This guy threatened several companies, there were no security holes that would give access that he claimed. In fact, in most of the instances, the site design made his claims border on the realms of fantasy, there ws just no way to do what he claimed.
I didn't investigate Best Buy (but I did others) since the claims were all identical (just the names had changed). It's pretty clear that he was simply scum.
You have no formal IT education, you've read a couple (maybe several) of "The Classics" of Information Security.... Probably "Building Internet Firewalls", "Applied Cryptography" and maybe Matt Curtin's book on trusted systems. You didn't understand most of it, but you do understand the basics. You could probably build a firewall, but I doubt you could design a secure redundant network, with multiple levels of access and multi-tiered applacations.
Mr. Weathersby tried to blackmail more than one company, I was on a response team that was involved and surprise (not really to people who are actually trained) Mr. Weathersby is a liar. There were not any holes that would allow such an attack. In fact, if you understood the details of Comp Sci, you would find that Mr. Weathersby's description of his attacks were not possible. Given the designs of a number of sites he threatened, it was impossible for him to gain the sort of access he claimed.
I don't have a problem with freelance hackers, but I do have a problem with freelance hackers finding a hole and trying to charge the company for it. If you aren't hired to do the job, then you doing it as a free service, anything more than that and its extoriton.
First of all, Mr. Weathersby threatened more than one company with such an email (almost word for word). I know for a fact that security professionals were called in to investigate in a number of these episodes (My team among them).
A large number of Corporations care very much about your privacy these days. The California Senate Bill, the new Visa CISP requirements and legislature that is wandering through the halls of Congress have many a business scared witless of compromising your privacy. Sure it took laws and threats to do it... but the end result is the same.
Mr. Weathersby, to my knowledge, never sucessfully cracked anything and all audits found no holes that would allow the sort of control he claimed.
He was smart enough to claim he could break the site. This isn't the only corporation that "Jamie Weathersby" threatened... yet, I don't know of a single threat that was sucessfully carried out.
Do a Google on Jamie Weathersby and you find he was also involved in some rather nasty cybersquatting attempts.
We are inviting anyone who would like to write an essay on Towel Day and Douglas Adams, to submit them to us and we'll get them posted on http://towelday.org
That gives everyone about a week and a half to prepare for this memorial event.
I apologize. My short brush with the catholic Church was in a small town in the rual US.... There the priest made house calls to make sure individuals gave regularly. And certianly there are many protestant religons that are quite strict on the tithe.
My point was not directed at an 'evil catholic church'.
Let me expound slightly.
The major difference between a religon that is considered acceptable and one considered a cult is the number of people who follow that religon. It has little to do with their practices or their beliefs. Jehovah's Witnesses, Pegans (Wiccan, Thelamite, etc), and many others are maligned and sometimes even persecuted, because of what they believe. It's different, therefore it's wrong. To compare the CoS to Catholisim (as the initial poster did) calling one a religon and the other a scheme is simply wrong. A religon is a religon. There is not one that is without is failings and skeletons in their closets. But then, there is not one that anyone can say 'That isn't really a religon, because it's not like this one."
I don't claim to be an expert on Catholic ways, as I said before, my experience with their monetary system is brief.
I will however, point out that the response I made about buying the papal seat, has merit. the poster claimed that it couldn't be done, when it fact it has been done many, many, times.
I am not condeming the catholic Church because it happened... only pointing out that it's not impossible.
I contritly retract any statement that might lead one to believe that I felt the catholic church was any more a scam, or any less a religon than any of the others in existance.
Well, in actuality, Catholics, just like many christian religons, do require money from their sheep^H^H^H^H^Hmembers. It's called a tithe. 10% of gross (not net).
And if you think that money can't buy the papal seat... do some research in history. The big phallic hat has been bought more than once. It's been picked up by powerful families who paid off others to get where they needed to be (see Borgias)... it's been outright bought several times.
All religons are the same... it's only the number of people who agree with it that gives legitimacy to one over the other.
Not really. Your defination is rather unique, I believe. Most, if not all providers I've worked with define Spam as UBE.... The name Spam came from the famous Python sketch where the Vikings keep singing "Spam, Spam, Spam, Spam, Spam, Spam". The similarity is that it was Bulk and unsolicited. They were not forging the headers of anything.
As hackers, developers and coders, many of us employ a technique called "code reuse". While neither making an argument for or against creation. It is unreasonable to call this proof of anything.
One can argue that the genome shows ancestry. At the same time one could argue that it shows that God had a basic codebase for life and was able to use it to base everything else off of, ergo. code reuse.
Evolution will always be a theory. It will never be possible to prove that life got here from evolution. Short of God popping by for a visit... or Armeggedon (the biblical one), Creation will always be a matter of faith (sort of like a theory).
BTW- I was in no way involved with this particular project. If you'd care to read the Interhack information, my name is not listed on any of the "cookie" investigations.
Three Distros for hacker gurus, with just a CLI. Seven Distros for Linux geeks, with tarballs to compile. Nine Distros for Wannabes, that self-install. One Distro for the Dark Lord, in his dark home. In the land of Redmond where shadows lie.
One Distro to rule them all, One Distro to find them, One Distro to bring them all, And in binaries only bind them.
Would it be too difficult to have a thrid-party group check code? I submit that we could put a group of code reviewers in place that would sign NDA's with companies that develop closed source apps (ones that are suspected of containing GPL'd code). This group wouldn't need to be code gurus or even GNUGeeks. The group could offer their services to any closed-soruce group. Once the code is checked everyone's happy. If the company won't allow the code to be checked, then would there be a legal recourse? Thoughts?
Besides, have you ever seen MS code that is this "leet"? I mean, if MS wrote this it would be full of bugs, security holes, and likely not work without a Service Pack.
I think you're missing what I'm saying... this isn't to intimidate the child. It's simply to keep the parent informed "if they so desire". That's all. Most likely many parents wouldn't care what their child was viewing... for the parents that do care, then they should teach their child in whatever way they deem proper.
It is obvious that "censorware" is a fatally flawed tool. Using technical solutions for social issues doesn't work. However, it's also clear that many parents don't want a T-1 full of porn available to their child every Monday through Friday. So I'd like feedback on the following proposal:
In areas where minors have access to public internet services (school/libraries), they would be given an account. This account would be accessible via a smart "library" card. The account is identified by account# only. These account#'s are logged along with sites that are visited by minor. At the request of a parent/gaurdian, a report can be generated so that they can determine if their child is acting within the acceptable boundaries set by the family unit. No one else would be permitted to use this reporting tool. This takes censorship out of the hands of everyone except the people legally responsible for the minor.
I belive that this approach removes all unnecessary layers of argument and leaves us with one question:
Should anyone (parents/gaurdians included) have the right to control what their child sees/hears/views for entertainment/etc. ?
This question obviously has a precedence: Children under 18 are not permitted to purchase pornography, tobacco, etc. However, a parent could permit their child to have such things. Perhaps by purchasing the items for the minor.
I recall visiting the "Hut" with an old engineer that had me in "Jedi training". He was really interested in the new 2 Meter HT (Handi-Talkie). He inquired about battery life and the sales guys said " This battery will last all day". Wayne looked down at him,( Wayne was about 6' 2" and 280lbs, big white beard, kinda like a very very grouchy Santa) and said, "You don't know what the fsck you're talking about, do you?" The sales guy blinked and said "Ummm, well not really..."
We left and I laughed all the way back to the office.
http://www.woz.org has an article about how the NYT tried to mask a pro-MS article as if it were written by Woz. This kind of stuff is getting silly. I can't believe posters.... Pro-MS posters may be MS employees... ArtX anonymous posers (note the spelling). Sigh, I guess it's time to remember... Don't believe anything you hear or read, and only half of what you see.
(Note: MS video evidence would fall into the other "half of what you see")
Slashdot Mirror
This guy threatened several companies, there were no security holes that would give access that he claimed. In fact, in most of the instances, the site design made his claims border on the realms of fantasy, there ws just no way to do what he claimed.
I didn't investigate Best Buy (but I did others) since the claims were all identical (just the names had changed). It's pretty clear that he was simply scum.
Let me guess...
You have no formal IT education, you've read a couple (maybe several) of "The Classics" of Information Security.... Probably "Building Internet Firewalls", "Applied Cryptography" and maybe Matt Curtin's book on trusted systems. You didn't understand most of it, but you do understand the basics. You could probably build a firewall, but I doubt you could design a secure redundant network, with multiple levels of access and multi-tiered applacations.
Mr. Weathersby tried to blackmail more than one company, I was on a response team that was involved and surprise (not really to people who are actually trained) Mr. Weathersby is a liar. There were not any holes that would allow such an attack. In fact, if you understood the details of Comp Sci, you would find that Mr. Weathersby's description of his attacks were not possible. Given the designs of a number of sites he threatened, it was impossible for him to gain the sort of access he claimed.
I don't have a problem with freelance hackers, but I do have a problem with freelance hackers finding a hole and trying to charge the company for it. If you aren't hired to do the job, then you doing it as a free service, anything more than that and its extoriton.
D Clyde Williamson
First of all, Mr. Weathersby threatened more than one company with such an email (almost word for word). I know for a fact that security professionals were called in to investigate in a number of these episodes (My team among them).
A large number of Corporations care very much about your privacy these days. The California Senate Bill, the new Visa CISP requirements and legislature that is wandering through the halls of Congress have many a business scared witless of compromising your privacy. Sure it took laws and threats to do it... but the end result is the same.
Mr. Weathersby, to my knowledge, never sucessfully cracked anything and all audits found no holes that would allow the sort of control he claimed.
That's true it only took Microsoft a number of years to figure out that turning silly features on by default is a Bad Idea.
Learning from history... hahahahaha
He was smart enough to claim he could break the site. This isn't the only corporation that "Jamie Weathersby" threatened... yet, I don't know of a single threat that was sucessfully carried out.
Do a Google on Jamie Weathersby and you find he was also involved in some rather nasty cybersquatting attempts.
Dumb, Dumb and Really Dumb
Greeting DA fans,
A year ago, I wrote the article that made Towel Day a reality. This is the original story. There is a wrap up of Towel Day here.
This year, Towel Day is again on May 25th. The new story is here.
We are inviting anyone who would like to write an essay on Towel Day and Douglas Adams, to submit them to us and we'll get them posted on http://towelday.org
That gives everyone about a week and a half to prepare for this memorial event.
D. Clyde Williamson
I apologize. My short brush with the catholic Church was in a small town in the rual US.... There the priest made house calls to make sure individuals gave regularly. And certianly there are many protestant religons that are quite strict on the tithe.
My point was not directed at an 'evil catholic church'.
Let me expound slightly.
The major difference between a religon that is considered acceptable and one considered a cult is the number of people who follow that religon. It has little to do with their practices or their beliefs. Jehovah's Witnesses, Pegans (Wiccan, Thelamite, etc), and many others are maligned and sometimes even persecuted, because of what they believe. It's different, therefore it's wrong. To compare the CoS to Catholisim (as the initial poster did) calling one a religon and the other a scheme is simply wrong. A religon is a religon. There is not one that is without is failings and skeletons in their closets. But then, there is not one that anyone can say 'That isn't really a religon, because it's not like this one."
I don't claim to be an expert on Catholic ways, as I said before, my experience with their monetary system is brief.
I will however, point out that the response I made about buying the papal seat, has merit. the poster claimed that it couldn't be done, when it fact it has been done many, many, times.
I am not condeming the catholic Church because it happened... only pointing out that it's not impossible.
I contritly retract any statement that might lead one to believe that I felt the catholic church was any more a scam, or any less a religon than any of the others in existance.
My apologies.
Well, in actuality, Catholics, just like many christian religons, do require money from their sheep^H^H^H^H^Hmembers. It's called a tithe. 10% of gross (not net).
And if you think that money can't buy the papal seat... do some research in history. The big phallic hat has been bought more than once. It's been picked up by powerful families who paid off others to get where they needed to be (see Borgias)... it's been outright bought several times.
All religons are the same... it's only the number of people who agree with it that gives legitimacy to one over the other.
> Plenty of providers will agree with me.
Not really. Your defination is rather unique, I believe. Most, if not all providers I've worked with define Spam as UBE.... The name Spam came from the famous Python sketch where the Vikings keep singing "Spam, Spam, Spam, Spam, Spam, Spam". The similarity is that it was Bulk and unsolicited. They were not forging the headers of anything.
As hackers, developers and coders, many of us employ a technique called "code reuse". While neither making an argument for or against creation. It is unreasonable to call this proof of anything.
One can argue that the genome shows ancestry. At the same time one could argue that it shows that God had a basic codebase for life and was able to use it to base everything else off of, ergo. code reuse.
Evolution will always be a theory. It will never be possible to prove that life got here from evolution. Short of God popping by for a visit... or Armeggedon (the biblical one), Creation will always be a matter of faith (sort of like a theory).
It ran beautifully in San Jose at LWCE
I have nothing but good things to say about VA. Jason and Zack assisted our team in pulling of an extremely sucessful project.
Well, other than calling into question the integrity of Interhack, myself and the entire story... I gues you little joke was harmless. Right??
Hi Jay,
Haven't seen you in eons...
BTW- I was in no way involved with this particular project. If you'd care to read the Interhack information, my name is not listed on any of the "cookie" investigations.
Have a Good Day.
D Clyde Williamson
Lord of The Distros
by D Clyde Williamson
Three Distros for hacker gurus,
with just a CLI.
Seven Distros for Linux geeks,
with tarballs to compile.
Nine Distros for Wannabes,
that self-install.
One Distro for the Dark Lord,
in his dark home.
In the land of Redmond where shadows lie.
One Distro to rule them all,
One Distro to find them,
One Distro to bring them all,
And in binaries only bind them.
In the land of Redmond where the shadows lie
But does he like to bathe?
So who thinks that this site just might end up on the "Adult" list in Mattel's censorware product?
Would it be too difficult to have a thrid-party group check code? I submit that we could put a group of code reviewers in place that would sign NDA's with companies that develop closed source apps (ones that are suspected of containing GPL'd code). This group wouldn't need to be code gurus or even GNUGeeks. The group could offer their services to any closed-soruce group. Once the code is checked everyone's happy. If the company won't allow the code to be checked, then would there be a legal recourse? Thoughts?
Nope, I just exploited it on a site that I have no rights on...
c e=2
http://www.wiretrip.net/rfp/p/doc.asp?id=45&ifa
Try it yourself....
http://www.wiretrip.net/rfp/p/doc.asp?id=45&iface= 2
Grab the perl code at the bottom... and behave yourself!!!
Besides, have you ever seen MS code that is this "leet"? I mean, if MS wrote this it would be full of bugs, security holes, and likely not work without a Service Pack.
DDOS SP 2
:)
I think you're missing what I'm saying... this isn't to intimidate the child. It's simply to keep the parent informed "if they so desire". That's all. Most likely many parents wouldn't care what their child was viewing... for the parents that do care, then they should teach their child in whatever way they deem proper.
It is obvious that "censorware" is a fatally flawed tool. Using technical solutions for social issues doesn't work. However, it's also clear that many parents don't want a T-1 full of porn available to their child every Monday through Friday. So I'd like feedback on the following proposal:
In areas where minors have access to public internet services (school/libraries), they would be given an account. This account would be accessible via a smart "library" card. The account is identified by account# only. These account#'s are logged along with sites that are visited by minor. At the request of a parent/gaurdian, a report can be generated so that they can determine if their child is acting within the acceptable boundaries set by the family unit. No one else would be permitted to use this reporting tool. This takes censorship out of the hands of everyone except the people legally responsible for the minor.
I belive that this approach removes all unnecessary layers of argument and leaves us with one question:
Should anyone (parents/gaurdians included) have the right to control what their child sees/hears/views for entertainment/etc. ?
This question obviously has a precedence: Children under 18 are not permitted to purchase pornography, tobacco, etc. However, a parent could permit their child to have such things. Perhaps by purchasing the items for the minor.
Please give me your thoughts....
I recall visiting the "Hut" with an old engineer that had me in "Jedi training". He was really interested in the new 2 Meter HT (Handi-Talkie). He inquired about battery life and the sales guys said " This battery will last all day". Wayne looked down at him,( Wayne was about 6' 2" and 280lbs, big white beard, kinda like a very very grouchy Santa) and said, "You don't know what the fsck you're talking about, do you?" The sales guy blinked and said "Ummm, well not really..."
We left and I laughed all the way back to the office.
http://www.woz.org has an article about how the NYT tried to mask a pro-MS article as if it were written by Woz. This kind of stuff is getting silly. I can't believe posters.... Pro-MS posters may be MS employees... ArtX anonymous posers (note the spelling). Sigh, I guess it's time to remember... Don't believe anything you hear or read, and only half of what you see.
(Note: MS video evidence would fall into the other "half of what you see")