Slashdot Mirror
Interview: Grill John Vranesevich of AntiOnline
Before you start posting questions for John, you may want to learn a little more about him. First check his Web site, AntiOnline. Then take a look at this story about him in The New York Times (free registration required). And, for a sample of the kind of animosity John has stirred up among some members of the "inner circle "hacker/cracker and computer security crowd, you might want to check this site, too.
We expect this interview to be full of fire. Fine. We have our flameshields set to "high." But realize that the questions we forward to to JP Tuesday afternoon are subject to our usual screening process; we're only going to send him the 10 - 15 questions deemed most interesting and/or relevant by Slashdot moderators and editors, so please try to be as level-headed as possible.
John's answers will appear Friday.
Seeing slashdot contribute to the fame of such a character just really disgusts me. Everything I've read says that this guy is a self-promoting nobody who doesn't know his stuff, and everything I've seen him do involves him sueing someone because they came out and said as much. The only question I have is why he even thinks he deserves to be interviewed here. I've never heard of anything positive coming from him and I've heard of a lot of negative stuff
-Mike
Mr Vranesevich:
Having read many accounts of your interactions with the staff of attrition.org, it seems to me that your claims against them are generally unproven and rash. Their rebuttals are always filled with detailed fact and systematic, step by step analysis of the topic at hand. Please clarify why you feel that attrition.org is such a dangerous force, yet you have neer been able to present HARD EVIDENCE to that point.
--
I live in the ocean
Four-digit slashdot ID. Recognize.
Many of us in the hacker community (not cracker) used the Packet Storm security site for information and research. You had it shut down for some alleged things in the /jp directory. Explain to us why you called Stanford to shut it down rather than dealing with the maintainer. What did you accomplish by threatening to sue other than futher harm your image and remove any creditbilily you had?
-Davidu
# Hack the planet, it's important.
No, I think it's in Slashdot's best interest as a journalistic medium to do this.
However, I think it's in Slashdot's _readers'_ best interest to utterly ignore this article if they think he's a fraud. Look into his past yourself (and don't necessarily take either him or his biggest detractors at face value) and determine if you think he needs more free publicity or not.
The best thing those of us who _are_ detractors can do is:
1. Don't ask questions under this article
2. Don't moderate any questions in this article up
...from a loyal /.'er
Don't send this guy a dang thing. Everything I have seen from both his side and those of his detractors has painted him as a sham and a joke. I really don't give a sh*t what he thinks, I know his opinions are biased and baseless. Don't taint what have been quality interviews with this tripe.
+&x
It is a shame to see slashdot come to this, knowingly selecting highly inflamatory material with little to no redeeming value, for the sake of increasing banner revenues. I first noticed this with Katz, but now I'm seeing it with JP as well. Both are nothing but cheap hacks. It would be a waste of words to describe how and why, I believe the "editors" know full well what they're doing.
I've said it before, and i'll say it again; I believe slashdot may very well hurt themselves financially in the long run. Though these "articles" may create short term revenues, they detract from the site. I have little doubt that the real secret to slashdot is intelligent discussion. Katz and JP simply tear it apart--leading to flame and dogma. The people who participate vigorously in such discussions tend to be younger, immature, etc. People, such as myself, on the other hand, only have so much tolerance for this kind of behavior. When the more intelligent people (better contributors) leave, the heart and soul of slashdot will too. With out this certain intellectual vitality, slashdot will rapidly degenerate.
PS: I said I wouldn't, but I changed my mind...I knew JP a couple years ago on undernet (IRC) in #cha0s, and other such channels. He was, and always will be a clueless idiot. He is a horrible writer. He doesn't know the first thing about computer security. What he is, is an opportunist, and a not very intelligent one at that. The reason he is "popular", if you could call it that, is that he was in the right place at the right time. Namely, he acted as a conduit for the media when "Analyzer" (the moronic israeli hacker) did his thing. Since that time, he's been trying desperately to sensationalize everything and purporting himself to be an expert. In short, he's a hack.
What is the basis for your attacks on security Experts such as Attrition.org?
To Clarify the question:
Why do you proclaim them to be 'dangerous hackers' while they do essentially the same thing you claim to do, except that they do so better, faster, and more professionally.
Kintanon
Check out JoshJitsu.info for Brazilian Ji
Why did you deliberately block links from Slashdot, HNN, and any other site who criticized you during the closure of Packetstorm?
I remember visiting AntiOnline a few days after the packetstorm incident by following a link from slashdot, and being bounced with a message that read something like 'The page you are being refered by is a known hacker website...'
Can you please explain how you classified Slashdot, a site which reports news, does interviews, and encourages discussion as a Hacker website?
Kintanon
Check out JoshJitsu.info for Brazilian Ji
Why did you decide to let Slashdot interview you? How did the response you got compare to what you expected?
---- sonoffreak
But John Vranesevich?
He is arguably the most despised figure in the h(cr)acker community, with Carolyn Meinel neck and neck. Both of them follow the same ideals and public image. What's that? Being a FAKE. Vranesevich has shown many many times that he has absolutely no clue about real computer security, and has been proven beyond a reasonable doubt in my mind that he goes to disgusting lengths to get a story, i.e.: "Hey, here's some cash. Hack that site, and let me cover it." (Attrition's site has remarkable backing for this theory.)
What's more, Vranesevich absolutely cannot stand being criticized. Any site which puts up content that criticizes, parodies, or shows Vranesevich to be a fraud, he throws a fit, cries, and threatens legal action. Attrition, Innerpulse, PacketStorm all have received threats. (At one point, Slashdot ran a less-than-flattering story about him, and I E-Mailed CmdrTaco letting him know that he quite possibly might get possible legal action from JP. (Nothing happened, but everyone knew it could have.)
You may be wondering how I know all of this. Well, a long long time ago, JP was an operator in a very large IRC channel on undernet. I happened to be an op too. The difference is, I still am. He knows I know him, as does everyone in the channel. We knew him when he was a small time loser. He's still a loser, but now just big-time.
Which is why I'm puzzled, amazed, and quite frankly disappointed that Slashdot chose him for an interview. He's not at all insightful, and can't offer any kind of intelligence to this forum.
-- Give him Head? Be a Beacon?
-- Give him Head? Be a Beacon? :P)
(If you can't figure out how to E-Mail me, Don't.
How do you respond to allegations that the FBI is investigating your knowledge of attacks before they happened and the accusations by some hackers who performed said attacks that you paid them or otherwise coerced them to do it in order to have coverage for your website?
Why do you feel that sites containing satirical humor based antionline are not protected by law and therefore open to your threats of legal action?
I've kept one lazy Eye on the subject at hand. While I could spout my beliefs, I would instead like to give a listing of places to visit so you could make up your own mind. A good portion of what is out there is negative. JP has made a few too many enemies. And those enemies are quite vocal. OK, I will spout a little bit. I think most of what he has done is juvenile and a bit underhanded. However, I've never really heard his side of the story. JP tends to hurl inflammatory remarks towards his accusers instead of actually debating the subject. Anyhoo:
/ 0927.htm
i g=&restrict=&exclude=&method=and&words=ant ionline
o n&q=%2Bantionline+%2Burl%3Amsnbc.com&kl=XX &stype=stext
% 2Bantionline+%2Burl%3Awired.com&kl=XX&pg=q
% 2Bantionline+-url%3Aantionline.com&kl=XX&p g=q
http://www.attrition.org/negation/
http://kuruption.cha0s.org/jp/jp.html
http://www.forbes.com/columnists/penenberg/1999
http://www.antioffline.com
http://www.antionline.com
http://www.happyhacker.org
Try running a query on HNN's news archives:
http://www.hackernews.com/cgi-bin/htsearch?conf
Try specific queries with AO and certain News Orgs:
http://www.altavista.com/cgi-bin/query?pg=q&sc=
http://www.altavista.com/cgi-bin/query?sc=on&q=
Search Altavista for the keyword Antionline, but exclude any from that domain:
http://www.altavista.com/cgi-bin/query?sc=on&q=
I'm sure there is more, but I cannot think of any off hand.
Reality is like a Suitcase, we only take it out of storage when needed. -penfold
Are the rumors that you will be spinning off a sister site called Anti-Anti-Anti-Online to dispell the malicious accusations and deprecations of your obviously magnanimous professionalism and intellect and to further bolster the image of Anti-Online and your integrity as a computer-security-expect-guru-enthusiast, true?
It's 10 PM. Do you know if you're un-American?
by NME
There are a lot of security information sites on the net, of varying quality. Why should I read AntiOnline? I suppose I'm wondering what you feel that you're adding/offering that makes you unique.
by mochaone
Why are you hated so damn much and do you care?
by Rabbins
How do you define your current role? -and- How do you see your role in the future?
by platypus
What were your most important works in the security related area, ie. posting to relevant(!) mailing lists (let's say bugtraq, ntbugtraq, RISK), articles in magazines, papers or lectures?
by Kintanon
What is the basis for your attacks on security experts such as Attrition.org?
by imac.usr
What's your opinion on the security of wireless standards like 802.11? Are devices like the AirPort secure enough, and if so, for how long?
Additional question of my own:
Why are you so law-suit happy with your detractors and rivals? A lot of people have critized you for this, from fellow security sites to Forbes magazine. How does it help you (if it does)? If it doesn't help you then why do you do it?
Hey slashdot editors! I know you are busy, and maybe that's why you thought interviewing JP would be a great idea. I've already posted a comment on why I think this is a very bad idea. So I thought I would try and be productive. Here is a list of people who are of the right caliber to merit an interview (that is to say, try interviewing great folk like this FIRST before wasting your time and ours on JP):
(from the 1999 Free Software Award Nominee page)
Granted, some of these have been covered already, but maybe a handful at the most. I must confess to maybe knowing who 10% of these people are. I would sure like to know something about the rest of them. Just imagine all the cool stuff each of these people has to offer--why in the world are we looking to interview inflamatory, damaging people like JP?
Just trying to help :-) I figure 80 some odd suggestions should keep you busy for a while.
"Doubt your doubts and believe your beliefs." -- Switchfoot, Ode to Chin
Several months ago I was raided by FBI for supposed involvement with the "hacker" group gh. The extent of my involvement was participating, as a caller only, in illegally funded phone conferences. JP, who also participated in this conferences, labeled me as a hacker, and a member of gh on his "news" site. Neither of these accusations are true. He has many more ties to this and other hacker groups than I have ever had. My first question is this; If you label me a hacker, than do you label yourself one? Are you in your little database of supposed computer criminals? Secondly, How can you pretend to be taking a stand against "hackers" while you are involved in the same activities?
My third question is in regards to your coverage of the situation. You posted unconfirmed information from an unreliable source in regards to the status of my employment at a prominent software development company. As a result of this I was contact by several news agencies, and immediately stereotyped as a hacker even though I have never illegally penetrated any computer system, nor had I been charged with, or accused of any crimes by the FBI. In response to this I granted one news agency an interview, which I thought went well, but also backfired. As a result of the negative press my former employer could not even consider allowing me to stay. My question being, Do you expect people to consider you as a reliable news source even though you report data which you receive through unreliable channels? And lastly, Did you ever stop to think what the impact of your coverage might be? It seems to me that in your rush for the big story you have failed to check for the correctness in your articles, and as a result of this you are hurting innocent people, such as myself. I'm sure this has gone on in other cases, but mine is the only one I have enough knowledge to comment on. I don't attribute these unfortunate events to you, but you certainly did not follow good news practices in reporting them. You have only served to injure my credibility and your own.
Lastly, have you ever considered what legal action may be taken against you for your involvement with these criminals? Do you even recognize the hypocrisy of your stance on hackers being one yourself by your own definition?
Sincerely,
Jeff