All We Want Is Whatever's On Your Machine

← Back to Stories (view on slashdot.org)

All We Want Is Whatever's On Your Machine

Posted by timothy on Sunday August 4, 2002 @10:55AM from the sounds-fair-doesn't-it dept.

kubla2000 writes: "A breathless story about how the best defense against [fill in the blank: piracy, virii, hacking] is a good offense at CNet. What struck me most though is that in the midst of the rant from Timothy Mullen (no stranger to hacking the hack as this story from computerworld magazine shows, was a throw-away line justifying the RIAA and MPAA's appeal to Congress to make it legal to do this! It seems the bandwagons have started rolling. Who's next to jump on?"

6 of 228 comments (clear)

Min score:

Reason:

Sort:

Re:OK, time to fire up the worms... by craw · 2002-08-04 11:35 · Score: 2, Informative

Remember Max Butler, aka Max Vision the guy the ran the whitehats website? He created a variant of a worm that attacked BIND, and had it patch the server. Unfortunately, he also introduced a backdoor.

Last I heard he is still in jail (I maybe wrong about this).

And yes, for a while it was common for a cracker to close the security hole while leaving a "secret" backdoor. Sometimes this was accomplished by placing a bogus entry in one's /etc/inetd.conf file; enter this port and gain /bin/sh with root priveleges. Word gets out (or a bunch of script kiddies are using the same exploit), and soon everybody notices strange packets trying to access some weird port.

In the Windows world there are a bunch of trojans ports (27374, 31337, etc...). Unfortunately the back door was open to everybody.
Bugs in Outlook? You ignorant twit by Talez · 2002-08-04 13:40 · Score: 3, Informative

If Microsoft tied up he bugs in Outlook and finally realised/admitted that secure by default is more important than snazzy and integrated by default

You mean like Outlook 2K2 in the Office XP suite that keeps its security settings on a setting thats tighter than a fish's asshole by default? That's right. It now assumes every email is out to get you.

Oh wait, my mistake. This is /. You people don't take notice of anything that Microsoft make less than 5 years old. That's why you still think Windows 98 is Microsoft's pinnacle of stability.

This is all despite the fact that many (but not all) of the Outlook "viruses" required the user to actually OPEN the emails. Get over it already.
1. Re:Bugs in Outlook? You ignorant twit by DavittJPotter · 2002-08-04 15:08 · Score: 2, Informative
  
  Because then you'd bitch because Microsoft took away your choice. I can see it now: "If I want to run a program, I damn well better be able to run any binary I want!"
  
  --
  "If there's hope, it lies in the proles..."
Re:BlameGame by DennyK · 2002-08-04 15:44 · Score: 4, Informative

At the web hosting company I work for, we still get complaints from clients insisting that our mail server must have a virus because people keep sending them mail complaining of Klez attacks from their email addresses. Even explaining to them that their mail account is on a Linux server that can't be infected by Klez doesn't do any good with some of 'em... ;)

The idea of using worms or exploits to fix holes in systems you don't own, now...I think it's a bad one. The intent might be benign, but the results would likely be ugly. A worm that alters a system enough to close a security hole (even using an "official" patch or hotfix) could do some serious unintentional damage to a machine. Bugs in the worm itself, unusual system configurations, obscure software conflicts...the potential for completely breaking the target system is pretty high.

Besides which, I don't believe anyone has the right to invade a system they don't own for any reason, benign or otherwise. I am all for convincing the owners of infected machines to clean them up, but there are ways to do this without cracking their systems. Complain to their ISP, their CEO, or someone else who can pull the plug on them until the problem is fixed, if you like. It may not work in all cases, but it can't hurt, and if it doesn't work..well, that's life on the Internet. ;)

DennyK
Re:The only way to stop hackers by stor · 2002-08-04 17:28 · Score: 2, Informative

Indeed.

Maybe we should talk to these guys? I've heard that they're totally awesome:

http://www.realultimatepower.net/

Be careful when talking to them though: say one wrong thing and they may just totally flip out and cut your head off.

Cheers
Stor

--
"Yeah well there's a lot of stuff that should be, but isn't"
Re:Vigilante justice is not the solution by hagbard5235 · 2002-08-04 18:58 · Score: 3, Informative

Faaz,
The laws on this matter tend to vary from state to state ( as murder, like most crimes, is a state matter in the US ). In two of the states I have resided in ( Indiana and North Carolina ) there is a presumption that if some one breaks into your home they mean you bodily harm. This renders any use of force against them self defense against bodily harm in the eyes of the law. I tend to think this is reasonable. I can't speak to the laws in Colorado, but I would be shocked ( and dismayed ) if defense of property figured into the right to use force to defend yourself against a burglar in anyway.
What are the laws like in Sweden regarding the use of force against someone who has broken into your home?