No idea where it came from, but today the techno-geek community of Twitter woke up and decided en-masse that it was a good day to make pun-esque jokes about protocols and other computer technology. You probably need to be a geek to understand these, let alone find them funny. The following is a compilation of my favourite #protolols:
@yoz: order best is tell that The you thing can about jokes BitTorrent them in any
@eigenrick: The problem with TCP jokes is that people keep retelling them slower until you get them
@RichGibson: DHCP jokes only work when there is only one person telling them
@rickasaurus: The problem with token ring jokes is you need to wait your turn to laugh
@dasfiregod: The worst part about token ring jokes is that if someone starts telling one while you are telling yours, all joking stops
@KippiHax: I was promised a three way and all I got was a TCP handshake
@xntrik: The problem with git jokes is everyone has their own version
@thornmaker: I would tweet a joke about CSRF if you hadn’t just done so yourself
@zhov: I tried to come up with an IPv4 joke, but the good ones were all already exhausted
@akujobi: My HEAD hurts because I don’t GET all the HTTP jokes y’all PUT on my timeline. I have to DELETE some of them POST-haste
@securitygen: I received a Tor joke from someone… have no idea who they are though…
@securitygen: I’d make a joke about UDP, but I don’t know if anyone’s actually listening…
@securitygen: Let me speak out in the open: Telnet IS a joke!
It appears that the website (rm’d), email and Twitter account of the much disliked LIGATT CEO Gregory D Evans have been hacked, and 84,668 of his emails have been leaked in a 4.15GB torrent. Evans, self-declared “World’s Number 1 Hacker” and also a convicted felon, is frequently outed by many in the security industry for his use of plagiarism, fraud and unethical practices. This leak is probably due to his consistent harassment of security professionals who have been vocal about exposing his activities. A full and descriptive profile of Evans is available at SecurityErrata.org.
Messages were posted on Evans’ hacked Twitter account (above), pointing to a Pastebin (since removed). Here is an excerpt:
Do not meddle in the affairs of hackers, for they are subtle and quick to anger.
When one thinks of frauds in the infosec community, most people are quick to point to Gregory D Evans of LIGATT Security[…]
He’s gone after people at their home to intimidate them and their family. He’s gone after them at their work to discredit them with their employer. And as everyone knows, he recklessly sues anyone who speaks negatively of him on the internet[…]
Enough is enough. He must be stopped by any means necessary. To that end, at the end of this message is a torrent of the inbox of email@example.com.
The end of the message contained a link to another pastebin (also removed), which was a Base64-encoded torrent file. The password for the archive in the torrent, as posted on his Twitter feed, is “DoomedCharlatan”. Ligattleaks (now offline), a site dedicated to leaking information about Gregory Evans’ activity (although they say they were not involved in this particular leak), have announced that they will be trawling the emails for evidence of fraud and unethical behaviour.
[Updated] Ligattleaks is back online offline
online offline, for good it seems. Another security firm (HBGary) hacked and exposed for investigating Anonymous.
[Update 15/2/2011] CBS Atlanta had a news segment about LIGATT and Gregory Evans entitled “Hacker or Hoax”. LIGATT responds to CBS Atlanta (link removed as his site was found to be distributing malware). This post debunks LIGATT’s response.
The US Department of Justice (DoJ) filed a subpoena against Twitter, demanding for the personal information of a number of known Wikileaks supporters. These include Birgitta Jonsdottir (a member of the Icelandic parliament), Rop Gongrijp (a Dutch hacker), Jacob Applebaum (Tor developer), Bradley Manning (solder believed to have leaked info to Wikileaks), and Julian Assange himself. The order requests a large amount of personal information including:
- Subscriber names, username, etc
- Mailing, residential, business and email addresses
- Connection records, and records of session times and durations
- Length of service, and type of service utilized
- Telephone or other subscriber number
- Means of payment (including any credit card of bank account number)
- All Tweets (private or not)
The original Order was sealed, meaning that the intended targets of the information request could not be informed that their data was being subpoena’d. At Twitter’s request, the Order was unsealed, and the targets informed. Many of these individuals will undoubtedly be contesting the subpoena, for which they now have 10 days. It is believed this information is being requested as part of a growing criminal investigation into Wikileaks.
I’ll be using Twitter to post thoughts/ideas/links about stuff that might not make it onto this site. To get in on that action, follow me on there by clicking on the birdy below:
For those of you without Twitter accounts, I’ve added a feed displaying my last five tweets at the bottom of the sidebar. RSS-addicts can also subscribe to the RSS of my Twitter feed.
You can subscribe to the main Security Generation RSS/Atom feed here.