How about an interview with Jarkko? (he developed irc back in the 80's) I'd love to hear his thoughts on irc, how it has changed, and whether he still finds it useful.
As far as I understand the FBI only asked them to show their prowess. If the FBI only asked the 2 hackers to show their prowess without specifically saying anything about hacking and the persons involved chose to show their prowess by hacking it would be enticement and not entrapment. There's a lot of other ways to show you have skills in security instead of illegally trespassing on someone elses computer. These russians could have very well gotten authorization to do the penetration testing on one of Invita's computers for instance.
When it comes down to it enticement is legal, entrapment is not.
Also.. that arguement that it takes a hacker to catch a hacker shows how little the person knows about information security. Very few hackers are going to care enough to keep a proper chain of evidence, let alone have the knowledge of how to collect and document the evidence in such a way as to be admissable.
Hackers are good at penetration testing but that's only a small part of the big picture..
I went through this not too long ago at an internet startup. Here's what I found..
Mail servers - sendmail, postfix, qmail all have or can have the ability to use an LDAP directory that specifies where the mail is going to. It gets rid of the use of alias lists to forward mail around.
pop/imap servers - there's quite a few pop servers that can authenticate off LDAP but only a few imap servers worth mentioning. Cyrus is the best free one that I have tried. At the time I tested it there was a bug in the code that caused certain outlook clients to not see which mails were read and unread correctly. I'm sure this has likely been fixed now. The mail store for Cyrus is nice and in my opinion a bit faster than the mbox or maildir formats (YMMV). UW Imap is great as long as you don't need to do any virtual hosting support, there's some hacks and patches to provide virtual hosting support but they aren't what I'd consider production quality. UW Imap does however have the best support for MS Outlook of any imap server I have tested (I've tested a lot). Courier is also nice but because the author deviated from the standards somewhat I wasn't very comfortable with it and was told by the CTO it was not an option. Mirapoint Messaging servers are a commercial "version" of cyrus. It's basically cyrus on freebsd with ldap capabilities minus all the good stuff. No ability to really customize it, it's fairly idiotproof, however I disliked the fact that it felt underpowered and the anti-spam features was not what I considered very good. I used a gateway to filter spam before it got to the mirapoint otherwise I had load issues on the mirapoint. (Using a bastion host/ gateway to filter spam outside a firewall is a good idea no matter what mail server you run)
LDAP Directories - OpenLDAP is free but it's not what I'd call "for beginners". It takes a fair understanding of the ldap schemas before you can create a schema which can be used by Outlook. iPlanet is great but isn't free. The gui is very nice and the replication is probably the easiest to configure out of all the ones I tried. Active Directory is fairly good (don't kill me) but it doesn't conform to some of the standard schemas. Exchange has it's own pseudo directory server built in and the later versions can use active directory but I dislike how for some of the givenName and surName fields you can't have a multi record field unlike what the standards says should be allowed.
Calendar - MS Outlook CAN have calendar support without the use of Exchange. You have to set the system up for publishing the calendars to a web page and it's a little bit of a pain. It took me a bit of scripting to get outlook to automate the process of actually publishing the calendars and times.
Radius server - I actually wrote code for a radius server to authenticate off the LDAP directory. The server I used was XTRadius. I published the source for the extension so I'm sure it's available somewhere.
As for pulling users out of exchange and onto a unix server. I never did find an easy way of doing it. I did it by hand for 130 employees but we weren't running exchange 2000 with active directory. If you are using active directory then you can pull the schema and do lookups. I'm sure I could write a tool in perl without much trouble that's capable of doing that. If you'd like it, I don't have much to do right now so email me personally wh@perlhacker.net and we'll work on it.
As far as a web client.. I've tried everything and I can definitely say without a doubt the horde.org project is *the best*. They're the only thing I've seen that really pulls email, calendar, to-do, etc like exchange into a very useable GUI.
.sex and.xxx will likely never happen as a TLD for one reason only. It would open the industry groups to lawsuits as I'm sure that I'm not the only one that tried to petition for a.sex and.xxx TLD between '92 and '94 and still has the documentation to prove it.
At the time the excuse for my not getting it was they had "no policies in place on how to delegate new TLD's"..
There already are laws pertaining to conspiracy to remove freedoms from americans and I for one believe that blatently trying to pass laws that are unconstitutional should fall within the realms of such laws.
Whatever happened to the people passing or repealing laws by 2/3's majority vote?
I have a version of one called Teacup that I have been making some significant modifications to.
Teacup by itself supports email and web based submission, and web based tracking of tickets. It supports 4 user defined fields which really come in handy.
The changes I've made to it are as follows:
1) email replies that include a PR # get added to the log file for the PR in question.
2) Tickets are sorted by priority. Urgent tickets are highlighted.
3) Uses only 1.cgi for both users & admins and therefore can be used in an authenticated (intranet) type environment. (Teacup normally uses teacup.cgi for users and teacup-secure.cgi for admins and expects admins to be the only users with $ENV{REMOTE_USER} set.)
4) I wrote a small script that sync's an LDAP directory with the users in Teacup so you don't have to add all the requestors yourself. Just add them to your LDAP and they appear in Teacup.
If anyone is interested in my version of Teacup email me at wayhigh@NOSPAMsantacruz.org and ask for it. I haven't given it out at this point but it really is becoming very usable so I may as well.. can't offer any further support on it.. it's written in perl so it should be easy for most people to pick up and run with.
This could be another way to combat bandwidth. I'd guess that someone decided porn sites were using vpn's as a way to store porn on @home connections and serve them elsewhere.
This is probably all tied into the porn scandal in the white house.:P
I always find it amazing hearing people tout how less guns mean less crime when in reality the statistics point to just the opposite.
When England took away peoples rights to possess guns their crime rate shot way up. The same happened in Australia (Armed Robbery went up 40% in A YEAR).
In the last 4 years there have been 3 states in the US that have made a "shall issue" policy as far as carrying concealed weapons goes. The crime rate in those states dropped by some 13% the first year and the people who were registered to carry concealed weapons were involved in less than one half of one percent of the felonies committed.
I suggest you go do some reading. You'll find the same figures I did.
I actually work for a banner advertising company so I'm quite familiar with their business models. The reason banner advertisements have such a poor click through percentage is because people on the net want to feel like they're part of a community and banner ads don't give you that. The best way of advertising on the net will likely always be word of mouth. Recent studies have shown that most online shopping is done almost completely via word of mouth. So you can say what you will about micropayments, affiliates (partner stores are a much larger thing than affiliates imho), and banner advertising but it's not until someone figures out how to make advertising on the net personal like word of mouth advertising that you're going to see great advertising for next to nothing. WH
Heh.. when I used to work at a large colocation provider/backbone it was unbelievable how many of them would send spam to noc@
MD Geist, Fist of the North Star, Demon City
on
Essential Anime
·
· Score: 1
Check these out.. MD Geist - Artificially created soldier that was supposed to be destroyed or dumped for being too dangerous comes back and kicks ass. Fist of the North Star - Probably the coolest fight sequences I've seen in anime.. gotta love what he does to that big fatass. Demon City - (think that's the name).. nothing's quite so freaking as a chick whose twat literally eats people!:P
>Linux is the portable OS of all time, and can >scale from a PalmPilot to an AS400. No other >operating system can do that. Umm.. what about NetBSD? >Linux is the first OS to have over 10,000 >developers. Some people may not view thousands of kids as being beneficial to the integrity of a projects source code. Especially when the project lacks a formal code review process in all but the core.
I'd use OpenBSD myself but I refuse to support Theo. I'm not altogether surprised by his latest tactics. OpenBSD cd's do make better coasters than Microsoft cd's btw.. WH
I've come across someone that is involved in a wireless internet project much like yours, whom described it at length, and then went off about how l0pht had ripped his ideas off his web site with no acknowledgement of where it came from.
The wording is infact so similar that it appears as if l0pht did indeed copy what he said, or vice-versa.
So what I'd like to know is where did you come up with the idea for the wireless internet project?
I know that at one point you were offered the source code to the Windows products by Microsoft. I also know that you did not accept the offer. What were your reasons for not accepting the offer?
How do you respond to allegations that the FBI is investigating your knowledge of attacks before they happened and the accusations by some hackers who performed said attacks that you paid them or otherwise coerced them to do it in order to have coverage for your website?
Why do you feel that sites containing satirical humor based antionline are not protected by law and therefore open to your threats of legal action?
It dawned on me after reading so many self aggrandizing comments that the more geeks try to claim they are different the more normal they become.
The subject may have a bit of satire in it however it still rings true.
As far as geek women go, I've met a few and never dated any. I tend not to date a great deal because dating for me seems to be the art of choosing which female will cheat on me next.
However.. if any female were to email me back I certainly wouldn't mind..:P
If there really becomes a shortage and the the pay of the IT workers goes down. Wouldn't you expect the IT workers to unionize and drive the prices back up?
I'm surprised that with Australia's announcing the Echelon project public that more people just don't get it.
Being that the Echelon project is a multinational project to listen into international communications both voice and data. It makes sense that the US would try to insure that it could listen to as many of the calls possible, thereby protecting itself and its citizens.
We already know that the government can break keys fast enough that crypto with small keys doesn't matter so much. It seems quite obvious that the widespread use of strong cryptography could make the Echelon monitoring almost useless.
I'm fully against the echelon project and attempts to waylay our use of strong cryptography but the possibility of terrorists being active in our country to a much greater extent and coordinating their efforts internationally is rather daunting.
I'm not saying it has or will happen, but the reality that it could is scary.
I was a complete oddball in highschool, not fitting in anywhere. I wasn't in the geek crowd, I wasn't really in the "in" crowd. By my junior year I ate my lunch alone and I enjoyed it that way.
I wasn't bad looking really, I had several girlfriends through highschool, but that never really helped much.
I was in band in highschool, and I figured that the best way for me to avoid having to play my sax in all those annoying basketball and football games as to be involved in other sports. Strange that I played sports for a specific reason, and not necissarily because I loved the game like so many other idiots.
In the evenings I'd spend time exploring computers, almost anytime night or day that I could get away, I'd get on my computer and see what I could learn.
By the time I was 16 I'd been around telenet for 3 years. Hanging in the message boards that were created there by others like myself and always in search of a PAD closer to home. I'd begun defrauding the phone company as a way to spend more time dialed up longdistance to the nearest PAD. One time the phone company even figured it out and backbilled for 3 months worth of useage. That $1500.00+ phone bill is etched in my mind.. it took all the savings I had up to that point.. and then some to pay.
I got on the internet when I was 14 and began exploring there, I can well remember the days when a good find was some obscure research paper on an ftp server that gave the name of one or two more systems to go through.
I learned my first unix command by getting pissed off and typing "man this sucks!!!!!!!!!".
And for the length of my exceeding on the net, I struggled in school. You can count the amount of days I did homework on 2 hands. I only made it through school and graduated because of high test scores. If school had've ever been about what you know instead of how much can you conform and how much homework can you do, I'd have gotten straight A's. I can remember having one class that I enjoyed because the teacher valued that I don't think mainstream. Perhaps I think more clearly?
So now I'm out of school, I had to drop out of college because of cancer and chemotherapy, had to take up working full time as a way to make money just to live.
Strangely, it was what I was what I enjoyed doing in highschool that I now get paid for today. I make far more money than anyone else in my highschool class that I'm aware of. The people in the "in" crowd are aware of how well I've done and I've seen them just shake their heads and wonder if their college was worth it. I've had one tell me that their college wasn't worth what they're getting paid now.
It's not surprising, 80% of millionaires never graduated from college and something like 70% of those never made it through highschool.
So you see.. it's true.. the Geek shall inherit the earth.
I can't believe they'd sell out and make lyrics.ch a commercial venture! Damn them for selling out! It should be enough that the NMPA sales for people being able to find the titles and albums of the music they want to hear..
Count me as one of the people that will not use the lyrics server if it is commercial in nature.
Slashdot Mirror
How about an interview with Jarkko? (he developed irc back in the 80's) I'd love to hear his thoughts on irc, how it has changed, and whether he still finds it useful.
As far as I understand the FBI only asked them to show their prowess. If the FBI only asked the 2 hackers to show their prowess without specifically saying anything about hacking and the persons involved chose to show their prowess by hacking it would be enticement and not entrapment. There's a lot of other ways to show you have skills in security instead of illegally trespassing on someone elses computer. These russians could have very well gotten authorization to do the penetration testing on one of Invita's computers for instance.
When it comes down to it enticement is legal, entrapment is not.
Also.. that arguement that it takes a hacker to catch a hacker shows how little the person knows about information security. Very few hackers are going to care enough to keep a proper chain of evidence, let alone have the knowledge of how to collect and document the evidence in such a way as to be admissable.
Hackers are good at penetration testing but that's only a small part of the big picture..
I was at a conference 2 or 3 years ago and was shown a hacked secureID that had the ability to clone other secureID's.
Personally I think secureID gives people a false sense of security and I'd rather use something like the DES gold cards.
I went through this not too long ago at an internet startup. Here's what I found..
Mail servers - sendmail, postfix, qmail all have or can have the ability to use an LDAP directory that specifies where the mail is going to. It gets rid of the use of alias lists to forward mail around.
pop/imap servers - there's quite a few pop servers that can authenticate off LDAP but only a few imap servers worth mentioning. Cyrus is the best free one that I have tried. At the time I tested it there was a bug in the code that caused certain outlook clients to not see which mails were read and unread correctly. I'm sure this has likely been fixed now. The mail store for Cyrus is nice and in my opinion a bit faster than the mbox or maildir formats (YMMV). UW Imap is great as long as you don't need to do any virtual hosting support, there's some hacks and patches to provide virtual hosting support but they aren't what I'd consider production quality. UW Imap does however have the best support for MS Outlook of any imap server I have tested (I've tested a lot). Courier is also nice but because the author deviated from the standards somewhat I wasn't very comfortable with it and was told by the CTO it was not an option. Mirapoint Messaging servers are a commercial "version" of cyrus. It's basically cyrus on freebsd with ldap capabilities minus all the good stuff. No ability to really customize it, it's fairly idiotproof, however I disliked the fact that it felt underpowered and the anti-spam features was not what I considered very good. I used a gateway to filter spam before it got to the mirapoint otherwise I had load issues on the mirapoint. (Using a bastion host/ gateway to filter spam outside a firewall is a good idea no matter what mail server you run)
LDAP Directories - OpenLDAP is free but it's not what I'd call "for beginners". It takes a fair understanding of the ldap schemas before you can create a schema which can be used by Outlook. iPlanet is great but isn't free. The gui is very nice and the replication is probably the easiest to configure out of all the ones I tried. Active Directory is fairly good (don't kill me) but it doesn't conform to some of the standard schemas. Exchange has it's own pseudo directory server built in and the later versions can use active directory but I dislike how for some of the givenName and surName fields you can't have a multi record field unlike what the standards says should be allowed.
Calendar - MS Outlook CAN have calendar support without the use of Exchange. You have to set the system up for publishing the calendars to a web page and it's a little bit of a pain. It took me a bit of scripting to get outlook to automate the process of actually publishing the calendars and times.
Radius server - I actually wrote code for a radius server to authenticate off the LDAP directory. The server I used was XTRadius. I published the source for the extension so I'm sure it's available somewhere.
As for pulling users out of exchange and onto a unix server. I never did find an easy way of doing it. I did it by hand for 130 employees but we weren't running exchange 2000 with active directory. If you are using active directory then you can pull the schema and do lookups. I'm sure I could write a tool in perl without much trouble that's capable of doing that. If you'd like it, I don't have much to do right now so email me personally wh@perlhacker.net and we'll work on it.
As far as a web client.. I've tried everything and I can definitely say without a doubt the horde.org project is *the best*. They're the only thing I've seen that really pulls email, calendar, to-do, etc like exchange into a very useable GUI.
Gotta run.. going fishin'
WH
He's obviously safe because he uses a 20 character password with unix crypt and a shadowed password file.
.sex and .xxx will likely never happen as a TLD for one reason only. It would open the industry groups to lawsuits as I'm sure that I'm not the only one that tried to petition for a .sex and .xxx TLD between '92 and '94 and still has the documentation to prove it.
At the time the excuse for my not getting it was they had "no policies in place on how to delegate new TLD's"..
Obviously that has changed now..
There already are laws pertaining to conspiracy to remove freedoms from americans and I for one believe that blatently trying to pass laws that are unconstitutional should fall within the realms of such laws.
Whatever happened to the people passing or repealing laws by 2/3's majority vote?
I have a version of one called Teacup that I have been making some significant modifications to. Teacup by itself supports email and web based submission, and web based tracking of tickets. It supports 4 user defined fields which really come in handy. The changes I've made to it are as follows: 1) email replies that include a PR # get added to the log file for the PR in question. 2) Tickets are sorted by priority. Urgent tickets are highlighted. 3) Uses only 1 .cgi for both users & admins and therefore can be used in an authenticated (intranet) type environment. (Teacup normally uses teacup.cgi for users and teacup-secure.cgi for admins and expects admins to be the only users with $ENV{REMOTE_USER} set.)
4) I wrote a small script that sync's an LDAP directory with the users in Teacup so you don't have to add all the requestors yourself. Just add them to your LDAP and they appear in Teacup.
If anyone is interested in my version of Teacup email me at wayhigh@NOSPAMsantacruz.org and ask for it. I haven't given it out at this point but it really is becoming very usable so I may as well.. can't offer any further support on it.. it's written in perl so it should be easy for most people to pick up and run with.
This could be another way to combat bandwidth. I'd guess that someone decided porn sites were using vpn's as a way to store porn on @home connections and serve them elsewhere.
:P
This is probably all tied into the porn scandal in the white house.
I always find it amazing hearing people tout how less guns mean less crime when in reality the statistics point to just the opposite.
When England took away peoples rights to possess guns their crime rate shot way up. The same happened in Australia (Armed Robbery went up 40% in A YEAR).
In the last 4 years there have been 3 states in the US that have made a "shall issue" policy as far as carrying concealed weapons goes. The crime rate in those states dropped by some 13% the first year and the people who were registered to carry concealed weapons were involved in less than one half of one percent of the felonies committed.
I suggest you go do some reading. You'll find the same figures I did.
I actually work for a banner advertising company so I'm quite familiar with their business models. The reason banner advertisements have such a poor click through percentage is because people on the net want to feel like they're part of a community and banner ads don't give you that. The best way of advertising on the net will likely always be word of mouth. Recent studies have shown that most online shopping is done almost completely via word of mouth. So you can say what you will about micropayments, affiliates (partner stores are a much larger thing than affiliates imho), and banner advertising but it's not until someone figures out how to make advertising on the net personal like word of mouth advertising that you're going to see great advertising for next to nothing. WH
Heh.. when I used to work at a large colocation provider/backbone it was unbelievable how many of them would send spam to noc@
Check these out.. MD Geist - Artificially created soldier that was supposed to be destroyed or dumped for being too dangerous comes back and kicks ass. Fist of the North Star - Probably the coolest fight sequences I've seen in anime.. gotta love what he does to that big fatass. Demon City - (think that's the name).. nothing's quite so freaking as a chick whose twat literally eats people! :P
Damn.. forgot the dang thing would munge the text.
>Linux is the portable OS of all time, and can >scale from a PalmPilot to an AS400. No other >operating system can do that. Umm.. what about NetBSD? >Linux is the first OS to have over 10,000 >developers. Some people may not view thousands of kids as being beneficial to the integrity of a projects source code. Especially when the project lacks a formal code review process in all but the core.
I'd use OpenBSD myself but I refuse to support Theo. I'm not altogether surprised by his latest tactics. OpenBSD cd's do make better coasters than Microsoft cd's btw.. WH
I've come across someone that is involved in a wireless internet project much like yours, whom described it at length, and then went off about how l0pht had ripped his ideas off his web site with no acknowledgement of where it came from.
The wording is infact so similar that it appears as if l0pht did indeed copy what he said, or vice-versa.
So what I'd like to know is where did you come up with the idea for the wireless internet project?
I know that at one point you were offered the source code to the Windows products by Microsoft. I also know that you did not accept the offer. What were your reasons for not accepting the offer?
How do you respond to allegations that the FBI is investigating your knowledge of attacks before they happened and the accusations by some hackers who performed said attacks that you paid them or otherwise coerced them to do it in order to have coverage for your website?
Why do you feel that sites containing satirical humor based antionline are not protected by law and therefore open to your threats of legal action?
It dawned on me after reading so many self aggrandizing comments that the more geeks try to claim they are different the more normal they become.
:P
The subject may have a bit of satire in it however it still rings true.
As far as geek women go, I've met a few and never dated any. I tend not to date a great deal because dating for me seems to be the art of choosing which female will cheat on me next.
However.. if any female were to email me back I certainly wouldn't mind..
Kevin
True.. but I'd much rather keep my high salaries and be in a tech union than have to live on the street..
If there really becomes a shortage and the the pay of the IT workers goes down. Wouldn't you expect the IT workers to unionize and drive the prices back up?
I'm surprised that with Australia's announcing the Echelon project public that more people just don't get it.
Being that the Echelon project is a multinational project to listen into international communications both voice and data. It makes sense that the US would try to insure that it could listen to as many of the calls possible, thereby protecting itself and its citizens.
We already know that the government can break keys fast enough that crypto with small keys doesn't matter so much. It seems quite obvious that the widespread use of strong cryptography could make the Echelon monitoring almost useless.
I'm fully against the echelon project and attempts to waylay our use of strong cryptography but the possibility of terrorists being active in our country to a much greater extent and coordinating their efforts internationally is rather daunting.
I'm not saying it has or will happen, but the reality that it could is scary.
I was a complete oddball in highschool, not fitting in anywhere. I wasn't in the geek crowd, I wasn't really in the "in" crowd. By my junior year I ate my lunch alone and I enjoyed it that way.
I wasn't bad looking really, I had several girlfriends through highschool, but that never really helped much.
I was in band in highschool, and I figured that the best way for me to avoid having to play my sax in all those annoying basketball and football games as to be involved in other sports. Strange that I played sports for a specific reason, and not necissarily because I loved the game like so many other idiots.
In the evenings I'd spend time exploring computers, almost anytime night or day that I could get away, I'd get on my computer and see what I could learn.
By the time I was 16 I'd been around telenet for 3 years. Hanging in the message boards that were created there by others like myself and always in search of a PAD closer to home. I'd begun defrauding the phone company as a way to spend more time dialed up longdistance to the nearest PAD. One time the phone company even figured it out and backbilled for 3 months worth of useage. That $1500.00+ phone bill is etched in my mind.. it took all the savings I had up to that point.. and then some to pay.
I got on the internet when I was 14 and began exploring there, I can well remember the days when a good find was some obscure research paper on an ftp server that gave the name of one or two more systems to go through.
I learned my first unix command by getting pissed off and typing "man this sucks!!!!!!!!!".
And for the length of my exceeding on the net, I struggled in school. You can count the amount of days I did homework on 2 hands. I only made it through school and graduated because of high test scores. If school had've ever been about what you know instead of how much can you conform and how much homework can you do, I'd have gotten straight A's. I can remember having one class that I enjoyed because the teacher valued that I don't think mainstream. Perhaps I think more clearly?
So now I'm out of school, I had to drop out of college because of cancer and chemotherapy, had to take up working full time as a way to make money just to live.
Strangely, it was what I was what I enjoyed doing in highschool that I now get paid for today. I make far more money than anyone else in my highschool class that I'm aware of. The people in the "in" crowd are aware of how well I've done and I've seen them just shake their heads and wonder if their college was worth it. I've had one tell me that their college wasn't worth what they're getting paid now.
It's not surprising, 80% of millionaires never graduated from college and something like 70% of those never made it through highschool.
So you see.. it's true.. the Geek shall inherit the earth.
WH
I can't believe they'd sell out and make lyrics.ch a commercial venture! Damn them for selling out! It should be enough that the NMPA sales for people being able to find the titles and albums of the music they want to hear..
Count me as one of the people that will not use the lyrics server if it is commercial in nature.