Jump to content
Not connected, Your IP: 18.119.159.196

Recommended Posts

Hello !

I guess their asses got kicked then. So according to this list that means it's Extratorrent next? Haha. Or is this super well-timed for kim dotcoms comeback with TPB. It's really sad that this copyright malaise is spreading.

 

 

@zhang888

Good to see you again!


Moderators do not speak on behalf of AirVPN. Only the Official Staff account does. Please also do not run Tor Exit Servers behind AirVPN, thank you.
Did you make a guide or how-to for something? Then contact me to get it listed in my new user guide's Guides Section, so that the community can find it more easily.

Share this post


Link to post
Guest

If you read through the posts on torrentfreak several things indicate that he wasn't all that good at staying hidden and ended up caught because of it, including security did not seem a priority for him they were able to get access to all the data on the site because they used default webhosting instead of dedicated server and he used the same IP to access KAT facebook and apple account making him traceable.

Share this post


Link to post

If you read through the posts on torrentfreak several things indicate that he wasn't all that good at staying hidden and ended up caught because of it, including security did not seem a priority for him they were able to get access to all the data on the site because they used default webhosting instead of dedicated server and he used the same IP to access KAT facebook and apple account making him traceable.

Indeed. It's quite epic how negligent he has been on the security front. Do you think he'll get extradited from Poland? I don't know if Poland tends to do so, but I'm inclined to think he'll get extradited.


Moderators do not speak on behalf of AirVPN. Only the Official Staff account does. Please also do not run Tor Exit Servers behind AirVPN, thank you.
Did you make a guide or how-to for something? Then contact me to get it listed in my new user guide's Guides Section, so that the community can find it more easily.

Share this post


Link to post

The greedy bastards that run Big Media exercise a lot of influence over the US Government via the Democratic Party. That will continue and grow under a deeply co-opted Hillary Presidency. They are a major pillar in US global power by their ability to influence global public opion and world-view with media of their devising (film, music, news). The vast majority of media shown in Europe and world-wide is made in USA. It seems like much of the European Union establishment is willing to submit to US media dominance rather than encourage native-made content.

Share this post


Link to post

I could not help wondering how much would it have helped if he had been using a VPN for all of this?

I think not much. If at all. The IP correlations might have tossed up a handful more folks to look at (because of the shared IP address), but I think that is all.

 

Only information kept by services he used was required to find him. Nothing from his IP address provider.

 

What identified him was an iTunes purchase he made using the same IP address as he used on the Facebook fan page, where his real identity was front and center.

 

And he used the same IP address to access his Apple-provided E-mail.

 

Mixing (over the same IP, VPN or not) perfectly legitimate activity with activity that may be more of a concern to law enforcement or would-be civil law suit filers may be unwise? Using the VPN for everything may be a great act of civil disobedience (or something), but perhaps knowing how to split traffic might be a good idea?

Share this post


Link to post
Guest

I could not help wondering how much would it have helped if he had been using a VPN for all of this?

 

I think not much. If at all. The IP correlations might have tossed up a handful more folks to look at (because of the shared IP address), but I think that is all.

 

Only information kept by services he used was required to find him. Nothing from his IP address provider.

 

What identified him was an iTunes purchase he made using the same IP address as he used on the Facebook fan page, where his real identity was front and center.

 

And he used the same IP address to access his Apple-provided E-mail.

 

Mixing (over the same IP, VPN or not) perfectly legitimate activity with activity that may be more of a concern to law enforcement or would-be civil law suit filers may be unwise? Using the VPN for everything may be a great act of civil disobedience (or something), but perhaps knowing how to split traffic might be a good idea?

 

If he had used VPN for everything KAT related they would not be able to link him to Apple as easily, ofc another mistake was using same alias a lot of places, I believe they call it social reverse engineerig or something like that? Generally the common denominator with all the people that gets caught is they fuck up/slip up or simply neglect on staying hidden

Share this post


Link to post

I'm not seeing it.  So what if authorities see the same IP connect to KAT, facebook, and apple.  Assuming it's all encrypted (https), how would they know what accounts are being accessed on those sites?  What am I missing?

Share this post


Link to post

I'm not seeing it.  So what if authorities see the same IP connect to KAT, facebook, and apple.  Assuming it's all encrypted (https), how would they know what accounts are being accessed on those sites?  What am I missing?

 

The fact that he used his home ISP in Poland to login to Apple, Facebook, and the site administration page.

This can triangular to a perfect match, since you have a common point of interest where one is a human evidence

(Facebook profile) and second is electronic (Unique IP address). Then it is usually easy to send requests to all other

U.S. based services with a request for more info.

After that you load all the data of points of interests to a device like Palantir:

https://www.palantir.com/wp-assets/wp-content/uploads/2013/11/Palantir-Solution-Overview-Cyber-long.pdf

 

We need to wait for the final indictment to know more details, just like with the SR case. Right now it's only

small drafts. This is usually released after the first prosecution takes place.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

For someone who would be a target like him, you need to follow a lot of security best practices. A really high level of anonymity needs constant vigilance....easy to make mistakes.

Share this post


Link to post

 

I'm not seeing it.  So what if authorities see the same IP connect to KAT, facebook, and apple.  Assuming it's all encrypted (https), how would they know what accounts are being accessed on those sites?  What am I missing?

 

The fact that he used his home ISP in Poland to login to Apple, Facebook, and the site administration page.

This can triangular to a perfect match, since you have a common point of interest where one is a human evidence

(Facebook profile) and second is electronic (Unique IP address). Then it is usually easy to send requests to all other

U.S. based services with a request for more info.

After that you load all the data of points of interests to a device like Palantir:

https://www.palantir.com/wp-assets/wp-content/uploads/2013/11/Palantir-Solution-Overview-Cyber-long.pdf

 

We need to wait for the final indictment to know more details, just like with the SR case. Right now it's only

small drafts. This is usually released after the first prosecution takes place.

 

It only makes sense to me if they hacked KAT and got cooperation from apple and facebook on the timing of the connections to their services by that IP.  If apple and facebook don't cooperate I don't see how they'd make the connection.  Anyway, shame on apple and facebook for cooperating. 

Share this post


Link to post

...

It only makes sense to me if they hacked KAT and got cooperation from apple and facebook on the timing of the connections to their services by that IP.  If apple and facebook don't cooperate I don't see how they'd make the connection.  Anyway, shame on apple and facebook for cooperating.

 

They must to, according to the law in the country they are from. Snowden confirmed that it can happen even without an official court procedure.

 

You can add Coinbase to the list companies that provided information when faced with a court order. See paragraph 60 of the "Criminal Complaint" document that you can find here:

 

https://www.justice.gov/opa/file/877691/download

 

The simple reality is that no service provider any of us here use would be likely to refuse to comply with a proper court order, including ANY VPN provider.

 

If you don't want to read the complaint, this is a good overview:

 

https://gizmodo.com/the-colossal-screwups-that-got-the-kickass-torrents-own-1784033848

 

If you really need privacy for something you are doing, idealism and outrage at people not behaving as you think they should will not help you. It will impair your thinking and assessment of risk.

Share this post


Link to post

@NaDre

That last line was brilliant. Idealism and outrage lol. Genius.

But it's funny the gizmodo link is like "cybercriminals can't hide" and it's like you want to tell them.... But he wasn't even trying to hide lol.


Moderators do not speak on behalf of AirVPN. Only the Official Staff account does. Please also do not run Tor Exit Servers behind AirVPN, thank you.
Did you make a guide or how-to for something? Then contact me to get it listed in my new user guide's Guides Section, so that the community can find it more easily.

Share this post


Link to post

That's why trustworthy VPNs don't log anything right? So that when they comply they turn over everything they have, i.e. nothing.

 

Anybody have any thoughts on LE installing intercepts on both sides of a VPN server without the server owner knowing?

Share this post


Link to post

That's why trustworthy VPNs don't log anything right? So that when they comply they turn over everything they have, i.e. nothing.

 

Anybody have any thoughts on LE installing intercepts on both sides of a VPN server without the server owner knowing?

That would either be a MitM (Man in the Middle) attack, or entirely useless since all data sent or received is encrypted.

 

*Edit* On second thought, even a MitM attack would be pointless unless you have the ability to do what is mathematically impossible. (Not impossible, but brute forcing a single key would likely take longer than the entire Galaxy will exist, and that is if every computing device ever made, and ever made in the future were tasked with that alone, and not just used to watch videos of cats falling off tables on Youtube...)

 

Want proof that encryption is safe? Check this site out. Read the comments below the article. There is not enough energy for the switching power used to do that much mathematics.

http://www.eetimes.com/document.asp?doc_id=1279619


Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.

Share this post


Link to post

That would either be a MitM (Man in the Middle) attack, or entirely useless since all data sent or received is encrypted.

That's why trustworthy VPNs don't log anything right? So that when they comply they turn over everything they have, i.e. nothing.

 

Anybody have any thoughts on LE installing intercepts on both sides of a VPN server without the server owner knowing?

 

*Edit* On second thought, even a MitM attack would be pointless unless you have the ability to do what is mathematically impossible. (Not impossible, but brute forcing a single key would likely take longer than the entire Galaxy will exist, and that is if every computing device ever made, and ever made in the future were tasked with that alone, and not just used to watch videos of cats falling off tables on Youtube...)

 

Want proof that encryption is safe? Check this site out. Read the comments below the article. There is not enough energy for the switching power used to do that much mathematics.

http://www.eetimes.com/document.asp?doc_id=1279619

 

Although it should also be said that how encryption is implemented and what sort of standards are followed, are equally vital; as they've been the weak points used to undermine encryption . Sort of like it's no use having the worlds best door if the window is open or the keys are hanging from the door knob, etc. etc. Also, the phrase you're looking for is "the heat death of the Universe", not Galaxy. I only care to point this out to you, because I know you're geeky enough to care about such details lmao <3.


Moderators do not speak on behalf of AirVPN. Only the Official Staff account does. Please also do not run Tor Exit Servers behind AirVPN, thank you.
Did you make a guide or how-to for something? Then contact me to get it listed in my new user guide's Guides Section, so that the community can find it more easily.

Share this post


Link to post

When that person didn't buy a separate laptop, a prepaid SIM card, and a VPN to manage his website - and -only- his website,

no encryption in the world could help.

That is a common compartmentalization mistake of people who think they are fine without it.

 

The details and the time-stamps, are already everywhere. I expected some twist but it was quite a simple and boring read.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

There was no need to break encryption in order to find the operator of KAT. And now that they believe they have determined his identity, I think they feel that conventional evidence will be sufficient.

 

The "Criminal Complaint" is quite interesting, and provides some useful insight into what really is needed to pursue legal actions, as well as how they may go about determine the identity of a suspect.

 

I doubt that any encryption done by Snowden was ever broken. So he doesn't have to worry then?

 

Things can be proven to the satisfaction of court without having to break encryption.

 

When the person at one end the encrypted channel reveals the content of the communication, it is irrelevant that encryption was used. It is about determining who was at the other end.

 

,,,

 

Anybody have any thoughts on LE installing intercepts on both sides of a VPN server without the server owner knowing?

 

I believe that the NSA has been collecting all internet metadata (what addresses connect to what other addresses) for some time now. What information would such intercepts add?

 

If information on specific IP addresses can be demanded from private enterprises with a court order, would another government agency not be expected to comply?

Share this post


Link to post

Actually with an intercept on the clear text side of the server and another intercept on the encrypted side of a server, you could see what the clear text is and do a timing correlation to understand where the encrypted side was going/coming. I was really wondering if anybody knows how easy or difficult it is to do that without the server owner knowing. Maybe nobody but TLOs really know this.

Share this post


Link to post

Actually with an intercept on the clear text side of the server and another intercept on the encrypted side of a server, you could see what the clear text is and do a timing correlation to understand where the encrypted side was going/coming. I was really wondering if anybody knows how easy or difficult it is to do that without the server owner knowing. Maybe nobody but TLOs really know this.

 

I would be astonished if the metadata collected did not have the times of the connections, so that timing correlations can be done, long after the fact.

 

I think in many cases the "clear text" would still be SSL or SSH encrypted.

 

I think that one should assume that a hosting provider will comply with a court order.

 

But they could I think just decide to drop the target as a customer. Without explanation if they were also gagged.

 

Since this sort of demand could cause them expense, they would not have to be motivated by some sort of idealism to see this as their best alternative. If you read the terms of service that you agree to when you get a VPS, they make it clear that if they have to spend any significant time dealing with and forwarding copyright complaints, you should expect to be dropped.

 

But I am not an expert on the legalities.

Share this post


Link to post
Guest

I'm not seeing it.  So what if authorities see the same IP connect to KAT, facebook, and apple.  Assuming it's all encrypted (https), how would they know what accounts are being accessed on those sites?  What am I missing?

 

 

 

I'm not seeing it.  So what if authorities see the same IP connect to KAT, facebook, and apple.  Assuming it's all encrypted (https), how would they know what accounts are being accessed on those sites?  What am I missing?

 

The fact that he used his home ISP in Poland to login to Apple, Facebook, and the site administration page.

This can triangular to a perfect match, since you have a common point of interest where one is a human evidence

(Facebook profile) and second is electronic (Unique IP address). Then it is usually easy to send requests to all other

U.S. based services with a request for more info.

After that you load all the data of points of interests to a device like Palantir:

https://www.palantir.com/wp-assets/wp-content/uploads/2013/11/Palantir-Solution-Overview-Cyber-long.pdf

 

We need to wait for the final indictment to know more details, just like with the SR case. Right now it's only

small drafts. This is usually released after the first prosecution takes place.

 

It only makes sense to me if they hacked KAT and got cooperation from apple and facebook on the timing of the connections to their services by that IP.  If apple and facebook don't cooperate I don't see how they'd make the connection.  Anyway, shame on apple and facebook for cooperating. 

 

I was asleep when you wrote this but I still wanted to add my 5cents as they say, If the authorities see the same IP address connect to the KAT facebook account and also see that same IP address that same day connect to Itunes and make a purchase they see his address name, credit card even that is enough evidence to say it is with 99% chance him so they either look for more evidence or have him arrested, not to mention infact the hosting provider did also hand over their servers to the government(why they should've gone with dedicated server) 

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...