[][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]

[][][][][][] [][][][][][][][] [][][][][][][][][]

[][][][][][] [][][][][][][][] [][][][][][][][][]

[][] [][] [][][]

[][] [][] [][][]

[][] [][] [][][]

[][] [][] [][][]

[][] [][] [][][]

[][] [][] [][][]

[][] [][] [][][]

[][] [][] [][][]

[][] [][][][][][][][] [][][][][][][][][]

[][] [][][][][][][][] [][][][][][][][][]

[][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
it really is 06
keepin' our promises
pissing off the feds
information is freedom

[][][][][][][][][][][][][][][][][]
[] things that need to be said []
[][][][][][][][][][][][][][][][][]
there are some things that need to be put across in this issue, so we'll go ahead
and say them.

1. we will no longer have a website *gasp*

we will no longer have a website due to privacy/anonymity and collateral damage
concerns. in english, there are several reasons why we won't have a site
a. we suffer from constant ddos attacks and anybody who hosts a site for us for
an extended period of time will suffer
b. hosts don't like us (duh!)
c. it compromises our anonymity. if we want to continue as an underground zine,
we will have to rely on the underground to propogate us since hosting is no longer
an option.

don't worry, there is still hope for obtaining new issues of tiz.

a. join the mailing list. send your email to tiz@gmail.com and we will add you
to the list. you will be notified when new issues of tiz are available and where
to get them.
b. mirrors - we will be getting sites to be mirrors for us. anybody can be an
official mirror. here are the official mirror requirements
a. no registration required to access issues
b. must stay up-to-date
c. must provide contact info (e-mail is enough) so they can be alerted of
new releases
d. must not modify the issue (duh)
e. must have files in an open directory or provide an easy to read page
where issues can be located through
official mirrors will be referenced to in the zine, but anybody can distribute
this zine.

c. check your forums! we will be posting new releases in popular forums and if
we don't post to yours, please help spread the word by posting to it.

2. aol keygen project

we are putting the aol keygen project on hold until we have more support for it.

3. killing word wrap was a bad idea

we have decided (thanks to the many comments we recieved) that we will go back to
word wrap for 800x600 users.

4. contact info
please contact us through tiz@gmail.com. this email will be used for article
submissions, comments, etc.

5. members
we are still looking for more members, so send us an application. applications
don't need to be longer than a paragraph and should include any skills/interests
you have. the current members are:

sheepbyte [sheepbyte@gmail.com]
lexdyisc [yaj.yake@gmail.com]
easyex [easyex@gmail.com]

members are expected to contribute to the zine in some way or another.

[][][][][][][][][][][][][][][][][]

[] in this issue []
[][][][][][][][][][][][][][][][][]

1. gov mining project

2. links
3. guide to anonymity and privacy
4. hacker news
5. inside the stormpay fiasco
6.
7.
8.
9.
10. mailbox

[][][][][][][][][][][][][][][][][]

[] gov mining project []

[][][][][][][][][][][][][][][][][]

calling all google miners, conspiracy theorists, privacy experts, website diggers,
ip scanners, and all readers who don't fit into those categories. tiz is having a
gov mining project. we are looking for:
interesting urls on government sites (any country!)
interesting files that prove (or disprove) government conspiracy theories
public records sites that are hidden from the public
government ip ranges
... and anything else government related.
we want information from any government on anything! people who submit urls will
be given credit unless of course, they request to be anonymous. this is your
chance to dig up information about governments and get the word out. don't be
worried if somebody else may have already submitted your entry, send it anyways.

here are a few tips to get you started:

check around in "employees" sections because they usually have links to more
private stuff.
check for logins
surf up directories! if you find a url in whitehouse.gov/images/tfc/etc then try
/images/tfc or /images. also, try /tfc and /tfc/etc and /etc
look at mailing lists and forums, there's lots of good information in those.

http://www.google.com/search?q=inurl:.gov/&hl=en&lr=&start=430&sa=n
http://www.google.com/search?q=inurl:.mil&hl=en&lr=&start=0&sa=n

[][][][][][][][][][][][][][][][][]
[] links []
[][][][][][][][][][][][][][][][][]

http://www.drms.dla.mil/sales/
the government has a habit of selling things to private citizens for dirt-cheap
prices.

http://www.infowar.com
these guys have been around since 1996. whoah! they have a great forum which
includes hacking, security, information, news, etc. an awesome place to be.

http://www.govliquidation.com/
the government sells stuff at amazingly low prices so always check their stores.
*note: tiz staff has not checked this store, to be careful*
http://www.dtic.mil/cgi-bin/ip.cgi
want to see information about your ip and browser? the military has decided to
take the grunt work out for you!

[][][][][][][][][][][][][][][][][]
[] a guide to privacy and []
[] anonymity by []
[] sheepbyte []
[][][][][][][][][][][][][][][][][]
well, here it is, another guide to privacy and anonymity on the internet, buy
another lame author. right? wrong! this isn't your average guide to
privacy/anonymity, this is an in-depth analysis and discussion of every aspect of
privacy and anonymity which does not limit itself to online privacy/anonymity. if
you want to live your life "off the grid", "out of the matrix", or to be
"undetectable" then this is for you. i would like to tell you, that is is not
possible to be completely anonymous. there is always some way to track you, so
don't rely on this guide as a complete solution to all your problems. in reality,
if you are anonymous it means you have covered your tracks so well that those who
are looking for you do not have the time, rescources, or energy to find you.
basically, it's a matter of effort. you have to outwit, outsmart, outwork, and
outthink your opponents. opponents can include law enforcment, your cheating wife,
or your parents. what i'm about to show you may scare you and you may start to
wonder why you haven't been caught already. i am writing this as a piece directed
towards hackers, but it must be adapted to different people. this should cover
everything you need to know, but changing times and technologies will make this
out of date in a few years. even though this may become old, the information
contained in this will always be useful and will probably remain true for years to
come.

chapter one:
identity
-------------
the first thing you need to do, is create a new identity for yourself. you not
only need to create a "handle" or name which is not really your name, but there
needs to be a fake (but believable) identity behind it. (it is entirely possible
to have no identity at all, but this makes communication difficult. if you can
afford this inconvenience, this is the best way to go. how can they track you down
if they don't even know you exist?) this means you need to think of a name,
address, phone number, and history for yourself. chances are you will develop this
as your identify progresses, but you need to keep your story straight. choosing
your handle is a big step and as we all know, first impressions can make or break
anything. things to keep in mind:
*don't choose a handle that makes you sound like a 12-year-old-boy who wan't to
learn how to h4x0r hotmail.
*avoid the words death, doom, destruction, deception, bomb, dr., etc.
*don't choose a handle that is already taken. google it, you should get 0 results
*don't choose a handle that relates to you, such as your name spelled backwards,
the company you work for etc. think of it this way, if the feds get you, can they
reason with the judge that the handle is yours?
*don't use words such as kool, cool, own, pwn, super, duper, awesome, root, r00t,
hack, hax, etc. in your name.
*don't include any religious references in your name
the answer to your question is yes, there can be exceptions. however, these are
generally good rules to follow. now remember, this handle is meant to conceal your
identity. this means, don't tell anybody you know irl your handle. it doesn't
matter how much you trust them, they can always rat you out. always add red
herrings in forum posts, e-mails, etc. that will help dis-prove that you are the
owner of the handle if it ever comes down to it.
ex: casually mention in a forum post that you eat peanuts every day while in real
life, you are allergic.
great, you've got the first step done, you have an identity. now what? well, you
need to create some places of contact for your identity. the first thing you need,
is an e-mail. there are a few free e-mail domains which i personally would suggest
you use:

*gmail.com - 2.5 gigs of space and counting, great service

*mail.yahoo.com - 1 gig of space, easy to get, easy to use
*safe-mail.net - ssl encryption, advanced security features, etc.
*digitalrights.org - ssl encryption, advanced security etc.

it's best to just make your e-mail handle@xxx.com. since many of you who are
reading this may be new to the whole fake identify business, i need to remind you
to never sign up using your real information. treat every connection as if your
enemies are reading it. a simple subponea could get your real name and bada-bing
bada-boom bada-busted.

if you are going to be doing any financial transactions online with your identity
(which you should stay away from at all possible) i suggest you get an e-gold and
paypal account. now, e-gold was just raided by the fbi so they may be closed down
shortly, but a new type of e-gold will emerge. you can get e-gold accounts from e-
gold.com. paypal's are available from paypal.com and are also free, but with
tighter security. never store large amounts of money in paypals. again, i need to
remind you never to use your real info when registering for accounts. you might be
wondering what the point of money is if you can't have it irl. there are lots of
goods and services you can buy online using e-money which we will get into later.

chapter two:
communication security
------------------------
now that you have your identity set up, you probably want to communicate with
other people using your alias. there are several main communications hackers use.

*forums/boards/bbses - forums are places where people can post and reply to
questions, comments, suggestions, and talk about pretty much anything. they are
usually free and serve different purposes. you can find a forum on any topic. i'm
not going to suggest and boards, since they can die fairly quickly, especially if
they are harboring criminal activity.

*e-mail - this is probably one of the most widely used communication methods
available. it allows you to talk one-on-one with anybody on the internet. e-mail
can be accessed through your browser or using an e-mail application.

*im - im enables you to talk real-time with other people which is good for groups.
there are several popular im services available. i suggest you don't use the
default client, but that you use gaim or trillian or something similar.
*aim - aol instant messenger is a fairly popular program, and i suggest you
get an account at aim.com.
*icq - icq is probably the most popular im service for hackers outside of
irc, you can get a free account at icq.com. icq is now owned by aol.
 *irc - irc is quite possibly the most widely used communication software. you
can join "channels" (aka chat rooms) and chat one-on-one with users. popular irc
networks include irc.undernet.org, irc.oftc.net, irc.tddirc.net, irc.efnet.org,
etc. lots of boards have their own irc channel where users can talk in real time.
irc is also a popular way to get pirated software and other copied/cracked files.
*yim - yim is an im client run by yahoo! which is also fairly popular.

e-mail:
i already listed some popular e-mail services available on the previous page. i
highly suggest you use the web interface to access your e-mail, so that there is
less evidence on your drive. if you must use an e-mail client, you should check
out thunderbird (mozilla.org/products/thunderbird) which is an open-source e-mail
app written by the mozilla foundation. you should always use encryption when
sending e-mail to ensure that it is useless to people who intercept it.

im:
you shouldn't use the default im clients, because they are insecure and don't
respect your privacy. check out trillian and gaim. gaim is open-source and free,
it supports aim, icq, jabber, googletalk, irc, napster, yim, and a few other
services. trillian supports most major services.

about irc:
i have decided to make a special section dedicated to irc because it is harder to
understand than other networks. when you join irc, you join an irc server/network.
popular ones include irc.efnet.org, irc.undernet.org, etc. you should go to these
networks and look around for suitable channels. "channels" are chat rooms where
people can converse. there are users with ops and half-ops. ops are like admins,
they can kick you, ban you, and do pretty much anything they want. half-ops have
varied privelidges from server to server but usually have kick and ban privs.
along with topic setting privs. the topic is a description of the chat room or
what occurs in it. there are several names and channels that are on almost every
irc server:
chanserv - this user is a robot that can set up a channel, give you information,
and let you admin your channel.
nickserv - this user is a robot that can help register and identify your handle on
irc.
#help - this channel is pretty much standard and includes help for users.
#security- if you notice flooders etc. this is probably where you should go if it
exists. otherwise, go to #help.

whenever possible in communication, use encryption and non-dictionary words. so

instead of saying, "did you crack the password for ftp.student.edu?" you should
say, "did you get the shit from the site?". if you can't use encryption, always
speak in code. your connection should always be encryped atleast to your first
proxy, and there should be tons of proxies after that.

chapter three:
connection security
-----------------------
i hope you didn't think i would let you off without giving you a lecture about
proxies. now, i suggest a mix of proxies and anonymity systems to say secure.
however, i will start off by saying that you should never use your own connection.
go leech off somebodies wireless, the library, whatever. with enough subponeas,
the feds can get any ip they want. you need to treat your connection as if it was
watched 24/7. this means everything should be encrypted and cover traffic is a
must-have. as far as encryption goes, you can use a vpn or other anonymity
network. there are a few terms which i should define:
vpn - this is a remote server that you use as a proxy that encrypts your
communications. don't put all your trust in a vpn, atleast have a chain of 2-3

proxy - this is a machine that you can route information through un-encrypted.

tor - this is an anonymity system that uses 4-5 vpn connections before you get to
your final destination.

i2p - similar to tor.

freenet - an internet within the internet that serves as an anonymous

communication system.

you should always have 100 points anonymity. you might be asking yourself what the
hell i'm talking about. well, i've come up with a rating system to rate your
anonymity chain.

each proxy = 10
each vpn/encrypted connection = 10
using your connection = -30
first connection is encrypted = 15
first connection is to a dangerous server = -40
first connection can see what you are doing = -10
any other connection can see what you are doing = -10 (maximum of 40)

so, here's an example of a 100 point connection

neighbor's wireless-tor(10+10+15)-tor(10+10)-tor(10+10)-tor(10+10)-proxy(10) = 105

the higher your 'anonymity score' is, the more secure you are. now of course, this
is open to changes, but this should serve as a basic guide. you should always ask
yourself, "is the fbi willing to spend the time to break this". if the answer is
unsure or yes, then you need to re-think your security.

about tor:
i have decided to give tor it's own little section because i believe it is one of
the best anonymity tools available. tor uses onion routing. let's say you want to
connect to gmail.com. normally your connection looks like this:
you->gmail.com
now, gmail.com has your ip and so do the feds. if you use regular proxies, it
looks like this:
you->proxy->proxy->proxy->gmail
now that's better, but all the proxies can intercept your data. if the proxy was
set up as a trap, you are really screwed.
when you use a tor connection, it goes like this:
you->tor->tor->tor->tor->gmail.com
none of the tor servers except for the end server can see your traffic. this
means, that trap servers shouldn't be a problem for you. you're probably thinking
this is too good to be true, and it is. tor is still crackable by the fbi just
like any system out there. using 'timing attacks' they can see who makes which
requests if they own multiple nodes on the network. they basically see which nodes
are making requests at the same time to determine what your ip is. you will need
to generate cover traffic when you are on tor to avoid it, and you should probably
have a connection like this:
you->tor->tor->tor->tor->proxy->proxy->gmail.com
lots of times, if somebody is trying to track you and they see a tor server, they
stop. even with full access to the machine, it's impossible to see where your
connection came from. i highly suggest tor for anybody who wants to increase their
anonymity 10-fold. it can be acquired through tor.eff.org.

there's a lot of buzz going around regarding vpns. vpn stands for virtual private
connection. you will hear about these a lot especially in carding forums. vpn
owners are usually very cooperative with law enforcement and those who are not get
their data siezed anyways. vpns are a lie in and of themselves. the only reason to
use one is to encrypt your connection. tor does a fine job of this, and vpns are
a waste of your money. a lot of people also use programs such as anonymizer.com's
program to secure themselves. again, you are placing all your trust in one person
and you are no longer in control of your information. it's not a very good idea to
use these if the government is after you.

the main problem with all end-proxies is that they can steal your logins and sniff
your traffic. this is a risk you have to take. remember, the feds have access to
your inbox anyways. to protect against abusive proxy owners, use https/ssl when
possible. when you look at a url, it should look like this:
http://xxx.com/x.html
most servers are https enabled, but your browser will try https by default. just
enter urls like this:
https://xxx.com/x.html
if a site doesn't have ssl, then you can't use it (obviously). it's good to use
ssl whenever possible so abusive proxy owners aren't a problem.

there are several types of proxies and ways to use them. proxy "levels" are
determined by what they give to your destination. there are several things you
need to be concerned about:
remote_addr - your ip addy
http_via - if this field has anything in it, then people will know you are using a
proxy. this doesn't usually matter
http_x_forwarded_for - this field will blow the proxy idea to hell. if a proxy
sends this, it sends your real ip along with the http request.
http_user_agent - this is your browser, such as firefox, internet explorer, etc.
as i was saying before, proxies have different types of ratings. in reality, all
you need to know is wether they will reveal your ip.

transparent - never use these, they reveal your ip address.

anonymous - these hide your ip, anything at or above this level is fine
simple anonymous - pretty much the same as anonymous (these are the most common)
distorting proxies - these generate false x_forwarded_for ips, also referred to as
"poisoning"
elite/high anonymity - nobody can tell you are using a proxy if you use this
(unless they scan the server and find out it's a proxy)

now that you've seen what proxy levels there are, let's look at what types there
are.

socks - socks refers to any proxy using the socks 4/4a/5 protocol. it's very rare
to find a <4 socks proxy. you can route any type of traffic through socks assuming
they don't have some type of port filtering. this is good for using bittorrent,
http, https, and whatever else your sick minds can think of. they usually use port
8080
socks 4a - this socks breed fixes dns leak issues (explained later)
socks 4/5 - pretty much the same
http - these proxies only allow port http traffic. they usually listen on port 80
or 8080
https - these proxies only allow https/http traffic. they usually listen on port
80 or 8080
wingate - these proxies can be used to route telnet traffic and also usually
accept ssh.
smtp relay - these are servers which can be used to send anonymous mail. they fit
in the proxy category, but i won't talk about them anymore after this.

are you confused yet? well, most people would be. in a few weeks of using proxies,
it will all make sense. now we need some type of program to use these proxy
things, right? there are quite a few options available, and i'm only going to list
the most popular ones.

charon - this program is the big-daddy of them all. it can scan ranges, leech,
verify, sort, and automate the proxy process. it's free and lots of the features
can be used through proxies. it is available from
http://www.softpedia.com/get/internet/servers/proxy-servers/charon.shtml.

sockschain - this program costs money, but it's well worth it (and any program is
free if you try hard enough). it can chain socks proxies. duh.
http://www.shareup.com/sockschain-download-27361.html

multiproxy - this is a very simple program that will use an automatically-updated

list of proxies and route you through them (no chaining). it can be obtained
through multiproxy.org which maintains a list of proxies for the program. for this
reason, you should be weary of them because it can easily be poisoned with
government trap servers.

great, now you're chaining proxies and you're totally anonymous right? wrong!
there are quite a few ways your anonymity can be compromised.

timing attacks - these are fairly complex and are more commonly used on anonymity
networks like tor. they time the request to a website with the request sent from a
poisoned node which you route through. the best defense is to generate cover
traffic using auto-reloaders or the spam vampire (hillscapital.com/antispam). that
way, your cover traffic will also hurt spammers.

poisoned/trap/snitch/etc servers - these servers are run by the government. the

best way to defend yourself is to use an up-to-date blocklist. most proxy programs
come with blocklists. also, i reccomend you use peer guardian in conjunction with
your block list (peerguardian.sourceforge.net)

java exploiters - lots of sites have java applets imbedded that can reveal your
ip. they make a direct request to a trap server and bypass your proxy. get a
firewall and only allow your browser to contact your localhost proxy. i believe
this can also happen with activex controls.

drive-owners - this is rare and only occurs if you are running a vulnerable
browser/java version/etc. but, they can upload your hd to a trap server via your
proxy. the only defense against this is to keep your software updated and stay
away from dangerous sites.

dns leaks - this is one of the biggest threats. when you time in a web address
like hotmail.com, your computer has to go to a dns server and say "hey dns server,
what is the ip for hotmail.com?" and the dns server goes "the ip is
xxx.xxx.xxx.xxx." sounds innocent, but it doesn't stop there. the dns server
passes the query to hotmail.com so that hotmail knows you are coming. it is
because of this that you can have multiple domains on one ip address. in order to
fix this, tell your firewall to disable dns requests, and use socks 4a/http
proxies. lots of programs will automatically ask the proxy to make the dns request
if the initial direct route doesn't work.

i'd like to remind you again not to ever use your home connection. the feds can
slip up an infinite amount of times, but you only have to slip up once. if you
slip up on somebody elses connection, you are safer. if you slip up on your
connection, you're screwed. if you're playing against the government, you're
playing for time. the government is one privacy-invading opponent you can't beat.
if they want you bad enough, they will get you.

chapter four:
physical security
-------------------
"physical security" covers the security of you (the physical person), your
machine, and your transfer of material objects.

while i think sending/recieving goods with an "anonymous" identity is stupid, i

will explain how to make it as secure as possible. lots of time when dealing
online, you will feel some urge to send a package/letter or recieve one.

sending:
when sending a package, it's important to not send it from your own address (this
also means don't put your address on it!). wear gloves during the entire process.
if you purchased an item for the person, wipe any serial numbers, store numbers,
etc. don't give them the reciept and make sure you don't have any fingerprints on
it. you can put it on a sidewalk by somebodies driveway, call fedex/other courier,
and have them pick it up (charge the sender). you can also give it to somebody and
have them "drop" it at the post office. drops can be pricey, and there are a lot
of people who don't provide the service they claim to. if you are looking for
cash/package drops check mazafaka.info and carders.ws. it's important to only get
verified/reviewed drops so you don't lose anything.

recieving:
if somebody sends you a package, you should have them send it somewhere not
attached to your name. again, this is a good place to use a drop. send it to your
drop, and have them deliver it to you.

when using drops, it's best (although costly and un-orthodox) to use multiple
drops. this way, if any of your drops get arrested, you are safe. it's good to
have atleast two drops for sensitive info. if you are buying/selling, then use an
escrow service.

it's always possible that the feds already know who you are (they got tipped off,
went on a hunch, are getting you for tax evasion etc.). in such a case, you have
to make sure your computer is secured.

1. don't work in an insecure area - always check your surrounding area for
cameras, listening devices etc. it's good to invest in a bug-finder if you have
enough money. high quality ones start a 100-200 bucks. always try to face a wall
is possible. concrete is better than drywall. never sit underneath a vent unless
you can be sure the vent is clear. also, make sure mirrors can't see you.

2. check for keyloggers - always check your hardware for keyloggers. normally,
your ps/2 mouse plugs diretly into the motherboard. if there is anything in
between your keyboard and your computer, chances are it is a keylogger. take it to
your nearest forensics shop to get as much information about it as possible.

3. more on keyloggers - keyloggers can also be put inside your computer between
the ps/2 port and the motherboard. always check there.

4. lock down the machine - if you are using a desktop, bolt the computer to the
floor and use a series of locks to ensure it stays. this insures the feds don't
just walk off with your machine. also make sure the hd is secured.

5. put in failsafes - if they bypass your super-paranoid security, you need to be

notified. if you don't go inside your computer often, i suggest covering it in
some type of power. white flour will tell you if anybody has touched it. my
suggestion is to mix it with other colors so the feds have to make their own
mixture to match yours (takes longer). as for cabinets, doors, etc, lick a hair
and put it across. if you have been raided or your computer has been tampered
with, the hair will not be in tact (unless your particular search+sieze team is
very good). if you have a pet, use their hair because they will assume the cat/dog
must have rubbed up against it, and it won't look deliberate.

6. be in possession - have your computer in your personal posession as much as

possible. if you leave your computer make sure it is clean so that drive cloning
won't reveal anything later on in the labs.

great, now you look really guilty with all this security. atleast it's better than
getting proved guilty. it's good to have atleast 12 locks to get to your computer,
that way by the time the feds pick the locks, you can have a significant amount
wiped. once you hear the feds bust down your door, initiate wiping of everything.

chapter five
data security
---------------
there's always a chance that the feds will clone your drive while you are not
watching it, or that it will get siezed. it's very important not to store anything
stupid on your drive. keep everything legitimate you every have contact with on
your hard drive. the best way to ensure data security is to use a live cd
(knoppix.org, knoppix-std.org, tlm-project.org). that way, nothing is on your
drive. assuming you aren't willing to make that sacrifice, you will need to be
very careful. first off, don't use disk encryption. the feds can crack anything
using brute force. "but i have 387398729 delphi-omega-alphi encryption! it would
take 18^238728 million years to crack!" that's great, but it's crackable. the feds
have supercomputers, and probably have software installed on every machine to do
distributed cracking. in addition, you will get obstruction of justice charges for
not providing passphrases/keys. it's better to have "stupid files" in a remote
location. there are tons of free file storage services. just google for it, i'm
not going to be your bitch. the feds will get the data in the remote location, but
you can still claim it's not yours. they can have terabytes of evidence pointing
to your machine, but if it's clean, you're a hell of a lot better off. somebody
else could have routed through your computer, etc. windows and your programs make
hundreds of megabytes of logs.

1. the registry - the windows registry has hundreds of mru lists and caches in it.
clear these regularily.

2. temp files - these files can be your downfall. be sure to delete all temp
files/cache on your hd regularily.
3. "deleted" data - when you delete something, it isn't really gone. get a secure
data wiper, and wipe in excess of 200 times to ensure the data is really gone.
wiping it once won't work.

i suggest you use a combination of spybot s+d, (safernetworking.org) and ad-aware

se free (lavasoft.com). these find multiple mru lists, logs, and temp file
directories. these will not keep you safe alone. there are hundreds and thousands
of directories/files/reg keys that will track you. my suggestion (although boring,
laborious, and time consuming) is to look at every folder, file, and registry key
on your machine. then use scripts to wipe them regularily. every time you install
a new program, you need to see what that program is doing, what files it
uses/modifies, what keys it uses/modifies, and what connections it makes. to be
honest with you, this chapter is a joke. i could write hundreds of pages on this
and you wouldn't be even half-secure.

ok, so you've spent hours and hours examining your system. now what? test it.
there are several ways to test your security

1. manually - open a file, then use xfind from xteq to find any references to it
on the hd. (searches may take hours, so be ready to spend some serious time).
search for file contents, the file name, and the file path. repeat this with
several files, urls, etc.

2. encase - encase is a forensics tool used by the fbi/nsa/cia/other that will dig
for hours on your system. get encase (it costs quite a bundle, so get a pirated
version since you'll only be using it once). get every extension for it you can
fine and scan the hell out of yourself. hopefully, you find nothing.

3. get an expert - take your hd to several forensics labs and give them a
challenge. tell them to find anything they can on your hd such as mrus, files,
passwords, etc. use several labs if possible. this is where it would be handy to
have friends in le and ask them to get it examined.

ok, you've secured everything the above three tests found. now what? well, you
should wipe your drive with dban every once and a while (6 months) so that even if
there was something, it goes away. you should also wipe after any hack that's
"high profile" such as hacking into government computers, big corporations, etc.

chapter six
counter-surveillance
----------------------
if the feds are going to bust you, chances are they aren't going to run into your
house and steal your equipment without first obtaining some knowledge. there are
tons of surveillance techniques and i suggest you do some reading on this because
i'm only going to talk about 2% of 1% of them.

surveillance is conducted everywhere in teams. there are usually 2-3 teams. this
is very dangerous, because you may feel as if surveillance has ended, even though
it is still continuing.

team 1 - this is the first level and they expect to have their cover blown.

team 2 - this team usually comes in shortly after the first team. they are more
covert and blend into your background.

team 3 - you will rarely see team 3, if you have a team 3 you are very screwed.
these guys are the elite of the elite and are practically undetectable.

surveillance will occur when you are in your house, at a cafe, driving around, and
everywhere else you are. there are different surveillance techniques. the real
trick to render surveillance useless is to feed them bogus information. don't ever
indicate to them that you know they are watching, they will send a new team in and
you will lose your advantage over them. what's fun to do it insult them while
talking with somebody else. don't make it too obvious though, because they may
catch on to the fact that you see them.

in order to detect when you are under surveillance, i highly reccomend getting a
scanner. if you hear lots of static (encrypted communications), or people talking
about you, hit the bricks. if anybody is performing surveillance on you, you need
to get out of the area. especially if you hear about arrest plans on your scanner.
they cost between 1-500, if you have the money, buy the top of the line models.
the ss, fbi, cia, and local police all have different frequencies. it is a felony
to transmit on any frequency, and listening can be depending on your juristiction.
but again, would you rather be on the run and have that on your record, or be in
jail and have it not on your record? i opt for on the run.

surveillance on the road is some of the hardest surveillance to detect. there are
several techniques depending on the objective of the surveillance, and how much
you matter.

stakeouts - i didn't really know where to put this, but this seems like the best
spot. a stakeout is where somebody sits in a car outside your house. if this
happens, simply call the police to report suspicious activity and the person will
leave.

1-2 car follow - you will rarely see this. this is usually used just to see where
somebody is going.

box - the box is the most common type of road suveillance. this is especially easy
to execute on highways, so try to stay on small streets as much as possible. it
basically involved encompassing you in a box of cars. there is usually a minimum
of three. there have been boxes of up to 40/50 cars, but unless your bin laden, it
shouldn't be a concern to you. boxes are very common because they are hard to
escape. feds usually travel in un-marked cars. bumper stickers are a big no-no in
the fed community. it would be a good idea to go to your local fbi office and see
what kind of cars they have. i will give you a few scenarios. x is you, o is the
feds. a ? is a place where a fed could be put. xs and os only indicate minimums.

highway example:
_______________________________________________________________
? ? ?
---------------------------------------------------------------
? o o ?
---------------------------------------------------------------
? x ?
---------------------------------------------------------------
? o o ?
---------------------------------------------------------------

_______________________________________________________________

as you can tell, even the minimal situation is hard to escape. if you have a lot
of feds (include the ?s), then this would almost be impossible to escape. now,
this isn't a in-stone example. the box is a fluid object, cars will move in and
out of a box. so, if you see a car get on/off a highway quickly or do it multiple
times, you can assume you are under surveillance. in this case, you may be tempted
to jam on the brakes/gas or make evasive manuevers. this is a very stupid idea.
the last thing you want to happen in this situation is to get pulled over for a
minor traffic violation.

| |
| |
| |
| |
| |
| |
_________________| |________________________

o --? ? ?--o
_________________ | ________________________
| | |
| x |
| |
| ^ |
| | |
| | |
| o |
| |

as you can see from the above diagram, small one/two lane streets make it very
hard for surveillance to go un-noticed. as of such, it's best to stay on small
streets and avoid highways unless you have to hit the gas.

unless you are always driving, you are probably going to encounter foot-
surveillance. foot-surveillance refers to any surveillance not in a car. (simple
enough?). i introduced you to the "waves" of surveillance you will recieve. before
entering a location (such as a starbucks) always performs a check of the exterior.
feds like to park in the back, so always check there as well as the surrounding
parking lots. if you see lots of the same cars, don't go in. it's either a sting
or a surveillance operation. foot surveillance is pretty simple, people watch you.
always check to see who you are in the direct line of sight of. look for people
who may be "over-dressed" for the location, or who are alone/talking to the
owners/bartenders. joggers are always suspect. if you see somebody jog around a
corner with earphones, always check to see that they are still jogging.

it's important to always be able to change your look in the case that a bust is
about to occur. jackets and jeans are good because you can take them off and have
different layers below (wear shorts underneath your jeans if this is the case).
lots of times during a bust, they will identify you with a bag. if you have a bag,
ditch it or somehow change the color. it's always good to have $100 so you can
cover any mid-bust costs such as clothes, bags, etc. remember: you don't have to
stop unless the cops identify themselves as cops. if they are in non-descript cars
and don't flash badges, then you need to run like hell. if they do identify
themselves, you have to seriously consider your options. in most cases, there are
three options:
1. run
2. give up
3. kill yourself

you need to seriously consider these options. the main question is "can you
escape?". areas that are escapable are malls and parks. un-escapable areas usually
include your house, public bathrooms, stores, taxis, and public transportation.
note however, that public transportation can be part of your escape plan. if the
bust occurs while you are in a car, they probably have air surveillance set up, so
try to get underneath things and in crowds to foil it. if they don't have air
surveillance, just run like hell. again, crowds are good if you aren't afraid to
knock over a few people. always make eradic manuevers. the most important thing is
to not hit a dead-end. always be on the look-out for exits and areas near exits.
you can confuse the cops by running inside stores, but be careful what stores you
pick. if you go in a restaurant, make sure it has an outdoor area. these are great
places to get rid of the cops. once you jump the railing, you can get a head start
of about a block. once you have this much, just jog to your next location or find
a safe out.

chapter seven
life on the run
-----------------
so, you obviously picked option 2.

by now you're probably in the house of a dear friend, a hotel, or some other easy-
to-access location. the first thing you need to do is leave the state. they have
to do a lot more work if you do. once you are out of the state, you should get in
a hotel. if you have a car, you might want to retrieve it because you need to get
to your first safehouse quickly. once you are in a hotel, or on your way you
should withdraw all your money from your accounts. you don't want to give the feds
a nice credit-card trail to follow you with, so having all your money on hand is a
good thing. don't worry, you'll soon get acustomed to always paying with cash. if
you have lots of money, you should probably decide how much to withdraw. it's best
to withdraw it all because if you are on the run, they might freeze your assets so
you can't use them. it's important never to call back to your old
friends/family/co-workers because the feds will trace your calls. you should
probably move cities every few weeks to avoid getting tracked down. once you've
gotten settled down in your first hotel you need to think about your options. they
are the same three as before, but they are different. unless you kill yourself,
you will probably eventually get caught because leaving the country will not be
easy. if you have not already done so, you need to create a fail-safe identity.
you may be wondering what the hell i'm talking about. a fail-safe identity is a
person who will assume your identity should you get caught. this is very important
because they can't throw you in jail for bieng hackerx if hackerx is still doing
everything he used to. you'll need to give all of your passwords to somebody that
you don't know in real life, but that you know online and have a great deal of
trust in. this way if/when you get arrested, somebody can take over. you should
also arrange some kind of "message" that will tell them you got busted. this can
be a variety of things and i'll let you be creative. e-mailing yourself is a great
option. don't make the e-mail obvious like "take over my identity now". make it
something like "backup of floppy.zip".

well, i guess that's the end of my little tutorial on not getting busted. of
course, i've only touched on a very small fraction of everything, so i've provided
some links for you to learn more.

reccomended reading:
"beating the fbi"
http://www.totse.com/en/politics/federal_bureau_of_investigation/166422.html

"everything a hacker needs to know about getting arrested by agent steal"

"federal computer intrusion laws"

http://www.usdoj.gov/criminal/cybercrime/cclaws.html

"usdoj guidelines for electronic search and siezure"

http://www.usdoj.gov/criminal/cybercrime/s&smanual2002.htm

"computer records and the federal rules of evidence"

http://www.usdoj.gov/criminal/cybercrime/usamarch2001_4.htm

"computer fraud and abuse act"

"usdoj hacking cases"

http://www.usdoj.gov/criminal/cybercrime/cccases.html

[][][][][][][][][][][][][][][][][]
[] hacker news []
[][][][][][][][][][][][][][][][][]

1. stormpay running with the money

the online payment system stormpay (stormpay.com) left its members alone in a
series of confusing e-mails. stormpay has had a long history of un-satisfactory
business, and it seems they have finally fled with the money and gone to a remote
island with relaxed laws.

2. aol to begin charging for e-mail

in an effort to "protect members from spam" many people will begin paying to send
e-mail. just fucking bullshit.

3. eff sues at&t

the electronic frontier foundation has filed a class-action suit against at&t
communications for delivering customer information and phone calls to the nsa
without permission. go eff!

4. the bittorrent v isp wars begin!

since isps have begun limiting bittorrent traffic, some bittorrent clients have
started fighting back using end-to-end encyryption. while the original creator of
bittorrent does not agree with their actions, there isn't much he can do.

5. operation cyber-storm
the feds simulated a massive attack against us computer systems to prepare the
nation for a cyber-attack. they say it helped improve communication between
agencies, but didn't help isp communication in case cyber-terrorists shut down
internet backbones. but as we all know, hackers can beat the feds anyways. what we
sometimes forget, is that internet access is hard to get in caves.

6. illmob.org owner owned

well, illmob.org has seen its final days. this black/grey hat hacking site was
offering copies of the leaked windows source code for $20 as a "joke". the fbi
decided to shut them down instead of shutting down the source code leakers. proof
of how stupid le can be sometimes.

7. comic protest goes online

in the period of 2 days, thousands of danish/european websites were defaced by
islamic radicalists. mass defacers suck no matter what their cause.

8. hackology.com dead?
it appears as though people moved by sheepbyte's article on hackology have taken
justice into their own hands. shortly after the public release of the most recent
tiz issue, the hackology.com site got a 509 error. we believe this to be a ddos
because there's no way anybody could have maxed out their bandwidth that fast with
one machine. maybe bad people to get their up n' comings sometimes. hackology.com
is currently up, and distributing their trojaned software.

[][][][][][][][][][][][][][][][][]
[] inside the stormpay fiasco []
[] \ by sheepbyte: / []
[][][][][][][][][][][][][][][][][]
for those who live under a rock, or didn't read the hacker news section, the
online currency broken stormpay has run with millons of dollars, or so it appears.
since the start, stormpay has had problems. they mysteriously froze accounts with
no apparent or legitimate reason, they did chargebacks to accounts that didn't
exist, and evaded questions. since it's beginnings, it was apparent that something
wasn't right. over the last month, those suspicious have not only become stronger,
but validated. the first step in the fall of stormpay was a mass-cancellation.
stormpay was apparently having problems paying money to people requesting it (they
even had credit cards set up with international banks!), so they decided to freeze
accounts belonging to people with large amounts of money. they gave no reasons at
all. believers in stormpay (now referred to as scampay) suggested that there was a
glitch and that it would all be over with soon. unfortunately, this did not
happen. the main way stormpay recieved funds was through online hyips(high yield
investment programs), autosurfs (sustained financial growth systems such as
12dailypro.com), and other online investment programs. after the mass-
cancellations, they released a statement saying that they would freeze the
accounts of any such systems and people who profited from them claiming they were
all scams (which is very untrue). in addition, they claimed that several law
enforcement agencies were helping them investigate online money-making systems
including the fbi and the ftc. one of the programs they specifically mentioned was
12dailypro.com.

a brief background on 12dailypro.com:

12dailypro.com is an auto-surf where through user upgrades, people can get a
substainable yield from their investments. at first, this system failed and the
owners were forced to shut down. everybody knew that 12dailypro had hundreds of
thousands of dollars from running away (due to their ponzi set-up). they blamed
the problems on ddos attacks. when they came back, they established a legitimate
program and image. they are one of the most respected auto-surf sites available.
they have substained multiple ddos attacks from old angry users, and have been
very truthful/kind to their new users.

previous corruption in stormpay:

a while ago, it was discovered by an online investor that stormpay owned netiba
(netiba.com) which was an online investment program certifier. program owners
would pay to get certified and recieve automatic trust from their customers
(despite that many netiba certified sites were indeed scams). stormpay accounts
and programs that were not netiba certified were expected to pay higher
transaction fees. in fact, the netiba building and the stormpay building were less
than 2 blocks away from eachother. at this point, it was very apparent that
stormpay was corrupt but nobody predicted what would come next.

after this initial statement by stormpay, they also said that programs would
either have to choose stormpay or nothing else. this action, was of course
illegal. 12dailypro decided to go with stormpay since the majority of their users
wanted it. once the money started piling in to stormpay.com, they cancelled more
accounts and made over 3 "announcements" many of which contradicted eachother. at
this time as you can probably imagine, users at online investment forums such as
talkgold.com and no-scam.com were conspiring. there reports that the building
burned down, that the stormpay owners had fled the country, and a bunch of other
crazy claims. due their recent actions, stormpay underwent a massive ddos attack
(which was more than well deserved). their servers were on and off for several
days with dns errors, server errors, and page not found errors. shortly after
this, everybody had assumed that stormpay ran off with the money. pictures soon
surfaced of the stormpay headquarters which were undergoing construction
(presumably closing shop). in reponse to these pictures, stormpay released a
defensive announcement claiming that nothing was happening using the "stormpay is
on fire" hub-ub as evidence that all the accusations were nonsense. meanwhile in
tenesee (stormpay headquarters), the local abc branch was doing it's own
interviews and investigations. despite the fact that 12dailypro's arguments were
based on logic and evidence, the abc station decided to go with stormpay's
rediculous claims. they attacked the practices of 12dailypro.com and treated them
as a fraud organization. according to abc, several thousand angry letters were
sent to them regarding their thoughts on 12dailypro. the 12dailypro administrators
meanwhile had thousands of dollars locked up in their account which was recently
frozen due to stormpay. 12dailypro hired lawyers to prosecute and engage in talks
with stormpay which provided more excuses and fabricated stories of the fbi
investigating 12dailypro. since the entire stormpay community was infuriated, the
majority of them wrote letters to the bbb of tenesee, and now stormpay has an un-
satisfactory rating. as it turns out, there was no fbi investigation into the
12dailypro practices, and stormpay was running away. while not confirmed, it's
only reasonable to expect that the scampay owners had left the country with their
stolen millions to a place where the fbi couldn't prosecute them while thousands
of ex-customers are left to clean up the mess.

note: this situation is changing hourly and this is only based on my observations
at the time at which this article was written. if you want to keep up with the
news, please go to the 12dp forums, the tenesee consumer protection site, the
talkgold.com forums, and the no-scam.com forums. i strongly suggest to anybody to
take action regarding stormpay. remove any money you can from your accounts,
dispute charges related to stormpay with your financial institution, and file
complaints.

shouts to:
piks.utter@gmail.com

http://www.wincustomize.com/skins.aspx?libid=8&view=1&sortby=4&sortdir=desc&p=38&a
dvanced=0
{tiz}
[end of file]