http://www.securityfocus.com/news/10271

By Kevin Poulsen, SecurityFocus

yeah just read it lol
unbelieveable


BN Says:
You gotta contribute more than this...10 points for this one and more below...not a good start for a trial member

GG illmob, you turned "pro".

Now you need a new alias though, glad to see you're on the good side again. How many years did this information knock off your sentence?

Nick's picture. Or, picture of the dude you busted:


He's the tall dude on the far left.

Two of his posts to Pen-Test:
http://www.derkeiler.com/Mailing-Lists/sec...03-01/0064.html
http://www.blacksheepnetworks.com/security...lndev/1778.html

Full-Disclosure:
http://lists.netsys.com/pipermail/full-dis...ril/004490.html

Where he worked: (or his personal website)
ethicsdesign.com

He really shouldn't have been passing around agency documents on IRC. That's the surest way to get someone interested in what you're doing.

Note: I'm aware that it doesn't say illmob turned him in, I'm just being a prick.

Very nice read

BN says: another 10 pointer

Wow, SecurityFocus makes it quite glamorous, I felt like I was watching a movie...lol

he was a good mentor, and will be missed. The sad part is he had recently goten a nice job and had put his darker hobbies to rest not but two months ago.

Was his pseudonim Ethics?

i dont know but i must sa that he did a good job in penetrating the tmobile server
not good but u got to have some skills to do that
well he got caught should serve him as a lesson not to fool around with SS stuff
or the other stuff that he got

Yes.



That may explain why he compromised quickly and agreed to help the Secret Service.

Ideally though, someone must have multiple names and monikers in order to be a true asset to any federal agency. This must mean he's active in other aspects of security. He's still young too, and really probably never thought he'd go through with the sale of private info. But who knows.

The thing is, these federal agencies do not develop a devastating approach to squashing underground sites. Ideally, one would infiltrate a site/forum, be active for several months, show their prowess, then start up their own site with "better features". Then, maybe have a tiff with the admins or so. But do it loudly and publicly so everyone knows about the other site.

Then, when the feds do bust the original site, the folks will move to the new site, completed with a tracking/monitoring script that goes so far as to actually get the LAN IP of the visiting users. A script like my PHP tracking script I'm working on, which breaks things down even into stuff like state, city, zip, browser, os, using a java trick to get a real ip even behind a proxy, etc.

This other site, which is now the only place left for the underground, will monitor for approximately a week or two more, then collapse. The underground will lose all forum contacts with each other and will have to rely on emailing and etc. It would be a devastating blow, one which would give the feds a plethora of info, and allow them to completely devastate the underground.

The public display of "BIG BROTHER IS WATCHING YOU" that they did is ill-advised. I was pretty disgusted that they would do such a ridiculous thing. It promotes fear of the government, and no one wants to live in a 1982-ish reverse-utopia.

I'm all for helping the federal agencies out and such, but they've got to approach things not with a power-tripping bravado, but with an actual concern. If the suspected black hat is *NOT* committing a crime, communication should be candid and personal. I often have my doubts that the feds have taken a practical approach to apprehending legitimate blackhats.

One thing of concern to me is the fact that they are only able to go after these social blackhats. What about the loner? What about the guy programming/writing the next destructive worm? What happens if there is actually a horrible payload?

trust no one ,funny how they all turn snitch

True but then again its both their own stupid thought for trying to sell the information it the public domain and attracting that kind of attention.

No matter how good you are if you try to sell/publish national secrets it is only a matter of time before you will be caught.

following/monitoring lists like full-disclosure and the like,... and seeing that 'illwill' now commenting as 'xillwillx' from a gmail.com account claiming to not release those celebraties pics apparently gathered (who is interested in seeing yet another blowjob...anyway? ) does make me raise an eybrow there....just my $.02 , yet knowing that T-mobile just like T-online or the great mother of the german backbone T-com who they all depend on, do have their issues, clearly PoC'ed several times, over and over again, being published even in a freely to buy book (at least over here in good OLD german Europe(hi Donald:) ) published by Thomas Vosseberg and shipped with a ready to use : hey s'k1dd1es, b00t that..; CD, rather urges me to lower both eybrows, shut my eyes, and even let me think of quitting my job (gimme some space and i will hammer that CD up somewhere, just not on my very own ftp ever) nuff said.

actually i switched from my yahoo account to gmail for full disclosure a few months ago becauseit did better at sorting the incoming bullshit emails.. but im glad to see you on my nuts

I gotta give you crap at least partially for hosting my hta2 cracking utility in your 0-day directory without asking. :/

Aside from that though, I'm interested in just how far the feds are going with the whole Economic Espionage Act thing. Do they really expect a jury to believe that you were selling trade secrets? Or do they only have to convince a judge?

IMHO, they should have just left it as a civil dispute between Microsoft and you. If MS wanted to sue they could have, and rightly so. But instead, they are trying to make this a criminal act, because they probably wouldn't have a case otherwise.

I don't know. Just smells fishy to me. I suppose if I made a new version of the ActiveX exploit tool, they'd try to find some way to tag something cruddy on me. Right now I have a version that goes so far as to totally randomize the variables and etc so Norton and McAfee cannot possibly detect it. If I had even furthur ways to obfuscate it, it'd be a nightmare.

I guess it's just a good thing I'm not releasing it publicly. Yet anyway. I'm starting to seem some foreign spammers using modded versions of htaver2.zip code. That kind of burns.

In response to the securityfocus site and the comments by those above. I dont know where the writer of this article got his information and im not bashing on his article it shows him in a lighter light, but in no way will the man known as Ethics become any type of informant or work cooperatively with the government even if in doing so yielded reward. Im not sure what familiarity you all have with him but to the extent that I know him and that others close to him know, hell will quite literally freeze over before Ethics turns fed.

hey illwill where those pics he sent you just before he was busted any good?

He's cooperating with them right now. What are you talking about?

They don't care if he gets hurt in jail, and if you're seriously looking at the prospect of 30 years or none, you're telling me you're not going to cover your own behind?

I want to tell all of you how much I have enjoyed reading the posts here. I also enjoy a number of the other forums. I guess the part I don't understand about the person who got busted, was he doing it just for kicks or was there money involved. I personnally can't see risking federal prosecution without at least making a buck. Maybe its the new younger generation. In my day it was vax stations and keypunch.

Noteriaty came when you did something successful, but I guess with government lieing, corporate cheeters I guess doing the dishonest thing has become a sign of the times.

I personnally don't hack unless I'm on someones payroll to do so. Yet to each their own.

Those of you on the path traversed by pirates please be careful and from somewhere I hope you can someday be successful in doing the right thing.

Keep the great material coming

Uncle Ed

ed,
don't just take....add your own....that's what community is all about

I would love to add my own, not one to be much at picking fights though. I guess I'm old fashioned and know what battles to choose. However it is like viewing a bad accident and I can't help it but to slow down and gawk.

So from time to time I do join in.

I have been away from the action, out of work for three years. I recently got a job in a warehouse. I visit these places to see what I have been missing from the industry that I had given so muct to in the past and dearly miss.

I'm sure the opportunity will present itself for me to speak out, and when it does I will.

Uncle Ed

Picking fights? Is that how you see it? I fashion us as a "nice" board where flaming and outbursts are extremely limited. What did you mean?

I thot we were rather friendly.

Of Course I think this is a nice board.....ha.....haha...hahaha......hahahahahahah.
Ok the last chuckle was me just having a good time. I figure if I get too caught up in the drama I figure I'm going to cross maybe an admired individual or beleagured colleague. From a previous employer I haved saved several CD's full of flaming email, maybe thats why they are previous.

I'm sure I will step in too deep at some point. Just let me know when I'm in over my head. I'll remember to bring my snorkel gear.

I'm just a tired old hardware man,trying to relive some old memories.
May all your seperators /// \\\\ be infinite.

Uncle Ed