An evening with w0rmer

I recently had the opportunity to ask a hacker named w0rmer a bunch of questions;

What’s your favorite beer?

Man, ONE favorite beer?

Oberon from Founders, in fact just about any from founders, I’m a Michigan beer guy. Most Oatmeal stouts are also up there and just about ANY “weird” beer ill drink once, one of my favs was a chocolate pretzel beer that ive yet to find again.

Have you ever been on a brewery tour?

I have not, which I assume makes me pretty uncool, but I would like to try it.

If you could tell yourself one thing to yourself ten years ago, what would it be?

Save that money!! It seems most of the problems I face trace back to not having enough. Also, invest in amazon!

What’s the worst job you’ve ever had?

In my way younger years I worked at a fast food chain, pretty shitty job. Had lots of fun with the people I worked with tho.

Favorite movie, and why?

Sneakers, Matrix, Hackers. The why should be obvious, I’m old! Haha no but I am much more of a reader so when it comes to movies I like to mash my stuff together, action, tech, and techno music of all sorts.

What kind of reading do you prefer?

Fantasy or technical reading is my favorite , if NoStarch makes it id likely like to read it or already own it.

What’s your favorite electronic device? 

Hrm, I would have to say my laptops, I have a few which vary on need but in general I love the ability to have all my tools in one spot and just pop up and start hacking.

Tell me about a completely pointless script you’ve written for entertainment

Ive written so many scripts but none were really pointless, I did have one that ran on some of my production servers that would erase history randomly but I disabled it after awhile because that shit got annoying.

Twitter vs Facebook, which is better?

Hrm, depends. Twitter is where I can be fun and serious but facebook is reserved for my close friends and family.

Do you think Twitter and Facebook have had an influence on the way people think in context of politics? How?

        I think social media as a whole has. You have much more of a hive mind possible. Anyone who has used chat services like AOL/IRC from back in the day understands, you FELT like you were talking to everyone in the world but understood you weren’t, now days you think your talking to a few and it turns out everyone is listening.

What’s your dream car?

The wife will tell you a panel van, which honestly, is pretty close, id like a huge mobile bunker where I could run all my tech and tour the country because I’m a nomad and a hermit but the family has needs!

SpaceX or NASA?

SpaceX AND Nasa! Cool story that few know, it was actually my grandmother who introduced me to computers when at the time she worked for a contractor at NASA doing EEG’s. I kinda feel I owe them some love for that. SpaceX because I want them to take my family and I to mars.

Have you ever rollerbladed while on your way to go hack something?

Umm cant say I haven’t, BUT to be fair, I have WANTED TO! I did roller blade when I was younger but it was more xgames type stuff, grinding on things, jumping off things etc. I can say that at least twice I use rollerblades WHILE doing hacking stuff. I once used them to skate down to an AT&T building and dumpster dive and another time to check phone lines to see if they were active to make calls.

That’s very Mitnikesque, have you read any of his books?

Yes I have, but while he happily friended me on twitter and linkedin he has YET to have a beer with me despite me constantly hounding him like a 13yr old fan girl. I don’t get it.

Why is RSS deprecated?

They really aren’t. I mean, I happen to use RSS all the time #HIGSEC as you know is powered by them essentially but evolution has taken its toll on them which leads to other forms of the same stuff. News feeds and the like are little more then RSS feeds and twitter tuned right is simply a live streamed always on RSS feed if you think about it.

Have you experimented with public APIs? If so, name one that you found interesting.

Twitter API is pretty scary, a lot of data gets piped out at ya. Same with pastebin, your processing tons of data and at one point you look at it all and its just astounding.

If you could pick one thing about the internet you hate the most, what would it be?

Hate. When I was growing up the internet was a dangerous place for sure but few were actually outwardly hateful just for the sake of it. Having an internet grudge back in the early 2000’s wasn’t as bad and the people still had limits. These days people have a lot more time to spill hate and truthfully I believe it goes against what the internet was created for which is to exchange ideas and information for the betterment of all.

What are your thoughts on copyrights?

I believe all software should be free until you can afford to buy it. I should be able to use any software I want and if I can afford it, then I will/should buy it/donate to the project.

If you could pick one thing about the internet you love the most, what would it be?

Memes, I think there are lots of times when your experiencing life when you tell yourself Yup, I feel ya, when ya see a dumpster on fire and thanks to memes I can convey that to others.

teh epic boobs that led to w0rmer’s downfall

 What’s the best part about being married to an Australian?

I would have to say the worldliness of them. All the cultures that I personally would like to experience they deal with on a much more daily basis it seems. Plus, she’s smart and hot so I mean, kind of won all around.

Who is your favorite fictional movie hacker?

The kid from war-games, I really click with 1. Having the curiosity to just hack and THEN deal with the consequences and 2. Using your skills to impress the ladies!

If you could give one piece of advice to an aspiring hacktivist, what would it be?

Be prepared to be caught. Doing something just because you can is different then because you should. If you feel like you just have to, be prepared to pay the price because if you truly believe in your cause it’s the least you will need to pay for it. Also, if you expect to get caught your less likely to snitch, don’t snitch kids.

Define snitching. Would notifying the police about someone victimizing others be considered snitching (e.g you discover a person distributing child pornography, recruiting for ISIS, etc)?

No, I think everyone would understand the above, having had a past in trying to catch pedos and stop recruiting efforts it’s a different thing “working for law enforcement” and snitching. If you go out and overhear a group of hackers, then call the authorities because they hacked someone, your dry snitching. If your part of the group and get caught, then do the same, you’re a snitch and a POS.

Name a song you’ve recently listened to

I just listened to the whole matrix soundtrack which is great because R.A.T.M. is on it and the instrumentals are great old techno.

Have you ever clicked on a dirty link and got owned?

Can’t say I have, I have in my younger days done some dumb things but seriously cant say I have ever been owned. Its not from skill or anything just really haven’t put myself in the spot for it to happen OR been cocky enough.

Did you ever install bonzi buddy?

I have not, but I do remember it being like packaged with fucking everything, I was pretty keen on the dumbness of browser bar tools at an early age.

Why does firefox suck so bad these days?

Well, each browser kind of had to find its niche. Sad to say however they all kind of do have their own specialty. Firefox ESR isn’t too bad and if your doing pentests firefox works great as it has a large plugin base but then again, google is getting caught up.

Favorite meme?

Don’t have a favorite meme, pretty much anything that is offensive will cause me to chuckle.

What’s the hardest part about being a 1337 hacker?

The target on my back. Its hard to stay loyal to the scene and not break the law. Everyone wants help “hacking facebook” or “hacking an email account” but few understand how much I would be giving up if I ever got caught doing that again. My current motto changes between “Never Stop Learning” and “I still hack, I just get paid for it now!” . A lot of people would love the chance to hack another hacker for the sake of creds so I have no choice but to be very safe.

Do you think it’s safe to say anyone asking you to do anything illegal probably isn’t your friend or have your best interests in mind?

Yeah and on top of that, they likely aren’t very smart. Monitoring via FBI software on my computer has and will continue to be a part of my life until I’m off probation. So from the get go any “operation” you suggest is already in their hands haha!

You can read more about Hig Ochoa aka w0rmer over at

or, in his own wordsDear Anonymous & fellow Americans

Follow Hig on Twitter @0x686967

from Blogger http://www.n0v.pw/2018/03/an-evening-with-w0rmer.html
via IFTTT

Advertisements

Staying Safer Online

Always use Tor or a VPN, or both.  Keep all of your devices and browsers updated.

Clicking Links

The golden rule is never click links.  You can preview them first on any link shortener previewer.  Just bookmark them for easier access.
http://www.getlinkinfo.com/
http://www.expandurl.net/
http://www.checkshorturl.com/
http://wheredoesthislinkgo.com/

Tor

Make sure to download Tor from their main website – https://www.torproject.org/
Any downloads should be done directly from Tor’s website, that includes phone apps.  There are phony apps in the app stores  https://www.torproject.org/download/download.html.en
Don’t add any addons to Tor.  You have to look like everyone else.

VPN

Use a VPN whose main address is not in the United States and not in an NSA friendly country.
Which VPN Services Keep You Anonymous in 2017? https://torrentfreak.com/vpn-services-anonymous-review-2017-170304/

Phones

If anything asks for a phone number (although you should avoid the service if possible if they ask for one), use burner phones or public phones in coffee shops or such.  Buy the burner phones at any store and pay CASH.

Email

Never use your real email address in anything you want kept private. For example, have an email address you only use for Facebook, have an email address you only use for Twitter, etc. And don’t have email addresses the same as your username, because it would be easy to guess an email address to hack.  
For example:
Tumblr / Twitter / Instagram username @JohnSmith is using email addy – JohnSmith@gmail dot com
Do not do the above because the email address is easily guessable.  Add numbers or extra words to the email addy such as JohnSmith2017OMGlulz@gmail or whichever email service you use.  
Note:People actually put their REAL NAMES on their email addresses and on many other services!  Don’t do that!

Personal Information

Keep your mouth shut about your personal info.  Many, many people tweet all their info and pictures. Don’t post pictures of your children, your job, etc.
Don’t tweet personal pictures of yourself because a google image search can, in many cases, reveal who you are. Especially if the picture has been placed anywhere else online.  Google doesn’t index all pictures but does index a good deal of them.
Even mentioning seemingly innocuous information can lead to hackers being able to guess your security questions.

Timezones

Change your timezone in all your accounts to trick people. People can deduce your location from what timezone you use. If you live in the Eastern timezone, choose Pacific, or use GMT, Etc. 

Twitter DMs 

Twitter employees can and do read your DMs. There is also always the risk that someone may hack your accounts and read your DMs. If sharing info – instead of DMs, use Privnote.  You can set it up to expire once it’s been read.  https://privnote.com/
Using Tor Messenger will encrypt your twitter DMs.  It’s still in Beta. https://blog.torproject.org/category/tags/tor-messenger

Other Useful Links 

A good private chat room for groups seems to be https://www.chatcrypt.com/.
Great guide for many privacy services – https://www.privacytools.io/
Tips, Tools and How-tos for Safer Online Communications

credit and thanks to @kaidinn for taking their time to write out the core lessons of this article
I’ve edited this article from the original, the original article can be found here – https://pastebin.com/uX17HnHi

from Blogger http://www.n0v.pw/2018/03/staying-safer-online.html
via IFTTT