Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Anonymous Builds New Haven For Stolen Data
Newest First  |  Oldest First  |  Threaded View
bhunji
50%
50%
bhunji,
User Rank: Apprentice
4/21/2012 | 8:48:32 AM
re: Anonymous Builds New Haven For Stolen Data
anti-privacy slant : you focused your article on the doxing purpose of such a tool, while this is only 1 possible side of the story. Would you present knives as mean machines designed to pierce hearts and cut throats ? Because this is exactly what you're doing here with ZeroBin and AnonPaste. You absolutely focus on the potential harm (or "arguable harm according to administrations who like their offenses to remain secret").

Vouching for Savage's software : His name's "Sauvage" not "Savage", and yes I support his tool as well as the guy. Your article brushes very quickly on the privacy side of things which is the core reason for Sauvage creating ZeroBin. When he release the first version of it, he mentioned clearly the reason. But you are sweeping everything under the rug in order to present YOUR truth, and how evil it is to not accept embedding a governmental camera in your butt 24/7 so that authorities can spy on you... oh wait ! I meant to say "so that authorities can make sure that you're not a terrorist, a pedophile, or maybe even worse... an anti-war or anti-corruption activist".

And BTW you did not answer my remark about privacy being trampled for the past 10 years. Do you deny it? Or are you not aware of it? if that is the case, you don't belong in the tech news industry. But if you spin the reality along the lines of authority's claims, well... for the sake of politeness, let's just say it would be bad. And you not mentioning this aspect of things in an article covering a ZeroBin installation is already lame (or politically oriented).

Sauvage's software hasn't been stress-tested ? Of course not ! it is a brand new thing and you should know that if you had read Sauvage's website. But have you read ANYTHING beyond Sauvage's CV on his website, despite how irrelevant that may be compared to technical aspects ? Have you cared to look at how it works and why it provides privacy ? It provides privacy because the server doesn't know what the data is about. All encryption happens within the browser. And if you don't trust it, it is all javascript... meaning it is on your computer and you can read the code.
Mathew
50%
50%
Mathew,
User Rank: Apprentice
4/20/2012 | 12:45:22 PM
re: Anonymous Builds New Haven For Stolen Data
Bhunji, not sure where you're finding the anti-privacy slant. So, are you vouching for Savage's software? Some Anonymous participants have seized on -- in your words -- a two-week-old tool to handle submissions in a way that they say will maintain anonymity. Given the tool's immaturity, it's obviously not been stress-tested for these types of scenarios, and what's to say it can't be surreptitiously subverted? Why should it be trusted (yet) to provide privacy?
bhunji
50%
50%
bhunji,
User Rank: Apprentice
4/20/2012 | 8:37:35 AM
re: Anonymous Builds New Haven For Stolen Data
This article is a joke and so is its author. So you've been checking Sebastien Sauvage's CV but you did not care to read what he wrote about ZeroBin, even though this piece of software has been created (and therefore commented upon) barely 2 weeks ago ? So you go to ridiculous lengths to assume that the beta status of the software is due to whichever reason your cognitive dissonance is gonna make up so as to fit the White House's propaganda ? Go read what Seb Sauvage freaking wrote about it !!! FFS, it's all on his website ! But no ! Obviously you, Matthew, enjoy gargling Obama's balls.

And you'll spread the word how Anonymous are evil, and how ZeroBin is made for evil H4x0r when you seem to ignore how privacy (you heard about it, right? you know that regular normal non-hacking people used to have a right to privacy?) has been beaten to a pulp for the past 10 years online and offline ?

You're a moron and sellout, Matthew !
Andrew Hornback
50%
50%
Andrew Hornback,
User Rank: Apprentice
4/20/2012 | 2:06:48 AM
re: Anonymous Builds New Haven For Stolen Data
Anyone who honestly believes that these anonymous systems don't collect data about where the submissions come from should really consider buying this bridge that I have for sale in Brooklyn.

Once information it digitized, it can be tracked if it is transmitted. Period, end of story. And honestly, perhaps the software was designed in a way as to not track where submissions come from, but anyone looking at the logs of the server that the software runs on and/or the logs of an upstream router will be able to figure all of that out.

Andrew Hornback
InformationWeek Contributor


COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/30/2020
'Act of War' Clause Could Nix Cyber Insurance Payouts
Robert Lemos, Contributing Writer,  10/29/2020
6 Ways Passwords Fail Basic Security Tests
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/28/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How to Measure and Reduce Cybersecurity Risk in Your Organization
In this Tech Digest, we examine the difficult practice of measuring cyber-risk that has long been an elusive target for enterprises. Download it today!
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15703
PUBLISHED: 2020-10-31
There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an unprivile...
CVE-2020-5991
PUBLISHED: 2020-10-30
NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerability in the NVJPEG library in which an out-of-bounds read or write operation may lead to code execution, denial of service, or information disclosure.
CVE-2020-15273
PUBLISHED: 2020-10-30
baserCMS before version 4.4.1 is vulnerable to Cross-Site Scripting. The issue affects the following components: Edit feed settings, Edit widget area, Sub site new registration, New category registration. Arbitrary JavaScript may be executed by entering specific characters in the account that can ac...
CVE-2020-15276
PUBLISHED: 2020-10-30
baserCMS before version 4.4.1 is vulnerable to Cross-Site Scripting. Arbitrary JavaScript may be executed by entering a crafted nickname in blog comments. The issue affects the blog comment component. It is fixed in version 4.4.1.
CVE-2020-15277
PUBLISHED: 2020-10-30
baserCMS before version 4.4.1 is affected by Remote Code Execution (RCE). Code may be executed by logging in as a system administrator and uploading an executable script file such as a PHP file. The Edit template component is vulnerable. The issue is fixed in version 4.4.1.