Winzip.com has been hacked as well. Do not trust their binaries.
Either this will be headline news tomorrow, or it will be suppressed in its entirety. The OP will probably go to prison, unfortunately, as they will not differentiate between this and black hat intrusion - the case will be judged by someone who saw his nephew using a computer, once, and they will go after him, because they know who he is, and will not have any joy identifying the actual intruders, and this will just go further to demonstrate that the spy agency dragnets are as useful as a chocolate teapot in preventing and acting against actual crime.
I hope he contacted a great defence attorney and the ACLU at the same time as Yahoo and the FBI.
Trespassing is a good analogy. Neither all laws or violations of laws are equal.
On one hand, there are the vandals, or outright criminals, who are using and abusing my property for their gain to my detriment.
On the other hand, there's a passerby who knows about the criminals in the area, knows no one else is looking for them, and trespasses my property because the trail led him onto it.
Now that guy willingly alerts me to the criminals, offers an explanation of what he did on my property and how he found the criminals -- what should my response be?
I know that technically he broke the law, and there are those who want to see anyone and everyone pay for their deeds, but in this situation, wouldn't a reasonable person possibly consider tracking down the criminals first before crying "trespassing!"
It doesn't sound like this person trespassed at all, but merely traversed your land during his investigation. He didn't do any damage or remove anything, so what was the trespass?
Trespass to land doesn't require damage, all it requires is the willful, unauthorized, entry onto land in another's exclusive possession. Vandalism requires that there by some property damage.
This isn't true. You're overestimating the strength of property rights to land. You should follow the link provided elsewhere in this branch of the discussion - http://www.shouselaw.com/trespass.html
It's amazing how many people think that traversing and trespassing are the same thing. Sadly, in many states, they are the same under the law.
I wish there were stronger free-to-roam laws. I don't think anybody has the right to tell another person they can't traverse land so long as they don't enter any structures, do any damage, take anything, disturb any wildlife, etc.
I wouldn't be happy at all if someone went into my cellar without my permission and told me that my gas line was weakening. Despite good intentions, trespass is trespass.
If he can smell it from outside my cellar, then why isn't he able to knock on my door? Or call the cops if I'm not home. Even for actual extremis (such as a fire) I'd generally expect people to call the fire department instead of breaking into my house to put a blanket over a kitchen fire.
With that said I'm sympathetic to this guy's intent. If I were Yahoo or the FBI and he can prove that innocuous access is all he was doing, let's just say I wouldn't go out of my way to throw the book at him.
Because (going back to IRL analogies again), the authorities writ large have the authority to do an exigent search of my home if there's probable cause of a disaster of some sort going on, but local and Federal LE don't exactly have the same right to go around pwning the entire Internet to look for sites that have already been rooted, so in a sense leaving this issue to the authorities is simply leaving it to no one except the criminals, which is also unsatisfactory.
If the right answer to widespread problems like these is supposed to be law enforcement "patrolling the Internet" in some fashion, then we'd need to have way different legal authorities to allow for that. Until then I'm not sure that "only the criminals can search for burning buildings on the Internet" is really the most pragmatic answer.
In any event we obviously can't rely on each and every single important web site's system administration teams. If even Yahoo can be caught, who can you trust?
yeah right, they'll fix your KDE 2 install on freebsd in a jiffy as well
Until then I'm not sure that "only the criminals can search for burning buildings on the Internet" is really the most pragmatic answer.
It's not a pragmatic answer, it's a matter of fact. NSCIA are busy collecting phone calls and developing backdoors.
I'd be careful calling anyone criminal.
This thread has a lot of shaky analogies with physical trespassing. Here's an article on trespass laws (in California) - the article is more interesting than you would expect and the trespass laws are more complicated than you'd expect. http://www.shouselaw.com/trespass.html
It looks quite similar to Washington State trespass law in practice. If anything it might actually be broader, our criminal trespass statute up here tends to be interpreted rather narrowly because it's somewhat lacking in detail.
If you're not intending this metaphorically, I must disagree. Trespass is a fairly limited act involving a physical presence. Sending and receiving packets with another host that is configured to do that is really not anything like physically inhabiting a place.
If person A walked up to your window and fired shots through it, killing a family member of yours, and then person B walked up to your window out of curiosity (trespassing), saw a dead person, and called 911 (or whatever your country's emergency number is), should person B be prosecuted for murder?
Edit: I thought this was an accurate analogy, but I'm assuming the downvoter either disagreed or felt I phrased this as a sarcastic attack rather than an analogy. If it incorrectly came across as the former, that would be my fault, but I don't know if that's what caused the downvote, so an explanatory comment would be appreciated.
Since you asked for a downvote explanation: I couldn't make any sense of the comment, even after thinking about it. It's not that I disagree, I can't even figure out the analogy. Are you saying B shouldn't be charged with anything because they didn't murder, or B should be charged with trespassing but not murder, or B should be charged with felony murder because of the trespass, or something else?
The parent asked whether the OP should be treated differently from people actually doing the malicious act. My analogy was meant to illustrate that we should.
I didn't express a stance either way on whether he should be prosecuted for a more minor offense or not, in the analogy's case trespassing. (There are obviously both pros and cons in the precedent set by prosecuting people for revealing their own minor crime on account of reporting a terrible one.)
That is NOT an accurate analogy.. to make it analogous, you need at least two fixes: a) the person needs not simply see from window, but to get into your basement from breaking a double-panned window, and go up into your bedroom. b) Also the charge needs to be for 'intrusion'
Plus, using 'murder' and 'family' and 'dead' etc. are too dramatic and personal and unnecessary to convey your point about internet security.
It's a safe cracker calling the cops in this scenario. "I wanted to see what banks I could break into" is a much more reasonable defense in this situation seeing as he's alerting others to the intrusions when he clearly could have just kept quiet and stayed out of trouble.
Not that it says anything about whether he'll be in legal trouble. Laws are crazy.
Malice is in the eye of the beholder. He logged into a server he didn't own and ran commands without authorization. That is malicious from the perspective of the law.
Out of curiosity, wouldn't this also apply to the security researcher at erratasec.com that did an earlier survey? That scan logged into peoples boxes and executed a ping going out. Now obviously there isn't any damage, but what legal theory is protecting these legit security researchers?
Though whether or not a DA would be bothered with investigating and building a case is a different story (probably not, unless there were lots of complaints and/or "serious" complaints).
I strongly doubt anyone, even at the FBI, is tasked with finding hackers independent of any complaints.
Nothing is protecting them legally, and many people mentioned similar things on those threads. However the fact that this guy sent himself reverse shells and actively exploited the servers makes it much more likely that someone will try to prosecute him.
Intention is relevant. What if I was mentally ill and mistaken your backdoor for my own? Or it was was the only feasible escape route from a murderer that was in pursuit of me? Of course this doesn't apply directly to the OP, because this house analogy doesn't hold water. BUT, intent is very relevant when it comes to law.
Well, no, intention is not relevant in the sense that these people are still trespassing. Ok though, you have a point; in some extremely rare circumstances it may make a difference. Of course, as you said, none of these apply here, so what's your point?
Only good to a certain extent, and since hackers are often easy targets and successful computer prosecutions are a good feather in the cap of prosecutors ever more concerned about having something on their resumes related to the "cybersecurity" buzzword, they'll frequently get harsh sentences.
It is surprising how many 90s tools remain popular today: WinZip, WinRar, WinAmp, CCleaner, Icq, Real Player, etc.
People just get into using something and simply never stop. Then there's the comfort barrier to switching (e.g. I know how to use WinZip but 7Zip is new and unfamiliar).
CCleaner is still popular with low level tech support types, which is quite ironic as it damages the Windows Registry on later versions of the OS. There is also built in tools (Disk Cleaner, Recycling Bin maximum size, auto-Defrag/Trim, etc) which accomplish most of the same things.
Teachers use Real Player. Several nationalities (Russia?) use ICQ.
> CCleaner is still popular... which is quite ironic as it damages the Windows Registry
CCleaner has two main use-cases: a performance tool (allegedly) and a privacy tool.
You assume that CCleaner is popular because people think that it boosts performance. This was never my use-case and anyone that I've seen actually uses it as a privacy tool, i.e., to clean up browser history, delete caches, wipe free space, etc., to not expose what they've been looking at, searching for, and downloading.
With respect to privacy, if I see someone using CCleaner, I recommend that they switch over to BleachBit[1] which is open source and which even Bruce Schneier swears by. I used both simultaneously for awhile on my Windows systems and found that BleachBit found many more privacy-sensitive files to erase than CCleaner.
If you're interested in privacy and have Windows 8 Pro, you can use Client Hyper-V and Differencing Disks to make what is effectively a "read only" system. You boot into the VM, do whatever it is you have to do, then shred the differential [0].
Alternatively just encrypt the VM[1].
Alternatively again just run a Linux "Live OS" from a DVD and pull the power to "wipe."
Alternatively ad-infinitum make a Windows To Go Thumb Drive and smash it with a brick when you're done.
I see CCleaner on probably at least 50% of the desktops shown by people streaming on Twitch. Seems so odd to me.
Then again, I used WinRAR up until probably 2010 or so, whenever ninite made it easier to install 7zip.
A sort of related oddity is how often I see OpenOffice on the desktops in doctors offices - usually alongside Microst Office icons. I have no idea what they would use it for.
It's a little ironic, but I still find WinAmp to be the best audio player.
I mean - all I want to do is to quickly setup a playlist out of a bunch of directories and eventually do searches in it, which is incredibly common at a party when you quickly assemble playlists from multiple sources. Other media players are completely retarded.
ICQ was popular here way more than in the rest of the world, but it got displaced by Facebook Messenger (and to some smaller extent Google Talk/Hangout/what's the name now).
I have no idea about Russia or Israel, where it was too popular.
It originally became popular simply due to lack of competition.
AOL Instant Messenger (AIM) was popular but full of ads and didn't offer many features. MSN Messenger (later "Live Messenger" ".Net Messenger Service") didn't exist yet (1999) and while Windows had something called Netmeeting it was simply terrible.
ICQ technically came around before AIM, being released in 1996 Vs. 1997 but AIM hit the ground running as AOL hooked up their massive (then) subscriber base. So while AIM was a more popular service, ICQ became popular with a certain more savvy class of user (e.g. tech' nerds, who wanted more functionality, and something NOT tied to their email address).
ICQ offered that. Less ads, more features, and slightly anonymous (ICQ numbers). ICQ sucks by todays' standards, but in 1996-1999 it was really competing with AIM. There's also Yahoo! Messenger that came out in 1998 which was fairly popular (particularly as an "AIM replacement").
ICQ just somehow remained popular in certain parts of the world for the same reason Facebook isn't going away: It reached a critical mass, now "everyone" is using it which means "everyone" has to continue using it...
Don't forget that the A in AOL stands for 1/193 countries. In AU (yes - anecdote != data) -- friends I would chat with were all on ICQ - before switching over to msn. Never heard of AIM
Can you point me to a description of CCleaner's problems? It's still my go-to tool for cleaning computers, and I've never had a problem or heard of anything major (besides the normal bugs that get fixed). It also isn't a 90s tool, being first released in 2003.
I listed the alternatives already. They're all built in.
CCleaner's registry cleaner is the main issue (aside from the fact it makes computers literally slower by clearing every single cache it can find). Some of the issues it has caused:
- Registry damage: Windows 8 store was damaged/corrupted by a previous version (you had to run DISM to repair it), Windows uninstaller corruption (this impacted Mcafee anti-virus around 2009, the uninstaller would become unusable), deletes preferences for unconnected devices (USB sticks, external drives, network drives, etc) so if you have any software installed externally the drive letter may shift and the software will break, deletes unmounted but valid COM objects, and so on...
- Microsoft support article ("serious issues can occur when you modify the registry incorrectly using these types of utilities"): https://support2.microsoft.com/kb/2563254
Everyone is saying the same thing. Registry Cleaning is unnecessary, won't improve performance, and really only offers you a chance of doing damage. Registry cleaning hasn't been important since XP, and XP shipped over ten years ago.
Everyone else CCleaner does is either stupid (clearing caches) or duplicated of internal functionality (IE cache clearing, Recycling Bin emptying, etc). Plus Disk Cleanup isn't a new addition to Windows.
>Everyone is saying the same thing. Registry Cleaning is unnecessary, won't improve performance, and really only offers you a chance of doing damage.
Well, shit. I've been using the registry cleaner for years now on Windows 7. I've always liked that it seems to clear certain cruft from my system (unused file extensions, crap left behind by uninstalled programs, etc.), as I have a certain need for digital tidiness. I'm now considering abandoning the feature after these posts.
Your organization likely did something unconventional with the registry that made systems break when touched by CCleaner (perhaps a groupware tool, or perhaps the broken systems had already been FUBAR'd by intrusive software and CCleaner's attempt to fix that FUBAR triple-FUBAR'd it).
That doesn't mean CCleaner's behavior is correct, but it's probably a situation the developers haven't been able to test against. For what it's worth, I've run CCleaner's registry cleaner on dozens of machines and never had a problem of any type, and I still use CCleaner sometimes because it's a simple way to clean the temp/junk files left by many common applications with one button click.
I always feel a little nervous when I run the registry cleaner, and while I haven't noticed any problems, I also haven't noticed a meaningful improvement after running it either. I should probably stop doing it just for that reason.
> That doesn't mean CCleaner's behavior is correct, but it's probably a situation the developers haven't been able to test against.
So reading between the lines, you're saying that CCleaner is a bad idea simply because they cannot possibly understand the registry well enough to make the changes that they're making.
We agree completely.
Honestly if people want to use CCleaner to do jump lists, file history, and caches (although that last one is misguided) then I'm all for it. There's very little chance anything will break with those (it is hard to screw up!).
I just warn against the registry cleaner primarily, and just feel like with Disk Cleaner and Windows' automatic cleaning that has been integrated for a while you could live without using CCleaner (unless you still have a Windows 9x box).
you're saying that CCleaner is a bad idea simply because they cannot possibly understand the registry well enough to make the changes that they're making.
It sounds more like, "the software vendor is doing incorrect or incomplete things with the registry and CCleaner cannot possibly know that."
As a long-time Windows software developer, I've been stunned at how sloppy desktop programs and installers are, even today. People ignore Microsoft guidelines, somehow get the software to the "works for me" stage, and deploy it.
Winzip.com has been hacked as well. Do not trust their binaries.
Either this will be headline news tomorrow, or it will be suppressed in its entirety. The OP will probably go to prison, unfortunately, as they will not differentiate between this and black hat intrusion - the case will be judged by someone who saw his nephew using a computer, once, and they will go after him, because they know who he is, and will not have any joy identifying the actual intruders, and this will just go further to demonstrate that the spy agency dragnets are as useful as a chocolate teapot in preventing and acting against actual crime.
I hope he contacted a great defence attorney and the ACLU at the same time as Yahoo and the FBI.