Domain: mav.net
Stories and comments across the archive that link to mav.net.
Comments · 26
-
h9753gt2dtj5g45>
faq
code
awards
privacy
slashNET
older stuff
rob's page
preferences
andover.net
submit story
advertising
supporters
past polls
topics
about
jobs
hof
Sections
10/25
apache
10/26 (2)
askslashdot
10/26
books
10/26 (4)
bsd
10/25
features
10/25
interviews
10/20
radio
10/26 (2)
yro
Andover.Net
AndoverNews
Ask Reggie
DaveCentral
Freshmeat
MediaBuilder
"Microsoft Cracked" |
monstar (62285) |
Preferences | Top
| 254 comments | 63 siblings | Starting at #50
Threshold: -1: 254 comments
0: 244 comments
1: 179 comments
2: 51 comments
3: 15 comments
4: 6 comments
5: 1 comments
Flat
Nested
No Comments
Threaded
Highest Scores First
Newest First
Newest First (Ignore Threads)
Oldest First
Oldest First (Ignore Threads)
Save:
The Fine Print:
The following comments are owned by whoever posted them.
Slashdot is not responsible for what they say.
( Beta is only a state of mind )
1
| (2
) (Slashdot Overload: CommentLimit 50)
Impressive (Score:1)
by MtnMan1021
(jbr [at] nassau [dot] cv [dot] net) on 08:19 PM October 26th, 1999 GMT
(#16)
(User
Info) http://www.petitioneer.com/
Looks like "flipz" is more than just a script kiddie: attrition lists her as having cracked jpl, duracell, people's bank, a bunch of .mils, department of veteran affairs and some other stuff. http://www.attrition.org/mirror/attrition/flipz.ht ml
she doesn't seem to be very creative in her replacements/alterations, though.
[ Reply to This
| Parent
]
Re:Impressive (Score:1)
by whocares
(grey@enigma.mips4.com) on 09:42 PM October 26th, 1999 GMT
(#118)
(User
Info)
Well shit, I've written my name in marker on federal buildings, phone booths, mailboxes... I'm certainly more than your average defacer of random crap. :)
Seriously. When someone releases information that's of use to someone as result of their cracking, or actually *accomplishes* something aside from defacement... maybe *then* I'll be impressed. Until then - whatever.
[ Reply to This
| Parent
]
Not Really (Score:2)
by Gleef
(gleef@capital.net) on 08:38 PM October 26th, 1999 GMT
(#42)
(User
Info) about:mozilla
The sites weren't all that high security. Oooh, the "US Army Dental Care System" computer was compromized, while it is in the .mil hierarchy, I doubt that much effort went into securing it.
I'd say flipz is probably a very busy script kiddie. The cracked sites certainly don't show much imagination.
[ Reply to This
| Parent
]
Re:Not Really (Score:1)
by TeddyR
(syousif@iname.com) on 09:07 PM October 26th, 1999 GMT
(#87)
(User
Info) https://www.mav.net/teddyr/syousif/
The problem is that if a single .mil/.gov/etc site is compromised, there is the distinct possibility that other sites can be compromised. Simple example: many .mil sites only allow access to "public" web pages from other .mil sites. The same goes for .edu and .gov sites... The path to a final destination is much shorter than from "the big bad internet"... Another simple scenario would be if although THAT machine was not "secured" since it has nothing of importance on it, there is a slight posssibility that the machine is on a network segment that in turn has access to another segment that DOES have material that may be valuable to someone else...
BTW: The above scenario is exactly why many "high security" sites do not allow employees to have "important" material even on their normal day-to-day office machines..
[ Reply to This
| Parent
]
uncertainty.microsoft.com (Score:0, Redundant)
by Mooset
(jwsmith@delta.is.tcu.edu) on 08:19 PM October 26th, 1999 GMT
(#15)
(User
Info) http://delta.is.tcu.edu/~jwsmith/
From the article:Another non-functioning site was "uncertainty.microsoft.com." The purpose of that site was not known.
Whatever it was, that name doesn't seem to resolve anymore. I guess they must be covering their tracks for now, because fear.microsoft.com and doubt.microsoft.com also don't resolve.
:-)
[ Reply to This
| Parent
]
Re:uncertainty.microsoft.com (Score:0)
by Anonymous Coward on 04:02 AM October 27th, 1999 GMT
(#247)
Score: 0?
Redundant?
Don't listen to that silly moderator, I
thought your post was hilarious. :)
[ Reply to This
| Parent
]
cracked? (Score:4, Interesting)
by Trepidity
(delirium4u@theoffspring.net) on 08:18 PM October 26th, 1999 GMT
(#13)
(User
Info) telnet://127.0.0.1/
Hmm. The never-ending hack/crack debate. One the one hand, using "cracked" is obviously inappropriate, since the term already had a meaning in computer security prior to its application in 1984 to people who break into computers. It has, for as long as anybody remembers, described people who break the copy protection of software. This usage far predates the usage cited in the Jargon File (which itself admits to the 1984 date).
On the other hand, the term "hacked" is obviously inappropriate in this case. This system intrusion was merely the work of a script kiddie, it appears, and hence is not any sort of hacking.
We need a verb that means "broken into by a script kiddie," so as to differentiate from "broken into by an intelligent security expert" (which I'll continue to call "hacked") and from "breaking the copy protection of" (which I'll continue to call "cracked."
I personally prefer to use the term "hax0red," which, helpfully, is what they often call it themselves, so it should not be hard to have this term adopted. This differentiates from mature, intelligent people, who use "hacked," to describe their work (whatever that work may be, be it kernel hacking or NT hacking) and the script kiddies who use 3l33t sp33k to describe their work. It also allows "hax0r d00d" to be used as a convenient synonym for "script kiddie."
[ Reply to This
| Parent
]
Re:cracked? (Score:1)
by kijiki on 05:13 AM October 27th, 1999 GMT
(#250)
(User
Info)
Personally, I don't see much difference between the "new" (web page) crackers and the "old" (copy protection) crackers. Both require basic assembly knowledge, and the ability to use a debugger. And lots and lots and lots and lots of time on your hands. Obviously I am ignoring those amazing buffer overruns exploits where people manage to get code in through a function that strips out all characters but '9' 'a' and 'q', but your average exploit is not that impressive an achievement. Nor is your average software crack. I fully expect to be flamed by the script kiddies and the h4x0r groupies. Please at least attempt to keep it coherent.
[ Reply to This
| Parent
]
Re:cracked? (Score:0)
by Anonymous Coward on 10:51 PM October 26th, 1999 GMT
-
Re:They're call MAC addresses.
which can be easily changed in many cards...
any sysadmin that believes that a MAC address is a unique ID is asking for trouble....
https://www.mav.net/teddyr/syousif/ -
Re:More centrally located conferences
oops... the date is sat 18th...
https://www.mav.net/teddyr/syousif/ -
Re:More centrally located conferences
Um... Check out http://www.alug.org/amlc There is a "small" one on the 17th of this month....
https://www.mav.net/teddyr/syousif/ -
Re:More centrally located conferences
Um... Check out http://www.alug.org/amlc There is a "small" one on the 18th of this month....
https://www.mav.net/teddyr/syousif/ -
Price
Most new devices are overpriced when they first come out....
Then there is the "cost of living" factor... $370 may sound like alot when compared to the US market, but think of it...
It happens in the US as well... (eg: The price of a movie down here in TX is US$6.25; the same movie in the same quality theatre in NY is US$9.50... A movie in Paris is over FF55.00; which comes to over US$9.00....)
When it comes to the US, I expect it to be priced in the 200-250 range....
https://www.mav.net/teddyr/syousif/ -
Re:The most interesting parts...
Yup... the interesting parts are the expansion ports...
USB:
USB Network cards.
USB modem.
USB Zip drive to store game settings?
..
PCMCIA:
Network Cards.
Modem.
Flash Memory for game settings
..
https://www.mav.net/teddyr/syousif/ -
Re:Good work!
Which is one reason why many of the domains that I help set up have a bind server as the master, and dents as one of the slaves... The first rule in failover is not to use same technology on the "backup" system so that a failure on the primary does not also affect the secondary...
https://www.mav.net/teddyr/syousif/ -
Re:Convince your ISP to join MAPS
If your ISP is willing to join the RBL, and really want to dramatically reduce their incoming spam (as well as spam that may originate from their own systems) they may want to also use the following "databases". Some of these may be "extreme"; but they HAVE cut down the spam that I get dramatically...
RBL: http://maps.vix.com/rbl/
DUL: http://maps.vix.com/dul/
ORBS: http://www.orbs.org/
https://www.mav.net/teddyr/syousif/ -
Re:Sega Hides true host
If the IRC server is run by sega, it is very simple to have the IP address masked (only for clients that connect to that server). I remember seeing an "anonymizer" type patch for an IRC server which gave the options to do just that... either have the form of
"UNIQUEID.anon.ircnetwork.com" or
"UNIQUEID.realnetworkname.com" where the hostname (first item till the first dot) was replaced by a uniqueid/sessionid... The IRC Ops can see the real information, and the log does contain the mapping info...
so to repeat... if they connect to a fixed irc server, then it is trivial to make the server hide the hostname info, or even "totally fake it"....
https://www.mav.net/teddyr/syousif/ -
Re:don't lose sleep over it
The problem for a paranoid person would be the following:
It can be easy for a developer (either intentionally or via a rogue cracker/disgrunteled employee) to install a sniffer or other trojan running on a game console {that is if they do get an ethernet port.. which I hope that it does}... The amount of data that can be gatherd would be phenominal..
A paranoid person would consider ANY dreamcast cd that is given away free to be suspect...
[extremely paranoid mode /on: Hmm.. I wonder if the cds that were recalled had any....problem....with them /off] :-)
https://www.mav.net/teddyr/syousif/ -
Re:A Little more info
quick test:
visit http://www.mav.net/teddyr/access/info.shtml
dial in via ppp with a normal pc/mac/etc/machine, find out what the ip address that is assigned to your machine is (the domain name); then check the page above if its within the same "range"... (ie; if it says proxy or cache in the machine name... then it is transparantly proxied; same if the machine ip shown is not the same as winipcfg or pppd tells you that you have....
https://www.mav.net/teddyr/syousif/ -
Re:ethernet connection
Dont know if they are or not.... But it would be a VERY cool move if they did.. think of it...
1-Dorm rooms with Ethernet
There are many of those cropping up every day
2-Cable modems (ethernet interface)
It would be worth it to pay the extra $5 to get a second ip for a dream cast since I already have a cable modem
3-ADSL modems (ethernet interface)
This would probably be a better bet than an integrated ADSL modem..
4-Home network
friends brings their dreamcasts to play multiplayer in a home lan.
5-LAN parties
If there is a Quake2 for the dreamcast, i have a feeling that it will quickly become the lan party tool of choice for many
an ethernet port opens up MANY more multiplayer possibilities... thus more sales... (of hardware and software).. [the question becomes; can the IP address be configured manually, or does it have to use DHCP; or will it use that autonegotiation stuff in 98 and macos; falling back to dhcp]
https://www.mav.net/teddyr/syousif/ -
Re:Against a wall?
Then there are the manufacturers that change the internals of a product on a whim.... (eg: how many have purchaced an Adaptec 2930 thinking they were getting the 2930U, but instead got the 2930cU) Note that the external box for each is exactly the same....
or NIC makers that switched from a "real" dec chip to a PNIC chip...
https://www.mav.net/teddyr/syousif/ -
Compromised key?
Not to defend MS here; but being "devils advocate":
What I am seeing between the lines here is that what if the REAL reason is that they want a second key so that if the FIRST key is compromised in any way (natural disaster or otherwise), they can use the second key to "revoke" the validity of the first key, and use the second key to install either a new key uncompromised key.. (without distruption to the millions of windows users). In this scenario the second key MUST be different from the first key, and stored elsewhere securly, and ONLY used in the case of the first key being compromised/destroyed...
recent versions of PGP and other cryptographic software also have that ability...
[one wonders if they already did that {replaced the first key}... through several of the MS "required" updates, without the user knowing]
https://www.mav.net/teddyr/syousif/ -
Re:This change is irrelevant.
Redhat didnt have to include that "Linux is a trademark of Linus Torvalds"....
Just a guess here, but...They could be doing it to make the trademark "valid", as in "used"... so that no one other than Linus (who now has the trademark) can claim that they own the name "Linux" and try to get mucho $$$ from Redhat... {something which has happened recently}; so anyplace that RH is sold or used, there IS a "prior use" claim in favor of Linus....
They could also be covering their asses legally by including all credit for all trademarks that they know of even if they dont HAVE to...
https://www.mav.net/teddyr/syousif/ -
Re:All right!
Linux has prelim (dev) support for USB in 2.3.x; (2.3.16 being the latest as of this post).
check out The Linux USB page (http://www.linux-usb.org/) for info on USB and Linux.
https://www.mav.net/teddyr/syousif/ -
Whats your asyncmap setting? compression?
Try adding
asyncmap 200a0000
to the "extra options"
if the other side requires compression, you may want to try modprobing bsd_comp and/or ppp_deflate
https://www.mav.net/teddyr/syousif/ -
Re:When does the LZW patent expire?
according to http://www.gnu.org/philosophy/gif.html
the patent should expire in 2003..
https://www.mav.net/teddyr/syousif/ -
Linux and Be run on more platforms...
This means that Linux and BeOS run on more platforms that NT...
Linux: x86,Sparc,Alpha,PowerPC,68k,MIPS,ARM, ... {probably more... but those are the ones that I can remember offhand now}
BeOS: PowerPC, x86
https://www.mav.net/teddyr/syousif/ -
IPO?
OK.... So whens the IPO
:-)
https://www.mav.net/teddyr/syousif/ -
Re:Q: Is any secure POP-software out there?
Use SSH and port forwarding.
fetchmail has an easier way to do it automatically using SSH port forwarding (I have not yet found a seamless implemention)..
There is an implementation of SSL/IMAP, but both clients and server have to follow it.
Note: Same thing with
POP3
and you may want to use SSH port forwarding with NNTP. (which is also in the clear...)
The problem w/ SSH port forwarding is that the server also needs to support SSHD (but if you have control over both machines)....
https://www.mav.net/teddyr/syousif/ -
Re:forget MUA, go MTA
The thing is, I have found that most people want to encrypt not to hide stuff from the govt, but to hide stuff from nosy system admins at their ISPs or workplace. Man-In-The-Middle intercepts are a factor, but many are more concerned with "who can read my mail before I get it while it is waiting for me"
https://www.mav.net/teddyr/syousif/ -
Re:Bahhhhhhhhhh! Just Do What I Do!
Actually.. to deter the possibility of collusion (guards DO talk amongst themselves), have two separate brinks trucks. Each truck they learn four codes (which only two are needed, but they dont know which one, and are told that only one of them is needed)
:-)
https://www.mav.net/teddyr/syousif/ -
Its not the chip... its the encryption....
What many here fail to realize is that it is not specifically the chip used in the game console that is not allowed to be exported, but the hardware based encryption/encoding/decoding used for the game data that is built into the playstation 2 which is under the export control.
This is also why certain video cards are restricted. They may contain hardware encryption/encoding/decoding routines that ths US consideres as munitions.
https://www.mav.net/teddyr/syousif/ -
Current safety of networked printers...
They do scan for them...
I log at least one scan per week directed specifically to network printer ports (HP or otherwise)
https://www.mav.net/teddyr/syousif/