Krebs Goes After The Target Hackers (and Snowden, Mental Suggestion/DPR, Safe Porn, Inside the Mind of a Snowden Critic)

LOLsnowden. http://i.imgur.com/FKSvijA.jpg

QOTD: “Beware people who exist for the sake of rules they don’t understand.” More on this at the bottom.

The Peter Parket of the Internet Underground continues to be a badass, first helping a small bank figure out which of its cards were compromised in the 40 million card Target breach, and then unmasking one Odessa publicity-hound crook who’s been selling them by the millions.

I kind of wonder where Krebs learned Russian so well. Because it seems (assuming he wasn’t getting “parallel” tips from a “source” in the signals intelligence complex) that he pulled this off based on an encyclopedic knowledge of the Russian-speaking Internet crime forum ecosystem.

The key break came when Krebs was able to find a post where the operator of the card-number store self-identified as “Hel” (Helkern), a former administrator of another forum. Helkern and friends had attracted the attention of some other hackers early in their careers; those hackers had doxxed Helkern and still had his personal photos published on their website.

Other forums on which “Helkern” was active provided an ICQ address that was associated with an email address which was associated with… one Andrey Hodirevski from Illichivsk, near Odessa, Ukraine. Said Hodirevski once ran a personal website explaining his life goals: get married, buy a $20,000 car, move to Helsinki, and achieve world domination.

Krebs got in touch with the guy… who promptly offered $10,000 not to post the article. Pwned.

Ultimately it looks like the crook was undone by the heavy reputation-based system in the underground, in which people’s credibility is determined by their willingness to link their current identity to past ones, and do it in public.

Snowden’s Christmas address… leaked, of course. https://leaksource.wordpress.com/2013/12/24/a-christmas-message-from-edward-snowden-video/

Gellman on the Snowden interview. http://origin.c.ooyala.com/s3NXIyajqBkM0yVD4y2TvSZrK33SuctB/DOcJ-FxaFrRg4gtDEwOjkzOjBrO47VbV.mp4

Wonder if some “mental suggestion” was at work here. http://www.news.com.au/technology/online/silk-road-pirate-ross-ulbricht-accuses-us-government-of-stealing-his-38million-bitcoin-booty/story-fnjwmwrh-1226789213977

Safe porn. This is some GORGEOUS craftsmanship, and the safes are modern, not ancient. http://www.doettling.com

Inside the mind of a Snowden critic. Catherine Fitzpatrick is fascinating — and not just because she and Appelbaum are attracted to the same blue-orange color scheme.

In essence, she says all this leaking is driven by Aspergers and pedantry, and that real human systems just don’t work like that. And in a certain sense she’s right — immersing yourself in computers quickly bends and warps your thinking in a way that blinds you to the workings of human systems.

Her mistake, of course, is a sort of tall poppy, or at least different poppy syndrome. Assuming that this blindness (or, in Snowden’s case, perspective, since he is clearly also aware of the human side) does not also reveal features of human systems that are invisible from the normal view. And that therefore, they should be instead re-educated and made to Conform And Obey Just Like The Rest Of Us. (Because You’re No Better Than The Rest Of Us, And Certainly No Better Than Me. In other words, the mindset of about 90% of Germany between 1934-1945, ditto Communism, etc. You must be part of the hive mind! Obey the hive mind! sorry, gotta take a moment and puke.)

Anyway, to look at her example of “law like a guillotine,” the law’s human flexibility is also what’s responsible for its frequent and grave injustices. Just as the application of law with computational inflexibility would also result in grave injustice.

Ultimately what Fitzpatrick seems to want is a society in which she can hand off responsibility to government and not have to worry about it. (A Strong Government Is The Only Way I’ll Be Safe From Criminals) What her stereotypical geek wants is a society in which they can hand off responsibility to abstract, mechanical rules and not have to worry about it. (I’ll Build A System That Protects Me From Criminals, And Everyone Will Follow It)

And the reality? While I’ve met people that fit both descriptions, most of us are smarter than that, and far more complex.
http://3dblogger.typepad.com/wired_state/2013/12/who-can-be-trusted-on-nsa-and-encryption.html

https://krebsonsecurity.com/2013/12/sources-target-investigating-data-breach/
https://krebsonsecurity.com/2013/12/cards-stolen-in-target-breach-flood-underground-markets/ https://krebsonsecurity.com/2013/12/whos-selling-credit-cards-from-target/

(too much to quote)

Advertisements
%d bloggers like this: