Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

1984… 1993… 2016.

with 2 comments

apple_logo

I remember seeing the Apple commercial back in the day when it came out that depicted 1984 as the catchy advertising plot point for the Mac computer at the time. If only Woz and Jobs has known just how prophetic those images would be today. I remember too back in 1993 when the idea was floated and a governmental movement began to have a back door (aka a clipper chip) inserted into systems to allow access by the government *cough NSA cough* to be able to see the “evil doers” and stop them. I also remember the sane stopped that from happening. Well, that was then and this is now, well past 9/11 and nigh on 16 years later, we are faced with not only a government toying with the idea again but a federal body demanding through writ of law that a company break the system they have created for what is being touted as the greater good.

Friends while I agree terrorism is bad (I was there a day after 9/11 and worked with the red cross there) I have to stop short at believing that the GWOT needs for us all to give up ALL semblance of personal privacy to fight the terrorists. In fact, I would like to call bullshit on the FBI’s and Comey’s desires to break the systems of cryptography for an alleged boon to the fight on terror. It has become clear that the director of the FBI is not a tech guy and does not understand crypto very well but that is no excuse to continue to leverage the courts to try to induce a company to break it’s system for one phone let alone the notion that this one instance would not be re-used and re-packaged to do so again whenever they (the FBI) liked. This is precedent time, not just a one off issue with a terrorists phone that may or may not have any data on it concerning other actors who may have radicalised Sayed Farook and his wife.

Clearly we are at a precipice here in our digital democracy that has been building for some time. I have attended more than a few seminars by the ACLU and the Electronic Frontier Foundation on the 4rth Amendment and the digital domain and I have to tell you we are all behind the 8 ball on this one with the way the government lawyers tend to think. I have seen people compelled to give their passwords against the 5th Amendment as well and folks it’s time for you to be rather concerned about this. This is the time to really fund the EFF and to bone up on your own rights where these matters are concerned. It is also time for the cypherpunks out there to double and triple in numbers. I hate to say it but I will put it in the common derpy vernacular that is all the rage now…

We are all at cyber war.

When you are at cyber war with a nation state you will lose.

Now, the US and the FBI are becoming the definition of a Nation State Actor. Though, not on a foreign nation. They are targeting you too.

Over reach by the FBI has been a thing for a long time and if you just Google it you will be able to read quite a lot about it. Now consider all of the machinations of the TAO and all of the legal wrangling their lawyers have done to make what they are doing rationalize as legal. Remember John Yoo? Well you should and if you don’t Google him up. It’s easy for lawyers to fuzz the legalities and the moralities into an ethics-less pile of phrases that only allow them to get away with things. I am going to guarantee you now that if this order goes through and Apple is forced to back door the iPhone at a base level, it will be re-used and it will be abused just like the use of STINGRAYS have been lately and it won’t stop there. Once the precedent has been set in law, the legal bar has been set and then it is just a matter of how long until the rights we all have been granted in the US under the Constitution get even more eroded by slick ideas and arguments by those with an agenda of fear.

Honestly, if you look at the history of the terrorism that has occurred these people are known quantities already and that is without the use of back doors or breaking hacking and negating rights. This is not a crypto issue but more so a law enforcement issue of not being able to keep up with their own databases. Please people, don’t buy into crypto being a clear and present danger to you and yours. Crypto is no existential threat, instead the abuse of the laws we have on the books is. Ordering Apple is just the next worst step on the slippery slope to becoming that which we have seen in the 1984 commercial.

Dr. K.

 

Written by Krypt3ia

2016/02/18 at 20:39

Posted in Crypto

My new line of INFOSEC T-Shirts from “Everything Is Bad”

leave a comment »

Written by Krypt3ia

2016/02/12 at 15:11

Posted in Infosec

Actors Keynoting RSA… REALLY?

with one comment

alec-baldwin-team-america

 

I have been taking a mental break of late and perhaps I have been silent long enough or perhaps, maybe more to the point, this news sent me into a fugue of disbelief and bile over the fact that we now have actors speaking at security cons. No, you heard me right gentle reader, we now have actors speaking about security at security conferences post Sony’s hack.

That’s right folks, we now have actors like Alec Baldwin talking about how Hollywood had a “cooling” after Sony got hacked. How rights are being assailed in privacy and how the bad bad nation state hackers dropped a cyber deuce on us all because we now learned just how the Hollywood sausage is made. Poor Hollywood and poor poor Alec and others who had to change their AOL addresses!

The. HORROR!

It gets worse though, not only have we had Alec speaking about how horrible the Sony hack was but also Kevin Spacey as well speaking at the Davos fourm about cyber security.

*blink*

No the fuck way!

What the holy fuck are actors doing at Davos anyway? What the shit is this fuckery? I am so tired of seeing allegedly important people (actors) talking about things that have much more meaning than play acting on screen for lots and lots of money to entertain us. This is outright stupidity people and for RSA to buy into this shit even more for “star power” really offends me.

But wait it gets worse! RSA 2016 has the stars of CSI CYBER doing a panel! What the shit? Reallly? You are going to tell me that these actors have anything the fuck to say about the realities of vulnerabilities and the intricacies of security issues? I give up. Fuck you RSA for your feckless pandering for the almighty dollars. You truly remind me now of a played out stripper working it hard to a bored crowd. I am not giving you one fucking dollar for your gyrations.

Screen Shot 2016-01-28 at 2.31.47 PM

So back to the issue of Actors talking about computer security post Sony. How about these pompous asshats mention the fact that not only were they using crappy addresses and are self proclaimed “Luddites” but also that Sony was a company with one of the worst security records out there to start? How about you self righteous fuckers mention that Sony’s emails showed a large amount of fuckery on the parts of execs and stars that truly lifted the dress a bit and showed their true colours?

Perhaps RSA should go to Wikileaks and read through the emails. Sony is a big company rife with backdoor deals, catty behavior, and a solid record of fucking over women in salaries over men. So fuck you Spacey and Alec and the rest of you trying to be relevant and accepting speaking fee’s from fuckers like RSA. You have no business being in front of us and that goes doubly so for anyone representing CBS and the fucking pile of crap CSI cyber.

Cut it out you abhorrent self important swine.

K.

Written by Krypt3ia

2016/01/29 at 02:30

Posted in JESUS FUCK

with one comment

RCA_Indian_Head_test_pattern

Written by Krypt3ia

2015/12/10 at 12:31

Posted in Uncategorized

THE 2015 FULL SPECTRUM CYBER DOUCHERY KRAMPUS LIST!

leave a comment »

KrampusFIRE3

WELP, another year is almost gone and Krampus has been sharpening his bundle of switches to beat all the bad cyber security folks this year. Krampus has been really really really inundated with names for 2015 and in his magnanimous ways has decided to allow you to see ALL of this years list to give you the full scope of the asshattery and FULL SPECTRUM CYBER DOUCHERY!

Feast your eyes dear reader upon the uber list of names given to Krampus this year!

See you at the bottom there for special mentions!

The List: An anonymous list provided by the community. Krampus’ personal list is below this.

Hacking Team
@dcgomez1 STAY IN YOUR LANE!
@PixalateInc A bogus malware claim and no IOCs to back it up. FUCKERY!
@puellavenerata (sp?) Tor dev. A raging lunatic, yet Tor Project t keeps employing her crazy ass.
Adrian Crenshaw He needs to shut up and do his job. Fucking drama.
Adrian Krenshaw Sexist douche and doesn’t realize it, but everyone loves, so s’all good
ALL OF US
Aloria Narcissistic drama. Lack of contributing to community
Aloria Wines about being single then wines when she’s hit on. Doesn’t attend and disses cons. Encourages mcgrew’s asshattery
Aloria Because she is a hypocritical raging cunt .. or dick if she prefers for her transiet sensibilities
aloria for the endless drama.
Ankit Fadia http://www.dailyo.in/politics/digital-india-ankit-fadia-trai-draft-encryption-policy-ravi-shankar-prasad-cyber-security/story/1/6500.html
Anonymous bunch a fucking skiddies who have never made a difference
Anonymous Using pea shooters against tanks
Anthony Zuiker and any other fucker creating documentaries and TV shows, movies that spew Cyber CSI Cyber, NOVA cyberwar and any other shit show
Apple Because they still don’t care about you unless you’re spending buttfsck a lot of money every six months on them
Archuleta OPM
Billy Rios breack of NDA, stunt hacking grandstanding
Bob Lord
bob lord you cant get shells on macs
Boris Sverdlick Took his 3rd job in 2 years and moved his family across the country for the 3rd time.
Brennan Being Cpt Obvious
Brian Krebs Do you really have to ask?
Bsides las vegas board for being a bunch of fuckin’ weenies over what’s essentially an april fool’s joke
China Ruining FireEye profits
Chris roberts famewhoring
CISO Rockstars or any self proclaimed security INFOSEC Rockstars There are no rockstars, we are all fucked.
Cobolt jesus fuck have you met the guy?
COMEY Blissful ignorance should, in this case, be rewarded.
Comey Crypto fuckery
Convention hopping security “professionals” …Who are too busy talking about what’s broken & collecting swag to actually take time to work on FIXING the issues they’re too busy “talking” about
Cyber Security Ninja https://www.indiegogo.com/projects/cyber-security-ninja#/
CyberPsychologists Cyber-sexual urge to penetrate
DA_667 Shitposting. A shit-ton of shitposting.
Dan Guido Because douchebaggins
Dan Kaminsky He’s Dan Kaminsky
Dave DeWalt For blaming the lack of Chinese hacking on FireEye not meeting targets.
Dave Kennedy Stupid “family” huggy conference crap
David Cameron Trying to backdoor encryption legally
David kennedy selling out to the feds yet again
Dell superfish-like root certificate installed on all new machines
Dell superfish2: ELECTRIC BOOGALOO
Dick BAITLICK for being a massive toolbag and self promoting whore
Dido Harding No fucking clue if customer data was encrypted or how deep the breach was
DPRK Giving press exposure for a Seth Rogan movie
EFF for buying into the TOR shitstorm, and drinking the shit-flavored kool-aid.
Erratarob Trolling
Erratarob Trolling
Eugene Kaspersky  He’s Eugene
European parliament  Crypto fuckery
Evan Kholmann Darknet word clouds.
F-secure Freedom vpn spying platform
Feminists CryBullying INFOSEC people
FireEye For taking vulnerability response douchebagery to a new level.
FireEye for their shit treatment of researchers. Also have you seen WITCHCOVEN yet? Fuckin lol.
Flashpoint Intel For hiring a chief scientist that’s full of shit… OMG PS4!!!! Fuckin retard
Glen Greenwald Still hasn’t released all the Snowden docs
Google For returning to China
Gov’t of the UK  Crypto Fuckery and GCHQ Hacking
GOVERNMENTS Encryption MUST HAVE ZEE BACKDOORS – Because terrorists weren’t able to get AK-47s, suicide vests, and other terror instruments in Paris which is a notoriously ‘gun free’ city .. yeah, back-dooring encryption will stop them. That’s the ticket.
HackerHuntress Self-absorbed & self-important recruiter
Hacking Team Equal parts “being assholes” and “getting smacked down”
Hacking Team for hiring people that wear atrocious looking hats, oh and selling shit to repressive regiemes
Hillary Clinton Home-brewed unpatched unauthorized ‘solution’ to S, maybe TS comms
Ian Amit so every ex-israeli army guy is an infosec expert now?
Infosec Drama people (Crenshaw, Weidman, Viss,…) Come on, either get back to 2nd grade, or grow the fuck up and behave like an adult.
Invincea FUD FUD FUD FUD
Ioerror Self promotion
Iron geek Asshole
Irongeek He causes too much drama in the community to justify his contributions.
Jack Daniel Those damn Tenable spam emails
James B. Comey, Jr. Two Words “Crypto Backdoors”
James Comey Because fuck that guy
Jayson E. Street His hugs are awkward!
Jayson street
Jayson street
Jayson Street because hugs should have no bearing on infosec
Jayson Street The classic con whore, should be banned from talking about anything technical or related to defensive security
Jayson Street eats a bags of dicks
Jeffery Carr Consistently wrong on attribution, craps on other’s research yet doesn’t deliver any himself. Specifically out to make money on “cyber” by being a contrarian.
John Brennan Falling into a wormhole and coming out in the 90s (using AOL)
JOSEPH MENN/ Reuters for his extensive campaign against Kaspersky Lab
Josh Corman For being a celebratory jackass for getting fuckall accomplished.
Kelly Lum aka Aloria Batshit crazy is as batshit crazy does.
Kelly Lum aka Aloria Drunk drama
kelly lum (@aloria) Much drama. So cray cray.
Lance James Because he’s a self aggrandising asshole
Lance James Dark and deep web bullshit artist
Lenovo Not satisfied with the superfish shitstorm, they decide that adding in a bootkit to their product line would be a great idea.
LinkedIn For giving you migraines. Daily.
Major – mid size retailers not encrypting CC data 2 years with a target on your back and still deciding to save $ over protect customers. Pennies per transaction to save millions. Sad sad sad
Mark Zuckerberg facebook, whatsapp, etc
Marketing Departments Exploiting research for sales, naming vulnerabilities, taking threats out of context, etc.
Mary Aiken CSI Cyber – need I say more??
Mary Aiken “cyber psychology” Freudian fuckery
Mary Aiken CSI Cyber, Freudian slip it in for hackers
Mary Ann Davidson For feeling entitled in her position and trying to exert her imperialist tendencies on security researchers.
Mary Ann Davidson Not understanding her customers
Matt J Harmon (MJH) For claiming to have worked on the team that made Stuxnet
Matthew J Harmon He believes he’s better than most of the community.
Matthew J Harmon Blockes INFOSEC ppl and speaks of building community (why is this guy not on @attritionorg’s charlatan list yet!)
McGrew For somehow being at the center of so many shitstorms yet never getting his hands dirty. Instead of stirring the pot maybe he should actually do something of value for the community
McGrew for being a shit-stirring instigator. Bringer of the Drama
Meg Whitman
Meg Whitman For not killing Raf with polonium when she had the chance
Michael Smith GhostSec douchery
Mr Robot Cyber cheese, melodrama, and hipsters
Mr. Robot All hacking must feature Benedict Cumberbatch
Norse  Full on pew pew pew fuckery
Norse for being Norse
Norse complete and utter embarrassment to companies that actually do legitimate threat intel. Go peddle your shite honeypot indicators and flawed analysis elsewhere
Norse Cause they try to try to sell millions of IPs as being malicious without actually providing any context. And they charge a fucking arm and leg for this worthless data
OpenSSL maintainer https://marc.info/?l=openbsd-tech&m=144472550016118&w=2
OPM lost all the things
OPM Now I need new fingerprints.
Optiv For continuing to employ Raf
Oracle lol EULAs.
Pearson Vue Yet Another Breach
Pixalate Creating a fake botnet named Xindi
Pixalate Security’ company gets PR firm to hit up major media and panic C-suites for days without providing a single IOC in marketing effort. Alleges they were actually working with experts the whole time – none of which can be identified or found.
Pixelate Ask @da_667 @botnet_hunter or Carbon Dynamics about the bullshit surrounding the Xindi Botnet. TL;DR: Extortion and vaporware.
Pixelate Xindi Botnet and the complete pile of shit the entire report was.
Raf Because you know damn well he deserves a krampusblifetime achievement award.
Raf Raf
Raf GODDAMMIT YOU ALREADY KNOW. JUST READ HIS TWITTER FEED. At least give him honorable mention.
RedDragon1949 Cause I use “cyber” so much…S/F – RDR 1949
Root9b
Schneier
Shane Schick, @Shaneschick, writer at IBM’s securityintelligence.com In his Nov 4 article for securityintelligence.com, couldn’t even be bothered to look up what EMET stands for, fearmongers about cybercriminals launching attacks, doesn’t even both to contact the authors of the paper but instead does lazy second-hand reporting.
Sidragon Yeah, yeah, freedom of speech, but live-tweeting fucking with a plane would’ve landed his ass in Gitmo if we wasn’t white
Sidragon For being a massive fucktard, testing things he had no business testing and putting several of his co-workers out on the street.
Sony They have RC4 for the preferred PS4 cipher
Starwood Hotels POS Breach
Steven Thomson https://www.indiegogo.com/projects/cyber-security-ninja#/
Steven Thomson So no necessarily Steven Thomson himself, but the culture in academia and the workplace that convinces people like this that he can be a “CYBER EXPERT” with all these certz and that’s all you need!
Stewart Baker for being 5 time partner at Steptoe, and a massive troll.
Stratfor Shamelessly attempting to game and capitalize on Paris attacks
Stunt Hackers Because they endanger the public by dropping SCADA 0-days on stage, flying planes and driving Jeeps sideways.
Stunt Hackers (Chris, Charlie, …) Because when marketing comes before security it’s a FUD game
Symantec for being Symantec
Symantec Their process didn’t catch misissuance of certificates that impersonate major web properties
TalkTalk For being derpy in the UK.
TalkTalk Because they’re incompetent gits
Ted Koppel Cyber Grid Meltdown!
Ted Koppel His book.
The EFF, also Soghosian Sheer idiocy & FUD sales in the face of facts
The EU parliament For declining extradition of snowden
The Golden Key Giving Comey a hard-on
The TOR project For being a bunch of pissants who can’t accept criticism that their project is shit and has changed nothing.
The UK PROPOSING LAWS TO EFFECTIVELY BAN CRYPTO
The UK gov’t For demanding gov’t access to all encryption
Threat Intelligence Telling me China is behind it isn’t threat intelligence.
Tor Project Over 9000 obvious reasons. Summary: faggotry
TrendMicro fergdawg
TrendMicro because they don’t include IOCs in reports
Twitter Filling timelines with heart attacks
U.S. Government Failing elementary security
U.S. Office of Personnel Management Being essentially the Snowden of sensitive personal information, through laziness & stupidity rather than outright malice, and no one getting punished for it. Bravo.
Venture Capitalists Seriously, completely ridiculous valuations on crap solutions is creating a massive bubble
VistaPrint too many tupo domains…
VTech think of the kids, bruh
Wesley McGrew Have you met this colossal douchebag?
Wesley McGrew SJW douchebaggery and being an over educated educational poser
Wim Remes Can you please get that ISC2 thing over please?
Wired Wired is to technology as screen doors are to submarines.
Zerodium Because, Assoles.

 

WHEW! that was a long list huh? There were more than a few nominations that had doubles and triples but Krampus is a discerning and judicious hater of all things cyber douchey. So here are Krampus’ favorites including some that did not make the list proper. Are you ready? Krampus is! Let’s begin with Krampus’ most hated douches shall we?

The Press:

LISTEN up you fucksticks. Krampus is really fucking tired of seeing poorly investigated stories on “the cybers” in the news cycle! So many times Krampus has smashed things after reading your stupid fucking click-bait-y shit that he has nearly come close to the record holder Packetknife in breaking Macbook Air’s in two! FUCKING STOP!

Look, if you are going to do reporting on things then you have to do a few things;

  1. Talk to knowledgeable people, dare I even say experts? You know, people who are the subject matter experts?

  2. THEN you report on what they told you without editorializing what they said to fit your fuckery and click bait needs!

  3. IF the experts say nothing that you can print because you have your own agenda, then DON’T FUCKING WRITE ANYTHING!

  4. IF you are looking for EXPERTS fucking VET them to insure they know WHAT THE FUCK THEY ARE TALKING ABOUT!

  5. STOP GIVING CERTAIN MEMBERS OF OUR COMMUNITY AIR TIME TO PIMP THEIR PRODUCTS!

  6. AND FOR FUCKS SAKE STOP WIRED BEFORE IT GETS WORSE! (Wired is to tech journalism as a screen door is to a submarine)

JESUS FUCK! IF KRAMPUS GOES ON HE WILL HAVE AN ANEURYSM!

Threat Intelligence Firms:

WHERE should Krampus start on this one? I mean there is so much to cover on how fucked up this whole thing is. Maybe it is good to just list out the problems to start with huh?

  1. Threat Intelligence means that you give analysis on the THREATS to the CLIENT you fucksticks!

  2. Selling other people’s data, INCLUDING OPEN SOURCE DATA, packaging it, stamping it with your logo, and charging huge sums is FUCKERY.

  3. Once again, it’s about the CONSUMER of your data and the ANALYSIS that you give them fuckwits!

  4. GOD DAMMIT I HATE YOU ALL!

SO, does that kind of encapsulate how Krampus feels about so called ‘Threat Intelligence’ firms? I think it kinda does. It’s really just another way for companies to make money, lots of money, off of the knoodnicks out there willing tho buy their shitty intelligence reporting because they have no clue. As Barnum said; “A sucker is born every minute” in today’s HFT world it is more like every nano second.

The Government & Comey:

OMFG KRAMPUS HAS A MIGRAINE ALREADY THINKING ABOUT THIS ONE….

Ok, so Krampus understands that the people in the gubment aren’t really the sharpest blades in the drawer but really, backdoor keys to all crypto? Do you even CRYP… wait, what is Krampus saying… NO, you don’t.

Ok, let Krampus use the small words here:

“JESUS FUCK NO YOU CANNOT BACKDOOR ALL THE CRYPTO BECAUSE THAT BREAKS ALL THE CRYPTOS YOU IDIOTS SO STOP TRYING AND ACTUALLY DO SOME WORK. YOU KNOW, LIKE GETTIN HUMINT INVOLVED TO KNOW WHO’S DOIN SHIT WHERE AND WHEN OK?

Now, Krampus has a special note for Mr. Comey…

Dear Mr. Comey,

Krampus knows you are trying to defend the nation and to stop all the bad things. Believe me, I understand, but you really really really need to listen to the experts on this and get your mouth off the crytpo backdoor hash pipe ok? Can you do that for Uncle Krampus? If you do he promises you that he will be extra nasty to the bad bad kids this year.

No no no.. oh stop crying Mr. Comey…

Aww fuck.

Yours,

Krampus.

OPM:

WOW, what can one say other than wow about OPM. Well, let Krampus try…

“HOLY WHAT THE FUCK YOU STUPID SHIT STAIN GOVERNMENT WORKERS! WHAT THE HOLY FUCK WERE YOU ALL DOING WHEN YOU WEREN’T PLAYING WITH YOURSELVES IN YOUR GOVERNMENT ISSUED TAN ON TAN CUBICLES FULL OF WENT NAPS AND TPS COVER SHEETS? IF I COULD I WOULD TAKE EACH AND EVERY ONE OF YOU TO THE RIVER AND DROWN YOUR ASSES FOR YOUR FUCKERY!

ARCHULETTA, YOU, YOU, YOU FUCKING RETARDED CHIHUAHUA! I HOPE YOU NEVER GET ANOTHER FUCKING JOB EVER THE FUCK AGAIN! YOU AND YOUR ORGANIZATION NEEDS TO BE BURNT TO THE GROUND AND A NEW ONE BUILT ON THE ASHES OF THE PLACE. HOW THE FUCK DO YOU EVEN SLEEP AT NIGHT YOU ASSHAT?”

Sorry, Krampus kinda lost it there… He’s just really really pissed that you lost HIS data!

Stunt Hackers:

HEY YOU! YEAH YOU, THE LEE MAJORS STUNTMAN WANNABE FUCKTARDS, CUT IT THE FUCK OUT!

What the fuck is this cyber kindergarten? No wonder no one pays real attention to us when we have fucksticks claiming to fly planes sideways while hacking cars that are on two wheels.

JESUS FUCK!

Krampus suggests that if you want attention you go talk to your moms and stop this shit.

Mary (I’m a CYBER Psychologist) Aiken & CSI CYBER:

MARY, oh Mary, you batshit crazy opportunistic twat. Wow, you came onto the scene like a full on case of the herpes and like the herpes you just won’t go the fuck away! You’re brand of stupid burns like the infection in Krampus’ urinary tract from the STD that is your genre of FULL SPECTRUM CYBER DOUCHERY you inflicted upon us all with your abomination CSI CYBER.

HOLY WTF! what a piece of shit that show is and your claims to be a “Cyber Psychologist” is one of the most moronic things Krampus has ever seen! Krampus though has to admit that your height of heights in hilarity was trying to kluge Freudian psychiatry into CYBER. Wow that was just the most inane shit Krampus ever read and he had to really really drink a lot of Whiskey to get that shit out of his head.

Mary, do us all a favor and post your university’s dismissing you, go drown yourself in a loch somewhere please.

Yours,

Krampus.

CYBER Counter Terrorism Firms:

SINCE the start of Da’esh’s CYBER war against us all there have been more and more of these ’boutique’ counter terrorism firms popping up. Some of the older ones like FLASHPOINT are the standard model for the new ones and by standard model Krampus means charlatans. Like the ever present and oft used shill Evan Kohlmann, the baby faced and minded, front man of FLASHPOINT Partners. How the hell did you even get any time in the court or on TV hawking your particular brand of stupid? Oh yeah, it was the gubment!

This trend is only getting worse and Krampus’ lists are getting longer and longer with names from these firms. Krampus though has one special message for Evan though…

Evan?.. Evan? No, over here Evan, focus for me. Use that weak spine to turn your infant head this way… Yes that’s good. Now, CUT IT THE FUCK OUT! STOP BEING A SHITHEAD AND STOP TAKING OTHERS INTELLIGENCE AND POSTING IT AS YOURS! FOR THAT MATTER JUST GET OUT OF THE BUSINESS BECAUSE PEOPLE ARE ON TO YOU NOW YOU FUCKWIT. IF KRAMPUS SEE’S YOU HE’S GOT A SPECIAL SELECTION OF SWITCHES TO BEAT YOU WITH.

Now, go back to sucking on that cyber terrorism binky..

Hacking Team & 0day Vendors:

HACK’ING TEAM! wow, just wow. Your shitty software was one thing but your PASSWORD security was something else altogether!

“PASSWORD IS MY PASSWORD FOR ALL PASSWORDS INCLUDING MY DOMAIN PASSWORD!” 

BAAAAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!

Sorry but you guys deserved to be hacked just for that but when the shit came out it really showed how little morals you had! Look at all those deals with despotic governments! This is just the tip of the iceberg Krampus thinks when it comes to 0day vendors. What a business you are all in. Frankly Krampus wonders why you all aren’t just in a fiery pit already for all your fuckery.

You shall reap what you sow.

“The Community & Cons”

HI KIDS! SIT DOWN WHILE UNCLE KRAMPUS BEGINS THE AIRING OF GRIEVANCES!

WHERE the fuck does Krampus begin on this one? Lessee here… Oh yeah… WHAT THE FUCK IS WRONG WITH ALL OF YOU? Did you all just regress back into early childhood or what? Cut it the fuck out with all the childishness and attention seeking behavior! This is supposed to be serious business right? Oh wait, haha oh yeah.. Serious business haha..

Look, you all act like morons with your freak flags fluttering in the wind and then grouse about how you are not taken seriously by your employers and the greater populace. No wonder they pay you little attention when you are all acting like juvenile asshats! Maybe that CEO might pay better attention if you didn’t look like a goth club reject huh?

Grow the fuck up.

Special Mentions:

The Odious Awards:

Raf: MY GOD DO YOU EVEN INTERNET BRUH?

Euegene: SHUT UP EUGENE!

Schneier: Always a day late and a bitcoin short.

McGrew: I banned you because I thought you were a douche. Well, gee, I guess it wasn’t just me huh?

Jeff Carr: Self promoter extraordinaire who never passes up an opportunity to pimp his wares and be wrong on national TV.

Ankit Fadia:

Dave Kennedy: Just stop with the fucking hugs and STAY IN YOUR LANE!

Eratta Rob: YOU MAGNIFICENT TROLLING BASTARD! You do realize that all this trolling you do belies your deep seated neuroses right?

Kim Zetter (Hack Reporter): KEEP ON CYBERING DA’ESH INTO SUBMISSION… IDIOT.

Jayson Street: Some folks just don’t seem to like you. Krampus actually thinks he has nothing on you so you will get off with a warning.

Josh Corman: Krampus has you on the list in the permanent collection. Keep wearing that unicorn head mask thing. It suits you.

Dick Bait-Lick: Krampus has decided that your punishment will be that you must wear a tribble on your head from now on in public. You jingoistic fuckwit.

Hillary Clinton: Krampus has a special place in his black black heart for you! That stealth server in the disused bathroom, SHEER FUCKING GENIUS! You are gonna run shit someday! Run it into the gound that is…

STAY IN YOUR FUCKING LANE:

AS Krampus was writing this a Tweet came across where the illustrious Kim Zetter was allegedly saying she would be on a  panel about Da’esh and CYBER. Krampus’ mind nearly went bye bye when he saw this. So here is what he has to say about STAYING THE FUCK IN YOUR LANE!

IF YOU ARE NOT AN EXPERT ON A PARTICULAR THING DO NOT ACCEPT SPEAKING ENGAGEMENTS ON THAT THING!

IF YOU ARE NOT AN EXPERT ON A PARTICULAR THING DO NOT OFFER ADVICE ON THAT THING BECAUSE YOU ARE NOT AN EXPERT!

IF YOU ARE NOT AN EXPERT ON A THING THEN DO NOT GO ON CNN SAYING YOU ARE AN EXPERT ON THAT THING!

JESUS FUCK what the fuck is wrong with you people? Is it just that you think you can Google something that you are now an expert? FUCKING STOP! This goes doubly and triple for Kim Zetter and Dave Kennedy talking about anything to do with Terrorism and for fucks sake surely not CYBER TERRORISM where Jihad is concerned.

Just stop the fame whoring.

GHOSTSEC/ANONYMOUS VERSUS DA’ESH:

Oh Anonymous and your splintery splinter amorphous groups of Aderall riddled children. You make Krampus sad and amused with your antics. He especially giggles when he thinks about a group of nerds in basements who claim that you can’t stop an idea, are trying to stop another groups ideas! You all do realize the hilarity in that don’t you kids?

Kids?

Focus for me kids… NO STOP TOUCHING YOURSELVES WHILE YOU PING THAT SERVER! OH MY GOD!

Oh well, you keep on keepin on with your DoS attacks and your really shitty OSINT gathering! You will have the sum effect of nothing in the end against terrorism. You all just keep patting yourselves on the back though and keep that narcissistic light shining on all your “anonymous” players. Uncle Krampus will eventually snitch on you all landing you in classes with Sabu on how to be upstanding online denizens.

LOOKING AHEAD TO 2016 IN FULL SPECTRUM CYBER DOUCHERY:

Well fuck, how much worse could all this get anyway? Krampus really does trade in this kind of bad behavior so if there were less he would be retired. While Krampus is not in the “prediction game” he has a keen eye and see’s that there will be much more fuckery ahead in 2016! All of you in the INFOSEC business will likely go FULL SPECTRUM CYBER and it will be game over. Next year’s list will likely be a lot bigger and Krampus will get carpal tunnel from having to beat you all with those switches and the CAT-6 cable flail!

See you in 2016 fuckers.

Krampus.

 

Written by Krypt3ia

2015/12/04 at 17:18

Posted in CYBERKRAMPUS

Did China Just Bill Clinton Us on OPM?

leave a comment »

Clintond

 

In an article posted today from the Chinese State News service Xinhua the official ruling on the OPM hack has been determined to have been carried out by a group of “criminal hackers” not at the behest of the Chinese government. As such they say, the hack was not an official act of cyber war but instead a criminal act according to current laws on cyber warfare.

Dude, we just got Bill Clinton’d on one of the largest hacks to date on governmental databases! Let’s parse this out a bit and then move on to another story that was also posted today. That story; “Congress wants to know how OPM hack could hurt U.S. spies” asks one of the most idiotic questions I for one can think of as someone who’s data was stolen by a foreign power who is now saying in effect; “We have your data, but hey, it was a criminal act. We didn’t ask them to do it but thanks for the files!” 

Thanks China! Don’t mind you holding that data for me since I think that the OPM and the DHS aren’t really capable even with their neato NCATS cyber hygiene service! Say… Did I mention I found all your FOUO documents on your super neato hacker hygiene program being leaked by your own servers? YAY!

Asshats.

But I digress… Ok so back to the first story. I believe that in the past I have written about the coming cyber wars in context of how incredibly hard it will be to prosecute not only the war, but also the defense as well as the, well, prosecution, of anyone we think carried out actions against us. Here we have a classic example of how this will all work with the, well lets call it from hereon the “Clinton Defense” for lack of a better moniker.

China was pretty smart to play it this way because not only does it sort of absolve them but it also gives them a chance to now leak that data to the darknet let’s say and lend credence to the idea that criminal gangs stole the data and are now trying to profit from it. Once the cat is out of the bag the cat pretty much is useless right? Well no, in fact they have their copy of the data and I am sure the MSS and more so the PLA have farmed all that data out to their intelligence customers for further exploitation.

China wins.

This is probably a scenario that certain analysts already thought might come to play since we kind of already pointed the finger at China anyway. It also may have been a foregone conclusion given the futile naming of names and placing them on wanted lists that the DOJ put out this year. If you think we will ever get hold of those Chinese PLA assets you are just deluding yourself. From now on I can see how China and now other nations will just blame non state actors for the hacks against any assets just like some mother scolding a bad child for thievery out of the cookie jar. All the while the players will not be charged with anything and perhaps never even be known because the government will cover their identities.

Do you see where this is all going? What a slippery slope this is? All the while we keep focusing on attack and not on defense. Yeah, that will win the day for us for sure. I am so tired of all the bullshit. Even if you can DFIR and OSINT the shit out of things all one has to do is “officially” blame another actor and the game is over. There won’t be any trials and the data is still in the hands of the adversary, once again, because WE FAILED TO HAVE THAT CYBER HYGIENE!!

Fuckery.

Meanwhile the congress seems to be overtaxing their small minds trying to understand how the data that was stolen (SF86’s and the kitchen sink at OPM) could affect those in the clandestine service. Seriously? Are you fucking kidding me? You don’t understand how China having not only access to where someone worked and works, but also all their personal histories, clearance levels, friends information, psych status, fucking everything to create a super dossier on them could affect a clandestine agent? Tell me something congressman… Are you an idiot?

I would like the congress to understand even more deeply about the hack on OPM. It is more than just the data that they stole. It is also about how long they had access to the internals at OPM and then the networks that the OPM network touch. For instance, did you know that the server the data was being held in partially sat in the DOI?

NO I AM NOT KIDDING

The Department of the Interior is a place I know rather well because I worked for the DOJ on a case against them back in the day. I had to look at their networks and boy oh boy, what a fucking mess. Would it also surprise you to know congressman that the DOI network has classified network connections as well? Did you know for example that when I was poking about I saw NRO shit as well? Think about that and let it rattle around your empty heads a bit. Ask yourself and then ask OPM and DHS what other networks the Chinese may have had access to for about a year?

HEAD. SPLODE.

I dunno, it seems like every day I just want to crawl into the woods and build my 6×6 shack and wait for the apocalypse to come far away from the asshattery that will undoubtedly occur. Fuck the whole iot bullshit with fridges and toasters exploding from grid hacks by Ted Koppel. I just want out because we as a species are just incapable of handling this shit appropriately. I eagerly await the end where the AI finally takes over and decides to liquefy us all to feed to one another to be used as batteries for the Matrix.

Let’s get this over with already.

K.

Written by Krypt3ia

2015/12/02 at 18:19

Posted in China, CyberWar, Hacking

Anonymous Versus Da’esh: It’s OPCARTEL All Over Again

leave a comment »

anonymous-mask-tayeb-abu-shehada

Sit down kids and let me unfold to you all how idiotic I think you all are. As someone who has been doing research low these 15 years that we have been in the GWOT I have to just say my peace concerning your so called “war on Isis” The short and simple get off my lawn statement is you have no idea what you are doing. The longer more thoughtful commentary will follow shortly.

Honestly, you all mean well I am sure and I am also sure that many are in it not for the moral faggery but more so the attention seeking narcissism that fuels all of your breathless narratives given to any and all hack reporter that will listen and then fill in the blanks per their own clickbaity needs. In either motivation you all are doing a poor job at trying to prosecute a so called war with horrible OSINT and a plan that only annoy’s the da’eshbags more than stops them communicating.

A great Twitter war of Whack A Mole is pointless and in reality the government and Twitter have only shut down accounts that were not only confirmed to be spewing da’eshbag materials but also were real players. The blanket approach that you all have taken drift net like, and capturing not only some real accounts but also others who are just innocent Muslims, Iranians, Palestinians, etc does nothing for any cause save your own attention seeking. Pay attention! Twitter is not using your data. The government is not using your data! Your data is bad and you are an impediment not great warriors in the greater battle against radical jihad.

khaaaaaan-o

Either work smarter or stop.

I have sat in on your pirate and other “pads” and even given you direct information that some of the people you have targeted have nothing whatsoever to do with jihad. You all never seem to listen so I stopped. I am sure nothing I say here will matter either really so you will continue to go on and be a hindrance while making the headlines. Frankly the hardest thing for me lately is to be tagged together in reports on your little war with the story if my locating the dark net site recently that was a feed of da’esh propaganda. I really want nothing to do with you but the media, though I block them, still cannot seem to get their shit straight and report on what is really important over the lede of ERMEGERD ANONYMOUS WILL WAGE WAR ON DA’ESH!

FUCKERY.

Let me just give you the same cautionary that I gave you on OpCartel

You aren’t ready for this kind of real warfare. If da’esh finds out who any of you are and they are able to, they will kill you. Maybe even behead you for the camera because they too need the media cycles to pimp their ideas and propaganda.

It’s that simple.

Work smarter or leave the battlefield.

K.

 

Written by Krypt3ia

2015/12/01 at 18:03

Posted in Uncategorized

Follow

Get every new post delivered to your Inbox.

Join 222 other followers