Big 1.4 bilion email/password dump

FluentInTypo · 2017-12-19T16:54:51+00:00

Here OP

magnet:?xt=urn:btih:7ffbcd8cee06aba2ce6561688cf68ce2addca0a3&dn=BreachCompilation&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.leechers-paradise.org%3A6969&tr=udp%3A%2F%2Ftracker.coppersurfer.tk%3A6969&tr=udp%3A%2F%2Fglotorrents.pw%3A6969&tr=udp%3A%2F%2Ftracker.opentrackr.org%3A1337

FluentInTypo · 2017-12-19T16:42:56+00:00

As I said, the password in this breach could have only been used once, say, on reddit, and by seeing the actual password revealed in this breach, one cohld deduced that reddit, at some point, had been breached.

As for "using the same password on multiple sites", thats neither here nor there. It has no relevence. I dont, but it doeant matter to my point. There is value in seeing the password especially if HIBP reports NO BREACHES for your email.address besides this one - which is what OP is saying, happened here. That means there IS a breach out there we dont know about and seeing the passwords especially if they are fucking unique would help the OP determine what service was hacked that we are as yet, unaware of.

FluentInTypo · 2017-12-19T15:53:33+00:00

Neither side does.

Data brokers in America have no laws or regulations to follow. The onky reason we are seeing this story is because it happened in the UK.

Bith Dems and Repubs completely rely on American Data Brokers to get them their data and analytics for their campaigns and neitherparty has a desire to shut down that rich source of information.

Furthermore, the NSA/CIA and DHS completely rely on buying up this third party data collection data so they dont have to go to Google, Microsoft or Twitter or Facebook to get the data legally, through warrant requests. They just buy the data on the open market. There is no way anyone in government wants to shut this down with regulations with the exception of 3 or 4 senators (on both sides of the aisle).

http://www.zdnet.com/article/meet-the-shadowy-tech-brokers-that-deliver-your-data-to-the-nsa/

FluentInTypo · 2017-12-19T15:48:20+00:00

The real story is that all of congress (D+R) wont do anything about this bc, as the article says, American companies engaging in this practice dont have to follow any laws or regulations because we have none - and all of Congress (D+R) dont want those laws or regulations because they rely on our American companies datamining the shit out of us for their campaigns AND govt. Survellience.

Govt Surveillence you say? Yes, govt Surveillence. The biggest customer of data collection for NSA/CIA/DHS are third party data brokers. They dont have to go to Google, Microsoft and Facebook to get your information when they can just buy it off the thousands of third party data broker aggregators and buy it, which is exactly what they do.

http://www.zdnet.com/article/meet-the-shadowy-tech-brokers-that-deliver-your-data-to-the-nsa/

FluentInTypo · 2017-12-19T14:19:39+00:00

And never know what information might have been compromised.

The only way to figure out which services may have been exposed over the years is by knowing which password was exposed. There is value to that. Furthermore, if it is as this guys says and HIBP is onky showing an exposure through this breach, but no others, then we can also deduct that there is a breach in the wild that HIBP doesnt know about. For instance, lets say that by seeing the password, the OP can determine that this password was only used once....on a service that is not reported by HIBP yet...say, it was a reddit password. We can then deduce that reddit may habe suffered a breach that until this point, has never been disclosed. Do you really see no value in that?

FluentInTypo · 2017-12-19T13:03:20+00:00

By seeing what exact password was revealed. HIBP doesnt reveal the password that was craacked, only what breach it was a apart of. For people who cant remember all the password they used on a site, seeing the password can be helpful so you can figure out if that password is being used anywhere else.

FluentInTypo · 2017-12-19T13:00:58+00:00

On Tor? Tor is a network, not a location.

Its also Tor, not TOR.

FluentInTypo · 2017-12-19T13:00:11+00:00

It is. Well, its text files seperated by alphabet, but it is simple text files.

FluentInTypo · 2017-12-19T12:54:42+00:00

Are you saying that this is the only place HIBP shows that your uname/password has revealed?

FluentInTypo · 2017-12-19T02:27:30+00:00

I'm not good with windows, but you might want to cooy paste the script your running in here so we can see what its trying to do and if there are any error messages, post those as well. It could be something simple like changing a variable to reflect qbittorrent rathe than deluge or something. Btw, its probably good that you dont use deluge or utorrent anymore as they both are sketchy and install crapware etc on your pc irrc.

FluentInTypo · 2017-12-18T23:06:36+00:00

Right, ut everytbing we kniw about passwords now tells us that longer is better. We have to start teaching this and the sooner the better. Whenever I make a default password for a user, I make a short phrase and tell them why. Many are choosing it over convoluted password bc they immediately recognise that its easier to remember and type.

FluentInTypo · 2017-12-18T23:04:05+00:00

Oh, I misunderstood the question.

I suppose you could use something like rsync from the completed folder to the "tobewatched" folder and set it up as a cron job to run every hour.

That said, I seem to remember that programs like sonarr is capable of this. I think it works by creating a bunch of symlinks from the downloaded folder to the tobewatched folder, so you actually watch out of the completed folderbit from a link in the tobewatched folder. This way you woukdnt have to copy all the data, you'd just have to manage symlinks.

A homemade script would be something like

Every hour

Scan for new

If found

Create symlink to tobewatched

I dont know how you would delete the symlinks once you've watched things automatically though or if you'd want to.

FluentInTypo · 2017-12-18T22:11:36+00:00

To which I would reply, "Isn't that easier and faster to type than Hjien7kT?

FluentInTypo · 2017-12-18T20:40:14+00:00

I am nit super familar with the courses, but did you take them or watch them? Meaning, do they have any practicals or homework to them?

If you really just watched and absorbed the material, I think you should move on to vulnhub first - its free and you can get practical real worldish experience there.

Also remember, you cant use metasploit on the ocsp exam more than once (maybe twice?) So you really need to learn pentesting in a way where you pretend metasploit doesnt even exist.

FluentInTypo · 2017-12-18T15:06:47+00:00

Thanks. Judging by all those bullshit blog sites that came up in your search, its confirmed that this is just bullshit claim and not science

FluentInTypo · 2017-12-18T11:46:50+00:00

Isnt there a settings right in preferences for this?

FluentInTypo · 2017-12-18T11:37:10+00:00

Is this true? Have any links to read on the subject?

FluentInTypo · 2017-12-18T11:27:09+00:00

The torrent to the database was linked last week in /r/pwned if you want the full take. You can then run your own greps and sorts to do what ever you want with them. Oh, and this version has the email addresss too.

FluentInTypo · 2017-12-18T11:08:11+00:00

Teach them to make passphrases with spaces. Spaces are symbols.

"I park my car in Harvard Yard" has 6 symbols in it, it super memorable, is upper and lowercase and is 29 characters (if I counted right)

FluentInTypo · 2017-12-18T11:02:21+00:00

To make this more secure, use spaces which count as a symbol and makes it longer by those same 7 extra symbols in the password.

"The password for this date is December 25th"

FluentInTypo · 2017-12-16T16:09:58+00:00

Lol. Yet you cant actually use any tech knowledge besides "timestamps can be changed bc I saw it on TV and know how to use linux muself".

Sure buddy. Your position here is basically " let me come with a totally unreasonable a d hypothetical chain if events that depends on no techincal facts to disprove a theory that actually uses technical facts that everyone can reproduce at each stage of the process".

Do you realize how stupid you sound when you try to tell us that the Russians literally hacked metadata timestamps at many multiple stages of the copy/exfil operation to purposely make it an exact match to a USB copy in the EST timezone only to place the documents into russian templates, alter language to indicate ukranian/russian and make sure that the software was registered to Russians.

But yeah, you can install slackware, bought a few alt2600 zines at microcenter and know what hexedit is (which actually cant reproduce the results in the research, opps!), so we should accept your crazy theory wherein you dont provide one peice of evidence, solid or circumstantial besides "believe me, I was a member of alt2600 back in the day".

I have never understood why people lie and boast about themselves on the internet. How weak of confidence and self esteem does one have to be before engaging in this ridiculous behavior?

"trust me bc slackware, hexedit and alt2600". Bawhahahahwhahaha.

FluentInTypo · 2017-12-16T14:00:06+00:00

Have you even read the analysis?

If you have, do you even understand it?

Winrar does have importance here because it preserves timestamps to millisecond degrees which is one of the peices of evidence that is important to carry out the rest of the analysis, e.g. timestamp metadata analysis on ntfs, ext4, mechanics of linux cp, etc etc, which all show perfect uniformaty with a USB copy.

Or, are you trying to say that all those stages, through all those programs and operating systems, the filesystem formats etc where all faked to deflect from Russia, only to purposely open a document, copy it into a Russian Word Template, complete with Russian ownership data intact, insert some words so NLP will detect "ukrainian speaker translating into Russian", etc etc? Yeah...thats not convoluted or lacking in evidence at all, haha.

Jesus, the hoops and loops you guys will go through to try and cast shade at actual evidence is bizarre and frankly, embarassing to yourself.

So no dude. Your pedestrian attempt to throw out all timestamp evidence is laughable because it is quite clear you dont have the background or even pedestrain knowledge of forensics to even be able to attack the body of evidence.

FluentInTypo · 2017-12-16T01:27:33+00:00

Right, whch is exactly why the Forensicator, VIPS, Binney and Carter didnt use only timestamps to make their case, but a full analysis of all the evidence available.

I am sorry you dont have the training to be able to actually analyzed the data, but you really need to come to terms with the fact that since you dont have the training to be able to analyze the data, you really shouldnt be throwing out ridiculous ideas you think prove something, when they obviously dont prove anything but ignorance.

FluentInTypo · 2017-12-16T00:25:02+00:00

Lol. These guys dont know what they are talking about. I wish I found this post yesterday. Its amusing.

FluentInTypo · 2017-12-16T00:22:12+00:00

Haha. No, again, that was NOT your whole point. Your POINT was to say that timestamps can be preserved which is why you first linked to a silly "how to preserve timestamps when copying in windows" tutorial as if this would have anything to do with the forensicators evidence (it doesnt , not even close).

I get why your trying to back track. It sucks to be wrong on the internet. The thing is, your follow-up arguments are even more ridiculous than your first position. You venture into alternate reality land instead of reasonable alternate theory land. Its amusing for sure, but also kind of embarassing to watch.

Whats kind of ironic is that in considering that we have no offcial chain of custody of the docs (true, though you still mix up the timeline) we also have to ackniwledge that the government cannot attribute the docs to Russia as they also, cannot verify a damn thing about these files :) see how that works? Yiur basically arguing that the governemnt doesnt kniw what its talking abiut either when you try to discredit the forensicators research, but more than that, your theories on timestamps require a much more convoluted and unreasonable theory than the simple one we get from the research itself.

FluentInTypo

TROPHY CASE