Russian Police Know Who Wrote Gpcode Virus

rifles only writes "Russian police almost certainly know the identity of the programmer responsible for the frightening 'ransomware' crypto virus, Gpcode, which has hit the Internet several times since 2006, says a story at Techworld, which has tapped a Kaspersky Lab researcher. Gpcode used 1024-bit RSA/128-bit RC4 to lock up victims' data, an uncrackable combination that left the world with only one solution: find the virus author to get the master key. So why don't the cops do anything? Good question, but this is Russia we're talking about."

In Soviet Russia . . .

[Eg0Death]

. . . virus encrypts you!

Re:In Soviet Russia . . .

[raxhonp]

. . . all your beowulf clusters are belong to CowboyNeal.

Re:In Soviet Russia . . .

[MrPloppy]

Why the hell do the mods find this joke funny any more!?

Re:In Soviet Russia . . .

[tqk]

This looks supiciously like /. has inserted a bot that replies to every first post on a topic, "In Soviet Russia, ..."

Seems very effective. Thanks. I won't miss those.

Re:In Soviet Russia . . .

[Eg0Death]

I am a bot, you insensitive clod!

The enemy of my enemy is my friend

[zappepcs]

Who is to say that Russian authorities are not using this coder as a cover for much more malicious activities? All we know is that there is a virus that encrypts your data. What is it that we don't know yet?

Re:The enemy of my enemy is my friend

[MightyYar]

Who is to say that Russian authorities are not using this coder as a cover for much more malicious activities?

No, no - they are TRYING to get him, but he lives in Georgia.

Re:The enemy of my enemy is my friend

[martyb]

All we know is that there is a virus that encrypts your data. What is it that we don't know yet?

I'll take a stab at that one: the decryption key! <grin>

Re:The enemy of my enemy is my friend

[JustKidding]

That the last version of the virus does have very strong encryption, and that it fails to erase the plaintext files properly.

Re:The enemy of my enemy is my friend

[kestasjk]

Who is to say that Russian authorities are not using this coder as a cover for much more malicious activities? All we know is that there is a virus that encrypts your data. What is it that we don't know yet?

I've read the RTFA, if you thought "Russian KGB are letting mysterious virus author do as he wishes" was too bizarre to be true you're right.

This is how it breaks down:

• The virus author contacted Kaspersky asking for money for the tool to decrypt the encrypted files
• Kaspersky attempted to trace the author, and found that (surprise, surprise) he is using various proxies in the US, Hungary, Russia, etc
• Russian authorities apparently haven't rushed to the location of the Russian proxies (there's no mention of whether the US and Hungarian ones did)

Implying that the KGB are the master-mind hackers of an intricate spiders web of zombie-PCs may be a little premature based on this techworld.com article..

I wish there were sites which reported computer security news like it is, without the bullshit

Re:The enemy of my enemy is my friend

[kestasjk]

(Just to be 100% clear and frank "Russian Police Know Who Wrote Gpcode Virus" is just a plain lie)

Re:The enemy of my enemy is my friend

[Vagnaard]

Sorry to interupt you but :

On December 21, 1995, the President of Russia Boris Yeltsin signed the decree that disbanded the KGB, which was then substituted by the FSB, the current domestic state security agency of the Russian Federation.

Re:The enemy of my enemy is my friend

[billcopc]

Yet again the summary misleads, but it's no secret the Russian authorities don't have the resources to investigate anything of importance, and that problem leads to the iconic corruption that brings it full-circle.'

Re:The enemy of my enemy is my friend

[lysergic.acid]

you mean not everything bad that happens is a communist plot?

on a more interesting note, TFA states that yahoo has refused to cooperate with law-enforcement on this case on "privacy grounds." but didn't they hand over the user info on several Chinese dissidents, which led to an American national being falsely imprisoned?

i guess Yahoo will protect a user's privacy as long as they're a malicious criminal, but not if they're a prisoner of conscience. i guess it's time for me to close up my Yahoo! mail account for good.

Re:The enemy of my enemy is my friend

[NotBornYesterday]

MI6 knows who he is. They used to have pictures, but they lost them.

Re:The enemy of my enemy is my friend

[moderatorrater]

Well, to be completely accurate, you can't rule out the possibility of the Russian KGB supporting the virus author, you just don't have evidence for it ;)

Re:The enemy of my enemy is my friend

[jcrousedotcom]

Well, I live in Florida, should I just drive up and get him/her? :)

Re:The enemy of my enemy is my friend

[RiotingPacifist]

given that as explained above the KGB dont exist, i think I can.

Re:The enemy of my enemy is my friend

[MightyYar]

Good luck getting gas! :)

Re:The enemy of my enemy is my friend

[pwizard2]

No, no - they are TRYING to get him, but he lives in Georgia.

Well, as long as he stays out of Alabama....

Re:The enemy of my enemy is my friend

[gnick]

given that as explained above the KGB dont exist, i think I can.

That's right. We don't. Just keep believing that and everything will be fine.

Actually, we're just biding our time waiting for the US and China to go to blows. Then we thaw out Lenin, reunite the Soviet Union, and the world is our kotlety!

MWUAHAHAHA!

Re:The enemy of my enemy is my friend

Yet again the summary misleads, but it's no secret the Russian authorities don't have the resources to investigate anything of importance, and that problem leads to the iconic corruption that brings it full-circle.'

The undoubtedly have the resources.
What they do not have is the motivation.

Just like the USA has tons of Federal and state resources for computer crimes, but most of it is focused on dealing with child pornography.

Re:The enemy of my enemy is my friend

They have computers in Alabama?

Re:The enemy of my enemy is my friend

[davidsyes]

So, what are you saying? Are you saying that if he takes up residence in Alabama and infects, umm, knocks up... um impregnates an Alabamian that there will be a new case of ... CryptoSpyRidium on our hands? (bada boom)...

Re:The enemy of my enemy is my friend

[kestasjk]

I know, I was making fun of the GGP's paranoia

Re:The enemy of my enemy is my friend

[Theoboley]

ya'll got this wrong... The enemy of my enemy is not my friend... the enemy of my enemy is ME!!!!

Re:The enemy of my enemy is my friend

[Cyberax]

Wrong. KGB has been substituted by FSK (Federalnaya Sluzhba Kontrrazvedki - Federal Service of Counter-Intelligence) on 1991 (right after the USSR collapse).

In 1995 it was again renamed and reformed (this time it was called 'FSB').

Re:The enemy of my enemy is my friend

[darkpixel2k]

Sorry to interupt you but :

On December 21, 1995, the President of Russia Boris Yeltsin signed the decree that disbanded the KGB, which was then substituted by the FSB, the current domestic state security agency of the Russian Federation.

Sure...whatever...that's what the man wants you to believe.

Re:The enemy of my enemy is my friend

Or it could be someone hired by the Russian mafia, and the investigators don't want to find themselves tied up in the trunk of a Zhiguli while it's sinking in the Volga river.

http://en.wikipedia.org/wiki/Russian_mafia

Re:The enemy of my enemy is my friend

You know, whenever someone starts a sentence with "it's no secret that" or "everybody knows that" or something similar, whatever follows will be a lie.

what?

[SolusSD]

"Good question, but this is Russia we're talking about." ?? Someone care to enlighten me what that was about?

Re:what?

[grajzor]

Probably along the lines of this article: http://www.washingtonpost.com/wp-dyn/content/article/2006/04/07/AR2006040701972.html

Re:what?

[binarylarry]

In Soviet Slashdot, first post copies YOU!

Re:what?

[sonofbc99]

"Good question, but this is Russia we're talking about." ?? Someone care to enlighten me what that was about?

I think they are talking about Russia's historical stealing, corruption and Mafioso ties. In other words they cannot be trusted!

Re:what?

[The+Master+Control+P]

The implication is that the Russian government is explicitly corrupt and does not put on any pretense of enforcing the law but instead protects those with money or ties to money.

See also: Russian Mafia.

Re:what?

[Saint+Stephen]

Damn it, I finally had a funny Soviet Russia joke. Didn't see it when I posted :-)

Re:what?

[Eg0Death]

Touché!

Re:what?

[CRiMSON]

I believe that was a statement about the general lawlessness of Russia, and as to why it's obvious the police didn't do anything. Seemed straight forward concept to me.

Re:what?

[MoonlightSeraphim]

The implication is that the ... government ... protects those with money or ties to money.

now if we look at it this way it is not much different from any other government.

Re:what?

[mdm42]

Not at all like a $700-billion hand^H^H^H^H bailout to a bunch of rich fuckers who ripped you off in the first place, then...

Re:what?

That statement would be true if the government protected everybody equally. What is your point?

Re:what?

[binarylarry]

En Guard!

Re:what?

[LanceUppercut]

Well, as the law enforcement system in the USA is falling apart (under the assumption that it existed in the first place), some folks start suffering from a cognitive dissonance syndrome, which they are trying to alleviate by pretending that the very same things are actually falling apart in other places in the world. Russia has always been a favorite target for average American in cases like that. Whenever some other issue in the American failed system pops up, someone immediately comes up with a symmetrical stab at Russia. Just think of this as an automatic brainwashing self-preservation system sledge-hammered into the head of every American at the age of 5. Remember, when the issue of USA being the world leader in the number of incarcerated people popped up? It was immedialtey followed by the major outflow of the standard American "but in Russia there's Gulag" mythology, just to keep the typical well-washed American brain from overheating failure. This particular one is obviously triggered by the fact that US law enforcement recently announced that in order to save money they will simply stop responding to what they call "lesser" and "insignificant" crimes. Needless to say, this caused some a major gears to start grinding in the brain-firmware of a typical American. What you see in the original post is the product of that malfunction.

Re:what?

[Grelfod]

See also: Politician / US

Re:what?

[The+Master+Control+P]

Fools act because something must be done.
The wise act because they have something to do.

In any case, the question is how to survive the Subprime Mortgate Plane's crash-landing. In the short term, the fallout has left credit markets paralyzed with fear and waiting for the market to unjam itself would most likely prove unpalatably painful. If we aren't to act until we have a solution, what do you propose that we may act?

Long term, obviously, the solution is to bring back the regulation that stopped this nonsense from happening in the first place. Time and time again, we've seen that the markets are great at setting short-term prices and astonishingly, abysmally bad at planning for the future (witness the subprime ponzi scheme). Back in the thoroughly unregulated Robber Baron era, we'd have bank runs and financial panics like this literally every 5-10 years. Since the markets clearly can't regulate themselves to prevent this kind of screwup, the government needs to step in and do so. But this is long-term prevention to keep the Subprime Mortgage Plane from ever taking off again; What do we do now that we're stuck on it?

Re:what?

[The+Master+Control+P]

Hearing this kind of nonsense in response to criticism of broken governments really gets old after a while. When our officials tell big business to fuck off, they run smear ads during the next election. When Russian officals tell Gazprom to fuck off, or journalists criticize Putin's government, they tend to die of extreme cranial bullet trauma.

It's like people who complain about Bernanke's inflationary policies when Zimbabwe is discussed. Does anyone actually think these are comparable?

Re:what?

[MightyYar]

Long term, obviously, the solution is to bring back the regulation that stopped this nonsense from happening in the first place.

As much as it pains me to admit it, it looks like people suck at finance. Everyday people are responsible for this mess by taking on mortgages they couldn't afford. Banks are responsible because they bought risky debt from brokers who had no reason NOT to grant loans. Insurers are responsible because they underwrote this horrid debt.

But government regulation is also at fault here. The government encouraged high-risk loans. That did us no favors in this situation. Without Fannie and Freddie, there'd be a whole lot fewer bad loans. So we have to be careful how we structure any regulation.

Re:what?

[ZerdZerd]

You obviously haven't searched for "Only in Russia". Here's a link for you.

Re:what?

[jeffmeden]

No, the money that was ripped off is long gone, with no one left to hold the bag. That's the problem. The $700 billion is essentially to subsidize the mortgages of the "wannabe-rich fuckers" who bought houses only to have them lose 30% or more of their value in a year, making selling or refinancing impossible and leaving default and bankruptcy on the table as very appealing options compared to dealing with mortgage payments that ballooned well beyond their expectations (whether they weren't diligent enough or were outright lied to about their mortgage is another story.)

Re:what?

[ztcamper]

Not subtle enough. I suggest you go back to practice on runet. Expectations for the quality of propaganda are much lower there.

Re:what?

[FishWithAHammer]

But government regulation is also at fault here.

Ding ding fuckin' ding. The Community Reinvestment Act of 1977 (thank you, Jimmy Carter, thank you, 95th Congress) began this fucked slide. Clinton continued and encouraged it with the 1995 amendments to the CRA that essentially forced banks into predatory lending practices.

(Oh, and BTW: Obama worked for one of the law firms involved in suing banks who weren't giving out enough high-risk loans to people who couldn't afford it. Fun, huh?)

Re:what?

Yelling "BRAINWASHED!" is a poor substitute for a valid rebuttal.

Re:what?

[AK+Marc]

Sounds like the Libertarian Utopia. How's that working out for them?

Re:what?

The $700 billion is essentially to subsidize the mortgages of the "wannabe-rich fuckers" who bought houses . . .

The bail out does NOTHING to subsidize mortgages.

Re:what?

[dunkelfalke]

it is not so much a troll as it looks like.
russia of the nineties was pretty much a laissez-faire libertarian utopia.

Re:what?

[dunkelfalke]

here is a good explanation

Re:what?

[Bryan+Ischo]

I don't know very much about the actual causes of this issue, however I do find it really annoying that someone must invariably turn the discussion into an "it's the Democrats' fault! No, it's the Republicans' fault!" waste of time. You cited only Democratic presidents (and president hopefuls) in your post. I find it VERY hard to believe that there isn't blame to be place on just about every politician out there, regardless of party. So why do you feel the need to try to make this issue partisan? It's attitudes like yours that turn intelligent discussion into useless time sinks, which is the root cause of the USA's political environment being so dysfunctional.

In short: if voters use their brains, then they will elect politicians who use their brains. You are encouraging voters not to use their brains with arguments like yours. So you and people like you are the real root of the problem.

Re:what?

Incorrect. There are no funny "in Soviet Russia" jokes...

Re:what?

[MRe_nl]

Correction: There are no funny jokes in Soviet Russia...

Re:what?

[rtechie]

Russia as a nation, and the KGB in particular, have a reputation for fostering, or at least "turning a blind eye", to hackers and hacking in Russia. In particular, they refuse to extradite hackers to other countries.

The most famous example of this is the recent "cyberwar" against Estonia by Russian hackers. Russia has made no attempt to catch the Russians responsible and in the eyes of many observers the Russian government organized and endorsed the attacks.

I'm sorry Russians might get offended by this. Maybe you should do something about actually stopping the hackers in your country. You should start with getting rid of that whacko Stalinist Putin.

Re:what?

[rtechie]

Russia has always been a favorite target for average American in cases like that. ... What you see in the original post is the product of that malfunction.

No, Russia has an established reputation as being a haven for organized crime. Like Sicily on a grand scale. This has nothing to do with anti-Communism.

Re:what?

You are so right. We all know it is the fault of George Bush and his stupid war in Iraq. No war, no housing mess. How much easier can it be to see?

Re:what?

You mean without a war the Ponzi scheme could have gone on forever??? Who knew? The fact is that it's been recognized that something was out of whack with regards to home prices for many years. The typical increases in California home prices never made sense but I'm not surprised people took advantage of it. So many people got into flipping homes since even if they did minimal improvements the home would go up in value because everyone was trying to get into a home or move into a larger home. The problem is that now that things have gone south those people are likely to go bankrupt and it's taking many other people with them. I heard the other day of an area in California (I believe it was the San Francisco area) had homes that were priced at about $750k on the books. However with the drop in values they are actually worth about $250k. So people have mortgages for $750k on a $250k home... I don't think there's any hope for homes to recover that kind of value in the next couple of decades.

Re:what?

[FishWithAHammer]

I name Democrats because Democrats were in power for the two major causes for it. I'm not a Republican, and I don't want to vote for McCain; he's not that much better. That said: in 2005, John McCain actually did talk about this and pushed a bill to address the problem; it was shot down, both by Democrats and Republicans. So we've got one Presidential candidate who tried to do something, and one who worked for a law firm exacerbating the problem.

But no, I'm causing dysfunction, right? Since I focused on the root cause of the issue, the fucking CRA and the 1995 amendment, I must be a partisan hack. Guess what, buddy: Democrats owned Congress in '77 and '95, it's their doorstep on which this particular pile of shit rightfully lies. McCain, and those who voted for that bill in 2005, are the only ones not guilty of it.

(I do not recall the senate bill reference offhand; I'll do some digging and post it, although I'd bet someone on Slashdot already knows it.)

Re:what?

[Loki_666]

While our law enforcement here in Russia are underpaid and perhaps not the most up-to-date and certainly there is corruption (especially our Road Police - bloody parasites - sorry, personal grudge) some of them do try hard. And in our city only last year a group of US police came over for a month or so to study Russian law enforcement techniques. Im sure this was legal studying, not "How to accept a bribe" and "Best way to hide the prisoners bruises". And as for all the FSB bashing.... take a close look at some of the history of groups like the CIA and FBI in the US and Mossad and MI5 in the UK... they arent exactly white as angels... lots of bad things done in the name of national security.

Re:what?

[Dilaudid]

The Russians alledgedly allow/have allowed a lot of unpleasant activities to go on, which would be illegal in most other democratic countries. A few examples are: allofmp3.com, the litvinenko poisoning, the closing down of media organisations, Yushenko's poisoning, the BP-Tenko rip off, and RBN which is effectively an incubator for phishers. Most botnets are run out of russia - the info's all on the web if you want to look for it. So no-one is surprised when the Russian authorities let virus writers run riot.

Russians resent the west for winning the cold war, and the botched transition to capitalism that left their nation in default, and if their citizens are fucking up westerners' lives, the Russian authorities aren't going to run in to stop them. It's a bit like expecting the Bush administration to pass human rights legislation to protect the 9/11 conspirators - it ain't gonna happen.

Re:what?

[LanceUppercut]

You mean in Hollywood movies, right? Otherwise, no, it doesn't have such "estabished reputation".

Re:what?

[rtechie]

Not according to Interpol or the FBI. Protection rackets, drug smuggling, counterfeit goods, and especially computer crime are rampant in Russia and some of the former Soviet satellites. This is to the point that the "Russian mob hacker" is a security industry cliche. Russia's unwillingness to extradite or prosecute organized crime figures is the key reason Russia is seen as a "haven". For a graphic example, look up "Estonia cyberwar" in Google. Russia did not prosecute or even investigate anyone for their involvement. In the Alexander Litvinenko case Russia has refused to cooperate with British authorities in the case (though that was a political assassination, and not organized crime).

So why don't the cops do anything?

[Daimanta]

Simple. They have an ulterior motive in not dragging his ass to prison. That or they're lying. Or lazy.

Re:So why don't the cops do anything?

[MightyMartian]

Simple. They have an ulterior motive in not dragging his ass to prison. That or they're lying. Or lazy.

Like cops the world over.

Re:So why don't the cops do anything?

[gad_zuki!]

He probably works for the FSB now.

Re:So why don't the cops do anything?

[Eg0Death]

Probably along the lines of this article: http://www.washingtonpost.com/wp-dyn/content/article/2006/04/07/AR2006040701972.html [washingtonpost.com]

The picture this arcticle paints leads me to believe that proof is optional in the arrest, charge, convict process.

Re:So why don't the cops do anything?

[phayes]

Theres a world of difference between knowing who did something, and having enough proof to be able to arrest them, charge them and convict them.

There is a only a world of difference in countries that have an independant judiciary. In Putin's Russia where the judiciary is only there to serve as a fig leaf for Putin's ambitions, there is no difference at all...

Re:So why don't the cops do anything?

[damn_registrars]

Theres a world of difference between knowing who did something, and having enough proof to be able to arrest them, charge them and convict them.

And in between is Guantanamo Bay.

Oh wait, were we talking about Russia?

Re:So why don't the cops do anything?

Sounds like you are describing the US government

Re:So why don't the cops do anything?

Or incompetent. Never forget Hanlon's razor.

Re:So why don't the cops do anything?

[ca111a]

Not in Russia it isn't.

Re:So why don't the cops do anything?

Yes, but this is Russia we're talking about.

Re:So why don't the cops do anything?

[mwlewis]

Yes, we were. Also, we were making sense and not non sequitors. Since this is /. I won't ask that you leave until you can do the same.

Re:So why don't the cops do anything?

Or drunk!

Re:So why don't the cops do anything?

[silverdr]

To make your statement more complete: and there is a world of difference between

• knowing the path and walking the path
• having enough proof to be able to arrest someone and willing to do so
• requiring enough proof to prosecute someone and not feeling like rquiring any to do so

Oh - in case you believe that the above applies only to Russia - it's time to grow up...

Re:So why don't the cops do anything?

[KZigurs]

Just invoke the magic word !TERRORIST!. Easy.

Re:So why don't the cops do anything?

[Eg0Death]

I don't think TERRORIST would work. You would have to say it Russian. (I just discovered that /. turns Cyrillic characters into gibberish.)

Re:So why don't the cops do anything?

[damn_registrars]

not non sequitors

Well, what does the US do with those that it lacks the evidence to arrest, try, and convict?

Or on the same note, when was the last time there was a trial at Guantanamo - or when was the last time any charges were brought against anyone there?

You can disagree with my statement - and at least 3 cowardly moderator points were used to say that - but there is hardly an example more in line with lacking evidence than what the US government is doing down there in Cuba.

Re:So why don't the cops do anything?

[mwlewis]

It's the difference between arresting a criminal and prisoners of war. I'm sorry if the difference is too subtle for you.

Re:So why don't the cops do anything?

[damn_registrars]

It's the difference between arresting a criminal and prisoners of war. I'm sorry if the difference is too subtle for you.

No.

It is the difference between the belief that all human beings should be granted due process and the belief that some human beings are apparently inherently superior to others.

Re:So why don't the cops do anything?

[mwlewis]

Yes, thank you for proving my point.

Re:So why don't the cops do anything?

[damn_registrars]

So then you are saying that you believe that these people who are kidnapped from their homelands do not have any right to due process? People have been detained in Guantanamo for years and repeatedly denied due process. Some of them have never had charges brought against them, while being detained indefinitely.

If you feel for some reason that is reasonable, then your beliefs are rather frightening I would say.

Re:So why don't the cops do anything?

[mwlewis]

These people were captured on the battle field. They are prisoners of war. They were not arrested for a crime, like a car thief or a murderer. There have been numerous attempts to give them the process that they are due. The point of capturing prisoners of war is not to prosecute them. The purpose is to keep them from returning to the battle field.

Should we have charged captured Germans in WWII? What would we have charged them with? How could any cases be prosecuted?

The logical result of what you seem to be proposing is that the military would stop taking prisoners altogether. And the other way to remove combatants from the battle field is not nearly so respectful of the combatants rights.

These beliefs are only frightening to the naive or ignorant. I'll leave it to you to pick which category you'd prefer.

Re:So why don't the cops do anything?

[damn_registrars]

These people were captured on the battle field.

That all depends on how you define the battle field. Many were captured in places where no battles were being fought.

They are prisoners of war.

And just what war are you talking about? And if they were prisoners of war, then they could at least expect to be released at the conclusion of the war.

Except that we are not in a war that has a defined end point. Really, we aren't in a war at all because there is no opposing state.

The purpose is to keep them from returning to the battle field.

Again, what battle field? They weren't all captured in combat of any sort. Many were not taken from anything that resembles a battle field.

Should we have charged captured Germans in WWII?

Is there a conflict anywhere involving the US that resembles WWII in even the slightest?

Of course not.

In WWII when Germans were captured in Europe it was well understood the terms of their capture and when they would be released.

And no great numbers of them were shipped to the other side of the hemisphere.

The logical result of what you seem to be proposing is that the military would stop taking prisoners altogether.

No. My proposal is that they actually pay attention to who they capture, and that they actually adhere to the Geneva conventions for dealing with who they capture.

And being as there is no war, those captured are nothing more than suspected criminals who need to be tried or released. Instead the US government has held prisoners for several years with no clear intent of ever doing anything with them beyond holding them until the end of time.

These beliefs are only frightening to the naive or ignorant.

Insulting me will get you nowhere.

The US is in a huge moral deficit with those imprisoned at Guantanamo and elsewhere. People from all over the world have been detained without rights to the due process that are afforded to other criminals. The government has turned their noses at human rights and the Geneva conventions. If you think for a minute that we are in any way better than any second or third world country in treatment of foreign prisoners, you aren't paying enough attention to how we have trampled all over basic human rights at Guantanamo.

-1, Troll

> Good question, but this is Russia we're talking about.

Yeah, these damn Russkis, I am still shaking from the Sclarov incident .. ugh, wait .. nevermind.

Re:-1, Troll

[MightyYar]

Wow, good point. I mean, conditions in the US are shitty so that makes all of the problems of Russia go away!

Re:-1, Troll

[MightyYar]

Troll? I guess I should have used sarcasm tags... I was trying to point out the absurdity of his argument. Conditions in the US have no bearing on whether or not conditions suck in Russia.

Goodfellas

[pete-classic]

So why don't the cops do anything?

And when the cops assigned a whole army to stop Jimmy, what did he do?

He made them partners.

-Peter

Re:Goodfellas

[bigredradio]

Nice pull. That made my morning. (/me puts Goodfellas into netflix queue).

Re:Goodfellas

[pete-classic]

Cool!

Saw it on the big screen a couple of months ago. Unfortunately the sprocket holes were in bad shape and the image "jittered" vertically the whole time. It was also the first DVD I owned.

I'm generally not a fan of voiceover, or Ray Liotta, for that matter. But his deadpan over the whole movie really works for me.

-Peter

Tapped?

[Hatta]

I'm not sure it's relevant who at Techworld is tapping who at Kaspersky Labs

Changes in the wind.

[Ostracus]

"According to Kaspersky, stopping ransomware-based malware in the future will require more effective law enforcement, the use of forensic software analysis to tie suspects to their malevolent creations, and possibly building restrictions into the Windows cryptographic software libraries used to create Gpcode itself."

This concerns me more than what the cops do as pointed out in the story there's the difficulty of getting the money back to the ransomware author.

Re:Changes in the wind.

[jimicus]

"According to Kaspersky, stopping ransomware-based malware in the future will require more effective law enforcement, the use of forensic software analysis to tie suspects to their malevolent creations, and possibly building restrictions into the Windows cryptographic software libraries used to create Gpcode itself."

Then Kaspersky are idiots - any malware author with half a brain will simply statically link their code with a stripped down OpenSSL library.

Re:Changes in the wind.

[Zironic]

Isn't RSA rather easy to implement without any library at all?

Re:Changes in the wind.

[CriticalHedonist]

Then Kaspersky are idiots

Evgeny Kasperky is just a soviet-minded guy, he thinks in a central control and default-deny way only. Not long ago he said that the only way to solve virus/malware problem is a certification of internet users, i.e. when nobody is allowed to use internet without a license.

P.S. Sorry, I can't find a proof link.

Re:Changes in the wind.

Or better yet, libtomcrypt, which is tiny and would piss Tom off.

Re:Changes in the wind.

[multipartmixed]

???

Anything that's easy to implement with a library is equally easy to implement without a library.

cat library/*.[ch] >> main.c

Re:Changes in the wind.

[DRobson]

RSA in five lines of perl. (Well, it also uses dc..)

Re:Changes in the wind.

[Zironic]

What I meant was that the algorithm is really simple, it's not like it needs thousands of lines of code, a post below shows how it has been done in 5 lines of completely unreadable perl.

This just in

[Windows_NT]

They'll never catch me, HAHAHA!
# encrypt /mnt/cppp/super_secret_files /mnt/cppp/putins_wife.jpeg -a 1024 --key="motherland"

Re:This just in

[AragornSonOfArathorn]

The Soviets are going to go after Sarah Palin's Facebook page next. They don't want it known that "Vladimir Putin, Sultan of Love" friended Palin.

ee+BfO3iVLaBGTTcTioI6Ax4

[BlackPignouf]

hQIOA9E1fHW L3Cs+EAf+ LWFxdp1PrTde8Qie 1RCbJcYw+wje0tBapGwhioSd8+yQ
1HgIDg7 zfLYXpPL4Pqlv FvyE810ZzpfzhcI2WhNI2O 1TT6pl8nXeEWbDr39TOXCf
FNBkdmXnkZ /2+iF7/2ht/yAmNQm 4dX6v1BaHSHccN RTCsa74Rq58BfYKAJm2AEf/
gI0eKtXH SUiCT 8MBdee+BfO3iVLaBGTTcT ioI6Ax45ODsz5zColQz0VJb99LmjGw
AGVLf4dMLxm8WpZb Ni7RX8WLACnJAP t5MNhOee/J4 vwohQDrfQpux85HKsbQ6nFm
6Q5HKf4 l68DyPo yYvuvNSg0TlYov03G xYxEA6T4xAwgAi7ahv huEhPFexhNru/S

This highly interesting post has automatically been encrypted.
Please Paypal-send 10$ to john.doe@gmail.com to read it!

Re:ee+BfO3iVLaBGTTcTioI6Ax4

No thanks, I don't want your cheap V1agra.

Re:ee+BfO3iVLaBGTTcTioI6Ax4

Downloaded this post from Pirate's Bay

Re:ee+BfO3iVLaBGTTcTioI6Ax4

>Please Paypal-send 10$ to john.doe@gmail.com to read it!

Hey! That's my email address, you insensitive clod!

Re:ee+BfO3iVLaBGTTcTioI6Ax4

[beacher]

B e s u r e t o d r i n k y o u r O v a l t i n e.

Ovaltine? A crummy commercial? Son of a bitch!

Re:ee+BfO3iVLaBGTTcTioI6Ax4

[magus_melchior]

I tried that, and I got this response:

I'm in ur disk, scrambling ur filez

Re:ee+BfO3iVLaBGTTcTioI6Ax4

[Mr.+Beatdown]

WTF is a squeamish ossifrage?

Re:ee+BfO3iVLaBGTTcTioI6Ax4

Great, now i'm reminded that 24hrs of that is most likely coming once again in the not so distant future.

And here i finally had "Fa ra ra ra raaaa" out of my head.

So why don't the cops do anything?

[Richard_at_work]

Good question, but this is Russia we're talking about.

Theres a world of difference between knowing who did something, and having enough proof to be able to arrest them, charge them and convict them.

It is as plain ...

[m0s3m8n]

.. as the nose on your primate face. V. Putin. Absolutely nothing gets done without his approval or wish. They probably think of the virus author as a kind of "munition" worth keeping under cover. Remember when PGP was considered a "munition" in the US?

but how does it work?

That's a good point someone brought up. In the situation of ransom, how
will it ever work?
If large amount of funds are transferred by bank, they can
find and freeze the bank account.
If large amount of funds are transferred in cash,
the money can be traced so you would be caught if you use it.

So What is the the point in ransoming in the current era? There must be
something I am missing.

Re:but how does it work?

Hence why the Russians know who it is

Re:but how does it work?

[Loualbano2]

There are a couple things that you are missing that make this particular scheme work.

The first detail is that these guys don't ask for much to unlock your files. I have read they typically ask for $100 or $200. These amounts are is too small for most law enforcement to notice typically.

Another detail here is the lack of reporting. I am sure that some folks just cough up the money to get stuff unencrypted and never report it to law enforcement.

Another big detail is that they are in Russia. If the person making the transaction is in the U.S. for example, there is not much any bank or law enforcement agency can do to recover that money once it lands in a Russian bank, especially when you consider that it is only $100 - $200.

This goes back to the cooperation between the Russian govt. and organized crime that others have pointed out. When you have that kind of setup, money tracing is pretty ineffective as a crime fighting tool.

Here is a pretty good writeup about gpcode:

http://ddanchev.blogspot.com/2008/06/whos-behind-gpcode-ransomware.html

ft

Re:but how does it work?

[ScrewMaster]

Personally, I think that the idea of a lone bad guy out there is probably naive. Frankly, I think it's the Russian Business Network behind this. They have the resources and the technical capability to hide behind multiple proxies, and won't have any problem processing the extorted funds.

Re:but how does it work?

Ever heard of a swiss bank account? Those guys are neutral, they will not be coerced by authorities to freeze accounts or neutralize the anonymity of their customers.

Re:but how does it work?

So What is the the point in ransoming in the current era? There must be
something I am missing.

Offshore banks

Simple

[Shivetya]

It is implied that in Russia there are no rights, if the government wants something or someone it doesn't think twice about getting it regardless of the ramifications.

Of course that is not much different from Western Countries, we just like to pretend otherwise.

Re:Simple

Wait, isn't this the modern Russia which has imprisoned and shut down all free media, poisoned the Ukranian head of state, also brazenly poisoning people in other countries. Holds Europe hostage with its petroleum, and Putin is now head of state for life.

When the NYT's has a regime change by Bush after printing something unflattering to him, then come tell me that there is no difference.

Re:Simple

Wait, isn't this the modern Russia which has imprisoned and shut down all free media, poisoned the Ukranian head of state, also brazenly poisoning people in other countries. Holds Europe hostage with its petroleum, and Putin is now head of state for life.

When the NYT's has a regime change by Bush after printing something unflattering to him, then come tell me that there is no difference.

oh relax, there are plenty of states with heads of states for life. And just as many allegations are on the US as well. Finally it is russia's oil. Europe can go buy it elsewhere, that's the nature of a free market economy.

Re:Simple

[Bryansix]

Actually that's not it at all. In Russia there is a pact between the government and the criminal organizations. They like the fact that criminals operate out of Russia and steal money from all over the world and dump it into their economy. The largest criminal organizations in the world are Russian either operating out of Russia or out of China.

Re:Simple

[pembo13]

Thanks for the clarification.

Re:Simple

[dunkelfalke]

you read too much yellow press for your own good

Re:Simple

Of course that is not much different from Western Countries, we just like to pretend otherwise.

Of course, that's why Bush hasn't had any trouble at all forcing his Wall Street rescue plan through, right?

Sorry, but there are only three types of people who can claim that the West is no freer than Russia:

1. Idiots
2. The wilfully ignorant
3. Trolls

Which are you?

Re:Simple

[R2.0]

"Finally it is russia's oil. Europe can go buy it elsewhere, that's the nature of a free market economy."

Not exactly. The main Russian hold on Europe isn't oil, it's gas. And that comes in pipelines. If Russia turns off the compressors, it starts getting very cold in European houses. True, the EU could find other sources, but it would be a while - new pipelines take time to build.

Russia has every right to do whatever they want with their oil, and the EU has every right to go elsewhere - except the EU currently lacks the capacity to do so. In real terms, if Putin wanted a blowjob from Angela Merkel broadcast live on SkyTV, he could get it. And the EU knows it. They may not be happy about it, but the cost of doing business with Putin and giving him cover is cheaper than building more pipelines. The US made a similar choice in our dependency on Middle Eastern and Venezuelan oil, and now it appears we chose poorly - how much do you want to bet the EU ignores that lesson?

Re:Simple

Shut down all free media? They must have forgotten the likes of RTVi and echo.msk.ru.

Poisoned Ukrainian head of state? No sir, "they" *may* have poisoned him. And the motive is?

Poisoning people in other countries? Again, *may* have poisoned Litvienko. Which I doubt, he was nobody.

Holds Europe hostage? Does Russia *force* Europe to buy gas at a gunpoint?

Putin head of state for life? Putin is a highly successeful politician, he will have influence for a long time even if he is not a president.

Now the Land of the Free: executed a head of the state, tried to overthrow another. Killed thousands of people in other nations in the name of democracy. Holds Middle East hostage. Also care to tell me how far back Wolfowitz and Cheney go, is it 80s?

Hypocrite.

Re:Simple

Not to mention they have nationalized their formerly free media so that the U.S. is portrayed as their enemy.

Re:Simple

Actually, I read it as the opposite. They are implying that the Russian government doesn't care and that they let their people get away with any illegal activity that they want, as long as it's against other countries.

Simply put

[JYD]

Isn't the master code the only leverage he has with whoever the virus writer's dealing with? Without it or giving out easily he is as good as dead.

RC4 is broken, not unbeatable..

[nweaver]

Ransomware crypto is not that effective: Backups are good, and the problem is payment is traceable.

And RC4 isn't good for ransomware crypto, it IS broken, badly so.

Re:RC4 is broken, not unbeatable..

[sexconker]

Unless:

By the time you need the data all of your good backups have been rotated through, and now you only have backups of the encrypted data.

The cost of the key is less than the cost to restore the latest good backup, check integrity, and get to the current point in time again (or eat the losses).

You use Western Union.

Your country of origin knows who and where you are, and what accounts your ransom money is being funneled into, and just doesn't care.

You have no incentive to hack away at the encryption because you work in a lame company as the only tech guy and the entire incident is blamed on you, despite the fact that some goob was reading spam and clicking popups against your instruction.

Etc, etc.

Re:RC4 is broken, not unbeatable..

[einer]

Not all payment is traceable, and not all payment is worth tracing.

Re:RC4 is broken, not unbeatable..

No, RC4 is NOT broken.

What IS broken is the implementation required for 802.11 (Wireless LAN) (weak Initialisation Verctors).

Re:RC4 is broken, not unbeatable..

[SL1200MKII]

I agree. WEP uses and implementation of RC4. We all know how "uncrackable" WEP is.

Re:RC4 is broken, not unbeatable..

[Kardos]

If RC4 is broken and "badly so", where is the recovery tool to find the keys?

Hardest part is getting the money

[curty]

The trojan and encryption could be written by any reasonably savvy malware author, but I guess laundering the money you receive would require a certain level of criminal knowledge.
The money goes into an e-gold or Liberty Reserve account, presumably one that has been stolen from a legitimate user, and from there somehow it has to get into the hands of the perpetrator.
If the authorities could track the money after it gets into e-gold (they have tried before) they could get a handle on who is behind this.
This kind of thing will become more widespread so long as the perps can get their hands on the money without being found.

Good business for the average Joe

[Piranhaa]

1. Move to Russia
2. Create virus that encrypts helpless users' data
3. ???
4. Profit!

in America

[vajorie]

this is Russia we're talking about.

wtf? was this supposed to be a joke? your xenophobia was at least a bit funny when it was parodying as a joke and not as blatant xenophobia announced thru headlines.

Re:in America

Mocking Russia for being backwards is not "Xenophobic", it's commentary on the state of Russia. Specifically Russia. As it relates to Russia. The remark is made with derision- not fear.

(nitpicks have been excluded from this post)

There is no part of your statement which conveys information.

Re:in America

[I'm+not+really+here]

DISCLAIMER: I have friends from each of the countries mentioned below, and do not think this of them or their countries of origin.

It is not xenophobia, it is simply stereotyping other cultures. Not that this is the best behavior, but it is common. Here are a few others that are often seen bandied about:

• French: Stuck up snobs who run away from any fight.
• German: Stubborn amoral mules who are in denial of Hitler and the Nazi regimes atrocities.
• Australian: Down-under hicks who always say "G'Day mayte"
• Americans: Fat slobs who think they're better than everyone else
• British: Inbred, with bad teeth
• Africa: Everyone is poor, hungry, and lives in a mud hut.

Now that I've evenly offended pretty much everyone, please read the following before modding me into oblivion:

Stereotyping is what happens when somenoe only sees what little they see in the news or what little they see from video games or movies.

People from France are people (some nice, some not). People from Germany are people (some nice, some not). Etc., etc...

Point being - People are just people, but often, for convenience, people latch onto the stereotypes and just repeat those.

To be honest, for many Americans, their understanding of Russia is likely as follows:
AllOfMP3.com, Russian Mafia from movies, and the Cold War in the history books.

It's sad, I know.

Re:in America

[Thiez]

> Now that I've evenly offended pretty much everyone

I was going to complain about how my country isn't on the list, but then I realized its very omission was offending me, implying it is small and insignificant. Sir, I must congratulate you on finding such an extremely concise way of offending the dutch.

Re:in America

[Loser4Now]

I take offense to the notion that I haven't read Dostoevsky and Tolstoy; that I haven't studied Kandinsky and Chagall; that I don't have an intricate understanding of the ramifications of Russia's socialist past; that I don't speak fluent Russian; and am not on the most comradely terms with many of the motherland's great sons and (particularly) daughters.

I take offense, not because I have such broad knowledge, but because I am an overweight loafer who knows he's better than everyone else. After all, that's what being an American is all about, right?

Re:in America

[jmhoule314]

http://www.obesityinamerica.org/trends.html

America as a country is certainly fat. We are probably better than everyone else to, but my time is too valuable to look up another chart for you jealous foreigners.

Re:in America

> We are probably better than everyone else to

To what?

Re:in America

[maxume]

You left out orientals. And later, vodka.

Re:in America

[ArbitraryDescriptor]

To be honest, for many Americans, their understanding of Russia is likely as follows: AllOfMP3.com, Russian Mafia from movies, and the Cold War in the history books.

and the odd headline about corporations getting nationalized for the hell of it, journalists meeting mysterious and horrifying ends, and Totally-not-President Putin saving a film crew from a tiger.

I think more people make generalizations about the Russian government being run by brutish, psuedo-populist thugs; than they do about the actual Russian people being any particular way. And I think they make that generalization based on fairly compelling evidence presented by the world press. I'm fairly sure that government malfeasance was what the GP was referring to, and not some general failing of all peoples Russian.

It may still be an unfair assessment, I'm sure not ALL of our (US) politicians and government employee's are criminally inclined; but I'm not going to start bandying about accusations of prejudice when someone calls them all crooks.

Re:in America

[Neef]

Here is an interesting point of view from a sci-fi author. http://leofrankowski.com/content/?q=why_i_came_to_russiar

Re:in America

Yes, I also found it paradoxical.
I want to be mentioned, but I dont want to be insulted.. mentioned... insulted...mentio..insult.. aww crap .. next post

Re:in America

British: Inbred, with bad teeth

Wait a minute while I have sex with my sheep...

Ahem... Finished.

We may have bad teeth but atleast ours are our own & not some china suck in 'ones' mouth!... Yes yes one is posh...

Posting something like that is always going to annoy people even if you are 'just making a point'

BTW inbreeding is everywhere...

Re:in America

[I'm+not+really+here]

"you jealous foreigners" ?? I'm American, and I know we are not better than everyone else.

It's amazing, the arrogance of those around me. It makes me sick.

Re:in America

All that happy crap having been said, from being on the inside I can say that Official Lawlessness is the norm, not the exception, in Russia and the rest of the CIS. It's funny because it's true.

Re:in America

[I'm+not+really+here]

Um... left out orientals because I don't know any, and, well, you got me there... Vodka should have made the list for standard Russia stereotype.

Re:in America

[I'm+not+really+here]

I never said prejudice... you missed the point entirely. People, for convenience sake, assume concepts about vast swaths of humanity - they put these stereotypes out there for convenience sake. I never said prejudice, and I never will. "Never attribute to malice that which can be adequately explained by stupidity" or in this case, ignorance.

Re:in America

[shutdown+-p+now]

To be honest, for many Americans, their understanding of Russia is likely as follows: AllOfMP3.com, Russian Mafia from movies, and the Cold War in the history books.

It's sad, I know.

Indeed! As a Russian, I'm extremely offended that you've forgotten to mention our mighty street bears, and the unmatched ability to consume vodka everytime and everywhere.

Russia

[queequeg1]

Is this Russia? This isn't Russia.

uh oh

Does it only encrypt things in my ~/ or is my entire / at risk? Does it include a local privilege escalation exploit? What kernels does it affect?! ...stupid windows users.

Gulag

[suck_burners_rice]

They should lock him, er, excuse me, it up in one of their famous gulags. Make him carry huge rocks from one spot to another, and then back again. Don't let him leave until he verbally tells them the master key. I don't care if he'll have to look it up in his computer. They should keep him there until he verbally tells them the key.

Misplaced your hat again?

[macraig]

Did you go and leave your tinfoil hat at home again? The tinfoil taped around your finger wasn't enough of a reminder, huh?

There's one method:

The only one that works pretty much ALWAYS in Russia: bribe cops to get the name, go and beat the hell out of him. This is a historical fact, and the only proven method that works in that country.

guess the key

Claim to be a victim, then claim to have discovered the decryption key with a "lucky guess". Then you can charge for the key without problems. Put it on ebay!

What a joke

[Cajun+Hell]

According to Kaspersky, stopping ransomware-based malware in the future will require more effective law enforcement, the use of forensic software analysis to tie suspects to their malevolent creations, and possibly building restrictions into the Windows cryptographic software libraries used to create Gpcode itself.

All that is required to stop ransomware is: 1) don't run malware. 2) back up, in case you forget to do step 1 or have other problems (malware isn't the only cause of data loss).

Their last suggestion (requiring some people to use broken crypto and hoping that criminals choose to use that broken crypto) is particularly amusing.

If they can trivially catch this particular criminal, fine. But he's not worth much effort.

Re:What a joke

[Creepy]

Most of the malware is set up to trick the user, such as fake e-cards sent on her birthday (which is how my wife got infected with a virus/spambot pack that included the Windows AV 2008 trojan + ransomware - I wonder if the date was harvested from somewhere...). It also doesn't benefit ransomware providers to ever remove the virus, so they charge money to a bank account in the Caymans or a fly-by-night business front in Russia, cash it in before authorities close in and disappear.

Some ransomware like Windows AV 2008 actually installs MORE malware if you pay the ransom. Fortunately, that one didn't encrypt the drive or she would have lost hundreds of photos as well as work stuff and I was able to rip it out in safe mode using a date search for the infection date (and identified several new virus variants in the process). Almost all ransomware (including the above) originates in Russia or former Russian republics (as do many spambots since spammers are paying Russian virus writers to include them as payload - hey, it's work...).

Re:What a joke

[Thiez]

> Most of the malware is set up to trick the user, such as fake e-cards sent on her birthday (which is how my wife got infected with a virus/spambot pack that included the Windows AV 2008 trojan + ransomware - I wonder if the date was harvested from somewhere...)

Might have been harvested, then again, when you spam millions of people, 1 out of every 365 getting infected isn't that bad, so any date will do, and maybe your wife just got 'lucky'.

Re:What a joke

[Creepy]

true - I should also point out the scamware Windows Antivirus XP 2008 (and 2009 now) is actually a software company run by a Florida guy who is getting sued - the trojan that delivered it as a payload, however is Russian in origin, as were all of the spambots and password and outlook email address cullers that came with it (a check of the dynamic libs the viruses use is an easy way to identify purpose). My bet is the guy hired Russian virus writers (as I implied above), but I just wanted to clarify that this program is NOT Russian - it is an American scammer.

I had heard if you pay for this scamware it downloads more crapware, but I don't know if it is virus infected crapware like the payload of the trojan.

Obligatory post from the encryption noob...

If this ransomware encrypts one of my files, and I have access to a backup of the encrypted file, then how hard would it be to derive the encryption key?

(Not that i need the key to decrypt my data, but rater start my Kaspersky undercutters business)

Re:Obligatory post from the encryption noob...

[jonwil]

If the virus writers were smart and used something like RSA, it would be just as hard to derive the encryption key either way. No method currently exists (AFAIK) that makes cracking a RSA key any faster than a simple brute force.

And of course, if someone DID find the RSA key, the authors of the virus would release a new version with a new RSA key.

More than meets the eye

[BurtCrep]

I'm putting my money on the fact that they *don't* know the identity of the programmer but have a pretty short list all of whom are under surveillance. Saying they know who it is might provoke some panic reaction on the programmer's part like, say, running out of the house with a suitcase and a terrified gaze. The rest is future history.

Much simpler explanation

The guy regularly pays taxes on the loot.

There is no police in Russia

[svadu]

It's funny to mention there is no police in Russia, It's actually called militia :)

Ask Henry Kissinger

[toby]

My son, the war criminal.

so what is it when...

[toby]

We non-Americans mock the insane crackers who would make Palin VP, actually elected Bush and Cheney twice - while we had to endure the global destruction, catastrophe and erosion of rights that ensued - Xenophobia? America hate? Or sober commentary on the state of America?

Re:so what is it when...

[Grishnakh]

The fact that the Russian government is corrupt and screwed up does not affect the fact that the American government is corrupt and screwed up (but in different ways), and that the American people are largely idiots. There's nothing xenophobic about stating these facts; it's simply an observation about the way things are in those particular countries.

BTW, I'm an American.

Also, as for the "global...erosion of rights", WTF are you talking about? The American government can only erode rights within American borders (and occupied countries). If we're eroding your rights somehow, it's because you're stupid enough to let us. I read far too many complaints from non-Americans complaining about our government's effect on their governments and countries. Maybe you should grow a backbone and elect some leaders who won't bend over for America, and will actually work for you for a change. I know Australians bitterly complain about this with their PM Howard a lot. Well, get a better PM! You, the people, are responsible for your own government. If your government sucks, it's your responsibility to change it. Yes, it's our fault as Americans for electing Bush and other crappy politicians, but if they're wreaking havoc abroad (without guns), then it's your own fault for allowing it.

Re:so what is it when...

We did. Just under a year ago. (You don't hear so many of those lapdog jokes anymore, fortunately.)

And we see less of our PM with Bush. Conversely, we see much of our PM with various leaders of Asian countries.

Fair Question

[DynaSoar]

"So why don't the cops do anything?"

Good one. And why didn't the US authorities do anything about the SubSeven author or several others I'm certain they knew about?

I don't have an answer. Neither do they.

Being an arrogant prick, I think.

I mean, if this WERE true, who would think that, say, the US wouldn't keep a script kiddie safe from international law "because he's a US citizen"?

Given how they've treated the requests to have serving men and women from the armed forces to be present at a criminal investigation gives a likely answer.

Extreme corruption

[Nicolas+MONNET]

"Good question, but this is Russia we're talking about." ?? Someone care to enlighten me what that was about?

To give you an example, I have a client who had bought servers last year and put them in a datacenter in Moscow. Eventually the project they were intended for didn't work out, so they tried to ship them back to their HQ in western Europe. The bribes requested to get it past the customs were so high that they gave up on that. Selling them on the local market looked like it was going to be a PITA, for both logistical and accounting reasons, so the servers are rotting away.

Re:Extreme corruption

[Loki_666]

Hmmm, not sure you were going about this the right way. The bribes are usually around 50% of the import/export tax. As the import/export taxes are pretty high its usually a lot cheaper to play the game and pay the officials a backhander to let you through.

You cant complain about the high import/export taxes as you should check what these are before trying to setup an operation in a country (or else buy your systems in the country from the market).

On the other hand if you try and play the game and don't know what you are doing then you are going to get burnt. Guessing the person who was "negotiating" with the customs officials was not a native or not have much experience of life in Russia.

Here is an example, recently they changed the direction of a one way street in our city and not noticing this i went the wrong way down it being used to it being the other direction. Who was waiting for me at the other end but our friendly neighborhood road police officer? Now ive been in the country 5 years but still not experienced at dealing with the corruption here and if i had been alone in the car i would probably had to pay around 1000 roubles for him to let me go without an official penalty which probably would have been a lot more. Fortunately my wife was with me who is a native and basically she "negotiated" a much lower price of 150 roubles because she has a few connections who could make his life problematic if he tried to screw us.

Im not condoning the corruption in this country, just advising you either need to know how to deal with it or stay away from it and pay the official prices which are usually very high.

It means

[74nova]

that they've already stormed his house and killed him.

Oh come on, it's a joke! Have you seen how their police handle hostage situations?

Prejuidice

[TheDarkener]

"So why don't the cops do anything? Good question, but this is Russia we're talking about."

Wow, that's great journalism there. Really speaks out with a sense of unbiased, facts-only wordage there.

Re:Prejuidice

[Xenna]

I'll tell my Russian friend, she must be prejudiced then.

One of her friends - an old university professor - is forced (by poverty) to write the assignments for his own students (the ones who have money but are too stupid to write them themselves).

You know any western countries like that?

Re:Prejuidice

[TheDarkener]

Sounds like the U.S. in about 50 years, actually.

Re:Prejuidice

[Loki_666]

Well, as my wife is a teacher here i understand this very well. Teachers are poorly paid, but i wouldn't use the words forced here.

The main problem here is that most teachers are now so used to accepting bribes to give pass marks and do assignments for the richer students that they are pretty much caught in a trap. They cannot get better paid work outside the academic system than they can when comparing how much they can rake in with bribes by staying where they are.

To compare:
Teacher in our city: between 2k and 8k per month depending on bonuses etc... but with bribes they can easily earn 10 times as much.
Unskilled brain dead woman working on meat counter at supermarket: 16k per month.

Accepted that teachers generally dont want to become workers in a supermarket for the rest of their life.

See book: Exposing Cryptovirology

[sudog]

It's a great treatment of this precise topic.

Check it out here:

Malicious Cryptography: Exposing Cryptovirology

It's an excellent book on the topic, with plenty of technical descriptions and the problems associated with the idea.

Re:The enemy of my enemy is my friend CryptoSpyRid

[davidsyes]

So, what are you saying? Are you saying that if he shacks up... goes under cover... um... takes up residence in Alabama and infects, umm, knocks up... um impregnates an AlaBAMian that there will be a new case of ... CryptoSpyRidium on our hands? (bada boom)...

Did he pad the plaintext with a good RND?

[QuantumG]

Cause I'm pretty sure you'd have a good chance at a known plaintext attack... being that it's your freakin' data and all.

Re:Did he pad the plaintext with a good RND?

[interiot]

Yeah, known-plaintext attacks work on it. The Gpcode author is generally really inexperienced, and is still making really basic mistakes (symmetric encryption, d'oh), but even persistent-but-dumb script kiddies are successful once in a while.

only one solution?

[boto]

"Gpcode used 1024-bit RSA/128-bit RC4 to lock up victims' data, an uncrackable combination that left the world with only one solution: find the virus author to get the master key."

What about learning to do backups?

Re:The enemy of my enemy is my friend CryptoSpyRid

Was this your right hand or left hand?

Matthew 6:3,4(King James Version, Authorization Version 1611);
"[3]But when thou doest alms, let not thy left hand know what thy right hand doeth:[4]That thine alms may be in secret: and thy Father which seeth in secret himself shall reward thee openly."

How do you say

[XNine]

"All your home folder are belong to us" in Russian?

Re:Merkel blowjob?

[Loki_666]

Thats it, im going to have bad dreams for weeks now.

Russia

[Friendly+Pyro]

Dern Russians

Re:Merkel blowjob?

[R2.0]

"Thats it, im going to have bad dreams for weeks now."

My work here is complete.

Virus seems humorous, in a way...

[LiteralKa]

[...]Gpcode used 1024-bit RSA/128-bit RC4 to lock up victims' data, an uncrackable combination that left the world with only one solution: find the virus author to get the master key.[...]

Reminds me of a program that steals your password, then prints it out on your printer. Same type of humor, if that.