ZeroPaid.com » security

How to Master Email Encryption

Hannah — Thu, 09 Feb 2012 17:10:50 +0000

Keep your personal data safe by taking the time to encrypt your emails.

With the government threatening to do all kinds of things to the internet, and stories about email and phone hacking surfacing all over the world, there’s never been a better time to start protecting your online privacy. Email encryption is one way of keeping your personal data safe. Encryption services or third-party software encrypt emails by making them unreadable to anyone other than the intended recipient. When you encrypt your email, you have a public key (usually a mixture of numbers and letters) that others can use to send you encrypted email, and a private key, which you then use to decode the email. When sending encrypted email to someone else, you need to know their public key in order to keep the email secure. You can either get this from them personally, or find it by searching the online key servers. Encrypted email isn’t widely used outside of sensitive situations - such as political or business dealings - however, it can help protect your personal and financial information from prying eyes. Below are some of the tools you can use to encrypt your email and protect your personal privacy. Hushmail Hushmail is a stand-alone email service that enables users to send and receive encrypted emails through their Hushmail address. If you are new to the concept of encryption or aren’t very tech-savvy, Hushmail does all the leg work for you: once you’ve set up a Hushmail account, all you have to do is remember your passphrase. Enigmail (Thunderbird) Enigmail is a plug-in for Mozilla’s Thunderbird email application. Once you’ve downloaded the extension, create your public and private keys, and a passphrase. You can also generate a revocation certificate, which invalidates your public key in the event that your private key is compromised. Gmail Encrypt (Firefox) The Gmail Encrypt extension for Firefox only works with Gmail accounts, and you need to install Greasemonkey before you can use it. Once installed, the extension works in a similar way to Enigmail: you create public and private keys, as well as your own passphrase to access the Gmail Encrypt service. GPG (Apple Mail) This open-source plugin for Apple Mail encrypts, signs and verifies emails sent and received through the Apple Mail client. The plugin is compatible with Lion and has an integrated update mechanism, which means you automatically receive GPG updates using Apple’s software update system. GnuPG and PGP GnuPG and PGP are two types of software you can download onto your hard drive. After installing the software on your computer, you can use it to create keys and encrypt messages sent through certain email clients. Email encryption only works with the computer on which you have installed the encryption software, add-on or plug-in. If someone sends you an encrypted message through Gmail and you try to read it on your phone or another device, you won’t be able to decode it. Although it’s not impossible to decode an encrypted email, using this service will help secure your personal information. To make your email encryption as fool-proof as possible, always check the recipient’s public key before sending - if you get the key wrong, the information inside the email could end up in the wrong hands. Some encryption services don’t encrypt the subject line so include sensitive information only in the body of the email. hannah@zeropaid.com

Emergency IP Lists Emerging in Event SOPA Passes

Drew Wilson — Fri, 16 Dec 2011 19:27:31 +0000

SOPA is getting one step closer towards final passage. This has many users nervous. Now, it seems, a very predictable development is occurring, users are generating IP address lists to bi-pass DNS censorship.

DNS censorship could soon be a reality in the US. If a company or government entity choose to make a website disappear, it would be one complaint away from a reality. From the beginning, I personally envisioned groups sending IP lists over things like IRC to ensure that the internet remains relatively uncensored. This concept of sharing uncensored domain names is now a reality. BoingBoing is pointing to both a Reddit post and a Google docs posting with IP address lists to popular websites. Many users who sees this list might not necessarily know what to do with them. That is why, months ago, I wrote a guide on how to maintain a HOSTS file complete with screenshots. The guide shows you what to do with an IP address such as the one above. In fact, if you want to find an IP address to a website not found in the emergency SOPA list, there are multiple ways of obtaining it. You can either obtain the IP address of your favorite IP address through web hosting tools or even using command prompt. Ideally, you should obtain the IP addresses before the domain is censored. As in the past, I foresee this being a new norm should SOPA pass. The inherent problem is that you are putting your net security in the hands of whoever is generating these lists. If someone were to put an IP address in the list that actually points to a malicious website instead of the real website, then this is something that has to either be manually fixed on the end-users part or the entry has to be removed entirely. This is one big reason why many security experts are freaking out over this legislation - because it makes the internet less secure. If the automatic DNS system is left alone, this problem wouldn't be happening in the first place. For more information on other ways DNS censorship can be bi-passed, check out our 8 technical methods that make DNS censorship useless article. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Guide: How to Enhance Your Web Privacy with NoScript

Drew Wilson — Sat, 27 Aug 2011 21:06:46 +0000

Privacy while surfing can be serious business for a number of web surfers. Some use a number of tools like NoScript to block unwanted scripts on websites they visit. This can help stop websites from tracking who that user is that visit that webpage, thus enhancing their privacy. This guide will show you how to download, install and use NoScript.

Before we start with the guide, we should offer a reason why someone would use something like NoScript. Many websites these days employ different tracking techniques. These website tracking techniques can tell the web owner a number of things about its users. The bits of information that can be obtained include type of web browser, country of origin, ISP, operating system, screen resolution, age, gender, marital status, type and level of education, which site you came from, which webpage you left on on the website and sometimes even the webpage you went to to name a number of these examples. I'm not entirely sure how some of these statistics are gathered, but such statistics can be made available by sites like Alexa which can give you a sense of what the traffic is like for a number of websites. On the other hand, usually, website owners track data on a more cumulative level. This means that, sure, it can detect you are from country 'X', but all the web owner typically sees is, 'X' number of users from from country 'X' Unless you are doing something that warrants individual attention, a website owner probably won't care about web hits on an individual basis. Even when you warrant their attention on a moderation level, chances are, it's a case of seeing a particular users IP address more than anything else. Having said all of that, tracking of your internet activity isn't (or, should I say, shouldn't be) compulsory when you've done nothing wrong. In a way, using NoScript can be your way of saying, "Hey, count me out of your statistics gathering". If you want to be one of those individuals that would rather opt out of being tracked using NoScript, then read on. For this guide to work, you need to be using the internet web browser FireFox. Step 1: Download NoScript As with many FireFox plug-ins, downloading and installing this plug-in is very straight forward. First, you need to the NoScript website. Under the NoScript logo, there's a green button that says "Download". Click on that button. When you do click on that link, you'll see a little pop-up message asking you if you really want to install NoScript. Since we want this plug-in, click on "Allow" Step 2: Install NoScript After you've allowed this plug-in to download, you'll get a pop-up window that asks you if you want to install this. Since we know this is not a malicious plug-in, we can go ahead and click on "Install Now" Step 3: Restart FireFox As with most other plug-ins we've encountered, you must restart FireFox for the installation to be completed. If you are ready, just click on "Restart Now" in the little notification window. Step 4: Test NoScript When your browser restarts, you should see one or two things. The first is that NoScript appears right next to your address bar as shown below: If you are on a website that uses scripts, you should see a bar along the bottom notifying you of any scripts the website you are viewing uses. As a test, we decided to browse to YouTube and see how NoScript behaves out of the box. This was our result: As we can see, there is a total of 24 scripts and no objects are present. By default, some scripts are automatically allowed on YouTube through NoScript. This can easily be changed through the NoScript menu that can be found either by clicking on the NoScript button or, as we demonstrate below, on the "Options..." button on the bar along the bottom of our browser: From this menu, we can easily pick and choose whatever set of scripts we want to allow. We can allow all scripts, block all scripts or allow and block different scripts. The thing to remember is that some scripts are needed to run many parts of a website. So, blocking all scripts may result in you not being able to view a website properly. Blocking and allowing scripts is more of something you have to feel your way through. You can block scripts that exists in the website itself and see how the website functions without it and then unblock it afterwards if you suddenly are unable to use a website in whatever fashion you choose. Experiment around with it is my best advice. Final Thoughts I think NoScript is a nice plug-in because it can tell you more about a website then you would just by loading it without any extra plug-ins. Sure, some websites seem simple, but then you can find out that a simple website can have two dozen scripts running in the background. It is also an added layer of security. While a light layer of security, it's better than nothing at all I think. Some malicious websites might use scripts to do a lot of nasty things to its users. I'm sure someone immersed in the field of back-end web coding would say it's entirely possible to create a whole variety of nasty stuff with scripts. NoScript can block websites that use malicious scripts which is a nice bonus. Overall, I think it's a nice thing to add to your plug-in collection.

Clarifying the Possible Canadian Surveillance Legislation

Drew Wilson — Fri, 19 Aug 2011 18:22:05 +0000

A report has surfaced that has received a fair bit of attention. The report suggests that Canada is facing a piece of internet surveillance legislation that would pretty much eliminate all due process. Naturally, this is of concern to us because we are concerned about privacy related stories, so we took a look at the report. Now, we'd like to offer some clarification on the current situation in Canada on this matter.

We here at ZeroPaid read a lot of articles in any given day. We are always on the lookout for anything that might be of interest to our readers and we combine that with our own ability to write our own original content. Part of what can make a great journalist is the courage to step outside our own comfort zone and report on things we don't necessarily know every nuance and detail. For many, that's simply a matter of reporting on things that are going on outside our own country. In a sense, it's simply looking beyond what is going on in our own back yard to understand what the rest of the neighborhood is up to. That can go a long way in being able to take lessons learned from the neighbors and be able to bring it back home. That doesn't always mean that everyone is entirely successful. Sometimes, one can absorb every single detail on a story they can gather and try as much as possible to produce an accurate report only to find that there is the odd detail here and there that someone immersed in that countries culture would be able to pick out right away. That is always the difficulty of trying to report on issues happening in countries that are, simply, not the country you come from. I think that this leads to two ways a reporter can handle this, they can either focus exclusively on what is happening in their own country, or they can take the occasional intellectual thumping in order to gain a much more rounded exposure to issues happening "abroad" (in quotes due to nature of internet) That leads us to this report from Naked Security which says that Canada is considering a bill that would pretty much eliminate due process and bring in surveillance that would make US-style surveillance seem like a fair and open transparent process. As someone from Canada, you can predict what I thought when I first heard this. I thought, "Oh no. They are actually going ahead and tabling this again!" So I read the article and it pointed to Bill C-52. I wondered if they actually kept the naming scheme to the point where they used the same numbers to boot. Since the legislation was linked in the article, it didn't take long to discover that this was not current legislation, but rather, old legislation that died on the order paper after the last election. Just looking at the date of the first reading (November 1, 2010) kind of gave a good hint of that (and, if you're a Canadian political junky, the part that says "Fortieth Parliament" is also a giveaway as the government is currently in the 41st parliament). Of course, if you're not a Canadian and don't tend to follow Canadian politics as closely as some who do reside in Canada, that might not be that obvious. For the record, the surveillance legislation at the time (deceptively dubbed "Lawful Access") was actually three bills - bill C-50, bill C-51 and, of course, bill C-52. It was complex and dealt with a lot of issues. Reading bill C-52 would technically only give you a sense of one third of what was being proposed. As you might be able to guess, like bill C-52, bills C-50 and C-51 also died on the order paper when an election was called. As I've suggested in various articles over the years, Canadians were actually saved from very bad legislation that would undermine civil liberties in the country. The author of the article on Naked Security also defended himself by saying that this is what is being mulled in government right now. He didn't say that it was necessarily tabled. This is technically true, but it's also pushing it to say that the contents of Bill C-52 is precisely what is being mulled because that might suggest that it might be tabled separately. I, personally, wouldn't go so far as to assume that what was in Bill C-52 is exactly what the government is thinking of tabling next. This is partly because the speculation is that a lot of what was being considered in the Lawful Access legislation might be rolled in to an omnibus crime bill in the next session of parliament. The fear is that this crime bill will be pushed through quickly and in such a way that a lot of the inherent flaws of previous attempted legislation would wind up being muted. This kind of concern was raised by experts featured in our previous report. In the open letter, the government was generally urged not to do anything hasty and ram surveillance legislation through - after all, it is a heavily contested area to begin with that practically pits ordinary Canadians against their own government. We don't really know what the specifics are in the crime bill. That's what makes it difficult to argue on specifics. The best we can do is look at the previous legislation and beg the government not to destroy Canadian civil rights by reinserting the type of legislation found in the Lawful Access bills into the crime bill. Personally, I'm not holding my breath that Prime Minister Harper will respect basic civil rights and since Canada has a majority government, Harper pretty much rules with an iron fist for the next few years. It's actually quite hard to fault Naked Security because there's not a whole lot the author did wrong that I can see. He looked up the legislation directly, linked to it, quoted relevant sections and had decent commentary on what was wrong with the legislation. These are all really good things to do in an article. In fact, he even brought in other examples from around the world to support his arguments which I think is always a bonus. In addition, he did raise awareness of matters of importance (and I'm happy that it's on topics that are close to home in my neck of the woods). Of course, to draw from a science example, you could follow very solid methodology like the scientific method to the letter and wind up with results that are way out in left field. I think that the author of Naked Security should continue to monitor what goes on here in Canada and not get discouraged by the feedback he got from one particular article. Fine, you could say his article might not be totally accurate or maybe even a bit misleading, but I don't think it's necessarily his fault. Give the guy a chance, he's trying at least. Following international stuff isn't really easy - believe me, I know. [Via /.] Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Anonymous Hacks myBART.gov, Database Exposed

Drew Wilson — Sun, 14 Aug 2011 15:45:34 +0000

What started as a group of people wanting to protest has become an all out war over censorship. After earlier threats were made by Anonymous, it appears as though Anonymous did make good on their threat to target BART.

We've been following the story about BART and censorship. It was sparked by the death of a knife-wielding at the hands of police by gun fire. Upset at the events that transpired, some people wanted to protest at the San Francisco subway station. When BART caught wind of the potential protest, they cut all cellphone services in an effort to avert the protest. The news spread like wildfire and caused outrage amongst several including the ACLU and the EFF. In the midst of a fierce debate over things like censorship and personal safety, Anonymous, a hacking collective, threatened to "remove" BART from the internet in retaliation against what many have called censorship. While they threatened to remove the website for 6 hours, it appears that the myBART.gov database was compromised. The database was dumped on to a webpage for all to view. The database dump came with this statement:

We are Anonymous, we are your citizens, we are the people, WE DO NOT TOLERATE OPPRESSION FROM ANY GOVERNMENT AGENCY. BART has proved multiple times that they have no problem exploiting and abusing the people. First they displayed this by the two recent killings by BART police. Under no circumstance, unless police are shot at, make police killings acceptable. Non-lethal weapons were available to use during both incidents, providing even that was necessary, but instead they shot to kill. Next they violated the people's right to assembly and prevented other bystanders from using emergency services by blocking cell phone signals in order to stop a protest against the BART police murders. Lastly, they set up this website called mybart.gov and they stored their members information with virtually no security. The data was stored and easily obtainable via basic sqli. Any 8 year old with a internet connection could have done what we did to find it. On top of that none of the info, including the passwords, was encrypted. It is obvious BART does no give a fuck about its customers, funders and tax payers,THE PEOPLE. The governments and government agencies of the world are becoming tyrannical and oppressive, and the people are responding and will not take your shit for much longer. The people will fight this oppression with protests, demonstrations, riots, hacking, ddos, online attacks and by any other means. We will not allow ourselves to be killed, exploited, or get shitted on. From the streets of Chile, England, Portland, San Francisco, Oakland, the people are rising up and we will support each other and stand in solidarity against any injustice. Worldwide resistance is happening, we will participate in solidarity against oppression. SOLIDARITY IS OUR WEAPON. Thus below we are releasing the User Info Database of MyBart.gov, to show that BART doesn't give a shit about it's customers and riders and to show that the people will not allow you to kill us and censor us. This is but the one of many actions to come. We apologize to any citizen that has his information published, but you should go to BART and ask them why your information wasn't secure with them. Also do not worry, probably the only information that will be abused from this database is that of BART employees.

I think it's fair to say that this controversy isn't going to go away any time soon at this stage. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Contents of the Brazilian Government Data Leak Being Translated to English

Drew Wilson — Fri, 12 Aug 2011 18:58:56 +0000

Previously, we reported on Anonymous exposing corruption by posting nearly 5GB of Brazilian government content to BitTorrent filesharing website, ThePirateBay. Now, there is an interesting new effort - translating the contents of the data leak to English.

The massive leak may have gotten less than stellar media attention and some are trying to figure out why and what could be done differently to get more of the media's attention. That might be one reason why there is now an effort to translate the contents of the large data dump to English. Whether it's the lack of media attention or not, numerous human translations of several documents have been posted to PasteBin. Apparently, updates of what else has been posted can be found on the Operation Shield Twitter page. It will probably take a while to translate the contents, but in the mean time, this appears to be a start. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Guide: How to Defeat US DNS Censorship (Using a VPN)

Drew Wilson — Sat, 06 Aug 2011 12:08:50 +0000

Our planned series of guides on defeating US DNS censorship is coming to the end. So, last, but certainly not least, we'll show you what you can expect using something known as a VPN. It's considered, by some, one of the most secure ways to access banned websites. The downside is that most services are pay services.

You could say a VPN works a bit like a proxy. You access the VPN and the VPN accesses the internet. So, you might ask, what advantage is there to using a VPN over, say, TOR or Foxy Proxy? Well, you might not be able to have access to everything on a given website with Foxy Proxy. With TOR, you don't have access to things like Flash video (at least, not by design). If you found a way to access these things through TOR, then it won't be a secure access. The only thing we are aware of that could possibly access all parts of a website securely besides a VPN is an SSH proxy through a program like PuTTY. Still, a VPN appears to be the more popular approach. This guide will show you a general way of accessing one so you have an idea what to expect, but how you access it also really depends on the VPN. Usually, the website you get your VPN from will tell you more specifically how you need to connect to their VPN. Step 1: Choose Your VPN Arguably, the most important step in this process and not always an easy one to make. You should choose a VPN you can trust - especially if it's going to be a pay VPN. We've already highlighted 5 VPN's that can be accessed for free. There is also the VPN run by the people of ThePirateBay called IPREDator (named after IPRED). There is also the VPN service run by the Pirate Party of Canada which was started in response to Prime Minister Stephen Harper winning a majority Conservative government. If all of the above isn't for you, you can always browse through other services as well - though keep in mind that not all VPN services are trustworthy, so shop around. Note: This guide is using Windows 7. Configuring a VPN on another operating system may require different steps. Step 2: Configure Your Access Once you decide on a particular service, there's one of two things you might be asked to do - either install something or simply configure your computer. Since software can range widely and is typically going through the prompts, we'll show you what you might need to do to configure your computer instead. First, right click on your internet connection icon in your system tray and click on "Open Network and sharing Center": In the new window, select "Set up a new connection or network": In the next screen, click on "Connect to a workplace" and click the "OK" button. This will allow you to set up a VPN: In the next screen, click on "Use my Internet connection (VPN): In the next window, you'll be prompted to put in the IP address and name of the VPN connection. If you have to connect to your VPN in a fashion like this, your VPN provider should supply the IP address and name: For convenience, we've ticked "Don't connect now; just set it up so I can connect later". Click Next. At this point, you'll just type your username and password (probably the same username and password you used to get the VPN account) You'll have a number of other options available (you'll probably be told if you need these by your VPN provider). Click "Create" when done. Step 3: Connect to Your VPN Connection Single click on the network icon (the same icon you used to start configuring your VPN). You should find your VPN connection in the list of connections you have available to you. Click on the VPN and click "Connect" You'll be prompted for your user name and password again. Simply type in the user name and password you used before and whatever other credentials are necessary. When done, click on "Connect". You should be connected to your VPN now. To disconnect again, simply click on your network icon in the system tray, click on your VPN and click on the "Disconnect" button. That should do it! For more instruction, you should consult the documentation provided by your VPN provider. Again, this is to give you a general idea of how to connect to a VPN without installing software. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

P0keu Dumps Nearly 300 Military and Government Accounts to PasteBin

Drew Wilson — Sun, 24 Jul 2011 16:12:43 +0000

It's the latest security breach for those who use military and government e-mail accounts. P0keu, a rather quiet hacker compared to others, has dumped 290 user accounts and passwords of a small business online. A vast majority end in the .gov and .mil accounts.

In a tweet just a few hours ago, P0keu posted a link to PasteBin which appears to be e-mail accounts and passwords to a small business. In theory, if the users of these military and government accounts used the same password as their actual e-mails, then the contents of their e-mail account will also be exposed. The PasteBin dump says it contains 290 accounts. A large number of them end in .mil and .gov. Just a point of clarification, this doesn't appear to be actual e-mail accounts and passwords, but rather, a website that uses people's e-mail accounts as a log-in name. So the account to the website is exposed. If the password used with the e-mail is the same as the password for that actual e-mail address, then that e-mail might also be exposed along with who knows what else that is tied to that account. Amongst those accounts that are exposed, there appears to be accounts from the Department of Justice, the FBI, the Deparment of Homeland Security, the NSA, the Pentagon and several others. Also in the mix are a number of .mil accounts which would be the military accounts. There also appears to be a number of .edu accounts as well. Sprinkled throughout the document are also a number of generic free accounts like gmail, AOL, Yahoo, Hotmail and several others. There's not that many compared to the government and military accounts though. The website that was exposed was A Rifkin Co. which describes itself as "a family-owned manufacturer and international distributor of security and multi-use reusable fabric bags and related products. Our products can be used in virtually every department of a business." As of this writing, the website is still up. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Second Target of Anonymous FBI Raids Steps Forward to Claim Innocence

Drew Wilson — Fri, 22 Jul 2011 21:37:08 +0000

There was a cross country US raid conducted by the FBI on Tuesday. Unfortunately, since the initial sweeps, reasons to doubt that the raids having an impact on Anonymous have been cropping up. Today, another person who was the target of those raids has stepped forward to say he is not only not a hacker, but also barely even knows how to turn a computer on.

Just hours after the FBI raid on the 19th, questions were being raised as to the effectiveness of the headline grabbing event. Just yesterday, the day after the raids, one person was identified as one of those arrested. In a detailed look at Scott Matthew Arciszewski, we found that the only evidence that was publicly available was of him posting comments about Infragard security publicly. The incident only fueled speculation that the people who were arrested in the FBI raids were probably little more than script kiddies. Now, a report has surfaced that might suggest that saying that only script kiddies were affected may have been an overstatement to the effectiveness of the FBI raid. In a report appearing in The Brooklyn Paper, a second individual has come forward as someone who was affected by the FBI raids. His name is Garrett Deming, a 25 year old, a singer in a band. He, and his room mates were targeted in the FBI probe, but Deming isn't really a hacker at all. From the report:

“I can barely turn my computer on. Any of our computer use is for band promotion stuff,” he said.

Ouch. Doesn't exactly sound like the kind of person the FBI was looking for. So, exactly how would someone get wrapped up in the FBI probe? The speculation for him was that his WiFi was hacked. When any illicit activities were discovered by the FBI, a plain old IP address would have merely lead to him instead. More from the report:

Deming and Eugenides lived in the fifth-floor apartment at the McKibbin Lofts with their band for a year, but moved to Bed-Stuy a few weeks ago when their lease was up. The current tenant told us that the agents were looking for the band. “They asked me about the wireless and whether I was stealing the Internet. They asked if any of my roommates were good with computers,” said Meaghan Ralph, 21, who sleepily answered the door when a half-dozen armed agents knocked at 6:15 am. “They said that they wanted the people that were living there before me.”

So, forget script kiddies, some of the people that the FBI were apparently netting barely knew anything about the activities of Anonymous. So, so far, it appears that the FBI is 0 for 2 in terms of catching anyone related to Anonymous. What this case also serves as a great reminder that it's next to impossible to connect an IP address to an actual person - something that people who want three strikes laws in place for many countries are all too willing to forget. Wrong people will be implicated whether for copyright infringement or for alleged hacking activities. In any event, I think that this is really shaping up to be a PR disaster for the FBI so far. [Hat tip: AnonymousIRC] Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

TheSun.co.uk Website Hacked, Website Redirected to LulzSec Twitter Feed

Drew Wilson — Mon, 18 Jul 2011 15:23:12 +0000

A while back, LulzSec bid farewell to the world as an entity. Now they are back and the first thing they attacked was parts of the Rupert Murdoch empire.

In a rather amusing turn of events, LulzSec has come back and hacked British tabloid, The Sun. "TheSun.co.uk now redirects to our twitter feed." LulzSec wrote an hour ago, "Hello, everyone that wanted to visit The Sun! How is your day? Good? Good!" As of this writing, TheSun.co.uk is offline. No doubt, administrators of TheSun are attempting to fix the website. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.