- From: Zijyfe Duufop <zdoofop@gmail.com>
- Date: Wed, 31 Dec 2014 18:07:17 -0500
- To: Hadi Nahari <hnahari@nvidia.com>
- Cc: Colin Gallagher <colingallagher.rpcv@gmail.com>, "public-web-sec." <public-web-security@w3.org>
- Message-ID: <CAO+vDUQefFMAq458jdELXvKyaXLEo=Vu4LUvVSWghm6SigtPKg@mail.gmail.com>
Yes, admittedly I was a little late on this, but ask yourself: If chumps like those could use that site, who else is using it? Aerith? whoever hacked sony? maybe even the attacks on North Korea? On Wed, Dec 31, 2014 at 5:29 PM, Hadi Nahari <hnahari@nvidia.com> wrote: > Apparently one of them is already apprehended in the U.K. per Krebs: > > http://krebsonsecurity.com/2014/12/lizard-kids-a-long-trail-of-fail/ > > -Hadi > > On Dec 31, 2014, at 12:32 PM, Zijyfe Duufop <zdoofop@gmail.com> wrote: > > probably should be clearer: > *Michael Nieves* @*virus* <https://twitter.com/virus> > > These @*LizardMafia* <https://twitter.com/LizardMafia> chumps ripped > their "stresser" code from http://titaniumstresser.net > <http://t.co/BlL1YZSzXz> #*LizardSquad* > <https://twitter.com/hashtag/LizardSquad?src=hash> #*LizardMafia* > <https://twitter.com/hashtag/LizardMafia?src=hash> > > On Wed, Dec 31, 2014 at 3:17 PM, Zijyfe Duufop <zdoofop@gmail.com> wrote: > >> update: It appears I was mostly correct: titaniumstresser.net >> >> On Sun, Dec 28, 2014 at 6:21 PM, Zijyfe Duufop <zdoofop@gmail.com> wrote: >> >>> Oh, my mistake. In my first message I didn't mean new tech as in >>> gadgets, more like an app or program with the specs I gave. If I am >>> correct, all we would have to do would be to find this new >>> website/program/app and destroy it. I know it's a lot easier said than >>> done, but I thought I'd put it out there. >>> >>> On Sun, Dec 28, 2014 at 6:16 PM, Zijyfe Duufop <zdoofop@gmail.com> >>> wrote: >>> >>>> I'm not sure I understand. You started off with saying they are easy >>>> enough already and then went off on a tangent. >>>> >>>> On Sat, Dec 27, 2014 at 11:25 PM, Colin Gallagher < >>>> colingallagher.rpcv@gmail.com> wrote: >>>> >>>>> You're not missing much. I bet you have already seen the Norse >>>>> visualizations. What's bothersome is these attacks are so easy to pull off >>>>> that it's not even a "man-children" or "internet of things" attribution. So >>>>> the cost of association of a person or a group with a non-event becomes so >>>>> low that the fruit is lower hanging for most Tor devs to let players keep >>>>> playing them for attention that comes to Tor, rather that focusing on >>>>> silently addressing node and certificate authority issue problems. Which >>>>> they are, but with a sort of exaggerated sense of denial about the ongoing >>>>> attacks. >>>>> >>>>> Watch and get free entertainment as some dude from Mega throws >>>>> bazillions of credits around to "MAKE IT STOP" and then the hacks resume >>>>> again after money is received. Sad. >>>>> >>>>> As I've pointed out before the reason I wouldn't agree to participate >>>>> in Web Payments group or its conf calls was the ludicrous CLA which in many >>>>> ways literally said, "If you call in, all your ideas are belong to us >>>>> forever." Kind of like .... SONY >>>>> >>>>> so obv I never called in. >>>>> >>>>> Basically: >>>>> These firms / nonprofits (often tainted by too much exposure to the >>>>> infobleedment industry, eg Sony, Mega, Tor, etc) release funds to keep the >>>>> hacks going a bit longer. To get attention in a market that is getting >>>>> tougher (hell, look at slur.io's model - and they'll be gone soon >>>>> because they don't publish keys for gpg etc). The cybercybercyber attacks >>>>> (past few days mostly between US, China, with Russians watching and eating >>>>> popcorn according to NORSE) made ppl run around in circles in low places, >>>>> like Hollywood, White House, and a local garbage incinerator. >>>>> >>>>> I love my privacy (even tho I am contacting you today via gmail) but >>>>> for serious comnunications I use open source and serious crypto, not this >>>>> stuff. >>>>> >>>>> Ok ciao... happy new year >>>>> On Dec 27, 2014 4:35 PM, "Zijyfe Duufop" <zdoofop@gmail.com> wrote: >>>>> >>>>>> Something occured to me recently: >>>>>> >>>>>> As you know, there has been a rash of DDoS attacks on pretty much >>>>>> everything from XBox to North Korea. From what I understand, different >>>>>> hacker groups are claiming responsibility for nearly every single attack. >>>>>> >>>>>> Now, it occurs to me that the possibility that a bunch of hackers >>>>>> starting to form groups at around the same time is highly unlikely. >>>>>> However, there is another interesting, and more likely explanation: new >>>>>> tech. >>>>>> >>>>>> This tech would have to make DDoS so easy, your grandmother could do >>>>>> it. It would have to be affordable, reliable, adaptable, and known >>>>>> throughout the hacker community, but not necessarily to the general >>>>>> public. It would have to be run through a server in such a way that not >>>>>> one of the attacks used can be linked. And, most importantly, it would >>>>>> have to be intelligent enough to find a weak link in the destination and >>>>>> exploit it. If I am correct, then man-children in basements everywhere are >>>>>> trying to glorify themselves by taking down high profile targets and then >>>>>> boasting about it in a way that makes them seem bigger than they are. >>>>>> >>>>>> Am I completely wrong? Am I missing something? Is this not even >>>>>> news? Why do I feel like this is too obvious? >>>>>> >>>>> >>>> >>> >> > ------------------------------ > This email message is for the sole use of the intended recipient(s) and > may contain confidential information. Any unauthorized review, use, > disclosure or distribution is prohibited. If you are not the intended > recipient, please contact the sender by reply email and destroy all copies > of the original message. > ------------------------------ >
Received on Wednesday, 31 December 2014 23:08:05 UTC