Re: I love you Author evidence ?

[BlueBoar () THIEVCO COM (Blue Boar)]

Roelof Temmingh wrote:
> +
> +MANILA (Reuters) - The Philippines said Sunday the United States was
> +helping to track down the source of the ``Love Bug'' virus that ravaged
> +computers worldwide and an official said the suspected hacker was a woman.
>
> Hey, I dont get it..really. If I released a virus, I would take some
> precautions:

Yes, I've often thought that the folks who pulled these tricks didn't
hide well enough.  Makes me wonder how many of these things get out
by accident.

> 1. Every single bit of data is sent and received from cybercafes
Anyone know what kind of tracking these cafes do?  I used to have
to hand over my student ID in college to use the machines in their
labs.  These places have cameras?

I touch on this a bit in a rant I wrote a while ago:
http://www.thievco.com/rants/trendysec.html
(It's after the biometrics stuff.)

> 2. All information submitted (realname, address etc) are fictious
> 3. All sessions are executed from different cybercafes.
> 4. Where possible, anonymizers are used to hide physical location.
How about Zeroknowledge and similar services?

> 5. Where real information (such as credit card information) are used, the
> infor
> mation is stolen.
> 6. The attacker does discuss methods and actions with ANYONE - no silly
> hacker
>    handles are left anywhere.

Yea, well they all seem to blow it on that count, don't they?

> Eh? Now, tell me how the FBI could track me down? (oh BTW if some FBI dude is
>
> reading this, I sure like to hear some comments)

I don't qualify as FBI.  My few comments though:

-Everyone is aware that ISPs log caller ID info, right?
-There's lots of IDS systems out there nowadays.. you'd
be smart to be very careful about what systems you try
to bounce off of.  Trying to use an anonymous machine as
your true source is probably the only workable tactic.
-Sanitize your malware.  I'm sure everyone knows about GUIDs
now.