Hack Forums

I've been sharing conspiracies on reddit longer than this sub has been around. I have a story to tell.

This story is mostly crafted from my own experiences, my conversations with some of the people involved, and the rest is my own guesswork as I try to fill in the gaps...so bear with me!
That's why I wanted to share with this community, which I've watched grow over the years. I remember posting about the death of Barry Jennings (who witnessed explosions in the WTC on 9/11) the day after it happened. This was before /conspiracy (or right around when it was formed), and I remember thinking "we really need a sub for conspiracies on reddit!"
And here we are, 12 years later and over 1.3 million subscribers...incredible!
So...
My story starts with a young man. We'll call him Andrew.
Andrew grew up in the 90's in a coastal US town and quickly blossomed into a tech whiz at a young age.
He began building his own computers, and after a brief stint using Windows, he decided that Bill Gates was everything wrong with technology (and the world), and he made it his mission to make sure folks like Gates were NOT the future of computers.
He really believed that the use of technology was a fundamental human right, and that charging people for "proprietary" OS's that hid their source code was a violation of these rights.
He saw a possible Deus Ex-like future, with a technocracy literally around the corner if we didn't act now.
Andrew soon joined the Free Software Foundation and began rubbing elbows with the likes of Richard Stallman. He begun exclusively using GNU/Linux and was the type to correct you if you called it just "Linux". He also began visiting tech-savvy forums like slashdot and started networking in earnest.
By 2006 (his senior year of high school) Andrew was completely over his "education" and decided to just drop out completely.
Shockingly, a college accepted him anyway. A small East Coast school had been actively courting Andrew, and when they learned he had failed to get his HS diploma, they accepted him anyway!
Now sometime during this period Andrew went to Iceland and stayed in Reykjavik for several months.
This trip may have happened during the summer, fall, or early winter of 2006. The reason for his trip had something to do with his efforts in the FSF or similar group. The possible significance of this trip will become clear as we go on.
What is clear is that Andrew started college in the fall of 2006, and that the circumstances were unusual. Andrew soon met several like-minded individuals and began building a social and technological network at his school.
Two individuals in particular would become key players in his life (one more prominently in this story, but the other was significant as well), and eventually the 3 would live together in town for several years.
But for now let's stick with Andrew.
Andrew had an idea to build a social network for his college. Except, it wasn't just a network, it was a wiki for information about the school...and beyond. Soon, it began to morph into something much bigger in Andrew's mind.
He saw his project as being one of many data "hubs" for leaks of important documents and otherwise sensitive information.
So yeah, he saw the opportunity for a wiki for leaks (see where this is going yet...?).
As his ambitions grew, his behavior started to become increasingly erratic. He was caught with drugs and arrested. Strangely, the charges were pretty much dropped and he was given a slap on the wrist. Eventually he decided to leave the school, but still lived in town and had access to the servers on campus.
By 2010 Andrew was still living in the small town with his two "hacker" buddies, who were still enrolled at the school.
This house was in some ways legendary. It appears that many "interesting" people spent time at or visited the residence. Indeed, some of the early movers and shakers of /conspiracy itself passed through.
There was usually a full NO2 tank for anyone who was into that kinda thing, and they were stocked with every hallucinogen and research chemical known to man.
It was also likely under surveillance by multiple intelligence agencies (NSA/Mossad/etc).
Over time, the mental state of Andrew was slowly starting to deteriorate, which wasn't helped by his abuse of drugs.
Still, Andrew decided to move his base of operations to Europe, spending time in Belgium, the Czech Republic and elsewhere.
One of his housemates was soon to join him on his adventures in Europe and elsewhere abroad. We'll call him "Aaron."
Aaron had a very similar story and upbringing as Andrew. Aaron was also from a coastal US town and was born into privilege. He was also, supposedly, born into a family with some serious connections to intelligence agencies, including an uncle with ties to the NSA, and both parents connected to military brass.
By 2015, Andrew and Aaron were living together in the Czech Republic. During this time they were working directly and/or indirectly for the NSA (via Cisco and other companies).
You see, the "college" they met at was actually a front for the recruitment of kids into the IC. Apparently, many "schools" in the US function that way. Go figure.
Their intelligence and valuable skill set (hacking etc) made them valuable assets. They were also possibly involved with the distribution of certain "research chemicals" (of the 2C* variety) to dignitaries and their entourages (in one example, they provided 2CB to a group with David Cameron).
In addition, Andrew was allegedly involved with, or stumbled upon, an NSA-linked surveillance project directed at the entire country of Malaysia, while Aaron was involved with Cisco.
Aaron himself had gotten into hot water for releasing damaging information about the NSA, and even claimed to be an NSA whistleblower, and was also possibly the individual who leaked the 2014 (or 2015) Bilderberg meeting list.
And then things went bad. Andrew quit the Malaysia project and Aaron left Cisco. It seems Andrew and Aaron were "set up" during a fiery false flag event in the Czech Republic in 2015. It may have happened at an embassy, but it's unclear which. There is no information on the web about anything like this (afaik).
Aaron was immediately targeted and spent several years on the run. Allegedly, he was added to the list of victims in the so-called "Great Game".
The Great Game is the term used for an international assassination program where intelligence agencies share a list of targets to be neutralized. The German BND and Mossad are heavily involved, as other networks. Individuals targeted by the Great Game may be offed by actual assassins, or by NPC-like humans whose minds will be influenced by mind control tech (a la Matrix...say influencing someone to ram your car unwittingly ie).
As Aaron went on the lam, Andrew soon returned to the US, shell-shocked by his experience.
Both Andrew and Aaron continue to suffer from some sort of PTSD from these series of events, rendering Andrew largely incapacitated and Aaron scattered and discombobulated.
The Meat of the Matter
OK...where does that leave us? Why am I sharing all of this? I think there's much more to this story.
So let's start speculating! Everything I'm about to say is stuff that was told to me personally. I can't vouch for any of this information, though obviously I thought it was compelling enough to share.
Here's the gist: The so-called whistleblowers you see in the media are almost all fake.
This includes: Edward Snowden, Julian Assange, Thomas Drake and William Binney (hey look, his AMA is pinned on this sub right now...no comment!). These individuals, and others, are controlled opposition. The real whistleblowers are severely punished.
For example, Bradley Manning was punished with chemical castration in jail. His "transformation" was chemically induced torture.
Andrew was not alone in his passion. There were lots of other young visionaries like him who dreamed of a freer and more transparent world.
In this story, Julian Assange was an intelligence asset...a psyop meant to steal the thunder from real activists like Andrew.
In this story, a small college-based "wiki" for government leaks was used as the model for an intelligence operation known as "wikileaks".
In this story, Andrew traveled to Iceland at some point in 2006.
When was Wikileaks founded? Wikileaks was founded by Julian Assange in December 2006, in Iceland.
Aaron discovered (legally, like Manning who had clearance to access all the data he leaked) damning information about surveillance happening by the NSA, specifically against recruits entering the US army and elsewhere.
In this story, the "Andrew" identity was co-opted and turned into "Julian Assange", and "Aaron" became "Edward Snowden".
Granted, there were probably other people that these whistleblower imposters were modeled after, but Andrew and Aaron seem like very strong contenders for some of this inspiration.
Now, much of the following may be gobbledygook (lol I spelled that right first try!) for all I know, but since I'm having a really hard time making sense of it all, I'll just include everything I can and let you guys run with it.
Here are some phrases, ideas, terms and people of note that may be involved with this story...MODS: None of this is doxing! All of the links of people are wikipedia pages or published interviews/articles. So yeah. Not dox!
IN CONCLUSION
I don't know how these terms, theories and individuals fit into this story, but that they may be somehow related.
Hopefully there are enough bread crumbs in here to keep some of you busy!
Any help/insight would be appreciated. I confess I'm not so tech-minded so I can't offer any more explanation about some of the more techy terms.
Anyway, thanks for reading, and thanks for continuing to stimulate after all these years! It's really nice to see this place continuing to thrive after all of this time!
submitted by oomiak to conspiracy [link] [comments]

A few stories about Brian Krebs: The independent cybercrime journalist who exposes criminals on the internet

First, a bit of introduction before we get into the living drama that is Brian Krebs.
Brian Krebs has been a journalist for decades, starting in the late 90s. He got his start at The Washington Post, but what he's most famous for are his exposes on criminal businesses and individuals who perpetuate cyber crime worldwide. In 2001, he got his interest in cybercrime piqued when a computer worm locked him out of his own computer. In 2005, he shifted from working as a staff writer at The Washington Post's tech newswire to writing for their security blog, "Security Wire". During his tenure there, he started by focusing on the victims of cybercrime, but later also started to focus on the perpetrators of it as well. His reporting helped lead to the shutdown of McColo, a hosting provider who provided service to some of the world's biggest spammers and hackers. Reports analyzing the shutdown of McColo estimated that global spam volume dropped by between 40 and 70 percent. Further analysis revealed it also played host to child pornography sites, and the Russian Business Network, a major Russian cybercrime ring.
In 2009, Krebs left to start his own site, KrebsOnSecurity. Since then, he's been credited with being the first to report on major events such as Stuxnet and when Target was breached, resulting in the leakage of 40 million cards. He also regularly investigates and reveals criminals' identities on his site. The latter has made him the bane of the world of cybercrime, as well as basically a meme, where criminals will include references like Made by Brian Krebs in their code, or name their shops full of stolen credit cards after him.
One of his first posts on his new site was a selection of his best work. While not particularly dramatic, they serve as an excellent example of dogged investigative work, and his series reveal the trail of takedowns his work has documented, or even contributed to.
And now, a selection of drama involving Krebs. Note, all posts are sarcastically-tinged retellings of the source material which I will link throughout. I also didn't use the real names in my retellings, but they are in the source material. This took way too long to write, and it still does massively condense the events described in the series. Krebs has been involved with feuds with other figures, but I'd argue these tales are the "main" bits of drama that are most suited for here.

Fly on the Wall

By 2013, Krebs was no stranger to cybercriminals taking the fight to the real world. He was swatted previously to the point where the police actually know to give him a ring and see if there'd actually been a murder, or if it was just those wacky hackers at it again. In addition, his identity was basically common knowledge to cybercriminals, who would open lines of credit in his name, or find ways to send him money using stolen credit cards.
However, one particular campaign against him caught his eye. A hacker known as "Fly" aka "Flycracker" aka "MUXACC1" posted on a Russian-language fraud forum he administered about a "Krebs fund". His plan was simple. Raise Bitcoin to buy Heroin off of a darknet marketplace, address it to Krebs, and alert his local police via a spoofed phone call. Now, because Krebs is an investigative journalist, he develops undercover presences on cybercrime forums, and it just so happened he'd built up a presence on this one already.
Guys, it became known recently that Brian Krebs is a heroin addict and he desperately needs the smack, so we have started the "Helping Brian Fund", and shortly we will create a bitcoin wallet called "Drugs for Krebs" which we will use to buy him the purest heroin on the Silk Road. My friends, his withdrawal is very bad, let’s join forces to help the guy! We will save Brian from the acute heroin withdrawal and the world will get slightly better!
Fly had first caught Krebs' attention by taunting him on Twitter, sending him Tweets including insults and abuse, and totally-legit looking links. Probably either laced with malware, or designed to get Krebs' IP. He also took to posting personal details such as Krebs' credit report, directions to his house, and pictures of his front door on LiveJournal, of all places.
So, after spotting the scheme, he alerted his local police that he'd probably have someone sending him some China White. Sure enough, the ne'er-do-wells managed to raise 2 BTC, which at the time was a cool $200 or so. They created an account on the premiere darknet site at the time, The Silk Road under the foolproof name "briankrebs7". They found one seller who had consistently high reviews, but the deal fell through for unknown reasons. My personal theory is the seller decided to Google where it was going, and realized sending a gram of dope into the waiting arms of local law enforcement probably wasn't the best use of his time. Still, the forum members persevered, and found another seller who was running a buy 10 get 2 free promotion. $165 of Bitcoin later, the drugs were on their way to a new home. The seller apparently informed Fly that the shipment should arrive by Tuesday, a fact which he gleefully shared with the forum.
While our intrepid hero had no doubt that the forum members were determined to help him grab the tail of the dragon, he's not one to assume without confirmation, and enlisted the help of a graduate student at UCSD who was researching Bitcoin and anonymity on The Silk Road, and confirmed the address shared by Fly was used to deposit 2 BTC into an account known to be used for money management on the site.
By Monday, an envelope from Chicago had arrived, containing a copy of Chicago confidential. Taped inside were tiny baggies filled with the purported heroin. Either dedicated to satisfied customers, or mathematically challenged, the seller had included thirteen baggies instead of the twelve advertised. A police officer arrived to take a report and whisked the baggies away.
Now, Fly was upset that Krebs wasn't in handcuffs for drug possession, and decided to follow up his stunt by sending Krebs a floral arrangement shaped like a cross, and an accompanying threatening message addressed to his wife, the dire tone slightly undercut by the fact that it was signed "Velvet Crabs". Krebs' curiosity was already piqued from the shenanigans with the heroin, but with the arrival of the flowers decided to dive deeper into the сука behind things.
He began digging into databases from carding sites that had been hacked, but got his first major breakthrough to his identity from a Russian computer forensics firm. Fly had maintained an account on a now-defunct hacking forum, whose database was breached under "Flycracker". It turns out, the email Flycracker had used was also hacked at some point, and a source told Krebs that the email was full of reports from a keylogger Fly had installed on his wife's computer. Now, because presumably his wife wasn't part of, or perhaps even privy to her husband's illicit dealings, her email account happened to be her full legal name, which Krebs was able to trace to her husband. Now, around this time, the site Fly maintained disappeared from the web, and administrators on another major fraud forum started purging his account. This is a step they typically take when they suspect a member has been apprehended by authorities. Nobody knew for sure, but they didn't want to take any chances.
More research by Krebs revealed that the criminals' intuition had been correct, and Fly was arrested in Italy, carrying documents under an assumed name. He was sitting in an Italian jail, awaiting potential extradition to the United States, as well as potentially facing charges in Italy. This was relayed to Krebs by a law enforcement official who simply said "The Fly has been swatted". (Presumably while slowly removing a pair of aviator sunglasses)
While Fly may have been put away, the story between Krebs and Fly wasn't quite over. He did end up being extradited to the US for prosecution, but while imprisoned in Italy, Fly actually started sending Krebs letters. Understandably distrustful after the whole "heroin" thing, his contacts in federal law enforcement tested the letter, and found it to be clean. Inside, there was a heartfelt and personal letter, apologizing for fucking with Krebs in so many ways. He also forgave Krebs for posting his identity online, leading him to muse that perhaps Fly was working through a twelve-step program. In December, he received another letter, this time a simple postcard with a cheerful message wishing him a Merry Christmas and a Happy New Year. Krebs concluded his post thusly:
Cybercrooks have done some pretty crazy stuff to me in response to my reporting about them. But I don’t normally get this kind of closure. I look forward to meeting with Fly in person one day soon now that he will be just a short train ride away. And he may be here for some time: If convicted on all charges, Fly faces up to 30 years in U.S. federal prison.
Fly ultimately was extradited. He plead guilty and was sentenced to 41 months in jail

vDOS and Mirai Break The Internet

Criminals are none too happy when they find their businesses and identities on the front page of KrebsOnSecurity. It usually means law enforcement isn't far behind. One such business was known as vDOS. A DDOS-for-hire (also known as a "booter" or a "stresser") site that found itself hacked, with all their customer records still in their databases leaked. Analysis of the records found that in a four-month time span, the service had been responsible for about 8.81 years worth of attack time, meaning on average at any given second, there were 26 simultaneous attacks running. Interestingly, the hack of vDOS came about from another DDOS-for-hire site, who as it turns out was simply reselling services provided by vDOS. They were far from the only one. vDOS appeared to provide firepower to a large number of different resellers.
In addition to the attack logs, support messages were also among the data stolen. This contained some complaints from various clients who complained they were unable to launch attacks against Israeli IPs. This is a common tactic by hackers to try and avoid unwanted attention from authorities in their country of residence. This was confirmed when two men from Israel were arrested for their involvement in owning and running vDOS. However, this was just the beginning for this bit of drama.
The two men arrested went by the handles "applej4ck" and "Raziel". They had recently published a paper on DDOS attack methods in an online Israeli security magazine. Interestingly, on the same day the men were arrested, questioned, and released on bail, vDOS went offline. Not because it had been taken down by Israeli authorities, not because they had shut it down themselves, but because a DDOS protection firm, BackConnect Security, had hijacked the IP addresses belonging to the company. To spare a lot of technical detail, it's called a BGP hijack, and it basically works by a company saying "Yeah, those are our addresses." It's kind of amazing how much of the internet is basically just secured by the digital equivalent of pinky swears. You can read some more technical detail on Wikipedia. Anyway, we'll get back to BackConnect.
Following the publication of the story uncovering the inner workings of vDOS, KrebsOnSecurity was hit with a record breaking DDOS attack, that peaked at 620/Gbps, nearly double the most powerful DDOS attack previously on record. To put that in perspective, that's enough bandwidth to download 5 simultaneous copies of Interstellar in 4K resolution every single second, and still have room to spare. The attack was so devastating, Akamai, one of the largest providers of DDOS protection in the world had to drop Krebs as a pro bono client. Luckily, Google was willing to step in and place his site under the protection of Google's Project Shield, a free service designed to protect the news sites and journalists from being knocked offline by DDOS attacks.
This attack was apparently in retaliation for the vDOS story, since some of the data sent in the attack included the string "freeapplej4ck". The attack was executed by a botnet of Internet of Things (or IoT) devices. These are those "smart" devices like camera systems, routers, DVRs. Basically things that connect to the cloud. An astounding amount of those are secured with default passwords that can be easily looked up from various sites or even the manufacturers' websites. This was the start of a discovery of a massive botnet that had been growing for years.
Now time for a couple quick side stories:
Dyn, a company who provides DNS to many major companies including Twitter, Reddit, and others came under attack, leaving many sites (including Twitter and Reddit) faltering in the wake of it. Potentially due to one of their engineers' collaboration with Krebs on another story. It turned out that the same botnet that attacked Krebs' site was at least part of the attack on Dyn
And back to BackConnect, that DDOS protection firm that hijacked the IP addresses from vDOS. Well it turns out BGP Hijacks are old hat for the company. They had done it at least 17 times before. Including at least once (purportedly with permission) for the address 1.3.3.7. Aka, "leet". It turns out one of the co-founders of BackConnect actually posted screenshots of him visiting sites that tell you your public IP address in a DDOS mitigation industry chat, showing it as 1.3.3.7. They also used a BGP Hijack against a hosting company and tried to frame a rival DDOS mitigation provider.
Finally, another provider, Datawagon was interestingly implicated in hosting DDOS-for-hire sites while offering DDOS protection. In a Skype conversation where the founder of Datawagon wanted to talk about that time he registered dominos.pizza and got sued for it, he brings up scanning the internet for vulnerable routers completely unprompted. Following the publication of the story about BackConnect, in which he was included in, he was incensed about his portrayal, and argued with Krebs over Skype before Krebs ultimately ended up blocking him. He was subsequently flooded with fake contact requests from bogus or hacked Skype accounts. Shortly thereafter, the record-breaking DDOS attack rained down upon his site.
Back to the main tale!
So, it turns out the botnet of IoT devices was puppeteered by a malware called Mirai. How did it get its name? Well, that's the name its creator gave it, after an anime called Mirai Nikki. How did this name come to light? The creator posted the source code online. (The name part, not the origin. The origin didn't come 'til later.) The post purported that they'd picked it up from somewhere in their travels as a DDOS industry professional. It turns out this is a semi-common tactic when miscreants fear that law enforcement might come looking for them, and having the only copy of the source code of a malware in existence is a pretty strong indicator that you have something to do with it. So, releasing the source to the world gives a veneer of plausible deniability should that eventuality come to pass. So who was this mysterious benefactor of malware source? They went by the name "Anna-senpai".
As research on the Mirai botnet grew, and more malware authors incorporated parts of Mirai's source code into their own attacks, attention on the botnet increased, and on the people behind it. The attention was presumably the reason why Hackforums, the forum where the source code was posted, later disallowed ostensible "Server Stress Tester" services from being sold on it. By December, "Operation Tarpit" had wrought 34 arrests and over a hundred "knock and talk" interviews questioning people about their involvement.
By January, things started to come crashing down. Krebs published an extensive exposé on Anna-senpai detailing all the evidence linking them to the creation of Mirai. The post was so big, he included a damn glossary. What sparked the largest botnet the internet had ever seen? Minecraft. Minecraft servers are big business. A popular one can earn tens of thousands of dollars per month from people buying powers, building space, or other things. It's also a fiercely competitive business, with hundreds of servers vying for players. It turns out that things may have started, as with another set of companies, two rival DDOS mitigation providers competing for customers. ProTraf was a provider of such mitigation technology, and a company whose owner later worked for ProTraf had on at least one occasion hijacked addresses belonging to another company, ProxyPipe. ProxyPipe had also been hit with DDOS attacks they suspected to be launched by ProTraf.
While looking into the President of ProTraf, Krebs realized he'd seen the relatively uncommon combination of programming languages and skills posted by the President somewhere else. They were shared by Anna-senpai on Hackforums. As Krebs dug deeper and deeper into Anna-senpai's online presence, he uncovered other usernames, including one he traced to some Minecraft forums where a photoshopped picture of a still from Pulp Fiction contained the faces of BackConnect, which was a rival to ProTraf's DDOS mitigation business, and another face. A hacker by the name of Vyp0r, who another employee of ProTraf claimed betrayed his trust and blackmailed him into posting the source of another piece of malware called Bashlite. There was also a third character photoshopped into the image. An anime character named "Yamada" from a movie called B Gata H Hei.
Interestingly, under the same username, Krebs found a "MyAnimeList" profile which, out of 9 titles it had marked as watched, were B Gata H Hei, as well as Mirai Nikki, the show from which Mirai derived its name. It continues on with other evidence, including DDOS attacks against Rutgers University, but in short, there was little doubt in the identity of "Anna-senpai", but the person behind the identity did contact Krebs to comment. He denied any involvement in Mirai or DDOS attacks.
"I don’t think there are enough facts to definitively point the finger at me," [Anna-senpai] said. "Besides this article, I was pretty much a nobody. No history of doing this kind of stuff, nothing that points to any kind of sociopathic behavior. Which is what the author is, a sociopath."
He did, however, correct Krebs on the name of B Gata H Kei.
Epilogue
Needless to say, the Mirai botnet crew was caught, but managed to avoid jailtime thanks to their cooperation with the government. That's not to say they went unpunished. Anna-senpai was sentenced to 6 months confinement, 2500 hours of community service, and they may have to pay up to $8.6 million in restitution for their attacks on Rutgers university.

Other Stories

I don't have the time or energy to write another effortpost, and as is I'm over 20,000 characters, so here's a few other tidbits of Krebs' clashes with miscreants.
submitted by HereComesMyDingDong to internetdrama [link] [comments]

Monero Subreddit Stats from last year.

Submissions Comments
Total 994 49530
Rate (per day) 2.73 135.74
Unique Redditors 582 8080
Combined Score 161184 231580

Top Submitters' Top Submissions

  1. 5300 points, 33 submissions: dEBRUYNE_1
    1. Monero GUI 0.12.0.0 "Lithium Luna" Megathread - Download links, instructions for upgrading, guide on how to get started, and guides to resolve common issues (missing a transaction / zero balance, freezing / buggy GUI, transaction stuck as pending, and GUI using all bandwidth) (386 points, 833 comments)
    2. [Reminder] monero is not the appropriate place to discuss the BTC/BCH debate (319 points, 73 comments)
    3. General information regarding the upcoming scheduled network upgrade and a call for community action (305 points, 223 comments)
    4. GUI v0.12.2.0 released! (299 points, 243 comments)
    5. Announcement - Proof-of-Work tweak and a note on key reuse (295 points, 250 comments)
    6. GUI v0.12.3.0 (with direct Ledger support) released! (280 points, 386 comments)
    7. Bitfinex reduces Monero withdrawal fees from 0.04 to 0.0001 XMR! (272 points, 9 comments)
    8. Poloniex also reduces Monero withdrawal fees to 0.0001 XMR! (220 points, 17 comments)
    9. Preliminary information thread regarding the scheduled protocol upgrade of October 18 (214 points, 208 comments)
    10. CLI v0.12.3.0 released! (195 points, 78 comments)
  2. 4228 points, 24 submissions: OsrsNeedsF2P
    1. Saying you don't need privacy because you have nothing to hide is like saying you don't need free speech because you have nothing to say. It's a right to everyone - It's a right to you, me, and even Mark Zuckerberg. (581 points, 138 comments)
    2. The official Fortnite Merch Store is accepting exclusively Monero as a cryptocurrency payment option... (445 points, 80 comments)
    3. Can we stop being assholes to newbies? (359 points, 94 comments)
    4. With all this Monero "is less untraceable than previously thought" FUD, let's all remember that huge fucking bounty of $$$ for anyone who can trace the origin of one of the devs transactions.. (343 points, 131 comments)
    5. Ever wanted to know how Monero is still around today? Well now you don't have to! This post has it all =D (297 points, 66 comments)
    6. Coinmarketcap shows Freewallet as a Monero wallet. Guys, whatever you do.. Don't use Freewallet. It's a scam. (286 points, 93 comments)
    7. SEC wants decentralized exchange creators to register as exchanges. Lol (182 points, 111 comments)
    8. "Please do your part in demanding exchanges to lower their XMR withdraw fee. I am submitting a complaint to Coinex who currently charge 0.04 XMR" - [x-post from /xmrtrader] (169 points, 43 comments)
    9. Can we get some appreciation for the people who maintain the Monero packages on Arch Linux? There are so many available, and every single one I've checked either make the package from source or validate the checksum. Amazing work <3 (156 points, 19 comments)
    10. [WARNING] DROPIL recently made a post announcing support for Monero. MOVE YOUR FUNDS if you used them!!! (119 points, 5 comments)
  3. 3954 points, 13 submissions: KnifeOfPi2
    1. Did John McAfee just sell all of his Monero?? (1277 points, 107 comments)
    2. We need to stop thinking about Monero as a “privacy coin.” (511 points, 200 comments)
    3. Selsta and I just completed the first Ledger-to-Ledger mainnet transactions ever. He sent me 0.1 XMR and I sent 0.4 XMR back. (482 points, 103 comments)
    4. Monero network hashrate just hit 1GH/s! (463 points, 166 comments)
    5. An upcoming Monero project: Render the entire blockchain. Here's a selection of blocks that we've done so far, in an early stage. (224 points, 31 comments)
    6. In Stunning Move, Bitmain Announces It's Launching A Doorstopper Business (193 points, 48 comments)
    7. Another red flag for X Wallet: The source code is incomplete. (190 points, 63 comments)
    8. MONERO IS DEAD! LONG LIVE MONERO! (155 points, 25 comments)
    9. Lithium Luna GUI released! (118 points, 66 comments)
    10. Cake Wallet - introducing Zendesk support! (100 points, 13 comments)
  4. 2421 points, 22 submissions: SamsungGalaxyPlayer
    1. Kasisto POS in 22 seconds (366 points, 76 comments)
    2. "Kudelski Security completed their [bulletproof] report. They found only a few minor issues that are trivial to correct, and no major issues." Overall, a huge win for Monero, bulletproofs, and privacy. Full report will be published soon. (338 points, 100 comments)
    3. Network upgrade scheduled for block 1544555 on 28 March (210 points, 56 comments)
    4. Fungibility is determined by the LOWEST common denominator of privacy, NOT the highest. Monero absolutely excels here. (103 points, 37 comments)
    5. [Discussion] Move to a Fixed Ringsize (102 points, 85 comments)
    6. The Monero Malware Response workgroup website is up! Direct people whose machines have been compromised here! (101 points, 22 comments)
    7. MoneroV: A Trap Laid for Monero Users? (93 points, 45 comments)
    8. Want to get the GUI point release faster? Help translate! (91 points, 18 comments)
    9. Introducing the Breaking Monero Series! (86 points, 26 comments)
    10. ShapeShift is moving to a membership model and will require personal information soon (83 points, 86 comments)
  5. 2295 points, 16 submissions: pinkphloid
    1. Cake Wallet - OPEN SOURCE - Here it is! (383 points, 167 comments)
    2. Our Monero wallet called CAKEWALLET for iOS is live! Please check the link to the Apple App Store below. (347 points, 379 comments)
    3. [MANDATORY UPDATE] Cake Wallet Version 3.0.9 - Network Upgrade Ready! (227 points, 19 comments)
    4. [UPDATE] Cake Wallet version 3.1.4, now with XMR.TO for exchanging XMR to BTC! (133 points, 15 comments)
    5. Cake Wallet - 10,000 unique downloads! (132 points, 29 comments)
    6. Thank for the positive feedback on Cake Wallet! (127 points, 62 comments)
    7. The new Cake Wallet Update version 3.0.1 is out now! (120 points, 50 comments)
    8. [UPDATE] CAKE WALLET 3.1.1 with Monero v0.13.0.4 and other stuff (118 points, 32 comments)
    9. Cake Wallet - UPDATE! (108 points, 75 comments)
    10. CAKE WALLET - new version live now with NEW FEATURES! (102 points, 97 comments)
  6. 2042 points, 16 submissions: Rehrar
    1. Core Team Announcement (344 points, 45 comments)
    2. Project FOSS (212 points, 37 comments)
    3. Write down your seed (200 points, 93 comments)
    4. Bulletproof audit needs some more funding. Details in the comments. (170 points, 55 comments)
    5. Extremely thorough introduction to Monero by cypherperro. Take a look. (122 points, 18 comments)
    6. Defcon Monero Village Update and Summary (116 points, 22 comments)
    7. MRL Bulletproof audit FFS request (115 points, 30 comments)
    8. I, rehrar,went on a YouTube show to talk about Morono (113 points, 28 comments)
    9. Fund the fundings! (107 points, 16 comments)
    10. The anonimal appreciation thread! (107 points, 21 comments)
  7. 1978 points, 15 submissions: Vespco
    1. Edward Snowden on Bitcoin Interview 2018 (at 50 minutes, he says that a traceable public ledger is a bigger problem then scalability) (362 points, 88 comments)
    2. Putting this on my invoices seems like a good way for me to promote Monero, give my customers a discount, & help me acquire more Monero. (325 points, 101 comments)
    3. It's fun to be a part of the Monero economy! (179 points, 26 comments)
    4. Honest Government Ad | Anti Encryption Law (178 points, 32 comments)
    5. Jeez, not much real conversation in here. Just junky news links. (129 points, 76 comments)
    6. The New York State Department of Financial Services just approved the trading of privacy-protecting cryptocurrency. | Coin Center (124 points, 11 comments)
    7. A good way to explain the importance of fungibility to the laymen: Bitcoin Roulette (99 points, 45 comments)
    8. Why I love Botnet & Browser Mining. (86 points, 39 comments)
    9. This needs more praise & attention: An Open Source, Client Side JS implementation that makes monero multisig fairly easy. Github link in comments. (82 points, 14 comments)
    10. Could we get even more cryptographers researching for Monero? (77 points, 31 comments)
  8. 1846 points, 14 submissions: SarangNoether
    1. Bulletproofs: let's raise some funds! (295 points, 94 comments)
    2. January monthly report from Sarang Noether (237 points, 39 comments)
    3. Bulletproofs: The Paper Strikes Back (153 points, 32 comments)
    4. July monthly report from Sarang Noether (142 points, 20 comments)
    5. March monthly report from Sarang Noether (129 points, 22 comments)
    6. August monthly report from Sarang Noether (122 points, 33 comments)
    7. February monthly report from Sarang Noether (119 points, 27 comments)
    8. Sarang is up for three more months! (107 points, 30 comments)
    9. October monthly report from Sarang Noether (102 points, 26 comments)
    10. September monthly report from Sarang Noether (99 points, 25 comments)
  9. 1470 points, 4 submissions: TheFuzzStone
    1. "I do not have any Bitcoin" (1182 points, 96 comments)
    2. Fluffypony at Consensus 2018 (134 points, 33 comments)
    3. Time for Monero "killers"! :-) (91 points, 34 comments)
    4. XMR.RU-report (March) (63 points, 14 comments)
  10. 1468 points, 5 submissions: philkode
    1. Overstock.com accepting Monero (and ETH, BCH, LTC, DASH) (499 points, 36 comments)
    2. Happy 4th Birthday Monero! 🎂🎉🎁 (455 points, 62 comments)
    3. Monero has been added to Debian unstable repo as of yesterday. (321 points, 52 comments)
    4. “Unhackable” BitFi wallet just got hacked (xpost /cryptocurrency) (130 points, 41 comments)
    5. X Wallet to App Store (Soon™) (63 points, 67 comments)

Top Commenters

  1. dEBRUYNE_1 (3762 points, 1243 comments)
  2. KnifeOfPi2 (3311 points, 347 comments)
  3. OsrsNeedsF2P (3189 points, 505 comments)
  4. fluffyponyza (3027 points, 272 comments)
  5. gingeropolous (2554 points, 320 comments)
  6. cryptochangements34 (2522 points, 261 comments)
  7. SarangNoether (2269 points, 185 comments)
  8. SamsungGalaxyPlayer (2108 points, 221 comments)
  9. john_alan (1993 points, 218 comments)
  10. smooth_xmr (1944 points, 279 comments)

Top Submissions

  1. Did John McAfee just sell all of his Monero?? by KnifeOfPi2 (1277 points, 107 comments)
  2. Paypal shares your personal data with over 600 companies! That's why we need Monero! by 0xf3e (1184 points, 146 comments)
  3. "I do not have any Bitcoin" by TheFuzzStone (1182 points, 96 comments)
  4. Found In Warsaw - Don't Buy Monero: Cryptocurrencies harm the banking system and can weaken the government by SecretApe (1114 points, 110 comments)
  5. Monero transactions are about to get 80% cheaper and faster. by WillMTB (1056 points, 120 comments)
  6. Bye bye ASICs by Swericor (874 points, 380 comments)
  7. Upvote if you would like to see @fluffyponyza as a guest on Joe Rogan Podcast by xmr_karnal (840 points, 44 comments)
  8. All right, my cat had kittens and I just realised one of them has Monero-like logo on its head 😂😂 by JNKO266 (817 points, 79 comments)
  9. Credit, where credit is due! by Experts-say (796 points, 53 comments)
  10. Yesterday I thought it might be fun to create some vintage crypto posters for a handful of coins. This was the first one I came up with. Bonus points if you spot similarities from an old movie by Beemoe4 (722 points, 67 comments)

Top Comments

  1. 495 points: mr670wl's comment in Found In Warsaw - Don't Buy Monero: Cryptocurrencies harm the banking system and can weaken the government
  2. 474 points: kieranc001's comment in Monero Zero looks like a scam, can you please confirm?
  3. 380 points: deleted's comment in Found In Warsaw - Don't Buy Monero: Cryptocurrencies harm the banking system and can weaken the government
  4. 356 points: deleted's comment in Ledger Hardware Wallet - Monero integration : some news #6
  5. 331 points: last_of_the_romans's comment in Monero transactions are about to get 80% cheaper and faster.
  6. 323 points: svenroy777's comment in "I do not have any Bitcoin"
  7. 311 points: deleted's comment in Did John McAfee just sell all of his Monero??
  8. 255 points: KnifeOfPi2's comment in Monero transactions are about to get 80% cheaper and faster.
  9. 237 points: live9free1or1die's comment in Banning privacy coins because of terrorism/drugs/laundering is like banning people from being allowed to have sex in privacy because pedophiles also like privacy.
  10. 203 points: fluffyponyza's comment in Botnets are Ruining the Integrity of the Monero Network
Generated with BBoe's Subreddit Stats (Donate)
Inspired by a post I found on /Pivx by turtleflax.
submitted by OsrsNeedsF2P to Monero [link] [comments]

Can i catch a modder with Wireshark? (PC)

April 22nd, 2017 New Working Trick to fight modders*: Reencode their mod menu executables to make it look like a virus on VirusTotal.com, causing their own mods to get deleted by Windows Defender:
https://github.com/tanc7/ModMenuPoisoneraw/masteModMenusRuined.jpg
Isn't that sexy?
It's a really simple trick too! Here is a How-To-Video:
https://raw.githubusercontent.com/tanc7/ModMenuPoisonemasteHowToUseModMenuPoisoner.webm
You need Kali Linux with Metasploit Framework Installed, a VM version for simple users is right here:
https://www.offensive-security.com/kali-linux-vmware-virtualbox-image-download/
Then download VirtualBox:
https://www.virtualbox.org/wiki/Downloads
Then run VirtualBox with Kali Linux as a virtual machine and download my toolkit:
https://github.com/tanc7/ModMenuPoisoner
  1. Copy/paste the unzipped file directory of the mod menu
  2. Take the re-encoded file that now looks like a virus and submit it to VirusTotal: https://virustotal.com/
  3. Wait up to 2 to 3 weeks, eventually a antivirus update is pushed to users on Windows 8 and 10 machines, Windows Defender will auto-flag the menu executable as a virus and "kill it".
Video: Installation my Mod Menu Poisoner in Kali Linux, for total Linux Newbies
https://raw.githubusercontent.com/tanc7/ModMenuPoisonemasteHowToInstallandUseForTotalNewbies.webm
OLD STUFF
I rewrote the post after my discovery of how the network traffic works. The answer in short, unfortunately, is NO. But R* can detect it. I will assure you.
From several tests, there are NO distinguishable traffic from the UDP protocol, in a public lobby that allows you to identify a modder, if you are being harassed by one.
However, I tested two mod menus on my decoy account (I have two Steam accounts, and two Rockstar Social Club Accounts). The one thing that is significant is that there is a suspicious communication to the Rockstar servers. Mod menus generate DTLSv1.0 packets. Sent to Rockstar's servers at "192.81.241.100 prod.ros.rockstargames.com". Playing the game legitimately, no DTLSv1.0 packets are sent. But if you load a mod menu, Rockstar knows.
The problem is, it is traffic going to the dedicated Game Service Servers. You, as a random person in a public lobby, will not be able to see it.
TLDR... Let Rockstar catch and ban modders. You will never find them
They are doing a pretty decent job. According to MPGH chatter, since four days ago a lot of the mod developers are pulling out of implementing money hacks into the game. As they cannot find a way to get past R* Anticheat yet. http://www.mpgh.net/forum/forumdisplay.php?f=414
I tested the one with the "Safe Money Drop". My decoy account got banned for 30 days.
But you could be a real creepster. And tell people with unprotected (no VPN no proxy) internet connections, what city and state they live in. That still works.
How to do that? I tested it on 5 different people already, all my friends.
In-game, you have to be following the player around. The closer you are with the player, the more bytes are generated and sent between your IP and theirs. That helps you distinguish their IP from anyone else's.
Now
Start Wireshark capture Statistics Endpoints Bytes Tab (Sort by highest) Your highest NON-LOCAL IP on ports 6672 (UDP, most players have traffic through this) is the player's IP
Using that IP, you can choose to either click the Name Resolution Checkbox on the bottom left of the Endpoints window. Or, you can just Google it.
The potential of this vulnerability? DO NOT DO THIS
Lets say you wanted to be a douchelord or something, and you don't like another player. Keep GTA V running in Windowed Mode, fire up wireshark, start capture. Locate the player IN-GAME and follow him around for at least one or two minutes.
After you positively identified the player's IP (using the bytes-captured method on port 6672), you can attack it with a subscription DDoS/DoS Botnet provider. Also known as a "stresser" or "booter" for obvious reasons. (Note: they only accept either BitCoin or PayPal, I hate both of them). A few examples...
(1) Defiance Protocol
(2) Thunder Stresser
(3) PolyStress
(4) Stress3d.me
(5) DataBooter
(6) ExoStresser
What does it do if you choose to do this?
Well, first of all, even though they are known as booters or stressers, they initiate a Denial of Service attack on the victim machine. That means even if you left the session (you better), you can initiate the attack. It will shutdown their entire home network for a X amount of ms, just enough to kick someone, including the host of the lobby, out of the session.
All you need to know to launch the attack is...
(a)The IP address of victim machine
(b)The Port you want to attack (port 6672)
(c)The method of attack (chose one that is relevant to the protocol), like TCPStorm, DOMINATE, SYNFLOOD, etc.
Seriously, don't do it. All I figured out is how to stalk my friends on GTA V. I have yet to even learn how to decrypt the captured GVSP data. If you want to catch modders on your own, you need to crack that hash. Seems like there is a new key generated a session. Hopefully R* in GTA VI will patch this vulnerability.
GOOD LUCK,
DON'T DoS people,
and GO sign up for a VPN or Proxy, RIGHT NOW.
Stuff Online on DTLSv1.0 Traffic
https://wiki.wireshark.org/DTLS
DTLS is a SSL Protocol that is compatible through UDP. It can be used to create SSH Tunnels back to R* Servers.
Since the last thing a mod developer wants to do is give R* all of your info willingly, I am assuming that this DTLS traffic is part of the anticheat mechanism implemented by R*.
DTLS traffic, as of yet, cannot be filtered by capture alone. However, you simply just look at the packet, and then filter the UDP traffic and port to display the majority of DTLS traffic.
Example Packet Summary:
Modder Machine To RockstaTake Two Interactive, New York, New York Upon Use of a Mod
Frame 204: 151 bytes on wire (1208 bits), 151 bytes captured (1208 bits) on interface 0 Interface id: 0 Censored TO Avoid MAC Ban Encapsulation type: Ethernet (1) Arrival Time: Jan 19, 2017 18:23:39.836486000 Pacific Standard Time [Time shift for this packet: 0.000000000 seconds] Epoch Time: 1484879019.836486000 seconds [Time delta from previous captured frame: 0.002543000 seconds] [Time delta from previous displayed frame: 0.002543000 seconds] [Time since reference or first frame: 1.598633000 seconds] Frame Number: 204 Frame Length: 151 bytes (1208 bits) Capture Length: 151 bytes (1208 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:udp:dtls] [Coloring Rule Name: UDP] [Coloring Rule String: udp] Ethernet II, Censored TO Avoid MAC Ban Internet Protocol Version 4, Src: 10.0.1.113 (10.0.1.113), Dst: prod.ros.rockstargames.com (192.81.241.100) User Datagram Protocol, Src Port: 58016 (58016), Dst Port: 61457 (61457) Datagram Transport Layer Security
Modder Machine To Victim Machine Upon Giving Him All Weapons from Mod Menu. Victim is from Miami, Florida
Frame 210: 101 bytes on wire (808 bits), 101 bytes captured (808 bits) on interface 0 Interface id: 0 Censored TO Avoid MAC Ban Encapsulation type: Ethernet (1) Arrival Time: Jan 19, 2017 18:23:39.887777000 Pacific Standard Time [Time shift for this packet: 0.000000000 seconds] Epoch Time: 1484879019.887777000 seconds [Time delta from previous captured frame: 0.000169000 seconds] [Time delta from previous displayed frame: 0.000169000 seconds] [Time since reference or first frame: 1.649924000 seconds] Frame Number: 210 Frame Length: 101 bytes (808 bits) Capture Length: 101 bytes (808 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:udp:gvsp] [Coloring Rule Name: UDP] [Coloring Rule String: udp] Ethernet II, Censored TO Avoid MAC Ban Internet Protocol Version 4, Src: 10.0.1.113 (10.0.1.113), Dst: c-75-74-37-8.hsd1.fl.comcast.net (75.74.37.8) User Datagram Protocol, Src Port: vision_server (6672), Dst Port: vision_server (6672) Source Port: vision_server (6672) Destination Port: vision_server (6672) Length: 67 Checksum: 0x7c17 [unverified] [Checksum Status: Unverified] [Stream index: 2] GigE Vision Streaming Protocol Undecoded byte number: 50 (0x0030+2) Undecoded byte number: 51 (0x0030+3) Undecoded byte number: 52 (0x0030+4) Undecoded byte number: 53 (0x0030+5) Undecoded byte number: 54 (0x0030+6) Undecoded byte number: 55 (0x0030+7) Undecoded byte number: 56 (0x0030+8) Undecoded byte number: 57 (0x0030+9) Undecoded byte number: 58 (0x0030+10) Undecoded byte number: 59 (0x0030+11) Undecoded byte number: 60 (0x0030+12) Undecoded byte number: 61 (0x0030+13) Undecoded byte number: 62 (0x0030+14) Undecoded byte number: 63 (0x0030+15) Undecoded byte number: 64 (0x0040+0) Undecoded byte number: 65 (0x0040+1) Undecoded byte number: 66 (0x0040+2) Undecoded byte number: 67 (0x0040+3) Undecoded byte number: 68 (0x0040+4) Undecoded byte number: 69 (0x0040+5) Undecoded byte number: 70 (0x0040+6) Undecoded byte number: 71 (0x0040+7) Undecoded byte number: 72 (0x0040+8) Undecoded byte number: 73 (0x0040+9) Undecoded byte number: 74 (0x0040+10) Undecoded byte number: 75 (0x0040+11) Undecoded byte number: 76 (0x0040+12) Undecoded byte number: 77 (0x0040+13) Undecoded byte number: 78 (0x0040+14) Undecoded byte number: 79 (0x0040+15) Undecoded byte number: 80 (0x0050+0) Undecoded byte number: 81 (0x0050+1) Undecoded byte number: 82 (0x0050+2) Undecoded byte number: 83 (0x0050+3) Undecoded byte number: 84 (0x0050+4) Undecoded byte number: 85 (0x0050+5) Undecoded byte number: 86 (0x0050+6) Undecoded byte number: 87 (0x0050+7) Undecoded byte number: 88 (0x0050+8) Undecoded byte number: 89 (0x0050+9) Undecoded byte number: 90 (0x0050+10) Undecoded byte number: 91 (0x0050+11) Undecoded byte number: 92 (0x0050+12) Undecoded byte number: 93 (0x0050+13) Undecoded byte number: 94 (0x0050+14) Undecoded byte number: 95 (0x0050+15) Undecoded byte number: 96 (0x0060+0) Undecoded byte number: 97 (0x0060+1) Undecoded byte number: 98 (0x0060+2) Undecoded byte number: 99 (0x0060+3) Undecoded byte number: 100 (0x0060+4)
Update: The Solo Public Lobby Glitch Works (Somewhat)
https://www.reddit.com/gtaonline/comments/4n8094/tip_if_you_are_on_pc_block_these_ports_using_you?ref=share&ref_source=link
So this was months old, and its a archived post but basically he says you can glitch yourself into a SOLO public lobby by blocking your game ports to R*'s servers.
That is only partially correct by now, January 20th 2017. The game will still attempt to connect to you to a filled public lobby, BUT, it will be much less populated.
Now you need to block both inbound and outbound communications on UDP ports on..
(His Original Post) Select UDP and put in these ports 6672, 61455, 61457, 61456, 61458 These are R* game server ports and select next.
Through the Windows 10 Firewall Settings.
You should have Firewall running at all times anyways. Even though my Airport Extreme already has a smart firewall installed.
Windows Firewall Settings
https://scontent.flas1-1.fna.fbcdn.net/v/t1.0-9/16195900_402016770142664_9185237840131020577_n.jpg?oh=cec83e04c1fa93cd3402702a5b8b867f&oe=591C283E
These are the settings you must have on Windows Firewall, on Windows 10.
Make one rule for INBOUND and one for OUTBOUND. You can do this while playing the game.
Set them to enabled and change session. You should be on a new lobby with MUCH LESS PLAYERS. Keep Lobby-Surfing until you end up alone or the other people leave.
My Wireshark capture tells me that the only other player in the game is connected to me via UDP 35464. He eventually left. Leaving me in a session by myself.
It won't guarantee you a solo lobby anymore, but it makes it much rarer for packed lobbies with modders and jet griefers.
If you are feeling lonely, then disable those firewall rules and switch session again.
I still have a UDP connection via 6672 despite the rules. My wireshark picks up no traffic at all though.
Hmm interesting. If you block your traffic it now generates DTLSv1.0 traffic (like modder traffic) to Rockstar at 192.81.241.100. There is also a lot more TCP traffic through Port 80 (but its still obfuscated). And it is going through my blocked UDP ports in the new firewall rules. It basically SSH tunneled through UDP directly to R*. So it's just me and their gameserver. No one else.
Well the admins know I am not cheating. They prolly think I have a lousy internet connection or a jerk of a admin (they think) who doesn't want me to use UDP gaming ports. I am not worried at all.
If you wanna sell all of your shit without being picked on. Then do this,
enable the firewall rules both inbound and outbound,
sell your shit,
and then disable them and switch sessions again so you won't be lonely anymore.
Here are the packet captures that I am WILLING to share. Basically it shows two things.
R* Will open a SSH tunnel secret in at least TWO conditions
(1) If you are modding. There will be a SSH Tunnel created using the DTLSv1.0 protocol on your UDP ports. Telling R* what you are doing if your game traffic looks suspicious
(2) If you are using the firewall glitch, the game will get around your Windows Software Firewall and start connecting to R* with the SSH tunnel.
https://drive.google.com/file/d/0B5Beow8WOgBFODJJNTN0d3VGYW8/view?usp=sharing
For #2 if you check on my packet capture links, even though I told Windows Firewall to block that UDP port, packets were sent through anyways as DTLS traffic. I have yet to be banned for this.
This ensures that R* can still save my data. And you get to have less populated and/or totally alone sessions so you can play the damn game!
And here is a example of normal traffic. Me and three of my friends in a 4-player Survival Game
https://drive.google.com/file/d/0B5Beow8WOgBFRU1veG52N1VCZkU/view?usp=sharing
Edit: Uploaded a 38 minute video, soloing biker deliveries without interference from other players. Works as long as I end up being the only player in the session, no new players can join because I blocked my ports
https://drive.google.com/file/d/0B5Beow8WOgBFbzBSY3VnWkZyMU0/view?usp=sharing
Other Possible Ramifications (Very Bad If It's True!)
Not to freak everyone out. But it MAY be possible, for someone with actual hacking talent (not me), to drop a Staged Meterpreter Shell into your computer, assuming that he or she knows your IP address through the discovery on Wireshark. They can then...
(1) Have the payload on execution rewrite a critical system file in your computer
(2) Download the remaining stages of the payload
(3) Slowly compromise other system processes on your computer
(4) Gain root-access (Administrator in Windows)
(5) Start executing commands as Root/Admin
(6) Do creepy shit like use your webcam to take a picture of your face. Or steal your saved payment information in your browser cookies for Amazon, etc.
I typically would picture our typical home networks like this in a typical game lobby on GTA Online
Me
Laptop running GTA V My Router and Firewalls My Public IP (UDP Port 6672) My ISP
You
ISP routing path Your ISP Your Public IP (UDP Port 6672 and/or other) Your Home Router and Firewalls Your Computer
The problem with the UDP protocol, is that it has very little verification and checksumming. It just keeps spamming packets, making it viable for low latency applications (gaming).
If I can make a virus or reverse shell look like typical game data, then it SHOULD get through your firewall, and automatically get forwarded by your router to your computer. As long as I am connected to you, all the validation is authentic. As long as I am connected to you, either in a game mode, or through the public lobby!
If those conditions are met. Then it's going to look like regular traffic to your network.
I have yet to even try this. I did managed to reencode a standard reverse shell payload (msfvenom) and infected myself with it (successfully SSH tunneling through my own router from the WWW against my Linux installation). However, my Windows variant failed to execute due to Windows User Account Controls. Windows Defender was futilely, furiously searching for this "virus", and eating up all my hard drive usage (100% while playing GTA) until I finally removed it after running a scan with HitmanPro (a heuristics second-opinion scanner that hunts for files that exhibit virus/malware like activity).
PSA: DO NOT USE WIRESHARK TO MONITOR GTA V TRAFFIC, R* EULA HAS RECENTLY BEEN CHANGED, DEPENDING ON SEVERITY IT MAY BE A INSTANT PERMANENT BAN
At 4:30 AM PST, January 22nd, my account received a permanent ban as I was with my friends on their yacht looking through the scope of a sniper rifle in the middle of a Piracy Prevention Match.
As it turns. Sniffing network traffic via Wireshark may or may not be a ground for a ban. Regardless of whether or not I am doing it right now.
I even double checked the vague Rockstar Games EULA to make sure.
https://www.rockstargames.com/eula
You agree not to:
reverse engineer, decompile, disassemble, display, perform, prepare derivative works based on, or otherwise modify the Software, in whole or in part;
Well I attempted to! And I violated a good half of those.
cheat or utilize any unauthorized robot, spider, or other program in connection with any online features of the Software;
"Spider" (I am guessing they are referring to internet crawlers), but "other program"? Yeah Wireshark fits the bill.
TECHNICAL PROTECTIONS: The Software may include measures to control access to the Software, control access to certain features or content, prevent unauthorized copies, or otherwise attempt to prevent anyone from exceeding the limited rights and licenses granted under this Agreement. Such measures may include incorporating license management, product activation, and other security technology in the Software and monitoring usage, including, but not limited to, time, date, access, or other controls, counters, serial numbers, and/or other security devices designed to prevent the unauthorized access, use, and copying of the Software, or any portions or components thereof, including any violations of this Agreement. Licensor reserves the right to monitor use of the Software at any time. You may not interfere with such access control measures or attempt to disable or circumvent such security features, and if you do, the Software may not function properly. If the Software permits access to Special Features, only one copy of the Software may access those Special Features at one time. Additional terms and registration may be required to access online services and to download Software updates and patches. Only Software subject to a valid license can be used to access online services, including downloading updates and patches. Except as otherwise prohibited by applicable law, Licensor may limit, suspend, or terminate the license granted hereunder and access to the Software, including, but not limited to, any related services and products, at any time without notice for any reason whatsoever.
The Secret UDP SSH Tunnel (DTLSv1.0), got it. R* Anticheat. Check. Don't fuck with it? Naw mang, sorry, totally lost it. Well... if I straight up spilled the beans on how your anticheat works, including what it could possibly do and can't do, and how it might work, I'd guess you'd be pretty mad at me too.
Especially since posting on Reddit is the equivalent of me following you around IRL with a megaphone, screaming in public in earshot "Don't trust him! He is reading your shit! He's looking through your gameplay traffic right now. And he knows everything!!!!"
By installing and using the Software, you consent to the information collection and usage terms set forth in this section and Licensor’s Privacy Policy, including (where applicable) (i) the transfer of any personal information and other information to Licensor, its affiliates, vendors, and business partners, and to certain other third parties, such as governmental authorities, in the U.S. and other countries located outside Europe or your home country, including countries that may have lower standards of privacy protection; (ii) the public display of your data, such as identification of your user-created content or displaying your scores, ranking, achievements, and other gameplay data on websites and other platforms; (iii) the sharing of your gameplay data with hardware manufacturers, platform hosts, and Licensor’s marketing partners; and (iv) other uses and disclosures of your personal information or other information as specified in the above-referenced Privacy Policy, as amended from time to time. If you do not want your information used or shared in this manner, then you should not use the Software.
Remember what I said about DDoSing people that are discovered on Wireshark? If you do this, and the victim knows the right people to call, I wouldn't be surprised if G-Men in suits knock on your door.
At first, I thought, that was it. Then I decided to go Google "GTA V Banwave" and set the time to one week ago. What I saw was a real trip. A huge spike in fake bans and urgent warnings, "PSA's" all over YouTube
It's something related to the latest iteration of Mod Menus that have been popping up. I have not seen so much panic run through the forums of UnknownCheats and MPGH in my life. New versions, updates, and customized variants of Mod Menus have been popping up on a daily basis. And with a detection period from launch, of at most, a week long. That is, the day that the new mod menu gets uploaded, to the point that users start to report they are getting banned for it, can be up from a week from now. R* anticheat went into overdrive. Developers have been scaling back on implementing the money drop feature for fear of triggering instant bans for their users (hence the lack of money drops recently). Then I noticed something...
The prevailing issue of "Persistent Mods" and possible "Memory Corruption" implicating innocent players
I am talking about mod menus that permanently break a lobby's features like free roam missions, like CEO or Bikers, but this time, it can carry over betweens lobby sessions. I saw my first variant earlier this week and shrugged it off. Then I saw my second one today. Some modder was caging me and my friends and trying to flatten us with Bugattis.
Normally I would just join another session and any wacky attachment would fall off. But now the damage, errors, and bugs caused by mod menus can "carry-over" with me. I realized that I couldn't change my Outfits via the "Style Menu" for the second session in a row, I could not eat snacks to regenerate health, nor could I equip body armor. In some cases, I couldn't register as a CEO and start my missions, even though I already SWITCHED to a new lobby.
After fully restarting the game from Steam, the "mod persistence" ceased. I had full control of my character again. Because we are talking about starting over again with fresh untainted memory.
First instance of discussion of innocent bans recently https://www.youtube.com/watch?v=rKYnCDolKSc
This video claims that you should be avoiding public lobbies on the PC like the plague or apocalypse. IDK if you have to be THAT extreme. Just don't interact too much with modders. Or try glitching yourself into a solo public lobby via the firewall glitch.
This is really sad though. This guy is a victim of a modder, and he gets a ban for it, probably from memory corruption caused by the modders that Rockstar's Anticheat picked up https://www.youtube.com/watch?v=_1IEs-Bf7Is
I am certain that if you react quickly enough, you will NOT get flagged by the modder's actions. You just need to do a full restart of the game. Not your PC. Just the game on Steam. So don't enjoy a modder's company for too long, no matter how pleasant they may appear.
Holy fuck dude. The game still costs $60 on Steam. After all these years. I'll just wait until my decoy account gets unbanned. I'll see you guys in 30 days.
Fortunately, it is NOT a MAC Ban. I logged into my decoy account. Decoy account still has a one month suspension.
submitted by ctlister to GTA [link] [comments]

Subreddit Stats: Monero top posts from 2018-01-03 to 2019-01-02 13:47 PDT

Period: 364.01 days
Submissions Comments
Total 994 49530
Rate (per day) 2.73 135.74
Unique Redditors 582 8080
Combined Score 161184 231580

Top Submitters' Top Submissions

  1. 5300 points, 33 submissions: dEBRUYNE_1
    1. Monero GUI 0.12.0.0 "Lithium Luna" Megathread - Download links, instructions for upgrading, guide on how to get started, and guides to resolve common issues (missing a transaction / zero balance, freezing / buggy GUI, transaction stuck as pending, and GUI using all bandwidth) (386 points, 833 comments)
    2. [Reminder] monero is not the appropriate place to discuss the BTC/BCH debate (319 points, 73 comments)
    3. General information regarding the upcoming scheduled network upgrade and a call for community action (305 points, 223 comments)
    4. GUI v0.12.2.0 released! (299 points, 243 comments)
    5. Announcement - Proof-of-Work tweak and a note on key reuse (295 points, 250 comments)
    6. GUI v0.12.3.0 (with direct Ledger support) released! (280 points, 386 comments)
    7. Bitfinex reduces Monero withdrawal fees from 0.04 to 0.0001 XMR! (272 points, 9 comments)
    8. Poloniex also reduces Monero withdrawal fees to 0.0001 XMR! (220 points, 17 comments)
    9. Preliminary information thread regarding the scheduled protocol upgrade of October 18 (214 points, 208 comments)
    10. CLI v0.12.3.0 released! (195 points, 78 comments)
  2. 4228 points, 24 submissions: OsrsNeedsF2P
    1. Saying you don't need privacy because you have nothing to hide is like saying you don't need free speech because you have nothing to say. It's a right to everyone - It's a right to you, me, and even Mark Zuckerberg. (581 points, 138 comments)
    2. The official Fortnite Merch Store is accepting exclusively Monero as a cryptocurrency payment option... (445 points, 80 comments)
    3. Can we stop being assholes to newbies? (359 points, 94 comments)
    4. With all this Monero "is less untraceable than previously thought" FUD, let's all remember that huge fucking bounty of $$$ for anyone who can trace the origin of one of the devs transactions.. (343 points, 131 comments)
    5. Ever wanted to know how Monero is still around today? Well now you don't have to! This post has it all =D (297 points, 66 comments)
    6. Coinmarketcap shows Freewallet as a Monero wallet. Guys, whatever you do.. Don't use Freewallet. It's a scam. (286 points, 93 comments)
    7. SEC wants decentralized exchange creators to register as exchanges. Lol (182 points, 111 comments)
    8. "Please do your part in demanding exchanges to lower their XMR withdraw fee. I am submitting a complaint to Coinex who currently charge 0.04 XMR" - [x-post from /xmrtrader] (169 points, 43 comments)
    9. Can we get some appreciation for the people who maintain the Monero packages on Arch Linux? There are so many available, and every single one I've checked either make the package from source or validate the checksum. Amazing work <3 (156 points, 19 comments)
    10. [WARNING] DROPIL recently made a post announcing support for Monero. MOVE YOUR FUNDS if you used them!!! (119 points, 5 comments)
  3. 3954 points, 13 submissions: KnifeOfPi2
    1. Did John McAfee just sell all of his Monero?? (1277 points, 107 comments)
    2. We need to stop thinking about Monero as a “privacy coin.” (511 points, 200 comments)
    3. Selsta and I just completed the first Ledger-to-Ledger mainnet transactions ever. He sent me 0.1 XMR and I sent 0.4 XMR back. (482 points, 103 comments)
    4. Monero network hashrate just hit 1GH/s! (463 points, 166 comments)
    5. An upcoming Monero project: Render the entire blockchain. Here's a selection of blocks that we've done so far, in an early stage. (224 points, 31 comments)
    6. In Stunning Move, Bitmain Announces It's Launching A Doorstopper Business (193 points, 48 comments)
    7. Another red flag for X Wallet: The source code is incomplete. (190 points, 63 comments)
    8. MONERO IS DEAD! LONG LIVE MONERO! (155 points, 25 comments)
    9. Lithium Luna GUI released! (118 points, 66 comments)
    10. Cake Wallet - introducing Zendesk support! (100 points, 13 comments)
  4. 2421 points, 22 submissions: SamsungGalaxyPlayer
    1. Kasisto POS in 22 seconds (366 points, 76 comments)
    2. "Kudelski Security completed their [bulletproof] report. They found only a few minor issues that are trivial to correct, and no major issues." Overall, a huge win for Monero, bulletproofs, and privacy. Full report will be published soon. (338 points, 100 comments)
    3. Network upgrade scheduled for block 1544555 on 28 March (210 points, 56 comments)
    4. Fungibility is determined by the LOWEST common denominator of privacy, NOT the highest. Monero absolutely excels here. (103 points, 37 comments)
    5. [Discussion] Move to a Fixed Ringsize (102 points, 85 comments)
    6. The Monero Malware Response workgroup website is up! Direct people whose machines have been compromised here! (101 points, 22 comments)
    7. MoneroV: A Trap Laid for Monero Users? (93 points, 45 comments)
    8. Want to get the GUI point release faster? Help translate! (91 points, 18 comments)
    9. Introducing the Breaking Monero Series! (86 points, 26 comments)
    10. ShapeShift is moving to a membership model and will require personal information soon (83 points, 86 comments)
  5. 2295 points, 16 submissions: pinkphloid
    1. Cake Wallet - OPEN SOURCE - Here it is! (383 points, 167 comments)
    2. Our Monero wallet called CAKEWALLET for iOS is live! Please check the link to the Apple App Store below. (347 points, 379 comments)
    3. [MANDATORY UPDATE] Cake Wallet Version 3.0.9 - Network Upgrade Ready! (227 points, 19 comments)
    4. [UPDATE] Cake Wallet version 3.1.4, now with XMR.TO for exchanging XMR to BTC! (133 points, 15 comments)
    5. Cake Wallet - 10,000 unique downloads! (132 points, 29 comments)
    6. Thank for the positive feedback on Cake Wallet! (127 points, 62 comments)
    7. The new Cake Wallet Update version 3.0.1 is out now! (120 points, 50 comments)
    8. [UPDATE] CAKE WALLET 3.1.1 with Monero v0.13.0.4 and other stuff (118 points, 32 comments)
    9. Cake Wallet - UPDATE! (108 points, 75 comments)
    10. CAKE WALLET - new version live now with NEW FEATURES! (102 points, 97 comments)
  6. 2042 points, 16 submissions: Rehrar
    1. Core Team Announcement (344 points, 45 comments)
    2. Project FOSS (212 points, 37 comments)
    3. Write down your seed (200 points, 93 comments)
    4. Bulletproof audit needs some more funding. Details in the comments. (170 points, 55 comments)
    5. Extremely thorough introduction to Monero by cypherperro. Take a look. (122 points, 18 comments)
    6. Defcon Monero Village Update and Summary (116 points, 22 comments)
    7. MRL Bulletproof audit FFS request (115 points, 30 comments)
    8. I, rehrar,went on a YouTube show to talk about Morono (113 points, 28 comments)
    9. Fund the fundings! (107 points, 16 comments)
    10. The anonimal appreciation thread! (107 points, 21 comments)
  7. 1978 points, 15 submissions: Vespco
    1. Edward Snowden on Bitcoin Interview 2018 (at 50 minutes, he says that a traceable public ledger is a bigger problem then scalability) (362 points, 88 comments)
    2. Putting this on my invoices seems like a good way for me to promote Monero, give my customers a discount, & help me acquire more Monero. (325 points, 101 comments)
    3. It's fun to be a part of the Monero economy! (179 points, 26 comments)
    4. Honest Government Ad | Anti Encryption Law (178 points, 32 comments)
    5. Jeez, not much real conversation in here. Just junky news links. (129 points, 76 comments)
    6. The New York State Department of Financial Services just approved the trading of privacy-protecting cryptocurrency. | Coin Center (124 points, 11 comments)
    7. A good way to explain the importance of fungibility to the laymen: Bitcoin Roulette (99 points, 45 comments)
    8. Why I love Botnet & Browser Mining. (86 points, 39 comments)
    9. This needs more praise & attention: An Open Source, Client Side JS implementation that makes monero multisig fairly easy. Github link in comments. (82 points, 14 comments)
    10. Could we get even more cryptographers researching for Monero? (77 points, 31 comments)
  8. 1846 points, 14 submissions: SarangNoether
    1. Bulletproofs: let's raise some funds! (295 points, 94 comments)
    2. January monthly report from Sarang Noether (237 points, 39 comments)
    3. Bulletproofs: The Paper Strikes Back (153 points, 32 comments)
    4. July monthly report from Sarang Noether (142 points, 20 comments)
    5. March monthly report from Sarang Noether (129 points, 22 comments)
    6. August monthly report from Sarang Noether (122 points, 33 comments)
    7. February monthly report from Sarang Noether (119 points, 27 comments)
    8. Sarang is up for three more months! (107 points, 30 comments)
    9. October monthly report from Sarang Noether (102 points, 26 comments)
    10. September monthly report from Sarang Noether (99 points, 25 comments)
  9. 1470 points, 4 submissions: TheFuzzStone
    1. "I do not have any Bitcoin" (1182 points, 96 comments)
    2. Fluffypony at Consensus 2018 (134 points, 33 comments)
    3. Time for Monero "killers"! :-) (91 points, 34 comments)
    4. XMR.RU-report (March) (63 points, 14 comments)
  10. 1468 points, 5 submissions: philkode
    1. Overstock.com accepting Monero (and ETH, BCH, LTC, DASH) (499 points, 36 comments)
    2. Happy 4th Birthday Monero! 🎂🎉🎁 (455 points, 62 comments)
    3. Monero has been added to Debian unstable repo as of yesterday. (321 points, 52 comments)
    4. “Unhackable” BitFi wallet just got hacked (xpost /cryptocurrency) (130 points, 41 comments)
    5. X Wallet to App Store (Soon™) (63 points, 67 comments)

Top Commenters

  1. dEBRUYNE_1 (3762 points, 1243 comments)
  2. KnifeOfPi2 (3311 points, 347 comments)
  3. OsrsNeedsF2P (3189 points, 505 comments)
  4. fluffyponyza (3027 points, 272 comments)
  5. gingeropolous (2554 points, 320 comments)
  6. cryptochangements34 (2522 points, 261 comments)
  7. SarangNoether (2269 points, 185 comments)
  8. SamsungGalaxyPlayer (2108 points, 221 comments)
  9. john_alan (1993 points, 218 comments)
  10. smooth_xmr (1944 points, 279 comments)

Top Submissions

  1. Did John McAfee just sell all of his Monero?? by KnifeOfPi2 (1277 points, 107 comments)
  2. Paypal shares your personal data with over 600 companies! That's why we need Monero! by 0xf3e (1184 points, 146 comments)
  3. "I do not have any Bitcoin" by TheFuzzStone (1182 points, 96 comments)
  4. Found In Warsaw - Don't Buy Monero: Cryptocurrencies harm the banking system and can weaken the government by SecretApe (1114 points, 110 comments)
  5. Monero transactions are about to get 80% cheaper and faster. by WillMTB (1056 points, 120 comments)
  6. Bye bye ASICs by Swericor (874 points, 380 comments)
  7. Upvote if you would like to see @fluffyponyza as a guest on Joe Rogan Podcast by xmr_karnal (840 points, 44 comments)
  8. All right, my cat had kittens and I just realised one of them has Monero-like logo on its head 😂😂 by JNKO266 (817 points, 79 comments)
  9. Credit, where credit is due! by Experts-say (796 points, 53 comments)
  10. Yesterday I thought it might be fun to create some vintage crypto posters for a handful of coins. This was the first one I came up with. Bonus points if you spot similarities from an old movie by Beemoe4 (722 points, 67 comments)

Top Comments

  1. 495 points: mr670wl's comment in Found In Warsaw - Don't Buy Monero: Cryptocurrencies harm the banking system and can weaken the government
  2. 474 points: kieranc001's comment in Monero Zero looks like a scam, can you please confirm?
  3. 380 points: deleted's comment in Found In Warsaw - Don't Buy Monero: Cryptocurrencies harm the banking system and can weaken the government
  4. 356 points: deleted's comment in Ledger Hardware Wallet - Monero integration : some news #6
  5. 331 points: last_of_the_romans's comment in Monero transactions are about to get 80% cheaper and faster.
  6. 323 points: svenroy777's comment in "I do not have any Bitcoin"
  7. 311 points: deleted's comment in Did John McAfee just sell all of his Monero??
  8. 255 points: KnifeOfPi2's comment in Monero transactions are about to get 80% cheaper and faster.
  9. 237 points: live9free1or1die's comment in Banning privacy coins because of terrorism/drugs/laundering is like banning people from being allowed to have sex in privacy because pedophiles also like privacy.
  10. 203 points: fluffyponyza's comment in Botnets are Ruining the Integrity of the Monero Network
Generated with BBoe's Subreddit Stats (Donate)
submitted by OsrsNeedsF2P to subreddit_stats [link] [comments]

[Table] IAMA Malware Developer. AMAA

Verified? (This bot cannot verify AMAs just yet)
Date: 2012-04-12
Link to submission (Has self-text)
Link to my post
Questions Answers
Have you ever been infected with malware, if so, how did you react? What should one do to avoid getting malware? Haha yeah I have been infected a few times, it is frusterating but most antivirus softwares do the trick unless you are infected with some undetectable malware. I always check hijack this and my outgoing connections a few times a week to make sure nothing suspicious is going on. To not get malware my best advise would be to not download cracked programs through torrents or warez sites. These are popular ways to spread malware. If you want to use pirated software run a keygen through sandboxie and use the legit installer. To avoid script exploits I recommend using a script blocking plugin such as noscripts for chrome or NoScript for firefox. Many ads are becoming ways to spread malware, you have to always be on the lookout.
How long does it take you to create the things you do? How did you learn to do it? How "good" are you at what you do and how long would it take, for instance, me (with no experience in programing whatsoever) to be at your level of goodness? It takes me about 1 month to create something from scratch that is of good quality. I learned it by teaching myself and looking at sources. It depends on how dedicated and of course how smart you are, but if you are intelligent you could probably learn in a year or two.
What's your testing process like - do you write unit tests? Do you test in various VMs and configurations to make sure it works? Do you have other developers to review your work? As far as the testing process goes, I test on 32 bit and 64 bit systems from xp to windows 7 to make sure all the functions work. Most of my programs are very different to each other, sometimes I make it hide in other running programs, sometimes it just sits in the open but is difficult to remove.
What are the most common, functional requirements that you apply to any malware (for example, must not show up in task manager)? What are the most common features that attract buyers for your products? What's the most common 'entry point' for an exploit of yours? (Examples: user downloads a crack, or user leaves firewall disabled, or user clicks on a link, or user connected to unsecure wifi)? People generally buy my product for stability and long lasting undetection so that it takes a while before most people realize they are infected. There are other features that are less important because they are found in many common malware programs.
What do you tell people you do for work in order to avoid being punched in the throat if you told them the truth? I just tell them I sell crack.
Can you, like, please stop? For you, thatgamerguy, anything.
Is it true that Macs are mostly safe from stuff like this? Macs and *nix systems are mostly safe because they aren't as widely used as windows, although they have just as many security flaws.
Can you speak to the programmers in the crowd as to what methodologies and strategies you use? As a c/c++ programmer of many years myself, I'm curious how you do what you do. How did you learn? Where might others learn? This fascinates me. For making things hard to delete my current method is to inject code into every process and hook the apis to delete and end processes. This prevents it from being deleted. If someone does manage to bypass the hook the injected code will just rewrite the malware to the disk. As far as networking, all you need to know is reverse socket connections with TCP. Check opensc.ws for more info about this stuff. That is the best site to learn at right now imo.
So, most redditors are very well informed with the internet/torrents/coding/engineering/blah blah blah/kittehs. Do you think your malware has infected anyone on this site? To expand, do you think the use of your malware is essentially easily avoidable to those who understand the internet gods? Could you explain any reasoning you could think of for why others would buy then implement your malware? And last but not least: ARE YOU MAGICALLY INFECTING MY COMPUTER RIGHT NOW?? WIZARD PROGRAMMER. Well I can't say for certain but probably it has infected people on this site purely because its so big. My job isn't to make it easy to infect people, just easy to hide on the computer. So if someone has some good exploits and can make the malware undetected then it is hard to know for certain if you are infected or not.
Mystic being of untold dark force, how might we convince you to use your powers for good? After I graduate I plan on work for a computer security company. As a college student I can't do much now.
Would you tell the security company that you used to develop malware? Lol nope.
How much money do the people make that buy your software? What prevents people from uploading your software to torrent sites or reselling it? My software generally has anti-crack protection on it so I can license it to a specific computer. People that use my software make varying amounts depending on what they use it for. I talked to someone that uses it to mine bitcoins with 50-100k bots, he makes about 20k a month.
Why do people pay so much to mess up other people's computers? I really don't know much about malware other then that it is bad... Did you get put on an FBI watch list or did they follow you around in a dark van? The people that buy my software make much more money from using it than I do selling it.
If your programs are supposed to work as part of a bigger whole, is there some sort of standard architecture your program specifically works under? Are the methods and ways of calling those methods meet some hacker standard, or do you publish an API with your script and just assume whoever uses your stuff is tech savvy enough to figure out everything they need to know? Could they easily read your code to see what you're doing or do you only send a binary/executable? Have you been surprised by any aspects of the industry you're taking part in? Does one segment seem a lot larger than you anticipated or did you come across a particular hacking technique you thought was rather interesting/inventive? I'm thinking on the level of channeling all the fractional pennies lost on rapid transactions to a bank account as being an interesting tactic... Do you individually sell/commission your programs or is there an equivalent to Amazon for such code? Where do you go to read news? I am sort of confused on this question. I am always surprised when people release good sophisticated malware which uses new methods to hide itself from the computer user. I never expected there would be such a huge supply of script kiddies who will buy software and barely know how to use it, only to hit someone offline on xbox live or something. I generally have someone else do the selling and finishing touches on my programs. I split some money with him.
Thanks for doing this AMA. Fuck all of the judgmental redditors. People don't offer to do IAMA's so that they can get bitched at by people on the internet. IAMA's are intended to give you an insight to a lifestyle that is not your own, so don't judge him for his choices. What OS do you do most of your programming on? When you're not programming, what OS do you use. What form of currency do you typically accept? Bitcoin? Do you use any recreational drugs? If so, do you obtain any of your drugs online? I use windows 7 64-bit to program on, and also use it for just regular usage. I accept bitcoins, Liberty Reserve, and Webmoney. I have done a lot of drugs but mainly I smoke bud, drop acid and do painkillers. I assume you are asking because of sites like silkroad? I have ordered off silkroad once but I get the same quality bud from my dealer so i didn't go back.
I have used the Silkroad, but I'm a member of a couple of private forums that give me access to much better stuff for cheaper. Do you use PGP encryption when communicating with your customers? My business partner actually is the one who dealers with the customers, but he does use it.
Got it. As long as you get paid, you could give a shit about the problems you cause for people. So, have you been a sociopath all your life or is this more recent? Well really I am not directly causing a problem to anyone because I don't use my own software. If I wasn't doing it someone else would just step in. Besides my programs don't steal credit card information and the like so the only real damage would be adware and posible dos attacks originating from your computer.
So you sort of make the bomb and let other people detonate it? So then its not your fault? Not trying to be accusatory, just wondering. Yeah and by that logic the people that sell others guns are just as involved as the people that use guns to kill people. I know what I am doing is technically morally wrong, and I will stop within a few months once I can find a job again.
Ever considered joining the good side? Getting a job at a anitivirus firm and using your knowledge about making malware to create software to prevent it? I would imagine that a knowledge like yours would be very useful for a antivirus software firm :) I plan on getting into computer security. As a college student coding malware is really one of the only ways I can make good money programming.
How "good" is your work? Will an anti-virus like achieve stop you? How wide spread is it. No, most of my programs are completely undetected until I stop making updates to it.
I'd ask for proof, but then I think that'd be a really silly thing to do. Have you written malware that functions on Linux? Besides the not stealing credit card information, what are your other ethical lines? I don't actually use my own software so I guess if that counts as an ethical line... I don't write malware for anything besides windows as its the most used operating system. If more people used mac and linux there would be as many viruses for those as there are for windows.
Have you ever been infected with your own malware? Yeah when I was testing without a VM (stupidly). Luckily I know how to remove programs I write myself...
, thank you for doing this AMA. Secondly, for most us out there who have loaded out with AV software and things like NoScript and Adblocker and such tell me, what behaviors or kinds of outgoing connections should we look for on our routers or scanners that might indicate infection? Its better to look at the process thats sending the outgoing connection, if its located in something like application data and has a startup entry, its probably malware.
Could you give me some examples on how to check this? I am always trying to expand my knowledge of these matters. Well the best way I know how to do it is with code, if you are interested in that I could send it to you. Otherwise use wireshark and process explorer or something.
Is the Free Anti-Virus/Spywear called AVG actually any good? Or do Malware programmers know that ALOT of people all over the world have it so create the malware so AVG etc will not discover it? Cheers. Most people create malware to make it undetected. Unless something is in the wild for a while most AVs will not detect it if its professionally coded.
As far as providing, I'm not necessarily sure how the law would work there. I can say with decent certainty that you're breaking tax laws though, I strongly doubt you're claiming your sales as income. That being said, I don't think you're scum. I was in the same place as you when I was a kid, and I did it solely because I wanted to say I could. It was less about causing harm and more about trying to learn. It just so happens that things like malware, especially that which allows remote intrusion, is very interesting. I was also heavily involved in the piracy scene, and major busts in 2001-2002 caused me to back out of it entirely. You mention the FBI, any reason why that didn't "scare you straight" so to speak? They only wanted information on an aquantince, I didn't give anything out and lawyered up. It did scare me long enough to stop for a year and pick a new nickname online to go by and also buy some vpns to gain some extra anonymity online. I don't think people that don't understand technology much truly get why it would be interesting to do stuff like this. Learning how to do it is a huge part, selling it is only secondary.
Do dark side developers these days ever just fuck around and make malware that wipes hard drives and stuff for fun? Not since the early 90's have I come across a story of anyone's hard drive getting wiped due to a virus etc. Most people are just focused on the money now. Also the new windows operatings systems have much better security so you can't easily get the rights to wipe a drive anyway.
I've made a virus in college when we were studying the Network Security topic. The professor of course didn't want to try it but asked me to explain exactly what I did. Anyway, one of the girls in my class asked for the code to duplicate it, modify it a little and claim she did the homework as well. So I gave her the source code as a help and when she "Run" it in on her machine it ruined many applications. Question to OP, do you have any similar stories like this? TL;DR: my college friend was screwed by my virus, OP do you have similar stories? Haha when I first started writing code in windows xp i fucked up my friends computer enough to force him to reformat.
How long does the process of scripting, and then finding people to sell to take? I would imagine this kind of thing takes many hours if not days, and what kind of skills do you need to have to be a malware developer such as yourself? I answered this before, but usually about a month for something of high quality. Depends on how much time I spend on it though. To develop malware you need to be an experienced coder, with knowlege of windows apis, memory manipulation, and networking.
Do you write polymorphic code ? I do not write polymorphic code because it would take much longer to develop.
What other hiding techniques do you know/apply other then encryption ? By hiding what do you mean? Injecting into memory is a popular way to hide running applications.
How many lines of code is a typical malware program from you? 5000-10000.
Is the malware all selfcontained or do you use 3rd party libraries? I don't use 3rd party libraries to cut down on exe size.
What's your largest botnet? How many bots? Which software would you use for monitoring incoming/outgoing port data? What languages do you code in? Which do you recommend learning for the future? No problem. I haven't run a botnet in over 3 years, but i had one of 10k at a time. There are many good vpns, nvpn, vip72 etc, just find one that doesn't log. Use wireshark or commview to monitor connections and processes. The use process explorer to look at the suspicious process. I code in C/C++ now, I started with Delphi but you could start with Java or anything really.
Do you feel a slight guilt from making your money via questionable sources? And how have you not been tracked down? Sort of I guess, i do feel a little bad that people use my software to infect other peoples computers, but it is not directly meant to harm the computer and steal information. I haven't been tracked down because I do my best to remain anonymous online through either a vpn or proxy.
You're being asked to zombify Linux desktops. What is your point of entry and how do you make it stick around? I am not expert on Linux, but the best way I suppose would be via an exploit. Once you have root control you could install a rootkit.
Hello there, nice AMA ! :-) 1. You said how much money you get per program already, but is that price fixed, or depends from the abilities of the program each time ? 2. Do you get follow-up money for the updates, or when you sell the product you don't touch it again ? 3. What do you consider as your ? Is there anything you have done and leaves you with a big-fat smile on your face every time you are thinking of it, and say "damn, I'm awesome." ? Well it depends on the abilities of the program and how much time I put into it. I do make some money from updates but usually most of the money is made within the first month. My best work was a P2P Bot which I modeled after khamedlia p2p protocol. I never sold this but I was pretty happy I figured out how to do it.
Can you talk about yourself in the real life? Do you meet the image of a computer hackemalware developer(like a neckbeard), or are you socially adept and have friends? How do you handle transactions? Like, how do you not get scammed by people buying malware? I am not socially akward, I have somewhat of a social life and have a good amount of friends. I work with a friend who handles all the transactions and also does some programming work, I get paid through him. The software can be disabled when people scam.
How do disable it.Does the binary listen to for constant external connection so if people scam you,disable it and please PM me the links. It checks through a database to see if its a verified user or not. What do you want me to PM you?
Any reason why not Bitcoins? Not really, its just a preference thing.
You make about 30K USD per program? And it takes you about a month to write a program? How many buyers do you get per program? Is this like 1K licensing fee for each of 30 customers, or more like $100 for each of 300 customers? Its more like $100 each for 300 customers.
If I sit down to a computer that is likely infected (ie run by a noob who downloads everything and has six toolbars on IE) should I assume that it is unsafe to type any passwords, etc on it? I wouldn't recommend using an infected computer at all, there is no way of knowing what type(s) of malware is installed on that system.
I bet those paid virus protection guys(like norton etc) knock on ur door to make a malware thingy, and the give them the "cure" so they can be the fastest with an update against it?! This doesn't happen as far as I know.
Do you feel any guilt that you do something that adds no value to society? I mean, a crack dealer at least provides a service to people... They get high. How is getting a high a value to soceity?
THAT EXPLAINS EVERYTHING. LET ME GUESS YOU EAT BABIES TOO? Only toasted ones.
Are you independent -- not employed by or affiliated with some larger organization? Aren't you more afraid of your customers and competitors than of law enforcement? Do you use anonymity tech such as Tor or VPN to protect yourself from all of the above? Yes, I use a vpn constantly.
When you sell malware, are you selling the source code, or just the tools to deploy/control it? Just the compiled binaries.
So basically you make malware so companies make and sell softwares to protect against new ones and is a never ending but profitable cycle? Pretty much, not that it justifies using malware but it is true that anti-virus companies probably profit more than I do.
How do you sleep at night? With a temper pedic
"Don't bother calling me a scumbag because I geniunely don't care." There you have it, why the world is a mess. I didn't make a thead so people could call me morally corrupt. When I say I don't care, I meant that I don't care if you call me a scumbag or not. I do feel bad for the people that get infected with my malware, but it really does not cause that much harm to the computer. It is up to the person who installs it whether he steals information or damages the computer or not.
I'll tell you point 1: Delphi, because every lamescriptkiddieforums have tutorials on writing uberundetectablesupertrojan. In delphi, of course. Actually thats right, I started with Delphi because it was easy to learn with, but moved to C/C++ later.
Bots are the easiest to code, but it takes time depending on the amount of features and undetectability.
Reverse connection is just an easy way to control bots, bots connect back to a master client which can issue commands. I don't program bots like this anymore, but many people still buy this kind of stuff.
I get paid via wmz and LR which I can then transfer to my own bank account if I want.
I use chrome and my desktop wallpaper is just a bunch of rainbow colored smoke lol.
Reddit has this fail safe the if you type in your social security number it only displays asterisks. It does the same for email. Watch: ***-**-****, ******@**********.com. Heres my cell phone number: 202-456-1414.
I got into it from the cheating scene in video games. I just thought this sort of stuff was very interesting, it took me a while before I started selling it, I used to give it all out for free. I will PM you a few sites I don't want to post here. People asking for a site, try opensc.ws.
Last updated: 2012-04-13 02:31 UTC | Next update: 2012-04-13 03:31 UTC
This post was generated by a robot! Send all complaints to epsy.
submitted by tabledresser to tabled [link] [comments]

[Table] IamA Convicted Computer Hacker and Internet Criminal AMA!

Verified? (This bot cannot verify AMAs just yet)
Date: 2015-01-05
Link to submission (No self-text)
Questions Answers
1) Do you think that is good that anyone can know anything from anywhere at the world? Also, do you feel secure? As normal citizens living our normal lives, should we feel secure? 1) I do think this, but with certain constraints. Freedom of information is important, but personally identifying information is dangerous to have floating around. I feel relatively secure, but that's just me and it's within my own accepted parameters for security (right now, I'm not that concerned with privacy, for example, because I'm on probation anyway). Normal citizens should feel relatively secure. Use strong passwords and 2-factor authentication when available and you'll be safe from 99% of hackers. We really aren't that interested in you as an individual person.
2) Do have any word about the recent DDoS attacks on PSN and Live? Seems to be pretty simple to do, so why anyone can't stop it? (Ps: i know that DDoS isn't hacking and its far from that lol) 2) Like you say, It's easy to do. The only hard part is setting up a network capable of such a powerful attack. These guys probably weren't just hiring random kids on hackforums.net and were probably running their own botnet (or hiring a powerful one). You can stop most DDoS (google CloudFlare), but it's kind of like bulletproof armor: The tiny bullets will be stopped, but a tank shell won't be phased.
3) How is hacking, visually? Is it something near to CMD looking? Could you post an example? Haha. 3) It can be, yes. This is a picture of a common attack against home WiFi protection Link to s21.postimg.org
4) Since you talked about the black market: What is it, from the inside perspective? Have you seen some heavy shit like everyone talks? 4) Yes, there's some very heavy shit. Snuff (mostly free, though, contrary to common opinion), child porn, semtex explosives, drugs, etc. Absolutely anything you want is there. They people that tell you it's not haven't dug deep enough yet. I worked for someone selling stinger missiles once.
5) (Slightly offtopic) What do you think the World Wide Web will become in the future? Will it evolve from what is now? And how? 5) Definitely. The future will revolve around a WWW that is integrated more closely into our lives. Firstly mobile (we're seeing that now with our phones), and then through augmented reality and implanted devices. The internet is still a very young technology and it is incredibly exciting to think about what is to come.
What were some of the craziest jobs you had to to do? Quoting an earlier post of mine in response to a similar question: "I met a duke (with proof of such) who funded my operation; worked with the Russian mob (a more recent branch of the infamous RBN); and dealt with more than one arms dealer online in the past. I was a hacker, but I was also just an internet criminal doing middle man style shit, so not everyone I met was related to the hacking community. When I was very young I tried to set up a deal between some arms dealer and a Russian who offered to store the weapons. The deal didin't end up working (surprise, surprise) and I ended up having to explain why someone was watching our house to my parents for a week. I was a minor at the time so this was some incredible feat on their part and was obviously just meant to really scare me. It worked. Completely."
I've met incredibly sick and odd people. Let me just say that for anyone who disputes the existence of things like online arms dealers and snuff films, they are real. I was involved with stuff that went beyond hacking a lot of the time...hacking was more or less the gateway drug to the empire of organized cybercrime (god, I hate the word "cyber" lol).
As far as odd jobs go, I was hired to hack a porn site once and set up a drive by download that would install malware on visitors' computers. It wasn't that unusual a request, but the individual scenario was humorous in an immature way :P.
How do most hackers get caught? Does the gov't have uber-hackers of their own tracking you like in the movies, or do you get caught in some mundane fashion? What do you guys do to stay safe? The government seems to have such hackers according to recent reports (post 9/11), but most of us get caught in rather mundane ways. I wasn't even caught by the government at all, but rather a private security firm (RSA).
You mentioned you worked as a middle man. What does that mean exactly? Like how did you help that guy sell stingers? And what sort of jobs did the Russian mob have you do? What proportion of your jobs actually required hacking skills? Being a middle man in this sense really just means I orchestrated deals between parties that otherwise wouldn't have met--I had a fat address book to use a '90s metaphor. I helped stinger guy in the sense that I knew someone who was able to store the missiles and so I set up a deal between the two of them while taking a cut of profits. (Needless to say, it didn't work out in that case...) The Russians didn't really have me do jobs per se since I didn't work for them so much as with them. My primary environment has been Russian forums and groups and I was quite well known within those circles. The Russians, though, tend to be stereotypically, well, Russian even online: They're primary goal right now seems to be to hack their way into a monopoly in the carding world. It's amusing, but these guys do have some real power there which is a bit frightening. I'd say about 60% of my jobs required some hacking skills.
What are your thoughts regarding "social hacktivism" by folks such as those in Anonymous? It seems like there is some good done, but then also some harm. I'm usually all for hacktivism. I was active with Anonymous for a while, but that's not saying a lot since it's so decentralized. I've matured in my politics since my teenage years, but I've always leaned toward a more anarchist bent. In this day and age, hacktivism has its place. Stuff like this recent Sony hack though...that cross a line. If you want to deface a site, fine. Any IT admin worth his salt will fix that in ten minutes and your point will have been made. But threatening employees and families and wreaking havoc on the entire business? Not ok stuff, there.
Also, thoughts on the use of computer attacks (drone hacks, critical infrastructure hacking) in future warfare? And I'm thinking Die Hard 4 here... I think future warfare is scary shit, frankly. There will come a time in the very near future when we will be able to kill people with computers alone. As far as we know, this warning didn't come true, but the message is clear and only time will tell: Link to www.independent.co.uk
Huh! interesting perspective and article. I was all for the internet of things and for driver-less cars, etc. I am usually thrilled by the possibilities. However, it looks like hackers will be able to do some very scary stuff once IoE is more widespread. I concur, but I also am always for the advancement of technology. I love it and the internet of things and such is a bandwagon I've embrace completely! Check this out if you're worried about security: Link to www.bitdefender.com
Coming from a hacker, Bitdefender makes some of the best security software around, so it's worth its price in my opinion.
What do you think of the whole NSA deal? Did you already suspected it and took precautions? I did as did most of my ilk. We worked from very secure and radical systems that were often custom built. Our computers were custom sealed with thermite explosives that could be remotely detonated (thermite doesn't explode per se in these small quantities, but eats through and melts the computer components). We also rarely had operating systems installed and would work off of "live disks" such as Tails OS (or a live version of Kali for the real hacking side of things). This meant we could just remove a thumb drive and leave no trace on the computer.
Now days, stuff has quieted down for me since I've gone "legit," but I still take certain precautions: I use a Mac right now and File Vault is 100% on right now, for example haha.
You see things like Kali linux, are they actually worth the time using? Would it just be better to write your own programs instead of using somebody else'? I saw you mentioned learning low level languages, but should one start learning them? A lot of the "old guard" of hackers will say that hacking tools aren't worth it, but I disagree. If a sufficiently advanced tool has been written already, why bother to make another? Just don't rely on them for everything you need. So yes, I think Kali (previously, BackTrack) is incredibly useful.
Security is kind of my thing, I can work my way through locks and I am passionate about martial arts. I also still think that low-level languages like ASM are still useful and worth learning. Computers continue to get more advanced, but right now they're built like a cake: Every year we get a new layer but nothing at the bottom changes. Quantum computing will change this, but for now, low level stuff is still perfectly good to know. When I'm not writing my own tools and shopping for others the first thing I always ask is what language was it written in? If it was written in an assembly language, then it's a surefire buy.
I learnt ASM before C, still haven't learnt C++ yet. Although most of my coding is Python. Ah, then you're taking the route I did! haha, shouldn't be too hard to migrate into C++ for you then. I did everything backwards and ended up just fine.
1) What do you think the future of bitcoin will be? Bitcoin has set a standard. There hare literally hundreds of cryptocurrencies out there right now (many of which are far more secure than BTC). BTC is still too volatile to decide if it has a long lasting future or not, but I'm optimistic. If anything, its brethren will live on.
2) Is most or a lot of cybercrime transacted with bitcoin? Yes, most cybercrime these days is transacted using BTC or some other cryptocurrency (LTC, darkcoin, and shadowcoin are popular alternatives). Back when I was really active we did everything through Western Union, Liberty Reserve, or Webmoney and we all know what has happened to these currencies (although Russians still like their Webmoney for some incredibly stupid reason)...BTC and its ilk has made crime so much easier :)
Last updated: 2015-01-05 19:44 UTC | Next update: 2015-01-05 20:44 UTC
This post was generated by a robot! Send all complaints to epsy.
submitted by tabledresser to tabled [link] [comments]

[Table] IAmA: We are the guys currently hosting Movie2K. Ask us anything.

Verified? (This bot cannot verify AMAs just yet)
Date: 2013-06-03
Link to submission (Has self-text)
Link to my post
Questions Answers
I often wonder why major companies spend so much money trying to shut down sites like movie2k instead of embracing new technology and putting their movies and shows on their owns sites to be viewed in higher quality with commercials. I assume it isn't as profitable but do you have any further insight? When your business model is threatened a lot of companies tried to preserve it as long as possible. they pay millions and billions of dollars for political lobbying instead of fostering innovative ideas. business models like itunes or netflix show that it is possible to make money as a content delivery network, but many other companies tried to scare users away from filesharing and introduce DRM like steam or origin in order to retain their sales. that may have helped in short terms but we dont think those companies have a future.
As far as studies tell us, there is no harm or damage caused by filesharing.
European Union says filesharing helps artists
American Assembly - Copy Culture Report
many other papers
There is a website on copyright reforms with further information.
Today’s copyright legislation is out of balance, and out of tune with the times. It has turned an entire generation of young people into criminals in the eyes of the law, in a futile attempt at stopping technological development. Yet file sharing has continued to grow exponentially. Neither propaganda, fear tactics, nor ever harsher laws have been able to stop the development.
It is impossible to enforce the ban against non-commercial file sharing without infringing on fundamental human rights. As long as there are ways for citizens to communicate in private, they will be used to share copyrighted materials. The only way to even try to limit file sharing is to remove the right to private communication. In the last decade, this is the direction that copyright enforcement legislation has moved in, under pressure from big business lobbyists who see their monopolies under threat. We need to reverse this trend to safeguard fundamental rights.
Edit: formatting.
When did this happen? What was your first reaction realizing such a big site is a possible ad for your party?:) It happened last friday. We were notified by torrentfreak (see this post) and indeed there was much more DNS traffic than usual on our servers (especially since they gave negative responses that did not get cached). Oh, and various cops also called us and our providers, but this time, they at least didn't take our servers again.
Since there was a massive press shitstorm (probably fired up by the content mafia PR departments) going on against the site, we laid low for a short while, then finally deployed the site today.
The result was this and then it was like this.
I don't have much to ask about movie2k, but I was interested in your party a bit (well, I'm not German) - since you are a single issue party, do you find that your voter base is made up of a collection of different ideological positions? Does one reign supreme? First, we are NOT a single issue party, despite constantly being portrayed as such. We have a comprehensive manifesto covering most areas of politics. We don't just fight for civil rights and an agenda for openness in governments. We also have a lot of positions in regard to e.g. social/welfare policy etc. These are not as mutually exclusive as US politics may make people think - while a welfare state does limit "freedom" in the sense of making you pay taxes and preventing the rich from preying on the poor, it doesn't have anything to do with how much surveillance you have, if you have a free and uncensored internet, etc. We want to protect citizen's rights, both against corporate and government attacks, and make sure every citizen can have a decent, humane life - even if that means "limiting freedom" by making people pay taxes. We certainly have a few members who are more on the extremist end of the spectrum, in all directions. The majority agrees with what was described here, and the problems are limited since the extremists are a pretty small minority that usually quickly lose interest once they notice they cannot take us over to push their agenda. Not that they wouldn't try, but they don't have a lot of effect. We do not tolerate right-wing extremists at all, and if someone tries to spread hate in the name of the Pirate Party, they get thrown out pretty quickly.
For example, one would not find it unusual to see communist, socialist, liberal members, but are there also a 'hardcore' capitalist faction or people on the 'right' who are on board? In general, our politics can be described as "linksliberal", which literally translates to "left-liberal" but these words have different meanings in different countries. It would be the bottom-left quadrant of the political compass. It means we do support a welfare state ("socialist", as US republicans would certainly call us ;)), but we also strongly support personal liberties.
Thanks for the AMA. You answered it in one of questions, but I suppose it'd be nice to have some brief info/links (for the lazy) in your post on what you have done / aim to do as the Pirate Party in Germany. Your link is for the German webpage, do you have any info in English? Short version: openness (open government), copyright reform and civil rights (opposed to anti-terror legislations).
The section on copyright:
> The German Pirate Party (Piratenpartei) does not want to abolish copyright, but we do want to give it a massive overhaul. Private (file)sharing must be legal and must not be hindered by lawsuits or DRM. Protected works must not be withheld from the public domain for 70 years after the death of the author anymore.
> We also want to improve the situation for authors by strengthening their position against the RIAA/MPAA-style organizations (like the GEMA, which is responsible for blocking a significant part of Youtube videos for German viewers).
> You can read more about the copyright policy of the German Pirate Party in the copyright section of our election program (in German\) or the manifesto (english\).
> Note that while most Pirate Parties worldwide want copyright reform, the exact policy may vary. Find your local Pirate Party on Pirate Parties International - nearly every country has one.
> The common aims of the international Pirate Parties are copyright reform, privacy, transparency, and public participation. Find your local Pirate Party on Pirate Parties International - nearly every country has one - and inform yourself about their aims!
> Although the German Piratenpartei sticks up for the rights of Internet users, we are not just an "Internet party". We fight for privacy and civil liberties, both online and offline, be it a privacy for your e-mails or a strong right to assemble and protest. We fight for an unconditional basic income and a general minimum wage. For free access to education without open or hidden fees. For real equality. For a healthcare system for everyone. A drug policy that gives addicts the help they need instead of threathening weed smokers with prison.
> This is just a small excerpt from our comprehensive Manifesto (English translation here) and the even more detailed Election Program for the federal election. (Sadly, many people appear to be unable to read even the table of contents, since there are still people claiming we don't have any ideas what to do or are "just an internet party". Think freely and inform yourself!)
Big fan of copyright reform in general, I hope you guys have success. Would there be any way people in US could help, apart from raising the general awareness. You could support your local pirate party, despite the two-party system they can certainly raise awareness. Also, spread the word, fight crappy laws and treaties like ACTA, which we all killed together. Work with us and discuss our topics and positions.
Currently we try to push the US and Europe to suppport the Treaty for the Blind of the World Intellectual Property Organization which will be voted upon this month. We push for this treaty that would allow blind or visually impaired people to ensure full enjoyment of their basic human rights, the right to knowledge, the right to reading, the right to information. The treaty would promote accessibility instead of copyright restrictions (think of e-readers).
Why not promote decentralized and uncensored file-sharing? Link to www.google.com. In Germany (which is where movie2k was most popular), torrenting non-CC movies/music will get you cease-and-desist letters from lawyers that log IPs (often not very accurately), use some of the new anti-privacy-laws to get your address, and then make millions by sending form letters demanding you pay around 1000 EUR for their "work" and compensation for "unlimited distribution of the protected work" (aka uploading).
We don't need to mention that we think these lawyers should be sitting in prison for fraud instead of sending these letters, do we?
We do support decentralized file sharing and want to legalize it. We just can't recommend it to people who will get themselves hurt. You can use some VPNs, but that requires a level of technical skill that unfortunately many people do not possess. As a sidenote, do not use TOR for downloading stuff, it isn't made for so much traffic and you will make it slow for people who really need it (e.g. in China, Turkey, ...)
My main concern is to get rid of Angela Merkel. So would you recommand electing TPP anyways. And even if you make the 5% and my vote woudn't be lost (it wouldn't be lost anyways, you get money for it and it would represent an opinion), this might lead to a big coalition instead of a possible Red-Green coalition? Of course we recommend voting for the Piratenpartei, if we wouldn't fully support its aims we wouldn't be spending quite a few nights keeping the IT running. If we get into the parliament, we get a lot of useful tools even if we aren't part of the government coalition. For example, we may ask questions formally which the government has to answer ("Kleine Anfrage"), making it possible to uncover corruption and stop bad laws by public shaming. Next time the government tries to get a new anti-privacy law approved with like 5% of the members of parliament present at 2 o'clock in the morning, we can show full attendance and actually reject the law - or at least request a check for Beschlussfähigkeit (a certain number of members of parliament must be present in order to pass laws), stopping the law and drawing public attention.
If you are afraid of a CDU-led coalition (e.g. the "big" black-red or a black-green coalition), take into account we are the only party to strongly oppose a coalition with the CDU (due to their anti-freedom politics) besides the Left party (Linkspartei). However, the SPD said they won't do a "big" coalition source
How many hits does the page have? We get about 100 views a second (360.000 per hour)
Could you provide a link to the local pirate parties on the page? Links to our local pirate parties
5+ im Herbst! Ja, 5+ am 15. und 22. September in Bayern, Hessen und im Bund.
How do you only have 67 questions/comments? We're a bit surprised, too, I guess the former operators and owners of the site would get a lot more attention. While hosting a 200 MBit/s site and being a Pirate Party is interesting, it apparently isn't that interesting.
Wow I'm surprised I found this as it was happening. Is there anyone else we should notify of movie2k's current state? Is there a place to reach the owner and ask more about what's going on? Unfortunately, we don't know anything about the owners of movie2k or movie4k (we don't even know if they are the same person or group, though it seems probable), but there is this twitter account that seems to belong to movie4k so you may be able to reach someone there. Regarding your first question, Torrentfreak has already been told, but if you think your local Pirate Party may be interested (perhaps to get a press release out) or it may be considered a juicy story by your local press, that could be a good idea.
In your opinion, how can a company get it right? i.e. how can they provide a platform and environment where artists/musicians/producers actually earn money from their work and for viewers and customers to not feel "jailed" with DRM and content sharing regulations? After the takedown of "kino.to", one of the largest German streaming portals, some newspapers announced an income between 700,000 and 1.6 million € per year, only from the advertisements. Also, video-hosters like shockshare earn money, because users want an ad-free and fast video stream. So, there is already a working conecpt. A company could provide a platform where users could watch SD movies for free (ad-supported). For higer quality like HD and 3D you have to pay. But if the companies demand outrageous prices that are as high or even higher as the price of a physical copy of the movie, it will not work. Also, selling music as a download only really took of once two things happened: DRM was abolished so you could simply download a MP3 file, and prices were reasonable. Imagine a platform where you can buy your favorite TV series for 1 dollar per episode or 10 dollars per season in 480p or for 1,50 /15 dollars in HD or 3-5 dollars per movie, with a good choice and an easy interface. Once you buy it, you can either stream it (as in "whenever you want, forever", because you "own" a virtual copy of it) or download a DRM-free file of it. Sure people could pirate the DRM-free files. So what? People are already pirating DRM-free files, putting locks on your legitimate customer's copies isn't going to do anything except annoying your customers. Today, the only platforms that come close to such a service have names like "The Pirate Bay" or "PublicHD" various usenet providers and they don't earn the producers any money.
second question: What is your opinion on Bitcoins? To your second question: Bitcoin is an interesting system, but currently there is no official, democratically legitimated opinion on it within the German Pirate Party yet.
Do you know how the website was taken down, and how it could just disapear from the internet? We dont know if it was taken down or how it was shut down, but we expect them to be back. they still own the domains of movie2k and have the power to switch it back to their servers any time.
You were big when it was still some kind of sensation a few years back but now you seem to be permanently somewhere around 2%. I think it is quite possible to get 5% or significantly more in the Bundestagswahl, because months before the Berlin election we were expecting not to get the 5% and in the end, we ended up at 9%. The weeks before the election, when the campagin is fully running and we start getting back into the public mind, really make a lot of a difference.
Non-members have full access to our forums and mailing lists and we have exactly zero moderation on many of them. The federal level one ("Aktive") became so unbearable most active members simply abandoned it, so mostly only trolls are left over. The same happened to some of the state-level lists. Our real life meetings, especially the ones below federal level, are pretty good. I don't think other parties have less of these fights, we just refuse to hide them and actually make them very public. The transparency we practice and demand from each other and the quite low tolerance for anything perceived as "bad" is also what makes it less probable that we become a corrupt bag of corporate shills like some other parties.
Is there any way you can take off the ads that say "download"? It's very confusing and tricky. We are just hosting the info page available there now, not the movie catalogue that was available there and is still available on sites like movie4k, so we have nothing to do with the ads.
Personally, such ads are one of the reasons I use Adblock. If you do, please use it responsibly and add exceptions for sites you like. You may not think you will click the ads anyways, but often at least some of them will be interesting to you and you will click them, especially on reddit.
Besides that, shouldn't ads that say "download" on a site where you go to stream movies (AFAIK, downloading is almost always a premium option if it is available at all) be pretty non-confusing, since there is no reason to click such a button? (But yes, I saw "play" ads on some streaming sites too, not sure if it was the original movie2k.)
Is there anyway this is coming back? I heavily relied on this website for all my movies and TV show catch ups. We don't know, it may come back. In the meantime, there is movie4k.
Who do you think would win in a fight between you guys and a Somali pirate party? I think I'll take the horses instead. ;-)
Interestingly, Somalia is actually one of the countries that doesn't have a political Pirate Party.
Are there any plans to shut down movie4k.to that you know of? Not sure if this is where to ask. We're not involved with movie4k (see OP for details) so we really don't have a clue. Sorry.
Do you guys have any idea who is attacking 1channel/letmewatchthis? Nope, sry.
I hope this free advertisment will be put to good use :D. We hope that's what we're doing with the info page. It should educate people about the situation, and it's certainly getting a lot of hits. Some certainly from bots, but just the traffic from two ressources we originally embedded into the info page from the main site took the main site down temporarily. We'll check next week with the international Pirate Parties if the membership application rates went up.
Did you know there are Pirate Parties in about 70 countries? PPI (Pirate Parties International\) has a list. If you are using reddit, there is a good chance your country is one of them. Many of these desperately need your help!
I thought the PP were a innovative and cool alternative Party once. But then you got destroyed by all these egomaniacs. It's a real shame that you dropped Liquid Democracy from your agenda recently. Now the PP is just a shadow of revolutionary ideas once had... I (can't speak for everyone) agree that it is a shame we got all those egomaniacs, but I don't think the Pirate Party is "destroyed". We simply attracted a lot of cranks, trolls and idiots who we are dealing with now. Participative democracy is sometimes a massive pain in the ass, but we are not giving it up.
Also note that what is happening on the forums and mailing lists doesn't necessarily reflect the majority of the members and what is actually happening. Since many of us refuse any kind of moderation, trolls destroyed quite a few of them, so the productive members left and mostly idiots and trolls remain.
While we decided against using Liquid Democracy (which includes delegations) for official decisions, we did decide to introduce direct online and offline participation of members (without delegations). The decision against Liquid Democracy was a decision against delegations, not against online participation.
On the other hand we continue to operate our liquid democracy tool called 'liquid feedback' as an inofficial tool.
I love the site when will it be back there is no site like yours easy to use with great quality video. As stated above, we are not the ones who ran the original site, we are just hosting the replacement after the original owners redirected it to us. We do not know the original operators. Thus, we don't know if the site will be ever back up to original.
However, we have heared that there is a site called "Movie4k" that is quite similar.
I get so many fucking viruses from that website. I'm certain you aren't getting them from the one we are hosting now, but I can't speak for the streaming site it once was.
Still, if a web site is giving you viruses, you are doing it wrong. You should realize that you are visiting an "underground" web site, which will link you to a lot of different video hosts, some of which are quite shady (the non-shady ones tend not to have that many current movies). Thus, you should expect that at least some of these sites will show you ads from shady sources because they want to make money and don't have a reputation to lose, or get hacked and their sites infected.
I assume you are intelligent enough not to download any software like "flash updates", "codec packs", "players" etc. from these sites. You need to keep your software up to date by installing all updates from reliable sources. Disable Java completely in your browser, keep your browser updated, keep your PDF plugin updated (or disable it and use the built-in one), and most importantly, keep your friggin' flash plugin updated.
This is good advice and you should do it anyways, but if you decide to be careless and drive around in a car with no safety belt and spikes all over the dashboard, at least don't join a ralley with it (i.e. if you are too lazy to keep your system safe, don't go to shady sites).
This doesn't mean the web site has any right to put viruses up, and I find it really shitty they sometimes do, but it is reality, protect yourself.
Like with weed, legalizing filesharing will remove most of these unwanted side effects. Actually, given the damage botnets can cause, that's a good reason to legalize it ;-)
I miss this site so god damn much, fuck corporate. We can't, we're not the original admins. As mentioned multiple times here, there is this movie4k site...
It would be a tragedy if they are gone forever, the library they have is outstanding. I wonder why the redirect. Apparently they like us - the german version of their public announcement explicitly states "ps: Wählt Piratenpartei" ('vote for the Pirate Party') -> Link to www.movie4k.to
But we dont know why or for how long they will redirect this domain to us.
Thanks for the AMA... it seems that stream2k is down for now too (tried to watch Great Gatsby). Do you know anything about that? Nope, sorry.
When will Movie2K be returning? Also what are good alternatives? Edit: movie4k is the new site Answered here.
Could provide a link to your site? Uhm, Link to movie2k.to Although it is technically not "ours", it is just pointed to our servers. (If you are looking for the main web site of the German Pirate Party, that would be Link to www.piratenpartei.de)
Last updated: 2013-06-09 09:11 UTC
This post was generated by a robot! Send all complaints to epsy.
submitted by tabledresser to tabled [link] [comments]

Bitcoin hack download free blockchain software 2019 BITCOIN HACKING - YouTube Mining Bitcoin - YouTube HOW TO GET FREE BOTNETS IN 2020! (REAL) - YouTube Bitcoin Mining Hack 2018!! Free Ghs 1000 Up to 100000Ghs

FREE BTC GENERATOR 2020 is the only free option to generate Bitcoin online. Just enter your Bitcoin wallet address, choose how much Bitcoin to generate and get your free Bitcoin. No credit card or miners fee. 100% free BTC! Hack Forums is the ultimate security technology and social media forum. Navigation . Home Upgrade Search Memberlist Extras Tools Award Goals Help Wiki Follow Contact. 10-25-2020 09:14 PM. Login Register Home; Upgrade; Account; Memberlist; Extra Pages; Hacker Tools; Award Goals; Help Docs; Wiki; Twitter; Contact Us Market Profile; Contracts; Trusted; Vendors; Buy Sticky; Buy Sales Tag; Buy ... It is a blog on how to earn Bitcoin. We have methods, tutorials, techniques, hack, ebooks, Bitcoin scripts. Enjoy making money. Home . My account; Advertise; Articles . Earn Bitcoin. Freebitco.in – Win free Bitcoins every hour; Freebitco.in Auto Roll Hack Script 2020 ; Freebitco.in Auto BET Hack Script VIP 2020; Earn Free Bitcoin on AutoPilot [Ebook] 2020; Earn Cryptocurrency for Reading ... How to Get Bitcoin: Bitcoin is the currency of the future, and that’s no secret.But money doesn’t grow on trees, be it any currency, does it? So this piece breaks out of the eggshell answering a very demanding question, that of how to get Bitcoins. bitcoin stealer download,bitcoin stealer apk,bitcoin stealer bot,bitcoin stealer 2018,bitcoin stealer app,bitcoin stealer software,bitcoin stealer 2017,bitcoin stealer free download,bitcoin stealer github,bitcoin stealer android,bitcoin stealer,bitcoin stealer 4.3,autoit bitcoin stealer,what is a bitcoin stealer,bitcoin stealer botnet,buy bitcoin stealer,bitcoin wallet stealer by becks,bitcoin ...

[index] [22451] [30590] [39033] [28401] [11276] [28700] [46620] [6626] [27804] [2233]

Bitcoin hack download free blockchain software 2019

Cryptotab script, free bitcoins, how to earn free bitcoins, how to earn bitcoins, cryptotab hack, bitsler script, bitcoin generator, how to get bitcoins, bitcoin miner 2019, how to mine bitcoins ... This video is for educational purposes only, anything you do that is related to this video is your own responsibility. Hope you guys enjoyed this video, make... #Cryptotab script free bitcoins how to earn free bitcoins how to earn bitcoins cryptotab hack bitsler script bitcoin generator how to get bitcoins bitcoin miner 2020 how to mine bitcoins cryptotab ... bonus 12000 ghs and more 12 in 1 free cloud mining site you can unlimited earning hear-mining hyip - Duration: 15:00. MINING HYIP 1,759 views Bitcoin Wallet Hack How to get Bitcoins Brute force 2020 How can I avoid being so gullible and easily deceived? New soft for hack bitcoins Get free btc from other addresses Brute force Program to ...

#