Slashdot Mirror
Only 100 Cybercrime Brains Worldwide, Says Europol Boss
mrspoonsi writes There are only "around 100" cybercriminal kingpins behind global cybercrime, according to the head of Europol's Cybercrime Centre. Speaking to the BBC, Troels Oerting said that law enforcers needed to target the "rather limited group of good programmers". "We roughly know who they are. If we can take them out of the equation then the rest will fall down," he said. "This is not a static number, it will increase unfortunately," he said. "We can still cope but the criminals have more resources and they do not have obstacles. They are driven by greed and profit and they produce malware at a speed that we have difficulties catching up with." The biggest issue facing cybercrime fighters at the moment was the fact that it was borderless. "Criminals no longer come to our countries, they commit their crimes from a distance and because of this I cannot use the normal tools to catch them. "I have to work with countries I am not used to working with and that scares me a bit," he said The majority of the cybercrime "kingpins" were located in the Russian-speaking world, he said.
Perhaps 'only' 100 that you know about, but that statement is clearly insane. These attacks aren't just done by some long haired, Dorito fueled teenager with 16 screens and a hot girlfriend. Like everything else these days they're done by teams of people. Somebody good at Windows, somebody good at Cisco routers, someone skilled in social hacks, somebody with access to money.
I don't know why we even bother with these sorts of articles. They guy's credibility is about as good as the average politician.
"It is a tale told by and idiot, full of sound and fury, signifying nothing."
Faster! Faster! Faster would be better!
Troels Oerting said that law enforcers needed to target the "rather limited group of good programmers". "We roughly know who they are.
Oh, they're crafty I tell you, those little programming bastards!
What this world is coming to - is for you and me to decide.
...are we talking about Microsoft here?
national security annexation
Of course the top cyber criminals are from former soviet bloc countries. That's where the top spammers have resided for a long time as well, and there is a lot of overlap between the two sets. While in the US we don't have anti-spam laws that mean anything, in those countries the people tasked with enforcing the laws are openly accepting bribes from people who violate them.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
They know roughly who they are, there's only 100 or so of them, forget trying to catch them or bring them down, just give them jobs.
Those who are in it for the money, give them lots of money, those who are in it for the thrill or the challenge, turn them into assets, give them money, equipment and protection then use them against unfriendly nations
Emmanuel Goldstein doesn't exist dude. There's no need for the daily Two Minutes Hate.
This is about like going after Al Queda's no 2 guy. There will always be more and really if you have problems with these guys the next set are going to throw you into fits.
Secret service, maybe, but not NSA
"We roughly know who they are. If we can take them out of the equation then the rest will fall down,"
The same rhetoric is encouraged by the military industrial complex to start wars that benefit their bottom line. This is no different.. "give me the resources and I'll finish it up" -- yeah, just like the War on Drugs, too, right? Nonsense. You can't attack something without the centralisation and infrastructure of stable nations or organisations, which is why things like "Bomb Isis!" fail so miserably. This dude is just making monkey statements to get funding for his department, to which even if he succeeded in taking down "the hundred kingpins", nothing would ultimately change as others would rise in 'their' place.
Funny how some nutjob who thinks he can beat annoying advertising...spams everywhere with annoying advertising. Using host name-resolution mechanisms isn't the do-all end-all cure that he makes it out to be. Instead of crappy ads on websites we now have crappy posts inside forums.
Only 100 cybercrime brains worldwide behind organized crime
there's thousands of small time smart cyber criminals that aren't making headlines or in many cases not necessarily even doing anything 'wrong' but would technically be considered cyber criminals
...that scares you a bit? Then quit your fucking job and get someone competent. We don't need some fucking pussy on this, we need someone who will get the job done.
Between China, North Korean and the former Soviet countries there are THOUSANDS of programmers who can make sophisticated exploits and there are probably as many in the free world.
You're just another power-hungry twit looking to implement toll-roads to everywhere on the information superhighway.
Pain is merely failure leaving the body
Here's an issue with blocking ads. (I say this as an individual who makes no money from serving advertisements.) You cut into revenue generation for the sites that you like. In other words, if everyone used your products in the way that you intend it, their favorite sites would likely cease to exist. How does your application ensure that sites like /. who make their revenue from ads continue to fund themselves?
Your quote (on the linked comment) also doesn't say what you want it to say. Remember, in the movie, they ended up destroying pretty much all of humanity. Unless your objective is to do that with people's internet experience, you might want to ensure you aren't conveying that.
It's probably because they want to block ads. You have to admit, you are essentially trying to post ads (without paying /. for them).
The only way to protect you're selves from cybercrime is to not put you're assets in easily accessible places by 'cyber criminals'. Believing you can catch all the criminals to end crime is the worst fallacy I've encountered.
* crime is not caused by criminals, it's caused by situations that cause the majority of people to become criminals.
* Cybercrime is on the rise because the payouts are better then other forms of crime.
* People are getting smarter and so are criminals too
* Our internet infrastructure is woefully in-adequate for what we want to use it for. But no one is willing to go back to the older and more reliable way of doing this. Which also had their fair share of dirty issues (filecabnets raided in the middle of the night out of the white house anyone)
Needless to say if you don't want people to be criminals. Don't give them incentives to be criminals and try to reform people or bring them up so they feel like being a part of society rather then antisocial sociopaths.
Of course there's probably no way to eliminate sociopathy 100% from the human genome. But there is good reason for it right now. Eliminate that reason and we'll decrease it 100 fold.
So what are you telling me is that you cache entries from DNS in your hosts file. Any reasonable DNS forwarder and most OS's will cache DNS for quite some time (unless their TTL is short). My point is, TTL exists for a reason. Overriding that will cause things to break in the event that a site ever changes (one reason could be an actual attack, other reasons could be changing a host and not having the funds or desire to set up a reverse proxy and keeping an old IP forever.)
Blackholing sites is typically something I would do at the DNS forwarder level, which you are now conveniently skipping. Hence, users of your application on my network would have to be trusting your list. What's to stop you from getting upset at some site (let's use example.com here) and simply blackholing them for all of your users? That seems to run counter to most thoughts here.
So far, your posts have told me the following:
1) Anyone who contends that your approach may not be the wistest, must not know what they are talking about.
2) You believe that your approach and software is perfect or near perfect.
Which leads me to believe that it will quickly fall out of maintenance, and could even become a security vulnerability (pointing people to sites that look like the one they asked for, but have subtle differences.) I'm not entirely sure that's the type of image you want to be conveying.
All that being said, I could be totally wrong. I know I have a lot to learn, even though I work with this stuff and support myself, my familiy, and a few community members with my knowledge. I understand that I must keep learning and progressing if I want to continue to do so.
Please don't double post. It makes it hard to follow discussion and see if you've replied to me earlier. I've noticed a few times you double post and then claim that no one rebuttaled your claims when they did, but it was on another post. Is that intentional?
P.S.=> "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend", which later caused nearly all of humanity to be destroyed. Not sure that's what you want to be saying about your software. :P
Actually, hosts are simply nodes connected to something, generally an internet accessible area. They aren't anything that you mentioned unless they are configured to perform that role.
I think what you meant to say is that your hosts file can be those things. In which case, you are partially correct.
It could be a valuable layer of defense and a speed gainer granted that you (or your organization) don't somehow become compromised and start pushing out or providing poisoned DNS entries. Do you have source available that can be audited? Letting unaudited software at that layer is dangerous. Your site has a lot of text, but doesn't say much. Also, you talk about how ads are terrible, but I could count quite a few on your site. As mentioned elsewhere, how does using your application support the websites that I like?
Why is the NSA so expensive if they only have 100 employees?
The Beta Interface is very inaccessable to visually impaired users because of the colors and the low contrast between sections and their boundaries. It should not be used as the default.
Don't know why they don't take them down like they did the early mobsters. The IRS or whatever the country uses to tax and keep a track of ones money for taxation? I mean we are talking billions of dollars stolen from all around the world and none has a clue how someone got so much money from unemployment checks or not working at all. Or theses guys have a ton of cash in the beds.
Jack of all trades,master of none
Tell idiots w/ their bogus downmods to cut the crap & I'll honor that request: Otherwise? I'll simply exhaust out those douchebags' modpoints eventually, by reposting... after all:
I didn't SEE anyone validly disproving my points to justify a -1 downmod here http://yro.slashdot.org/commen... OR here http://yro.slashdot.org/commen...
* :)
Yes, it's *THAT* simple to outsmart & outthink the cretins around here... & that said? Well - time to post it, again!
Especially when I see them "Run, Forrest: RUN!!!" vs. my simple & FAIR challenge to them, ala -> http://yro.slashdot.org/commen... after vainly *trying* to put words in my mouth I never said
OR
When they utterly technically FUCKUP as they did here too -> http://yro.slashdot.org/commen...
(Now, funniest part? "Best they got" vs. those FAILS of theirs was BOGUS unjustifiable downmods - lol, which "ain't much" & actually helps ME prove MY points in favor of hosts adding speed, security, reliability, & more for users of them... also proving them EFFETE LITTLE WHIMPS @ the same time! I love it...)
APK
P.S.=> Unlike OTHER ac posters (or rather most)? I have NO LIMITS on my ability to repost - my whimp "ne'er-do-well" ac troll detractors have limits on modpoints, no matter HOW many sockpuppets they have for "farming karma" with, & I'll run 'em dry (thus, I will *ALWAYS* win)...
... apk
Stopping them infecting you (what you can't touch can't hurt you): My FREE hosts program adds speed, security, reliability, & more, by doing more, more efficiently vs. addons + fixes DNS' issues:
APK Hosts File Engine 9.0++ 32/64-bit:
http://start64.com/index.php?o...
---
Hosts add reliability vs. downed/redirected dns
Hosts secure vs. malicious domains too -> http://tech.slashdot.org/comme... w/ less "moving parts" complexity
Hosts files yield more:
1.) Speed (adblock & hardcodes fav sites - faster than remote dns)
2.) Security (vs. malicious domains serving malcontent + block spam/phish & trackers)
3.) Reliability (vs. downed or Kaminsky redirect vulnerable dns, 99% = unpatched vs. it & worst @ isp level + weak vs DGA, & Fastflux + dynDNS botnets)
---
* Hosts do more w/ less (1 file) @ faster levels (ring 0) vs redundant inefficient addons (slowing slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ os, & 1st net resolver queried w\ 45++ yrs.of optimization).
* Addons = more complex + slow browsers in messagepassing (use a few concurrently & see) & are nullified by native browser methods - It's how Clarityray's destroying Adblock.
* Addons slowup slower usermode browsers layering on more - & bloat RAM consumption + excessive cpu use too (4++gb extra in FireFox https://blog.mozilla.org/nneth... )
Instead, work more efficiently + less redundantly w/ a native kernelmode part - hosts (An integrated part of the ip stack).
---
Bottom-Line: I'm doing MY part... how about the REST of you?
APK
P.S.=> "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"
...apk
That sounds about right, 'cause I know 99 besides me.
"Do you have source available that can be audited?" - by Anonymous Coward on Saturday October 11, 2014 @02:16PM (#48120185)
Per my subject: The BEST in the security antimalware & antispyware business currently http://www.av-test.org/en/news... who also host my program for hosts, per this test is who -> http://hosts-file.net/?s=Downl...
They even recommend it as "best of breed" & HOST it for me!
---
"Actually, hosts are simply nodes connected to something, generally an internet accessible area. They aren't anything that you mentioned unless they are configured to perform that role." - by Anonymous Coward on Saturday October 11, 2014 @02:16PM (#48120185)
Hosts files aren't what you say: They're not "hosts" but lists of them resolved (or blocked).
---
"you are partially correct." - by Anonymous Coward on Saturday October 11, 2014 @02:16PM (#48120185)
I am *TOTALLY* correct on *anything* I post on hosts.
---
"It could be a valuable layer of defense and a speed gainer" - by Anonymous Coward on Saturday October 11, 2014 @02:16PM (#48120185)
It IS a valuable speed & bandwidth gain, security gain, & reliability gain + more...
---
"you (or your organization) don't somehow become compromised and start pushing out or providing poisoned DNS entries." - by Anonymous Coward on Saturday October 11, 2014 @02:16PM (#48120185)
IMPOSSIBLE - while my program runs, it is supplemented by UAC + WFP/SFP w/ my app applying read-only to the hosts file (& while it runs resident it locks hosts vs access by other apps but allows IP stack which uses it in kernelmode to access hosts).
Impossible to alter hosts while my app runs.
Virus can't affect my program either - It self-checks itself @ startup & if it alters by even 1 BYTE? She warns the user to reinstall it & shuts down.
APK
P.S.=> I've proven "experts" (antivirus companies) wrong, 7 in total, on false positives on it (would you like proof of that too? See here -> http://tech.slashdot.org/comme... ) apk
I didn't know the NSA had s few employees
"DNS forwarder and most OS's will cache DNS for quite some time" - by Anonymous Coward on Saturday October 11, 2014 @01:55PM (#48120113)
More moving parts complexity + room for breakdown & exploit (+ higher electrical use).
Kaminsky redirect poisoning security flaw, anyone?
It's UNPATCHED on 99.999% of ISP dns servers out there by the way (even though a patch has existed for a decade now).
---
"Overriding that will cause things to break in the event that a site ever changes" - by Anonymous Coward on Saturday October 11, 2014 @01:55PM (#48120113)
Already VALIDLY DISPROVEN that here -> http://yro.slashdot.org/commen...
---
"Which leads me to believe that it will quickly fall out of maintenance, and could even become a security vulnerability." - by Anonymous Coward on Saturday October 11, 2014 @01:55PM (#48120113)
Already disproven... see just above & the post it links to.
---
"So far, your posts have told me the following: 1) Anyone who contends that your approach may not be the wistest, must not know what they are talking about. 2) You believe that your approach and software is perfect or near perfect." - by Anonymous Coward on Saturday October 11, 2014 @01:55PM (#48120113)
Hosts = Better than running a local DNS machine (higher bills + risks of dns redirect poisoning (COULD patch, good luck with MX records setup, which STOPS ISP's from doing it iirc OR double your DNS overheads opting for TCP vs. UDP port 51/53 communications etc.)), & better than redundant wasteful HIGH OVERHEADS browser addons doing FAR MORE than they can w/ less!
APK
P.S.=>
"I could be totally wrong" - by Anonymous Coward on Saturday October 11, 2014 @01:55PM (#48120113)
You're wrong (& missed points I already proved wrong).
HOWEVER:
YOU had the BALLS to *try* validly prove my points wrong - but I've seen those "points" many times before & blown them away validly with facts - thus my "naysayers/detractors" resorting to unjustifiable downmods as "their best"... apk
America has a cybercrime gap with the ex-commie-courntries and unless it can catch up quick, the economy will suffer.
Do you even *KNOW* how many dozens of times since 2004 ads have malicious code in them? I "held off" releasing my program UNTIL mid 2012 in fact out of respect for what you point out until that started happening (was ready in late 2003 in fact) around 2004 onwards, moreso than ever.
Once that infecting of users from ads REALLY started?
It was signalling me that GREED is causing NEGLIGENCE on the part of BOTH advertisers & webmasters NOT auditing the code in the ads or their sources etc. - et al.
Guess what?
THEN, after that?? Out the door to the masses she went for folks, for FREE, so they had more speed, security, reliability, & to an extent, more anonymity even.
Why??
What comes into MY or YOUR HOME, via MY/YOUR CONNECTION, is subject to *ANYTHING* I want to do to the data streaming in... including blocking ads...
Why???
---
1.) Ads steal speed I paid for
2.) Ads steal bandwidth I paid for (which caps are going to cause folks issues that hosts can save them bandwidth on, since up to 40% of site mass nowadays IS ads)
3.) Ads infect folks with malicious code
---
* Need I say more? I absolutely KNOW not.
APK
P.S.=> Strong sites will survive. Those into it for MORE than just "bucks" will too, because they LOVE what they do (not just money made off of it). The net was just FINE before it got "massively monetized" (ask Animats, he's pretty respected around here & does something QUITE like what I do, but as a webservice: He'll agree (he's even worked on the IP stack itself iirc)) - it will be even with adblocking... apk webmasters NOT auditing the code in the ads or their sources etc. - et al.
I am done with /. because of your post. GG.
Showing folks an EASY way to get more speed, security, reliability, & anonymity online... + it's gotten SO MUCH DEMAND, that MalwareBytes' hpHosts site HAD to move to Un-DDoS'able AMAZON hosting since not only demand in downloads of my app created, but also demand for data it streams in from them + 12 other reputable security sites that produce similar data.
* Does this site HELP me "p.r." it? Yes... absolutely. Slashdot pr CAUSED what I noted above in fact... largely!
(Guess it's "ok" (not) for INFERIOR + INEFFICIENT Open SORES crap like AdBlock crippled by default defeating it's very purposes pr'ing's ok but not for me? LOL - Wrong... Hosts & my program for it literally do 15x as much as "Almost ALL Ads Blocked" does, FAR more efficiently, by far as well... beat that with a stick!)
APK
P.S.=> My points & facts I post on it are SO well thought out, that the ONLY THING that MOST of my "naysayers/detractors" have is unjustifiable downmods, but nothing more - let alone disproving my points on it, which they NEVER validly do (look @ my posts above as proof thereof)... apk
No matter how many good programmers are on the Black Hat side, Why are there "known" security holes in Unix,Linux,Windows, etc that remain for years.
Not to demand perfection, but fixing known problems and using security goals in your design and implementation, sound like a good product/project bullet point.
Nobody in a city builds a nice house, moves their valuables into it, decorates the walls and has OPEN windows & SCREEN DOORS for secure entrances.
Surrounded by idiots in a fort built by fools, running low on ammo.
Hoped your Software Engineering degree would produce better results.
Don't be embarrassed by the naked photos, I was wearing a mask.
Love Mom
I am NOT fucking around about what I said here either after you threatened to burn my house down etc.? You'll get THIS you little pissant fuckwad http://yro.slashdot.org/commen... shit you not.
APK
P.S.=> You little FUCK of a weasel little bitch... apk
It looks like, you have all the solid logical arguments to explain that Poetterings work is pointing in the wrong way. I especially love your way of clear argumentation. However, I would recommend to be more precise next time and please try to avoid using the word fuck, body parts and relations to family members.
Thanks
I'm pretty sure this is the best troll I've seen all week. It seems that someone is impersonating APK, because, as we all know, APK's hobbies include host files and gardening--not popping a cap in people.
Are the 100 programmers their own employers, or do they work for others? In the latter case, removing them will just result in malware programmer turn over.
Don't write he's a pedo or that you'd burn his house down then http://yro.slashdot.org/commen...
Comment removed based on user account deletion
Every hierarchy pyramid has a level at which there are 100 people remaining until the top. His statement was irrefutable, but useless.
Religion is what happens when nature strikes and groupthink goes wrong.
All administrations do eugenics to breed supporters of their administration. This leads to the extinction of their society as they cannot compete against non-eugenicized societies. They therefore need all the world to be centrally controlled so they can successfully breed their zombie supporters without interference from real humans.
https://en.wikipedia.org/wiki/...
Casteism
"Troels Oerting said that law enforcers needed to target the "rather limited group of good programmers"
So, Troels is just trolling.
Comment removed based on user account deletion
Speedup Favorite Sites tab 3rd over http://start64.com/index.php?o... reverse-DNS pings your favorite sites list you create: NO problem on that account!
I only place 24 of my favorite sites I spend 95++% of my time @ online (per my router logs analyzed)
It equates out to 2-3++ MILLION indexed seeks gaining speed for them since they are @ the TOP of my custom hosts file immediately queried in max 24 tries & ARE RESOLVED LOCALLY FROM RAM once cached!
(Rest of my hosts file is 3,227,815++ of blocked entries that I never intended to get to, since they're known malicious, & that protects me - so who cares how "fast" I "get to" those - I never intend to get to them to protect myself or users of my program).
News aggregator sites like /. help too!
Why/How?
They keep me from "hopping all over" & calling out to OpenDNS (the external dns resolver I rarely use since I spend my time on a limited # of sites only, just like folks have favorite TV channels - they're kaminsky flaw patched + use DNSSEC between themselves & their upstream updaters too)
Heck - I get better summary + analysis from commenters HERE, with less bias (or hidden agendas being propogated as is often the case in source articles).
That's HOW favorite sites "hardcoded" in hosts topmost portion gains me even MORE speed (since hosts are 1st resolver queried by the IP stack itself & I turn off the local dns clientside cache usermode SLOW service in Windows since it FAILS on larger hosts files: A known problem in Windows) beyond ad blocking too.
* I get what I paid for bigtime in my online monies I pay out in speed & security + reliability too (which hosts hardcodes also help when DNS gets redirect poisoned or downed. DNS admins HAVE to love me for that - I lighten up their request loads too!).
APK
P.S.=> Downmodding this last time I posted this? Thanks for proving you're stupid -> http://yro.slashdot.org/commen... proving MY point there, again, too... apk
You are however, MORE than welcome to validly technically disprove my points here http://yro.slashdot.org/commen... though vs. downmodding effete attempts @ "hiding" your fuckups here http://yro.slashdot.org/commen... & here http://yro.slashdot.org/commen... + here too http://yro.slashdot.org/commen... you effete little fuckwad.
* Good luck - you'll NEED it (more like a miracle, since it can't validly technically be done - truth & facts ARE like that!).
(Hosts are merely what I said they are (as well as say, Aryeh Goretsky of NOD32/ESET fame to me in email - want that quoted here? Ask & "ye shall receive"...) - hosts files are a:
1.) Valuable layer of defense ... & more...
2.) A speed gainer for monies you pay out for monthly as well as a bandwidth cap saver (40% of sites ARE ads eating that up too)
3.) A reliability gain too (vs. downed or dns poisoned dns))
APK
P.S.=> Prediction: I'll either get MORE effete weasel type "trolling", bogus unjustifiable downmods, OR an utter evasion of my challenge put to the ac weasel I just replied to, guaranteed - weak trolls are *ALWAYS* the same - "ne'er-do-wells" & PREDICTABLE as hell, lol... apk
So you are posting ads for your adblocker. Ethics man, ethics!
Then why are ads on your site? Seems like an ethical issue for you.
Since you do a DNS lookup for the initial creation, if the DNS was poisoned at that point, then you will be saving those poisoned results and even AFTER it is discovered or fixed, you won't have it resolved, since you are skipping DNS altogether. You run your tool hoping that you aren't already poisoned. That isn't in increase of security, that's hoping you aren't compromised and that nothing with change.
I have a router (since I have multiple devices on my network) and I am handling DNS there. I'm not consuming any additional power by doing things according to spec in the manner that I described.
You link to your own comments claiming that they disprove what has been said. Please link to something other than yourself. In fact, you bring up all sorts of names and such, and I'm sure you have lots of connections with lots of people, but your humility is lacking to the degree that I would have a hard time wanting to associate with you. Also, it doesn't actually address the humility concern that I have with your software. Also, the lack of humility concerns me with your deciding one day that no one should be able to visit some site so you add them to your blacklist. You haven't been helping your cause here.
See subject-line above, & I *never*, EVER, see them (even there - they only display it for me) + again:
1.) Ads steal speed I paid for
2.) Ads steal bandwidth I paid for (which caps are going to cause folks issues that hosts can save them bandwidth on, since up to 40% of site mass nowadays IS ads)
3.) Ads infect folks with malicious code
* Need I say more? I absolutely KNOW not...
(Greed & NEGLIGENCE on the part of BOTH webmasters AND advertisers justify my blocking adbanners out for the reasons enumerated above alone... period!)
APK
P.S.=> What comes into MY home, thru MY connection (where I paid for both) absolutely *IS* subject to how I WANT TO FILTER IT also - period (& for me, using hosts, it means I get every drop of speed + bandwidth I paid for blocking ads, as well as a safer + more reliable online experience)... apk
Yet not I? Wrong... heck, adblock doesn't even DO ITS JOB RIGHT anymore & clarityray is dismantling it + adblock doesn't do a FRACTION of what hosts can for added speed, security, reliability & more (WITH LESS)...
* :)
I only post facts & truth on hosts (that you & yours can't disprove validly mind you, lmao) + I supply a way to make the BEST possible hosts file easily with data from 12 reputable security community resources for it... & *IF* that makes me "wrong"? Then, I don't *WANT* to be "right" (like you - not)...
(You can't win vs. myself on *ANY* grounds here - which personally, I think is VERY funny... & easy to do!)
APK
P.S.=> So to your "ethics man, ethics" I can only say in response, to you, "bullshit man, bullshit" (lol)... apk