--- Log opened Mon Aug 15 00:00:37 2016
00:38 -!- oddball [~oddball@c-98-240-105-54.hsd1.tn.comcast.net] has quit [Ping timeout: 240 seconds]
00:45 -!- raspberr_ [~raspberry@172.56.4.232] has quit [Ping timeout: 244 seconds]
02:00 -!- oddball [~oddball@c-98-240-105-54.hsd1.tn.comcast.net] has joined #se2600
02:22 -!- cyberanger [~cyberange@swissknife/adak/infocop411] has quit [Quit: ZNC - http://znc.in]
03:12 -!- oddball [~oddball@c-98-240-105-54.hsd1.tn.comcast.net] has quit [Ping timeout: 276 seconds]
03:17 -!- oddball [~oddball@98.240.105.54] has joined #se2600
04:00 -!- cyberanger [~cyberange@swissknife/adak/infocop411] has joined #se2600
04:06 -!- cyberanger [~cyberange@swissknife/adak/infocop411] has quit [Quit: ZNC - http://znc.in]
04:18 -!- cyberanger [~cyberange@swissknife/adak/infocop411] has joined #se2600
06:58 -!- sicsscam_ is now known as sicsscam
07:02 -!- Dolemite [~scott@24-158-112-64.dhcp.kgpt.tn.charter.com] has joined #se2600
07:02 -!- mode/#se2600 [+o Dolemite] by ChanServ
07:03 <@Dolemite> mr0ning, be0tches and h0ez!
07:03  * aestetix hugs Dolemite 
07:25 -!- xray [~xray@boppity.cc.gatech.edu] has joined #se2600
08:52 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:6173:8437:f09b:b38a] has joined #se2600
09:33 -!- raspberrypifan [~raspberry@73.106.72.180] has joined #se2600
09:39 -!- raspberrypifan [~raspberry@73.106.72.180] has quit [Remote host closed the connection]
09:55 -!- raspberrypifan [~raspberry@73.106.79.48] has joined #se2600
10:12 -!- rattle [041c8581@tor/regular/rattle] has joined #se2600
10:12 -!- mode/#se2600 [+o rattle] by ChanServ
10:36 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:6173:8437:f09b:b38a] has quit [Ping timeout: 250 seconds]
10:36 -!- TheDukh_ [~thedukh@cpe-74-141-205-192.kya.res.rr.com] has joined #se2600
10:58 -!- Guest71803 [~K4k@unaffiliated/k4k] has quit [Quit: WeeChat 1.5]
10:58 -!- K4k [~K4k@unaffiliated/k4k] has joined #se2600
11:58 <@rattle> https://github.com/theshadowbrokers/EQGRP-AUCTION
11:58 < PigBot> Title: GitHub - theshadowbrokers/EQGRP-AUCTION (at github.com) http://tinyurl.com/jxy3v9c
11:58 <@rattle> Well then..
12:11 -!- sicsscam_ [~sicsscam@24.154.70.234] has joined #se2600
12:12 -!- raspberrypifan [~raspberry@73.106.79.48] has quit [Remote host closed the connection]
12:15 -!- sicsscam [~sicsscam@24.154.70.234] has quit [Ping timeout: 240 seconds]
12:28 < _NSAKEY> rattle: It's been disabled, but I saw it before it went down.
12:33 <@Evilpig> what was it?
12:34 < _NSAKEY> It was someone claiming to be auctioning unreleased EQUATIONGROUP malware.
12:34 < _NSAKEY> But "auction" in the sense, "Whichever bitcoin address sends the most bitcoin to this address wins."
12:34 < _NSAKEY> I just did an OS reinstall a couple days ago and didn't have git installed.
12:35 < _NSAKEY> Installed git, got distracted with other things, and it had been disabled by the time I got back.
12:38 < _NSAKEY> Evilpig: http://pastebin.com/vJjvphtV
12:38 < PigBot> Title: https://github.com/theshadowbrokers/EQGRP-AUCTION - Pastebin.com (at pastebin.com) http://tinyurl.com/hlsfkgm
12:38 < _NSAKEY> That's the raw text from the github URL.
12:39 < _NSAKEY> I didn't have time to clone the repository, but got my hands on all the files and images that were linked.
12:42 <@rattle> https://theshadowbrokers.tumblr.com/
12:43 < PigBot> Title: EQGRP Auction (at theshadowbrokers.tumblr.com) http://tinyurl.com/gpbnvo9
12:43 < _NSAKEY> I personally find it delicious that they use tumblr.
14:25 < k3ymkr>  /join #rpisec
14:25 < k3ymkr> whoops
14:34 -!- xray [~xray@boppity.cc.gatech.edu] has quit [Quit: Leaving.]
14:37 -!- sicsscam_ is now known as sicsscam
15:15 < aestetix> time to find out how secure windows xp is
15:35 < aestetix> rattle: did you see the wikileaks dump?
15:37 <@rattle> Which one?  The big one today is the equation drop.
15:41 < aestetix> The malware drop.
15:41 < aestetix> The one I am currently convinced came from Snowden.
15:50 < _NSAKEY> Looks like their tumblr got rmed. Good thing I thought to back that one up.
15:56 -!- rattle [041c8581@tor/regular/rattle] has quit [Ping timeout: 264 seconds]
16:03 < aestetix> I downloaded the leak wikileaks uploaded
16:03 < aestetix> two big files. One of them their password unlocked. The other one seems to be an insurance file
16:24 <@Evilpig> _NSAKEY: that shit happens pretty quick once word gets out.  there are a shitload of white knights out there
16:32 -!- rattle [b8994913@tor/regular/rattle] has joined #se2600
16:32 -!- mode/#se2600 [+o rattle] by ChanServ
16:36 < _NSAKEY> It got nuked from github a lot faster.
16:37 < _NSAKEY> It hardly matters though, since the files that matter already got spread far and wide.
16:37 < _NSAKEY> It's just funny to read their little manifesto.
16:53 -!- raspberrypifan [~raspberry@73.106.72.78] has joined #se2600
17:19 < TheDukh_> what did it say?
17:25 < _NSAKEY> TheDukh_: Check out the pastebin link I sent earlier.
17:28 < TheDukh_> "Instead to losers we give consolation prize. If our auction raises 1,000,000 (million) btc total, then we dump more Equation Group files, same quality, unencrypted, for free, to everyone."   Wow.
17:49 < aestetix> uhhhh
17:50 < aestetix> how many bitcoins ARE there?
17:50 < aestetix> because that seems like a lot of bitcoin
17:52 < TheDukh_> there's only like, 15 million mined so far.  I think it's capped somewhere in the 20's?
17:53 < TheDukh_> but, 1 million btc equals up to $568930000.00
17:53 < aestetix> So uh
17:54 < aestetix> Interesting.
17:54 < aestetix> In what game theory scenario do the unlock the rest of them?
17:54 < aestetix> I could see a government sending them that money if they handed the keys to that governmnet.
17:55 < aestetix> Assuming the NSA is behind these exploits, maybe this is a move to cripple the US surveillance.
17:58 < TheDukh_> it's possible.  well worth half a billion.
17:59 < aestetix> I don't know a whole lot about bitcoin. Is it actually anonymous?
18:00 < aestetix> By which I mean, do the transaction IDs not have linkability
18:01 -!- rattle [b8994913@tor/regular/rattle] has quit [Ping timeout: 264 seconds]
18:03 < TheDukh_> supposedly, but, that's not worth much
18:15 < aestetix> and I just found something very interesting
18:15 < aestetix> a clear callback to a DoD server
18:22 < TheDukh_> yeah?
18:23 < aestetix> https://twitter.com/aestetix/status/765325916495024128
18:24 < aestetix> two things are interesting
18:24 < aestetix> 1. that's the only IP address I see there so far
18:25 < aestetix> 2. I see absolutely no comments by DoD/NSA developers
18:25 < aestetix> Which tells me that these was a set of patched exploits ready to be deployed. It was from a production system, after being cleansed of metadata
18:39 -!- TheDukh_ [~thedukh@cpe-74-141-205-192.kya.res.rr.com] has quit []
19:37 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:fc2f:ff49:24e6:f2f6] has joined #se2600
21:22 < raspberrypifan> so whose got the derby con tickets
21:26 < TheDukh> I couldn't get any this year.
21:27 < raspberrypifan> but phreaknic is better right?
21:27 < TheDukh> I've never been.
21:27 < raspberrypifan> hmm
21:30 -!- raspberrypifan [~raspberry@73.106.72.78] has quit [Quit: Leaving...]
22:43 -!- fie [~fie@199.15.197.95] has quit [Ping timeout: 244 seconds]
22:44 -!- raspberrypifan [~raspberry@73.106.72.78] has joined #se2600
--- Log closed Tue Aug 16 00:00:39 2016