Domain: nthelp.com
Stories and comments across the archive that link to nthelp.com.
Comments · 13
-
O no you didn't...
Where to start.
Shoddy craftsmanship. Highly illogical. Dumb all over (and maybe a little ugly on the side).
After using PINE http://www.washington.edu/pine/ for a couple of years I was confronted with OE on someone's computer somewhere. It was like a kick to the balls. Now get of my lawn : ). -
Re:so what happens when a public pc goes to a link
If you can't do it in device properties in the Device Manager:
Win2k/XP: http://www.nthelp.com/NT6/change_mac_w2k.htm
May not be possible in all cases in Vista/7...but you can give it a try:
http://social.technet.microsoft.com/Forums/en/w7itpronetworking/thread/697bf48c-a226-4315-8875-2bbeddf16db2 -
Re:A little oversimplified...Indeed, I read his deposition and basically all he does is state that you are anonymous behind a NAT. I am sure the logs do not indicate that 192.168.1.250 is the offender. There must be something more tangible. The expert probably just refuted literal RIAA's statements, ignoring the context (I haven't seen the logs so can't say for sure.)
One thing, though, he could have mentioned - various IP spoofing methods. Imagine you are on a DHCP network (on campus, for example.) You ask for an IP and you will get it, and this will be logged: "00:f0:3e:45:33:66, authorized as belonging to John Doe, asked for an IP and got 10.0.15.213 for 6 hours". Nice. However what if you want to misrepresent yourself? An enterprising student can use ping and arp (if not some better tools) to find out what IP and MAC addresses are online, and once some of those computers go to class (or to sleep, for example,) take over the MAC address and ask for a new DHCP lease
... done, and you have a new shiny IP address, perfectly logged as belonging to John Doe whereas you are someone else entirely.This would clearly demonstrate that the DHCP has no authentication beyond the MAC address, and that can be easily changed on many cards. Any judge, however technically illiterate, can understand that if you can get any identity by just asking then it's pointless to hold the identity owner responsible.
This text, as seen here, would be relevant in the expert's refutation:
Unfortunately it's the very simplicity of DHCP that's actually the problem as far as security goes. No authentication or authorization takes place during an exchange between a DHCP server and DCHP client, so the server has no way of knowing if the client requesting the address is a legitimate client on the network, and the client has no way of knowing if the server that assigned the address is a legitimate DHCP server. The possibility of rogue clients and servers on your network can create all kinds of problems.
-
Here's something to question...
15 Q. Does a MAC address tell you if a
16 device is wired or wireless?
17 A. If you can see the MAC address of the
18 transmitting device you could see whether that
19 device was wired or wireless.
This is flat-out wrong. Yes, you CAN find the OUI that might well give you enough information to find out who made the hardware. The problem is that you can change the whole damn MAC address. Conveniently, Wikipedia even has instructions on how to change your MAC on many OSes, although there's an illustrated guide on changing your MAC, elsewhere.
This guy may know a bit of programming, but this kind of stuff makes it pretty clear to me that he has no idea how people can and do manipulate information. It's pretty clear to me that he's done little more than investigate only those things which might support their case and has completely ignored anything which might cast doubt upon it. -
Re:How to not get caught
The MAC address can be changed in Windows as well, which is probably not such a bad idea all things considered. If you want any privacy these days you have to secure it for yourself because nobody else cares anymore and some are actively trying to subvert it.
-
Re:Sneaker net - On-Site is the way to go
I agree it's a pain sometimes to go to people's houses to fix things, but if you turn it in to a career... it's great. I keep updated versions of Firefox, Thunderbird, MozBackup, AVG, Spybot, Ad-Aware, SpywareBlaser, HiJackThis, KillBox, AIMFix, CWShredder, SmitRemove, Google Earth (or just GooglePack installer these days), Adobe, iTunes, Symcln (can't f'n' stand when Norton products can't even uninstall properly!), and finally the best Matrix screensaver I know of - http://www.nthelp.com/matrix.htm - and I think that's it. Of course there's some funny videos, pictures of cops that have gotten their car stuck (http://www.edlippjr.com/pictures/funny/popo-cras
h -02.JPG), and the like. No p0rn on the thumbdrive. :) -
Re:Monster bandwidth or network voodoo?
The answer is probably that it just isn't as it seems. Even using some big numbers and assumptions, its not as bad as it seems. If the site sends 10 million users 50 MB of data each and spreads it out over a whole day, it comes to about 5.5 GBps continuously. Taking a look at this map, there are plenty of cities that offer that kind of bandwidth, and this is only one network (admittedly, the largest), and of course, the servers could (and almost certainly are) spread out over several locations. Further, the number of servers required is not great considering it is not unreasonable for a high end server to achieve 100's of MBps when serving static data like this. Of course, all these numbers are probably pretty far off (in reality, I'm sure the number of servers required scales terribly as you start to spend a lot of resources on load balancing and the fact that some sites serve huge libraries of content), but my point is that it is certainly reasonable.
That said, you do still bring up an interesting issue: even though these sites are certainly technically feasible, they are certainly extremely expensive (Go ask Worldcom how much they'd like to buy all of there connections to Los Angeles...). Unless we are reentering dot com days, Google, YouTube and there ilk must be expecting to make some serious ROI soon.
-
Re:What about changing the MAC Address?
-
What does HPFS have to do with this?
HPFS = pinball
All Hail OS/2! -
Re:Unauthorized access?
That's somewhat correct. The MAC address is burned into the hardware, and you really can't actually change it. This being said, the OS does read it, and many OS's allow you to simulate the change in software. This doesn't actually change the address, as if you put the card in another computer, it will revert to the actual MAC (unless that OS is also configured to simulate a MAC change).
How to change your MAC in Windows 2000/XP
Also, part of the MAC (The first half, I believe) tells which manufacturer made the equipment. You can look up the manufacturer for a specific MAC here. -
Re:Unauthorized access?
Even Windows supports it, the mac address used can be over ridden in the registry.
-
Re:Works for us in Calgary...
Of course you can change your MAC address.
In general, people don't know they can change it or they are not technical enough to do it, so they (the Wireless ISP) can charge after the first hour for 99% of the population. But you can be in the 1%... :D
Here is the instructions for Linux:
http://whoozoo.co.uk/mac-spoof-linux.htm
And since you probably use Windows:
http://www.nthelp.com/NT6/change_mac_w2k.htm
You can find similar instructions for OS X online as well, I'm sure.
Now you might ask, how to automate this on an hourly basis? In linux it would be simple with a cron job. In Windows uhh no clue, but there might be a way. -
MAC addresses are a joke.
It's not even hardwired into the card, so you can just tell the card to change it's MAC and it will.
Here's how to do it on windows.
In Linux its just as easy:
ifconfig interface hw ether 23:23:23:23:23:23DRM is scary because, if it's done right, you wouldn't be able to turn it off. It's a much more serious effort than serial numbers and MAC addresses.