Friday, April 20, 2012












Anonymous builds its own Pastebin-

like site

 

Hacker group Anonymous and the People's Liberation Front have created a data-sharing site called AnonPaste, meant to host pastes of code and other messages without any moderation or censorship of the information posted. The new site, which uses a free .tk web address, allows users to set a time for the paste to expire. It claims that data is encrypted and decrypted in the browser using 256 bit AES, so the server doesn't see any of the information included in the paste.The site says it's taking donations in the form of WePay or BitCoins.
The two groups launched AnonPaste as an alternative to the popular code-sharing site Pastebin, which has struggled to deal with its growing reputation as the popular hangout for malicious code or stolen data. Recently Pastebin has seen a huge growth in traffic, but it's also faced increasing DDOS attacks—one in February used over 20,000 unique IP addresses alone.
To deal with the growth in sometimes-illegal traffic, Jeroen Vader, a Dutch internet entrepreneur and the owner of Pastebin, has claimed that the site does occasionally filter out illegal information that gets pasted. He commented last week to the BBC that the site has complied with occasional law enforcement requests to turn over data. According to the press-release issued on AnonPaste this week, Pastebin's claims were largely the impetus for the creation of the new data-hosting site.
AnonPaste is built using open-source software called ZeroBin, created by French developer Sebastien Sauvage. According to Infoweek Sauvage has experience in creating online authentication systems for French banks, suggesting the creator knows a thing or two about encryption of data. Still, on the software's information page, Sauvage reminds potential users that ZeroBin software can not protect against potential Javascript attacks. "Users still have to trust the server regarding the respect of their privacy," he says. "ZeroBin won't protect the users against malicious servers."
Although Anonymous has used the news of AnonPaste to taunt Pastebin, Vader isn't worried about the popularity of his own site. He does see problems with the general idea of the new paste site though. "Having this new anonymous paste service online will most likely mean that less 'sensitive information' is posted on Pastebin.com, which we like," Vader told Ars, "But we think this new totally anonymous Paste site will be used mainly by people who have something to hide, people who are posting things that really shouldn't be posted. We see no benefit for normal legitimate users to use it over the currently existing paste websites. We are afraid that this site will be bombarded with people's personal information, credit-card details, and things such as child pornography."
In the press release, the creators of AnonPaste washed their hands regarding content: "Because the data on our servers is unreadable by us (or anyone), the responsibility for the legality or appropriateness of any paste lies solely with the person posting. So there will be no need for us to police this service, and in fact we don't even have the ability of deleting any particular paste."
Indeed, without the possibility of deleting information, authorities might argue the site poses a threat to personal privacy and institutional operations. Vader told Ars, "Here at Pastebin.com we think freedom of speech is very important, but we do think there should be some form of content moderation, because people do abuse paste websites, and if there is really no delete option, this could cause major harm." He added that yesterday his site released a "My Alerts" feature, which allows people to track names or keywords on Pastebin, so if illegal information shows up they can submit a takedown request to Pastebin in a timely manner.
And InfoWeek notes that ZeroBin has not been stress-tested against the kinds of DDOS and other attacks that might threaten AnonPaste's operation and philosophy of anonymity. As of this afternoon, access to AnonPaste has been on-and-off, suggesting there are still many hurdles for the endeavor to function at all.






o
Share/Bookmark

No comments:

Post a Comment