Ultrasurf Is Malware

[LockBox]

I think your answer lies in the fact that UltraSurf itself is on the up and up but has possibly been compromised the by the government of the People's Republic of China. UltraSurf is one of 3 services that belong to the Global Internet Freedom Consortium. The other two being Dynaweb and Garden. Apparently one has been known to have been compromised and it's a constant hacking war to keep these three services providing a free-flow of information in and out of China.

Just posted hours ago from a VERY long article in the Asia Times:

------------

The most widely-used facilities are Dynaweb, Garden and Ultra Surf. These services coordinate their offerings through the Global Internet Freedom Consortium (GIFC), a group that receives some US government funding and is apparently run by friends of Falungong, the outlawed and extremely tech-savvy Chinese religious group-cum-political movement.

The three services gleefully run a never-ending Spy vs Spy war with the Chinese cybercops, continually flooding the zone with new Internet Protocol (IP) addresses - a computer's identification number on a network - that their users (and the Chinese security organizations that inevitably participate in the service) link to with a "tunnel discovery agent" in order to connect to proxy servers - a computer system or application program that acts as a go-between - before the Chinese government shuts them down.

They count VOA and RFA as their clients and proudly state that the service has never been interrupted.

But, in the case of gh0st RAT, maybe score this round to China. In its own analysis of the computer security travails of the Tibetan emigre community, "Snooping Dragon", the University of Cambridge reported [3] that the China hackers availed themselves of Dynaweb's facilities:

However, after a while, we saw a number of accesses through Dynaweb - a set of anonymization proxy servers associated with the Falungong religious movement, which is also detested by the government of China. We are at a loss how to explain this. Perhaps the Chinese detected the start of our clean-up operation and decided to hint that they had compromised Dynaweb - whether to deter people from using it, or to deter the US government from funding it? We just have no idea.

----------------

I would suggest that after Steve and Kyle's discoveries, it appears that UltraSurf (as well as Dynaweb) has also been compromised. The above article, in its complete form can be found at The Asia Times here http://www.atimes.com/atimes/China/KD08Ad01.html Note there are two pages and you must go from page one - two, there is no "one page view". It is absolutely fascinating reading.

The article makes it clear UltraSurf is one of the "good guys" (even partly funded by the U.S. government).

[caspian]

Quote:

Originally Posted by Chuck57

That's a mantra I've heard too many times in my life. "If you aren't doing anything wrong, you have nothing to worry about."

Here is my response to them. "If you aren't up to anything illegal or malicious or un-American, then you won't mind showing me a little respect and not invading my personal space without cause".

[caspian]

Quote:

Originally Posted by badjoey

if you look at the website steve and his company specifally state that they deal 3 alot of 3 letter govt agencies and these contracts with these 3 letter govt agencies are probably worth millions of dolllars

Hell if I had a superior product to offer, I would be more than happy to take their money. It doesn't bother me in the least that Xerbank offers protection for government agencies. I care about my country. And although I disapprove of some of the things that are going on, I am thankful to live in the country that I live in, and I am more than a little determined to create change from within....in my own humble way..

And as far as Steve's integrity as a human being? I honestly believe that he (and many of his friends, Hacktivismo, CDC etc) care about human rights and basic human decency. And I think that they definitely value diversity and individuality. That weighs VERY heavily with me. and I also think that he is very serious about promoting freedom of speech, freedom of the press, freedom of religion, and a right to privacy.

If you haven't seen his presentation at Defcon, I think you should.

http://video.google.com/videoplay?do...+topletz&hl=en

Quote:

Originally Posted by badjoey

but if one of these 3 leeter agencies goese to steve or xerobank and wants info on some joeblow paying 35/month who do you honestly think xerobank is going to side with.

Why do you think that he would do something like that? You think he's a whore?...LOL! I have never thought of him as having a "money talks but ******** walks" type of mentality. He is far too enlightened for that.

Plus, and this is a very BIG PLUS....Do you honestly think that a government agency would trust him with their security if they thought that he would sell them out to the highest bidder?

[LockBox]

The answer to all this about UltraSurf is in my post #74 and a very well-written investigative piece by Peter Lee of the Asia Times. It's a long article but you'll hang on every word.

[LockBox]

Quote:

Originally Posted by caspian

And as far as Steve's integrity as a human being? I honestly believe that he (and many of his friends, Hacktivismo, CDC etc) care about human rights and basic human decency. And I think that they definitely value diversity and individuality. That weighs VERY heavily with me. and I also think that he is very serious about promoting freedom of speech, freedom of the press, freedom of religion, and a right to privacy.

Absolutely. If you want to talk associations, Steve's says it all with his activism with Hacktivismo, Cult Of The Dead Cow, etc. His commitment to privacy for freedom's sake and his work for these goals cannot be disputed.

[badjoey]

well for starters anyone who starts a panic without giving any proof what so ever loses all credibility as far as i am concerned.and steve has been known to say stuff that just isnt true or doesnt stant up to scrutiny.for starters back in december he first mentions he and his team were working on a project that would blow alot of these anonymizing services out of the water and here we are 5 months later and he still hasnt produced.and the whole ultrasurf thing was just not cool.he started a panic for no reason and got some people really worried.that is not someone i would be trusting.also either you are very nieve or are in cahoots with steve if you think its not about money.and the us govt can pretty much make anyone person or company do what they want.they are the most powerful govt on the planet so to sit there and say steve's not like that or that the us govt would not go into business with someone who would sell out to the highest bidder is laughable.the us govt will go into business with anyone because they are so powerful and arrogant that they believe they can control anyone and anything.you need to wake up people.

[emmpe]

Quote:

Originally Posted by Gerard Morentzy

The answer to all this about UltraSurf is in my post #74 and a very well-written investigative piece by Peter Lee of the Asia Times. It's a long article but you'll hang on every word.

Thanks for providing the link - good reading. I am a little wary of Falungong myself, at least as far as their spiritual claims go - they look like a very bizarre hoax. US government and Falungong, huh?

http://www.nytimes.com/library/revie...ng-review.html

Maybe there is some truth in the Chinese allegations of a cold war.

[markoman]

Quote:

Originally Posted by caspian

Hell if I had a superior product to offer, I would be more than happy to take their money. It doesn't bother me in the least that Xerbank offers protection for government agencies. I care about my country. And although I disapprove of some of the things that are going on, I am thankful to live in the country that I live in, and I am more than a little determined to create change from within....in my own humble way..

And as far as Steve's integrity as a human being? I honestly believe that he (and many of his friends, Hacktivismo, CDC etc) care about human rights and basic human decency. And I think that they definitely value diversity and individuality. That weighs VERY heavily with me. and I also think that he is very serious about promoting freedom of speech, freedom of the press, freedom of religion, and a right to privacy.

If you haven't seen his presentation at Defcon, I think you should.

http://video.google.com/videoplay?do...+topletz&hl=en



Why do you think that he would do something like that? You think he's a whore?...LOL! I have never thought of him as having a "money talks but ******** walks" type of mentality. He is far too enlightened for that.

Plus, and this is a very BIG PLUS....Do you honestly think that a government agency would trust him with their security if they thought that he would sell them out to the highest bidder?

Xerobank, as most of the companies, exist with the target of making money. A company needs a lot of many even only in order to exist. I don't know what commercial power American Agencies have with respect to Xerobank, but if a good percentage of Xerobank's income came from a three letter agency, such agency would have a good basis for getting information from Xerobank. This is natural, and should be expected by ANY company.

On the other hand, I believe that American Government is not such a big client for Xerobank.

[Judge Dee]

Quote:

Originally Posted by badjoey

well for starters anyone who starts a panic without giving any proof what so ever loses all credibility as far as i am concerned.and steve has been known to say stuff that just isnt true or doesnt stant up to scrutiny.

You haven't exactly wowed me with your proofs either. At least BlueZannetti, who's been with this forum since 2003, had something concrete to give us. At least CaixFang had something concrete to give us. You only give us paragraphs full of innuendo.
I'm at this forum because I trust the owners, and I believe they are very capable of choosing the best and the most honest people as administrators and moderators. When they give advice, backed with what proof is there, I choose to believe them, not ranters.

[fuzzylogic]

lets not let this stat to become yet another xerobank flame war, this is about ultrasurf and whether or not its a good anonymizer. This is really about helping people get around totalitarian governments, but what i'm most disappointed in these products is that they focus too much on china not on equally oppressive governments like iran, thailand, north korea, UEA, etc. Freegate and gtunnel are now only access by chinese ip addresses and that really means equally opposed people are being cut off.

[SteveTX]

Joey, your patently false libel against me will not cause me to reveal more information. Prior to your existence here, there were many other threads where claims were made. While they don't often move as fast as I or you desire, as projects do have delays, mine all turn out to be true. I still stand by what I've said 100%: Ultrasurf is malware. Erase it. Do not run it. Don't even run it inside a virtual machine or sandbox. Any alternative is better than running Ultrasurf, it's severity of risk cannot be overstated. ... And stay tuned for deanonymizer

[Coolio10]

KIS 09 reports ultrasurf connects to many u.s government, bank, and educational institutes. It also uses low-level disk access for some reason.

Looks like malware to me.

[Fly]

Quote:

Originally Posted by Coolio10

KIS 09 reports ultrasurf connects to many u.s government, bank, and educational institutes. It also uses low-level disk access for some reason.

Looks like malware to me.

Can you be more specific about what KIS reports ? When/how do you get that report ?

Btw, I googled Ultrasurf and KIS and noticed a result that offered free keys for Kaspersky !

[Coolio10]

Quote:

Originally Posted by Fly

Can you be more specific about what KIS reports ? When/how do you get that report ?

Btw, I googled Ultrasurf and KIS and noticed a result that offered free keys for Kaspersky !

You could of googled "kaspersky internet security 2009" and still got keys lol.
I'll post screenshots later.

[Coolio10]

Here's shots.
The I.P's are sometimes different, and some aren't even website servers.

[Coolio10]

pics continued

[Coolio10]

pics continued 2

[CaixFang]

Over a month, and nothing further, huh Steve?

I'm with the "Why bring it up" people now. If you were going to go this long, all you should have said was "US has been confirmed as malware by us and / or other people, I would strongly recommend removing this product asap."

My jaw hurts from waiting so long for it to drop...

I don't want to be an ass, but I am losing faith in Steve by the day (not because of this thread, just in general, and this supplements it.)

I would think if it was "jaw-dropping" something public would have come out by now, or this is so serious that the public will never know about it, in which case, back to "Why bring it up...."

Next time you put your $.02 in, I'll make sure to give you change.

[Fly]

Quote:

Originally Posted by CaixFang

Over a month, and nothing further, huh Steve?

I'm with the "Why bring it up" people now. If you were going to go this long, all you should have said was "US has been confirmed as malware by us and / or other people, I would strongly recommend removing this product asap."

My jaw hurts from waiting so long for it to drop...

I don't want to be an ass, but I am losing faith in Steve by the day (not because of this thread, just in general, and this supplements it.)

I would think if it was "jaw-dropping" something public would have come out by now, or this is so serious that the public will never know about it, in which case, back to "Why bring it up...."

Next time you put your $.02 in, I'll make sure to give you change.

Maybe it has something to do with 'deanonymizer' (1st of August), see Xerobank vs. ShadowVPN thread ? Yeah, I'm just curious too.

[SteveTX]

No, totally independent secrecy agreement.

[Genady Prishnikov]

Quote:

Originally Posted by SteveTX

No, totally independent secrecy agreement.

Agreement with who? The same people you promise to stand up to when push comes to shove? Sounds like a lack of stones to me.

[larserks]

Hi,

What happened to the information that should be provided

[SteveTX]

It will be included in my Blackhat talk in vegas.

[StevieO]

Just read the whole thread, boy this is better than the late night movie, except it's for real ! Looking forward to the full indepth details when they arrive. And yes i do believe SteveTX is honest, and gives reliable advice/info etc, even though he is part of XB.

Just some of the links/info listed in - http://www.robtex.com/dns/ultrareach.com.html -> http://www.robtex.com/dns/beastf**king.com.html#a6 -> http://www.robtex.com/dns/a**lflick.com.html

What's the connection between Ultra and those porn www's

Nebulus provided a great link, which links to - http://anubis.iseclab.org/?action=re...e5&format=html

In there you'll see, amongst a stack of other data, the proof of Unknown TCP Traffic to various places including DHS as in my screeny.

Read Cyber-skirmish at the top of the world by Peter Lee, interesting.

CaixFang

Holy Father of HackerDefender fame, died in a car crash a couple of years ago, so it can't be anything to do with him. Plus i'm convinced he would NOT have got mixed up in stuff like that.

Some good links and info by other posters too

[caspian]

bestf**king.com?? WTF?..