Advertisement
Home arrow ITsec News arrow Interview with Dan Egerstad
Saturday, 22 November 2008
  
 
Last week attacks
O.S.  Defs.  %
Linux  8778  71.58%
Win 2003  1950  15.90%
Win 2000  722  5.89%
Solaris 9/10  402  3.28%
FreeBSD  226  1.84%
Other  185  1.51%

Total attacks: 12263 of which 4619 single ip and 7644 mass defacements

Main Menu
Home
Digital Warfare
Geopolitics
ITsec News
ITsec Advisories
Test Drive
360°
Digital Attacks Archive
Zone-H events
Publications
Zone-H Friends/Partners
Contact Us
Search
Download Area
Zone-H forum
About this website
Login Form





Lost Password?
No account yet? Register
Visitors' Map
Interview with Dan Egerstad PDF Print E-mail
User Rating: / 13
PoorBest 
Written by minor   
Thursday, 22 November 2007

egerstad Few days ago we informed about raid in house of Dan Egerstad. Now he agreed with brief interview, where we tried to get his point of view on the issue.

Could you please explain, how did you come to the idea of creating exit TOR nodes and intercepting traffic?

I wanted to know how many people were encrypting their mails and needed some figures for a lecture I was holding. Setting up a ToR node to analyze mail-traffic was an easy way to get some numbers. Right before shutting this automated process down I by accident saw an email that caught my eye and led me to doing this in a bigger way. 

 

From media sources, we know, that there were only few reactions, when you contacted affected organizations. Did this approach surprised you, in time, when also public is starting to talk about cyber threads? Were you surprised, that such data aren't sent encrypted?

My experience from the business is that few people/companies take security seriously. Even large corporations that you would believe have the highest level often lack the basics such as anti-virus, backups or encrypted email. This is my work allot today to raise awareness. Same when contacting people about problems in their systems, often you get a bad response if any.
Example1: Called up a large corporation having a server hacked and used to do some major spamming. They refused talking to me and said it was BS, 30min later the spam stopped.
Example2: Called up a major ISP telling them that a portion of their customer data (10.000 end-users) was leaking all over the network for anyone to listen in. After three attempts, three days and still getting the response that there is nothing wrong and that it was my computers even though I work with IT-sec I published an article instead. This time they reacted, didn't like the headlines on Sweden's largest newspaper apparently. Still it took a day or two for them to confess and fix it.
So basically, no it doesn't surprise me that you won't get any response.


Do you think that intelligence does not the same, as you tried in your experiment? What do you think about latest accusations of Hushmail to be cooperating with intelligence and possible backdoor in new encryption standard?

ToR is developed by American military and used by people wanting to hide themselves, of course others are sniffing the network! I want to believe that hush is secure and have an ethic business not sharing any information. I don't have any opinion other than that.


Were there already some charges set in your case?

I haven't been charged for anything, however I'm suspected for "computer break in". A crime that can give fines and jail up to two years.

Dan, your approach was criticized from many sides. What was the main idea behind these critics? Are there also positive voices?

Most critics came before I told what was done. Many thought that I found an exploit, hacked or broke in somewhere. The first one you always contact the vendor, however here there is no exploit and no vendor to fix it. The other two are just unethical. Even though I kept on saying that neither of those three were the case people still based their criticism on that, people never read the whole story. When the whole story later came out with no exploit or hacking involved and that this information most likely already was in the hands of "bad guys the same people kept their mouth shut ;-)

Since August until the raid in November, there was lot of time in between. Why the raid came now, after relatively long time?

Beats me and every other person I talked to. Usually this takes hours or a few days so I was very surprised having the police at my door. However they said some stuff during the questioning that leads me to believe that some other country might have been involved and it's a political thing. Maybe Sweden have been getting some pressure from a foreign country and needs to prove that they are doing something.
They aren't working fast, 2,5 months for the raid and today 10 days after the raid they still don't even know what stuff they took and even less looked at it. This being a prioritized case and all...

 

 


Comments Index (Total Messages: 6)
that\'s Goood Written by Guest on 2007-11-25 21:27:48
listen me Written by Guest on 2007-11-24 11:51:25
Re: listen me Written by Guest on 2007-11-28 19:16:52
listen me Written by Guest on 2007-11-24 11:51:29
C0d3R Written by Guest on 2007-11-25 21:40:24
lol Written by Guest on 2007-11-25 16:21:09

Powered by a Zone-H(ified) version of AkoComment 3.0!


DISCLAIMER: Forum postings are the opinion of the posting author alone, and should not be taken as the opinion of Zone-h. The   author is entirely and solely responsible for all content that he/she uploads, posts, or otherwise transmits via the website. Zone-h is not responsible for such content. However, Zone-h shall have the right, but not the obligation, to delete, move, or edit any content that violates this agreement or is otherwise objectionable as determined by Zone-h in its sole discretion and without notice.
 
< Prev   Next >
[ Back ]
Advertisement
 
Top!
© 2008 Zone-H.org - Unrestricted Information
Joomla! is Free Software released under the GNU/GPL License.
 Top!