Mad-Bull
21-07-2009, 03:18 AM
First off I'm not a big techie, and all this info I have gathered from places on the net and a few forums over the past few hours and here is what I could find out. Some of this is copied and pasted, some of it may be wrong as I said I am not a techie, if you can prove me wrong please feel free to do so. With Safe-mail being problematic at the moment, people are searching for a more reliable service. Here's my opinion on one popular one. There was a rumor going a round in November of 08 about anonymousspeech being part of an FBI/Interpol sting op. There email service was shut down but servers left up for several days which happened to coincide with one of the biggest carders busts in history. This was never proven and seemed to fade away when the service came back online. Anon Speech stated that they were moving the server and that was the cause of the downtime.
http://www.itworld.com/security/56273/fbi-...tted-56-arrests
http://www.wired.com/threatlevel/200...rkmarket-post/
Also they say they've been based in Tokyo, Japan since 1996 when in fact their domain name was registered just 2 years ago.
But what about there server being located in Malaysia? not true according to my findings. There server is located in Panama City, Panama. And over the past 3 years they have had 5 changes on 5 unique name servers. One thing to note the IP location could be produced due to proxy redirecting if anyone knows a way to prove the true location of the server PLEASE let us know.
http://whois.domaintools.com/anonymousspeech.com
Another thing is that they are running their software/email service on a windows box, basically an internet facing exchange server.
Generally any gateway mail server if its worth a **** is going to be running postfix or sendmail on Linux and would show as "Apache" or differently depending on how they installed the tarball and configured the install of Apache, but it definitely wouldn't be IIS 6.0.
Remote desktop which allows real-time network mirroring of one computer's graphical display onto another computer ( with or without shared mouse & keyboard interaction.) So, a specific program that accomplishes that mirroring is enabled on the anon speech server so guess what? if you are on the same subnet you can sniff all traffic going through remote desktop.
So you say "Who cares?" Remote desktop traffic is ALL unencrypted. so the traffic you'll catch with Man-in-the-middle way gives you everything. Someone could easily book a VPS on same subnet from firstserver Japan and sniff the traffic.
The system is fully in Japanese language, so I don't think many people apart from Japs can easily maintain the system. So if it was feds they would take down the whole system and copy data to read it on an English based system, except if they put in a USA/JAP nationality agent.
They also state to be a Swiss business and follow Swiss laws. Which due to a law passed April 1st, 2003. "Internet Service Providers (ISPs) to keep a 6 month email log file. That means they will have to store time, size and addresses of all emails sent by their customers (the SMTP envelope data)." But according to them "For the security of our subscribers, AnonymousSpeech does not backup any log files. We store logfiles for a maximum of five days. This protects our servers from being compromised by abusive users."
http://www.edri.org/edri-gram/number...-email-records
Finally there forum on the anon speech website, all posts have to be approved before being posted which is VERY fishy to me. Please feel free to add anything or prove any of my points wrong I'd love to hear more input on this situation. Thanks for reading
-MB
http://www.itworld.com/security/56273/fbi-...tted-56-arrests
http://www.wired.com/threatlevel/200...rkmarket-post/
Also they say they've been based in Tokyo, Japan since 1996 when in fact their domain name was registered just 2 years ago.
But what about there server being located in Malaysia? not true according to my findings. There server is located in Panama City, Panama. And over the past 3 years they have had 5 changes on 5 unique name servers. One thing to note the IP location could be produced due to proxy redirecting if anyone knows a way to prove the true location of the server PLEASE let us know.
http://whois.domaintools.com/anonymousspeech.com
Another thing is that they are running their software/email service on a windows box, basically an internet facing exchange server.
Generally any gateway mail server if its worth a **** is going to be running postfix or sendmail on Linux and would show as "Apache" or differently depending on how they installed the tarball and configured the install of Apache, but it definitely wouldn't be IIS 6.0.
Remote desktop which allows real-time network mirroring of one computer's graphical display onto another computer ( with or without shared mouse & keyboard interaction.) So, a specific program that accomplishes that mirroring is enabled on the anon speech server so guess what? if you are on the same subnet you can sniff all traffic going through remote desktop.
So you say "Who cares?" Remote desktop traffic is ALL unencrypted. so the traffic you'll catch with Man-in-the-middle way gives you everything. Someone could easily book a VPS on same subnet from firstserver Japan and sniff the traffic.
The system is fully in Japanese language, so I don't think many people apart from Japs can easily maintain the system. So if it was feds they would take down the whole system and copy data to read it on an English based system, except if they put in a USA/JAP nationality agent.
They also state to be a Swiss business and follow Swiss laws. Which due to a law passed April 1st, 2003. "Internet Service Providers (ISPs) to keep a 6 month email log file. That means they will have to store time, size and addresses of all emails sent by their customers (the SMTP envelope data)." But according to them "For the security of our subscribers, AnonymousSpeech does not backup any log files. We store logfiles for a maximum of five days. This protects our servers from being compromised by abusive users."
http://www.edri.org/edri-gram/number...-email-records
Finally there forum on the anon speech website, all posts have to be approved before being posted which is VERY fishy to me. Please feel free to add anything or prove any of my points wrong I'd love to hear more input on this situation. Thanks for reading
-MB