Monday, September 26th 2011
HideMyAss.com... Doesn't
UK-based www.hidemyass.com bills itself as a service offering complete online privacy, for a fee. However, that soon evaporates when the law comes knocking... just when you need them most. This is how alleged LulzSec member Cody Andrew Kretsinger, 23, of Phoenix, Arizona is now facing potential time in court over accusations of hacking using the service. However, HideMyAss claim on their home page:
However, the company defends their actions in a blog post:
So why aren't all those Egyptians who used the service recently to evade their country's censorship blocks being handed on a plate to the authorities?
Sources: The Register | TG Daily | HideMyAss blog
In this day and age of hackers, censorship, online identity theft, people spying and monitoring your online activities, your online privacy has never been so important. Our aim is to provide easy to use services that help protect your online identity and privacy. Our free web proxy is a secure service that allows you to surf anonymously online in complete privacy. For more advanced features our Pro VPN service adds increased security and anonymity on to your existing internet connection.Which can be taken as considerably misleading by some, as it gives no hint of a clause in their contract that means this bold claim is actually not strictly true.
It first came to our attention when leaked IRC chat logs were released, in these logs participants discussed about various VPN services they use, and it became apparent that some members were using our service. No action was taken, after all there was no evidence to suggest wrongdoing and nothing to identify which accounts with us they were using. At a later date it came as no surprise to have received a court order asking for information relating to an account associated with some or all of the above cases. As stated in our terms of service and privacy policy our service is not to be used for illegal activity, and as a legitimate company we will cooperate with law enforcement if we receive a court order (equivalent of a subpoena in the US).Twitter accounts affiliated with Anonymous were unsurprisingly vociferous in their criticism of HideMyAss's business practices and assistance of a federal investigation, dubbing the service SellMyAss, and arguing that HideMyAss users are less likely to trust it and more likely to look for alternatives. "Question @HideMyAssCom: Was it worth to rat out one guy who allegedly hacked #PSN in exchange for all your business? You will find out soon," AnonymousIRC said.
Our VPN service and VPN services in general are not designed to be used to commit illegal activity. It is very naive to think that by paying a subscription fee to a VPN service you are free to break the law without any consequences. This includes certain hardcore privacy services which claim you will never be identified, these types of services that do not cooperate are more likely to have their entire VPN network monitored and tapped by law enforcement, thus affecting all legitimate customers.
So why aren't all those Egyptians who used the service recently to evade their country's censorship blocks being handed on a plate to the authorities?
We follow UK law, there isn't a law that prohibits the use of Egyptians gaining access to blocked websites such as Twitter, even if there is one in Egypt. If a request for information is sent to us from overseas, we will not accept this request unless it is sent through the appropriate UK channels and a UK judge warrants a court order or a court summons that forces us to provide this information. We are not intimidated by the US government as some are claiming, we are simply complying with our countries legal system to avoid being potentially shut down and prosecuted ourselves.What this boils down to is that someone would have to be very naive to register with a credit card, thereby positively identifying themselves and expect the company not to keep track of their IP addresses and full logs of their activity to prevent themselves getting shut down by law enforcement. The only way the company can protect themselves is by sacrificing their paying customers, as they see fit. Not quite such an anonymous service is it? Seems that some LulzSec members are not so clever after all and should have read the terms and conditions...
Regarding censorship bypassing, some have stated it is hypocritical for us to claim we do not allow illegal activity, and then claim our service is used in some countries to bypass censorship illegally. Again we follow UK law, there isn't a law that prohibits the use of Egyptians gaining access to blocked websites such as Twitter, even if there is one in Egypt ... though there are certainly laws regarding the hacking of government and corporate systems.
Sources: The Register | TG Daily | HideMyAss blog
47 Comments on HideMyAss.com... Doesn't
Most of these sorts of companies will fold at the first DMCA C&D order they get, regardless of the fact that DMCA doesn't apply unless you're incorporated in the US. :rolleyes:
Very naive to think they would.
Oh, and you're welcome. :toast:
all linking to address in .in
The internet can be crap at times. :p
The responsibility ultimately falls on the kid. He decided to do bad stuff. If you don't properly cover up your tracks it's your own fault :(
While they have to protect themselve by "cooperating" with law enforcement, I'm sure they could do more than just hand their customers on a plate to the authorities. I'm sure there are ways to make records that little less available, or you know, they get "lost". It can all be done plausibly.
Think about it, by providing an anonymizing service like that, they know full well that their number one clients will be people that want to do stuff like that, so they're being quite hypocritical. Let this shit happen and take the punter's money while you're at it. However, the minute law enforcement turns up, just rat them out! :wtf: Nah, they're an accessory to these activities, however indirect they try to be.
Frankly, in this story, I blame both HMA and the hacker for being at fault, in different ways.
Think of it like torrents, nothing wrong with them, they are even becoming decently popular for developers to use. But what people use them for is illegal.
I think the company is 100% in the right.
I don't feel this is a news worthy story at all.
if you claim these guys werent smart for using a vpn service, then think about all those professionals, be it state run agencies, or companies hiring hackers to harm competitors, or stealing your personal info without you knowing it.
As lulsec said from the beginning, like them or not, is that they admit and go public, how many hundreds or thousands dont?
Like them or not they didn't go public (they hid), and they didn't come through on how big they were talking. When the heat got hot, they backed off and called it quits (smart), but they called bigger shots than what they actually pulled off. They talked out of their ass and then ran, but they toyed around for too long, left too much of a trail, just will take more time to hunt down more of that trail, more will be arrested. Has nothing to do with intelligence, infact I would call them stupid. Has to do with gall, these people got inflated sense of self and felt they were unstoppable, doubt this guy who was most likely at 23 finally starting to setup a life that would be decent for himself. I'm 25 and finally looking at getting into finally starting a career and putting my life together, arrested at 23 is a shame, I know I would feel robbed.
I couldn't be that dumb if I tried.
With a title like that I thought TPU was going to start reviewing a clothing line or something. :laugh: I don't see how these fools think they can hack stuff and not get caught seeing as though they don't know when to quit.
he got what he deserves