Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask the Cult of the Dead Cow Anything

Posted by Roblimo on from the striking-fear-into-the-hearts-of-model-citizens-everywhere dept.

The Cult of the Dead Cow [cDc] is one of the best-known and oldest groups floating around in the murky world of computer security (on either side of the fence). cDc's best-publicized recent accomplishment is Back Orifice, a program that can be considered either an excellent NT remote sysadmin tool or a cracker's sneaky way into an NT-based network. But there's lots more to cDc than B.O. If you're not famliar with their history, check the cDc files before you post; they go all the way back to 1985. Please confine yourself to one question per post. Tuesday afternoon we'll forward the 10 - 15 questions deemed most interesting by Slashdot moderators and hangers-on to the Cult by e-mail. Answers will appear Friday.

37 of 63 comments (clear)

  1. random ranting by Raxxon · · Score: 1

    Why is it that every l33t skr1pt k1ddy pretends that you guys are the uber-hacker and the rest of us (thoes who can REMEMBER back to some of the early t-files) just think you're a pack of insane people that should have been locked away years ago (screwdriver flippin my left testicle... it's hammer juggling!)


    Hack me, Crack me, Make me bleed
    a faster box would be all I need

  2. Protocols by Vanden · · Score: 1

    I've read some articles recently about a new protocol in development which is meant to replace TCP/IP as the standard. If this new protocol is ever implemented, do you think that it will be more open to manipulation (ie. cracking) than TCP/IP because it hasn't had the years of testing that older, proven protocols have? Thanks.

  3. Why is BO treated differently than Carbon Copy? by Anonymous Coward · · Score: 1

    All the major antivirus software now looks for and can remove BO(2K). Why don't they also look for and remove Carbon Copy, PC Anywhere, etc.? They all do the same thing. BO(2K) even does remote administration better, with more features, and in a smaller footprint than other RA utilities. This whole thing smells the attitude, "It's not what your software does or how well it does it... It's who you are and who you associate with." Besides, I dare to say that I trust cDc's software MORE than the proprietary stuff because the entire world is can look at the source. Any shenanigans spotted by anyone would be thrust into the spotlight and fixed in no time. CC/PC Anywhere may have back doors, etc., but I can never really know. Which would YOU trust more?

  4. Re:Cow2K by DeadSea · · Score: 1
    At the risk of answering this question for the cdc...

    I think that any such organization would just have to say: themselves :-)

  5. cDc by Fooknut · · Score: 1

    my question is...

    What is the cDc's position on "hackers" generally associating themselves with online porn. I think the image portrayed by this prevents hackers from being taken seriously.

    --
    The price we pay for immortality... is death. Narnia The Great Fall
  6. Surprise by Effugas · · Score: 2

    To the various illustrious(translation: I've worshipped you guys for the majority of my life) members of the Cult of the Dead Cow:

    Moo.

    That being said, I'd like to know what have been the most surprising events in the computer industry for you. Anything's fair game. What just came out of nowhere and knocked the Cult flat on its ass?

    Yours Truly,

    Dan Kaminsky
    DoxPara Research
    http://www.doxpara.com

  7. white hat or black hat? by sinatra · · Score: 2

    A recent article (forgot the reference) characterized codc members as a bunch of social juveniles bound by no particular ideals, and lacking in both trust and personal respect for other members as well as the (cr|h)acker communities at-large. The evidence presented in the article however was limited to on-stage behavior and a virus of unknown-but-suspicious origin on a distributed CD. The codc archives paint an equally murky picture, depending on the reader's perspective.

    So is there a codc code of ethics? Could such a thing ever be enforced?

    Is the hacker code in general just marketing hype? Are the press correct in their refusal to differentiate cr from h?

  8. Your position on "Hacking" vs "Cracking" by [bog-oh] · · Score: 1

    You folks have been around for so long, surely you've seen the evolution of both terms. Are you quick to take a stand on misuse of either, or do you just take it all in stride? Some of the older security folks out there are damned sure that "hacking" is still purely malicious, and "Cracking" simply means breaking software registrations and the like. What do you feel each term represents these days?
    -
    "In the flesh, on the phone and in your account.... You shouldn't have called you know."

    --
    THIS IS PRE-ALPHA PRIVATE RELEASE CODE!!!
    DO NOT USE IT UNLESS YOU ARE A DEVELOPER.
    ALL IT DOES IS CRAS
  9. B02K (inevitably) by rde · · Score: 1

    You released B02K, which does essentially the same thing as microsoft's own software. Yours, however, is seen as a cracker tool, something you've railed against in the past.
    If you didn't want it to be seen as a cracker's tool, why did you release it at defcon?

  10. Image by Foogle · · Score: 2

    Let's face it - most people regard the cdc as a bunch of script-kiddies looking for some limelight. The BackOrifice software really made this worse, because it was seen, not as an admin tool, but as an application meant to propogate cracking. How does this make you feel? That is, what are your personal thoughts on the cult's activities and how do you think they should be viewed from the professional side of the industry?

  11. is there any other question? by phray01 · · Score: 1

    please be honest

    (1)boxers
    (2)briefs
    (3)panties
    (4)thongs
    (5)nothing
    (6)orange
    (7)Hemos the Hamster

    1. Re:is there any other question? by phray01 · · Score: 1

      dammit. forgot how old you guys are.

      (8)depends

  12. BO as a remote administration tool by scjody · · Score: 1

    I have noticed that you often promote BO as a "remote administration tool". How do you respond to allegations (mainly in the "popular" computer press) that it is potentially full of back doors, and therefore not suitable as such a tool?

    --

    "...Is this world not a call I can screen out" --

  13. question by mistalinux · · Score: 1
    I was at defcon, and attended the nearly religious announcement of BO2k. During the demonstration, you mentioned several times that BO2k is a system administration tool. Why did you keep on re-iterating that point? We know your what all of your backgrounds are and if you were to label BO2k as a "system administration" utility, why is it something that you announced at defcon, the largest cracker/hacker gathering in the world? If you really wanted to have it honestly thought of as a "system administration" tool, then why was it not announced at something where Micros~1 would attend?

    Thanks

    --
    Sosumi. just kidding. DONT!
  14. Why "Cult of the Dead Cow" by justin_saunders · · Score: 1

    Are you guys into necrophiliac bestiality or something? j.

    --

    "My cat's breath smells like cat food." - The Tao of Ralph Wiggum.
  15. broken? by um...+Lucas · · Score: 1

    Is it my browser or Slashdot that's broken? Whenever I come to this page it's completely empty, saying 0 comments no matter what the threshold.

    Someone please forward that to CDC... :)

  16. Re:Name? by kaniff · · Score: 1

    Why a dead cow? :) Why not a hamster, or even a chicken?
    kaniff -- Ralph Hart Jr

  17. Tested on a clean install? by strredwolf · · Score: 1

    I heard of your work, though BO, and regard your group and others, including l0pht heavy ind, as a security group. However, I am left to wonder what tools you test your work with, and if you test your items on clean-installed copies of Windows (insert arbitrary version number here). It would go a long way towards deciding on running Win98 under the Bochs emulator just to secure it.

    ---
    Spammed? Click here for free slack on how to fight it!

    --

    --
    # Canmephians for a better Linux Kernel
    $Stalag99{"URL"}="http://stalag99.net";
  18. Mr. T vs. Jesse Ventura - who'd win? by abulafia · · Score: 1

    If Mr. T and Jesse Ventura got in a fight, who'd win?

    --
    I forget what 8 was for.
  19. "The Body" would win! by FatSean · · Score: 1

    Corpses don't put up much of a fight...

    RIP Mr. T.

    --
    Blar.
  20. Where did you begin? by pozoc · · Score: 1

    cDc, I am interested in where each of you began you learning of computers and coding (programming, hacking, etc), and how each of you became members of cDc. Do you have any books or URL's you suggest? Cheers, -- David

  21. Cow2K by zorgon · · Score: 1

    Dear Cowsters, What do you envision as being the preeminent issue (problem, whatever) with regards to computer security (from the individual or corporate perspective) in the next 10 years? Merci
    --

    --

    I am quite civilized, and I should be brought a beer immediately. -- Bruce Sterling

  22. bo2k linux client by cxreg · · Score: 1

    When, oh when, will we have a *nix client for bo2k? Believe it or not, I would really like to use it productivly but I need to be able to access it from my linux workstation. VNC is ok but really doesnt cut it.

    --

    God Fucking Damnit
  23. Name? by Dreadcat · · Score: 2

    Cult of the Dead Cow. Bloody good name.

    Just how did you come up with it? :-)

    --
    You are the same decaying organic matter as the rest of us.
  24. questions for CDC by frog51 · · Score: 1

    Do they reckon they'll cope with the slashdot effect? :)
    First Post!?

  25. Longevity by tdsanchez · · Score: 2

    How has the 'mission' and/or purpose of cDc changed as the years have passed, especially with the advent of pervasive internet connectivity and the 'death' of classic dial-up BBS's?

  26. Here's a question or two... by Chemical+Serenity · · Score: 2
    1. Who are the sick bastids which came up with 'Trail of Blood' and 'Bunny Lust' (the first two cDc releases that I'm aware of)?

    2. Have they increased thier dosage since then? ;)

    --
    rickf@transpect.SPAM-B-GONE.net (remove the SPAM-B-GONE bit)

    --
    "People will pay big bucks for the luxury of ignorance."
  27. Swamp Ratte' you still haven't published "Stuffs" by dayeight · · Score: 1

    3-4 years ago, I sent you a nice little t-file, fiction, called Stuffs, about a girl and her magical flying snack trays, and you said it would be released. Alas, you never did, though on follow up emails, you said the next release. Why? When?


    p.s. anyone interested in some cDc reviews of t-files, check out www.etext.org/pub/Zines/BeyondLost (the url may be a bit differant, case sensitive and all)

    --
    when Push Comes to Shove
  28. Security by M1000 · · Score: 2

    How would you define the implementation of security on the major OS today?

    Windows95 / 98
    Commercial Unix
    Linux
    FreeBSD
    NT
    Windows 2000 (NT5)
    etc.

  29. Suggested question by Sanity · · Score: 1
    "In real life, if you break into a building, you break the law, the fact that it might have been easy is no defense, and the argument that you were trying to demonstrate how easy it would probably result in the jury laughing you all the way to a guilty verdict. What makes the virtual world different? Is the money people lose when their network is brought down any less real than the money that is lost when a thief breaks into your apartment and steals it? How do you justify making such violations of someones privacy and security easier?"

    I should note that I am not personally of the opinion that you might think from reading the above, but I would be interested in the response.

    --

  30. Life imitating art... by phypor · · Score: 1

    What movie or book best describes your ideal life and life goals?

    World altering, personal evolution and getting the girl ala Fight Club or more focused on internal issues of understanding with something like Zen and the Art of Motorcycle Maintance... or something utterly else...?

  31. BO for Linux by Amnerkia · · Score: 1

    Any plans to write a back door style program for Linux? or are you guys simply out to get just Microsoft?

  32. cDc and South Park by xmedar · · Score: 2

    There is an episode of South Park with cows worshipping a cow clock, and when it is removed by the people, the cows all jump off a cliff, now I've heard that refered to as the Cult of the Dead Cow episode, is it anything to do with cDc or are cults for dead cows just in fashion right now?

    --
    Any sufficiently advanced man is indistinguishable from God
  33. my question by Moses+P.+Lester · · Score: 1

    My question is short, but French. I would like to know:
    OU SONT LES BITCHEZ??!

  34. Marketing by Vladinator · · Score: 1

    Do you have any plans do market B.O. as a system management tool in the real/corporate world?


    "I have no respect for a man who can only spell a word one way." - Mark Twain

    --

    "Going to war without France is like going deer hunting without your accordion." - Jed Babbin

  35. Cracker Money by Baldrson · · Score: 1
    Since modern governments typically back their currency via threats of HIV infected gang rape I was wondering whether you had heard talk of creating an electronic reserve system based on Bovine Reserve Notes, where said Notes could be used to buy cyber protection from the Slaughterhouse Revenue Service?

    It seems crackers (stereotypically young WASP males not affiliated with violent ethnic gangs) are prime chicken meat when they are put in prison, so they would like to put the previously mentioned governments out of business, unless said crackers are frequently HIV-infected sexual masochists. Are they?

    --
    Seastead this.
  36. Conventions? by battery841 · · Score: 1

    Besides cDc being a major organization at the Defcon conventions, does cDc plan on hosting its own convention?