The time spent gaining the knowledge required to hack, the joy of successfully hacking, getting caught, dealing with the Feds, the time spent in jail, dealing with lawyers, dealing with the FCC, the fame, the media exposure, your new book, your new career, the possibility of making millions off of a movie deal, the possibility of making more money than you could have ever imagined because of who you are now, your future, etc....
Note that doing this is not smart, but here is how it can be done in WindowsNT. The registry in Windows2000 is not much different so it should work. MS's KnowledgeBase has an article on how to set this up if you need more details.
In the following registry key: HKEY_LOCAL_MACHINE -> Software -> Microsoft -> WinNT -> CurrentVersion -> WinLogon
Set the following registry values:
AutoAdminLogon -> 1
DefaultUser -> luzer
DefaultPassword -> password
DefaultDomain -> somedomain
Then reboot the system and logon as luzer. Now everytime the system is turned on, the system will automatically logon as luzer.
The above information was from memory, so you should verify it's accuracy before using it. Since Windows2000 likes to use Active Directory for everything, the DefaultDomain entry may have changed.
I still use 2.2.x kernels because Openwall hasn't released a stable patch for the 2.4.x kernels yet. Don't even mention the GRSecurity patches. I've heard it's been getting better, but when it first came out the patch itself was ugly.
I just received my $200 Walmart special yesterday. So far I'm more than happy with it. I had originally planed on installing Slackware as soon as I recieved it, but I decided to mess around with Lindows first. The default desktop is a heavily modified version of KDE that looks very similar to a Windows 2000 desktop. Microsoft Excel, PowerPoint, and Word Viewers are listed in the "Start" menu, but they don't seem to work (haven't looked into it yet). The mouse scroll wheel is configured to work by default. The default daemons listed by netstat as listening for new connections are smbd, cupsd, lisa, and dhclient. The thing I don't like so far is that the system auto logs into Xwindows as root!!
The only thing that I'm worried about is the cheap components breaking. If they don't, then the sytem is more than worth it. I'm seriously thinking about buying another one to upgrade my Pentium 90 firewall.
But it would only take one librarian to comply with the FBI's demand. And that could be accomplished by a cluefull manager. So you would have to ask EVERY librarian and manager at a library before you would find the answer you were looking for.
[evil thought]
I think I'll host a few GPL licensed projects on their servers, and hope MS incorporates the source into their own code base. Then I can sue them for everything they have and take over the world!!
muahahaha
Re:now if only people will read it...
on
Hacker Culture
·
· Score: 2
The case goes back more than 10 years, when Bowers and Baystate Technologies had competing add-on products for CadKey, a computer-aided design product. In 1991, Baystate released a new version of its product that Bowers felt duplicated too closely the menu structure of its interface template for CadKey.
It's scray to think that someone lost a case because their menu structure resembled a competitors menu structure too closely. How long will it be before MS sues the companies/developers of every other competing office suite because of the menu structure?
That would forward _EVERYTHING_ to them. If you are going to do that, you might as well switch the email address with narc@fbi.gov. You need something to filter on:
# forward to ftc :0c
* ^X-Spam-Status: Yes
! uce@ftc.gov
This is a big deal. All of the distributions are selling and providing precompiled binaries and packages ready for installation and use. If they have to start removing sections of the kernel (say for instance large portions of VM) because of patent problems, then Linux in general has some very serious problems.
Patent issues have already caused problems with the way distributions distribute packages. I recently ran across a problem in Slackware because IDEA and several other cyphers were not compiled in to the openssl packages because of a patents.
From the SlackBuild script used to create the packages:
# These are the known patent issues with OpenSSL:
# name # expires
# MDC-2: 4,908,861 13/03/2007, not included.
# IDEA: 5,214,703 25/05/2010, not included.
# RC5: 5,724,428 03/03/2015, not included. ./config --prefix=/usr --openssldir=/etc/ssl 386 no-mdc2 no-idea no-rc5
From the README in openssl-0.9.6e:
PATENTS
-------
Various companies hold various patents for various algorithms in various
locations around the world. _YOU_ are responsible for ensuring that your use
of any algorithms is legal by checking if there are any patents in your
country. The file contains some of the patents that we know about or are
rumored to exist. This is not a definitive list.
RSA Security holds software patents on the RC5 algorithm. If you
intend to use this cipher, you must contact RSA Security for
licensing conditions. Their web page is http://www.rsasecurity.com/.
RC4 is a trademark of RSA Security, so use of this label should perhaps
only be used with RSA Security's permission.
The IDEA algorithm is patented by Ascom in Austria, France, Germany, Italy,
Japan, the Netherlands, Spain, Sweden, Switzerland, UK and the USA. They
should be contacted if that algorithm is to be used; their web page is
http://www.ascom.ch/.
As for as I can tell, LRP is slowly being replaced by LEAF(http://leaf.sourceforge.net). The mailing list is still active, but there doesn't seem to be a whole lot of development going on (of cousre, LRP looked like that a couple of years ago when I was interested in it:). http://lrp.c0wz.com, which was a great site for information, is down and it's difficult to find an active mirror of the old site.
I've had that happen a few years ago. I traveled to a part of the US that I'd never been to before and used Hotmail to keep up on email. Within a couple of days, I was getting spam targeted for businesses in that area. This surprised me because I didn't even know what the URL's were for the businesses in that area. The people I was sending and receiving emails from also started to receive the same spam. The only explanation was that someone in that area (an ISP?) was sniffing email addresses and then selling them.
at least according to MS. From an email sent to BUGTRAQ regarding this problem:
-= VENDOR INFORMATION =-
Microsoft was informed about this issue on Feb 8 2002. After some mail exchaning between Microsoft Security Response Center and I, Microsoft finally stated this:
In terms of the definition of a security vulnerability which we discuss at http://www.microsoft.com/technet/treeview/default. asp?url=/TechNet/colum
ns/security/vulnrbl.asp crashing a browser would not be regarded as a security vulnerability.
I'd like to interrupt this regularly scheduled troll fest and take the opportunity to complain about the new large ads.
When viewing/. in "light" mode, the large ads don't play very nice. They cover up the buttons to change the threshold and to reply to the article (as viewed with Mozilla (I don't care about how well your browser displays them as I don't use your browser!)).
On a personal note, I don't see how the large ads will generate more revenue or clicks. They are simply more annoying then the old ad size. The products they advertise are more memorable. But when I see the product somewhere else, all I think of is, "That's that product in those fucking annoying ads!"
Thank you for you time. We now return you to your regularly scheduled troll fest...
A few months ago my email address ended up on a Korean spam list. I've been using the following procmail rule since:
:0: * (^From:.*\.kr |\
^.*ks_c_5601) SPAM
It catches about 95% of the spam from Korea. It's sad that I've had to resort to filtering email from an entire country.
What has amazed me about the whole thing is the spam I receive from there is usually written in the ks_c_5601-1987 character set. Since Korean is not a really popular language throughout the world, the chances of someone understanding the spam is very slim (I haven't been about to find a good Korean to English translator that actaully works). IMHO, the spammers are just wasting their time.
Transition
on
Debian NetBSD
·
· Score: 4, Insightful
Not too long ago, someone made the comment on slashdot about the general progression of Linux users. As a users becomes more experienced with Linux, they tend to shift from:
Mandrake/RedHat -> Debian/Slackware -> *BSD
It seems that Debian is going to make that last transition a little easier.
Things that make you go hmmmmm
on
Linux Virus Alert
·
· Score: 5, Interesting
Managed security provider Qualys obtained a copy of one new variant last month from an "outside source," according to Gerhard Eschelbeck, vice president of engineering.
So he wasn't actually infected by it. Sounds like
someone gave him a proof of concept prototype.
To date there have been "limited" reports of the new RST variant in the wild, according to Eschelbeck.
Reports to who?
To replicate, the virus requires users to run an infected program from an account with "root" permissions.
Only a complete moron would run would do this.
Although many Linux users do not run anti-virus software, they are generally more sophisticated about security threats and are unlikely to click on executable e-mail attachments, he said.
Exactly. From what I've heard else where, it sounds like the "virus" is similar to the old COM virues from the MSDOS days. Yes, they may have a copy of a "virus", but the whole thing sounds fishy to me.
The ruling centers around the question whether this was a wiretap of the phone line. The FBI had search warrants to obtain the passwords, but they did not have a wiretap order for his phone (Scarfo used AOL dialup). Thus, if the keystroke monitor was active while he was chatting on IRC, then it would be the equivalent to a phone wiretap of his AOL communications.
In order to combat this, the FBI designed their keylogger to go innactive while the modem was connected.
So what happens to those that have a seperate computer used as a firewall. How would the keylogger on one computer know when the modem on another computer had an active link?
And how many people have moved their computers to allow easy inspection of the back of it for any "additional" hardware?
There was some discussion about Linux running on PS2 at a TFUG meeting last night. Someone asked if NetBSD had been ported to it yet. The only reason Linux beat NetBSD in being the first to run on PS2 was because of the big corporate push. I'm not knocking Linux, it's just that the NetBSD developers have _ALOT_ more experience with porting an OS to different architectures(it has currently been ported to 46!!).
How much is someone willing to bet that NetBSD will beat Linux in being the first OS to run on an XBox?
Is there a good reason they're rowing against the gulf stream and the prevailing winds?
I don't know what you are thinking, but the Gulf Stream runs along the North American continent. The actual course that the rowers will take goes no where near the Gulf Stream. And yes, they will be going with the prevailing winds and currents.
Slashdot Mirror
The time spent gaining the knowledge required to hack, the joy of successfully hacking, getting caught, dealing with the Feds, the time spent in jail, dealing with lawyers, dealing with the FCC, the fame, the media exposure, your new book, your new career, the possibility of making millions off of a movie deal, the possibility of making more money than you could have ever imagined because of who you are now, your future, etc....
Was it all worth it?
Some information and pics on those GPS Jammers.
m l
http://www.qsl.net/n9zia/wireless/gps_jam-pics.ht
Note that doing this is not smart, but here is how it can be done in WindowsNT. The registry in Windows2000 is not much different so it should work. MS's KnowledgeBase has an article on how to set this up if you need more details.
In the following registry key: HKEY_LOCAL_MACHINE -> Software -> Microsoft -> WinNT -> CurrentVersion -> WinLogon
Set the following registry values:
AutoAdminLogon -> 1
DefaultUser -> luzer
DefaultPassword -> password
DefaultDomain -> somedomain
Then reboot the system and logon as luzer. Now everytime the system is turned on, the system will automatically logon as luzer.
The above information was from memory, so you should verify it's accuracy before using it. Since Windows2000 likes to use Active Directory for everything, the DefaultDomain entry may have changed.
I still use 2.2.x kernels because Openwall hasn't released a stable patch for the 2.4.x kernels yet. Don't even mention the GRSecurity patches. I've heard it's been getting better, but when it first came out the patch itself was ugly.
What's the chance that MS will release the source code for MS-DOS?
/me ducks
I just received my $200 Walmart special yesterday. So far I'm more than happy with it. I had originally planed on installing Slackware as soon as I recieved it, but I decided to mess around with Lindows first. The default desktop is a heavily modified version of KDE that looks very similar to a Windows 2000 desktop. Microsoft Excel, PowerPoint, and Word Viewers are listed in the "Start" menu, but they don't seem to work (haven't looked into it yet). The mouse scroll wheel is configured to work by default. The default daemons listed by netstat as listening for new connections are smbd, cupsd, lisa, and dhclient. The thing I don't like so far is that the system auto logs into Xwindows as root!!
The only thing that I'm worried about is the cheap components breaking. If they don't, then the sytem is more than worth it. I'm seriously thinking about buying another one to upgrade my Pentium 90 firewall.
But it would only take one librarian to comply with the FBI's demand. And that could be accomplished by a cluefull manager. So you would have to ask EVERY librarian and manager at a library before you would find the answer you were looking for.
Damn. The MS PR trolls are out in force tonight. I can't even do a Pinky and the Brain imitation without having them turn on me.
[evil thought]
I think I'll host a few GPL licensed projects on their servers, and hope MS incorporates the source into their own code base. Then I can sue them for everything they have and take over the world!!
muahahaha
WPB Protocol . . . good April Fool RFC material.
Damn, when I first read it I thought it said an Interview with a Dry Martini. I don't know about you, but the second one sounds much more enjoyable.
It's scray to think that someone lost a case because their menu structure resembled a competitors menu structure too closely. How long will it be before MS sues the companies/developers of every other competing office suite because of the menu structure?
# forward to ftc
* ^X-Spam-Status: Yes
! uce@ftc.gov
Patent issues have already caused problems with the way distributions distribute packages. I recently ran across a problem in Slackware because IDEA and several other cyphers were not compiled in to the openssl packages because of a patents.
From the SlackBuild script used to create the packages:
From the README in openssl-0.9.6e:
As for as I can tell, LRP is slowly being replaced by LEAF(http://leaf.sourceforge.net). The mailing list is still active, but there doesn't seem to be a whole lot of development going on (of cousre, LRP looked like that a couple of years ago when I was interested in it:). http://lrp.c0wz.com, which was a great site for information, is down and it's difficult to find an active mirror of the old site.
If they made a gyro mouse in the shape of a gun, they probably wouldn't be able to build them fast enough.
I've had that happen a few years ago. I traveled to a part of the US that I'd never been to before and used Hotmail to keep up on email. Within a couple of days, I was getting spam targeted for businesses in that area. This surprised me because I didn't even know what the URL's were for the businesses in that area. The people I was sending and receiving emails from also started to receive the same spam. The only explanation was that someone in that area (an ISP?) was sniffing email addresses and then selling them.
I'd like to interrupt this regularly scheduled troll fest and take the opportunity to complain about the new large ads.
/. in "light" mode, the large ads don't play very nice. They cover up the buttons to change the threshold and to reply to the article (as viewed with Mozilla (I don't care about how well your browser displays them as I don't use your browser!)).
When viewing
On a personal note, I don't see how the large ads will generate more revenue or clicks. They are simply more annoying then the old ad size. The products they advertise are more memorable. But when I see the product somewhere else, all I think of is, "That's that product in those fucking annoying ads!"
Thank you for you time. We now return you to your regularly scheduled troll fest...
A few months ago my email address ended up on a Korean spam list. I've been using the following procmail rule since:
:0:
* (^From:.*\.kr |\
^.*ks_c_5601)
SPAM
It catches about 95% of the spam from Korea. It's sad that I've had to resort to filtering email from an entire country.
What has amazed me about the whole thing is the spam I receive from there is usually written in the ks_c_5601-1987 character set. Since Korean is not a really popular language throughout the world, the chances of someone understanding the spam is very slim (I haven't been about to find a good Korean to English translator that actaully works). IMHO, the spammers are just wasting their time.
Not too long ago, someone made the comment on slashdot about the general progression of Linux users. As a users becomes more experienced with Linux, they tend to shift from:
Mandrake/RedHat -> Debian/Slackware -> *BSD
It seems that Debian is going to make that last transition a little easier.
And how many people have moved their computers to allow easy inspection of the back of it for any "additional" hardware?
There was some discussion about Linux running on PS2 at a TFUG meeting last night. Someone asked if NetBSD had been ported to it yet. The only reason Linux beat NetBSD in being the first to run on PS2 was because of the big corporate push. I'm not knocking Linux, it's just that the NetBSD developers have _ALOT_ more experience with porting an OS to different architectures (it has currently been ported to 46!!).
How much is someone willing to bet that NetBSD will beat Linux in being the first OS to run on an XBox?
This map shows the courses that rowers took during a similar race in 1997.
http://www.challengebusiness.com/row/tracking1997