who's lulzing now?
anonomous.
A second suspect has admitted involvement in high profile attack last year against Sony Pictures website by notorious hacking crew LulzSec. Passwords and personal information leaked as a result of the breach in May 2011. The site was breached using an SQL injection attack, a common hacking technique, to extract personal …
But, doesn't that also require enhancement by using completely fresh and unrelated-to-the-user hardware?
I have since at least since 1993 suspected that there would come the day that motherboards would have embedded components that would seed or somehow tage outbound content, much like preambles/headers, or watermarking that later came out.
Eventually, we find that printer companies embedded not only codes in the hidden chips of printersand copiers, but that the fonts themselves are encoded differently for every printer. Anyone buying with traceable instruments and being taped on camera and then engeging in extortion, bribery, blackmail, wire fraud, murder threats, and so on -- especially those duplicating cash and certain cash instruments -- could be tracked down just by a magnifying glass or special decoding scanner, or prevented from copying certain currency. I at some point began to suspect that large copy shops were ideal for those onboard chips -- imagine if governments or conspiracy theory types of organizations wanted to KNOW what things people scanned or copied,. Those up to no good had better not use the rechargable cards or any scanner or copier hooked to a network or one with a hard drive in it. Even copmanies have seen their machines broken into for the hard drives.
Making a computer act as its own beacon is nothing new anymore, so, even using disposable NICs even to just peruse naughty content sites or evade certain marketing would be almost pointless -- those who continue using the one-time-only hardware get complacent and keep using it. Trying to hide from stealthy observers via proxies really depends on the user even changing typing speeds, diction, thought or speech patterns... And, avoid using topics or explanations as anecdotes since we humans tend to be fond of our recollections....
Ts & Cs from HideMyAss include the following:
"You must not misuse our site by knowingly introducing viruses, trojans, worms, logic bombs or other material which is malicious or technologically harmful."
and
"By breaching this provision, you would commit a criminal offence under the Computer Misuse Act 1990. We will report any such breach to the relevant law enforcement authorities and we will co-operate with those authorities by disclosing your identity to them. In the event of such a breach, your right to use our site will cease immediately."
Surely, it is obvious to everyone that companies offering goods and/or services will follow the laws of the countries in which they transact business?
Anonymizing proxy == NSA / FBI honey pot
How to avoid getting caught: put on Mission Impossible level disguise, travel to a different state, access sites from Internet cafe' not using any on-line resources you ever had any connection with, pay only cash for everything. Too much trouble? If you can't stand the time, don't do the crime.
"If i was that much of an idiot, i think i'd plead guilty as well."
You know, sometimes it's the idiots that plead innocent. Especially if the prosecution has really strong evidence. A guilty plea is more likely, by quite a bit, to get a lenient sentence from the judge, than is a hopeless defense in the face of overwhelming proof of guilt. In the case of a guilty plea, it seems as if the defendant is showing remorse and taking responsibility for his actions, whereas mounting a hopeless defense looks like the defendant lacks all remorse and is refusing to take responsibility for his actions, and generally still "trying to get away with it"... and so is worthy of a harsher sentence.
"I wouldn't have thought it'd hit hidemyass too hard since their competition is largely subject to the same rules i think?"
Quite.
People need to realize that "HideMyAss" is actually "HideMyAssFromMyParentsAndClassmates" and not "HideMyAssFromTheLaw".
Is there actually a requirement for people hosting these proxies to keep logs of the traffic? Seems counter productive for them to do so because of examples exactly like this showing up your service to be a waste of time.
Maybe all these 'chinese hackers' are actually just people from USA/Europe using proxies located in China to get beyond the reach of the FBI...
It largely depends on the jurisdiction you are connecting to, in Sweden they don't have to relinquish records on anyone unless their act could carry a two year jail term. It depends on company to company though, there are plenty that don't log all traffic, or hold logs for a short amount of time.
Though the primary advice would be: Don't be an idiot and hack something.
the primary advice would be: Don't be an idiot and hack something.
I've no problem with hacking per se, but hacking to get the personal info of some Sony competition winners? Give me a break, a list of people with so little cash or intelligence that they would give their details to Sony in order to win some piffling item?
Hacking Sony to transfer 1 beeeelion dollars out to various Cayman Islands bank accounts? Crazy clever. Hacking Sony to steal addresses of layabouts? Crazy stupid.
It's absolutely open for joking when the idiot use a proxy called hidemyass that is based in a country whose definition of privacy does not extend beyond government protection. It's further open when said idiot steals people's personal information and publishes it.
Although I was impacted personally; I can only hope that any pounding this idiot receives is on an appropriate level to those he bent over in his quest for personal growth.
If I was in charge of a major criminal investigation outfit like the FBI, I'd establish companies like "HideMyAss" just to find out who is using it. You really just don't know who's in control sometimes. The moral of the story is obvious, just don't do the crime and then you don't have anything to worry about.