[JP also directly told me via IRC that he/AntiOnline were funding development of LocalSecure. Unfortunately, that log is lost. Having a copy would be very nice though as it would give a second method of validation. :)] LocalSecure is a product of: Network Security Solutions (http://www.ns2.co.uk More info on NSS: http://www.ns2.co.uk/about.html
IMPLICATION: Serious questions would arise if it was known that a company was funding a person(s) to create problems in order for them to profit from solutions. By hiring an active hacker responsible for breaking into various systems, and then offering a product to help stop intruders, there is a direct cause/effect relationship that leads to unethical profiting from inflated and false threats of system intrusion. By having said hacker break into a high profile web site, deface the web pages, and then offer 'exclusive' "news", it presents the illusion of accurate and honest reporting, when there was little or no news to begin with.
PROOF: This mail from John Vranesevich shows that he and/or AntiOnline IS funding the development of a product called "Local Secure". ---------- Forwarded message ---------- Received: from antionline.com ([209.166.177.36]) by phalse.2600.com (8.8.8/8.8.8) with SMTP id PAA27067 for (bronc@2600.com); Wed, 12 May 1999 15:02:29 -0400 (EDT) Message-Id: <199905121902.PAA27067@phalse.2600.com> Received: from bessie ([209.166.177.43]) by antionline.com ( IA Mail Server Version: 2.3. Build: 10019 ) ) ; 12 May 1999 19:03:17 UT X-Sender: jp@smtp.antionline.net X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0 Date: Wed, 12 May 1999 15:03:17 -0400 To: Bronc Buster (bronc@2600.com) From: John Vranesevich (jp@AntiOnline.com) Subject: Re: Information In-Reply-To: (Pine.NEB.4.05.9905121444030.26886-100000@phalse.2600.com) Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Greetings: Haha, first off. "Local Secure" is a solaris vulnerability scanner that AntiOnline is having commercially developed. ROFL "some secret 'spy' project". We had a small group of programmers contact us about it, it looked cool, so we threw them a few bucks . [snip...] Yours In CyberSpace, John Vranesevich Founder, AntiOnline
[Update: 08/07/02. Chris McNab (aka solo) has since replied and claimed John Vranesevich is lying about the relationship between AntiOnline. McNab specifically said the following:]
JP was lying. He didn't throw us 'a few bucks'. LocalSecure was not written for AntiOnline, nor was it funded by them. Myself and 2 others wrote the package, and posted to BugTraq in January 1999 to attract beta testers:
http://cert.uni-stuttgart.de/archive/bugtraq/1999/01/msg00306.html
http://www.landfield.com/isn/mail-archive/1999/Jan/0071.html
If you want concrete proof of this, you are very welcome to have a copy of the Network Security Solutions Ltd. company accounts for that period.