NOW HEAR THIS!

NOW HERE THIS!

I will be giving a speech on IRC about the anti-security movement, its goals, ideals and values, etc, etc. I will also be including a fairly lengthy segment about how the security industry has become greedy and corrupt.

The speech will take place on HBH's IRC server. irc.rasterized.net #hbh will get you there. The speech will be on Sunday, July 8th 2007 at 12:30 EDT (30 minuets past noon). Tell your friends about it, the more people that show up the better.

Be there or be square.

Newbie hackers of HellBound, come to this channel. You will hear the truth. N3w7yp3 knows what's going down.

Yay! Strayfe is teh secks. Come listen.

Thats 4:30 GMT… So everyone from UK will be nicely home from school/sixth form/college/skived off work

Summer holidays ftw.

Jamie bastard mine ent for 13 days. -.-

For anyone who missed it:

<strayfe> okay <strayfe> The speech is starting now <RoMeOx> :) <XPherior> Okies. :3 <strayfe> so shut up. :) <lesserlights> =D <RoMeOx> me listens

• uniques blows trumpet <RoMeOx> XD <XPherior> Rofl. <strayfe> Okay, to quickly recap some definitions <strayfe> For the duration of my talk, the following definitions will apply: <strayfe> whitehat: works for the security industry, gets paid to legally hack in into systems, may also audit code for a company like CORE SDI, ISS, etc. <strayfe> I'd like to amend that by saying they also post exploit code on sites like milw0rm.packetstorm/securityfocus/etc/etc <strayfe> blackhat: someone who hacks for a hobby, does not post exploits publically, does not work for a security company <strayfe> Now, the security industry is evil. <strayfe> They lie to their clients, the public and the media <tele> blows <strayfe> They don't care about computer security at all; they just care about money. <strayfe> They want the world to be insecure. <tele> i like money <tele> haha <RoMeOx> sounds like cheese <asdf> +m <strayfe> After all, if the world was completly secure, they wouldn't have a job now would they?
• hazed slaps you all. STFU <strayfe> uniques: +m the chan and +v me <strayfe> I was hoping we could avoid that by all being mature
• XPherior sets mode: +m
• XPherior sets mode: +v strayfe <strayfe> ty <XPherior> Welcome~ <strayfe> So, as I was saying, if the world was prefectly secure, they're out a job.
• Caity has joined #hbh
• HellBound sets mode: +ao Caity Caity <strayfe> They'd have no place in the world. <Caity> Hello <strayfe> They directly contribute to insecurity and they feed the script kiddies. <strayfe> Look at it logically. The whitehats post fully functional exploit code to widley known web sites, exploit code that can be downloaded by anyone and immedatly used to start owning boxen. <strayfe> If the whitehats would stop doing this, the script kiddies would have far less ammo then they used to. <strayfe> They'd eventually die off (alebit very slowly) <strayfe> Now, the whitehats don't want this to happen. <XPherior> So, Strayfe, how do we, the blackhats/unknown hats, fight that? <strayfe> Because, again, they'd be out a job. <strayfe> XPherior: ask me questions after I'm done please. <XPherior> Alright. <strayfe> So, the whitehats perpetuate the cycle. They work to get the exploits into the hands of script kiddies, so a lame company get get a box or two owned, and then call a security company to get a pen test done. <strayfe> And the security company walks away with a new bundel of cash <strayfe> Eventually certain people got tired of this.
• tele is now known as wtf_voice_plz <strayfe> And they started what's known as the anti-security movement.
• wtf_voice_plz is now known as fucking_lame
• asdf is now known as stfu-tele
• fucking_lame is now known as nbdy_cares_about_your_opinion
• nbdy_cares_about_your_opinion has left #hbh <XPherior> What's the mode for no nick changes? <uniques> +N <Caity> +N, isn't it?
• XPherior sets mode: +N <strayfe> The idea here was to stop posting exploits, stop feeding the whitehats, and stop all communication between what was left of the hacker "underground" and the security industry. <strayfe> Bear in mind this was circa 2000ish, when there actualyl still was a very active "underground" <strayfe> The anti-security movement was intended for people who took the moderate stance. People who didn't like how things were working out, and wanted to try to change things. Oddly enough, some whitehats even adopted it, seeing the truth behind it. <strayfe> There was another idea that also started however. It's a bit more widley known. pr0j3kt m4y3m was started by el8 in an attempt to destroy the security industry. <strayfe> To destroy it by force. <strayfe> TRhe iea was to own all the whitehats you could, drop their d0x, steal their 0days (if they had any) and rm their box. <strayfe> After all, if a whitehat can't protect their home LAN (which one would expect to be a bastion of security), who would hire them for a pen-test and expect them to do a good job? <strayfe> pr0j3kt m4yh3m was intended to shake the confidence of the IT industry in the security industry. <strayfe> Eventually it moved away from el8 and spread to #phrack@EFNet after #phrack@EFNet was taken over by a group calling themselves the Phrack High Council <strayfe> They were sort of a front group for pr0j3kt m4yh3m, publically prompting it's values through their site phrack.ru (which as down now as crg gave the domain to shiftee and xtx has to get it back) <strayfe> jim jones picked up on pr0j3kt m4yh3m and spread it to the hack.co.za channel #darknet <strayfe> later Jim Jones changed his nick to The_Unix_Terrorist, left #darknet and became affiliated with GOBBLES. Hew gave the famous "wolves among us" speech with GOBBLES and silvio at DEFCON X <strayfe> For a speech that essentially made all the points I made earlier about whitehats, it was quite well recieved by the audience, most of whom were in fact security professionals themselves. <strayfe> Today, in many sites like HTS, HBH, etc etc, blackhats are regarded as script kiddies, while it's cool to be a whtiehat and they're regarded as the "real hackers" <strayfe> Why should we all become whitehats? What has the security industry ever done to benefit the internet at large? They post public exploits for the script kiddies, they spread lies and porpaganda about hackers, they've turned a fun hobby into a get rich quick scheme were if you ahve a CEH people think you're qualified, and they work to destroy the underground that gave birth to them. <strayfe> Look at the Honeynet Project for a moment. <strayfe> The idea is to set up networks of "research honeypots" to entrap the blackhat community and "study" their motives and tactics. <strayfe> All the honeynet project catches are the really dumb, lame script kiddies <strayfe> the kinds who have trouble with ./configure && make
• s0m3nak3dguy has joined #hbh <strayfe> Really, who else goes around mass bruteforcing SSH logins or scanning /8's and /16's for vulns that are 3 or 4 years old? <strayfe> they catch kids who still use that old rpcstatd overflow FFS <strayfe> They never produce anything worth reading and yet the beg for funding and complain when they can't get it.
• aaaaa has joined #hbh <strayfe> Hmm, I wonder why? It's such a feat to catch botnet hearders from the .ro or .br. <strayfe> Take a look at Phrack magazine really quick. While it is getting better, for a while every article in an issue was written by a corporate whitehat. <strayfe> Phrack founded itself upon the principles that it was "for hackers by hackers" <strayfe> How do things like sebek fit into that category? sebek is intended to spy on hackers, and while it can be subverted to be a rootkit in the traditional sense of the word, there are better ones avalible.
• |Zero|H|I|T| has joined #hbh <strayfe> But yea, sebek was the the honeynet project's idea to spy on the hackers they trap. Too bad it was easy to detect for any one who had a small understanding of computers. <strayfe> It hooked the read and write syscalls, and replaed them with it's own versions. It also messed up the distance between them and it was easy to write a small C program to detect sebek. <strayfe> So mcuh for their "undetectable" solution. <strayfe> The worst are the people that were "underground" hackers at one time and then turned their backs on the scene and their friends and sold out to the corporate side <strayfe> They work against people who are exactly like they are. <strayfe> They decry people who illegaly enter systems when a few short years ago they were doing exactly the same thing. <strayfe> They work against their former friends. They ruin perfectly good exploits by thoughtlessly posting them on Full-Disclosure in an attempt to make a name for themselves.
• DJDD has joined #hbh <HellBound> [DJDD] All bow to the mighty DJ!!!
• HellBound sets mode: +ao DJDD DJDD <strayfe> They post crappy code in the public domain in an attemot to make a name for themselves. <strayfe> what tehy used to do for free they put a price tag on. <strayfe> they sold their souls for money. <strayfe> The security industry is the single biggest fear mongering market on the planet. <strayfe> They use fear of hackers to motivate people to buy their services and products. <strayfe> Now, alot of the bigger companies like Symantec, CORE SDI, ISS, etc etc have active 0day research and developmetn teams <strayfe> they have teams of highly skilled individuals who audit ccode for a living, finding vulns in popular applications that are in the public domain. <strayfe> Things like Apache, OpenSSH, the Linux kernel, IIS, etc etc <strayfe> They then use these exploits in what special "0day penetration tests" <strayfe> After they own the clients network they impress upon them the fact that it was very easy to do so and that there are 0day exploits activley circulating amongst the baclkhats, and they could jsut as eaisley own the network. <strayfe> They charge a huge amount of money for 0days tests, usually at least $15,000 <strayfe> When it comes time for their mitigation report, they have to offer a solution besides "don't use the vuln service" <strayfe> Usually it's along the lines of "buy this product of ours, for a mere $20,000 you can be completly portected" <uniques> okay…hmmm <strayfe> Then they go a publish a new vulneraility, come back and tell the client "oh yes, a new exploit was discovered and is public, now you need to pay for a service upgrade." <strayfe> It all comes back to the fact that they don't want secure computers. <strayfe> They thrive on a state of insecurity and fear. <strayfe> Every new major exploit (recently safari and IE exploits) and very new worm or virus undergoes the predicatble media hype <strayfe> they just care about the quarterly return. <strayfe> the share holders <strayfe> and the vacation homes of their CEO <strayfe> Why should you help those who don't help you? <strayfe> Why help those who want to destroy you? <uniques> When can we speak/respond? <strayfe> Why help those who would love to use you as an example to strip up media hype to drive up their quarterly gains? <strayfe> whatever, go now <uniques> Okay nice talk. <strayfe> I'm mostly done. go ahead and -m <strayfe> I have a few more points but they can wait
• uniques sets mode: -m <ReVoLT> i have a few questions <RoMeOx> claps bravo claps :) <stfu-tele> Nice speach <3 <XPherior> Excellent. :3 <ReVoLT> but i've forgotten them now lol <ReVoLT> ah <strayfe> ReVoLT: go ahead <XPherior> Haha. <lesserlights> i wrote down a few. <|Zero|H|I|T|> Cool <hazed> thanks man. going well. <ReVoLT> hasn't the phrack magazine ended? <strayfe> no <strayfe> phrack 64 was just released recently <ReVoLT> ah ok <ReVoLT> and project mayhem <stfu-tele> strayfe, is project mayhem still active? (cba to type it out with numbers and shit) <ReVoLT> did they get aload of whitehats? <strayfe> yes and yes <stfu-tele> uniques, do -N .. I need to change my nick
• XPherior sets mode: -N
• stfu-tele is now known as asdf <asdf> ty <XPherior> Welcome. <asdf> Did anybody log that? Should post it as an article on HBH and EG <XPherior> Yeah. I'll put it on HBH now. <XPherior> Unless there's more. <strayfe> XPherior: nah, it's mostly done <XPherior> Alrighty. <ReVoLT> and sebek <strayfe> what about it? <ReVoLT> when you said it changed the space between the hooked functions <ReVoLT> 1 more question <strayfe> yes <strayfe> and go ahead <ReVoLT> you said the underground was active at like ~2000 <ReVoLT> isn't it very active now? <ReVoLT> and if not..do you know why? <strayfe> not compared to what it once was <strayfe> because of the whitehats. <strayfe> sites like HBH tell people it's evil to go actually hack <strayfe> and they listen and never develop and real skills. <ReVoLT> i c <lesserlights> so could you name some groups that were active in the underground ~2000 and some active currently, for comparison? <strayfe> They never delve down into the lower levels of programming and learn about things like adjacent memory overflows, and innovate new techniques

/* Good going, N3w7yp3. ^^ */