On 04/18/2012 02:07 PM, Kyle Williams wrote: > So I guess nobody remembers or knows about my brief 15 minutes at Blackhat > a few years back where I warned about much more than what is being > disclosed here in regards to Ultrasurf or GIFC. > > Here's the Audit I did from years ago. > http://www.janusvm.com/Ultrasurf_audit.zip > > Includes Video's of the audit sessions, IP's and hostnames they scan, pcap > dump, and ZIP files or older version which contain the original > malware/spyware (you've been warned). > > So here's the very, very short run down Since I'm pressed for time. This > is total spyware. They record all your traffic, and use their "clients" to > further scan the Internet or INTRANETs in some cases. They scan banks, > colleges, and even US Government systems like the Department of Energy > while using the users to mask the origin or the scans/hacks. Sneaky shit. > They completely blew me off when they got accused of this before, but > anyone can watch or audit this crap themselves and see they are up to no > good. Almost all their old version have a Trojan or spyware or some kind. > > If I recall, the US State Department granted them a 1.5 Million USD for > something or another. > http://www.washingtonpost.com/wp-dyn/content/article/2010/05/11/AR2010051105154.html > > Bottom line and simply put, GIFC/Ultrasurf IS VERY BAD AND THE (STUPID) US > GOV IS HELPING PAY FOR THIS SHIT TO EXIST. >
Hey Kyle, I cited your work - I thought it was interesting but it didn't go far enough. Specifically, I found that some of the traffic you saw is most likely their decoy traffic - check out my paper, I bet you'd enjoy it. All the best, Jacob _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
