Slashdot Mirror
DEF CON 7.0 Begins, and NYT Coverage
Slaab writes "The New York Times covers the upcoming DEF CON 7.0 hackers' conference in Las Vegas here. Notice, they are careful to make the correct distinction between "hackers" and "crackers". " If someone had told me two years ago that the NYT would be covering defcon seven, I would have laughed till I cried. It's a different world. The convention starts this evening.
Tried it, doesn't work. Gives me an access denied though. While my other attempts just kicked me back to the login.
It can't. They are.
No, I prefer babes of defcon.
id cypherpunks
password cypherpunks
Worked just fine for me, but I had to accept all the cookies, it didn't let me in when I refused them.
Didn't get an access denied, though.
Will that be my contribution to the world: "He solved a head count problem"? - Asok, 'Dilbert'
You seem to be really fast in judging people, like many others. I'm sorry if you find this subject boring, but it's actually an incredible one, and I for one am extremely interested by such subjects.
Also, please take a moment to remove such stereotypes as underground = bad people. It is stupid. The "underground world" is composed of poeple who don't live exactly by society's rules, not necessarily against the law!!!!
Code free or die!
"Code free or die!"
For countless decades college people have been
pulling off huge hacks of breaking into buildings and changing their entire look. Most notibly the building that looked like R2D2 this year at a college campus. Im sure you all saw this.
This is exactly the same as breaking into a web server and sticking different pages on the site, as we have all seen. And letting everyone notice it the next morning. There is no difference, they are both hacks pulled off by hackers.
Crackers are people who break codes. Be it cryptology, or copy protection on the latest software, or someones password. This does not include web site alterations and machine alterations (malicious or not.). The process of getting into the system is called the cracking, the process or altertering one from another with what tools and sources you have is called hacking.
End of story. People need to figure this out. And Slashdot readers are a bit behind on the definitions.
Its people like you that started this whole hacker/cracker nonsense. Two or three years ago there were just hackers. Crackers just made the programs that keep shareware programs running past the expire date. Do you think that hackers only do good things, and never anything bad? As far as I am concerned crackers are just slang for white people. There is no distinction.
You're right "computer security" can be very interesting, if you talk about design and science, i.e. "capabilities-based authification", "cryptology", "ring-level protection in OS kernel", etc...
But as soon as you get to the implementation/use level, it is rather boring ("sendmail holes", "backorifice installation", "configuring ipchains", "configuring ssh" [as opposed to designing ssh], ...).
Guess what DefCon is mostly focusing on...
Posted by Justin Cheung:
Did Eric Raymond really say that about Defcon? the "People who do real work don't bother with Defcon." statement? Maybe I've been missing something, but Defcon is a weekend conference, and "people who do real work" could take off a day or two to head down to LV to mix and mingle. As I recall, Bruce S. from Counterpane (of Blowfish lore) was an invited DefCon speaker a few years back, and I consider him as a person who does "real work". Persons involved in internet security usually find Defcon a great place to speak and talk about their topics of interest. So according to Eric Raymond, I don't "do real work" because I'm going to check out DefCon this year (a few days away from working on Waimea, which i consider to be real work). At first I thought I was wrong about Mr. Raymond.. After meeting him at a few conferences, he seemed like the kind of arrogant person who scoffs at people who don't recognize him or his contributions to the Open Source movement. As a person who admires his contributions, i have to be disappointed in his personality and character. For such a smart, intelligent person, Eric Raymond blows it by acting like a judgemental holier-than-thou jerk.
if there are people who show up there that aren't crackers then they are just cracker wanabees. get over yourself and get a life.
I work with a guy who claims to have an excellent fed spotting tactic. The feds all have pristine laptops - govmnt property after all, but lotsa hackers plaster stickers and crap all over their laptops. Stickers == NO_FED
Just go to the Olympic Gardens and watch the lovely young ladies drive them to empty out their accounts at the ATM located conveniently inside.
There are some forces out there that tcp_wrappers can't defend against!
cyberpunks11 /punks for username/password
Waterfront property in Florida? Hmm... like the whole state isn't one big waterfront property...
RB
Some people make arguments that the only reason for this is because Windows is more common/popular. Yeah... 80000x more common? I think not. Besides, there would be a certain presige in writing a Unix virus as they are so rare.
Yay, BO2K means that at last I will be able to 'remotely administer' my college's NT network... heheh... no seriously, though, anyone who was caught out last time deserves what they get. Too many people are happy to download something and run it only to find out it's a hard-disk trashing virus, or one which goes on to mail itself to every man and his dog. The worst part is that this gets blamed on every hacker the world over. WHY ?!?! IT'S YOUR FAULT FOR DOWNLOADING THE FSCKING THING IN THE FIRST PLACE !!! GET A LIFE AND STOP BLAMING OTHERS FOR YOUR OWN FAULTS... either that or you need some better friends...
I wanted to go to defcon 7, but nooooo i gotta work (tech support).
;)
user: "I cant clear my screen"
tech: "How are you trying?"
user: "I am turning it on and off"
tech: "*gets his gun*"
Need I say more?
- "My name is Legion, for we are many" -Mark 5:9
Server Error
We are temporarily experiencing a server error. Wait a few moments, then press Reload or Refresh in your Web browser.
If the problem persists, please try again later.
Help achieve Liberty in your lifetime - join the Free State Project - http://www.freestateproject.org
/. sure howls every time the mass media uses the term "hacker" to mean someone who uses a computer destructively. Should we just give in?
Oh, come on, Tom. I'm sure you have more important things to do than spend your time correcting people.
/., appreciate all of the work that you have done and the time that you have contributed to many of the tools (and religions) that we use regularly--it truly is magnificent.
I, probably along with almost everyone else on
But, come now! The impression of you that I get is that you prowl about the Usenet and apparently, Slashdot, ruthlessly correcting people. I got a semi-automated message from your address because one of my postings to the Usenet had something wrong with the headers. Do you _really_ care that much about my headers?
I appologize for the ad hominem nature of my comments, but I, too, care very deeply about the English language. But I don't publicly correct people or spend significant amounts of time to create documents such as the one at the link in your comment. It just strikes me as petty and rude.
Respectfully,
awc
But, shouldn't the class/method call be: user.switchTo("linux"); ? It would make sense that the switchTo method is something that the user class can do, and he would have any number of options at his disposal. Linux being one.
Anyhow...
-awc
I had dinner with Matt Richtel a couple of months ago (for a totally unrelated reason, I like to think I'm good at computers, but I'm not news or anything), and he is just a completely nice guy. From talking with him, I gathered that he really cares about computers, how they affect the world, and what goes on in the various sub-cultures that exist in our little digital world.
All in all, it re-affirmed my faith that reporting can be done responsibly. That faith hasn't been betrayed by the NYT yet, giving me hope that they will continue their streak and (maybe, hopefully) influence some of the less responsible reporters out there.
Cheers to that.
Wrong! A hacker is a skilled programmer. Hacking is simply coding. The word has lost its meaning. But that is what it means to me, and thousands of other true "Hackers"
geach
I sent an email message to Richtel about this last time, when he explicitly jumbled crackers and hackers together.
Maybe it had an effect, because this time he says "so-called crackers."
As a hobbyist linguist, I can tell you that hacker will always be mis-used by some. It will never recover from the original mistake.
In addition, while we're at it, "bug" is now being used to refer to viruses, particularly in the Melissa coverage. This is an unfortunate homonym, because as most everybody knows, virus does equal bug in the medical world, but virus does not equal bug in the computer world.
World New York
Wordnik, a dictionary project which aims to collect
oh, get a life. people like you and esr who quibble over 'hacker', 'cracker', and other meaningless words need to attend a conference on Real Life.
If it is a cracker convention, why do all these computer industry professionals show up every year?
esr said it best with
"People who do real work don't bother with Defcon."
ESR also said that the APSL 1.0 was Open Source.
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
defcon
defense conference
got it?
Coding is done by a coder, or a programmer. NOT
a hacker. A hacker plays with someone elses code,
and alters it to fit their needs. Hackers also alter computer hardware to fit their needs, just like they alter web sites and buildings. The keyword here is the means of altering something that someone else has already started to turn into what you want it to be/do.
Being a coder/programmer does not make one a hacker off the bat. If you are handed source code from your boss and are asked to change it to fit company standards, he is effectively asking you to hack it, changing your role from a programmer (who would start from scratch) to a hack(er).
Why don't you use that blood sponge in your head to argue about something vaguely important on Slashdot.
You are completely wrong.
messing up web sites is NOT like mucking around
with buildings.
Buildings exist to store/protect stuff and people.
THeir appearance is secondary.
A web site's ONLY PURPOSE is to display stuff.
If you change what it displays, you fundamentally
change its nature and deviate from its purpose.
Who the f*ck does this ESR guy think he his? First he tells the entire FSF to basically piss off. Now he is against the release of Back Orifice? So security through obscurity is the thing for you ESR? Right, and now he's saying people who do real work aren't going to Defcon. There are a lot of security experts going to Defcon as well as some REAL hackers who could code better than ESR blindfolded.
I used to have more respect for ESR but the things he's saying lately are moronic.
Oh, you are so right. Lately I've been reading up on shadow passwords and re-configuring the security on my laptop just for kicks. The thing has no network connectivity and never leaves my apt. and my sight at the same time, so it hardly needs to be secure, but it's so fun to play with the different possibilities and try to find what works. Looking for holes, trying to solve them - it's troubleshooting without bitchy clients. Like a giant puzzle, you know?
some coward
A friend of mine is going to DefCon. He works for a company that makes computer-security related products, but he's been into computer security since long before that job.
He qualifies as a "hacker," and I'd say he even did when he broke ino some systems -- because his actions are done for learning purposes, not malice, and harmed no one.
I don't know all that much about security, but personally I find it fascinating - the psychology and tactics of preventing break-ins must of needs parallel the psychology and tactics of breaking in.
I think your characterization of attendees as all crackers is wrong. Are you trolling?
Maybe you "can't imagine why people would meet for several days on this subject," but that says more about your imagination that it does the people who will be at DefCon.
Maybe one day I'll know enough to justify going there myself.
timothy
jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5
Next time, I suppose I should just flame rabidly rather than resort to honest scholarship so you would actually have something legitimate to whinge about. Any outside observer would certainly ascertain that these fora are principally about flaming anyway, so at least that would serve to fulfill those lowered expectation of mediocrity and strife.
Hmm, looks like defcon.org was owned! lol, look at their site. Dont know if this is a joke or what
_Double_ oh come now.
Was your post on-topic?
Did anyone really care?
Honest scholarship is one thing, but obsequiously petty nitpicking is another. There is a difference between constructive flaming and pointless harping. While I don't think that you've descended into pointless harping, constructive, that message was not.
-awc
http://www.microsoft.com/secur ity/bulletins/bo2k.asp
Hate to say it, but they are right. [Why does the URL show "secur ity" on the preview? The link works]
Sure the trojaned exploits were caught pretty quick but the real "fun" are these script kiddies who compile and run anything you feed them. I can't even begin to count the fake "exploits" they have run which add backdoors in their systems and drop an e-mail to a @hotmail.com address. rootshell.com has a nice utility called 'bin2c' that makes it really easy to hide code.
Having the source to software is nice for compatibility, upgrades and patches, but only the most knowledgeable or extreme users are ever attempts an audit. Those are the kind of people who would watch a copy of Office 2000 with SoftICE on their windows systems.
Christ you're telling me to get a life? Just because I don't agree with your pathethic little definition of the word 'hacker`? Well you can keep it: you tell me to get a life and yet you make stupid generalisations about Defcon. And you quite _ESR_ for christ sake.
Conversely, the Cult of the Dead Cow claims that "Unfortunately for Microsoft, Back Orifice 2000 could bring pressure on the software leviathan to finally implement a security model in their Windows operating system. Failure to do so would leave customers vulnerable to malicious attacks from crackers using tools that exploit Windows' breezy defenses."
I don't think the B02k installation procedure requires the recipient/installer to be root/Administrator for the payload to be delivered.
where the fuck do you get off being in a 'help'
job if you want to blow peoples heads off just
for asking a fucking question.
being ignorant is not a crime, hell i heard that
when you came out of your mothers puss infested cunt
you werent so bright about variadic function prototypes in C either
shut
the fuck
up
If I was going to go to Def Con I would bring my 3M Whisper Writer. The size of a hardback novel, two 40 character line LCD display, chicklet keyboard, and built in 300 baud modem with rubber suction cup connectors for the payphone.
Okay, okay, I'm just getting all nostalgic. But that's what the hardcore loved to use in the classic days. Pure minimalism, but connected to anything, anywhere.
I'm just a 'computer enthusiast' but unfortunately that sounds like somebody who buys a PC at Radio Shack.
Somebody at work called me a "real hacker" not too long ago. Because I set up DJGPP on a Windows 95 box for her. Oh well.
DefCon is focusing on Human Engineering, 1001 things to do with a stolen credit card number, etc.
Hacking has nothing to do with purpose, only
the alteration aspect.
Hey,
Check the site now! it's been cracked by those script kiddies from anti-online! this must have happend within the last few hours. Sucks major.
The same professionals who have their websites cracked day after day? The computer industry in general has the highest amount of generally incompetent and as a result, seems to have the highest BS to accurate information ratio.
Hackers do bad as well as good. Im sorry but the
term hackers apply to anything that people that
are deemed 'hacks' - Meaning they got around/in/on/changed something to their will by 'hacking'.
Yes, this means Bill Gates is a 'hack' (er).
I must say I was rather amused to find that the Def Con 7 page was hacked by a group who couldn't make it to defcon this year. Well I don't think any legal action will come of it ;->
I found all the follow-ups to Tom's post rather humorous. A bunch of mewling brat's who decide to criticize someone over posting a pet peeve on the *Hallowed* walls of *Cathedral* slashdot--solely because they recognize the name.
Sixl6--don't you have anything better to do with your time other than complaining about other people's "crap." I don't recognize your name, let me guess--you're nothing more than a lush with a keyboard. Learn to crap first then whine about others.
Hmmm. This doesn't really fit your posts. However, they *are* offtopic, unprovoked, and arrogant.
Hey, most *linguists* I know aren't that uptight about language. The only people I know who vent out like this are either snobs, nationalists, or both. I hope you are the exception.
I find it remarkably demoralizing that a work of serious scholarship about a topic in daily use should out of spite be branded a troll by an overzealous moderator.
Last I checked scholarship about the daily use of language is just that: scholarship on the way users use the language. The work you cite *is* based serious scholarship (OED, Latin grammars), but it is not a descriptive work on the actual use of the English language; it is a prescriptive work, which in no way offers any justificaction for its recommendations.
Hey, I _have_ seen language planners from a language academy make recommendations about such issues. The first example I recall, is a recommendation on the correct plural form for the spanish word 'travesti' for a reporter to use in an article on a newspaper with national circulation. The reporter had asked which of two alternate forms to use: one which was paradigmatically more correct, but hardly in use; other which was in common usage. The recommendation was the form in common usage.
Next time, I suppose I should just flame rabidly rather than resort to honest scholarship so you would actually have something legitimate to whinge about.
Well, you didn't flame rabidly. However, let's look at what you wrote:
Egads! Not this `virii' nuttiness again. Please, please, please read the viruses document before you propagate this silly notion. I honestly believe you will find the article informative and convincing.
Hmm. "Nuttiness", "silly notion". Those *are* condescending words, Mr. Christiansen.
Oh well, I got better things to do, anyway. I'll just leave you with a riddle. What's the plural form of 'Elvis'?
Yup, you guessed it: 'elvi'!
(This was stolen from a Married with Children episode.)
---
Possibly, but it was open-sourced, and you were able to fix the code without resorting to vendor harassment :)
This is just like television, only you can see much further.
yep, some hackers did it.
And shouldn't DEF CON feel special, they were good enough to be hacked. Wow, what an honor.
No, really, it is interesting, and I think they should give a prize to the lucky winner(s) who did it. That would be cool.
Insert mind here.
How do you tell a high school student from a uni student? They act differently. Feds would most likely just stand back and observe, talk to people they may get more info out of but they would ask the questions. I was at just a plain old talk on forensic computing and you could tell the police in the room.
If it is a cracker convention, why do all these computer industry professionals show up every year?
It is their job to know their enemies.
What you are saying is that Linus is not a hacker because he started Linux from scratch. Hacking has nothing to do with the notion of beginning or continuing someone works. Hacking has nothing to do with vandalism. Hacking have got to do with a disposition of mind bended toward constructing things and sharing them. You can construct these things from scratch or modify the work of other hackers but this is still hacking.
"The obvious mathematical breakthrough would be development of an easy way to factor large prime numbers." Bill Gates,
The world is finally drifting away from mixing up "hacker" and "cracker". But what worries me is that "hacker" is taking on yet another meaning, which is also incorrect. Just about any press that distinguishes "hacker" and "cracker" labels hackers as those who break security, break operating systems, and gain entry to anything digital, supposedly for non-harmful purposes. This must be stopped!
~ Give me 101 plastic soldiers, and I will conquer the world.
How do they "Spot the Fed" anyway? Wouldnt the Fed probably just be a normal looking guy? I dont think they would send in a square-jawed, clean-shaven, charcoal-suit-wearin, earphone-listenin, ray-ban sportin guy/girl. (But I would wear that just to get a reaction :) )
You think emacs is evil?! You've never used VM's XEDIT have you?!! That's evil, baby!
" ...they will stay out past their curfews, and, perhaps, they will have their first beer. "
wow what a bunch of rebel kids... sounds more like teen football jocks to me.
Too bad Las Vegas is basically underwater right now...
Soggy crackers... mmmmmm....
RateVegas.com - Vegas Reviews
- coug_
It's disappointing to see a major news outlet abuse the term "cracker".
Duh! The point is not wether we get it, but the media droids do. Obviously they won't.
Me wants more GPL software! Me can't wait a few more days! Me want it now so I can r00t and 3xp1017 some W1nd0z3 boxen!!!
hehehe... some enterprising soul hacked defcon to make in into admcon, with the antionline narqing facilities, etc.
i think it'll stay up for a little while, these ppl do have a sense of humour.
BO is not a trojan. It is a tool. However, like all tools, it can be used for good or bad. That use is up to the person using the tool.
I suppose hammer manufacturers should all be arrested because some people have been known to bludgeon someone else with a hammer. >sigh
yep, some hackers did it.
Stop tring to act like BO actually breaks security. It runs as a background process. It accept connections on port 31337 I believe. It breaks almost as much security as a telnet daemon. The problem is it doesn't make ANY attempt to alert the user that it's running. Windows provides many methods for any application to do this. If you wanted to write an application/daemon in Linux that would be invisible, it would be just as easy. Sure you could run ps, but it's easy enough to make the process name appear to be "in.telnetd" or some such thing. And Windows has process viewers too..
If the people at cDc were really interested in MS beefing up security, they would release the "exploits" BO uses to vendors, instead of every script kiddie in the world. When a exploit arises in Linux, the responsible person doesn't write a program to make it easier to run, s/he writes a patch for it. The people who write exploits are just as bad as script kiddies. Don't try to argue that.
You can all argue that DefCon is not a cracker confrence, but who will believe you? Your best arguement is that "well we've changed the definition of hacker/cracker, so of course it isn't!!".. Sorry if this apears to be a flame, but some of the posts I've seen today are pretty rediculous..
-- Ace
I'm not sure if it's sadder that you really see this on AOL, or that everyone on Slashdot appears to think that this what everyone on AOL is like..
-- Ace
Shit-fire, yes, speaking should be fun! :-)
Did you ever try to something like "the data're in" rather than "the data's in"? Forget it!
But people look at you sideways when you say "datum". Of course, one could say "data point" to mean the singular... which is what I assume they mean when they use "data" as a singular noun.
OTOH, "Virii" is just annoying.
How surprising is it that news media usually don't get the difference between hackers and crackers when a conference of hackers calls itself "DefCon"? It doesn't exactly suggest a benign outcome.
they kept calling all the people at defcon hackers when they in reality are mostly crackers, and more importantly it isn _NOT_ a hacker convention it is a cracker convention!
esr said it best with
"People who do real work don't bother with Defcon."
Well it doesn't seems so, as they say:
We are not trying to teach you to learn how to hack in a weekend, but what we are trying to do is create an environment where you can hang out with people from all different backgrounds. All of them interested in the same thing, computer security.
Underground+"computer security" equals pretty much crackers for me. Unless you are a cracker, "computer security" is rather boring (yes useful, necessary, but boring), and I can't imagine why people would meet for several days on this subject.
Ok this won't be the only subject, but then this is very present.
The texts, adds and links on the pages make that very clear, for instance, anyway:
Hacking, Cracking, Phreaking, Interviews, Speakers, Hacker Jepoardy, Hacker Death Match, Babes of DEF CON, HNC Goes Wild in Las Vegas, Capture the Flag, DEF CON Social Engineering Contest.... also Watch the Dark Tangent fight to the death in Hacker Death Match!!
But maybe I have missed the talk "The evolution of FreeBSD internals since 4.4BSD", in the program.
It never cease to amaze me, how crackers, or crackers-alike, continuously claim they are "hackers", now even pretending doing the "cracker/hacker" distinction correctly.
Actually the NYT has covered DefCon before...
r ticles/02hacker.html
Check: http://www.nytimes.com/library/tech/98/08/cyber/a
cypherpunks and cypherpunks
K.
-
How come there's an "open source" entry in the
-- Proud descendant of semi-nomadic cattle-herders.
Sounds more like vandalism then hacking. Its about time you got caught up on the term.
If they release the exploits to the vendors only then the vendors deny, waffle, and generally sit on them without doing anything. If they release them to the public, then the news media gets involved and the vendors hands are forced into action otherwise they look incompetent.
The cDc isn't the only group making exploits for products. I would rather have a group such as the cDc release public exploits than another group keep them private for group use only. If the white hat groups make an exploit, you'll learn about it fast and (hopefully) it'll be fixed fast. If a black hat group makes one, you'll probably learn about it after you're bitten.
Do your research. It was the group ADM, and it was a non-malicious hack (the defcon page was still intact, linked at the bottom). In fact, they poked quite a bit of fun at ao.
Returned Peace Corps IT Volunteer
Drinking with fellow geeks without commercial (okok... with _less_) commercial companies with their _interests_. Now this "oowww-- they're evil crackers" crap must stop.
It's not an all-cracker convention anyway. There are a lot of smart guys/girls coming and you could always just get drunk in Vegas. Why do you geeks keep complaining about this hacker/cracker thing while in reality a lot of people at Defcon are actually geeks as well (maybe a little less sexually frustrated but hey, you could learn).
I used to correct people all the time on the use of "virii" and (sigh) "data". However I recently recgonized the fact that virii sounds dramatically keener than viruses. English has never been a static language -- words get added or altered on popular whims. Logically enough, as any language that stagnates goes kaput. Thus, I would advocate the unceasing usage of the word virii until the cows come home -- it sounds "neater" and if we keep using it, it becomes acceptable. And speaking should be FUN dagnabit!