The first one turned out to be Addison's Cato - and the fact that it doesn't seem very well written is an interesting observation - you an English major?
There are two reasons it might not seem like him - 1)it isn't him, it is supposedly by a guy Tyler- and 2) you could be wrong - if you had done a little research, you would actually see that what is writen is very much like some of Poe's poems - do a search for some fo the phrases in that translation, you will find a great deal of them in one of Poe's poems (actually more, but one is very close - "their fragrance" is what helped the solution for the guy that had this posted) ----------------------------------------- ---------
If you check out the egroups mailing list (there is a link in the story) - one of the guys that solved the puzzle posted the solution.
------------------------------------------------ --
you make it sound like a group of MS programmers got together and wanted to program in a back door.
What you are referring to is yet another MS security hole that exists if someone doesn't setup their sites correctly.
I'm sick and tired of Slashdot readers always bashing MS with such knee jerk reactions. Any distro of Linux straight out of the box has holes as well - but you have to fix it. Everyone just shrugs and says "oh, well, yeah, that happens - just fix it and no prob" - but MS does it and everyone freaks out and calls them worthless.
I'm no big fan of them, but at least pick the proper things to pick on. --------------------------------------------- -----
I'm not a huge fan of MS products, even though everyday at work I have to work with them.
But I will stand up for them if people are just going to bash them without basis - if you read the article, the way he got into the site wasn't a MS hole, it was just poorly programmed stuff that allowed you to change what user you showed-up as.
There are plenty of times that sites get broken into regardless of what kinds of software they are using - from the way they describe this, it sounds like it doesn't matter what platform they are on.
And someone on here pointed out that they have headers that show they aren't using MS - then someone posted that they are faking the headers to keep people from hacking them... come one, really, that is ludicrous - if they are using MS and are hiding it, then they know enough that they shoudln't be getting hacked anyway.
I'm a big fan of Slashdot and the ensuing discussions, but it is stupid how everyone immediately just knee-jerks "MS Sucks" anytime any problem comes up.
Whoever is the leader in computer systems will become that target, simply b/c they are the leaders. ---------------------------------------- ----------
Where is any of this did it say MS products were to blame?
Granted, I will agree with you that MS is widely used and frequently the people using it rarely do more than install it with its defaults - but just to jump in and post something saying like "MS sucks" or or what you said is childish - do you even know how to break into a MS site?
I doubt it - there a whole bunch of people on this site that routinely go on about how easy it is to break into an MS site, but couldn't even so it themselves.
Please either post something useful or just shut up and quit wasting space. ------------------------------------------ --------
I should add to my previous post - it looks like I misunderstood - I know Burton didn't do Pi, but the way I wrote it there makes it look as if I was saying it was Burton ------------------------------------------ --------
Burton does some cool stuff, but Pi was... I don't know, it seemed to me like he took everything we learned in film school and put it all into one movie. you only need a few of the concepts, but he seemed to not get that and toss it all into one - don't get me wrong, I lked it - and the soundtrack frickin rocked.
I think Terr Gilliam would be perfect for this - or who did Delicatessan and The City of the Lost Children?.... or was it Lost City of Childred... something like that -------------------------------------------- ------
Certainly big a brooding - is he tall enough? Although that said, I've met Keaton and he is _really_ short, his head was below my shoulders and I'm only 6'1" or so.
That said his bodyguard was dolf lundgren-esque... so maybe he's a good one? -------------------------------------------- ------
The part where they said Boston makes me think it is the Mass Inst o' Tech one.
I'm merely guessing there though - that and the links are there too - but again, I could be crazy. ------------------------------------------ --------
Hot damn - first I miss the Geek convention in Boston, now I miss these b/c I have sit and stare at commerce site code... son of a - how about just giving me a nice fat job at Slashdot?
------------------------------------------------ --
That name just rolls right off the tongue. Catchy and easy to remember - both very good for company names - and to think those bastards in California gave them a hard time about that.
Good thing I'm part Norweigian to fully appriciate it - lord knows that you only want your name to make sense to about 4% of the people visiting you site... less is better, but not everyone is perfect. ---------------------------------------- ----------
I worked for a pentent law firm in DC right before I started college in '95 - you shoudl be careful what you say, there are MILLIONS of Joe Normal guys getting fucked up the ass by many a large company b/c they can't afford to defend it in the courts.
The patent law firms are told by the government that they should do some percentage of pro bono cases per year, they never reach this quota - but that is relaly the only way a little guy will get it if they will go for that.
There is a whole subsection of business built on "submarining" your patent.
When I was working there we were right in the midst of a razor company coming up for air on their submarined technology and they were going to get a shitload for it.
you file for your new product and you purposely tie it up in the courts, it is a great invention that everyone wants, and for X time it just has "patent applied for" on it and some competitors of yours use it, then after there is enough market saturation to satisfy you, you come up and you allow your companies lawyers to finalize the thing, get it out of the process and patented - you then sue the fuck out of every single company using your idea. there is a whole separate revenue stream coming from just that.
if a company wants a patent, they have a full legal staff on full time solely for patent problems and they will just take whatever the hell they want and let their lawyers take so long in court that you can't afford it any longer. the only way you have a chance is if you get a pro bono or if some other companies see a benefit in it and will come and back you up in order to get it. - I can give you a great example of that too with the government and some chips for radar.
------------------------------------------------ --
yeah, and I'm not flocking over to Bangalore and complaining abou the language skills there, I'm here in this country where I speak this language, as others should.
I'm the first to admit, I'm retarded at other spoken languages, I couldn't do the whole hindi thing, hence I stay the fuck here and deal. ------------------------------------------- -------
Am I missing something? It says right on the fucking thing that it expires on X date. then when I expires they freak out?
am I the only one that doesn't understand why they are so surprized and angry. I'm thinking if I was in India and I had a peice of paper that said I had to get the hell out of dodge on X date, I'd be thinking... hmm, okay, I'm outta here on this date instead of freaking out when that day came around.
That and the average salary in Bangalore is $500 - yeah, I'd say even if they had some shit job @$30K over here, they are fucking living like kings.
Fuck you and go home if you are going to complain, it says right on the fuckinng thing. don't act so suprised.
if the law is stupid, then fine, but we all gotta follow it jackasses.
I'm sick of working with idiots just b/c they will work for half the pay anyway. ----------------------------------------- ---------
they had those commercials where the dude would talk really fast.
one of those made of diamond would be pretty sweet if you ask me. --------------------------------------------- -----
They are just covering their asses. If this happened and they didn't tell peopel that maybe their credit cards were in the shit that was seen, then I have a feeling they'd get in more trouble with the lawyers that are inevitably swooping in as we type. ------------------------------------------- -------
What hold was left open?
It looks as if they were on an MS syste - which would mean MS's SQL server, and I'm not sure what version they were using, but up until very recently (and perhaps still, haven't followed it) - the default login/password for the SQL server was "sa" loging and no pass wasn't it?
Tight as a drum, nobody will ever figure that one out. -------------------------------------------- ------
99.9% of the places out there that encrypt their databases just use some lameass XOR scheme (b/c it has to be fast in and out) so that you wouldn't be able to look at it and immediately know what it is, but if yo uwant to crack it, you sure as hell can - esp if you have a full database of them and know the table name is something like "credit_cards". --------------------------------- -----------------
What I thought he meant was more along the lines of - if I do a search for buying Saabs online, I will get hits that look like the page was just that, but in reality it is some sort of company that makes it look like a site has content like that, then when I click on it, it sends me to something unrelated... like a gambling site.
They have this in the states - we are the last to join that type of billing - for some reason we are still mainly doing subscription - but analysts say that in the next 2 years the growth of non-subscription (what you refer to) will grow over 300% while subscription based will grow only 6% over that same period. There are sites out there now that offer it - you can do a search. Telegea.com comes to mind as one.
One of my friends here in Boston got BA DSL, probably 6-8 months ago and they were screwing it up so much that he told them he wasn't going to pay them anything until it was working -s o no bills came and he wasn't charged anything. Finally got it working, and he still hasn't been billed and it all works well now. Not the norm, but lucky eh?
Last I checked on the site, perhaps two weeks ago, it was up and he was saying congrats to a fellow that solved it - don't recall who he was or even where from. Perhaps that is why it is gone - interestingly enough, if you go to http://www.eruditorum.org/root - you will see a similar, yet slightly different page.
Slashdot Mirror
The first one turned out to be Addison's Cato - and the fact that it doesn't seem very well written is an interesting observation - you an English major? There are two reasons it might not seem like him - 1)it isn't him, it is supposedly by a guy Tyler- and 2) you could be wrong - if you had done a little research, you would actually see that what is writen is very much like some of Poe's poems - do a search for some fo the phrases in that translation, you will find a great deal of them in one of Poe's poems (actually more, but one is very close - "their fragrance" is what helped the solution for the guy that had this posted)- ---------
----------------------------------------
what the fuck? searching around - I put the link right in the story you jackass- ---------
----------------------------------------
If you check out the egroups mailing list (there is a link in the story) - one of the guys that solved the puzzle posted the solution.- --
-----------------------------------------------
you make it sound like a group of MS programmers got together and wanted to program in a back door. What you are referring to is yet another MS security hole that exists if someone doesn't setup their sites correctly. I'm sick and tired of Slashdot readers always bashing MS with such knee jerk reactions. Any distro of Linux straight out of the box has holes as well - but you have to fix it. Everyone just shrugs and says "oh, well, yeah, that happens - just fix it and no prob" - but MS does it and everyone freaks out and calls them worthless. I'm no big fan of them, but at least pick the proper things to pick on.- -----
--------------------------------------------
I'm not a huge fan of MS products, even though everyday at work I have to work with them. But I will stand up for them if people are just going to bash them without basis - if you read the article, the way he got into the site wasn't a MS hole, it was just poorly programmed stuff that allowed you to change what user you showed-up as. There are plenty of times that sites get broken into regardless of what kinds of software they are using - from the way they describe this, it sounds like it doesn't matter what platform they are on. And someone on here pointed out that they have headers that show they aren't using MS - then someone posted that they are faking the headers to keep people from hacking them... come one, really, that is ludicrous - if they are using MS and are hiding it, then they know enough that they shoudln't be getting hacked anyway. I'm a big fan of Slashdot and the ensuing discussions, but it is stupid how everyone immediately just knee-jerks "MS Sucks" anytime any problem comes up. Whoever is the leader in computer systems will become that target, simply b/c they are the leaders.- ----------
---------------------------------------
Where is any of this did it say MS products were to blame? Granted, I will agree with you that MS is widely used and frequently the people using it rarely do more than install it with its defaults - but just to jump in and post something saying like "MS sucks" or or what you said is childish - do you even know how to break into a MS site? I doubt it - there a whole bunch of people on this site that routinely go on about how easy it is to break into an MS site, but couldn't even so it themselves. Please either post something useful or just shut up and quit wasting space.- --------
-----------------------------------------
I should add to my previous post - it looks like I misunderstood - I know Burton didn't do Pi, but the way I wrote it there makes it look as if I was saying it was Burton- --------
-----------------------------------------
Burton does some cool stuff, but Pi was... I don't know, it seemed to me like he took everything we learned in film school and put it all into one movie. you only need a few of the concepts, but he seemed to not get that and toss it all into one - don't get me wrong, I lked it - and the soundtrack frickin rocked. I think Terr Gilliam would be perfect for this - or who did Delicatessan and The City of the Lost Children?.... or was it Lost City of Childred... something like that- ------
-------------------------------------------
Certainly big a brooding - is he tall enough? Although that said, I've met Keaton and he is _really_ short, his head was below my shoulders and I'm only 6'1" or so. That said his bodyguard was dolf lundgren-esque... so maybe he's a good one?- ------
-------------------------------------------
The part where they said Boston makes me think it is the Mass Inst o' Tech one. I'm merely guessing there though - that and the links are there too - but again, I could be crazy.- --------
-----------------------------------------
Hot damn - first I miss the Geek convention in Boston, now I miss these b/c I have sit and stare at commerce site code... son of a - how about just giving me a nice fat job at Slashdot?- --
-----------------------------------------------
That name just rolls right off the tongue. Catchy and easy to remember - both very good for company names - and to think those bastards in California gave them a hard time about that. Good thing I'm part Norweigian to fully appriciate it - lord knows that you only want your name to make sense to about 4% of the people visiting you site... less is better, but not everyone is perfect.- ----------
---------------------------------------
I worked for a pentent law firm in DC right before I started college in '95 - you shoudl be careful what you say, there are MILLIONS of Joe Normal guys getting fucked up the ass by many a large company b/c they can't afford to defend it in the courts. The patent law firms are told by the government that they should do some percentage of pro bono cases per year, they never reach this quota - but that is relaly the only way a little guy will get it if they will go for that. There is a whole subsection of business built on "submarining" your patent. When I was working there we were right in the midst of a razor company coming up for air on their submarined technology and they were going to get a shitload for it. you file for your new product and you purposely tie it up in the courts, it is a great invention that everyone wants, and for X time it just has "patent applied for" on it and some competitors of yours use it, then after there is enough market saturation to satisfy you, you come up and you allow your companies lawyers to finalize the thing, get it out of the process and patented - you then sue the fuck out of every single company using your idea. there is a whole separate revenue stream coming from just that. if a company wants a patent, they have a full legal staff on full time solely for patent problems and they will just take whatever the hell they want and let their lawyers take so long in court that you can't afford it any longer. the only way you have a chance is if you get a pro bono or if some other companies see a benefit in it and will come and back you up in order to get it. - I can give you a great example of that too with the government and some chips for radar.- --
-----------------------------------------------
yeah, and I'm not flocking over to Bangalore and complaining abou the language skills there, I'm here in this country where I speak this language, as others should. I'm the first to admit, I'm retarded at other spoken languages, I couldn't do the whole hindi thing, hence I stay the fuck here and deal.- -------
------------------------------------------
Am I missing something? It says right on the fucking thing that it expires on X date. then when I expires they freak out? am I the only one that doesn't understand why they are so surprized and angry. I'm thinking if I was in India and I had a peice of paper that said I had to get the hell out of dodge on X date, I'd be thinking... hmm, okay, I'm outta here on this date instead of freaking out when that day came around. That and the average salary in Bangalore is $500 - yeah, I'd say even if they had some shit job @$30K over here, they are fucking living like kings. Fuck you and go home if you are going to complain, it says right on the fuckinng thing. don't act so suprised. if the law is stupid, then fine, but we all gotta follow it jackasses. I'm sick of working with idiots just b/c they will work for half the pay anyway.- ---------
----------------------------------------
they had those commercials where the dude would talk really fast. one of those made of diamond would be pretty sweet if you ask me.- -----
--------------------------------------------
They are just covering their asses. If this happened and they didn't tell peopel that maybe their credit cards were in the shit that was seen, then I have a feeling they'd get in more trouble with the lawyers that are inevitably swooping in as we type.- -------
------------------------------------------
What hold was left open? It looks as if they were on an MS syste - which would mean MS's SQL server, and I'm not sure what version they were using, but up until very recently (and perhaps still, haven't followed it) - the default login/password for the SQL server was "sa" loging and no pass wasn't it? Tight as a drum, nobody will ever figure that one out.- ------
-------------------------------------------
99.9% of the places out there that encrypt their databases just use some lameass XOR scheme (b/c it has to be fast in and out) so that you wouldn't be able to look at it and immediately know what it is, but if yo uwant to crack it, you sure as hell can - esp if you have a full database of them and know the table name is something like "credit_cards".- -----------------
--------------------------------
What I thought he meant was more along the lines of - if I do a search for buying Saabs online, I will get hits that look like the page was just that, but in reality it is some sort of company that makes it look like a site has content like that, then when I click on it, it sends me to something unrelated... like a gambling site.
They have this in the states - we are the last to join that type of billing - for some reason we are still mainly doing subscription - but analysts say that in the next 2 years the growth of non-subscription (what you refer to) will grow over 300% while subscription based will grow only 6% over that same period. There are sites out there now that offer it - you can do a search. Telegea.com comes to mind as one.
One of my friends here in Boston got BA DSL, probably 6-8 months ago and they were screwing it up so much that he told them he wasn't going to pay them anything until it was working -s o no bills came and he wasn't charged anything. Finally got it working, and he still hasn't been billed and it all works well now. Not the norm, but lucky eh?
Last I checked on the site, perhaps two weeks ago, it was up and he was saying congrats to a fellow that solved it - don't recall who he was or even where from. Perhaps that is why it is gone - interestingly enough, if you go to http://www.eruditorum.org/root - you will see a similar, yet slightly different page.