Weirder Web

Here’s a $43,890 methylone buy on Silk Road

May 23, 2013 — Leave a comment

25kilos

Normally, Silk Road reviews show transactions for hundreds or thousands of dollars.

A March 28 buy from DRG0NZO shows the purchase of around $43,890 worth of methylone. Not only that but the buyer trusted Gonzo so much that he or she finalized the transaction early — that is, the buyer bypassed escrow and put the money in Gonzo’s hands.

The review inspired raised eyebrows on Silk Road. It was never updated with positive or negative results. For his part, Gonzo says the product has reached the intended recipient (who resides outside of the United States, where methylone is a schedule 1 substance).

In Communities DRG0NZO, Silk Road

Has the hacker Dennis “Coolio” Moran died?

May 22, 2013 — Leave a comment

On April 16, a post went up on the international drug discussion forum Bluelight.ru announcing the death of Dennis “Coolio” Moran.

“Coolio has died last night from an OD,” wrote user cr00k. “I don’t know anything about the substance he used or the circumstances. He had been contemplating suicide for a while. Any info on his death would be appreciated!”

Coolio is a Berkley, California-based hacker who first gained notoriety in February 2000 when a potent 1 gigabit per second denial-of-service attack on Yahoo!’s routers brought their websites down for several hours. Over the next week, eBay, Amazon, E*Trade and Buy.com were also attacked and temporarily brought down.

CNN reported on the investigations following the attacks:

It’s a name that keeps popping up as the FBI continues to seek parties believed to have information connected to last week’s attacks on popular Web sites.

Agents from every FBI field office are involved in the investigation.

One hacker they are focusing on uses the name “Coolio” and is believed to live in the Midwest. He was identified by investigators at the private firm Securify and Stanford University in California.

Investigators have associated a name and address with this “Coolio.”

But since “Coolio” also is the name of a popular rap artist, many Coolios pop up as nicknames.

Another popular “Coolio” the FBI has spoken with resides in Southern California, sources said, and has been linked to “Global Hell,” a group of teens known for hacking into government computers.

“‘Coolio’ is such an incredibly popular name among the script kiddies, also being gangsta’ rap wanna-be’s, it could be an entirely other hacker calling himself ‘Coolio,’” said B.K. DeLong, a staff member with Attrition.org, which chronicles Web site defacements.

The authorities couldn’t connect Coolio to the February 2000 attacks (mafiaboy was later charged) but, by March, the attention he’d received led to Coolio, then 17 years old, being arrested in his parent’s basement “on felony charges for allegedly gaining unauthorized access to [the anti-drug site] DARE.com computer system in Los Angeles,” reported CNN.

He was also charged with defacing cwc.gov (Chemical Weapons Convention) and RSA.com, the website of RSA Security Inc., the firm that investigated his involvement in the February attacks, reported ABC News.

The first defacement of Dare.com took place on November 14, 1999:

The second defacement took place on November 17. ”The anti-drug site was defaced with pro-drug slogans and images, including one of Donald Duck with a hypodermic syringe in his arm,” reported USA Today.

Coolio’s work is saved at http://frigo.ca/coolio/.

CannabisNews.com summarized the affidavit that led to Moran’s arrest. Coolio had tagged his name on Dare during both attacks (“Coolio is k-r4d and so are drugs” and “Craftily owned by Coolio :D.”)

Detective Michael Brausman of the Los Angeles Police Department, the first investigator on the case, used the search engine Locoseek.com to find a Web page that included an email address for “Coolio@k-r4d.com.” This he traced to an Web site called: http://leet.k-r4d.com hosting a directory with the name Coolio. In this directory the detective found one of the images that was posted on the defaced DARE site.

A search warrant was executed and the owner of the leet.k-r4d server handed over logs and email conversations related to Coolio.

They found that the person using the Coolio account was also using the email address coolio@k-r4d.com and had sent email messages to the Web sites hacked@attrition.org and hacked@2600.com. The messages announced that the Web sites www.DARE.com and www.cwc.gov — a federal site that deals with the reporting and inspection requirements of the Chemical Weapons Convention — had been hacked. The attrition.org Web site is well known to hackers, according to Swindon, and hosts a gallery of archived hacked pages for future viewing.

Vanity and the email record would prove Coolio’s undoing. A message dated Nov. 4, 1999, from coolio@r4d.com to admin@io.io, read: “Hello, I was wondering if it’s possible to register cool.io and host the NS for it like Internic domains. I’m not interested in it for a Web page, but just to allow an IP to reverse resolve to Cool.io (my nickname). If there’s any way I could buy the domain for this, please email me pricing and information. Thanks, Dennis Moran.”

Further, a message dated Nov. 14, 1999, included Moran’s name, address and phone number.

rsa

Moran was interviewed by police for the first time in February 2000 when, after speaking with his father in private, he admitted and explained his attacks on Dare, CWC and RSA.

Billing itself as “the most trusted name in e-Security,” RSA Security, which is based in Bedford, Mass., was hacked on Feb. 12 by Coolio, who posted taunting messages — “Owned by Coolio,” “Copyright 2000 Coolio”, “RSA Security Inc. Hacked,” “Trust us with your data! Praise Allah!”

Moran denied involvement in the Yahoo! attacks. He was ordered to pay a fine of $15,000 ($5,000 to each victim), serve nine months in prison and to help program jail computers according to USA Today.

In Communities, Hacking, Users Bluelight.ru, Coolio, Dennis Moran

A happy Silk Road customer enjoys his new package.

Posted on May 17, 2013 In Image Silk Road

Dictionary of Numbers: from raw numbers to human-understandable

May 15, 2013 — Leave a comment

dictnumb

Programmer Glen Chiacchieri has released a curious new app with an interesting goal: to humanize numbers.

Randall Monroe explained why he took a shine to the project:

I don’t like large numbers without context. Phrases like “they called for a $21 billion budget cut” or “the probe will travel 60 billion miles” or “a 150,000-ton ship ran aground” don’t mean very much to me on their own. Is that a large ship? Does 60 billion miles take you outside the Solar System? How much is $21 billion compared to the overall budget? (That last question is why I made my money chart.)

The solution: build a Chrome extension that converts raw numbers into something a human can understand.

A 300,000 acre forest fire is about the size of Hong Kong.
A $21 billion budget cut to NASA is about the net worth of Larry Page or Sergey Brin of Google. It’s also the size of the American video game industry.
3,000 people killed is about the population of the Falkland Islands.

It’s a really interesting tool that might be worth giving a try. I’m going to give it a grace period to get used to it and see what use I really get out of it. So far, I’ve been loving the search feature. Being able to easily obtain context like that is very useful.

The other two features – entering numbers directly onto websites and giving suggestions during writing — both feel seriously obtrusive.

The extension can even be surprisingly funny, like when it seems to be making an oblique suggestion for how to solve a problem—e.g. “The telescope has been criticized for its budget of [≈ Mitt Romney assets in 2011].” It can also come across as unexpectedly judgmental. Glen told me about complaint he got from a user: “I installed your extension and then forgot about it … until I logged into my bank account. Apparently my total balance is equal to the cost of a low-end bicycle. Thanks.”

You can grab the extension here.

In Software Randall Monroe, XKCD

New Yorker launches an anonymous submissions system powered by Tor

May 15, 2013 — Leave a comment

nyerstrongbox

The New Yorker is using Tor to launch an anonymous whistleblower submission system called Strongbox.

Strongbox is a new way for you to share information, messages, and files with our writers and editors and is designed to provide you with a greater degree of anonymity and security than afforded by conventional e-mail.

To help protect your anonymity, Strongbox is only accessible using the Tor network (https://www.torproject.org). When using Strongbox, The New Yorker will not record your I.P. address or information about your browser, computer, or operating system, nor will we embed third-party content or deliver cookies to your browser.

Boing Boing has the story.

The New Yorker’s own blog explains things further:

This morning, The New Yorker launched Strongbox, an online place where people can send documents and messages to the magazine, and we, in turn, can offer them a reasonable amount of anonymity. It was put together by Aaron Swartz, who died in January, and Kevin Poulsen. Kevin explains some of the background in his own post, including Swartz’s role and his survivors’ feelings about the project. (They approve, something that was important for us here to know.) The underlying code, given the name DeadDrop, will be open-source, and we are very glad to be the first to bring it out into the world, fully implemented.

Strongbox is a simple thing in its conception: in one sense, it’s just an extension of the mailing address we printed in small type on the inside cover of the first issue of the magazine, in 1925, later joined by a phone number (in 1928—it was BRyant 6300) and e-mail address (in 1998). Readers and sources have long sent documents to the magazine and its reporters, from letters of complaint to classified papers. (Joshua Rothman has written about that history and the magazine’s record of investigative journalism.) But, over the years, it’s also become easier to trace the senders, even when they don’t want to be found. Strongbox addresses that; as it’s set up, even we won’t be able to figure out where files sent to us come from. If anyone asks us, we won’t be able to tell them.

Hear Ye, Future Deep Throats: This Is How to Leak to the Press by Nicholas Weaver in Wired.
How to submit material to Cryptome anonymously

In Links New Yorker, Strongbox, Tor

The Future of Weirder Web

May 15, 2013 — 2 Comments

Hi!

I’m happy to see people still reading this site.

Many of you came to the site to read articles about the deep web and strange happenings on the internet. You may be wondering why those articles stopped coming and what to make of these recent video game reviews.

Weirder Web will continue to produce content about the deep web and all the subject matters that made it popular in the first place. You’ll begin to see most of that type of material return next week. In addition to that, I’ll dabble in the gaming world. Recent posts (What to play today) have been recommending good games. I’ll also be interviewing indie developers.

On top of all of that, I’m hoping to include more and more strange stuff from around the web. The hope is that the content can be diverse. WW will be establishing a regular interview series and I hope you give it a chance. You’ll catch that next week as well.

That’s all coming up very soon. How long will it last? That’s for the big guy upstairs to know. Right now, though, I’m having fun posting about fun video games. I hope you can enjoy a few!

If you have any suggestions or questions, feel free to leave a comment or contact me in private.

Thanks for sticking around. Talk to you all soon.

In Weirder Web

Bitcoin has a pulse

May 14, 2013 — Leave a comment

For the data-is-beautiful crowd, here’s “Bitcoin has a pulse” from Manly_dude.

In Image Bitcoins

Black Market Reloaded nears $400,000 per month in sales

March 4, 2013 — 2 Comments

Black Market Reloaded, the most visible competitor to Silk Road in the world of Tor marketplaces, grew to almost $400,000 in sales this month according to statistics released by founder backopy. This follows last month’s high of 16,000 new registrations, a number that fell slightly this month. There are 6,889 items publicly available on BMR at this moment, compared to 5,514 last month.

To compare, Silk Road has 11,635 items publicly on sale right now. A month ago, that number was only 3,391. The amount of money changing hands each month on Silk Road is considerably higher than on BMR but Dread Pirate Roberts releases no statistics and has actively fought attempts to extract data from the site.

In Communities backopy, Black Market Reloaded, Dread Pirate Roberts, Silk Road

How to catch a spy in nine seconds (plus a few sleepless months)

March 4, 2013 — 1 Comment

In 1986, Cliff Stoll noticed a $0.75 accounting error on the computers he managed at the Lawrence Berkeley National Laboratory in Berkeley, California. Another manager might have shrugged off the three quarters and even paid the bill with his own spare change. For Cliff, the $0.75 error — that was nine seconds of computer time — was the beginning of a trail that slowly led to a faceless hacker breaking into Cliff’s systems and, from there, breaking into computer systems around the United States.

Cuckoo’s Egg tells the story of Cliff Stoll’s strange and accidental turn to counterespionage. First suspecting a smart ass local high school kid or a prankster university student, the gravity of the situation slowly dawned on Cliff as the hacker continued his break-ins on a daily basis with the kid of drive, discipline and stamina that no student hacking on a whim would possess.

The FBI, CIA, NSA and Air Force all initially passed the buck when Cliff called alerting them to the hacker, unsure of jurisdiction, whether the crime was even worth pursing or how to even speak to one another.

“These were the facts of life in dealing with a bureaucracy: everyone wanted to know what we discovered, but nobody would take responsibility.”

This made Cliff, a liberal academic (described as “an ex-hippie, long hair, rumpled clothes, jeans, bicycles, sleeping under his desk”) at the famously leftist Berkeley, something very close to an intelligence agent — a spook, a spy — himself.

Much to the chagrin of his girlfriend Martha, Cliff spent weeks and then months sleeping in his lab, tracking the movements of the mysterious hacker. In the beginning, he wondered if the man on the other end was perhaps just another leftist from Berkeley with sympathetic goals. Martha expressed trepidation about his cooperating with so many black suit-wearing cops and state authority figures. Soon, however, it became clear that the hacker was not from Berkeley and was much less than sympathetic.

In an interview with C-Span, Stoll explained:

And what he was doing when he got into my computer was not reading my astronomy texts. He wasn’t reading about the structure of the galaxy and Orion. He wasn’t reading scientific things he was using my computer in Berkeley to search out over the computer networks to go into military computers. One after another after another. He’d break into military computers in Alabama and California in the Pentagon in Okinawa. He’d systemically reach out over the milnet — the computer network connecting military computers together — and into universities as well and try to break into them. When he’s succeed an break into a military computer he’d search. I would watch him. I watch him search for words like SDI like NORAD … systematically trying to get information about nuclear preparedness. And I’d watch him get information from a Pentagon computer about chemical and biological warfare plans for Central Europe.

Cuckoo’s Egg is more than just a supremely gripping tech thriller. It was one of the very first nonfiction tech thrillers. Published in 1989, there were worries that only 600 people in the world would ever care to read a book about a hacker breaking into various computer systems around the country, even if those systems were of importance to national security. There was little to no conception that computer security would become a topic of great interest for millions of people or that the book — even with the surprisingly lucid descriptions of Unix operating systems, international telecommunications systems and the occasional legalese — was transparently great. No one could fathom that Cuckoo’s Egg would help to inspire a new genre.

The New York Time’s 1989 review talks about some of the main characters in the book:

The central figures in ”The Cuckoo’s Egg” are the computer networks (like Internet, Tymnet and the Defense Data Network) themselves, data highways that carry millions of messages each day among computers all over the world – ”like a post office running at the speed of light.” Mr. Stoll and his fellow wizards see each network as ”a brain with neurons extending around the world.” These networks are programmed to adapt to changes in traffic volume and to failures in any of the thousands of on-line computers. On their own, the networks are able to create new communications paths and respond to requests for special services. As computers become smaller, faster and cheaper, networks are becoming pervasive – and merging, eventually to form a single global supernetwork. Networks can carry pictures, documents, software and a variety of other information. They can deliver messages almost instantaneously, so they lend themselves to conversations among almost any number of participants, conversations that can go on for weeks or even months. And networks can also be the theater of a worldwide information war.

In the fields of technology, hacking, law enforcement and even military history, Cuckoo’s Egg is an important read for anyone hoping to fully grasp the fundamentals of the war for information that has only greatly expanded into today.

The New York Times and insightful readers in 1989 saw Cuckoo’s Egg as a unique look at already-important communities and technology “that will play a major role in our future.” Now, as data transferred in bits and bytes continues to increase in importance, the book is still a prescient look forward as well as an invaluable look back. This is a classic worth reading today.

Check out Cuckoo’s Egg on Amazon.