Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - kmfkewm

Pages: 1 ... 146 147 [148] 149 150 ... 249
2206
Rumor mill / Re: Vlad1m1r
« on: August 30, 2012, 07:59 am »
I am as shocked as kmfkewn is that any vendors would be using CIM as a method of cashing out. If you are really doing that, stop it now. CIM can be anonymous if it is implemented correctly, but never for the receiver. This is the kind of thing we would just assume everybody already knows, no 20/20 hindsight is required here.

imho this is pretty misinformed, most people i know cash out bitcoins or pecunix via cim very safely. i think better advice would be to never use cim in an illicits setting, especially a public one

How do they safely cash out via CIM? It seems to be impossible to me, unless it has been mixed to hell and layered through a bunch of accounts. I am of the opinion that anonymously obtained debit cards are vastly superior. Hell even fake identification and cashing out to WU is safer, at least then you can switch up spots and fake ID very frequently. I wouldn't say that it is impossible to cash out to CIM safely, but to do so would require that the currency being cashed out has already securely been unlinked from the person who sent it to you, so that they can not follow the trail back to you. And then you would still want to use a fake ID box at the least. Getting CIM from a vendor operating on a drug forum who cashes out drug money bitcoins for CIM is just extremely retarded though.

2207
I have yet to find a better psychedelic than LSD

2208
Security / Re: Extracting private key using pywallet?
« on: August 30, 2012, 07:26 am »
bitcoin-qt is just a GUI, you can get your wallet by simply looking for it on your drive. I am not sure where it is stored but it is named wallet.dat I think maybe try to search for that

2209
Security / Re: Any NON-computer-related security tips?
« on: August 30, 2012, 07:25 am »
im sure some people smuggling bulk who also enjoy their freedom would be very happy with such an invention

The only good thing will be a design that vendors can use to make the devices themselves. No smart vendor would order a bunch of electronic components and start putting them in all of their outgoing packages. It needs to be a design and tutorial on how to construct the devices, maybe some open sourced software.

2210
Security / Re: Any NON-computer-related security tips?
« on: August 30, 2012, 07:23 am »
kmf do interception detection chips exist yet?
if so, where do we get them?
if so, how the fuck do we convince every single vendor to start using them?

They definitely exist because I know a few people who have used them for bulk shipments, but I don't know where to get any and there is not a design for how to make your own that is released anywhere afaik.

2211
Rumor mill / Re: Vlad1m1r
« on: August 29, 2012, 04:36 pm »
I'm sorry guys but would a member of law enforcement use the same moniker here as he uses IRL and ask people to send money to his address?
That connection is the reason it was so easy to find him.
He has tried to remove every trace linking his username 'Vlad1m1r' to his real name.



@Guru I'm not disputing LE tactics, I'm sure you're right, but I don't think Vlad falls into this category.
Besides, if he is LE, it's the vendors who should be worried.
People who exchanged money with him never gave out names/address - unless someone wrote a return address on their envelope.

It seems that if he actually was LE that he would not scam people. Why burn an intelligence gathering asset? So I do not know what to think really. His behavior does not strike me as something a scammer would do unless he is utterly incompetent at scamming, I mean why no go out with an everything must go sale or similar? His previous behavior strongly indicated to me that he was possibly LE, but I can not imagine that LE would burn their ability to further gather vendor addresses by scamming with their pseudonym. It may have taken a lot longer to link arrests to people who used vlads service, than it would take for people to stop using his service because he scammed everyone.

2212
Rumor mill / Re: Vlad1m1r
« on: August 29, 2012, 02:44 pm »
So kmf was right about oscar, right about vlad and i seriously hope he isn't right about lim, someone who has been a pillar of the community so to speak. I knew there was something up with vlad as he was very active on the forums but not actually participating in anything illegal. Infact, i remember a post not long ago where vlad ask specifically for people who "weren't drug users" to him out with something and this kind of confirmed  for me but he was always so quick to offer help and i didnt wanna repay that by calling him out just incase he was genuine.

Anyway, i havent had a chance to read through the  whole thread so could i get a quick update as it sounds like vlads scammed everyone, and there are now some serious suspicions surrounding limetless. looks like the community's is being torn apart from the inside.

I don't make any accusations against Limetless. Vladimir struck me as untrustworthy, although I was not sure if it was because he was LE (as his 'give me your IP addresses plz' thread indicated), or just someone suffering a bad case of the Dunning–Kruger effect. Honestly I am a bit surprised that he ends up to be a scammer, his behavior was not in line with what I would expect from a scammer. I would expect a scammer in his situation to make something up that would lead to a sudden increase in the amount of money people sent to him, some sort of a sale. Scammers usually exit with an everything must go sale, although him claiming sickness delayed orders is a technique that a scammer would use. So I can really only take credit for knowing that I didn't want anything to do with him. Honestly I did not follow his vending at all, I had no idea he actually sent CIM to vendors, had I known that I would have actually thought much more strongly about him being LE, as he also wanted people to use a Tor bridge he ran. Who has a legitimate reason for collecting IP and mailing addresses of people on SR? In fact I am still thinking his behavior lines up more with law enforcement than a scammer, I find it hard to imagine that someone who is not LE could offer the cash in the mail for bitcoins for drugs service Vlad offered without being arrested very quickly (as I pointed out in his 'use my bridge' thread, although at the time I said even though all of his other services are sketchy and in line with law enforcement agendas, his bitcoin exchange service was not. This was before I knew he was actually sending CIM to vendors though).

Anyway, that rather unexpectedly large explanation aside, Limetless also has done some things that strike me as suspicious. For one he is online on SR far more than I would expect a normal person to be, that rings somewhat of an alarm bell to me simply because it could indicate that he is multiple people managing a single online persona, which could in itself be inline with a shared vendor operation or with a law enforcement account being managed by persona management software. I am reminded of Master Splynter, who was on dark market pretty much all day everyday. However this is not any concrete evidence at all, and a lot of people are on forums every day (although few as much as limetless!). So in short that gives me a gut feeling that is bad, but has no real solid logic behind it. Another thing I find unlikely is that he actually is in the business of selling armored vehicles, but again who knows and although that strikes me as being somewhat off I can not say it indicates he is law enforcement or anything else bad about him. The fact that he was seemingly close to Vladimir also plays a role in circumstantially linking him to sketchy activity, however I am not as certain that they are the same person or conspiring together as some of the others here seem to be. I could believe it either way. I must admit that the thought of him being LE has entered my mind prior to this debacle, but I will be just as quick to say that it is based entirely on gut feelings with no solid proof behind them, certainly it is not enough for me to even claim that I think he is involved in any sketchiness just enough for me to say I wouldn't be surprised if we find out he is.

As far as oscar goes, he was clearly a troll or a fed from the start. Whatever happened with him anyway?

2213
SElinux has nothing to do with virtual machines. It takes a lot of work to write profiles for it, in the near future I plan to write some profiles to isolate firefox and other applications. But unfortunately my time right now is being consumed doing other things. In short I would say that SElinux is best thought of as application specific restrictions. Ideally you would explicitly define everything that firefox can do, and then the mandatory access controls will prevent it from doing anything else. Now when an attacker takes over firefox they do not obtain the abilities of the user that runs it, but rather of the MAC profile created for firefox, which should be very restricted. Of course how much security this affords you depends on how well you have defined what firefox should be able to do. It might be appropriate to think of mandatory access controls as a sort of application level firewall. There are even techniques for getting around this sort of protection though :(. One neat thing about SElinux is that it has a default functionality that allows you to isolate applications to their own x window environment. This removes the ability to copy paste between isolated windows, but it also removes the ability of an attacker who has pwnt one of the windows from using the lack of default isolation to spy on keystrokes to all other windows. Ideally you would isolate applications with this SElinux feature called simply SElinux sandbox, and then you would write further rules to restrict the individual applications, for example remove firefoxes ability to send traffic except over Tor, etc. SElinux can restrict an application from doing anything that you have not specifically allowed it to do , as well as allow an application to do anything you have not specifically prohibited it from doing. It also has a learning mode where it lets the application do anything but keeps a log of everything the application has done, to aide you in creating rule profiles. Using SElinux for isolation is beyond a doubt seen as the superior choice over using virtual machines, at least by the majority of security researchers. Of course Theo of openbsd things mandatory access controls are stupid as well, but I think he would say they are vastly superior to using virtualization. Also one exception is the creator of Qubes, who seems to be pretty fond of using xen based virtualization for isolation.

As far as attackers being able to break out of virtualization....

http://www.neowin.net/forum/topic/1084015-us-cert-warns-of-guest-to-host-vm-escape-vulnerability/
http://seclists.org/fulldisclosure/2010/Mar/550
http://www.slideshare.net/kbour23/d1-t2-jonathan-brossard-breaking-virtualization-by-switching-to-virtual-8086-mode


2214
Off topic / Re: VPN advice
« on: August 29, 2012, 11:44 am »
Much better off using obfsproxy than a VPN

kmfkewm, can you explain more why you feel that Tor obfsproxy is better than VPN (or Tor over VPN) ?

First I don't know the state of the implementation of obfsproxy so if they say it is still no ready for use then this is probably the case. That said, using a VPN may hide that you are connecting to IP addresses associated with Tor, but it does not hide the fact that you are using an anonymity service. Furthermore, obfsproxy applies steganography of a sort to disguise the size of packets, Tor packets being very identifiable even if they are not being sent to known Tor node IP addresses. A VPN does not do this.

2215
Rumor mill / Re: Vlad1m1r
« on: August 29, 2012, 11:36 am »
Exactly. So they ganged up and said: you can use Lim or you can use Vlad. Just like Ford said, "you can have any color as long as it's black." Information was being squelched through intimidation.

Had those conversations not been shut down I could have learned sooner how to cash out safely and I wouldn't have been scammed by BTCpal.

When they would shut down this conversation the consensus would go along with the preposterous idea that "we don't discuss cashing out here".

My recollection of those conversations is that it was stated that cashing out methods should not be revealed in a public forum, lest it be revealed to the authorities. I believe this was, and still is, good advice, particularly where vendors are concerned.

Also do we know that Lim isn't deleting posts relating him to Vlad?

Who, precisely, is responsible for deleting these posts has yet to be determined.

Do a search on members for Limet, and you will see that the lsst login was:  Last Active:     August 27, 2012, 07:42 PM

Guru

I remember vlad and limetless both accusing me of not having a clue regarding anonymous money transfer when I gave suggestions of how to anonymously obtain and cash out bitcoins. They were quite fond of each other and both said the other clearly knows what they are doing whilst I am retarded and my technique is horrible. It was in the same thread where Limetless and Vlad were saying I didn't actually know what money laundering was.

2216
Rumor mill / Re: Vlad1m1r
« on: August 29, 2012, 11:32 am »
Another thing occurred to me. When everybody was saying vlad was sick or that they hoped he didn't get arrested; People were saying that he wouldn't be arrested because he wasn't a dealer. Limetless came in and really slammed people asserting the criminality of vlad. Meaning: he wanted people to believe he had been arrested. Chances are pretty good that limetless at that time knew he hadn't been arrested. Meaning he wanted people to be deceived because vlad being a scammer makes Lim look like one too. This goes along with the missing posts.

And, regarding the people who are talking about going to LE. You think they aren't reading the forums??? They can google this guy as easily as we can. There's need for snitching, if they want him they know where he is and what he's done.

I wonder if Limetless will come back and bully the crowd into like submission before. I for one really wanted to speak up but I was afraid he'd fuck with my account. I know I'm not the only one.

What I find suspicious is that before I remember Limetless talking about how what vlad does is not money laundering, and then when I said maybe he got busted for money laundering, Limetless seemed to completely change his tune.

2217
Rumor mill / Re: Vlad1m1r
« on: August 29, 2012, 11:24 am »
A specialist? R u kidding me. With the trail this guys left. A pure amateur who has gotten way out of his depth.

Perhaps so.

It's the small things that these dicks usually fuck up on.


All I can say is that any evidence gathered from a deep infiltration such as what I'm suggesting would be admissible in the English Courts. You can commit crime to investigate crime. Look at the case of PC Mark Kennedy and his undercover work.

You should see the lengths the DWP will go to proving a single mother actually lives with her partner and is claiming benefits fraudulently. There are many more badge carriers in this country than just the police!

One thing vlad did that screamed law enforcement to me was trying to get everyone to use his Tor bridge. That is straight out of fed 101.

2218
Rumor mill / Re: Vlad1m1r
« on: August 29, 2012, 11:22 am »
Lots of fucking snitches in this thread

2219
Having a shared folder between guest and host breaks the isolation

2220
Rumor mill / Re: Vlad1m1r
« on: August 28, 2012, 01:15 pm »
Have to agree even on day 1 of not getting btc's everyone would rather believe he was busted and no one would dare say scam or be.ridiculed and people still defend him as a victim of some investment bullshit the guy build up rep till he hax enough btc and cash the fucked off

The thing that seems strange to me is that he didn't have a big sale or something. How much BTC did he actually scam out of people?? I thought the dude was sketchy ever since he tried to get people to use his Tor bridge and essentially hand over their IP addresses to him. Honestly he did not strike me as a scammer though. The fact that he backed up Oscar was also extremely sketchy. Pretty much I wanted nothing to do with him. I didn't know he actually sent vendors cash, very stupid for vendors to cash out through an on forum service. That would be an excellent way for LE to identify vendors, what were they thinking??

As far as Limetless, eh I have seen posts from him being friendly towards Vlad for sure. I am not at all convinced that he actually is Vlad or conspired to do a scam with him. It is extremely sketchy that posts from vlad are being deleted off the forum, and even more sketchy that they are being deleted off the clearnet. That makes it seem pretty much like he did indeed scam and was not simply arrested by LE.

Pages: 1 ... 146 147 [148] 149 150 ... 249