Slashdot Mirror
Microsoft Cracked
jhughes was the first
to note an article on
Microsoft being cracked that (ironically enough) appears on msnbc. Not any of their "Main" sites, but it happens. Its an odd story about a lovesick cracker. Very strange.
← Back to Stories (view on slashdot.org)
I have a frriend who worked at MS. During the orientation they spit out a bunch of stats about the network. One of those was that there are 2,000 + serious hacking attacks on MS's networks everyday. (The speaker did not define what "serious" was.)
And 99% (by your estimation anyway) call an "External Modem" a "Blinky Thing". And 99% call a "Network Card" a "thing that connects your computer to somebody elses computer". And 99% call "RAM" "space", and "Hard Drive" "space", completely oblivious to the difference.
Sorry, but just because people with little or no relation to a subject mislabel it does not mean that it is time to relabel it. So "close" the "web", turn off your "hard drive" and "screen", and go find someone else to bother with your name changes.
</FLAME>
Anything above a ping :-)
some karma... and kinda lukewarm about it.
NOT. Scatological humor is lower than puns on the comedy scale. Hmmph!
Xlib
When the UNIX Y2K problem occurs in 2036, any unices not running on 64 bit systems (or at least 64 bit time_t's) will roll back to this date.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
"They" is wrong for the singular due to the fact that its plural. At least to my ear, that sounds just as bad as "He or she", which is awful in and of itself.
Why is it such a big deal to use "he" by default? I know Spanish does and I'm pretty sure most other Romance langauges do, as well. It's a generic term for a single person. "She" is specific to females, ships, and some computers (though some psychoanalysts would probably have interesting comments on the last use). "He" can refer to someone or something that is definitely male (" When Alberto Thomba won his third gold metal in the GS, he proved that his career was not yet over.") or in a generic sense ("He who slings mud looses ground.").
Terms like 'Cyberjacking' or 'Webjacking' have already been taken by the media for describing techniques of 'stealing' webhits - taking sitenames that are very similar and dumping false META tags in your code just to get search engine hits. So. Y'know, you can try it, but the mass media gets better exposure than a lone slashdotter. :)
--Parity
'Card carrying' member of the EFF.
It's amazing, a company that can't make a secure OS to save itself seems to actully do a pretty good job at securingh it's own sites. Blind luck? who knows! :)
Commodore 64, Loading up the dance floor!
I suggest 'fucked'. For two reasons.
:-)
1. It's probably the only chance for most of these kiddies to fuck anything.
2. There's something about the headline "Microsoft Well and Truly Fucked" that appeals.
3. Three. Three reasons. When was the last time you got to rant at someone saying "they're fuckers, not crackers!"?
LOL, I second that suggestion.
Bob, the "fuckers" broke in again.
- Jim - "I hate people." -
It looks like that, since MS was compromised, that flipz has done a job on some other pages of note - many being military boxen, most on NT :) Here is attrition's "record" on flipz - it includes all the sites he(she?) has compromised and it also has what all of the pages look like. Neat stuff, imo ;)
-- BlueCalx | http://nickd.org/
for a good instance of this, let us remember the words of the great grammatarian Yogi Berra. After seeing a streaker, he was asked if the streaker was male or female, and said "I couldn't tell. They were wearing a paper bag over their head." (think.)
"they" _is_ the correct pronoun for persons of unknown gender as far as i know, but don't be too upset if you see someone defaulting pronouns to masculine; english does, after all, have some basis in latin. Although english isn't as strongly gender-typed as, say, spanish ("ellos"), so defaulting pronouns is somewhat of a bigger deal because it's done less often.
This really isn't a big deal now that i think about it, but i just felt like quoting Yogi Berra.
Then I could really say that something about that unintelligeble dialect actually impressed me. Heh.
womynyst
Yes it's all a big conspiracy. They want you to think they have journalistic credibility, and when they've finally lured you in they will begin telling you lies and you will believe them and you will all become slaves to Microsoft and their people controlling media!
Why does everything have to be a conspiracy theory around here? If CNN's network got hacked, who do you think would probably be the first to report it?
"OH OH!@ SOMETHING WITH MICROSOFT! MUST BE A CONSPIRACY!!@$" Don't forget that there is also the NBC part of MSNBC. Microsoft for the most part just helps provide technology, there is no big microsoft censor checking all the news making sure that it is inline with their way of thinking. Furthermore, many of the reporters are private contractors who write articles and submit them to be published and are paid individually for each article. One journalist who often writes articles for the technology section of MSNBC, Krakow, is a big linux fan and often writes positive articles about alternative operating systems. No more than what CNN would do, no less. So let's just lose the whole big Microsoft conspiracy bit.
-Ashen-
My post appeared first at #3 or 4... for some reason, for a period of time it was actually the FIRST post you'd see on the list... and now it's here. All of the posts appear to fluctuate somewhat, I don't know why, but perhaps one of the Slashdot Engineers can explain it.
Eviscerati.Org: All Hail the Eviscerati
The problem with the MS sites crack-wise is that they are very careful and have some truly state-of-the-art firewalls and proxies and whatnot, not to mention I'd wager everything is being load-balanced and round-robined, making it even more of a headache.
Returned Peace Corps IT Volunteer
What a well articulated rebuttal!
If there was ever any doubt in my mind that people like you should run the world, it was just eleveated! thank you!
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
You moron, if you steal or rape.. the damage is not undoable. If you hack (or crack for you wusses) you are not doing permanent damage.. and the damage can be undone in less than 5 minutes. Use your brain for god's sake.
it's not that my post came first, because #8 is of course after #6, it's that it _appeared_ before #6 on the list. I don't know why that is, just as I don't know why at one point my post (#8) appeared to be the first one on the list. I suspect it's some weird after affect of all this moderation/karma/metamoderation stuff.
Or perhaps it's a distortion in the space/time continuum.
Eviscerati.Org: All Hail the Eviscerati
it says this is the first time any ms web page got hacked but that isn't true.
i _very_ clearly remember microsoftoffice98.com or microsoftofficeformacintosh.com or SOMETHING being hacked on halloween of last year. It said something like "happy halloween bill gates" and had a scull, or something. did anyone see this? attrition.org has no reference to it.
ANyway the point here is that a microsoft site _has_ been hacked before, and i've seen it, although it's possible that (like this recent hack) it wasn't hosted by the people running the main microsoft cluster of IPs or whatever.
anyone notice that msnbc called Attrition a "reliable computer security site "? Nice to see the media taking note, for a change, of people who don't work for antionline. (although i wish attrition would add a search function to their hack mirror, or at least make it an option to download the whole thing as one long file so i can just command-f..)
I guess we'll all be wondering forever what the hell "uncertainty.microsoft.com" was.
Irritable, left-wing and possibly humorous bumper stickers and t-shirts
Hacks from http://www.attrition.org/mirror/attrition/os.html:
_ _ 08/1999
_ _ Win-NT - 106 - 35.93%
_ _ Solaris - 77 - 26.10%
_ _ Linux - 68 - 23.05%
_ _ 09/1999
_ _ Win-NT - 82 - 32.54%
_ _ Linux - 72 - 28.57%
_ _ Solaris - 62 - 24.60%
Installations from http://leb.net/hzo/ioscount/data/r.9904.www.txt:
_ _ _ _ _ _ _ _ _ _ _ _04/99_ _%recog
_ _ _ _ _ _ _ _ _ _ _-------_ -------
_ _ _ _ _ _ _ _Linux_ 295003_ _ _28.7
_ _ Windows 95/98/NT_ 253520_ _ _24.6
_ _ _ _Solaris/SunOS_ 194281_ _ _18.9
By putting the 08/1999 hacking numbers with the 04/1999
server os numbers we get the following hacks per host:
_ _ Win_ _ _0.042%
_ _ Solaris 0.040%
_ _ Linux_ _0.023%
Not very scientific but interesting. Of course OpenBSD
kicks everyone's ass. Linux really should have someone
doing source code audits.
Sorry for the screwed up underscores. Slashdot made me do
it. Set your brower to a fixed width font for best results.
Maybe Microsoft does have a security strategy. Don't make a system secure at all, and then people will leave your site alone because it is not a challenge to break into. ;)
Just because a person or group broke into 11 websites doesn't make them hackers. It just means they found 11 websites vulnerable to one of the many rootshell.com exploits.
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
..or does anyone else find it weird and disturbing that script kiddies merrily try to hack vandalised HTML into everything from government sites to the military, but they are supposed to be afraid of _Microsoft_ retribution? What's that about? I would have thought that such people would be more worried about _military_ retribution, or government retribution. Do they know something we don't? If it's a lot of nonsense, why is MSNBC putting it forth as an explanation?
Now you see this wouldn't be happening if MS was using G4s. :)
Ozwald
Instead of cracking into a page and defacing it, why not another strategy. Why not instead make the site look broken. A piece at a time, make changes to the site to drive the users of the site crazy. Then when you detect activity by the sysadmin or webadmin to really investigate your the problems, post your hacked page. With subtlety, it could go on for months. And we all know how much web surfers love broken pages. Break the M$ Java script, make the search engine behave oddly. So many possibilities. That is power and cleverness folks. Just a thought...
Interesting how this post (#8) was moderated up to Score: 3 - Funny, but post #6, which came first, was moderated down as Score: 0 - Redundant.
How was 6 redundant?
i dont display scores, and my threshhold is -1. post accordingly.
Discuss
I smell a new service release coming out REALLY SOON now....
Check out Magic Firesheep!
I don't think we need to invent terms. Invented labels invariably either 1) don't catch on or 2) become self-parodies. Languages evolve naturaly, when a sufficient portion of the population collectively "decides" that a new term is warrented. Why can't we just say what happened:
A web page was (defaced/altered) by an unauthorized person?
Yeah, it's bland, but it gets the point across without falling into this whole cracker/hacker (f)lamewar again.
That sounds good to me. I was mainly objecting to the term "cracker" being inappropriately used in this context, and trying to suggest an alternative. "defaced" is certainly fine as well.
To get back to the article, I personly find it disheartening that this poor kid (I assume) who's been playing around is worried about being arrested for what amounts to causing someone to take five minutes to restore a backup. Yes, his actions are immature, and yes there's too much of this kind of thing going on, but fuck, the punishment should fit the crime. He deserves detention or summer school, not jail-time.
Definitely - there seems to be a level of paranoia about 12-year-old "superhackers" that makes people think they're a danger to society. The punishment should be the same as punishment for any other sort of vandalism that caused about $2 in damage that's easily fixed. Whatever punishment you'd give to somebody who sprayed shaving cream on your car is what you should give to this kid...
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
this is all true but..
:)
.sig
from what i've heard there were storms in Redmond so we can't blame any of this on Microsoft
matisse:~$ cat
I can see the headlines now, "House of Bill Defaced"
#include "stdflamethrower.h" - stolen from another /. poster
Do you remember that whooshing noise you heard just before posting? It was the sound of the joke flying right over your head.
We all know that crap is king
Give us dirty laundry!
That sounds like a work by Tennesee Williams...
I have famous family members. My sister picked up her stalker in the mid 80's. There are plenty more sick people out there. I personally know someone who picked up a stalker this year...
:-(
A lot of famous people have stalkers but will not talk about it - the FBI says that if the stalker realizes that the star is never going to love them, their fantasy will crumble and they are likely to turn violent. Plus until the stalker does something illegal, the FBI cannot do anything beyond advising the star on self-protection measures.
You only hear about them when a stalker kills someone or does something else that is spectacular, but there are still plenty of them out there.
Why does the media gives so much attention to websites being `Cracked'? It's quite easy to stop these kids having fun. A possible SOLUTION: Write a script on a remote computer (i.e. completely outside the site) that checks the site constantly and compares files to it's local copy. If one or more files are corrupted, then through the script transfer (e.g. ftp) the original file(s) by overwriting over the corrupted file(s). That's it! No more fun for KIDS! What's the point of hacking a website, if the hack only lasts less that 1-5 seconds? Hehh!
You know, That hacker slang, at least on the surface would be a good way to keep info fromechelon... but when you think about it wouldn't be hard for the NSA to pickup on stuff like that as well.
That's why I think that h4x0rz 5l4n9 is really an NSA plant, no "real" hacker would use terminology like that, so the NSA, after relizeing that it's servers couldn't keep up with all the 5kr1p7 k11d1s convinced them to start using a 'creative' spelling of target, therby saving them thousands of CPU cycles examining skript kiddie conversation!
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
Another non-functioning site was uncertainty.microsoft.com The purpose of that site was not known. --- Hmmm, I'm not sure myself. :)
"He" is an acceptable pronoun for a person when the gender is unknown unless, like someone mentioned, you're a militant feminist ...
Notice the part about the site being hosted on an NT server? (well of course microsoft uses microsoft software). How long have we been sayin it? LOL but seriously, cracking is bad. If these crackers would stop it for a while then the media would give up on that word "hacker" for a while and the people/media would have time to adjust to the word cracker.
Anyway, however you call them, they're not good. Even attacking microsoft (which, if i were in a normal mood, i would advocate) is against my morals, and that's all i have to say about that, cept *nix on any NT users. lol that's a really bad pun.
Restating the obvious since nineteen aught five.
Don't you think nuclear weapons and nuclear processing plants and equipment are exciting? No? What about lightbulbs? Everybody likes lightbulbs.
From the article:
---
Another non-functioning site was "uncertainty.microsoft.com." The purpose of that site was not known.
---
:-)
I wonder if the author did that on purpose, or if it was a happy coincidence?
Eviscerati.Org: All Hail the Eviscerati
Cracking is actually good although right now it may seem bad. If it wasn't for petty crackers showing off or just exploring we'd be vulnerable to a much greater range of attacks. Right now while the net is still young is the time to find out about such problems and fix them.
/hope/ that good admins would recognize an attack quickly. :) If your systems are vulnerable to enough attacks to jump from a web server to the SQL server and so on you really need better software and/or a better admin. :)
But really anybody who puts critical or highly private data on a web server should be beat with a stupid stick! Sure someone can backtrack through your SQL server (or whatever you use) but it is highly unlikely if you have it set up right that they could use the same hack to get into that server also. The worst they might do is mess w/ your data which if you audit your SQL calls and have a history of old data backed up you should be able to parse out any data entered after a given time. The only data likely to be lost is data entered during or after the attack and we
At what price learning? At what cost wisdom? The price is a man's peace of mind, and the cost is his life.
Several months ago on the Register they had captured a crack where someone had replaced the text: 'Please help us find bugs in Windows 2000' with 'Please help us find bugs in Bill Gates Ass 2000' on their beta page.
Don't they mean the same thing? I think it was just the webmaster trying to clarify the sentence.
Chilli
-=- Just a random lambda hacker
> Probably too busy enjoying Baywatch.
:-)
You mean BabeWatch or BoobWatch (although Xena is getting pretty bad in that later department
I don't think it's ironic at all. It sounds more like damage control to me. By reporting it first, they can downplay the attack and make it sound like a relatively minor thing. " Oh, it was just some lovesick kid " instead of " If they can get into here they can get into anyhere " type of story.
It has been noted that f0bic *must* be a guy... (attrition.) But! who's to say that flipz isn't *ALSO* a guy? I heard gay people do exist... perhaps they can use computers eh? ---right-handed, heterosexual, middle-class, non-ADD, non-dyslexic, white male. I'm a minority.
I am that that is, not that that is not, that is.
Brak: usually about a body of water, indicating a differing content of salt, i.e. in a rivermouth.
:)
also brak is the state of mind immediately following a hangover, the feeling your brain has been replaced with feathers.
all dutch
//rdj
No one can understand the truth until he drinks of coffee's frothy goodness.
--Sheikh Abd-Al-Kadir, 1587
In this case it appears that no real harm was done, but hacking sites can easily cause real harm and should be punished accordingly.
And using the above example, damage done from stealing can certainly be undone but we don't not punish theives just because they give back what they stole.
Why is it such a big deal to use "he" by default?
I'm not sure that it is; and in fact I think I do unconsciously. But the fact that we use language unconsciously is the fact that gives it its power.
So consider the following question: if 'she' was the accepted default, would you be just as happy with that, and would you be prepared to defend it?
I actually think the best strategy is using 'she' just as much as 'he', although it jars if varied within a single piece of writing.
No. CDC and l0pht are about 100 times less productive. There are also posers, and fundementally wasting their talent.
JP can suckle on my left nut
I don't know about what they're using for firewalls, but their whole public network used to be BSDI based. It is only fairly recently they started using their own software.
d vocacy,comp.unix.advocacy,alt.flame.ms-win dows,comp.os.ms-windows.advocacy
Subject: I'm happy again!
From: nickkral@caa32.alumni.berkeley.edu (Nick Kralevich)
Date: 1995/08/24
Message-ID:
Newsgroups:comp.os.linux.advocacy,comp.os.os2.a
[Subscribe to comp.os.linux.advocacy] New!
[More Headers]
Check this out:
----- Begin -----
diamonds:~> telnet www.windows.microsoft.com
Trying...
Connected to www.windows.microsoft.com.
Escape character is '^]'.
BSDI BSD/OS 2.0 (wl6.windows.microsoft.com) (ttyp1)
login:
----- End -----
Or download.windows.microsoft.com.
Apparently Microsoft put up a much of WWW servers for the Win95 stuff. And guess what those servers are running!
I guess Microsoft really does suck! Long live Linux and Unix!
Thanks to wpaul@ctr.columbia.edu (Bill Paul) for pointing this out on
Take care,
-- Nick Kralevich
nickkral@cory.eecs.berkeley.edu
NT claims to be secure, as posted on it's Linux "Facts" page. This proves that NT security is CRAPPY, proving them wrong. If NT is as secure as M$ claims, then why do they get hacked anyways? They own the software, know what it's source contains, and yet they are unable to fix loopholes in it.
Don't call my crazy, that's what they called me back in the home!
And an army recruiting billboard? And the sign at the entrance of a military base? I kind of see what you're saying, but it doesn't hold up.
The point is, these are essentially high profile, low-utility systems which have little to do with the inner workings of any organization... anyone who has a clue has recovery plans for fixing a defaced site, and most have watchdogs to check if it's been changed. Notice how most of the defaced sites stay up a matter of hours?
The point is that the breaches are irrelevant in terms of compromise of security - like I said elsewhere, when someone publishes some proprietary information that's of use to someone on the 'net after cracking someone's systems, I'll be impressed. Until then, it's graffiti, and should be treated as such.
Actually I have no special affection for Microsoft. I do happen to use MSNBC for a news source often and I have been reading news there for quite a while, and whether you believe it or not, I find many of their news stories to be less biased than those that I have seen at other news sites such as CNN. Don't try and psychoanalyze me here.
Maybe rather than affection, it's more of a lack of the blood thirsty hate towards microsoft many slashdotters so easily portray.
I know Microsoft has created flawed programs, I have a great dislike for Windows, but I still use it alot because it allows me to do everything I want to do on the computer(although it would be nice to be able to do it without having my computer explode in my face every few days). I am also a fan of alternate operating systems which I use occasionally, mostly to play with and see what they can do (BeOS & Linux especially) because competition is what it's all about. And while Microsoft might have used their monopolization to get away with selling faulty software or to help knock off competiters, this still doesn't add up to a big conspiracy. Uncontrolled and unchecked capitalism maybe, but not a conspiracy. We could all plainly see what they were doing. However, from reading MSNBC for a long time, I have read numerous articles there that have taken jabs at Microsoft and problems with their software.
The thing that annoys me most is the slashdot double standard. I see pointless offtopic flames moderated to 2 even though (because, more likely) they were unfounded attacks on Microsoft or some other thing that isn't pro-Linux. If someone were to have this attitude to something involving Linux, everyone goes off in a blind rage without even seeing both sides of it. I call it unclassy advocacy.
However, I do not expect anyone here to accept my opinion, I am probably just involved in the big conspiracy against all Linux users and anyone pro-OSS and I just want to spread FUD all over the world to insure your destruction.*sigh*
-Ashen-
NT claims to be secure, as posted on it's Linux "Facts" page. This proves that NT security is CRAPPY, proving them wrong. If NT is as secure as M$ claims, then why do they get hacked anyways? They own the software, know what it's source contains, and yet they are unable to fix loopholes in it. (Yes, I forgot to mention any Linux flaws, I guess I learned from M$)
Don't call my crazy, that's what they called me back in the home!
Hi all
Doesn't Microsoft make money because of the slashdot effect?
They sell advertising on a per-hit rate, so if they make up whatever news about MS getting cracked or anything Un*x or Linux, millions of Slashdotters flock there to fill their already-full coffers.
I do what the voices on my console tell me to do.
NT claims to be secure, as posted on it's Linux "Facts" page. This proves that NT security is CRAPPY, proving them wrong. If NT is as secure as M$ claims, then why do they get hacked anyways? They own the software, know what it's source contains, and yet they are unable to fix loopholes in it. (Yes, I forgot to mention any Linux flaws, I guess I learned from M$ about posting "Facts")
Don't call my crazy, that's what they called me back in the home!
I've never cracked anything, I just don't believe it's as bad as it's been made out to be. And I enjoy the fact that Microsoft was cracked, so there.
j00 4r3 jUs7 n07 31337 En0uGh t0 uNd3RsTaNd. n0w g0 4wAy b4 1 h4v t0 h4X0r j0r 4nUs.
Using "they" as an indefinite singular pronoun is one of my pet peeves. The rule I was given: Pick one and use it for any single indefinite person/animal/it; it doesn't matter which, but *be consistent*. So when I refer to two or more people/etc. of indefinite sex, I try to go half he, half she. You can't refer to one person as both he and she, though.
The MSNBC reporter obviously didn't check his (?) facts; from the article's phrasing, I assumed the perpetrator was male and most others would as well.
Feel free to moderate this whole discussion down...
Looser? I'd say those crackers are looser. Looser than anyone I've ever met at least. I don't know about the hackers, they don't seem all that loose. But maybe you have more experience. And who you calling cracker anyways, peckerwood. Why Are You Typing With Random Caps. I Think That You Should Pay Better Attention In English Class.
I was just looking at lipz past hacks and it looks like he is busting in to a bunch of NT boxes. I wonder if he is using the same hole everytime? HMM NT has a hole in it... That can't be!
Moderators, *this* one needs to go *up* a few notches :) Well said, AC :)
Read my stuff.
flipz also hacked www.ask.com over the weekend. I can't remember for sure when he/she did it. But I do remember. The page said "flipz was here' and that was it.
Another non-functioning site was uncertainty.microsoft.com. The purpose of that site was not known.
More evidence Microsoft consciously spreads Fear Uncertainty and Doubt.
- Shaheen
You should never take life too seriously - You'll never get out of it alive.
Geeze, are you ever the grumpy one. And given to exaggeration to boot... Last I checked, simply reinstalling the OS doesn't verify that your holes are plugged up, so the only point in reinstalling is to appease some suit that you're safe, without any real rationale behind it.
"Sifting through data by hand"... Not sure what you're on about with that. But hey, you're diverting 12 people from production to do it. Not sure what you're producing though, that the only people who can verify that "data" is untainted have to be pulled from programming your projects. And are the 12 people watched over by coporate lawyers to make sure everything is done right or did you include the corporate lawyers in that 12?
What are you doing with your websites anyway? If it takes you that long to reload a verified backup, or worse yet, you don't notice that you've been hacked until you back up the hacked site, I feel sorry for the company who hired you.
Note, I don't think cracking is right. It *is* a might childish, but just because you are ashamed of what you did in your childhood, doesn't mean you have the right to insult, berate, and bore us all with your attempt at pseudologic, and nonsequiturs to derive overbloated numbers like that. Graffitizing a web page is a lot different from stealing a copy of a source tree and deleting it.
Blah I can't get my sig to work, it won't fit.
The whole stint about verifying data by hadn
goes like this:
Web site containing sensitive information defaced
(most sites do contain sensitive information,
cc numbers, product orders, payroll blah blah..).
Are you just going to accep the crackers word
that nothing was altered???
I wouldn't I would rm -rf / and restore from
read only backups, if I didn't have read only backups
then I would have to go through all the "sensitive
data" by hand and esnure that it wasn't altered
in any way shape or form. If you have a huge
database who knows how long this could take.
That's what I meant
Considering 99% (just guessing, but I know it's high) associate "hacking" with bad things, these whole debates on "It's cracking stupid, not hacking" are pointless. Less than 1% of the nation reads Slashdot, so do you think your arguements will ever become the standard? No. Get over it already. Think of a new term, because "Hacking" IS bad. Or, for geekspeek:
hacking==cracking
Just accept it. And for all you past Hackers in the old sense, think of a new name for yourselves.
no, it should be:
n 3 7h1n9
Blah I can't get my sig to work, it won't fit.
I wonder if that idiot even know what pages he (she?) defaced. He may have just run an exploit found at his favorite "warez d00dz" site without knowing what it really does.
What would happen if someone were to hack attrition.org, and deface the defaced pages archive?
I wish I had a nickel for every time someone said "Information wants to be free".
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
Dell does millions of dollars of business in half an hour on the web? Damn, someone call my stock broker, I need to buy into Dell, and get rich.
--Exaggerations don't help your cause...
In this case it appears that no real harm was done, but hacking sites can easily cause real harm and should be punished accordingly.
Stick with punishing them for what they did, not what could have happened. That person totalled his car. In doing so, he could have killed someone. Try him for murder.
Blah I can't get my sig to work, it won't fit.
I disagree with your assessment that these attacks don't raise security awareness. If the people who are maintaining big corporate and government sites aren't made more aware of the endless possibilities for attack by the continual web page defacement than they are idiots. These events should raise security awareness and if it's not than corporate goons should start paying attention right now. I think the media should continue to play these events. Your billboard metaphor is crap. When's the last time you submitted your credit card number to a billboard? Or used it to send email? Or placed any sort of trusted information onto one? While these attacks don't generally involve stealing private information, the possibility is there. gid-foo
Score: 0? Redundant? Don't listen to that silly moderator, I thought your post was hilarious. :)
Cracking *IS* that bad, and it's a very juvenile mindset to think otherwise.
At what point in time did it come into your tiny little mind that other people in the world should bear the cost of what you do.
Wonder how much our corporate lawyers, plus my overtime, plus the cost of reinstalling the OS on all the boxes, plus the cost of having to delay product releases because we had to divert 12 people to sifting through all the data by hand to verify it's integrity.... boy you know corporate lawyers, Senior SA's, management sure do work pretty cheap these days... ANY defacement and you are into THOUSANDS of dollars in lost time, slipped projects, overtime, customer loyalty, oh.. but that's harmless... *THWACK*
Back in my days I may have gotten freaky on a BBS but I understood that *I* was doing something wrong, and was ready to step up if the ax man ever came, and not make lame ass excuses (lucky for my stupid ass he didn't, damn stupid looking back). But you... you seem to think that it's your god given right to thrash other people's property, things they might have put their heart and soul into and want to walk away claiming it's only something harmless, if you're going to do something stupid at least have enough BALLS to take responsibility.
Stupid ass AC, coward fits you well!
Interesting - it seems that if you nmap a random box (take egg.microsoft.com), their firewall grabs pretty much every port. Did he use a standard port instead of another?
Btw - Microsoft does NOT have to use IIS for EVERYTHING. There's also something to be said for detailed research of your competition.
Visit
I mean, either people are FUDDING or soemthing weird is going on.
Probaby someone wodering why a page defacement deserves to be posted. If you want that...go to attrition.
The US Army seems to think WebStar on Mac OS is the most secure server out there.
I also remember some "Hack This Mac" challenges a few years ago, and nobody claimed the prize.
I wish I had a nickel for every time someone said "Information wants to be free".
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
Personally, I don't see much difference between the "new" (web page) crackers and the "old" (copy protection) crackers. Both require basic assembly knowledge, and the ability to use a debugger. And lots and lots and lots and lots of time on your hands. Obviously I am ignoring those amazing buffer overruns exploits where people manage to get code in through a function that strips out all characters but '9' 'a' and 'q', but your average exploit is not that impressive an achievement. Nor is your average software crack. I fully expect to be flamed by the script kiddies and the h4x0r groupies. Please at least attempt to keep it coherent.
muhahahhaha I r00tx0red y0ur b0x, f3WL!!!!!11!1! ph33r mY m4D sK1LLzzzzz!!!!!!111 3y3 0wN j3W!!!
Um, not unless my system is called "localhost". Jeeze kid, get a life.
I know you thought you were being cute by taking the previous poster literally, but you might want to take a look at Dell's financials.
If you did, you'd know that in the last month of the quarter (July), Dell's internet sales reached $30 million per day. With an average of over a million dollars per hour, it should come as no surprise that they'd be pulling in "millions" for some 30-minute periods during normal U.S. business hours.
And that's just pure sales, that's not even counting the costs of any future business lost by frustrated buyers who might switch or develop loyalties to IBM or Compaq.
Cheers,
ZicoKnows@hotmail.com
thanks for playing.
I believe the correct quote is "I find your lack of faith disturbing"
But Apache does exist, and has for quite a while, on NT. So running Apache on NT isn't unheard of, and likely is smarter than IIS...
:-)
I doubt there are more bugs found in Linux, but when a bug is found it isn't broacast on news.com or slashdot like every bug in any MS product.
I sure hope not! I mean, what, the entire bit that composes what Linux is, cannot even boot a system, can not function with code contributed from GNU to make Linux usable, and what composes Linux is about 1/2 the size of my first hard drive (think MFM). If Linux has half as many bugs as, say, MS Office.. a massive 100s of megabyte program, my god. Imagine the carnage!
"Open Source?" - Press any key to continue
The MSNBC article reports that this is the first time a MS sight was cracked. That is not true. Several months ago on the Register they had captured a crack where someone had replaced the text: 'Please help us find bugs in Windows 2000' with 'Please help us find bugs in Bill Gates Ass 2000' on their beta page. The text was something like that. This is just the first crack that MSNBC has known about.
BOOM "What was that?" "Oh, nothing really, just GE blowing up MS"
Where as MS hitting GE would be rather quiet.
Bill - aka taniwha
--
Leave others their otherness. -- Aratak
I wouldn't be so sure. People have done much more to capture the attention of that special someone.
Um, shouldn't that "n3th1ng" be "4n3th1ng" instead?
(currently testing something about signatures here)
You'll long for the days of classical d00dzp3ak when you see the new version, with added pseudo-Ebonics via gangsta rap records. As in "I 0wn y00r 4ss b1tch!1"
Not only that, but unless GE has either avoided or abandoned NT, MS could probably bring GE (or any other company, for that matter) to its knees via a couple of well placed back doors. What can GE do? Make radioactive light bulbs?
Bill - aka taniwha
--
Leave others their otherness. -- Aratak
A quick search of MSNBC reveals that there are some articles about GE, but nothing major. Like most conspiracy theories... this one is flawed. Microsoft news is MUCH MORE interesting than GE news ("ooh... a recall of dishwashers!" vs. "Microsoft sued by US government"). It makes sense. The one division of GE that gets press is NBC (duh), which is more exciting than GE Capital, or any other division. --- "Progress is the God of the Machine"
-rt-
** Evil Canadians are taking over the world. Learn about the conspiracy
To some people, anybody to the left of the Promise Keepers is a militant feminist.
We're pretty sure it's a girl, so 2 is true, and one is false. Don't know about 3 or 4 though
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
"Sure, the Web site may get hacked. That's the price you pay. But we know our payroll is secure [even when it's not]..."
The defaced page is her e. It is a little boring.
Share bicycle touring info worldwide: http://wheretocycle.com
I personally like 'e' and 'hir'. Though I don't use these words unless I'm confident that the other person knows what I mean.
An alternative is 've' and 'vis'/'ver', as used to describe sexless transhumans in Greg Egan's Distress.
This must be a hoax - can someone really be cracking all these platforms because his love is ignoring him?
Mielipiteet omiani - Opinions personal, facts suspect.
Hotmail wasn't originally run by Microsoft... they were bought out by them a while ago.
Has anyone else noticed that whenever there's bad new about Microsoft, MSNBC always seems to be the first to report it? Do you suppose that at the first sign of something that might result in bad press, Microsoft immediately gets MSNBC the story, thinking that at the very least, it can use the situations to bolster the network's credibility?
--
Wage Slave Journal
Hmm. The never-ending hack/crack debate. One the one hand, using "cracked" is obviously inappropriate, since the term already had a meaning in computer security prior to its application in 1984 to people who break into computers. It has, for as long as anybody remembers, described people who break the copy protection of software. This usage far predates the usage cited in the Jargon File (which itself admits to the 1984 date).
On the other hand, the term "hacked" is obviously inappropriate in this case. This system intrusion was merely the work of a script kiddie, it appears, and hence is not any sort of hacking.
We need a verb that means "broken into by a script kiddie," so as to differentiate from "broken into by an intelligent security expert" (which I'll continue to call "hacked") and from "breaking the copy protection of" (which I'll continue to call "cracked."
I personally prefer to use the term "hax0red," which, helpfully, is what they often call it themselves, so it should not be hard to have this term adopted. This differentiates from mature, intelligent people, who use "hacked," to describe their work (whatever that work may be, be it kernel hacking or NT hacking) and the script kiddies who use 3l33t sp33k to describe their work. It also allows "hax0r d00d" to be used as a convenient synonym for "script kiddie."
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
I guess they didn't read the 500+ page manual on how to secure a website....
"Get your stinkin paws off me you damn dirty apes"
I thought Microsoft used FreeBSD for their servers :)
from the 'we recommend that you apply the latest updates dept' - One of the hallmarks of MS is installing it over and over again, with its dammn install shield not cleaning up properly and leaving guessable backups + executables around, sometimes compounded by the fact the the sysadmin copied the code somewhere else for (change)safety. Creaming the disk, and re-installing everything would take a lot longer - if you had a lot of machines, and a high service level agreement. Any rubbish left behind is a risk. Old copies of insecure modules - hmm maybe. Maybe instead of calling those 32 bit API's, you call a few old 16 bit modules, that don't bother to call the security routines that were frontended later. Maybe some were accidently left behind.. somewhere. I don't know if the ACL's get reset to 'none' during the install/patch Kiddies are one thing, but having access to redundant and trusted code is a bomb hardly yet explored. Linux does not have that problem, as you can re-compile the lot with processor specific options. Maybe someone should use rsync to spot bits of code that should not exist, and build a 'run this and see if you have a security issue/ old code we don't advise you to have'. Much like a virus checker, except it would include obsolete parts of MS's code in the signature table. So obvious - why has it not been done.. hheee .. Virus Alert..detected a copy of MS...; and would continue -until the offending code was removed. The poor customer buys it off the shelf, and within minutes the antivirus software warns him/her it is out of date/needing updates. I guess this moment of truth is preferable to discovering site vandalism later.
Another non-functioning site was "uncertainty.microsoft.com." The purpose of that site was not known.
Whatever it was, that name doesn't seem to resolve anymore. I guess they must be covering their tracks for now, because fear.microsoft.com and doubt.microsoft.com also don't resolve. :-)
and every last one of you pricks is below that
William Henry Gates III, owner of the most successful software publishing business ever, and some say arguably the richest man on earth, startled office workers and the world today when he was found to have been cracked right in his office.
One worker, willing only to speak under conditions of anonymity, described the scene as follows, "He was wearing these terrible blue polyester trousers, bending over his PC fiddling with these wires, when it happened."
Others described it bright like a Halloween moon, with the crack almost down to his O-Ring.
Disturbing co-workers and his wife, Melinda Gates, alike, she is said to have promised to throw out his whole wardrobe today and replaced it with straight cotton. When asked, she had no comment.
Dr. Timmothy Farnsworth, a PhD. in both physics and a proctolgist with over fifteen years researching polyester effects on backsides, had this to say on the matter, "It's a well known fact that polyester drops down past the ass when a subject bends over. At first scientists assumed it was related to a genetic hip deficit trait carried by plumbers, electricians, and other blue collar workers, but now we know that it is in fact caused by the polyester material itself. Though we still don't know why. Current theory holds that polyester carries a special static electrical quotient, which along with a strong anti-anus gravitational repulsion effect, causes trousers to drop no matter who bends over."
Regardless, no official at the Redmond campus is commenting, but we're sure Mr. Gates is as red as his O-Ring after this embarrassing affair.
Worse than an untouchable, when I reincarnate I'll be lucky to return as bacteria.
Looks like "flipz" is more than just a script kiddie: attrition lists her as having cracked jpl, duracell, people's bank, a bunch of .mils, department of veteran affairs and some other stuff. http://www.attrition.org/mirror/attrition/flipz.ht ml
she doesn't seem to be very creative in her replacements/alterations, though.
Jacob Rothstein
----- --- - - -
"It's as simple as tit-tat-toe, three-in-a-row, and as
jacob rothstein reed college
Well... that and because its fun to have a pronoun noone else understands :o)
(Is it just me, or does "noone" look like it should be said "noony" ?)
Shawn Poulsen (Fruan)
"On Slashdot, many obvious things are insightful." - Annonymous Coward, 2000/7/9
Somebody put that in a sig block quick! :)
--
Don't forget the time spent in verifying that
:)
the only machine affected was the web server,
finding out how they got in, fixing that hole,
writing up reports to go to upper management,
etc...
It's time I'd rather spend playing quake thank
you very much.
Well, I recall being in an IRC and hearing that Linus Torvalds had been discovered gagged with Pantyhose in Alan Cox's bathtub. The photos were on the cracked RedHat.com website.
Yep, everything you hear in IRC is the truth...
I think someone have a time machine, saw today's poll and decided to impress some woman!
--The knowledge that you are an idiot, is what distinguishes you from one.
I wouldn't call that 'cracking'. Thats taking advantage ofbad coding/admining.
Um... then what would you call cracking??
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
I've performed a small search on altavista and I found that f0bic is a male. He was arrested on 12th june. See and search for 'f0bic' on your page...
:-)
:-)
So if flipz is not gay he must be a female
If also found, while searching for f0bic that a website (that is not listed on attrition) has been 'edited' for so many time that it was referenced by Altavista
So if someone breaks into your house and spray paints "You Suck Chowderhead!" or something worse on your wall you're okay with that?
I mean, the damage is not undoable. A quick coat of paint and you're good as new. They actually did you a service by pointing out just how easy it is to break into your house...right? Sure, maybe they do it several times and maybe one time they accidently knock over a vase and break it, but it was an accident and you can always get another. No foul really, just kids having fun.
I'm sure each time it happened, you'd just grab a paintbrush, clean up the mess and smile while thinking to yourself, "Those crazy kids! God Bless 'Em!"
Ok, how about a storefront? If there isn't adequate security to keep a storefront from being vandelized, then there isn't adequate security to keep the credit card receipts in the till inside secure, is there? Is that a more adequate metaphor for you? Or do you think the little pieces of paper that are left lying around your favourite restaurant/bar/phone catalouge ordering place are more secure than the computers attached to backend databases on major e-commerce sites?
I'm not sure how intimately familiar you are with how most web sites are set up - there's usually a front end, and a back end. The front end is often considered practically sacrificable - no real data is there. It's presentation crap. And that's what more often than not seems to get compromised, unless there's some serious work going on that people aren't publicising. Often, different levels of security apply. So the whitehouse's web page got hacked. So what?
Yeah, we all need more security awareness. Sites that really care if their front page get trashed have it get trashed a lot less often (a quick search of attrition.org's archives didn't find any defacements of cnn.com, but about 50 of sites I've never heard off) - Or perhaps the huge list on attrition.org is mostly tiny sites who don't have a security administrator, nevermind the resources to set up adequate firewalling etc? So one big name site gets compromised every now and again, and everyone says "Hmm, those damn hackers are up to it again."
I still don't see why everyone thinks it's exciting. Punks will take cracks at easy targets, and occasionally comrpomise a good target. Wah, wah, wah.
"Militant feminist" is flamebait.
Language shapes how we think. Taking control of language and deliberately manipulating it is a powerful way to change minds, whether for a social good or evil. (Examples: wartime propaganda dehumanizing the enemy, social movements to make deragatory labels socially unacceptable.)
Using the third person singular masculine pronoun when sex is unknown (people have sex (!), language has gender), effectively negates the existence of 1/2 the population.
I am in favor of using the third person plural pronoun, "they" when sex is unknown. Sure it's grammatically inconsistent - that's the joy of English. "They" is used all the time in spoken English and is less awkward than "he or she".
no sig please, I'm agnostic
Looks like the Win2k test wasn't too successful after all... or maybe they just fixed *some* of the bugs... or maybe its a MSBackdoor(r)...
Peter Pawlowski
If anything, the fact that Linux is prefered by hackers means there are certainly more bugs found in Linux. People just try to fix them before they become an issue, instead of concealing the fact and hope they can find a fix in time for the next Service Pack.
"Knowledge = Power = Energy = Mass"
I'm not criticising Slashdot for posting this, but the media in general for their obsession with these petty defacements.
At what point did the LA Times stop reporting every incidence of graffiti which had felled the barbed wire security of another billboard? Really.
These silly kids are being portrayed as part of "hacker" groups that no one but the members themselves has ever heard of, and aren't really calling any further attention to the lack of security on most corporate networks - just to the destructive tendancies of kids with too much time on their hands, who somehow become representative of *all* computer kids. That's productive.
I'm tired of it, it's boring, and if we ignored it, it would almost undoubtedly go away - after all, the thrill is in seeing your name in lights, isn't it?
I would guess the security is loose, not the Cracker.
I know for certain that this is not the first time that *.microsoft.com has been cracked. I recall being in an IRC channel probably about 1.5 years ago when someone posted the URL to a MS page that had just been cracked (the main MSOffice homepage IIRC). I checked it out and had a laugh, and it was gone by the next day. But it did happen...
And without burglars we wouldn't need locks on our doors?, dream on whoosie
The idea that cracking is bad is one that's promoted by industry 'pundits' and by some Linux geeks to make themselves and their OS more palatable to the corporations they hope will start to take them seriously. But really, is craking *that* bad? Defacing a web site is hardly a serious crime now, is it? It's not even as bad as grafitti on a wall, since it much easier to remove. Granted, stealing information credit card fraud is bad, but they're already crimes. Defacing web sites is harmless!
Nor have they have been yet - the 131.107 address range is a lab that is in a seperate physical location than the MSN/MS.com/MSNBC servers reside in, and are not under the same administration. These servers were likely set up by an individual or small group not familiar with the standard build specs used in production. It's not suprising they were vulnerable.
Possible, but seems very convoluted. Even for Redmond.
=VERY= unlikely. Microsoft are listed as a highly prominent target, and (despite what the article may say) crackers aren't renown for being cowed by the threat of retribution.
This feels more likely. Windows NT is not the paradigm of security. Besides, what is "Microsoft" seems to change with every report. Microsoft's Hotmail has been cracked, as has (I think) MSN. I'm sorry, but it's not exactly the first time Microsoft has had a server cracked.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
You're a militant womenist, aren't you?
"Your hat needs new tinfoil, babe."
My favorite quote from the hacked page:
Well this site was Cracked By flipz.. ANd no thats not a pic of me..But i wish it was.
... referring to a picture of a young woman with a picture of Tux on her shirt.
Does this mean:
1- He wants to be a woman?
2- He IS a woman.
3- He wants to wear a Tux shirt?
4- He'd rather have his picture on the page?
Sheldon Young
get so much attention around here.
NT is so "insecure" that hacked websites (esp microsoft.com that runs NT everywhere) should be common place no?
At least on paper, MS surpassed GE a while back (it's amazing what inflated stock values can do). Never mind that GE owns fab plants and other things of material value.
"If one is really a superior person, the fact is likely to leak out without too much assistance" -- John Andrew Holmes
I think that this is a perfect example of system administrators not taking the time to install each of the patches that make NT server the most secure platform known to man.
just playing the devil's advocate (read: being a pain in the ass), but your statement was just another gender bias. flipz could be a he that wants to look like the linux girl (re: first crack on attrition). Think on that!
Jacob Rothstein
----- --- - - -
"It's as simple as tit-tat-toe, three-in-a-row, and as
jacob rothstein reed college
I doubt there are more bugs found in Linux, but when a bug is found it isn't broacast on news.com or slashdot like every bug in any MS product.
From what i could find on google they guy that 'flipz' is 'in love with' got busted June 11 for a bunch of cracks (sorry cr4ckz) on fed pages.
"There is a holy mistaken zeal in politics and religion, by convincing others we convince ourselves" -Junius
Ok, but you have to take into account how many machines are running which OS. Macs rarely get cracked, but then there aren't many of them out there running webservers.
:)
, it's a bit more interesting. Assuming sites are hacked at random, (which is probably a very bad assumption) NT is hacked a bit more than Linux, Solaris even more than NT, and FreeBSD is in fact pretty low. If I did my math right. :)
I tried to include some tables in here but I can't remember how to switch to a fixed-width font, so we'll skip it.
But if you try to normalize the "hacked" percentage based on the distribution of the OS in the webserver population (http://leb.net/hzo/ioscount/data/r.9904.www.txt)
Yawn, old news. the MSN homepages are outsourced and not actually run by Microsoft (how often does this need to be explained to people?). I would guess that the reason it isn't on NT4 is that NT4 didn't support disk quotas, which *nix and W2K does.
http://www.attrition.org/mirror/attrition/1999/10/ 24/msrconf.microsoft.com/CMT/
Cracking, Hacking, Jacking Off!
Did anyone else notice that about 1/2 of the many cookies that it tried to set were due to expire on 1 Jan 1970 - now what is the point of cookie that old ?
Hell, the U.S.Army did it. How about a little forward migration in Redmond? Sounds like they could use it. ---------------------------------- Windows + S/M = WindowsNT "Where Do You Want To Be Abused Today?"
I'm sure we all know about Microsoft's Windows update site which lots of (l)users check for Windows updates.
Note that Netcraft shows windowsupdate.microsoft.com as a IIS/4.0 server.
Supposing somebody cracks into Windows update and uses the site to distribute backdoors that install themselves onto (l)users' computers all over the world who trust Microsoft?
Just a thought...
Jonathan Wang
I'm a bit confused about why MSN edited flipz's post, but only a tiny bit. The actually content was: "flipz was here and f0bic, your seksi voice helped me through the night heh. Save the world. Kill Bill. " Are they afraid of publishing the words "Kill Bill."?
There's no reason for a sig here.
Indeed, M$ is very good in choosing the right words to let its failures look not so severe.
I suffer from attention surplus disorder.
Remember back in the early 90's when stalkers were the rage in hollywood? If only there was an internet in 1992 this guy would've gotten busted not for cracking but for posting a love letter.
You mean the paragon of security if you mean "the glowing perfect example of how security should be."
A paradigm is (according to M-W)
1 : EXAMPLE, PATTERN; especially : an outstandingly clear or typical example or archetype
which NT certainly isn't, but I'm sure that's not what you mean, since Linux (or Solaris or BSD) aren't paradigm's of security either. OpenBSD however is a paragon of security, for example (M-W gives paragon: a model of excellence or perfection )
I approve of hacking for political purposes but I don't approve of threatening individuals. (Although I have yet to see exactly what threat this guy leveled against Bill.)
I've been the victim of threats (through email) before due to a student I caught trying to hack into one of our systems. Its all nice and dandy until it happens to you.
The Police will never catch him then, will they?
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
But WHY are people worried about these 12-year-old "superhackers"?? I personally have no idea, my systems are not a model of perfect security (although they ARE fairly secure, I tend to take the "paranoid" approach with it...), but they have managed to deflect dozens of script-kiddie attacks at the front door. So far, with a 0% rate of intrusion, I personally don't worry about script kiddies. Let them have their sad little games for all I care. I keep backups and I use a filter firewall, and so should any sysadmin who's job matters at all to them.
If anything, this focus on security is a GOOD thing. Since the internet is SO hostile, we can get well-tested secure protocols. It makes me MUCH less nervous about SSH2'ing to my box.
ACK!
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Heh. The ultimate hack will be if someone can gain access to all of the NT servers supposedly controlling BG's big mansion in Seattle.
I can see it now..... "HONEY! THE GARAGE ATE THE BABY!" "WILLIAM!!! I TOLD YOU TO STOP LEAVING YOUR FAVORITE NERD NYMPHOS WEB SITES ON THE 100 INCH SCREEN!!!!" "Dear, I swear....it wasn't me!"
Ah....dreams......
Any news anywhere on HOW the guy got in? A site is only a secure as the people in charge of it allow it to be....
.asp view source hack on ntbeta.microsoft.com. They had the admin user/pass HARDCODED onto one of their .ASP pages! I got right in:)
So what it was NT and on a *.microsoft.com domain? It could have been wide open as far as we know.
And don't think that just because somebody has put up a server at MS, that they know what they're doing.
A few months back, I used l0pht's
(no, I didn't do anything. I'm not a z3aLOTT)
I wouldn't call that 'cracking'. Thats taking advantage ofbad coding/admining.
These pretzels are making me thirsty.
what you saw was a mirror... not the actual hacked site.
--