gHacks Technology News | Latest Tech News, Software And Tutorials » anonymous

3 PS3 “Hactivists” Detained in Spain

Melanie Gross — Fri, 10 Jun 2011 18:33:43 +0000

Spanish police announced today that they had captured three people suspected of hacking in connection with the recent attacks against Sony’s PlayStation Network, as well as government and corporate websites around the world. The National Police have identified the trio as the local leadership of the internationally infamous network of hackers known as Anonymous. Anonymous has been claiming responsibility for a number of recent cyber-attacks around the world.
The police statement suggests that Anonymous maintains membership of people from various countries organized into cells that share common goals. These hackers are activists operating anonymously but in a coordinated fashion. Commonly referred to as “hactivists” this group of hackers has been cyber-attacking networks and websites around the globe and then gleefully advertising their successes.

One of the detainees, a 31 year old man, was apprehended in the southern city of Almeria sometime after May 18th, according to the police. There was a server in his apartment in the northern port city of Gijon from which they believe Anonymous attacked the Web sites of the Sony Playstation online gaming store.

They’ve also stated that the same computer was also employed in coordinated hacks against two Spanish banks, BBVA and Bankia, as well the Italian energy company Enel. Government sites in Spain, Egypt, Algeria, Libya, Iran, Chile, Colombia and New Zealand were also attacked using this server, the police claim.

This investigation was opened last October after the attack on the Spanish Ministry of Culture’s Web site in protest against Spanish legislation increasing punishments for illegal downloads.

The other two suspects were apprehended in Barcelona and Valencia, respectively. Unfortunately, the police’s statement did not state the timing of these arrests clearly nor did it mention whether any of the three arrested were still being detained. They were, however, expected to be charged with forming an illegal association to attack public and corporate web sites. The charged group members could face up to three years in prison if found guilty.

It is clear that Anonymous has not been the sole perpetrator of the attacks against Sony. About a dozen of Sony’s web sites and services around the world have been hacked and, as the public is well aware, the largest breach caused the PSN Network to be completely shut down for close to a month and compromised the sensitive information of countless users. While Anonymous and other “hactivist” groups have cheerfully advertised their responsibility for some of the attacks, no one has come forward to claim the PSN attack that cost Sony so much downtime. LulzSec has even been quiet on that score and they have not been shy about proclaiming to the world whenever they’ve successfully caught a corporation with its proverbial pants down.

Sony has estimated that the combined attacks will cost it about $173 million in damages, including legal costs, lower sales and free offers to lure back customers and information technology spending. Mami Imada, a spokeswoman for Sony in Tokyo, told the press that she had no information regarding the arrests made in Spain and declined further comment on behalf of the company.

The attacks by Anonymous members were accomplished by making use of a computer program called LOIC to crash Web sites by flooding them with “denial-of-service” attacks, according to police. They know this because, since October, they’ve been analyzing more than two million lines of chat logs and Web pages used by the group. This also allowed them to identify the leadership in Spain that had the capacity to “make decisions and direct attacks.”

Among recent attacks, “hactivists” also brought down the site of the Spanish National Electoral Commission last month, right before regional and municipal elections. It was that attack, on May 18th, that proved to be a fatal step for the 31 year old team member as it led to the arrest in Almeria.

It’s clear that this year might very well end up the year of the hackers. It leads those of us who use computers regularly, and that would be the great majority of us, to wonder what’s really going on and how safe our data is in the cloud. Even data stored by respected companies like Sony or banks does not seem to be safe in these times.

How do you react when a site that you are a user of gets hacked?

Anonymous VPN Announced By Pirate Bay

Martin Brinkmann — Tue, 24 Mar 2009 17:55:14 +0000

The guys operating the popular Bittorrent tracker called The Pirate Bay have announced a new anonymous VPN (virtual private network) service named ipredator mocking the new Swedish anti-piracy legislation Intellectual Property Rights Enforcement Directive (ipred). Users from all over the world can use the virtual private network to stay anonymous while connected to the Internet. The service itself is currently in beta and invite only. It is expected to be released to the public before April 1st.

Only a handful of additional information are known about the service at this time. It is expected to cost about $5 per month which is a more than acceptable price considering the bandwidth requirements to run such a networking service. They state that they do not log traffic data of any kind which would make it impossible to identify the connections made by a user of the service in case of a server seizure.

It is very likely that the new service will come under heavy traffic the minute it becomes public. Similar services such as Relakks were not able to cope with the massive signups after they have gone public.

Interested users can enter their email address to be informed when the anonymous virtual private networking service goes public.

What can I do if Bittorrent gets throttled or blocked

Martin Brinkmann — Tue, 28 Aug 2007 14:54:32 +0000

It is important to know what to do if your Internet Service Provider decides to throttle or block certain ports that are used by applications that use the Bittorrent protocol. Comcast recently started using an application called Sandvine which uses a new way to throttle or block traffic. Sandvine uses something that is called session management which basically limits the number of open connections on your computer without caring about ports and protocols for instance.

This means that the old ‘If they block port 6881 I simply use another one” game does not work anymore and even encrypting your bittorrent traffic will not have a positive effect on the amount of connections allowed. This means that your only choice in this matter is to reduce the number of open connections at any given time to a value that lies below Sandvine’s limit.

I think we all agree that this is not the most user friendly behavior considering that it effects all Bittorrent users not only those that download the latest movies, music and games.

There are however a few possibilities that I would like to outline to avoid Sandvine and use Bittorrent as usual.

1. Switch to another ISP

This is not easy. I hate switching Internet Service Providers because it could mean that I would have to be without Internet for some time. It could also mean that I would have to pay more or get less for the same amount of money. I would for instance only go back to ISDN if I would have no other choice.

You should definitely search for the ISP name plus a set of keywords such as Bittorrent, traffic shaping, port blocking to make sure that the new ISP is not using Sandvine or similar applications as well.

2. Use Relakks

VPN or SSH connections should work but do cost a few dollars a month. The good thing about those services is that you are not only able to avoid traffic shaping like that of Sandvine or other applications but remain completely anonymous in most cases.

I can only speak forRelakks which is a Swedish VPN solution that costs about 5 Euro (6 Dollars) a month. Your IP is not visible to the connected computers, only the IP of Relakks is shown to them which is great if you want to remain anonymous (to them).

This is probably the better way than to switch to another ISP immediately. I would suggest to try it out for a month and see if the speed that you get is sufficient and that it is indeed working as intended against Sandvine and other traffic shapers.

Internet Censorship 101 – DNS Server Filtering

Martin Brinkmann — Wed, 20 Dec 2006 13:55:59 +0000

I decided to start a Internet Censorship 101 series of articles that takes a look at and explains the various methods of censorship on the internet and possible solutions to this situation for the user who tries to access information that are blocked / censored. I’m going to start with a relatively weak form of censorship called DNS Filtering.

Whenever you try to access a website you type its url into the address bar. The url is then send to the DNS server who looks up the IP for that website and sends it back to your browser to be able to make the connection to the website. To censor one would simply return no IP or a different IP that redirects to another website. (something like, no no, this is no website that you should visit, bla bla)

This means that the website that you want to access exists of course but the information on the dns server was changed to prevent access. There are two options that let you access the website. The first would be to simply enter the IP address of the website that you want to visit instead of the url. You can use scripts that are freely available on the internet to lookup the IP of an url.

This method is only working if there is only one url that is using that IP. You are out of luck if many websites are hosted on the same server. The second method which is reliable and working for all occasions helps us in this case.

If you change the DNS server that your computer is using to lookup the IP you will receive the correct result. Let us say that you life in China and that China banned access to Wikipedia. Instead of using a Chinese DNS server you use one from the United States which has the information that you need to access Wikipedia.

OpenDNS, a free service, would be one alternative as would be the following list which I have taken from freerk.com

dns2.de.net – 194.246.96.49 (Frankfurt, Germany)
ns1.de.eu.orsn.net – 217.146.139.5 (Hildesheim, Germany)
resolver.netteam.de – 193.155.207.61 (Alfter-Impekoven, Germany)
sunic.sunet.se – 192.36.125.2 (Stockholm, Sweden)
master.ns.dns.be – 193.109.126.140 (Leuven, Belgium)
ns1.lu.eu.orsn.net – 195.206.104.98 (Belvaux, Luxembourg)
merapi.switch.ch – 130.59.211.10 (Zurich, Switzerland)
prades.cesca.es – 192.94.163.152 (Barcelona, Spain)
michael.vatican.va – 212.77.0.2 (Vatican City, Italy)
dns.inria.fr – 193.51.208.13 (Nice, France)
ns0.ja.net – 128.86.1.20 (London, UK)
nic.aix.gr – 195.130.89.210 (Athens, Greece)
ns.ati.tn – 193.95.66.10 (Tunis, Tunisia)
ns1.relcom.ru – 193.125.152.3 (Moscow, Russia)
trantor.umd.edu – 128.8.10.14 (College Park, MD, USA)
ns1.berkeley.edu – 128.32.136.9 (Berkeley, CA, USA)
merle.cira.ca – 64.26.149.98 (Ottawa, Canada)
ns2.dns.br – 200.19.119.99 (Sao Paulo, Brasil)
ns2.gisc.cl – 200.10.237.14 (Santiago, Chile)
ns.uvg.edu.gt – 168.234.68.2 (Guatemala, Guatemala)
ns1.retina.ar – 200.10.202.3 (Buenos Aires, Argentina)
ns.unam.mx – 132.248.253.1 (Mexico City, Mexico)
ns.wide.ad.jp – 203.178.136.63 (Osaka, Japan)
ns.twnic.net – 192.83.166.11 (Taipei, Taiwan)
ns3.dns.net.nz – 203.97.8.250 (Wellington, New Zealand)
box2.aunic.net – 203.202.150.20 (Melbourne, Australia)

Changing the DNS Server is a matter of minutes. It depends on the operating system that you are using. In Windows XP you open the control panel and click on network connections. You right-click your connection and select Properties from the context menu.

Select the Internet Protocol (TCP / IP) and click on Properties in that menu. Click on use the following DNS server addresses and enter a preferred and alternate DNS server into the fields. Make sure you enter the IPs. Apply and close the menu and restart your computer. Once that is done you are using the new DNS server which should bypass the censorship.

Relakks Revisited

Martin Brinkmann — Thu, 24 Aug 2006 21:07:16 +0000

Relakks
had a few problems shortly after their start due to the amount of users that registered the service right after it was introduced. Connections have been really slow and I had no chance to further test the service and write about my experience with it. I’am currently writing this article while being connected to Relakks and everything is working fine so far. I’m able to open websites and surf the internet without problems. I’am able to check my email and download files using Relakks.

Looking up the IP reveals 83.233.243.50 which is not a IP that my provider is assigning to me normally. A Whois Lookup revealed a Swedish IP address owned by Labs2, the company that is hosting the website and providing the backbone of the Relakks network. This means that no one is currently able to identify me through my real IP because it is not revealed when I’am connecting to their service.

My download speed is almost maxing out like usual. You might remember that I had really lousy download and upload speeds. Those are almost my normal speeds that my connection is capable of: I normally have 1.8 MBps and with Relakks enabled I average 1.4 MBps. So normal download speed is great, what about P2P connections like torrent downloads ?

The connection seemed normal. It is rather problematic to tell for sure but the speeds looked good after a while which is the usual behavior with p2p downloads. All legal of course, hehe.

I can only say that this is becoming a great service, suggest you give it a shot.

How to access Meebo if it is blocked

Martin Brinkmann — Tue, 22 Aug 2006 12:04:35 +0000

Meebo is a web instant messenger that currently supports AIM & ICQ, Yahoo Messenger, Jabber & GTalk and MSN. Instead of installing the instant messenger itself you simply login using the Meebo website which offers the same functionality as the standalone messenger.

Many schools and universities already banned the Meebo website from their networks and it was almost impossible to access Meebo from within the network. The Meebo team created a application called Meebo repeater which acts as a proxy and makes it possible again to use Meebo from within the network. The only catch is that it has to be running on a computer all the time, they suggest you run it from your computer at home which would mean you should pay a flat fee for the internet, otherwise this would not be practical.

All you have to do is download the Meebo repeater from the Meebo website, unpack it and run it. The Meebo repeater will automatically configure the service and tell you the internet address that you will have to use to connect to Meebo. You might have to configure your firewall to allow Meebo repeater access to the net.

Meebo repeater is open source and able to use SSL and standard connections to the Meebo network. If you can’t live without Meebo use th Meebo repeater, works great.

My first experience with Relakks

Martin Brinkmann — Tue, 15 Aug 2006 16:07:41 +0000

I signed up with Relakks
yesterday and was satisfied with this clean and easy process. I had to provide only some information like name, email, password and username and was able to log on to their system. My status was inactive at that time because I did not make a purchase yet. I decided to try the service for one month and had to provide my credit card details in order to do so. One month would cost 6$ which is a good price if they live up to their promises which are a) anonymous internet experience and b) maximum speed.

Setting up the service was pretty easy as well on my windows xp system. I only had to create a new VPN connection entering the details they provided on their website and was free to connect to their system with the username and password I entered when I registered my account with them. My first try was to check on the IP address that I was surfing with and it differed from the usual ones I was using. A quick ip look up revealed that the IP belonged to Arabic Computer System Co. which seems kinda strange to me.

I had no means to investigate this further because the service is currently really slow. They announced at their website that more users than expected signed up for the service and that everything is slower than expected. They are trying to fix the matter. Will keep you updated on this.

Talking about anonymity. Someone pointed out that the service does not mean true anonymity and I can only agree to that. Relakks does know what you are doing which means every law enforcement agency with a search warrant will still be able to retrieve your ip and actions and trace it back to you. I don´t think that this is a big problem at the moment unless you are the kind of person who is committing heavy crimes on the internet.

Relakks the first commercial darknet

Martin Brinkmann — Mon, 14 Aug 2006 19:33:19 +0000

The Pirate Party is a swedish party that has three main goals: Protected Privacy, Free Knowledge and Shared Culture. They are making a bid for the Swedish parliament in the upcoming election and just introduced the worlds first commercial darknet called Relakks. Let us take a look at the definition of Relakks when on the Internet from the website:

“Relakks provides services to help individuals to assure the security and integrity of their information. Relakks’ responsibility stems from the strong Swedish tradition of protecting the integrity of private life and all forms of communication between individuals. “

Basically Relakks is a service that lets you surf the web anonymously using everything that you use normally including web surfing, p2p networks, usenet, ftp downloads, irc and everything else that you can think of. How is this achieved ?

“The Service consists of an encrypted VPN tunnel between your computer and RELAKKS. The IP-number you receive from your existing ISP is only used to connect your computer to RELAKKS, from there on RELAKKS substitute your existing IP-number with a new IP-number from RELAKKS. This gives you a number of advantages::
• Your existing ISP will not be able to intercept and track your applications or communication
• Your existing ISP can not limit what you can do nor limit what information you can access
• Other organizations or individuals can’t intercept or track your applications or communication.�?

The creators guarantee the same speeds that your connections allows without slowdowns. You might want to take a look at the following topics that are answered on the Relakks website: Security, Question & Answers, Legal.

The service is not free but costs 5$ a month which is not a huge sum compared to the advantages and security that you gain by using the service. A yearly subscription costs 50$.

If I get enough response I might give the service a try and write about it later on. Let me know.

How to surf anonymously on the internet

Martin Brinkmann — Sun, 19 Mar 2006 08:44:11 +0000

The question that many people ask is why would someone want to surf anonymously in the first place. Why would someone who does not do something illegal want to surf anonymously at all ? I can think of lots of reasons, here are a few:
You come from a country where free speech is only a theory. Countries include china, north korea, most islamic countries, germany and france for instance.
You work in an environment that prohibits access to parts of the internet.
You write about a certain situation and want to make sure no one knows that it´s you, for instance you blog about your current job or the situation in your home town.
You dislike that the government tries to track everyone and everything on the internet.
You are paranoid
Hope that´s settled now. Let us start with the methods and technology to stay anonymous.
Before I start I would like to remind you to use common sense as well. It does not help you if you use a proxy to post on a message board but use your real identity there. The same principle is valid for all other means of communication. Don´t mention your real data if you want to remain anonymous.
I will discuss the following methods to stay anonymous on the internet: a) webproxies, b) proxies, c) tunneling software, d) cookies, spyware and the like.
Webproxies:
Webproxies are a great way to stay anonymous with almost no work required on your site. You open the url of the webproxy, enter the url you want to visit and visit the site you want to visit using the ip of the webproxy. Easy and fast method that has some problems as well. First, it might not support all scripts that the site you want to visit uses. This could be a problem, maybe it has only the effect that the design does not look as usual, maybe functions of the website do not work. If thats the case try different webproxy server.
The servers can easily be blocked by a firewall or other means of blocking scripts / urls. If that is the case you could try and setup your own webproxy. All you need is webspace that supports php / cgi. You then have the advantage that only you or a few people know about this proxy and it´s less likely that it will be banned.
You can try cgi proxy or php proxy or search the web for more scripts.
A word of advice. Don´t pay for a webproxy service. Most payments can be tracked. Good lists of webproxies can be found at ghacks.net and proxy.org
Proxies:
Unlike webproxies proxies are mere ip addresses that route your request to the destination. The important factor if a proxy can be used to hide your identity is if it spills your ip. It does not make sense to use a proxy to stay anonymous if the destination sees your ip and not the one from the proxy.
That means you will have to check proxies before you are using them. A program that does this is charon by my friend rhino. It checks the proxies for speed and anonymity. Now, all is left is to add the proxy to your browser and check a whatismyip.com site for your ip. If it shows the ip of the proxy you are surfing anonymously. Beware that certain languages like java are still able to reveal your real ip on a website even though you are using a proxy.
Firefox has some great proxy extensions like the Proxy Selector. You probably would like to know where you get the proxies that you check in charon ? You can perform searches for proxy lists, visit irc or scan for yourself for example.
Tunneling software
Proxies have a big problem. If one monitors the proxy one does know what everyone who uses the proxy is doing. It´s a good idea to use a proxy server that is not located in your home country. The US government will have problems asking a north korean proxy server owner for their server log or access to it. It´s not likely that this is going to happen.
But, the possibility exists and it´s a good way to be on the safe site. Tunneling tools allow you to use software on your computer that does not support proxies in first place to be used with proxies. Some simply require you to enter a proxy in the tunneling software and you are free to go, others encrypt your data transfer and route if through several servers to make sure no one is able to find out about the source and destination and the data itself.
Tor is one of those products and it could be a good idea to take a look at the software which is hosted at the eff website. Jap anonymity and privacy is another tool that might be worth looking at
Cookies, spyware and the like
This should be common sense but I thought I add it anyway to the article. There are different methods that are able to track you that do not rely on your ip address. Those are cookies for instance, take a look at the excellent wikipedia article about cookies if you don´t know about cookies.
Spyware is another threat that is able to track your movement and action on the internet. Make sure you run a clean system by using tools like spybot. You should also be sure that no rootkits, virii, trojans, worms and the like are already installed on your computer.

Surfing Anonymously

Martin Brinkmann — Wed, 18 Jan 2006 07:10:48 +0000

TekMonkey.org published a good article on how to surf anonymously. They describe three ways of doing so: 1. Using a web based proxy ; 2. Http Proxy with browser ; 3. Using Tor.
Using a web based proxy is the easiest and fastest way to surf temporarily anonymously. Still, its not really comfortable and many web proxies don´t support all types of scripts. Nevertheless a good choice if you want a quick result. You can take a look at my web proxy list for January 2006 or this newer web proxy list if you are looking for anonymous ones.
The second option involves scanning for http proxies and adding them to your browsers network settings. This means more work and knowledge on the clients site but most of the time better and more permanent results. You still should check if the proxy is still anonymous from time to time.
Last but not least there is Tor, a free software product by the EFF (Electronic Frontier Foundation). Using Tor means that your connection is routed to several secure encrypted Tor servers, making it almost impossible for the target site to find out about you.