i agree it is still a terrible precedent to be set.. Idont even knowwhere, legally, i stand anymore... It is rather disturbing, nomatter WHO it was laurela. I am all for the hatred against the VPN provs, and this isnot justhappening here, and i made a BIG statement about this, andprivacy, in mychannel on efnet, first as i saw it. Then saw a torrentfreak feed,of someone who was an owner ofa hugetorrentsite, was handed to authorities, not by the hoster, no...but by thefrigging payment handler, ie paypal or alertpay most likely. This is not good, it makes a grey could now over what is'anon' and whatisnt. and thats a bad thing for us all. To much fraud is causing this, thats plain andsimple.Abusing places likeSony, and, major banks, only make the authorities turn topolitics, whominturn can bully with federal and state laws of ANY country, ithink thisisthe dangerous part wich is affecting lulzsec members orwhoever was apartofit, and, i mean efnet is no recruiting grounds for decenthkrs.Simple as that, you know it, maybe thru word of mouth ok,but not alonebybeing in channels but that network, is one federal hideoutnow..and, thatisevery channel, if it is not being spied (yea they have amodulem_spychannel.c or similar, wich, they actually had withoutrealising,askeda friend, to code for them. This was rejected by me/her,but i believe they have themodule runningnow.So, what was to stop them adding theyre own hidden spy modeto it :s lookatwhat they did to my old channel #haqnet, they introduceddrinemon and abunch of other things, when it could have been simply workedout withwords.. but anyhow, i will not brood on the past, i hopethis is mutualLaurelai, I have nothing bad to say about you, and in turn,expect thesame.Respect for respect dear. I do agree with you about the situation and, as you can see,am notholding9undisclosed) crappy things wich happened along time ago,over oneidiotickid, on efnet, whom now i know you do not associate with.So, i wantthat,to be laid rest now.. please. And, we can only hope that the greater common sense willprevail andhopefully, places will be forced to proove anonymity in someway, wetherthat be by showing people email interaction with requester'sof peoplesinfo, or anything simple even, wich would be then a standardfor VPN, Idonot use them but, if i bought anonymous vpn, id expectexactlythat,withoutpolitical interaction and grey areas about who and what isnow legal andnotlegal on the internet, on chatrooms, and on even websites. ok, thats plenty, cheers! xd On 28 September 2011 13:41, Laurelai <laurelai () oneechan org>wrote:On 9/27/2011 10:10 PM, sandeep k wrote: Lolz members was really insane ,i m not why to use thatcrapy hma.On Sep 27, 2011 8:36 PM, "Ferenc Kovacs" <tyra3l () gmail com>wrote:yeah, and usually the same goes for calling others "kids";)On Tue, Sep 27, 2011 at 10:30 PM, GloW - XD <doomxd () gmail com> wrote:#pure-elite , rofl... yes indeed :P hehe... nice story tho...funny about the elite channelthing... whydoppltag themselves as elite? usually when they are not... ohwell, thats efnut :s (irc sucks) xd On 27 September 2011 19:03, Darren Martyn <d.martyn.fulldisclosure () gmail com> wrote:Hope this sends correctly, new email client and all...But seeing asitisan international investigation many people have beenbending overbackwardsto assist LEO on this. HMA and perfect privacy were theVPN's ofchoiceforthem it would appear, oh, and he was part of the#pure-elite channelonthatIRC server, and hence, considered by LEO and others as"Part ofLulzSec".TL;DR, this is nothing new. On Tue, Sep 27, 2011 at 6:53 AM, Laurelai Storm <laurelai () oneechan orgwrote:And the guy wasnt even a part of lulzsec On Sep 26, 2011 10:37 PM, "Jeffrey Walton" <noloader () gmail com>wrote:On Mon, Sep 26, 2011 at 8:47 PM, Ivan . <ivanhec () gmail com>wrote:http://www.h-online.com/security/news/item/VPN-provider-helped-track-down-alleged-LulzSec-member-1349666.htmlThough HMA claims they complied with a court order,it looks asifthey facilitated a law enforcement request. The USand the FBIhavenojurisdiction in the UK. Jeff _______________________________________________ Full-Disclosure - We believe in it. Charter:http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia -http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter:http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter:http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter:http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/-- Ferenc Kovács @Tyr43l - http://tyrael.hu _______________________________________________ Full-Disclosure - We believe in it. Charter:http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter:http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/From my understanding they used the channel as a possiblerecruitmentground, though only 6 people were officially a part oflulzsec , i finditdisturbing that law enforcement considers being in an ircchanneltantamountto being a part of lulzsec. _______________________________________________ Full-Disclosure - We believe in it. Charter:http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: VPN provider helped track down alleged LulzSec member xD 0x41 (Oct 01)