Re: I love you Author evidence ?

[drexx () PACIFIC NET SG (Drexx Laggui)]

May 8, 2000 (GMT +8)

Actually, the bad guys/gals can afford to be brazen enough to
*not* even hide their tracks. All they have to do be at a place
where not enough cyberlaws are understood and implemented
and, sad to say, they can't be touched. That seems to be the
case, as in here:
http://www.inquirer.net/issues/may2000/may08/news/news_3.htm

Or at least the bad guys/gals can have enough time to destroy
all evidence in their possession, and muster enough willpower
not to confess to anything. And yes, there is no jury system in
the Philippines where prosecution lawyers with fancy theatrics
can sway the jury to produce a guilty verdict.

It's a Wild Wild Web,

Drexx Laggui <drexx () pacific net sg>

/* Disclaimer: I'm a Filipino stationed in Singapore who helps
fight the bad guys/gals in Asia. */

At 01:02 PM 5/7/00 -0700, Blue Boar wrote:
> Roelof Temmingh wrote:
> > +
> > +MANILA (Reuters) - The Philippines said Sunday the United States was
> > +helping to track down the source of the ``Love Bug'' virus that ravaged
> > +computers worldwide and an official said the suspected hacker was a woman.
> >
> > Hey, I dont get it..really. If I released a virus, I would take some
> > precautions:
>
> Yes, I've often thought that the folks who pulled these tricks didn't
> hide well enough.  Makes me wonder how many of these things get out
> by accident.
>
> > 1. Every single bit of data is sent and received from cybercafes
> Anyone know what kind of tracking these cafes do?  I used to have
> to hand over my student ID in college to use the machines in their
> labs.  These places have cameras?
>
> I touch on this a bit in a rant I wrote a while ago:
> http://www.thievco.com/rants/trendysec.html
> (It's after the biometrics stuff.)
>
> > 2. All information submitted (realname, address etc) are fictious
> > 3. All sessions are executed from different cybercafes.
> > 4. Where possible, anonymizers are used to hide physical location.
> How about Zeroknowledge and similar services?
>
> > 5. Where real information (such as credit card information) are used, the
> > infor
> > mation is stolen.
> > 6. The attacker does discuss methods and actions with ANYONE - no silly
> > hacker
> >    handles are left anywhere.
>
> Yea, well they all seem to blow it on that count, don't they?
>
> > Eh? Now, tell me how the FBI could track me down? (oh BTW if some FBI dude is
> >
> > reading this, I sure like to hear some comments)
>
> I don't qualify as FBI.  My few comments though:
>
> -Everyone is aware that ISPs log caller ID info, right?
> -There's lots of IDS systems out there nowadays.. you'd
> be smart to be very careful about what systems you try
> to bounce off of.  Trying to use an anonymous machine as
> your true source is probably the only workable tactic.
> -Sanitize your malware.  I'm sure everyone knows about GUIDs
> now.