[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Tor's critique of Ultrasurf: A reply from the Ultrasurf developers
On 04/18/2012 02:07 PM, Kyle Williams wrote:
> So I guess nobody remembers or knows about my brief 15 minutes at Blackhat
> a few years back where I warned about much more than what is being
> disclosed here in regards to Ultrasurf or GIFC.
>
> Here's the Audit I did from years ago.
> http://www.janusvm.com/Ultrasurf_audit.zip
>
> Includes Video's of the audit sessions, IP's and hostnames they scan, pcap
> dump, and ZIP files or older version which contain the original
> malware/spyware (you've been warned).
>
> So here's the very, very short run down Since I'm pressed for time. This
> is total spyware. They record all your traffic, and use their "clients" to
> further scan the Internet or INTRANETs in some cases. They scan banks,
> colleges, and even US Government systems like the Department of Energy
> while using the users to mask the origin or the scans/hacks. Sneaky shit.
> They completely blew me off when they got accused of this before, but
> anyone can watch or audit this crap themselves and see they are up to no
> good. Almost all their old version have a Trojan or spyware or some kind.
>
> If I recall, the US State Department granted them a 1.5 Million USD for
> something or another.
> http://www.washingtonpost.com/wp-dyn/content/article/2010/05/11/AR2010051105154.html
>
> Bottom line and simply put, GIFC/Ultrasurf IS VERY BAD AND THE (STUPID) US
> GOV IS HELPING PAY FOR THIS SHIT TO EXIST.
>
Hey Kyle,
I cited your work - I thought it was interesting but it didn't go far
enough. Specifically, I found that some of the traffic you saw is most
likely their decoy traffic - check out my paper, I bet you'd enjoy it.
All the best,
Jacob
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk