If I remember correctly NT drop anything after the first 8 characters so the password is actually "Fgpyyih8"
You do not remember correctly. LM hashes are created by hashing the first seven characters and the second seven characters, and truncating the hashes together. Yes, instead of having to brute force one fourteen character password, you have to brute two seven character passwords, a much easier proposition.
The hashes are created by using DES56 on the password chunks with a known key. In practice, I've used a DVD with rainbow tables and retrieved 99%+ successfully. For those I need 100%, I have a USB drive with a complete keyspace set of rainbow tables. Works everytime...
If you decompress the single download file, you'll find many separate components, including RealVNC (not GPL), and (interestingly) UltraVNC (GPL). Depending upon how you want to interpret the GPL, they do indeed appear to be in violation, as they distributed it (vncultra.exe), and apparently refuse to offer source. In fact, I can't find any license at all on their site, yet another GPL violation.
Yes, and to further drive home the distinction, they could even place it under a different domain. Something like, Fark.com perhaps... /kidding //this is probably too irrelevant even for Fark ///slashies on Slashdot
Dang! If you had a 5 digit or lower UID, that comment would have been even funnier!
(metamod note: Consider the context of this comment before moderating. Gawd, I love self-referential humor...)
Old dead thread, time for me to say anything I want. Yippee, no karma damage! Ok, where were we?
If you can't beat 'em, join 'em, is that what you are saying? No, didn't say that... Too much crime in the streets, so we should all just go out an do some murdering, ourselves? Hey, nice strawman you have there! Face it: You have not even TRIED to fight this. You have voted for the popular candidates even though you suspected they were corrupt. (And you did not bother to research things to make sure, because you were afraid of what you would find!) Get stuffed. It is exactly that kind of attitude that got us in the situation we are now in.
I have never voted for a democrat or a republican. You're a (f|t)ool. Before you can fight injustice, you must first identify it. (Hint: Follow the money...)
Nice try, kiddo. No, wait, that was terrible. Care to try again?
Your take is wrong. Just because privacy is hard doesn't mean it's dead.
Privacy is dead... For Joe Sixpack. Bruce finally got that somewhere between Applied Cryptology and Secrets and Lies. The Powers-That-Be will never allow common privacy measures for the masses. On the political side, they just trumpet terr'sts and baby-rapers, and the great majority will hand them the keys (sometimes literally).
Does that mean you can't keep your secrets? Not at all! You know how. Just don't come up on their radar, or you'll be facing the "classic" cryptoanalysis techniques (e.g. black bag job, "rubber hose" cryptoanalysis, etc.).
When you've managed to capture your whole neighborhood's phone traffic and can pick keywords out of fifty or a hundred people's phone traffic, (which NaturallySpeaking won't do without training) call me
Sure, I can do that... That is, if I don't mind the risk of a felony conviction. (FBI types don't have that issue, obviously...) I bet you could do it with a single PC as well.
The point was not how to build a large scale system. The point was that building a large scale system is fairly easy to do. I'm sure the feds a) farmed out the job, and b) paid way too much for it because it sounds "hard" to an IT novice!
Technically this could go on through each level of the US federal court system, all the way up to the US Supreme Court,
Well, no, not exactly. If my years of lurking at Groklaw have taught me anything, it's that for an appeal to be granted, there has to be a matter of law in dispute. I don't know if there is such a matter or not, but no, you can't appeal just because you didn't like the verdict...
and even though you are "renting" the ability to play the music,
Have you read one too many EULAs? You do not rent anything. As long as you are consistent with copyright law (including fair use provisions), you are free to do whatever you want with what you bought and paid for! These is no license, there is no contract, and there is no "renting", regardless of what the media companies might want you to think...
You can't forget about the extreme cold. Space is a very, very cold place. One might think frostbite could be an issue.
It's not quite that easy. Space is not cold (nor warm). Things in space may be warm or cold. How do you lose heat in space? Well, there's no convection because there's no air. You would only lose heat via radiation, a much slower process. For the purposes of this discussion, I think you could ignore temperature, as you would perish well before a drop in heat got ya...
Patent? Prior art. Heck, my Verizon Razr has been doing this since day one. I have to load a special driver to get it to charge from my laptop's USB port. Without it, the screen just says "Unauthorized Charger"... It rejects any charger it didn't come with, even other Motorola chargers. Forget 3rd party devices. Bastards...
You want details? This trojan appears to be a variant of this nasty little bugger. (Warning: pdf). The link is to a detailed technical report on how it works, what it does, and how to decrypt data it encrypted. It was authored by Secure Science Corporation back in November of 2006.
Slashdot Mirror
If I remember correctly NT drop anything after the first 8 characters so the password is actually "Fgpyyih8"
You do not remember correctly. LM hashes are created by hashing the first seven characters and the second seven characters, and truncating the hashes together. Yes, instead of having to brute force one fourteen character password, you have to brute two seven character passwords, a much easier proposition.
The hashes are created by using DES56 on the password chunks with a known key. In practice, I've used a DVD with rainbow tables and retrieved 99%+ successfully. For those I need 100%, I have a USB drive with a complete keyspace set of rainbow tables. Works everytime...
Got it.
norad:~# echo "" | md5sum
68b329da9893e34099c7d8ad5cb9c940 -
Actually, it's:
Password:
LM Hash: AAD3B435B51404EEAAD3B435B51404EE
NT Hash: 31D6CFE0D16AE931B73C59D7E0C089C0
Windows password hashes are not MD5...
Brought to you by the "genhash" utility of the PassTheHash toolkit for Windows. (Google it, it's awesome.)
No, they bought some drivers so that they could incorporate them in to the x86 version of Solaris
And I think that was McNealy anyways, not Schwartz
So you say the beast has many heads, and some of the heads you like and others you don't... Funny, I don't like the entire beast...
If you decompress the single download file, you'll find many separate components, including RealVNC (not GPL), and (interestingly) UltraVNC (GPL). Depending upon how you want to interpret the GPL, they do indeed appear to be in violation, as they distributed it (vncultra.exe), and apparently refuse to offer source. In fact, I can't find any license at all on their site, yet another GPL violation.
I have requested source. Let's see what happens!
Yes, and to further drive home the distinction, they could even place it under a different domain. Something like, Fark.com perhaps...
/kidding
//this is probably too irrelevant even for Fark
///slashies on Slashdot
Dang! If you had a 5 digit or lower UID, that comment would have been even funnier!
(metamod note: Consider the context of this comment before moderating. Gawd, I love self-referential humor...)
The rise of the open-source community cannot be stifled by proprietary vendors. I guess not everyone's learned that lesson'.
Hey, didn't you help fund SCO's anti-linux FUDfest? Eff you!
You already have that feature - it's called a "Channel Lock".
Or his Kentucky cousin, "Vice Grips"!
So what should I call my "learning cluster" built from 1+n vm images? SoftWulf is more descriptive, but I like SquishyWulf...
It's way cheap, slow, and certainly capable of providing a learning platform. And unlike MicroWulf, I can distribute it, as it's all free software.
Oh wait, VirtuWulf! I like that one!
Old dead thread, time for me to say anything I want. Yippee, no karma damage! Ok, where were we?
If you can't beat 'em, join 'em, is that what you are saying?
No, didn't say that...
Too much crime in the streets, so we should all just go out an do some murdering, ourselves?
Hey, nice strawman you have there!
Face it: You have not even TRIED to fight this. You have voted for the popular candidates even though you suspected they were corrupt. (And you did not bother to research things to make sure, because you were afraid of what you would find!) Get stuffed. It is exactly that kind of attitude that got us in the situation we are now in.
I have never voted for a democrat or a republican. You're a (f|t)ool. Before you can fight injustice, you must first identify it. (Hint: Follow the money...)
Nice try, kiddo. No, wait, that was terrible. Care to try again?
Your take is wrong. Just because privacy is hard doesn't mean it's dead.
Privacy is dead... For Joe Sixpack. Bruce finally got that somewhere between Applied Cryptology and Secrets and Lies. The Powers-That-Be will never allow common privacy measures for the masses. On the political side, they just trumpet terr'sts and baby-rapers, and the great majority will hand them the keys (sometimes literally).
Does that mean you can't keep your secrets? Not at all! You know how. Just don't come up on their radar, or you'll be facing the "classic" cryptoanalysis techniques (e.g. black bag job, "rubber hose" cryptoanalysis, etc.).
When you've managed to capture your whole neighborhood's phone traffic and can pick keywords out of fifty or a hundred people's phone traffic, (which NaturallySpeaking won't do without training) call me
Sure, I can do that... That is, if I don't mind the risk of a felony conviction. (FBI types don't have that issue, obviously...) I bet you could do it with a single PC as well.
The point was not how to build a large scale system. The point was that building a large scale system is fairly easy to do. I'm sure the feds a) farmed out the job, and b) paid way too much for it because it sounds "hard" to an IT novice!
I wrote a quick n dirty guide to building your own Echelon system here. It's amazing how easy it is.
My take is this: Privacy is dead. The only way to keep the playing field level is to make sure everyone has access...
Even so, when the state drunk drivers attend AA, they don't force them to go to a gay and lesbian AA clubhouse. That is a better analogy.
I'm a gay/lesbian alcoholic, you insensitive clod!
My advice: download the music from p2p, and if you like it, just send the musicians fifteen bucks worth of drugs. Cut out the middlemen, so to speak.
Two, actually!
Technically this could go on through each level of the US federal court system, all the way up to the US Supreme Court,
Well, no, not exactly. If my years of lurking at Groklaw have taught me anything, it's that for an appeal to be granted, there has to be a matter of law in dispute. I don't know if there is such a matter or not, but no, you can't appeal just because you didn't like the verdict...
and even though you are "renting" the ability to play the music,
Have you read one too many EULAs? You do not rent anything. As long as you are consistent with copyright law (including fair use provisions), you are free to do whatever you want with what you bought and paid for! These is no license, there is no contract, and there is no "renting", regardless of what the media companies might want you to think...
I'd be alright if I could get a decent exchange rate for all these Simolions...
You can't forget about the extreme cold. Space is a very, very cold place. One might think frostbite could be an issue.
It's not quite that easy. Space is not cold (nor warm). Things in space may be warm or cold. How do you lose heat in space? Well, there's no convection because there's no air. You would only lose heat via radiation, a much slower process. For the purposes of this discussion, I think you could ignore temperature, as you would perish well before a drop in heat got ya...
We can now pitch the editors!
It won't cost manufacturers anything
Except their Windows OEM license!
Patent? Prior art. Heck, my Verizon Razr has been doing this since day one. I have to load a special driver to get it to charge from my laptop's USB port. Without it, the screen just says "Unauthorized Charger"... It rejects any charger it didn't come with, even other Motorola chargers. Forget 3rd party devices. Bastards...
Oh, yeah, Apple, um, good luck with that...
How many four gear models survived the war? They were installed in u-boats, which weren't noted for a long life expectancy.
QKGYE SYEBD ARELM YEKHD? QTDPO STWEK YEGDT MWKOI FDYUW ARRTK HQPTY NVDQK!
Why, did they unTivoize the GPLed software?
You want details? This trojan appears to be a variant of this nasty little bugger. (Warning: pdf). The link is to a detailed technical report on how it works, what it does, and how to decrypt data it encrypted. It was authored by Secure Science Corporation back in November of 2006.
If they can do it to a scumbag, they can do it to you too.
I am a scumbag, you insensitive clod!