aaa

is it safe enough to use a proxy with other peoples info
or is wireless needed

How safe is safe enough for what you are doing?

Use both.

1: Wireless is not safe, it can be traced back to your pc's unique MAC-adress .
2: proxy's aren't that safe either, if you use an online proxy you trust them with your info.

If you want to be safe use TOR for browsing the web and shit. And use someone else's internet connection. Here you can read how it works : http://en.wikipedia.org/wiki/Tor_(anonymity_network)

1: Wireless is not safe, it can be traced back to your pc's unique MAC-adress .
2: proxy's aren't that safe either, if you use an online proxy you trust them with your info.

If you want to be safe use TOR for browsing the web and shit. And use someone else's internet connection. Here you can read how it works : http://en.wikipedia.org/wiki/Tor_(anonymity_network)

TOR is slow and is pretty shitty compared to other programs of its type.

Wireless is safe enough, its random and you will be long gone by the time the vendor or merchant caught on to the fraud. I do recommend using a proxy with your wireless location to further protect it. Avoid the usual (and useless) wifi hotspots like tmobile spots (starbucks, mcdonalds, panera bread). A VPN is very good since it keeps your ISP or the wireless location from seeing your packets in the clear, but most commercial shopping sites use https anyhow so its not crucial. Just follow a few golden rules:

Always use a proxy, even at a wireless hotspot
never card from home (even an expert proxy user makes mistakes)
never habitually use the same wireless locations
change MAC address often (every session is good)

If you really want to cover your tracks download a free distro of linux and burn it to a CD/DVD, and run your web session from that DVD. Once you remove the DVD all your web activity is gone forever.

want to explain further how the linux idea or why it works?

aaa

I use SLAX, google slax linux and download it and then burn it to a DVD or CD. When you run the DVD, it will give you a full Slaxware linux OS, complete with web browser. Slax is only one of many linux versions you can run from a DVD.

Nothing will run from your HDD. Nothing you do under the Slax OS will show up under your windows or apple OS. Your internet session will vanish the instant you remove the DVD.

Consequently you can't save anything from the linux session permanently either, UNLESS you mount the HDD. Usually the command for mounting a hard drive is something like "mount c C:\", then you can change directory to the C: drive in usual fashion.

The only possible security weakness would be RAM memory, but they have utilities that can flush ram as well, but if you are getting nabbed by feds, will you have time to remove a DVD and run a utility to flush memory? Hopefully yes, and it sure beats using windows which is an open invitation to the federalis.

aaa

aaa

makavelis2s2 - that's it.

Flash drive - can you boot from the flash drive? You would have to make sure your settings allow you to boot from it first before booting from the HDD or DVD drive. Most PCs will boot from a DVD drive first, then HDD. You would have to make the necessary changes to your PC so that your flash drive is in that list before the HDD as a boot device. The Slax people give you a utility to make it all easy.

Once you are running your choice of linux from a DVD (or flash), you still MUST use a proxy, even if your on a borrowed wifi. Reason being - you don't want feds or police locating you or your favorite haunts. A restaurant wifi might seem safe to card from or do other naughty things, but then an agent or two come walking through the door and you are fucked. Don't underestimate their response time.

I say borrow the wifi from wherever is convenient to you, then protect your hotspot by using proxies or a VPN service. The VPN will keep the ISP from spying on your traffic, or prevent "man in the middle" attacks, and also keep the wifi operator from eavesdropping on you. HTTPS protocols DO prevent other server admins from spying on you so it's not that big a threat, however, why chance it?

The beauty of using Slax on DVD is the instant you think you are compromised (feds coming into your zone, wifi hotspot, etc.) you can pop out the DVD and they will get nothing. No data is saved to your HDD from your Slax/DVD session. Without physical evidence taken from your HDD their case just got a lot harder. They can still recover all your web activity from the wifi owner's ISP, so just change locations a lot and don't become a creature of habit.

Hold on, just occurred to me - the only reason for using the DVD version of Slax is so you can pop the DVD and remove all traces of your activity (since, obviously, nothing gets written to the DVD).

Using a flash version defeats that strategy. The chances of recording traces of your activity to the ram memory of your flash device is present, it's no different in this case from using your HDD.

IMHO don't use the flash drive, at least for your evil plans of world domination.

aaa

what type of schooling or where did you learn/pick up these facts or bits of knowledge
also does this mean dont do this at home via ethernet ? not even one time?

A lot of time spent carding, from the early 90's until the big SC/CP busts. I retired from it after that, mainly because every board I look at these days looks like a fed sting.

Most of what I suggested isn't rocket science, it's from infosec sites, globalsecurity.org, etc. It's internet privacy 101.

also does this mean dont do this at home via ethernet ? not even one time?

Not even one time - can't stress that enough! All it took for several members of SC to get busted was to log into Cumbajohnny's "special" VPN only one time - that's all the feds needed to get the goods on those members. Feds are very crafty at getting someone's info, they come at you sideways and you'll never see it coming.

Some of the things I learned following the SC aftermath was:

Use trillian pro with encryption when chatting - several indictments mentioned that trillian defeated their ability to record the chats

Use socks proxies, the best proxies are the ones you scan for yourself, or find online. Never accept a proxy from any carding forum or carding board member - in the words of Admiral Ackbar - it's a trap! (ps: a socks proxy can stop x-forwarded data)

Read how to set up your own VPN, no need to use a commercial ($$) product, a VPN can be set up by yourself for free (google "stunnel" or "secure tunnel"). Find a free Russian, Malaysian, or Chinese shell account (it has to be outside western country's jurisdiction otherwise it can be subpoenaed/wiretapped by the feds)

Never get lazy and log on without your proxy in place when carding or visiting "hot" crime boards. Use a wide range of proxy services and travel as far as you can when borrowing wifi. One SC indictment claimed the suspect was using wifi IP's within a three block radius of his home. Guess what? All those IP's got wiretapped without the owners ever knowing. Suspect was, obviously, nabbed. If had protected his borrowed wifi IP's with a proxy he could of at least increased his security.

Change your MAC address every session, handy tools like SMAC (google it) make it a snap.


If there's an interest I could put together a short guide? I don't claim to be any sort of hacker or expert, but can pass on some tips - mostly from a carder's perspective.

If there's an interest I could put together a short guide? I don't claim to be any sort of hacker or expert, but can pass on some tips - mostly from a carder's perspective.

A guide would be brilliant

aaa

For under well under $100 you can get a 16gig flash drive and wireless usb nic that supports injection from your local walmart. That is all the memory you need for an OS and any data you might want for your work. If shit hits the fan those things can easily be hidden/destroyed. The reason I prefer flashdrives over CDs is the fact that you can update/modify your OS (good if you want to harden it) and add/remove data whenever you want. Backtrack is nifty OS for this type of work but takes a lot of time to learn how to use properly and, ironically, isn't very secure out of the box.

As far as anonymity goes, I recommend TOR. I've always believed if you don't use TOR you might as well not use anything for anonymity. I don't like it when people talk about 'slowing them down' as if it were some kind of race. The goal should be to stop them from chasing you. To lose them for good. If they catch you in the end then everything you did to 'slow them down' can only be added as more charges against you and used to turn the jury against the 1337 criminal hax0r. The laws are changing and not just in the west. The country you trust with your VPN one day could be secretly or openly sharing their info with your country the next. The company could be bought and out all the logs are now in possession of a company that is friendly to your home country. If you're going to do something stupid, you could use the sluggish speeds that TOR offers to really think about what it is you're doing.

The most important thing here is that you think and do your research. Don't just go download a bunch of software and do something crazy with it without fully understanding every part of it and testing it. Don't forget to test it. Security is like an onion, it has layers. You want to be a big onion and know all about your layers. Learning how to do something illegal online and knowing that you safely got away with it is a lot harder than flying a plane and requires more than a thousand hours of research. Downloading a bunch of software to do this without knowing the ins and outs of it is like getting a book on card counting and hitting a vegas casino. You might get lucky the first time or two but eventually, quite possibly the first time, you'll get burned.

aaa

The thing about IT is that not only is there so much information out there, there is more new information coming in every year. The industry is constantly changing. The best thing you could do is pick a path and follow it and remain up to date with any changes in your field.

Find some e-books on google hacking. You are as valuable as your ability to quickly find good information. For a beginner I recommend getting a book for the A+ cert. With some dedication you could plow through the book, take some practice tests, and then the real deal in less than 2 or 3 months. The goal should be to absorb the information, not cram it. With this you'll have a basic understanding of how a computer, network, and operating system function. This is a good foundation to build upon.

You would also want to supplement this book with some reading on different operating systems. There are plenty of different books out there that go over the basics of Linux, MS, and Apple operating systems. You'll just want to know the basics of how they work for the time being.

Next I would recommend studying for the CCNA. This could take some time, but this cert is worth some actual money to a lot of people and could open doors for you. After this you could pick up a book on wireless network security. While you're doing this you could also pick up a book on Linux networking and security. Not some book that talks about super duper anti virus and firewalls, but teaches you how to configure everything yourself.

You could do all this in a year if you put some effort into it. A lot of books, a lot of research and testing, but if you actually get the certs you can make some srs cashola and get your foot into the door. Even if you can't get a job at least you'll know what you need to do/learn to start earning money on the other side of the law. That takes even more time, if you want to do it right, and a lot of it doesn't involve computers. This is where those awesome research skills come in handy. CCs, SSNs, vulnerable servers, ATM operating manuals and the locations of such ATMs are a google search away. It is quite a magic trick to make a lot of money find its way to your pocket without a trace. I say if you can do that, you've fuckin earned the money.

EDIT: forgot to answer some questions
thanks for the info
where'd you pick up your information?
books
http://www.torproject.org/easy-download.html.en (is this the right tor)? probably
so is slax not solid? as solid as the user
i'm actually studying java and c# but i would like to pick up everything computer you'll need a lot of motivation
if you could recommend some good sources?
so far i am using the oreilly books but i would like to know everything start with google, move to critical thinking, end with a solid decision. You'll want to research each book, hit up IRC and some tech forums to see what others think about it. New books come out every year, and old ones quickly become obsolete.