Slashdot Mirror
CNN Says Chat Rooms Are a Haven for Hackers
MiTEG writes "CNN is carrying an article about IRC and how it aids "hackers" with their mischief. There are some alarming quotes from Bruce Schneier, CTO of Counterpane Technologies, such as "people who are anti-big-corporation are going to be more likely to use something like IRC"." Yeah, if they ever hung out in our chatroom, they'd
lock us all up for abusing Kurt the Pope.
Ah, what fun we had with bots . . . We had a bot to talk to our phone list database, a bot to page people, etc . . . Grand fun.
Al Qaeda has ninjas!
the FBI's National Infrastructure Protection Center (NIPC) didn't provide any statements to CNN regarding what goes on in Internet Relay Chat
Gee, I guess it would have been way too much trouble for CNN's hotshot reporters to log on and find out for themselves before running this half-baked article.
Boy, oh, boy...you must be relatively new to the Internet.
Here's just one example of organized credit card fraud on the Internet. Some software piracy groups have *entire segments* dedicated to credit card fraud. They even have a name for these folks: "carders." They'll "card" a laptop, CD writer, etc. for you, and find a way to get it safely received. Many of these folks have huge lists of names, addresses, and credit card numbers that often come from compromised websites.
It's happened to me before. Luckily, I caught it, and I learned from my mistake. I've found a way to help defend against this kind of attack.
Everyone should think about using one-time-use credit card numbers when making purchases from anyone over the phone or Internet. Several credit card issuers offer this feature. Here's an example of one of them.
And the channels they want to monitor are probably not that easy to join either, one might guess. Of course they could force some ircop or something like that to grant them access, but that would make the users of the channel very aware of their precense. And there are also ways to encrypt your irc chats, I don't really know how heavy the crypto is, but it would probably make their job a little bit tougher.
--
"I'm surfin the dead zone
In the twilight, unknown"
CNN == "Communist News Network"
Funny, cause the UK doesn't. It was downgraded from Class B to Class C last year, with a pilot program in one London borough with the only thing the police can do is confiscate it - a program that is exepected to be extended to the whole country soon, and the committe charged with making recommendations on drug policy have reported that it should be decriminalized, which is expected to be accepted by the Home Secretary. In fact, in the UK, the whole "War on Drugs" approach is widely seen as a failure, with the minor opposition party having decriminalization of all drugs (As happened in Portugal last year) as a platform, and many members of both major party agreeing with that policy. BTW, the drug most likely to be associated with crime is ... alcohol. "between 72% and 82%, depending on the area, testing positive for alcohol. " (http://www.druglibrary.org/schaffer/Library/studi es/runciman/pf7.htm)
Since the late 90's, the US Govt (Specifically the NSA, CIA, and NRO) along with other govts have showed increased interest in IRC. The original problem with monitoring IRC was the ability to correlate the packets (through Eschelon, JID, misc. sniffers) to the handles, DCC sessions, and misc. queries. Once scripts were established to correlate time stamps, and do active session recreation/replay the data was a bit more reliable, however there were large gaps in the data where netsplits occurred, or handles changed, dynamic IP's, etc. Since running analysts through abstract sessions of data was counterproductive, the data was dropped. So in public channels, bots and live agents (*cough*analysts*cough*) were placed to idle and log, however groups started catching on to the idlers and kicking, in addition, since all of the operations were done w/o the knowledge of IRCops, K-Lines started being put up and times got a bit harder.
So starting in late 2000, when reliable/substantiated information started comming across about possible Electronic Warfare, under cover company names, IRC servers started getting funding and/or being provided by agencies with an active tcpdump w/ ssl netcat (or scheduled ssh dumps depending) running on them (yes, that simple) which was then reprocessed and sessions recreated through a series of parsing scripts and dumped into databases that track handles, IPs, session data, keyword recognition (including handles, group names, and a series of acronyms/extensions), along with the ability to grab code snippets.
OPN, DAL, IRCNet and EFNet all participate in monitoring, EF and IRCNet remain the least cooperative, DAL and OPN actively participate and support the process. LiloFree, SuidNet, Conclave, and others are extremely difficult to track, however have their faults.
I won't get into IM protocols since we all know the inherant problems. AOL has not been entirely supportive of US Govt efforts to setup monitoring devices, however the Time Warner side of AOL/Time Warner has been a bit more agreeable. ICQ/Mirabilis gave in a -long- time ago, LICQ over SSL is great though.
The quotes below are great, however in times like these, the famous line "Do not disclose, sources or methods" from our spook friends applies quite well. Reply to:
I cannot confirm nor deny the allegation or allegations you may or may not have just made