Hacker News new | past | comments | ask | show | jobs | submit login
"Goldman sachs code torrent" honeypot (cryptogon.com)
59 points by yread on July 9, 2009 | hide | past | web | favorite | 12 comments

Why didn't they hide their tracks? Because they're not the "bad guys." They're just bored employees.

Yeah, it's a neat exercise, but the guy takes it a bit too seriously. I think your 'bored employees' assessment is spot on.

I'd also like to point on that the source is pretty wacky.

Some choice quotes from the site:

"Since the assassination of John F. Kennedy, an international, crypto-fascist syndicate has been rapidly consolidating its grip on this planet."

"The system is in collapse now. This is my best and only advice: Get into a situation that eliminates your reliance on luck and minimizes the impact of factors that are completely beyond your control. Do this immediately."

Apply grains of salt as needed.

Is a crypto-fascist like a crypto-zoologist?

It's a term that originated out of something of a malapropism by Gore Vidal at a Democratic National Convention, made speaking of William F Buckley Jr., meant to imply that he was a secret fascist.

If only cryptozoologists were secret zoologists.

If only cryptozoologists were secret zoologists

Awesome! I'm going to have a t-shirt made.

Maybe they meant klepto-fascist?

The hits are a result of an OSINT (Open Source Intelligence) procedure that every investigative agency or department typically follows as part of an investigation. The modus operandi being that personnel scour public sources for a given set for amalgamated analysis.

That said, it is not necessary that people related to this investigation are the ones who visited that link. The organizations in question are large entities with a multitude of people curious about what is possibly the biggest corporate 'espionage' case of the year. Cool experiment nonetheless.

Really not sure what the point was, other than to see if concerned parties would snoop around—which, of course, they did.

> It’s a mystery to me why more organizations don’t hide what their people are doing online (ask any 12 year old computer enthusiast how this is done if you don’t know), but for whatever reason, many of them don’t.

I don't know, how?

I liked this comment:

"I think it is tres interesante that you know how to read who hits your website. I am totally unschooled in such things and when I see what you find. Wow."

Most people have no idea how big their tracks are on the web. When you visit a web server it generally logs that you did and any information your browser supplies, which is often a surprising amount (useragent, referrer). That along with some decent GeoLocation on IP addresses and reverse lookups and you can tell a lot about a person. Add in a little Googling and that anonymous threat you left might just turn around on you.

kiddie games

Someone seems to be taking this extremely seriously. I just tried to post it on a large, paid WordPress hosted blog, and the blog refused to accept it three times in a row. Then I "TinyURLed" it and it went right through, and was posted as an ordinary "TinyURL"!!!

Try it!!!

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact