In the time it takes to write a VB program, I can churn out 3 or 4 Perl programs of equal complexity, because I don't have to fiddle around with the GUI to do it. And my Perl programs will, in general, be more flexible, more robust, and 100% more cross-platform-able.
And since perl/TK works just fine on windows, you're not getting hurt at all, it's just all value-added. Oh, and you don't have to pay $1K+ (US) for the compiler.
Any program that translated VB to Perl would, by necessity, generate ugly code because VB code is just generally ugly. Better to do the job right the first time, I say. Or, you can always just wait for Micro$oft to come up with VB for Unix. >:)
Sorry about that. It's been a long time since I had a combinatorics class. It's signifcantly more than 2540. (for some reason, I was thinking probability and got confused)
I would say, however, that its pretty damned likely that the username/passwd combo is based on dictionary words, since we're supposed to "guess the password". Running crack on it might be a good idea. Or, there's always the "root the server" option.:) And never underestimate the "torturing sales clerks" options. Like, for example, show up every day, look around, say "I'm just looking" for about an hour or two. Every day. Try on backpacks. Inspect wallets. Tell other customers just how shoddy the goods are. Sing show tunes, loud and off-key. None of it is strictly illegal, so I bet after a week or two of this, they'll break down. Oh yes, they'll break. {evil grin}
True crackers don't just use computers to gain access.
Or maybe it could be a euphemism for a server being brought down (via cracker, slashdot effect, whatever) in a brutal and terrible manner because of the stupidity and banality of its content. Like "whoops... looks like after Rob put the story up, the server got kiplinged in 15 minutes."
heh.
And if we got a story posted on slashdot with the title "New jargon phrase" it would get snapped up by the big news sites. I like that idea. Of course, that's just my own little sadistic side. Death, pain and suffering to the infidels!
They give us the length of the username and password on the page. Its also hard-coded into the javascripting. Apparently, the username and password decode the ascii-based url and you just go there when you win.
So, lets look at this from a cracker standpoint. 127 characters are allowed, 20 positions they could be in, which means there are only 2540 possibilities.
That makes it a trivial task to try every one of those keys, decode it with their script, and get the Url. Then you hit their server with the url, if it comes back 404 not found, too bad, but if it hits one of the two "winner" urls, I get a cookie. And a slashdot hat.
On my system, running at 300 mhz, it should take less than 20 minutes to go through all possible combinations. The hard part is writing code to do it, becuase I hate javascript with the passion of a thousand white-hot suns. Hm. Maybe I'll just do it in Perl.
There's probably an overt weakness in the encoding, too, but the cryptotext is the password itself, and I don't know either the plaintext or the cryptotext. Just the key. That makes it a bit more complicated.
I say, lets all slashdot the place into the ground and show them what real hackers are all about. The "typical hacker" section made me physically ill. Typical, uninformed corporate marketing trying to appeal to kids who don't even know the meaning of hack.
I think they're getting "hacker" confused with "cracker" most of the time. I say we kill it with the almighty Slashdot Effect! Let them all tremble at our might and magicks!
While we're on the subject, an idea I've been playing with for quite some time is implementing perl as an OS kernel. Perhaps using the ext2fs and large portions of the Linux kernel as a base for hardware access and multitasking, but everything even remotely user-land using entirely Perl as the base.
Yes, its going a bit overboard on the Perl language. Still, such an OS would be enormously fun to play with. At least, I think so.
Gee, and I thought it was a CG trick the whole time. Silly me. Now it'd be really cool if I could get my hands on about 60 quickcams.... I guess that means I'm going to run out of parallel ports real quick.
Where I work (for a major defence contractor) we use similar devices for cooling things where there's no possibility for airflow (i.e. the displays in an aircraft cockpit).
They're really not all that new technology, as I recall. The concept is simple, based somewhat on the idea of a Peltier Junction.
A Peltier Junction is formed when two dissimilar metals are physically bonded. If you put a current across this, heat is transferred from one side to the other. Thermoelectric coolers use a similar idea, but use massive arrays of specialised semiconductor diodes to achieve the same task much more efficiently.
We get ours from ITI-ferrotec and they have a pretty good web site explaining the basic concepts, as well as how to use a thermoelectric cooler in certain applications. If you let one run uncontrolled, it could easily develop frost like the web page indicates. It's typical to see TEC's with a temperature differential above 40 degrees C.
Most applications where you want to avoid frosting your sensitive electronics require a controlled feedback loop where you can vary the current to the device based on its temperature. Just power cycling them (as with a standard thermostat) is fairly detrimental to their life-span, so in high-reliability applications (like the displays in aircraft cockpits) we have to use a specially programmed microcontroler driving a darlington power transistor to control the current, combined with a thermocouple sensor to monitor the temperature on both sides of the device.
Even more interesting is that if you reverse the power to the TEC, the heat flow will also reverse. Great for when you have to start up your F-16 on a really cold morning and the LCD has frozen up.
Slashdot Mirror
Yay, flamebait!
And since perl/TK works just fine on windows, you're not getting hurt at all, it's just all value-added. Oh, and you don't have to pay $1K+ (US) for the compiler.
Any program that translated VB to Perl would, by necessity, generate ugly code because VB code is just generally ugly. Better to do the job right the first time, I say. Or, you can always just wait for Micro$oft to come up with VB for Unix. >:)
I would say, however, that its pretty damned likely that the username/passwd combo is based on dictionary words, since we're supposed to "guess the password". Running crack on it might be a good idea. :)
Or, there's always the "root the server" option.
And never underestimate the "torturing sales clerks" options. Like, for example, show up every day, look around, say "I'm just looking" for about an hour or two. Every day. Try on backpacks. Inspect wallets. Tell other customers just how shoddy the goods are. Sing show tunes, loud and off-key. None of it is strictly illegal, so I bet after a week or two of this, they'll break down. Oh yes, they'll break. {evil grin}
True crackers don't just use computers to gain access.
Or maybe it could be a euphemism for a server being brought down (via cracker, slashdot effect, whatever) in a brutal and terrible manner because of the stupidity and banality of its content. Like "whoops... looks like after Rob put the story up, the server got kiplinged in 15 minutes."
heh.
And if we got a story posted on slashdot with the title "New jargon phrase" it would get snapped up by the big news sites. I like that idea. Of course, that's just my own little sadistic side. Death, pain and suffering to the infidels!
So, lets look at this from a cracker standpoint. 127 characters are allowed, 20 positions they could be in, which means there are only 2540 possibilities.
That makes it a trivial task to try every one of those keys, decode it with their script, and get the Url. Then you hit their server with the url, if it comes back 404 not found, too bad, but if it hits one of the two "winner" urls, I get a cookie. And a slashdot hat.
On my system, running at 300 mhz, it should take less than 20 minutes to go through all possible combinations. The hard part is writing code to do it, becuase I hate javascript with the passion of a thousand white-hot suns. Hm. Maybe I'll just do it in Perl.
There's probably an overt weakness in the encoding, too, but the cryptotext is the password itself, and I don't know either the plaintext or the cryptotext. Just the key. That makes it a bit more complicated.
More news to come...
Patrick N. Fitzgerald
I think they're getting "hacker" confused with "cracker" most of the time. I say we kill it with the almighty Slashdot Effect! Let them all tremble at our might and magicks!
While we're on the subject, an idea I've been playing with for quite some time is implementing perl as an OS kernel. Perhaps using the ext2fs and large portions of the Linux kernel as a base for hardware access and multitasking, but everything even remotely user-land using entirely Perl as the base.
Yes, its going a bit overboard on the Perl language. Still, such an OS would be enormously fun to play with. At least, I think so.
Gee, and I thought it was a CG trick the whole time. Silly me. Now it'd be really cool if I could get my hands on about 60 quickcams.... I guess that means I'm going to run out of parallel ports real quick.
Where I work (for a major defence contractor) we use similar devices for cooling things where there's no possibility for airflow (i.e. the displays in an aircraft cockpit).
They're really not all that new technology, as I recall. The concept is simple, based somewhat on the idea of a Peltier Junction.
A Peltier Junction is formed when two dissimilar metals are physically bonded. If you put a current across this, heat is transferred from one side to the other. Thermoelectric coolers use a similar idea, but use massive arrays of specialised semiconductor diodes to achieve the same task much more efficiently.
We get ours from ITI-ferrotec and they have a pretty good web site explaining the basic concepts, as well as how to use a thermoelectric cooler in certain applications. If you let one run uncontrolled, it could easily develop frost like the web page indicates. It's typical to see TEC's with a temperature differential above 40 degrees C.
Most applications where you want to avoid frosting your sensitive electronics require a controlled feedback loop where you can vary the current to the device based on its temperature. Just power cycling them (as with a standard thermostat) is fairly detrimental to their life-span, so in high-reliability applications (like the displays in aircraft cockpits) we have to use a specially programmed microcontroler driving a darlington power transistor to control the current, combined with a thermocouple sensor to monitor the temperature on both sides of the device.
Even more interesting is that if you reverse the power to the TEC, the heat flow will also reverse. Great for when you have to start up your F-16 on a really cold morning and the LCD has frozen up.