Articles

Hacker’s Guide to Stay out of Jail 5: Anonymity and Defense

Here The Grugq describes some of the techniques to use for building layers of anonymity and defense which will guard personas from getting associated with you. So, techniques – basically, you need to put in the plumbing. Plumbing is all of the stuff that you’re going to use to maintain your cover...

Hacker’s Guide to Stay out of Jail 4: Be Paranoid and Never Contaminate

In this part of the presentation, The Grugq continues exemplifying the common violations that freedom fighters should under no circumstances make. In this case palladium was insufficiently paranoid (see image). After he got busted, they took him to an interview and they showed him logs that they had...

Hacker’s Guide to Stay out of Jail 3: LulzSec Failures

Highlighting the typical mistakes to avoid, The Grugq provides real-world examples where actual hackers got busted due to unacceptable indiscretion. If you’re trusting people to keep their mouths shut, which you should never do, they won’t. This is why VPNs are not actually secure. VPNs would only be...

Hacker’s Guide to Stay out of Jail 2: Do’s and Don’ts

Covering practical tips for doing OPSEC, this part of The Grugq’s talk makes it clear what you should and should not do when freedom-fighting on the Internet. One methodology for doing OPSEC is, basically, you need to think about how to put the plumbing in first, so you need to set up your environment for...

Hacker’s Guide to Stay out of Jail: OPSEC for Freedom Fighters

During his talk ‘OPSEC for Hackers by The Grugq: because Jail Is for wuftpd’ at HITB 2012 Conference, The Grugq, a well-known information security guru specializing in studying anti-forensic techniques, advises online freedom fighters out there on how to avoid getting busted. This is going to be...

Understanding CAPTCHA-Solving Services in an Economic Context 6: Q&A Part at USENIX

Drawing a line under the presentation, Marti Motoyama takes questions from the USENIX audience about CAPTCHAs proper and the related solving services. Question: You said that one of your goals when you were doing this research was maybe to figure out something about the workforce that you can take advantage...

Understanding CAPTCHA-Solving Services in an Economic Context 5: Do CAPTCHAs Actually Work?

Delving into human solver backends and moving on to the summary, Marti Motoyama provides retrieved statistics and draws general conclusions on the subject. Now we’re going to take a look at the human solver backends to get a sense of the worker experiences. We signed up as a solver on two sites, knowing...

Understanding CAPTCHA-Solving Services in an Economic Context 4: Labor Demographics

Outlined here are a number of experiments conducted by Marti Motoyama and his colleagues in order to figure out the demographic patterns for CAPTCHA solvers. By looking at the labor demographics, we can better understand the cogs that operate within these CAPTCHA-solving machines; perhaps new CAPTCHAs can...

Understanding CAPTCHA-Solving Services in an Economic Context 3: Evaluation of the Human-Based Services

Having singled out the key metrics, Marti Motoyama now proceeds with an evaluation of the 8 major human-based CAPTCHA-solving services by these criteria. We just went ahead and signed up as a customer on each of those 8 human solver services, and then we submitted a CAPTCHA every 5 minutes over the course...

Understanding CAPTCHA-Solving Services in an Economic Context 2: Software and Human-Based CAPTCHA Solvers

Marti Motoyama now focuses on the detailed comparison and features of automated CAPTCHA-solving solutions out there and third-party human-based solvers. Software CAPTCHA Solvers Let’s delve down further into the challenges facing software solvers. First of all, they require skilled programming labor, and...