No I'm not trolling, but sometimes I wonder if the writers of Klez / Sircam et.al, were infact white-hats trying to show the average MS user to take security seriously and patch there machine!
Yeah, every office worker knows something about this "security thing" and how the boss said they shouldn't write there passwords down. But only when they start getting mailed other peoples confidential info will they sit up, take notice and patch, or so you would think! Maybe it backfired a bit.
Incidently, try setting your gnutella client to look for.doc.xls and other MS extentions. The number of idiots who have misconfigured there clients (installed on work machines) to share there entire hard drive is worrying. Wake Up!
I once had an old DOS shareware program that acted as a "security suite". It worked as follows
When not at home you left the program running on your computer. A screen-saver poped up that looked like an official banking form. It said something like "Bank of XXXXX, cash ballence transfer $893.29 Press any key to continue" in a large, clear font.
The idea was anyone who broke into your house/rooms would see this and be unable to resist pusing a button. As soon as anything was pressed on the keyboard (except for an obscure escape code) the screen would flash "Intruder Alert - Notifying police" and make a hell of a lot of noise.
The program could also be set up to react ina similar way to mouse movement. The idea was you left your mouse on/behind a door or something. Intruder nudges mouse, alarm goes off.
The program must be out there on hte web somewhere... Anyone?
There are many ways around it. You can simply wrap your number plates in shiny plastic, so the flash would bounce off them, or you can buy more sophisticad devices that flash back at the camera.
Be very careful doing this!
A standard speeding / red light ticket is only £40 ( ~US$60) and three points.
Getting nicked for "Conspiricy to pervert the cause of justice" is not funny. You will get screwed. (Ask a few of the regulars on uk.rec.motorcycles!)
Speeking of which, the forward facing cammeras are becoming very popular now. Great for us bikers as there is no numberplate on the front of the bike. Most of us now consider it our duty to go past these flat out with a didget raised at the cammera:-)
can increase the efficiency of an incandescent electric bulb from 5 percent to greater than 60 percent. This is done by converting waste heat into visible light. "
Well
No shit!
How else do you improve the efficiancy of something!
This is exactly the stupid kind of stuff that companies do to prop up their stock price for the two weeks at the end of a quarter.
Seconded
Its the mentality that has your entire work-force working there arses off and giving them all the overtime under the sun at the end of the tax year.
As soon as the new tax year starts, everyone is sat around doing fuck-all as the company has overproduced. Talk about inefficeint!
The best solution is just to take the bean counters outside and give them a good kicking:-)
preloading systems with mis-directing and/or mis-incriminating evidence and planting them in places that investigators are sure to "find"
Slightly OT...
I recall reading a/. poster a while back who opened several web e-mail accounts in the names of known criminals and terrorists.
He sent random crap encrypted with PGP between them all:-)
There they found David lying semiconscious on the floor, his eyebrows smoking. Unaware that red phosphorus is pyrophoric, David had been pounding it with a screwdriver and ignited it.
Riiiight......
This dude is aparantly a chemistry mad geek with a thing for explosions, but doesn't know the properties of red phosphorus!
When you know it is a telemarketer, just set the phone next to any of the following for an extended period of time.
Nahhh.... too easy
You should piss about with them insted. eg
Them: Selling double-glassing (very common in UK) You: Sorry mate, my house dosnt have any windows (over time, tell em you live in a nuclear bunker or something)
Them: "I'm carrying out a survay for..." You: HAHA.... so am I !!! What are the chances of that!!!
Just keep 'em on the line and wind them up for as long as possable until they tell you to fuck off and slam the phone down!
The other alternative is yor very own free porn chatline. Just talk dirty for a bit and see how long it takes 'em to hang up:-)
Holding the slide on a handgun
on
Review: Panic Room
·
· Score: 3, Informative
Try this: hold a gun by its grip in your right hand. Place your left hand over the top of it, with your thumb behind the hammer. Pull the trigger. Scream in pain, as the motion of the slide breaks your thumb, and the ejecting shell casing burns your palm
Actually.....:-)
I do a bit of practical pistol shooting (and no I'm not a redneck nutter)
In practical pistol shooting the more power the ammunition has (Called making "Major"), the more marks you score when hitting the target. (This allows for the fact that more powerful recoil is harder to controal... hence deserves more points).
The power of your ammunition is measured at the start of the contest.
During the 'power factor measuring' at World Shoot 10 (held in the UK) members of the South African team would hold the pistol in two hands and brace both thumbs on the slide.
They would then fire there test round (usually 10mm or.38 Super....look up this calibre!) holding the slide closed with both thumbs.
Because the slide dosn't open, gas/propellant isn't wasted out of the ejection port and your bullet leaves the gun with even more power. (Course, you then have to work the slide manually to chamber a new carterage).
The best technique I have seen for this was a usenet.sig saying "Send spam here" and listing addresses of the spammers.
The poster had visited the websites the spammers were advertising (usualy p0rn sites) and collected legit e-mail addresses from the html source (usualy billing@ sales@ etc).
He/she added this to the usenet.sig (with the explanitory note) and let the spambots harvesting addresses do the work for them:-)
For under $100,000 you can take a one-hour flight that includes a mere 3 minutes of weightlessness
If its weightlessnes you are after, wouldn't it be a damn sight cheeper just to put a plane into a dive and float arround for a bit..... as in an astronoughts training. (The plane is in free-fall.... Exacly the same effect as being in orbit)
What do you get for your monney other than going on a plane that goes very high (tm) ?
Maybe slightly off topic... but I do recall reading that upon Alexander Graham Bells death, all the telephone networks went silent for a period of 1min (?) as a mark of respect.
If that happend today the world would panic
Would stock markets crash and water/rail etc networks to go tits-up because of a major 1min phone outage?
We dont realise how dependent we are on the telephone! (Also... try subsetuteing telephones for oil in the above post:-)
Google is brillient if you know what you are looking for. It finds the best pages straight away. However, when I'm idely surfing (tm) I use something else.... I want to wander around the 'net not be taken straight to my destination.
Bit like driving somewhare along the back roads. You never know what you might find
I guess I should know better than to let my helpful side show on slashdot.
You may have had the best intentions, but in reality (by uploading untrusted SSH binarys) you are encouraging people to take stupid risks.
Its farily obvious by uploading the binarys that you are not a security expert:-)
You ARE wrong! Read this about which PGP version to use.
Here is a cut 'n' paste of the intersting bit....
The Business versions allow you to set up how PGP will be used throughout an organization, and also allow for use of an
Additional Decryption Key (ADK); but do not really include anything of additional value to an individual user. The ADK is just a master key
used by an organization that all of its email/files is also encrypted to, so that if someone leaves the organization, there will still be access to
his/her encrypted files - It has absolutely nothing to do with concepts such as government key recovery.
it comes with some nice extras such as a very nice firewall
And that is partly the reason nobody bought it.
PGP evolved into a nice e-mail encryption program. NA added so much crap to this (VPN that hardly worked, Firewall, hard drive encyption) they forgot there core market..... secure E-MAIL and convincing people that it was nessisary!
(In a corperate enviroment, people alredy have firewalls etc... NA just made PGP more complex)
I actually bought a version of PGP Personal Security 7.0.3
YTC !!!
NA never published the source code for version 7. That was the reason Phil Zimmerman left NA.
Version 6.5.8 could be downloaded as freeware and is every bit as compatable!
Hes a typical windows user and won't read instructions.
That is a bit like giving someone keys to your house and not showing them how the funny lock works
For him to send a plaintext message that he thought was encrypted (because he didn't RTFM properly) could have been disasterous. In the same way that your friend not locking your door properly ('cos he didn't know how) could be disasterous
shows that any key less than 1024 can be "easily" cracked.
eh?
Yes some weeknesses have recently been discoverd in the RSA algoritham meaning that 1024 bit keys are less secure than people thought.
HOWEVER PGP defaults to a 2048 bit Diffie Hellman (sp?) key.
Not only that but PGP will happly accept DH keys up to 4096 bits (and RSA keys to 2048 bits if you are set on using RSA), just by changing the defaults!
I think your comment is missleading. Standard PGP keysizes are secure (and should remain secure for many more years) but uping the keysizes can be done very easily!
the simple definition you gave would also outlaw Mace, Pepper spray, and other devices commonly used by police forces.
The police are not millitary and therefore are not bound by chemical warfare / geneva convention and other such "international laws".
Thus the police can use tear gas etc but the army can't. As an example, look at the arguments surounding camp x-ray prisoners in deciding wheather they are civilians or millitary and thus, the conditions in which they can be held.
(Not that the average National Enquirer reader gives a damn of course)
Slashdot Mirror
No I'm not trolling, but sometimes I wonder if the writers of Klez / Sircam et.al, were infact white-hats trying to show the average MS user to take security seriously and patch there machine!
Yeah, every office worker knows something about this "security thing" and how the boss said they shouldn't write there passwords down. But only when they start getting mailed other peoples confidential info will they sit up, take notice and patch, or so you would think! Maybe it backfired a bit.
Incidently, try setting your gnutella client to look for .doc .xls and other MS extentions. The number of idiots who have misconfigured there clients (installed on work machines) to share there entire hard drive is worrying. Wake Up!
I once had an old DOS shareware program that acted as a "security suite". It worked as follows
When not at home you left the program running on your computer. A screen-saver poped up that looked like an official banking form. It said something like "Bank of XXXXX, cash ballence transfer $893.29 Press any key to continue" in a large, clear font.
The idea was anyone who broke into your house/rooms would see this and be unable to resist pusing a button. As soon as anything was pressed on the keyboard (except for an obscure escape code) the screen would flash "Intruder Alert - Notifying police" and make a hell of a lot of noise.
The program could also be set up to react ina similar way to mouse movement. The idea was you left your mouse on/behind a door or something. Intruder nudges mouse, alarm goes off.
The program must be out there on hte web somewhere... Anyone?
There are many ways around it. You can simply wrap your number plates in shiny plastic, so the flash would bounce off them, or you can buy more sophisticad devices that flash back at the camera.
Be very careful doing this!
A standard speeding / red light ticket is only £40 ( ~US$60) and three points.
Getting nicked for "Conspiricy to pervert the cause of justice" is not funny. You will get screwed. (Ask a few of the regulars on uk.rec.motorcycles!)
Speeking of which, the forward facing cammeras are becoming very popular now. Great for us bikers as there is no numberplate on the front of the bike. Most of us now consider it our duty to go past these flat out with a didget raised at the cammera :-)
can increase the efficiency of an incandescent electric bulb from 5 percent to greater than 60 percent. This is done by converting waste heat into visible light. "
Well
No shit!
How else do you improve the efficiancy of something!
This is exactly the stupid kind of stuff that companies do to prop up their stock price for the two weeks at the end of a quarter.
Seconded
Its the mentality that has your entire work-force working there arses off and giving them all the overtime under the sun at the end of the tax year.
As soon as the new tax year starts, everyone is sat around doing fuck-all as the company has overproduced. Talk about inefficeint!
The best solution is just to take the bean counters outside and give them a good kicking :-)
preloading systems with mis-directing and/or mis-incriminating evidence and planting them in places that investigators are sure to "find"
Slightly OT... /. poster a while back who opened several web e-mail accounts in the names of known criminals and terrorists. :-)
I recall reading a
He sent random crap encrypted with PGP between them all
And no, dont critisise me for doing this!
There they found David lying semiconscious on the floor, his eyebrows smoking. Unaware that red phosphorus is pyrophoric, David had been pounding it with a screwdriver and ignited it.
Riiiight......
This dude is aparantly a chemistry mad geek with a thing for explosions, but doesn't know the properties of red phosphorus!
Someone is yanking your chain :-)
When you know it is a telemarketer, just set the phone next to any of the following for an extended period of time.
Nahhh.... too easy
You should piss about with them insted. eg
Them: Selling double-glassing (very common in UK)
You: Sorry mate, my house dosnt have any windows (over time, tell em you live in a nuclear bunker or something)
Them: "I'm carrying out a survay for..."
You: HAHA.... so am I !!! What are the chances of that!!!
Just keep 'em on the line and wind them up for as long as possable until they tell you to fuck off and slam the phone down! :-)
The other alternative is yor very own free porn chatline. Just talk dirty for a bit and see how long it takes 'em to hang up
Try this: hold a gun by its grip in your right hand. Place your left hand over the top of it, with your thumb behind the hammer. Pull the trigger. Scream in pain, as the motion of the slide breaks your thumb, and the ejecting shell casing burns your palm
Actually..... :-)
I do a bit of practical pistol shooting (and no I'm not a redneck nutter)
In practical pistol shooting the more power the ammunition has (Called making "Major"), the more marks you score when hitting the target. (This allows for the fact that more powerful recoil is harder to controal... hence deserves more points).
The power of your ammunition is measured at the start of the contest. .38 Super ....look up this calibre!) holding the slide closed with both thumbs.
During the 'power factor measuring' at World Shoot 10 (held in the UK) members of the South African team would hold the pistol in two hands and brace both thumbs on the slide.
They would then fire there test round (usually 10mm or
Because the slide dosn't open, gas/propellant isn't wasted out of the ejection port and your bullet leaves the gun with even more power. (Course, you then have to work the slide manually to chamber a new carterage).
Don't try this at home though kiddies!
The best technique I have seen for this was a usenet
The poster had visited the websites the spammers were advertising (usualy p0rn sites) and collected legit e-mail addresses from the html source (usualy billing@ sales@ etc).
He/she added this to the usenet .sig (with the explanitory note) and let the spambots harvesting addresses do the work for them :-)
Critisising someones spelling is a bit like shouting "Hitler" in an argument.
You have just automaticaly lost :-)
Prof Alan Shore has done some work simmilar to this at Bangor university
For under $100,000 you can take a one-hour flight that includes a mere 3 minutes of weightlessness
If its weightlessnes you are after, wouldn't it be a damn sight cheeper just to put a plane into a dive and float arround for a bit..... as in an astronoughts training.
(The plane is in free-fall.... Exacly the same effect as being in orbit)
What do you get for your monney other than going on a plane that goes very high (tm) ?
Errrrrm,
Correcting someones spelling/grammer is a bit like shouting 'Hitler' in an argument.
You have just automaticaly lost. :-)
tarrif on media may be legit
Oh no it 'aint!
I use CD's solely to make HD backups and blank casstte tapes solely to record myself playing the gutair!
Or are we now suddenly all guilty of piracy and have to prove our inocence?
Maybe slightly off topic... but I do recall reading that upon Alexander Graham Bells death, all the telephone networks went silent for a period of 1min (?) as a mark of respect.
If that happend today the world would panic
Would stock markets crash and water/rail etc networks to go tits-up because of a major 1min phone outage?
We dont realise how dependent we are on the telephone! :-)
(Also... try subsetuteing telephones for oil in the above post
Google is brillient if you know what you are looking for. It finds the best pages straight away.
However, when I'm idely surfing (tm) I use something else.... I want to wander around the 'net not be taken straight to my destination.
Bit like driving somewhare along the back roads. You never know what you might find
You know something's great when people make a verb out of its name.
Or very bad (tm) :-)
"Slashdotted and going "postal" spring to mind
I guess I should know better than to let my helpful side show on slashdot.
You may have had the best intentions, but in reality (by uploading untrusted SSH binarys) you are encouraging people to take stupid risks. :-)
Its farily obvious by uploading the binarys that you are not a security expert
Please THINK!!!
Errrrrm
Isn't it a bit dogey just grabbing and installing a binary (rpm) from an untrusted source (ie you) for security software like SSH ?
I'll get my source code from a reputable mirror and compile it myself thanks.
you can't deploy it in a corporate environment.
You ARE wrong! Read this about which PGP version to use.
Here is a cut 'n' paste of the intersting bit....
The Business versions allow you to set up how PGP will be used throughout an organization, and also allow for use of an Additional Decryption Key (ADK); but do not really include anything of additional value to an individual user. The ADK is just a master key used by an organization that all of its email/files is also encrypted to, so that if someone leaves the organization, there will still be access to his/her encrypted files - It has absolutely nothing to do with concepts such as government key recovery.
it comes with some nice extras such as a very nice firewall
And that is partly the reason nobody bought it.
PGP evolved into a nice e-mail encryption program. NA added so much crap to this (VPN that hardly worked, Firewall, hard drive encyption) they forgot there core market..... secure E-MAIL and convincing people that it was nessisary!
(In a corperate enviroment, people alredy have firewalls etc... NA just made PGP more complex)
I actually bought a version of PGP Personal Security 7.0.3
YTC !!!
NA never published the source code for version 7. That was the reason Phil Zimmerman left NA.
Version 6.5.8 could be downloaded as freeware and is every bit as compatable!
Hes a typical windows user and won't read instructions.
That is a bit like giving someone keys to your house and not showing them how the funny lock works
For him to send a plaintext message that he thought was encrypted (because he didn't RTFM properly) could have been disasterous. In the same way that your friend not locking your door properly ('cos he didn't know how) could be disasterous
shows that any key less than 1024 can be "easily" cracked.
eh?
Yes some weeknesses have recently been discoverd in the RSA algoritham meaning that 1024 bit keys are less secure than people thought. HOWEVER PGP defaults to a 2048 bit Diffie Hellman (sp?) key.
Not only that but PGP will happly accept DH keys up to 4096 bits (and RSA keys to 2048 bits if you are set on using RSA), just by changing the defaults!
I think your comment is missleading. Standard PGP keysizes are secure (and should remain secure for many more years) but uping the keysizes can be done very easily!
the simple definition you gave would also outlaw Mace, Pepper spray, and other devices commonly used by police forces.
The police are not millitary and therefore are not bound by chemical warfare / geneva convention and other such "international laws".
Thus the police can use tear gas etc but the army can't.
As an example, look at the arguments surounding camp x-ray prisoners in deciding wheather they are civilians or millitary and thus, the conditions in which they can be held.
(Not that the average National Enquirer reader gives a damn of course)