Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: VPN providers and any providers in general...
From: Valdis.Kletnieks () vt edu
Date: Tue, 04 Oct 2011 21:05:29 -0400

On Tue, 04 Oct 2011 03:15:02 EDT, Jeffrey Walton said:
On Tue, Oct 4, 2011 at 3:06 AM, Ferenc Kovacs <tyra3l () gmail com> wrote:

As I mentioned before it is hard to expect that a VPN provider will
risk his company for your $11.52/month, and maybe they would try it
for some lesser case, but what Lulsec did was grant, so I'm not
surprised that they bent.


Yes. So?  In most jurisdictions, "alledged" and "probable cause" is sufficient
to get a court to sign off on a subpoena and/or warrants.

"Dear Judge:  On Aug 23, a hacker using the handle "JustFellOutOfTree" did
violate Section N, Clause X.Y of the criminal code by hacking into
BigStore.com.  The connection was traced back to the provider VPNs-R-Us.  We
would like a court order requesting VPNs-R-Us to provide any and all
information they may have regarding this user".

That will usually do it (after bulked up to about 3 pages with legalese and
dotting the t's and crossing the i's).

The next morning, the manager at VPNs-R-Us gets to his office, and finds
two guys with guns and a signed piece of paper.  At which point one of two
things will happen:

1) the guy rolls and gives up all the info.
2) the guy calls his lawyer and makes sure that he gives up all the required info,
and not one byte more.

(Option 3 - the guy heads downtown on a contempt of court charge - happens so
rarely that it's basically a hypothetical).

Attachment: _bin

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]