infinite51

Does anyone have a Disaster Recovery Plan, for FBI raids?

44 posts in this topic

Kim Zetter of Wired.com Reported: FBI Defends Disruptive Raids on at least two confirmed Texas Data Centers

[url="http://blog.wired.com/27bstroke6/2009/04/data-centers-ra.html"]http://blog.wired.com/27bstroke6/2009/04/d...centers-ra.html[/url]

"Among more than 300 legitimate businesses affected by the raid on Crydon were Intelmate, which provides inmate calling services for prisons and jails and had about $100,000 in equipment seized in the raid; a credit card processing company that had just become PCI compliant and was in the process of signing on its first customers; Primary Target, a video game company that makes first-person shooters; a mortgage brokerage; and a number of VoIP companies and international telecoms that provided customers with service to the U.S. through servers belonging to a separate company Faulkner ran called Intelivox. These customers essentially lost connectivity to the U.S. after the raid, Faulkner says."

CBS also has run a story on the raids at:

[url="http://cbs11tv.com/local/Core.IP.Networks.2.974706.html"]http://cbs11tv.com/local/Core.IP.Networks.2.974706.html[/url] ,including video of the FBI loading hundreds of computers in the back of trucks.

If company's such as Liquid Motors, LLC ( [url="http://www.liquidmotors.com"]http://www.liquidmotors.com[/url] ) can be put out of business and have the FBI and government confiscate all of their equipment valued of over $400,000+ because they sublet space out of a Core IP cages.

Wired.com Magazine also published the court documents and TRO and lawsuit filed by Liquid Moters, Inc v Lynd/ USA at

[url="http://blog.wired.com/27bstroke6/2009/04/company-caught.html"]http://blog.wired.com/27bstroke6/2009/04/company-caught.html[/url]

Not only does it bring up the legality of the FBI to seize servers and digital data that Law Firms, CPA's, Doctors, and anyone else that in entrusted with sensitive information and is bound to protect, that has equipment in Data Center's or Colocation Facilities.

But it also now brings up how to work with your Insurance providers, lawyers, and Data Centers to incorporate into your Businesses Disaster Recovery Plan, so you can get back online and functioning. Any Ideas ?

I have compiled a listing of numerous documents and links to news stories [url="http://www.securityfocus.tv/dallascolo/"]http://www.securityfocus.tv/dallascolo/[/url] , I will also be working on .zipping all of the documents up so they can be easily downloaded. Edited by Infinite51

Share this post


Link to post
Share on other sites
[quote name='Infinite51' post='335656' date='Apr 8 2009, 09:30 PM']Kim Zetter of Wired.com Reported: FBI Defends Disruptive Raids on at least two confirmed Texas Data Centers

[url="http://blog.wired.com/27bstroke6/2009/04/data-centers-ra.html"]http://blog.wired.com/27bstroke6/2009/04/d...centers-ra.html[/url]

"Among more than 300 legitimate businesses affected by the raid on Crydon were Intelmate, which provides inmate calling services for prisons and jails and had about $100,000 in equipment seized in the raid; a credit card processing company that had just become PCI compliant and was in the process of signing on its first customers; Primary Target, a video game company that makes first-person shooters; a mortgage brokerage; and a number of VoIP companies and international telecoms that provided customers with service to the U.S. through servers belonging to a separate company Faulkner ran called Intelivox. These customers essentially lost connectivity to the U.S. after the raid, Faulkner says."

CBS also has run a story on the raids at:

[url="http://cbs11tv.com/local/Core.IP.Networks.2.974706.html"]http://cbs11tv.com/local/Core.IP.Networks.2.974706.html[/url] ,including video of the FBI loading hundreds of computers in the back of trucks.

If company's such as Liquid Motors, LLC ( [url="http://www.liquidmotors.com"]http://www.liquidmotors.com[/url] ) can be put out of business and have the FBI and government confiscate all of their equipment valued of over $400,000+ because they sublet space out of a Core IP cages.

Wired.com Magazine also published the court documents and TRO and lawsuit filed by Liquid Moters, Inc v Lynd/ USA at

[url="http://blog.wired.com/27bstroke6/2009/04/company-caught.html"]http://blog.wired.com/27bstroke6/2009/04/company-caught.html[/url]

Not only does it bring up the legality of the FBI to seize servers and digital data that Law Firms, CPA's, Doctors, and anyone else that in entrusted with sensitive information and is bound to protect, that has equipment in Data Center's or Colocation Facilities.

But it also now brings up how to work with your Insurance providers, lawyers, and Data Centers to incorporate into your Businesses Disaster Recovery Plan, so you can get back online and functioning. Any Ideas ?[/quote]

Buy a really REALLY big external harddrive.

No, but seriously, how can you prepare for something like that?

Share this post


Link to post
Share on other sites
[quote]According to the owner of one co-location facility, Crydon Technology, which was raided on March 12, FBI agents seized about 220 servers belonging to him and his customers, as well as routers, switches, cabinets for storing servers and even power strips. Authorities also raided his home, where they seized eight iPods, some belonging to his three children, five XBoxes, a PlayStation3 system and a Wii gaming console, among other equipment. Agents also seized about $200,000 from the owner's business accounts, $1,000 from his teenage daughter's account and more than $10,000 in a personal bank account belonging to the elderly mother of his former comptroller.[/quote]

I don't get it, why would they even seize his kids' iPods and their gaming consoles? This seize is obviously super damageable in every way, I'm sure they could have found a better to "solve" the unpaid bill problem than financially destroy the guy like that.

Share this post


Link to post
Share on other sites
[quote name='Aghaster' post='335689' date='Apr 9 2009, 07:29 AM'][quote]According to the owner of one co-location facility, Crydon Technology, which was raided on March 12, FBI agents seized about 220 servers belonging to him and his customers, as well as routers, switches, cabinets for storing servers and even power strips. Authorities also raided his home, where they seized eight iPods, some belonging to his three children, five XBoxes, a PlayStation3 system and a Wii gaming console, among other equipment. Agents also seized about $200,000 from the owner's business accounts, $1,000 from his teenage daughter's account and more than $10,000 in a personal bank account belonging to the elderly mother of his former comptroller.[/quote]

I don't get it, why would they even seize his kids' iPods and their gaming consoles? This seize is obviously super damageable in every way, I'm sure they could have found a better to "solve" the unpaid bill problem than financially destroy the guy like that.
[/quote]
They take that stuff because some people will hide things on the families stuff. It is a stupid thing but some people think that no one will find their stuff there. Now Why they take power strips is beyond me.

Share this post


Link to post
Share on other sites
[quote name='hrddrv' post='335696' date='Apr 9 2009, 09:10 AM'][quote name='Aghaster' post='335689' date='Apr 9 2009, 07:29 AM'][quote]According to the owner of one co-location facility, Crydon Technology, which was raided on March 12, FBI agents seized about 220 servers belonging to him and his customers, as well as routers, switches, cabinets for storing servers and even power strips. Authorities also raided his home, where they seized eight iPods, some belonging to his three children, five XBoxes, a PlayStation3 system and a Wii gaming console, among other equipment. Agents also seized about $200,000 from the owner's business accounts, $1,000 from his teenage daughter's account and more than $10,000 in a personal bank account belonging to the elderly mother of his former comptroller.[/quote]

I don't get it, why would they even seize his kids' iPods and their gaming consoles? This seize is obviously super damageable in every way, I'm sure they could have found a better to "solve" the unpaid bill problem than financially destroy the guy like that.
[/quote]
They take that stuff because some people will hide things on the families stuff. It is a stupid thing but some people think that no one will find their stuff there. Now Why they take power strips is beyond me.
[/quote]

What about taking $1000 from his teenage daughter's account? Eh...

They took ALL the damn servers out of the place, most of them being completely unrelated (many companies were co-locating their servers there). They literally killed many businesses.

Share this post


Link to post
Share on other sites
[quote name='hrddrv' post='335696' date='Apr 9 2009, 08:10 AM'][quote name='Aghaster' post='335689' date='Apr 9 2009, 07:29 AM'][quote]According to the owner of one co-location facility, Crydon Technology, which was raided on March 12, FBI agents seized about 220 servers belonging to him and his customers, as well as routers, switches, cabinets for storing servers and even power strips. Authorities also raided his home, where they seized eight iPods, some belonging to his three children, five XBoxes, a PlayStation3 system and a Wii gaming console, among other equipment. Agents also seized about $200,000 from the owner's business accounts, $1,000 from his teenage daughter's account and more than $10,000 in a personal bank account belonging to the elderly mother of his former comptroller.[/quote]

I don't get it, why would they even seize his kids' iPods and their gaming consoles? This seize is obviously super damageable in every way, I'm sure they could have found a better to "solve" the unpaid bill problem than financially destroy the guy like that.
[/quote]
They take that stuff because some people will hide things on the families stuff. It is a stupid thing but some people think that no one will find their stuff there. Now Why they take power strips is beyond me.
[/quote]


ANYTHING digital (Ie: Phones, MP3 Players, cameras, SD Cards, USB sticks) can/has to be seized according to their standard protocol. (Sneaky people can hide data anywhere)

Share this post


Link to post
Share on other sites
[quote name='R3c0n' post='335711' date='Apr 9 2009, 08:18 AM'][quote name='hrddrv' post='335696' date='Apr 9 2009, 08:10 AM'][quote name='Aghaster' post='335689' date='Apr 9 2009, 07:29 AM'][quote]According to the owner of one co-location facility, Crydon Technology, which was raided on March 12, FBI agents seized about 220 servers belonging to him and his customers, as well as routers, switches, cabinets for storing servers and even power strips. Authorities also raided his home, where they seized eight iPods, some belonging to his three children, five XBoxes, a PlayStation3 system and a Wii gaming console, among other equipment. Agents also seized about $200,000 from the owner's business accounts, $1,000 from his teenage daughter's account and more than $10,000 in a personal bank account belonging to the elderly mother of his former comptroller.[/quote]

I don't get it, why would they even seize his kids' iPods and their gaming consoles? This seize is obviously super damageable in every way, I'm sure they could have found a better to "solve" the unpaid bill problem than financially destroy the guy like that.
[/quote]
They take that stuff because some people will hide things on the families stuff. It is a stupid thing but some people think that no one will find their stuff there. Now Why they take power strips is beyond me.
[/quote]


ANYTHING digital (Ie: Phones, MP3 Players, cameras, SD Cards, USB sticks) can/has to be seized according to their standard protocol. (Sneaky people can hide data anywhere)
[/quote]

Heh, you're right, sneaky people can hide data ANYWHERE.

They went way to far though, taking money from his daughters saving account, taking his mothers money, and damaging innocent peoples lives.

Sure, Obama can mortgage California for billions of dollars from China, but this guy can't borrow 500grand for a business?

Share this post


Link to post
Share on other sites
Out of country backup colo ? The way of the pirate bay.
Anything gets seized and you just change the dns records, ssh in and grab your files.. back up and running in under an hour (minus dns propagation time).

Share this post


Link to post
Share on other sites
[quote name='Aghaster' post='335689' date='Apr 9 2009, 06:29 AM'][quote]According to the owner of one co-location facility, Crydon Technology, which was raided on March 12, FBI agents seized about 220 servers belonging to him and his customers, as well as routers, switches, cabinets for storing servers and even power strips. Authorities also raided his home, where they seized eight iPods, some belonging to his three children, five XBoxes, a PlayStation3 system and a Wii gaming console, among other equipment. Agents also seized about $200,000 from the owner's business accounts, $1,000 from his teenage daughter's account and more than $10,000 in a personal bank account belonging to the elderly mother of his former comptroller.[/quote]

I don't get it, why would they even seize his kids' iPods and their gaming consoles? This seize is obviously super damageable in every way, I'm sure they could have found a better to "solve" the unpaid bill problem than financially destroy the guy like that.
[/quote]

The Agent believed that information may have been stored on the eprom chips within the gaming consoles, he also believed that "he may have hide txt files within '.jpeg images'". Keep in mind that this same Agent served in Desert Storm prior to working for the Feds, so perhaps he heard about these types of techniques used by foreign governments... At the very least I personally am very intrigued to find out what type of rig or forensics equipment they use to investigate a Xbox, Playstation and wii gaming consoles. If anyone can find out a technical whitepaper on this, I am sure everyone here that is involved in Forensics investigations would be interested in hearing.

PS: I am including a word document with Michael Faulkner's responses. Located on his webforum at www.uwwwb.com (under comments). I am not sure what his lawyers have advised him, but the fact that he is sharing so much information is somewhat odd. Edited by Infinite51

Share this post


Link to post
Share on other sites
Would anyone like to do do some forensic work? I'll zip up all of the legal evidence released and if someone wants to setup two seperate google or some other collaboration forums... Interested?

Three teams: One Feds - examine all case material and prove your case.

Legal Defense for Michael Faulker & (Related Companies)

Legal Defense for Core IP, LLC (Matthew Simpson)

Share this post


Link to post
Share on other sites
[quote name='Infinite51' post='335801' date='Apr 9 2009, 07:53 PM']Would anyone like to do do some forensic work? I'll zip up all of the legal evidence released and if someone wants to setup two seperate google or some other collaboration forums... Interested?

Three teams: One Feds - examine all case material and prove your case.

Legal Defense for Michael Faulker & (Related Companies)

Legal Defense for Core IP, LLC (Matthew Simpson)[/quote]

I can do it, message me with the attachments.

Share this post


Link to post
Share on other sites
People should really watch Alex Muentz's video. He does this talk just about every year it seems:

[url="http://media.defcon.org/dc-15/video/Defcon15-Alexander_Muentz-Protecting_your_IT_Infrastructure_from_legal_Attacks.mp4"]http://media.defcon.org/dc-15/video/Defcon...gal_Attacks.mp4[/url]

[quote]Alexander Muentz: Protecting your IT infrastructure from legal attacks- Subpoenas, Warrants and Transitive Trust.

You think your systems and data are safe from any attack. You fear no script kiddie. You get a +5 against social engineering. Yet a single subpoena can crack your junk open wide. A search warrant might leave you with an empty server room.

The law might be the biggest threat to your users, systems and you. Learn how to plan for and react to search warrants, subpoenas and wiretaps. I?m going to speak about the law in an IT context, make it accessible and relevant. If you manage other people's systems for a living or just are afraid of your own privacy and liberty, you might want to see this.


Alex Muentz is a lawyer and a sysadmin. He's interested in the intersection between law and technology, and has given talks (PumpCon, H.O.P.E. Six, L.I.S.A.) and published papers (2600, SysAdmin, ;login:) on this topic. He does some pro bono representation for technology professionals. He hopes he isn't as boring as this sounds.[/quote]

Speaking from past experience with federal search warrants and such... the best defense is ignorance and a keen eye for detail. Also just not having it in your location in the first place.

The search warrant itself isn't limited to just the computer. It extends to cables and anything it connects to. Hence why power strips were taken as well. The kids ipod... well they are storage devices *period* and they were at the location of the search warrant. If the warrant says take money, they will take or freeze any money to people you ever gave/transfered to.

As for game systems seized, It's in the PDF.

Probably the part where they did the most damage was the conversion of a company's "Lab" into a "Co-Location" section. The guys in the colo were probably just reboot monkeys and I've been in a few colo's before in Los Angeles that were much like the described. Just racks and a few desks... usually used for a server bench if they're disused. The reboot monkeys did a poor job of cleanup or were simply just too trusting of Faulkner's motives tho if his company's name was plastered all over.

And yes, your disaster recovery plan should take this into account. This type of event is just like a nuke going off or a natural disaster or simply needing to relocate your colo. If you're big enough to make money and worry about uptime, then you're big enough to at least create colocation redundancy or use Amazon EC2 for your recovery (with your data mirrored here and in the EU).

Share this post


Link to post
Share on other sites
[quote name='jabzor' post='335787' date='Apr 9 2009, 05:50 PM']Out of country backup colo ? The way of the pirate bay.
Anything gets seized and you just change the dns records, ssh in and grab your files.. back up and running in under an hour (minus dns propagation time).[/quote]

Yes, that and some more stuff. Beating an FBI seizure is easy. It's a two step process: offshore stuff owned by non-US entities in countries with tough privacy laws; encryption, volatile key storage, and ability to zeroize it intentionally, but not accidentally.

Combined properly, you make a seizure harder and worthless (i.e. keys are zeroized). I'd go into the details, but why tip them off? I prefer knowing I have a way to maintain an online business even if the FBI starts acting like pricks... I'd recommend against anyone posting details. Those of us who need to know how to protect our privacy and availability across borders do know or can find out. The FBI undoubtedly has people reading these forums, and I'd rather keep them out of the loop. Privacy is good for democracy. ;)

Share this post


Link to post
Share on other sites
i[quote name='army_of_one' post='335834' date='Apr 9 2009, 11:30 PM'][quote name='jabzor' post='335787' date='Apr 9 2009, 05:50 PM']Out of country backup colo ? The way of the pirate bay.
Anything gets seized and you just change the dns records, ssh in and grab your files.. back up and running in under an hour (minus dns propagation time).[/quote]

Yes, that and some more stuff. Beating an FBI seizure is easy. It's a two step process: offshore stuff owned by non-US entities in countries with tough privacy laws; encryption, volatile key storage, and ability to zeroize it intentionally, but not accidentally.

Combined properly, you make a seizure harder and worthless (i.e. keys are zeroized). I'd go into the details, but why tip them off? I prefer knowing I have a way to maintain an online business even if the FBI starts acting like pricks... I'd recommend against anyone posting details. Those of us who need to know how to protect our privacy and availability across borders do know or can find out. The FBI undoubtedly has people reading these forums, and I'd rather keep them out of the loop. Privacy is good for democracy. ;)
[/quote]

Great information guy's. Most of the information I hope to gain, will deal with the legal aspects of this case, and tracking down the truth of these shell companies, ect. One of the respondants in the case Michael Faulkner has been providing a great deal of information in the past week. I personally have been scratching my head trying to figure out his motives for doing so. Though I guess when your loose your business, house, toys and bank accounts you can become a little desperate and reach out to anyone that can listen.

Overall, since I do a bit of development, do legal marketing, ect. As a result, the outcome of this case, and those that are filed by the companies affected by these raids are of importance. And frankly put, should the reports we glean from our research find its way into the email box or being looked at by the FBI so be it. I have a big problem with a guy that eggs on the government, when he has links to pirated material on his own site.

From what I can tell thus far about Matthew Simpson, it appears as though his operations are at least slightly more legitimate, and perhaps he was just 25 year old man (according to his facebook profile matthew@coreip.net) that made a bad business arrangement.

The FBI, NSA, Military, Navy/ computer and intelligence all read these forums and gleam information from that. It is not a secret... If you don't believe me, I am sure StankDawg will confirm.

Share this post


Link to post
Share on other sites
lols you can detach a raid and bury it somewhere i guess as yeah a 1tb external hdd wont do justice if you have a bid database/cluster and like xgzip/bzip (forget which) everything you put in the raid.

Share this post


Link to post
Share on other sites
[quote name='Infinite51' post='335840' date='Apr 10 2009, 12:04 AM']i[quote name='army_of_one' post='335834' date='Apr 9 2009, 11:30 PM'][quote name='jabzor' post='335787' date='Apr 9 2009, 05:50 PM']Out of country backup colo ? The way of the pirate bay.
Anything gets seized and you just change the dns records, ssh in and grab your files.. back up and running in under an hour (minus dns propagation time).[/quote]

Yes, that and some more stuff. Beating an FBI seizure is easy. It's a two step process: offshore stuff owned by non-US entities in countries with tough privacy laws; encryption, volatile key storage, and ability to zeroize it intentionally, but not accidentally.

Combined properly, you make a seizure harder and worthless (i.e. keys are zeroized). I'd go into the details, but why tip them off? I prefer knowing I have a way to maintain an online business even if the FBI starts acting like pricks... I'd recommend against anyone posting details. Those of us who need to know how to protect our privacy and availability across borders do know or can find out. The FBI undoubtedly has people reading these forums, and I'd rather keep them out of the loop. Privacy is good for democracy. ;)
[/quote]

Great information guy's. Most of the information I hope to gain, will deal with the legal aspects of this case, and tracking down the truth of these shell companies, ect. One of the respondants in the case Michael Faulkner has been providing a great deal of information in the past week. I personally have been scratching my head trying to figure out his motives for doing so. Though I guess when your loose your business, house, toys and bank accounts you can become a little desperate and reach out to anyone that can listen.

Overall, since I do a bit of development, do legal marketing, ect. As a result, the outcome of this case, and those that are filed by the companies affected by these raids are of importance. And frankly put, should the reports we glean from our research find its way into the email box or being looked at by the FBI so be it. I have a big problem with a guy that eggs on the government, when he has links to pirated material on his own site.

From what I can tell thus far about Matthew Simpson, it appears as though his operations are at least slightly more legitimate, and perhaps he was just 25 year old man (according to his facebook profile matthew@coreip.net) that made a bad business arrangement.

The FBI, NSA, Military, Navy/ computer and intelligence all read these forums and gleam information from that. It is not a secret... If you don't believe me, I am sure StankDawg will confirm.

[/quote]

Interesting. If there is any wrongdoing, I wish them the best of luck in finding it. As for feds, I don't need any confirmation of that. What I need less is for them to know specifics. Suffice it to say that you can come up in an effective defense in 10-15 minutes like I did, and have a production quality version implemented in a month. There are many different defenses, each with different countermeasures the FBI might attempt. I'm not posting any specifics so as not to tell them what to focus on. Keeping your assets outside of this country and obfuscating their ownership is an important aspect of any raid-prevention strategy, though.

I focus mostly on the technical side, but anyone who has their liquid assets in the US is asking for trouble. A good offshore asset protection strategy can greatly reduce the risks and potential damages. I can give one nice tactic without compromising security: basing at least part of your organization/assets in a country not very friendly to US. That prevents cooperation. You'd create a shell company and lease virtual office in a country that trades with that uncooperative country. Then, US authorities don't get cooperation, but you don't get hostility because they don't know your American. Pick the countries carefully. Some are much better than others. Some are not as privacy-respecting as they seem.

Share this post


Link to post
Share on other sites
[quote name='army_of_one' post='335843' date='Apr 10 2009, 12:29 AM'][quote name='Infinite51' post='335840' date='Apr 10 2009, 12:04 AM']i[quote name='army_of_one' post='335834' date='Apr 9 2009, 11:30 PM'][quote name='jabzor' post='335787' date='Apr 9 2009, 05:50 PM']Out of country backup colo ? The way of the pirate bay.
Anything gets seized and you just change the dns records, ssh in and grab your files.. back up and running in under an hour (minus dns propagation time).[/quote]

Yes, that and some more stuff. Beating an FBI seizure is easy. It's a two step process: offshore stuff owned by non-US entities in countries with tough privacy laws; encryption, volatile key storage, and ability to zeroize it intentionally, but not accidentally.

Combined properly, you make a seizure harder and worthless (i.e. keys are zeroized). I'd go into the details, but why tip them off? I prefer knowing I have a way to maintain an online business even if the FBI starts acting like pricks... I'd recommend against anyone posting details. Those of us who need to know how to protect our privacy and availability across borders do know or can find out. The FBI undoubtedly has people reading these forums, and I'd rather keep them out of the loop. Privacy is good for democracy. ;)
[/quote]

Great information guy's. Most of the information I hope to gain, will deal with the legal aspects of this case, and tracking down the truth of these shell companies, ect. One of the respondants in the case Michael Faulkner has been providing a great deal of information in the past week. I personally have been scratching my head trying to figure out his motives for doing so. Though I guess when your loose your business, house, toys and bank accounts you can become a little desperate and reach out to anyone that can listen.

Overall, since I do a bit of development, do legal marketing, ect. As a result, the outcome of this case, and those that are filed by the companies affected by these raids are of importance. And frankly put, should the reports we glean from our research find its way into the email box or being looked at by the FBI so be it. I have a big problem with a guy that eggs on the government, when he has links to pirated material on his own site.

From what I can tell thus far about Matthew Simpson, it appears as though his operations are at least slightly more legitimate, and perhaps he was just 25 year old man (according to his facebook profile matthew@coreip.net) that made a bad business arrangement.

The FBI, NSA, Military, Navy/ computer and intelligence all read these forums and gleam information from that. It is not a secret... If you don't believe me, I am sure StankDawg will confirm.

[/quote]

Interesting. If there is any wrongdoing, I wish them the best of luck in finding it. As for feds, I don't need any confirmation of that. What I need less is for them to know specifics. Suffice it to say that you can come up in an effective defense in 10-15 minutes like I did, and have a production quality version implemented in a month. There are many different defenses, each with different countermeasures the FBI might attempt. I'm not posting any specifics so as not to tell them what to focus on. Keeping your assets outside of this country and obfuscating their ownership is an important aspect of any raid-prevention strategy, though.

I focus mostly on the technical side, but anyone who has their liquid assets in the US is asking for trouble. A good offshore asset protection strategy can greatly reduce the risks and potential damages. I can give one nice tactic without compromising security: basing at least part of your organization/assets in a country not very friendly to US. That prevents cooperation. You'd create a shell company and lease virtual office in a country that trades with that uncooperative country. Then, US authorities don't get cooperation, but you don't get hostility because they don't know your American. Pick the countries carefully. Some are much better than others. Some are not as privacy-respecting as they seem.
[/quote]

I think you're forgetting one primary Thought pattern, offshore hosting/banking isn't generally used for legitimate reasons.

Share this post


Link to post
Share on other sites
[quote name='dinscurge' post='335841' date='Apr 10 2009, 12:13 AM']lols you can detach a raid and bury it somewhere i guess as yeah a 1tb external hdd wont do justice if you have a bid database/cluster and like xgzip/bzip (forget which) everything you put in the raid.[/quote]

Destroying evidence is probably worse then letting them find it. (It proves your hiding something)

Share this post


Link to post
Share on other sites
[quote name='R4p1d' post='335846' date='Apr 10 2009, 12:44 AM'][quote name='dinscurge' post='335841' date='Apr 10 2009, 12:13 AM']lols you can detach a raid and bury it somewhere i guess as yeah a 1tb external hdd wont do justice if you have a bid database/cluster and like xgzip/bzip (forget which) everything you put in the raid.[/quote]

Destroying evidence is probably worse then letting them find it. (It proves your hiding something)
[/quote]
how is that destorying data? your just removeing a removable raid and hiding it if they raid/dont you just hook it up to a new box and you have all of the databack. and yeah prettymuch.

Share this post


Link to post
Share on other sites
[quote name='dinscurge' post='335847' date='Apr 10 2009, 12:49 AM'][quote name='R4p1d' post='335846' date='Apr 10 2009, 12:44 AM'][quote name='dinscurge' post='335841' date='Apr 10 2009, 12:13 AM']lols you can detach a raid and bury it somewhere i guess as yeah a 1tb external hdd wont do justice if you have a bid database/cluster and like xgzip/bzip (forget which) everything you put in the raid.[/quote]

Destroying evidence is probably worse then letting them find it. (It proves your hiding something)
[/quote]
how is that destorying data? your just removeing a removable raid and hiding it if they raid/dont you just hook it up to a new box and you have all of the databack. and yeah prettymuch.
[/quote]

Yeah, that's pretty much obvious.

EDIT: You obviously don't have information security skills, you don't even have anti-virus on a windows machine, much less, the latest security updates from microsoft.
[quote name='dinscurge' post='335569' date='Apr 7 2009, 11:19 PM'][img]http://www.binrev.com/forums/uploads/monthly_04_2009/post-15812-1239164343_thumb.jpg[/img]
nothing fancy lols[/quote]



Burying a harddrive raid isn't legit.

Talk about primitive. :mellow: Edited by R4p1d

Share this post


Link to post
Share on other sites
[quote name='dinscurge' post='335847' date='Apr 10 2009, 12:49 AM'][quote name='R4p1d' post='335846' date='Apr 10 2009, 12:44 AM'][quote name='dinscurge' post='335841' date='Apr 10 2009, 12:13 AM']lols you can detach a raid and bury it somewhere i guess as yeah a 1tb external hdd wont do justice if you have a bid database/cluster and like xgzip/bzip (forget which) everything you put in the raid.[/quote]

Destroying evidence is probably worse then letting them find it. (It proves your hiding something)
[/quote]
how is that destorying data? your just removeing a removable raid and hiding it if they raid/dont you just hook it up to a new box and you have all of the databack. and yeah prettymuch.
[/quote]

Dinscurge's Disaster Recovery Plan, in a Nutshell:

Digg up the drives you buried earlier when you saw the black Crown Victorias pulling up. Just brilliant, boy. It's amazing how you cut through red tape with only a shovel...

Share this post


Link to post
Share on other sites
[quote name='army_of_one' post='335850' date='Apr 10 2009, 12:57 AM']Dinscurge's Disaster Recovery Plan, in a Nutshell:

Digg up the drives you buried earlier when you saw the black Crown Victorias pulling up. Just brilliant, boy. It's amazing how you cut through red tape with only a shovel...[/quote]

i never said bury it when they come you can bury it and get a long cable to update them then all you do is pull out the cable, hell you could have a small lowpower old box updating it from wifi so you wouldnt have to do anything when they come but power off from ssh.

Share this post


Link to post
Share on other sites
[quote name='dinscurge' post='335852' date='Apr 10 2009, 01:05 AM'][quote name='army_of_one' post='335850' date='Apr 10 2009, 12:57 AM']Dinscurge's Disaster Recovery Plan, in a Nutshell:

Digg up the drives you buried earlier when you saw the black Crown Victorias pulling up. Just brilliant, boy. It's amazing how you cut through red tape with only a shovel...[/quote]

i never said bury it when they come you can bury it and get a long cable to update them then all you do is pull out the cable, hell you could have a small lowpower old box updating it from wifi so you wouldnt have to do anything when they come but power off from ssh.
[/quote]

So you bury the cable? Or hide the cable? Don't you think the feds have a cable?

Same concept as this right?
Example:

"Dinscruges primal instincts kick in when the feds pull up"

His response: "BuRy ThE HaRdDrIvE RaIdS!!!!!!!!!!!!!!!!!"

There is one major flaw, you're forgetting to make a treasure map.
[img]http://goolishtech.com/images/TreasureMap.gif[/img] Edited by R4p1d

Share this post


Link to post
Share on other sites
[quote name='dinscurge' post='335852' date='Apr 10 2009, 01:05 AM'][quote name='army_of_one' post='335850' date='Apr 10 2009, 12:57 AM']Dinscurge's Disaster Recovery Plan, in a Nutshell:

Digg up the drives you buried earlier when you saw the black Crown Victorias pulling up. Just brilliant, boy. It's amazing how you cut through red tape with only a shovel...[/quote]

i never said bury it when they come you can bury it and get a long cable to update them then all you do is pull out the cable, hell you could have a small lowpower old box updating it from wifi so you wouldnt have to do anything when they come but power off from ssh.
[/quote]

An external, USB powered hard disk buried or concealed carefully somewhere is a plausible way to hide data. Unfortunately, that strategy has absolutely nothing to do with this problem: protecting business's IT assets (servers included) confidentiality and availability in spite of FBI raid. Who's going to bury, maintain it, or pull the plug at the colo? The "reboot monkeys"?

Share this post


Link to post
Share on other sites
[quote name='R4p1d' post='335845' date='Apr 10 2009, 12:42 AM'][quote name='army_of_one' post='335843' date='Apr 10 2009, 12:29 AM'][quote name='Infinite51' post='335840' date='Apr 10 2009, 12:04 AM']i[quote name='army_of_one' post='335834' date='Apr 9 2009, 11:30 PM'][quote name='jabzor' post='335787' date='Apr 9 2009, 05:50 PM']Out of country backup colo ? The way of the pirate bay.
Anything gets seized and you just change the dns records, ssh in and grab your files.. back up and running in under an hour (minus dns propagation time).[/quote]

Yes, that and some more stuff. Beating an FBI seizure is easy. It's a two step process: offshore stuff owned by non-US entities in countries with tough privacy laws; encryption, volatile key storage, and ability to zeroize it intentionally, but not accidentally.

Combined properly, you make a seizure harder and worthless (i.e. keys are zeroized). I'd go into the details, but why tip them off? I prefer knowing I have a way to maintain an online business even if the FBI starts acting like pricks... I'd recommend against anyone posting details. Those of us who need to know how to protect our privacy and availability across borders do know or can find out. The FBI undoubtedly has people reading these forums, and I'd rather keep them out of the loop. Privacy is good for democracy. ;)
[/quote]

Great information guy's. Most of the information I hope to gain, will deal with the legal aspects of this case, and tracking down the truth of these shell companies, ect. One of the respondants in the case Michael Faulkner has been providing a great deal of information in the past week. I personally have been scratching my head trying to figure out his motives for doing so. Though I guess when your loose your business, house, toys and bank accounts you can become a little desperate and reach out to anyone that can listen.

Overall, since I do a bit of development, do legal marketing, ect. As a result, the outcome of this case, and those that are filed by the companies affected by these raids are of importance. And frankly put, should the reports we glean from our research find its way into the email box or being looked at by the FBI so be it. I have a big problem with a guy that eggs on the government, when he has links to pirated material on his own site.

From what I can tell thus far about Matthew Simpson, it appears as though his operations are at least slightly more legitimate, and perhaps he was just 25 year old man (according to his facebook profile matthew@coreip.net) that made a bad business arrangement.

The FBI, NSA, Military, Navy/ computer and intelligence all read these forums and gleam information from that. It is not a secret... If you don't believe me, I am sure StankDawg will confirm.

[/quote]

Interesting. If there is any wrongdoing, I wish them the best of luck in finding it. As for feds, I don't need any confirmation of that. What I need less is for them to know specifics. Suffice it to say that you can come up in an effective defense in 10-15 minutes like I did, and have a production quality version implemented in a month. There are many different defenses, each with different countermeasures the FBI might attempt. I'm not posting any specifics so as not to tell them what to focus on. Keeping your assets outside of this country and obfuscating their ownership is an important aspect of any raid-prevention strategy, though.

I focus mostly on the technical side, but anyone who has their liquid assets in the US is asking for trouble. A good offshore asset protection strategy can greatly reduce the risks and potential damages. I can give one nice tactic without compromising security: basing at least part of your organization/assets in a country not very friendly to US. That prevents cooperation. You'd create a shell company and lease virtual office in a country that trades with that uncooperative country. Then, US authorities don't get cooperation, but you don't get hostility because they don't know your American. Pick the countries carefully. Some are much better than others. Some are not as privacy-respecting as they seem.
[/quote]

I think you're forgetting one primary Thought pattern, offshore hosting/banking isn't generally used for legitimate reasons.
[/quote]

It definitely garners more suspicion. We must remember, though, that we are defending against direct action by feds: they think the company is the enemy; they are ready to seize assets and cause large-scale disruption of operations. At this point, looking suspicious isn't an issue. One would want to hide that their main assets are offshore, but having them there may prevent seizures of property and freezes of liquid assets. US Gov.'t threats become largely moot with a good offshore scheme. This reduces one's concerns, although it creates a few more. I still maintain they are easier to deal with than FBI. ;)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now