A Hacker's Audacious Plan To Rule the Underground

An anonymous reader writes "Wired has the inside story of Max Butler, a former white hat hacker who joined the underground following a jail stint for hacking the Pentagon. His most ambitious hack was a hostile takeover of the major underground carding boards where stolen credit card and identity data are bought and sold. The attack made his own site, CardersMarket, the largest crime forum in the world, with 6,000 users. But it also made the feds determined to catch him, since one of the sites he hacked, DarkMarket.ws, was secretly a sting operation run by the FBI."

Article?

"Once inside, he sucked out their content, including the logins, passwords, and email addresses of everyone who bought and sold through the sites. And then he decimated them, wiping out the databases with the ease of an arsonist flicking a match."

This seems to be written more like a work of fiction than an account of the hack. The description echo'ed the language used in Jeffery Deaver's "The Blue Nowhere".

Ah. It all becomes clear

[girlintraining]

It wasn't that this guy was whacking other underground sites, it's that he also nailed the FBI's "sting" website. The FBI and him engaged in a turf war, because if there's one thing the government hates, it's stealing. It hates competition.

Re:The article leaves out a key piece

[Burning1]

There's a huge difference between criticism and ridicule. To be frank, most of us went through that kind of stuff growing up. Very few of us turned out anti-social.

Re:Very unfair image

[Frosty+Piss]

Max is/was/will always be a guy who stole identities and money other people, in many cases making their lives living Hell. You can toot all you want about the evil FBI, but fact of the matter is that Max is a thief who took things that didn't belong to him.

Re:Rather interesting line at end of article...

[theLOUDroom]

What a load of hogwash!

analysis of keyboard wear [...] might have assisted the effort greatly

No. It would not. It's pretty simple. How many times do you type your password vs. how many times do you type some other word? Try doing some computer simulations if you don't believe me. The data will be lost in noise.

The point of encryption is not to provide absolute protection for all time against all efforts but rather to provide protection for a limited amount of time as a function of the resources of your adversary.

No. The point is to take advantage of math problems that are asymmetrically hard to solve.
The goal is to create the largest force multiplier you can. This is how crypto differs from regular security.
The perfect cipher would be simple enough for a human to compute readily on a single piece of paper while resisting the brute forcing efforts of a computer built using every atom on earth, clocked at one terahertz and running since the beginning of the universe. It's a issue of scale. The "force multiplier" effect avaible from crypto is greater than anything in the physical security world. Imagine instead that instead of working with of E = MC^2, you were working with E = C*2^M. See how it's different? The work required to brute force a key baloons very quickly.

Even the best encryption will eventually fall to a determined enough adversary with enough resources to throw at the problem.

No, actually that's not a certainty.
In order for what you said to be true there would have to be fundamental weaknesses in ever cryptographical scheme ever conceived, now or in the future.
If we find even one decent algorithm, free of shortcuts, then by using a large enough key it is possible to ensure that your data is not decoded before the death of the sun.

which sounds reasonable if government super computers were being enlisted in a distributed brute force search of the keyspace.

BASED ON WHAT? Why is months any more reasonable of a timeline to crack an unknown encryption scheme with unknown resources? Why not milliseconds? Why not millenia?

You have NO IDEA, what a reasonable time scale would be and you're just talking out your ass here.

I suppose some my consider me rude for point that out, but there are those of us who find people randomly making things up to support their argument to be rude.