Abhishek Behl , www.merinews.com
In an exclusive telephonic interview, a Swedish hacker slammed the US government in believing the dictum ‘security in obscurity’. He appreciated the support of Indians in exposing the security loopholes.
The man, who hacked important government websites of many Asian and Western countries, has slammed the United States for trying to control the cyber space in pursuance of its national interests.
Critical of the US security agencies, Dan Egerstad, a Swedish national, alleged that America was behind the removal of his internet site ‘deranged security’ from servers based in US. “I did not violate any American law, despite that they took action thinking that they would be able to stifle my voice”, he added.
Dan had created a furore by hacking and posting emails addresses and passwords of around 100 emails belonging to top government agencies spread across the world.
A number of Indian sites and emails including that of Defence Research Development Organization (DRDO) was posted by him on his website.
Appreciating the groundswell of support offered by Indians, the Swedish security expert told merinews over phone, “Indians were very supportive of what I did and they appreciated that security loopholes had been made apparent”.
He however said that no one from Indian government had approached him for fixing the problem. “No one except the Iranians have come forward and talked me about how to plug the loopholes”, he said, adding that governments across the world were happy to follow the dictum “security in obscurity”.
“We basically angered the Americans because now the foreign governments have been forced to tighten their security. US intelligence will no longer be able to do what it has been doing since long.”
Generally, the governments across the world are not ready to change their security policy due to a mental inertia, he said, adding that this policy could prove dangerous. “Very important data and information can come in the hands of criminals and terrorist organizations”, said the intrepid hacker.
The information, which was available to us, is worth billions, he said, provided it is in the hands of right people, who want to use it or rather misuse it.
When asked whether the International conferences on cyber security being held in Delhi would help in improving the security scenario, he replied in affirmative, saying “more and more people should attend these conferences so that people become aware of the danger of lax net security”.
“We did not hack any account but only exposed the security flaw, so that people come to know about this serious issue. Computer crimes are real, they are everywhere and they are using your ignorance, ” he added.
Explaining the technical aspect of how they broke into different emails, Dan informed that as part of a small experiment five ToR exit nodes, at different locations in the world, equipped with their own packet-sniffers looking at keywords like “gov, government, embassy, military, war, terrorism, passport, visa” as well as domains belonging to governments.
The governments tell their users to use ToR, a software that sends all your traffic through not one but three other servers that you know absolutely nothing about. Yes, two are getting encrypted traffic but that last exit node is not.
A large number of ToR servers are being hosted by various governments and other agencies, they may have right intentions but they could also be criminals, hackers and mafia groups ready to misuse the information.
“They might be very nice people spending a lot of money doing you a favour but it could just as well be something else. Criminals, hackers and Governments are running nodes, why?”
Concluding, he said “ I would like to say special thanks to the people of India, Iran and Uzbekistan, who have been extremely supporting. And f… all of you who are filing police reports on me, you are idiots and are only proving that you haven’t understood anything.”