I was watching one of my fav shows last night when I heard one of the characters say something that made me think of this thread and I laughed. The lines I heard were "Hacking into the database now boss. Got his IP address and starting a trace." Maybe he was trolling like he was Tim McGee from NCIS?
AmberCutie's Forum
An adult community for cam models and members to discuss all the things!
MFC member scam
- Thread starter bodisha
- Start date
-
** WARNING - ACF CONTAINS ADULT CONTENT **Only persons aged 18 or over may read or post to the forums, without regard to whether an adult actually owns the registration or parental/guardian permission. AmberCutie's Forum (ACF) is for use by adults only and contains adult content. By continuing to use this site you are confirming that you are at least 18 years of age.
- Status
schlmoe
V.I.P. AmberLander
Yes I thought this too, in what he posted on my wall I noticed he starts by trying to feed my ego, then tells a half-truth, then tells an outright lie, then sugar coats it again at the end by saying it's nice to see someone looking out for the models.sxycherrypie said:
Credit where it's due, very clever missPurplestar420 said:
MrRodry said:
Almost as scary is what they can do with photographic "enhancement" technology these days, and it looks so deceptively easy to use too! Wait, go back, zoom and enhance those 4 pixels into 16000 new ones!
Jupiter551 said:
Don't go spreading around this but some judges here believes that tech shit is real and usable in real life. :shhh:
schlmoe
V.I.P. AmberLander
Jupiter551 said:
I especially like it when the original footage/photo is from a grainy, B/W security cam and/or satellite. Those CSI/NCIS/24 dudes are so awesome...
I like in Independence Day where they're able to fly in to the alien mothership and upload a virus that can shutdown the alien mainframe consisting of highly advanced and obviously completely unknown technology.
In 1995.
In 1995.
Newsflash- don't expect the legal profession to understand technology ever. The jury in any case will know 10x more about tech than the lawyers and the judge combined.MrRodry said:
Mikeythegeek said:
I think you are giving the average juror more credit than they deserve. They are the people that watch these CSI shows and think these type of investigations happen after every death and murder. This Frontline report is a real eye opener http://www.pbs.org/wgbh/pages/frontline/post-mortem/
i also liked that the scientiest had no better to do than to write a graphical clock that displays the countdown on his way to the white house....Jupiter551 said:
Also in the top ten is Jurassic Park "Oh - this is a unix - i can do that"... all you need to control the whole thing.
This guy is very scary on many levels.He has what I like to call a silver tongue.He can talk people into almost anything if he words his sentences right,makes people think he is a cool awesome person.Very manipulative in my opinion.
As I state in my original post... I worked in the IT Security industry for 4 1/2 years... In that time I became familiar with multiple tools to attack a site with and even have a small lab here at my house I'll play around with to keep up to date with how they work.... But I'll be the first to say, while I understand some of these tools... I am far from an elite hacker or any threat to national security.... There are tools that can be used by pointing at a web site and press the enter button these days... But that doesn't insure there are any exploitable vulnerabilities... Most tools aren't simple to use and require planning and coordination to make work... And require even more planning to use to make sure someone doesn't get caught
For every potential attack vector identified... Some company has either made, or is working on, a product to either close it off or make identifying an attack easy to do... I mean hacking a web site successfully (And by successfully I mean doing it and getting away with it) isn't like on TV... Most peoples idea of hacking a site is from 1996 but the reality is it's much more difficult to execute, and get away with.... and I'm certain MFC would pursue, and prosecute a member that compromised its servers
If AgeOfTim had any tool that would be able to exploit a vulnerability... I can say with a fair deal of certainty MFC would be able to identify it quickly due to specific requirements the credit card industry impose of firms taking credit cards... The credit card industry mandates that companies excepting credit cards have to implement certain security measures to insure they aren't hacked... While these measures are no guarantee a company can not be hacked... It does go along way to make sure if it is that company will catch it quickly
What AgeOfTim did with his lil con is called "Social Engineering" in the IT Security community, and its basically conning someone into trusting them... Which usually have the same basic formula... One thing I noticed he did was limit how many models he was willing to "monitor"... Which I'm guessing helped build that sense of urgency with the models... Start off with a friendly helpful persona... Toss in a lil technical terminology that the models probably wouldn't understand... Throw in a splash of annoyed arrogance at models asking questions... And make it seem like there's the chance he might not "monitor" their room... And mix in a whole bunch of "omfg i'm being recorded"... And get 1 model vouching or promoting him.... and I think you have the perfect MFC member scam for the remaining models
Now at this point I'm not sure it matters... It seems like he's been exposed fairly well... But he might not have deleted his user account. I noticed he disappeared off my friends list again... And his profile is gone... But someone I was working with to help identify what was really going on here still has him on his friends list... So I think he somehow found out what state I live in and has it blocked so it simply looks like he deleted his account to me... If others are interested... They might want to keep an eye on him
It's the same formula used to get some women under thumb & gain control of them.... Start off happy & nice... and slowly move the line back with the lies & shitty behavior... toss in a lil arrogant blame for why its the chicks fault he treats her like shit... play off a lil insecurity like your not going to stand for their bullshit... and BAM you got a chick chasing you around to either monitor their room or suck your dick
bodisha said:
Yeah his comment on my wall still has his name as a link (does that disappear if he closes account?) Anyway, I think you actually have to contact MFC and request account closure - so more likely even if someone was to "leave mfc" they would just hide their profile. So who knows.
As an aside, I'm sure many of you have read this extremely funny satirical article: "Is your son a computer hacker?"
http://adequacy.org/public/stories/2001.12.2.42056.2147.html
We're all saying how this would be impossible, but I just thought of a (theoretical) way it could happen. Say he discovers a vulnerability in the MFC website such that he can paste a link into the chat and it causes a virus to be downloaded to everyone in the room. That functionality is not impossible. It happens all the time with compromised websites. So if he knew some hole in the browser<-->MFC communication, he possibly could download something to your computer. Once it's on your computer, it could scan for recording programs or whatever.
Let me be clear: He is not doing this. He's just trying to trick people. But I wanted to bring it up to show that there is a way it could possibly be done. So for all of us who sit here and laugh, saying that's impossible, it's not. Highly unlikely, yes. Impossible, no.
Let me be clear: He is not doing this. He's just trying to trick people. But I wanted to bring it up to show that there is a way it could possibly be done. So for all of us who sit here and laugh, saying that's impossible, it's not. Highly unlikely, yes. Impossible, no.
NoelleBright
Inactive Cam Model
NoelleBright said:
Opening a link is just one way to do the exploit. The model could paste a link in her chat that was really tempting and people would click on it (hey guys, I have video samples here http:...).
But you don't have to have a link that people click on. Maybe she has an object on her profile that would download the virus through a Flash exploit.
Maybe someone figures out a way to embed html codes in the room topic that does some funky stuff.
You know how a page can have youtube videos embedded in them? Maybe a member figures out a way to have embedded objects appear in chat that would download the virus.
Again, these ideas are highly theoretical and improbable. But I bring them up to point out that the method described in the OP is not the only way the exploit could work. It's not enough to discount one idea and think that it's impossible just because that one way wouldn't work.
NoelleBright
Inactive Cam Model
Okay, there are a whole mess of things you aren't accounting for here.
Firstly, we have a VERY limited character count when setting our topic, it's impossible to be able to fit any sort of code in there anyway, so you can scratch that.
Something in the profile? Really not helpful, out of the hundreds of guys in a girls room at any given moment probably only about 10-20% are actually going to visit her profile, and they would probably be the ones who give a shit and not the type to record shows and post them all over the internet anyway.
That would leave the only probable method of this happening as posting something in the room. Admittedly, I'm not extremely knowledgeable when it comes to areas like this but I can't really think of anything at all ever that would cause something to be downloaded to all the people in the room without them clicking on it, but whatever, for the sake of this argument I will pretend it can happen. Even if it could, that would NEVER effect all the people in any given room at one time because there is constant in and out traffic. So say this magical download was posted when the girl started the show, 10 minutes later there are 500 more people in there than when this thing was even put into the chat. That means it would constantly need to be reposted in order for it to effect everyone in the room. Now the model certainly couldn't do that herself, and this guy certainly couldn't be around for EVERY girls show all the time in order for something like this to work.
Also, you're completely disregarding how tight of security MFC probably has to keep shit like this from happening. If a loophole like this was discovered, MFC would put an end to it so fucking fast your head would spin, because if it's possible for this than surely someone would figure out how to do it with a keylogger then MFC is in a whole world of trouble.
So sure, maybe this is possible in a fantasy land of maybes and what ifs but so are unicorns, so really.... :lol:
Firstly, we have a VERY limited character count when setting our topic, it's impossible to be able to fit any sort of code in there anyway, so you can scratch that.
Something in the profile? Really not helpful, out of the hundreds of guys in a girls room at any given moment probably only about 10-20% are actually going to visit her profile, and they would probably be the ones who give a shit and not the type to record shows and post them all over the internet anyway.
That would leave the only probable method of this happening as posting something in the room. Admittedly, I'm not extremely knowledgeable when it comes to areas like this but I can't really think of anything at all ever that would cause something to be downloaded to all the people in the room without them clicking on it, but whatever, for the sake of this argument I will pretend it can happen. Even if it could, that would NEVER effect all the people in any given room at one time because there is constant in and out traffic. So say this magical download was posted when the girl started the show, 10 minutes later there are 500 more people in there than when this thing was even put into the chat. That means it would constantly need to be reposted in order for it to effect everyone in the room. Now the model certainly couldn't do that herself, and this guy certainly couldn't be around for EVERY girls show all the time in order for something like this to work.
Also, you're completely disregarding how tight of security MFC probably has to keep shit like this from happening. If a loophole like this was discovered, MFC would put an end to it so fucking fast your head would spin, because if it's possible for this than surely someone would figure out how to do it with a keylogger then MFC is in a whole world of trouble.
So sure, maybe this is possible in a fantasy land of maybes and what ifs but so are unicorns, so really.... :lol:
NickT said:
I don't pretend to be an expert but this seems completely unfeasible. Even the concept of what it would entail is unfeasible, you'd need a trojan that would defeat detection by every firewall and virus scan in use, both by MFC, customers, and probably some ISPs too. Because as soon as one person got a trojan flagged from a profile or link it's game over and whichever model or member distributed it has a nice fat e-trail leading to their front door.
BTW, ever see those idiots who post a link to "free pvts, THIS REALLY WORKS" or some crap in rooms? never clicked the link obviously but pretty sure that's a trojan/keylogger because it hacks those accounts, does whatever it wants in there and then uses them to spam the link too. Those accounts that spam the link? They're the fools who clicked it.
Jupiter551 said:
You're right about the detection but antivirus scanners are only effective if you regurarly update it's definitions having said that there are manny possible ways to attack.MFC uses PHP while this scripting language is a wonderfull invention some risks are involved and you need to know what you are doing... some things to watch out for
- XSS (Cross Site Scripting)
- rfi (remote file include)
- SQL injection **** DANGEROUS LOOK OUT !!!! ****
- CSRF (Cross Site Request Forgery)
- ...
Also i don't think this can be blamed to models most are not tech enough to make things like this work unless offcource they have help
Assuming you have a legit copy of windows 7, or a non-legit way of defeating the authentication procedure, I've found Microsoft Security Essentials to be the best AV prog I've used in years. It updates daily, doesn't hog resources, in fact you won't even know it's there or updating until it finds a problem.
Jupiter551 said:
I suspect that software from not properly detecting rootkits and if you get infected by a rootkit then you have a problem why ? it will disable security related software (antimalware,antivirus etc) access to websites that contain information on howto remove viruses is blocked it's also known that computers which are infected with a rootkit and try to use google the rootkit redirects the google results to some parasite.I'm verry sorry to say this but antivirus software requirers allot of human management and can only be effective if you use a paid one.I'm not saying the known paid ones are perfect and detect everything but usually with a free antivirus you get what you pay for.
You cannot clean a rootkit infected computer yourself unless you know what you do you will need to use a rootkitdetector which is a special tool and the result(s) it produces is not meant to be interpreted by the regular computer user.You are free to use security essentionals if you like it but i wouldn't recommend it however one fact i do agree with that software is the first of it's kind that isn't a resource hog (norton is the champion lol)
yeah but you can rid of rootkits by either running a remover in safe mode or booting from a disk right? I can't remember but I got rid of one a few years ago
Jupiter551 said:
That would depend on which one a persistent rootkit activates itself each time your computer boots so safe mode or not.... you can guess this kind of rootkit is 99% sure malware related just like there are different types of viruses (and the damage they cause) there are different kinds of rootkits
Lots of voodoo and "I know that..." stuff in here.
Firstly, it is possible to have exploits. I am not overly sure how vulnerable things are to them anymore - essentially a file is identified as a type. They pretend to be one type, but are another, and contained code inside which whilst your browser (or OS, or whatever) was dealing with it would result in having quite different behaviour. Most vulnerabilities were plugged. However, here's an example (using mIRC client).
http://www.pandasecurity.com/usa/homeus ... ticia=3189
So yes, it is possible. Highly improbable as I imagine these sorts of things have been fixed up years ago.
Secondly, yes, anti virus should pick up most attempts in the event they do somehow "infect" you - but even so, there are % success for picking things up. Nothing is 100%, even at 99.99% - when they test against 500,000 viruses/malware etc, that still leaves you 50 being undetected.
But beside all that - do you know how many computers don't have any protection? It is depressing to know most are computer users are f'kin retards. Same reason why they mass mail those ridiculous "you've won the lottery" or "rich Nigerian has died..." things. There's always one which makes it worthwhile to do this... I'm fairly sure that in a busy room there are several who have zero protection on their computer (they may be arrogant, or stupid, or both).
As for MSE - I use it, and it has great detection rates for rootkits amongst free anti-virus offerings. It is resource light, a bit slow, but good overall for a free product. I would go for a paid one, but only when I upgrade my rig to be capable of dealing with everything - however, there is not much to be gained from paid over a good free solution. Indeed, many free solutions are better than the paid solutions offered by big companies. One that springs to mind is Comodo's firewall with Defence+ . Whilst I wouldn't ever use their antivirus (it was awful at first) their firewall with defence+ is brilliant. However, it pisses the hell off out of most users.
Bottom line - keep windows up to date, install anti virus (if you don't trust MSE, then I suggest Avira's free Anti-virus above AVG or Avast, but they're both good too), a firewall (if you don't trust windows own firewall, then go for something more robust with real time monitoring of processes and outbound connections - such as Online Armor or Comodo - although you may get pissed off with their real time monitoring). You can also get secondary scanners such as Malwarebytes Anti Malware (Free) too, and scan once a week.
Anyway, could this person have made the program he claimed? Unlikely. Extremely unlikely. For many reasons. What you currently have are people now coming up with ways he may have been able to achieve it. The most likely answer to all this is "stop searching for explanations when the simplest is that it's a straight forward con with zero effort".
He sucked a few in - why? Your paranoia.
You are paranoid, and you wish there is this magical way to prevent something. You want to believe... that's the biggest reason. You are searching for a solution, you want a solution.
He comes along with a magical solution, it's cheap... and it'd fix your problems. Whack in the usual voodoo chit chat and you're sold because you want to believe it.
As long as he feeds you some plausible bullshit you'll fall for it - because you want it to be true (and likely you don't really understand how things work).
Lets be honest, if he said he wanted 2 hours of skype sex show per month you'd probably become suspicious - but because there was payment, it somehow adds legitimacy in your mind...
Most cons are simple. Stop trying to find a complex, extremely technical/skilful explanation. It's just a plain old con.
Some fell for it - does it mean they're stupid? No, not necessarily. Just like avoiding the scam doesn't make you intelligent either.
It means they were vulnerable. Vulnerable and trusting.
It's the internet, don your tin foil hat and be sceptical of everything
*edit* Paranoid is a bit strong. You are worried, maybe scared.
Firstly, it is possible to have exploits. I am not overly sure how vulnerable things are to them anymore - essentially a file is identified as a type. They pretend to be one type, but are another, and contained code inside which whilst your browser (or OS, or whatever) was dealing with it would result in having quite different behaviour. Most vulnerabilities were plugged. However, here's an example (using mIRC client).
http://www.pandasecurity.com/usa/homeus ... ticia=3189
So yes, it is possible. Highly improbable as I imagine these sorts of things have been fixed up years ago.
Secondly, yes, anti virus should pick up most attempts in the event they do somehow "infect" you - but even so, there are % success for picking things up. Nothing is 100%, even at 99.99% - when they test against 500,000 viruses/malware etc, that still leaves you 50 being undetected.
But beside all that - do you know how many computers don't have any protection? It is depressing to know most are computer users are f'kin retards. Same reason why they mass mail those ridiculous "you've won the lottery" or "rich Nigerian has died..." things. There's always one which makes it worthwhile to do this...
I'm fairly sure that in a busy room there are several who have zero protection on their computer (they may be arrogant, or stupid, or both).As for MSE - I use it, and it has great detection rates for rootkits amongst free anti-virus offerings. It is resource light, a bit slow, but good overall for a free product. I would go for a paid one, but only when I upgrade my rig to be capable of dealing with everything - however, there is not much to be gained from paid over a good free solution. Indeed, many free solutions are better than the paid solutions offered by big companies. One that springs to mind is Comodo's firewall with Defence+ . Whilst I wouldn't ever use their antivirus (it was awful at first) their firewall with defence+ is brilliant. However, it pisses the hell off out of most users.
Bottom line - keep windows up to date, install anti virus (if you don't trust MSE, then I suggest Avira's free Anti-virus above AVG or Avast, but they're both good too), a firewall (if you don't trust windows own firewall, then go for something more robust with real time monitoring of processes and outbound connections - such as Online Armor or Comodo - although you may get pissed off with their real time monitoring). You can also get secondary scanners such as Malwarebytes Anti Malware (Free) too, and scan once a week.
Anyway, could this person have made the program he claimed? Unlikely. Extremely unlikely. For many reasons. What you currently have are people now coming up with ways he may have been able to achieve it. The most likely answer to all this is "stop searching for explanations when the simplest is that it's a straight forward con with zero effort".
He sucked a few in - why? Your paranoia.
You are paranoid, and you wish there is this magical way to prevent something. You want to believe... that's the biggest reason. You are searching for a solution, you want a solution.
He comes along with a magical solution, it's cheap... and it'd fix your problems. Whack in the usual voodoo chit chat and you're sold because you want to believe it.
As long as he feeds you some plausible bullshit you'll fall for it - because you want it to be true (and likely you don't really understand how things work).
Lets be honest, if he said he wanted 2 hours of skype sex show per month you'd probably become suspicious - but because there was payment, it somehow adds legitimacy in your mind...
Most cons are simple. Stop trying to find a complex, extremely technical/skilful explanation. It's just a plain old con.
Some fell for it - does it mean they're stupid? No, not necessarily. Just like avoiding the scam doesn't make you intelligent either.
It means they were vulnerable. Vulnerable and trusting.
It's the internet, don your tin foil hat and be sceptical of everything
*edit* Paranoid is a bit strong. You are worried, maybe scared.
I was in the navy and I worked on computer and was at a computer security school. As far as AgeOfTim being part of the military and able to do this or have access to programming like this. One thing people on that level are flagged big time, and they know the government is watching them. So if he made a program what would be able to do what he is calming a lot of men in black unmarked SUVS would show up at his door and want to have a talk with him. Sorry being former military I had to clear that up. Besides if he had black eyes they wouldn't let him in, no place to check off black eyes on the paper work.
- Status
Similar threads
