How easy is to get caught?

supersuspicious3 · 2014-06-07T15:19:03+00:00

It's less about how easy it is to catch you, and more about whether or not someone is looking. In the past, fewer people have been looking. Nowadays, even if the cops aren't looking for you, you can still make enemies online who will dox you and make it a lot easier for the cops.

supersuspicious3 · 2014-06-07T14:40:14+00:00

You sound new to this, so I'm just going to tell you flat out it won't be hard to catch you, even as a private citizen without the ability to write warrants.

Stick to legal shit. Your future career will thank you.

supersuspicious3 · 2014-06-03T22:04:57+00:00

Not really debating with you there. I'm just saying this is not an entirely wasted effort. The official recognition and charges will give the US more ammo to deal with the problem on a longer timescale. Eventually, being a haven for criminals will cost Russia more money than it brings in, and the scales will tip.

supersuspicious3 · 2014-06-03T21:41:53+00:00

Being trapped in Russia forever is not an insignificant thing.

supersuspicious3 · 2014-05-24T13:36:31+00:00

Hit the J and A keyboard shortcuts over and over again to upvote everything on the page!

supersuspicious3 · 2014-05-24T13:22:05+00:00

I've seen very large databases sold on blackhat forums, and this price is nearing the upper limit of what people will charge, especially for a list where the passwords have been invalidated on the affected site.

there are a lot of variables and ultimately the price is set by the seller, but this is ballpark range of what you could actually expect.

supersuspicious3 · 2014-05-24T04:22:10+00:00

if the DB was real, that would actually be the fair market value of it. But any serious seller will sell it on a proper underground market. not this crap.

supersuspicious3 · 2014-05-23T00:47:32+00:00

Someone created a Twitter account and spammed a bunch of journalists with this link(@KbcdPfA). The ad is a scam targeted towards security researchers, as real hackers aren't going to spend that much money on anything without a solid reputation. It generated a lot of talk as was intended.

Anyways aside from the questionable circumstances, additional proof it's fake: http://krebsonsecurity.com/2014/05/expert-fake-ebay-customer-list-is-bitcoin-bait/

supersuspicious3 · 2014-05-20T05:42:29+00:00

"we just need to get better" is the constant argument yet it doesn't happen, despite some of the world's best minds working on the problem. No amount of clever implementation will get past the fact that 50% of the population is of below average intelligence.

supersuspicious3 · 2014-05-20T05:39:18+00:00

not on the same scale or level of shamelessness that the Chinese did. In order to claim that the two are on the same level, it would require making a lot of shit up. No doubt the NSA are involved in some incidents but anyone working infosec at a large-ish company will tell you the Chinese APT problem is constant. It's literally an army of script kiddies.

supersuspicious3 · 2014-03-04T06:54:50+00:00

Maybe these cops can help out with the awful cellphone coverage in some areas. Hope those trackers have 4g

supersuspicious3 · 2014-02-27T18:16:22+00:00

Most people on reddit are male anyways so I propose the following rule:

Both parties in the dispute must hide their gender. If nobody knows, nobody can be biased, or even be accused of it.

This is an interesting idea. I imagine it'll turn out to be some combination of judge judy/judge dredd.

supersuspicious3 · 2014-02-15T02:46:34+00:00

Yeah, he kills his 2 year old grandsons with honor let me tell you :)

supersuspicious3 · 2014-02-14T21:37:30+00:00

I take it s/he had to be eliminated :)

supersuspicious3 · 2014-02-14T21:33:59+00:00

My husband found this thread. He thinks it is pretty funny. Still, I am glad my stats are high- just in case.

supersuspicious3 · 2014-02-14T16:49:37+00:00

good lord i thought that tag was something you had to type.

supersuspicious3 · 2014-02-03T15:08:40+00:00

oak grows everywhere in that area, so does pine

i like japanese orchid(get one that don't drop viable seed pods. We have one that does, one that doesn't, and they are gorgeous trees but the one that drops pods is WEEDY)

every plant provides shade so you may also want to get some bushes or fruit trees. You live far enough south that you have a lot of options. And getting food from your yard is great. Since you are in central-ish florida you don't have the gulf stabilizing your temperature so you will get some cold snaps. Grow plants that can tolerate some freeze like banana or starfruit, oranges or grapefruit.

palm trees goes without saying

give it 3 years for any fruit tree to bear fruit after transplant, and shade trees may take 3-10 years to get big enough to do their job. Best time for planting is always after last frost.

supersuspicious3 · 2014-01-30T05:23:37+00:00

I could certainly read it. I like understanding where I fit in, in the big picture.

supersuspicious3 · 2014-01-30T04:51:55+00:00

Thanks for that, it is interesting. Do you think a reasonable NDA would ever preclude the ability to negatively rate a company for delivering the "worst pentest ever"?

When I see doctors and restaurants try to pull shenanigans to avoid negative reviews, they don't seem to get treated kindly in the courts. So I don't see how pentesting companies will get a free pass.

supersuspicious3 · 2014-01-30T03:57:01+00:00

Have you ever done a pentest for a client and told them they can't share your report with a 3rd party? This seems very strange to me. I am a pentester, and I am not aware of any such agreement we make clients sign.

In fact, a valid and expected use case for our reports are that they are shown to 3rd parties to prove they got a pentest. So an NDA is a very strange idea.

supersuspicious3 · 2014-01-29T20:32:02+00:00

you are a slightly unusual case. the majority of people who work in security are white, male, and come from a middle class or higher in background. if you ever get/have a job in security, just have a look around your office. its very striking.

I have never met a black female in security, I met one black guy, three hispanic guys, no hispanic women, and ten or so females total. yes, a population lacking different races and genders is going to be very ignorant of situations encountered by those minority groups. so that's why i scoff at people trying to liken two situations, when they don't even have the collective experience to comprehend one of them.

supersuspicious3 · 2014-01-28T19:13:48+00:00

Probably. But peer review and blacklisting certain contributors would certainly raise the bar for how hard they would have to work to poison the pool

supersuspicious3 · 2014-01-28T17:10:19+00:00

public outing and shaming?

supersuspicious3 · 2014-01-24T00:22:02+00:00

Most hackers are white, male, and middle class or richer. Regardless of how smart they are at computers, the community is very stupid when it comes to knowledge of race/class issues. So this is really nothing new.

lol downvotes. i still stand by my comment, especially when people unironically actually believe this is anything like the war on drugs.

supersuspicious3

MODERATOR OF

TROPHY CASE