Author Topic: come home  (Read 16414 times)

0 Members and 2 Guests are viewing this topic.

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
come home
« on: December 14, 2010, 03:28:34 pm »
you have some work to do.  analyze the gawker passwords, bitch!

I may download them and do a little analysis myself. ;P

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: come home
« Reply #1 on: December 14, 2010, 04:34:10 pm »
you need to follow me on twitter! :P

6 minutes ago:
@iagox86 450,442/748,081 (60.2%) of Gawker hashes cracked so far. Thanks to everybody who's shared their results with us!


Also, I've been home since Dec 4. :)

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: come home
« Reply #2 on: December 14, 2010, 04:58:32 pm »
Cool. :)

Offline Newby

  • x86
  • Hero Member
  • *****
  • Posts: 10877
  • Thrash!
    • View Profile
Re: come home
« Reply #3 on: December 14, 2010, 09:09:43 pm »
Haha. I saw this on the news and thought "I bet iago is up to something..."

Scary that I was right!
- Newby
http://www.x86labs.org

Quote
[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

I'd bet that you're currently bloated like a water ballon on a hot summer's day.

That analogy doesn't even make sense.  Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT. 

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: come home
« Reply #4 on: December 14, 2010, 11:02:26 pm »
We have a much bigger password list from a much higher profile site (a financial one in fact) that we're sitting on. We don't want to be the first ones to break the story for fear of legal action, so we're cracking way and waiting for somebody else to slip up :)

Offline Blaze

  • x86
  • Hero Member
  • *****
  • Posts: 7136
  • Canadian
    • View Profile
    • Maide
Re: come home
« Reply #5 on: December 15, 2010, 01:24:47 am »
We have a much bigger password list from a much higher profile site (a financial one in fact) that we're sitting on. We don't want to be the first ones to break the story for fear of legal action, so we're cracking way and waiting for somebody else to slip up :)


So.. is this a Canadian site?  :)
And like a fool I believed myself, and thought I was somebody else...

Offline Joe

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: come home
« Reply #6 on: December 15, 2010, 01:31:22 am »
You say "we". You and the other 11 iagi? Or is S.S. (I think I like that, The S.S.) no longer a one-man operation?
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: come home
« Reply #7 on: December 15, 2010, 09:00:52 am »
We have a much bigger password list from a much higher profile site (a financial one in fact) that we're sitting on. We don't want to be the first ones to break the story for fear of legal action, so we're cracking way and waiting for somebody else to slip up :)


So.. is this a Canadian site?  :)

No, I'm not really sure what gave you that idea.. :P

Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: come home
« Reply #8 on: December 16, 2010, 01:36:41 am »

No, I'm not really sure what gave you that idea.. :P

Why would you be afraid of legal action if you aren't a national of the US? I highly doubt Canada would extradite you like that, if push came to shove.

I mean, assuming you haven't gotten passwords to the NYSE admin accounts or something. If you did that I would bow.
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Offline Joe

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: come home
« Reply #9 on: December 16, 2010, 01:45:16 am »
Cmon deadly, this is the guy who h4xx3d Facebook.
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: come home
« Reply #10 on: December 16, 2010, 09:08:18 am »
No, I'm not really sure what gave you that idea.. :P

Why would you be afraid of legal action if you aren't a national of the US? I highly doubt Canada would extradite you like that, if push came to shove.

I mean, assuming you haven't gotten passwords to the NYSE admin accounts or something. If you did that I would bow.
I don't care if it's Canadian, American, or European data - releasing it without the company's knowledge is wrong, both legally and ethically.

And for what it's worth, I've already talked to investigators about the situation. The company in question is taking this very seriously.

Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: come home
« Reply #11 on: December 16, 2010, 11:41:36 am »
I don't care if it's Canadian, American, or European data - releasing it without the company's knowledge is wrong, both legally and ethically.

And for what it's worth, I've already talked to investigators about the situation. The company in question is taking this very seriously.
I was speaking from a purely legal standpoint, not a moral one. FWIW I agree with you that working with the company to secure their data is more ethical. And makes you more money.
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: come home
« Reply #12 on: December 16, 2010, 12:29:55 pm »
I don't care if it's Canadian, American, or European data - releasing it without the company's knowledge is wrong, both legally and ethically.

And for what it's worth, I've already talked to investigators about the situation. The company in question is taking this very seriously.
I was speaking from a purely legal standpoint, not a moral one. FWIW I agree with you that working with the company to secure their data is more ethical. And makes you more money.
Even legally - if I cause significant financial damage to a company, which this potentially could (especially being the X-mas season), they're going to go after me no matter which country I'm in (provided it isn't an unfriendly one).

Offline rabbit

  • x86
  • Hero Member
  • *****
  • Posts: 8092
  • I speak for the entire clan (except Joe)
    • View Profile
Re: come home
« Reply #13 on: December 16, 2010, 01:49:57 pm »
I don't care if it's Canadian, American, or European data - releasing it without the company's knowledge is wrong, both legally and ethically.

And for what it's worth, I've already talked to investigators about the situation. The company in question is taking this very seriously.
I was speaking from a purely legal standpoint, not a moral one. FWIW I agree with you that working with the company to secure their data is more ethical. And makes you more money.
Even legally - if I cause significant financial damage to a company, which this potentially could (especially being the X-mas season), they're going to go after me no matter which country I'm in (provided it isn't an unfriendly one).

Quick!  Move to Iraq!

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: come home
« Reply #14 on: December 16, 2010, 02:17:02 pm »
I don't care if it's Canadian, American, or European data - releasing it without the company's knowledge is wrong, both legally and ethically.

And for what it's worth, I've already talked to investigators about the situation. The company in question is taking this very seriously.
I was speaking from a purely legal standpoint, not a moral one. FWIW I agree with you that working with the company to secure their data is more ethical. And makes you more money.
Even legally - if I cause significant financial damage to a company, which this potentially could (especially being the X-mas season), they're going to go after me no matter which country I'm in (provided it isn't an unfriendly one).

Quick!  Move to Iraq!
Isn't Iraq owned by the US now?

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: come home
« Reply #15 on: December 16, 2010, 02:44:23 pm »
I don't care if it's Canadian, American, or European data - releasing it without the company's knowledge is wrong, both legally and ethically.

And for what it's worth, I've already talked to investigators about the situation. The company in question is taking this very seriously.
I was speaking from a purely legal standpoint, not a moral one. FWIW I agree with you that working with the company to secure their data is more ethical. And makes you more money.
Even legally - if I cause significant financial damage to a company, which this potentially could (especially being the X-mas season), they're going to go after me no matter which country I'm in (provided it isn't an unfriendly one).

Quick!  Move to Iraq!
Isn't Iraq owned by the US now?


Either way, it's not exactly friendly. :)

No, I'm not really sure what gave you that idea.. :P

Why would you be afraid of legal action if you aren't a national of the US? I highly doubt Canada would extradite you like that, if push came to shove.

I mean, assuming you haven't gotten passwords to the NYSE admin accounts or something. If you did that I would bow.
I don't care if it's Canadian, American, or European data - releasing it without the company's knowledge is wrong, both legally and ethically.

And for what it's worth, I've already talked to investigators about the situation. The company in question is taking this very seriously.


Release it anonymously!

I don't think it's unambiguously wrong from a moral standpoint.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: come home
« Reply #16 on: December 16, 2010, 03:55:10 pm »
Release it anonymously!

I don't think it's unambiguously wrong from a moral standpoint.
I think it is. I have 5 million passwords belonging to ~15 million users. I'd be directly harming some proportion of those users. That makes it wrong in my mind.

Additionally, there is some malice at play - somebody stole these, and right now investigators are trying to find that person/people. If I release it with the name of the company in question, those people are going to be tipped off that others know what's going on and will likely be more difficult to find.

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: come home
« Reply #17 on: December 16, 2010, 04:42:18 pm »
My suggestions are in jest.

I still don't think it's absolutely wrong, though, even if it does hurt people.

Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: come home
« Reply #18 on: December 16, 2010, 04:46:28 pm »
I still don't think it's absolutely wrong, though, even if it does hurt people.
If a company had amassed data on people illegally, they'd get away with it as long as possible. I agree with your statement that it's not absolutely wrong, just could end up doing lots of damage. I don't know what Gawker is, so I'm talking in general terms of releasing passwords.
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: come home
« Reply #19 on: December 16, 2010, 04:51:52 pm »
I still don't think it's absolutely wrong, though, even if it does hurt people.
If a company had amassed data on people illegally, they'd get away with it as long as possible. I agree with your statement that it's not absolutely wrong, just could end up doing lots of damage. I don't know what Gawker is, so I'm talking in general terms of releasing passwords.
This isn't about Gawker - those passwords are out there and everybody has them. And they aren't doing *that much* damage - it isn't that important of a site, most people register with crap passwords to comment.

What we're talking about is a large financial site with 10x as many passwords breached. I have the passwords, but I don't want to name the site or anything until it hits the press on its own. It's being actively investigated. :)

Offline rabbit

  • x86
  • Hero Member
  • *****
  • Posts: 8092
  • I speak for the entire clan (except Joe)
    • View Profile
Re: come home
« Reply #20 on: December 16, 2010, 05:45:38 pm »
Tell me the company, website, and number of passwords and I'll go tell Slashdot then everyone can know and then you can do your stuff :D