Flomarket Admin after the FloMarket Down : "Im not a Scammer" An Exculsive interview on http://www.deepdotweb.com/!!!

Here is an interview I realized the last days with Flole the Admin of FloMarket, i hope the community will like it.

It has been a lot of work to do with DeepDot, but i think it was definitely worth it :

http://www.deepdotweb.com/2014/01/09/flomarket-admin-im-not-a-scammer-an-exculsive-interview/

Don't hesitate to comment here or on http://www.deepdotweb.com/ about the interview.


Comments


[13 Points] gwern:

myself: who are you in real life, personally and profesionally?

Flole: I have developed software for some people, but I never did it professionally. I did it just as hobby, and I learned all programming skills as hobby.

Flole: Personally I am a 15 year old pupil, living in EU, who has fun developing software. I am doing it for several years now.

Flole: As a side note i can add that I have never tried any drugs, never smoked cigarettes and never drink alcohol.

myself: How did you ended to develop and admin a DarkMarket? and Why? what were you expecting from it?

Flole: I saw that silkroad has been seized and I thought there should be something replacing it (Silkroad 2.0 has been faster). I have read, that backopy, admin of BMR, made 440.000$ per days, so I though: sounds interesting I mainly expected money and fun from it. I wanted to buy expensive DJ equipment, so I started the site.

...myself : what do you think about all the new darkmarkets that have been created lately?

Flole: they tried the same thing I did: Making profit from SR abd BMR shutdown. I think we can’t trust to any of the new sites, since they haven’t been tested for exploits. I will and like my site: Some time all works well, and then they get hacked… They just want to make money easy and fast…

It's amusing to see so clearly the stereotype of the current black-market operators being young money-hungry incompetent amateurs.

Flole: you have seen the source code, then his balance wouldn’t be negative and the code is not vulnerable to sql injection. Another fact is that every submission, wether sucessfull or not is logged. Nothing regarding sql injection from this user can be found there. None of the tried has been sucessfull…

myself: So days after the hack and after analyzing all the logs you fail to understand how the hack was performed exactly? but for you it is not at all an SQL Injection method?

Flole: no, its definitve not an sql injection could not be even because there is a “is_nummeric” check, which fails when the input is not a number…

Oh! There's an is_nummeric check! Well, clearly that makes SQL injections impossible! I'm glad we have a comptent 15yo whose market was not hacked who can give us the benefit of his security wisdom.


[6 Points] deepdot:

Thank Gabralkhan for doing this with us, it was an amazing work you did with these interviews for 3 days, i knew i spotted you as a talent! :)


[7 Points] lunarstreets:

15 years old? What the fuck?


[2 Points] secondcitytech:

Are you aware professor house is on SR 2.0, are you still linking him to the sheep takedown.


[0 Points] darklistfeedback:

have not been able to view a single article posted on your site in full on safari on mac o/s. just fyi. will visit from firefox and hope for better, but never have been able to read your articles from safari.