Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for the ‘FUCKERY’ Category

Equifax and Musicians

leave a comment »

Screenshot from Zerohedge

 

So here’s my thing; It isn’t about the fact she was a music major and had two degrees in that. What it is really all about is the fact that she had no discernible security experience in the time she was working in the position or before to make her qualified to handle the job. THIS IS THE ISSUE PEOPLE! It is not about that she had a degree in nothing to do with security. So please stop all the 140 character bullshit and get it through your thick heads that even if you have a degree in IT this does not make you qualified necessarily to handle a job in information security ok?

Now that the CSO’s and CISO’s linkedin pages are redacted you can’t see much of anything but before they took them down I looked and neither had the requisite experience that would make me consider them for a position as an executive in charge of insuring that the security of the company and more importantly, the security of the clients data was in capable hands. Look. let’s face it you can say that the exec is just there as an advocate or to manage Trust me though, if they have no experience in the arena either they listen to their guys in the field and implicitly trust them and advocate or they just are compliance monkeys of the worst order.

I have lived it and I have seen it throughout my career in security. So please stop all the fuckery about “I have a degree in animal science and woe is me I am unfit for security!”

BULLSHIT

If you have a degree or not, you have to have put in the hours of study and actually doing the things! If you haven’t then you are out of your depth and bad things will happen.

Just look at Equifax.

K.

Written by Krypt3ia

2017/09/20 at 15:14

Posted in FAIL, FUCKERY

Blackberry Forward of Emails and Excuses for Firing the FBI Director

leave a comment »

Given the events yesterday I am feeling like unburdening a little bit on the subject of the emails being forwarded by Huma Abedeen to the laptop at home in the custody of Anthony (Carlos Danger) Weiner. One of the reasons for Comey’s firing ostensibly was about his mis-statements over the emails being sent to the Weiner laptop that he opened the can of worms on and helped lose the election for Hillary (not the only reason people!) as they say. The fact of the matter is now everyone is saying that Huma’s emails were auto backed up and that the term “sending” them is a misnomer in a way because the then director had said she was forwarding them for printing out by Anthony or her at home. Let me stop you all right there and say there is no difference. The intent of forwarding the emails or backing them up to an email address accessed by or directed to that personal laptop is the key here. Someone had to set that up right? It was something that did not evolve by itself and just came into being!

The issue here is the semantics of language and perhaps comprehension of how things work in the cyber. Comey made a mistake in wording but the basis of the argument stands. Why was she forwarding or backing up all data to that laptop or account outside of the government systems appropriate for this series of email? This is the question you all should be asking and once again it was against protocol and yes there were emails in there that later were deemed to contain classified information. This makes it an issue and it was something that needed to be looked at. Now, as to how it was announced, well that is a judgement call on the part of the director and perhaps a bad one. I honestly listened to his testimony and saw both sides of the issue as well and there was no good answer here.

Now though the director has been fired in a most unceremonious way and all of this smells bad with regard to the RussiaGate investigation and abuse of power. Let’s not allow Trump to skew this one thing amongst all the others into a reason for his firing a direct threat to his presidency. The real truth is that Huma was sending email to a non secure site/system and that was the crux of the issue. Director Comey’s description of this incident has little do to in my opinion with his summary dismissal of the director.

K.

Written by Krypt3ia

2017/05/10 at 13:05

Posted in .gov, FUCKERY

Influence Operations: We All Carry Them Out

leave a comment »

Screenshot from 2016-09-06 08-29-26

 

All of the hand wringing and whinge-ing over the possibility that Russia has hacked our completely insecure election systems has my bile up… Well that and it seems I am lactose intolerant and ate whole ice cream last night. Anyway, back to INFLUENCE OPS and their use globally. The article above from the Boston Globe really set me off this weekend. All of these guys in the corridors of power all hand wringing over the possible fact that Russia has been messing with our political process makes me want to fly to Washington and bitch slap people. This type of activity has been going on forever and it is not just Russia pulling these strings even today. If you take a look at the actual history of the world you will see many players playing the same games with or without the benefit of Wikileaks and computers both then and now. This is not new people and for fucks sake wake up and realize that the US playing the “hurt” card in this game is really quite absurd in the grand scheme of things.

Now once you have taken a little trip down history lane with those links I just provided, then I want to ruminate on the whole problem today of the hacks on our democratic systems. See, as a former pentester and now a blue team guy I often ran into places that just did not have a clue about security. Still today there are many places that are very clue free and that also includes our government and those bodies that comprise our election systems. Seriously? Seriously those election systems were not even being monitored? You are shitting me right that the alleged Russian hackers used Acunetix to scan and then just SQLi dumped shit right? …

And no one saw a god damned thing…

It’s hardly INFLUENCE OPS when all you need to do is run a shitty tool and just take what you want with a script kids. So really, stop with the hurt and surprised bullshit Congressman and Senators alike! Put on your big boy and big girl pants and get the fuck over the fact that someone would have the audacity to fuck with our already fucked up election cycle anyway! As to Putin’s comment on the subject recently ‘‘It doesn’t really matter who hacked this data from Mrs. Clinton’s campaign headquarters,’’ I agree, it doesn’t really matter because the fact of the matter here is that her actions alone concerning the BleachBit of her server days after it’s public disclosure should be enough to show us all just what fuckery is afoot without Russian intervention to begin with. What the paradigm change here is is that we now don’t have to send plumbers to Watergate’s to break into file cabinets to get the data. All one needs to do now is fucking Acunetix an IP and then run SQLi map to fuck with a national election and that is just fucking sad.

Screenshot from 2016-09-06 09-17-01Shut up Grandma Nixon!

At the end of the day I for one don’t care who hacked the shit, what I care about is that there is enough evidence to show that even with out information/influence operations that there’s some crooked shit going on. The problem is that this is the default state of our governance and election system so one tends to just become complacent about it. The hack on the election here and now, with the fate of the world in the balance so to speak, with Führer Trump or Grandma Nixon only makes it all the more piquant for the hungry news media but in the end means a choice between two terrible shit sandwiches to those paying attention here.

We are all fucked either way.

Move on.

Dr. K.

Written by Krypt3ia

2016/09/06 at 13:26

There Will Be Tainted Lulz: Bitcoins, Wallets, and Media Manipulation Through Laziness and Reading Comprehension

with one comment

Screenshot from 2016-08-24 12-19-19

Lulz…

Last week I wrote a post about “maybe” seeing some fuckery going on with regard to the ShadowBrokers bitcoin transactions and the Silk Road wallet (seized) which was lulzy. The lulz though went fucking PLAID over the weekend as people started to take a tweet from @steveD3 and other posts on Reddit and the like about my post which then culminated in ZDNet writing a piece that even went FURTHER on the supposition that I had placed on my blog!

EPIC LULZ.

Now, as time went on people *cough Wesley McGrew cough* countering the story vociferously. Seems some people did not really read the post very carefully and just assumed that I was definitively saying in the white-paper lofty academic setting that is my blog, that “ERMEGERD THIS IS THE ABSOLUTE TRUTH!” when in reality I had said “if I am reading this right” that the wallet in question had some bitcoins in common and maybe connected to the fractions of coins going to the shadowrboker wallet. I also went on to describe how if I were the government I would be trolling them to see what they would do as well as poison the well so to speak if in fact the auction was really a part of the overall scheme regarding the NSA dump.

As the blog post hit over 30k hits and then the news media started in on it I sat back and began to ponder all of this. Just how easy it was to let this ride and watch as the Twitter verse took a tweet link, did not read the post, and then passed it on as truth. Suddenly I felt like Comrade Putin and I had my own army of trolls out there able to shape the media story with a single blog post.

… and I liked it… I am so dirty now.

The schadenfruede of watching it all was like a drug. It also started to dawn on me that we are all just fucked. Look at what happened! Look at the detractors mis-reading the post and then responding, as many do, that “SOME RANDO BLOG ON THE INTERNET IS WRONG!!!” and knee jerk reacting. On the other hand the complacency and lackadaisical investigatory action on the part of some media types as well was astonishing. However, my contention still stands that there be some fuckery going on here with those wallet transactions by the looks of it and that the likely candidate would be the government, the same government that would have access to cutout accounts that have had transactions in the past in places like Silk Road. Government accounts for agents and government purposes.

 

Screenshot from 2016-08-24 12-19-19Center is ShadowBrokers note the Astley’s

So Who Are These Astley Loving Bitcoin Owners?

So above is the Maltego map I fleshed out further as the world burned over my last post. As you can see I made it all neat-n-shit with icons now. You can clearly see that the wallet in question with the silk road logo did not send anything directly to ShadowBrokers, and this is something I was also alluding to with the cutouts. I can see how that account and ones like it could be used to send coins, like the others with the nifty Rick Astley icon! If you look carefully you can see that there are six “astley” accounts that rick rolled Shadow with 1337 Never Gonna Give You Up clues in the chains. Now, these accounts, according to Maltego, have done pretty much nothing else. One of them, sent funds to Silk Road or the wallet seized (one in the same unless, and I have not looked, the feds transfered from the old wallet to a new one to auction the coins and do transfers) …

Are you guys following me here or do I need more visual aids?

Screenshot from 2016-08-24 14-24-01Rick Rolling their way to 1337

Anywho… Where was I? Oh yeah, fuckery with bitcoin.

So yeah, these accounts as far as I can tell so far without going and spending way to many fucking hours on bitcoin.ifo or some such site, were created to purposely rick roll and fuck with the ShadowBrokers. Now, they may be fractions of bitcoins but I ask you, who the fuck has bitcoin money to burn here? Any of you out there? I certainly don’t and the way it was done, so tongue in cheek kinda reminds me of the audacity of TAO…

But anyway, back to facty kinds of things that lead to supposition and theories!

That the wallet does not directly send coins to Shadow is immaterial to my argument. My argument was that, once again, if I were the gubment I might fuck with this auction and see what happens. Maybe it isn’t them. Maybe it is just one guy out there, a bitcoin billionaire just having a lark! Maybe it is six guys who created independent wallets and then had an IRC session to create the master plan to fuck with Shadow and create the 1337 Astley attack!

Or maybe if you just occam this shit, the government, with assets at it’s disposal did some funny shit in an effort to chum the waters and fuck with them at the same time. Please people, think like an intelligence agency for a fucking second mmmkay?

It’s just a theory…

PSA: IT’S JUST A THEORY ON A BLOG ON THE INTERNETS WHERE PEOPLE ARE OFTEN WRONG!

Meanwhile Back At The Bitcoin Ranch…

But wait there’s more!!!

If you also look at the wallets that I have marked with the super cool “Invisible Man” logo, you can see how some of those were actually transfering money from wallet to wallet in sequence to then each post transactions to Shadow. Now what is that all about huh? More wallets acting together? As Velma would often say in Scooby Doo, JINKY’S! Something is going on there. I mean these are not just guys off the street putting down cash here in factions right? Are all those wallets owned by the same player? A group of players?

The mind reels… So yeah, there is shit going on as usual with nation state actors fucking with the internets. Go figure eh?

For the un-subtle out there this is all theory and supposition. This is not attribution. Wait.. Fuck, it is attribution! This is what we usually get for attribution! Best guess is ATTRIBUTION people! Once again, I guess you had to be there in the spook world to understand this premise.

Sorry.

The Derpstorm

Like I said above, I posted the story as a lark and went away. By Sunday the shit had exploded. People were reporting that direct connection between FBI, Bitcoin wallets, and ShadowBrokers! I never went to anyone with the story and attempted to report it as fact. Yet the media picked up on it (fucking reporters, no wonder I block them) and away the story went. Meanwhile butthurt people with nothing else to do started wailing and moaning about the wrongness of it all. I frankly think they need some remedial English lessons, but that is just the old Doc here speaking. Hundreds of comments came in on the blog and suddenly in parallel  a metric shit ton of people wanted in on my feed on twitter.

All of them just taking things on face value of a tweet really. 30K hits to the blog post itself, but how many people then understood what I was alluding to, how many took it at face value and did nothing else but believe? How many actually took the time to look further and see what was going on with the accounts and make a judgement themselves I wonder? For myself, I never stopped looking at this and surely upon reflection there were no direct transactions once I began to really dig a lot deeper but there were connections that could not be discounted. When you look at the whole picture you see connections that can lead you to the same conclusion, that bitcoins involved with the Silk Road, accounts thereof that interacted with Silk Road and the seized coins were in fact connected to the ShadowBrokers auction.

Mind. Blown.

What you all took from it and then made it into is all your own faults people. To those who just then went off to go off, and you know who you are, would you please fill out this form and send it to butthurt@shadowbrokers.tuatona.org Someone will get back to you with some salve.

The rest of ya, JESUS FUCK, take things with a grain of salt. I ain’t fucking Moses and this ain’t no stone tablets.

Dr. K.

PS! This internet of shit is not something that is peer reviewed. We are overestimating our importance on a daily basis. Cut it the fuck out.

 

Written by Krypt3ia

2016/08/24 at 19:55

Posted in BITCOIN, FUCKERY

ShadowBrokers Bitcoin Transactions: Now There’s Some Taint For You!

with one comment

Screenshot from 2016-08-19 07-24-54

 

So I was looking at the bitcoin status of the #ShadowBrokers account and something interesting began to take shape. What I noticed, with the help of my trusty Maltego (@paterva) was that some transactions with “tainted” bitcoins was happening. Of course I am using the word taint in it’s original form here in that there be some funky shit going on. It seems that not only that ShadowBrokers are WAY short of the eleventy billion bitcoins they want (at about $990.00 last night) but that if I am reading this right, some of the bitcoin payments are coming from the seized Silk Road bitcoins and account.

Screenshot from 2016-08-19 08-11-55Silk Road SEIZED bitcoins SENDING DIRECT TO SHADOW

Screenshot from 2016-08-19 08-06-47Blockchain.info

Well now isn’t that an iteresting development eh? So, is this to say that these coins are still in the coffers of the feds and they are being sent to ShadowBrokers to chum the water here? Maybe get a conversation going? Maybe to get the bitcoins flying so others can trace some taint? Of course once you start to look at that address and the coins in and out there you get some other interesting hits. Suddenly you are seeing US Marshall service as well being in that loop. Which makes sense after the whole thing went down with the theft of coins and such by rogue agents of the USSS and DEA.

Screenshot from 2016-08-18 17-07-54

Hiya marshal!

THEN we get into stranger territory…

Once you start really looking at the transactions for ShadowBrokers you get this sense of the l337 -ness you are going up against…

Screenshot from 2016-08-19 08-03-28We are all l337 here

Screenshot from 2016-08-19 08-02-50

Sent to

Screenshot from 2016-08-19 08-02-03

Sent to

Screenshot from 2016-08-19 08-01-06Sent to

It’s all amusing but one has to wonder just what is going on here. Now, if the Silk Road coins are still in the hands of the US GOV then who is sending ShadowBrokers fractions of them and why? Now, I began to ponder the imponderables last night. What if, and you can see this once you start to dig around with Maltego, the coins being paid to the account so far also come from other accounts that are, shall we call them cutout accounts for the government?

*squint*

I know, you are probably saying to yourself right about now that Krypt3ia needs to drink some more and chill the fuck out but lemme splain…

If you were the gubment and you wanted to maybe trace these fuckers would you maybe try to chum the bitcoin waters to see what wallets are used for any liquidation of the bitcoins later? I would.. Just a thought and with the hits there to the silk road and the marshall’s service I kinda wonder. In any case this is interesting and I am LOVING the l337 status on those transactions hahaha. You guys take a look and see for yourselves. I just thought this was an interesting development.

Alright, continue your cybers people and PUT ON YOUR HELMETS!!!

Dr. K.

Written by Krypt3ia

2016/08/19 at 12:26

EquationGroup, ShadowBrokers, and Loving The Cyber Pathogen Bomb

with one comment

6165571_14630612227717_rId5

We all knew that this shit was going on but now it’s reaching epic cyber douchery levels kids…

Monday:

Hey someone posted some shit on the Github and the everywhere! LOOK!

DOWNLOAD

DOWNLOAD

DOWNLOAD

Tuesday:

Shiiiit this stuff looks kinda real!

FUCK THEY TOOK DOWN ALL THE LINKS!

…EXCEPT MEGA OF COURSE…

LOOK! RC5 and RC6 Implementations match EQUATION GROUP!

ERMEGERD!

LOOK ODAYS!

SNOWMAN SAYS LAY OFF RUSSIA BECAUSE YOU WAKE DA BEAR! (Uhh hey, can I have my dacha now? I have been a good comrade)

ASS-ANGE FROM HIS EVITA BALCONY: WE HAVE ALL THE SHIT AND WE WILL BE POSTING IT BECAUSE FUCK YOU ALL!

Wednesday:

SECRET SQUIRRELS FORMERLY AT NSA SAY HOLY SHIT!

SECRET SQUIRRELS AT TAO SAY OOPS!

SECRET SQUIRRELS AT TAO SAY THIS IS RUSSIA BY GOD!

Fuckery. It’s all fuckery kids. The world is at war already and the populace never got a vote on this one. These scripts and exploits are just the tip of the 2013 iceberg and the reality is that knowing what the likes of  J-39 and their ilk were hoping for back in the day we are well and truly fucked if they decide to go all out cyberdouche. Now we have this almost parity with this leak by who? The 2016 cyber equivalent of the Rosenbergs? I haven’t a fucking clue and no one else does as to who did this and why. No really, fuck you if you say you do. And if you attempt to “treat intelligence cyber attribute” this shit you are only trying to get clicks for ads.

But seriously, the biggest issue I have with all of this is that while we are all slobbering over the dump and the potential one to come no one seems to be talking about how fucked up this is. While these guys are making and buying 0days and pwning foreign nations our own infrastructure lays like a burned out whore in the missionary position. We are prosecuting the war but we are not securing the “homeland” for shit and we see it every day. See, the rub of it all is that corporations are the ones that hold the infrastructure and fuck all trying to make them become secure through legislation or any kinds of rules. So here we are with all our shit in the wind to start with, no mass movements to secure the nations everything, and now a dump of just some of our cyber weapons has been spilled online as a big fat fuck you.

Yeah, I feel good about where we are.

Still, the shit is three years old.. Who’s to say that those sploits still work on systems in China let’s say. Anyone checked by the way? Anyone?… Well in any case either someone fucked up and left this shit on a server in 2013 to now OR as some have intoned, this was an insider. Either case still leads to the inevitable fuckery the nations have all been up to and we are not alone, not by a long shot. Some have said that the NSA should be securing things and I just laugh and laugh at that. What the fuck do you think their operational aegis is anyway? It’s to break all the things and own them! So all you who look to Ft. Meade for any solutions are just deluded. Nope, the war is on, it is hot, and it is all under cover. When someone finally decides to go batshit they will unleash all the sploits in tandem with kinetic operations and that will be it. A real hot war will erupt.

It’s still true.. We are the reason we can’t have anything nice.

Oh well, at the end of the day there’s fuck all we can do. The shit is in the wind and now everyone has it. It will be used as a platform of attack until all the things are patched but in between they will be used for whatever ends lone actors or nation states feel like using them for.

Yay.

Move on.

K.

 

Written by Krypt3ia

2016/08/17 at 17:00

Money, Politics, and Loathing at BlackHat 2016

leave a comment »

hillary-clinton-election-debate-100642797-primary.idge

AS IF the fact that BlackHat really is mostly just a vendor red room to begin with today, we now are going to make it a political campaign fund raiser as well? JESUS FUCK! What the holy hell is going on here? You mean you are gonna tell me that the one candidate who deliberately disregarded security protocols and mishandled classified TS/SCI information, ON HER UNAPPROVED SHARED SERVER IN A DISUSED BATHROOM is having a FUNDRAISER at a SECURITY CONFERENCE?

What the ever loving fuck?

Ok, so maybe we are in a real shit sammich situation with regard to the 2016 election cycle sure. We have Orange Julius, the guy I am more afraid of being president than Dick Cheney and then there’s Grandma Nixon. So sure, in choosing the lesser of evils I guess I am less rage filled that it is Grandma Nixon that is having a fund raiser at BlackHat. Still though, it really sticks in my craw that this is happening to start. Are we a political organization now? Are we now going to have not only a Democratic fundraiser next election cycle but also a Republican? You know damn well that they will want to post the Grandma Nixon party to come this week. So what the shit people? Is this a security con or just an extension of the DNC and RNC conventions?

BlackHat sold out long ago… Now it is not only selling out, it is actively whoring itself on stage in a cyber Mexican donkey show.

Nice.

Dr. K.

 

Written by Krypt3ia

2016/08/02 at 14:15

Posted in FUCKERY