What are other OS vendors doing? It's clear that the new license isn't GNU compatible, and I think that Debian is also going into a direction similar to OpenBSD on this matter.
Anyone care to elaborate on this?
Oh, yeah. It's happened to me many times in the past. The key is to: 1) Write a report explaining the importance of each and every piece of your project; 2) Schedule partial presentations at least every other week; 3) Write another report showing the weaknesses of your competitor, and providing information as to why your project (and in consequence, your client's project) is technically superior.
But don't forget that from a layman's point of view, prettier is almost always better (and the case is not necessarily true).
It's always amusing to find an old bookmarks file and then, just for fun, visiting old pages of friends that I used to visit so often that they earned a place on my bookmarks.
Now, something that's really weird, and has come to my mind sometimes, is setting cron jobs to send emails and post files after you're dead. If you don't die, just erase the job and create a new one for another 6 months.
Can you picture the face of your friends when they find out that your blogger or webpage has a new photo of you, 3 months after you're dead? Let's say, hmmmm, from Cancun?:-)
But you simply spoofed your arp and answered for all requests for that address?
What happened when the same IP appeared two times? Your gateway would answer for them both?
As to the proxy issue, would your software analyse requests only on the known proxy ports, or watch every communication that goes through?
If you don't mind me asking, how did you solved the problem of having 2 same static IP addresses on the same net at the same time, with your arp spoof setup?
I'm asking this, because I've seen it working on a Hotel that I stayed some time ago, and it really eats my brains out.
Also, did you managed to solve issues when the client has a proxy setup as well?
1. Perform a "vulnerability assesment" of your own. Possibly even try something similar to Welchia - to demonstate a) that their computer systems are insecure and b) that outsourcing your job is leading to weaker security
OK, this is BAD ADVICE, to say the least. I don't think your former company is going to give you a permission to asses their network.
With that in mind, what you are doing is most likely illegal.
Also remember that, since you were fired, you are probably being seen as a bitter and hateful person that would like to hurt (blackmail, even) your former employee. That "assessment" could easily be turned against you as "cracking" or "threatening" or even "terrorism" (that seems to be in vogue right now.)
Oh, yeah?! Could you level up your ideas a little bit and elaborate a little more on your answer, for instance, explaining WHY do you think this is stupid? Remember, this is a forum where we are supposed to discuss new ideas, not bash people around. So, please, if you don't have anything good to say, think again before posting!
You can use authpf to allow access through your firewall only to logged in users. With this, each user has to first authenticate and then s/he can access the network.
One caveat with this method is that you need a SSH client on your user's computer. For UNIX-Like you can use plain SSH (users are normally familiar with it), but for Windblows, you should take something like putty and change it so it would look more like a login interface.
Last July I was choosing between portable mp3 players, and saw the Sony CD-R/RW player/recorder. I must say that it looked damn ugly and too clumsy to carry around.
This new one surely beats it on looks and size, and it can play from DVDs (I think...). Back at that time, I chose the Archos Jukebox Recorder 20Gb, so it wouldn't be necessary to carry medias along (like 35 mp3 CDs), but looking at the possibility of playing DVD (that is, more than 20Gb in ONE SINGLE MEDIA), I guess this new player from Sony has a huge appeal to me.
1. Crack the cable decoder to allow firewire all the time; 2. crack whatever encryption exists to keep the content safe from the devil, ugly, smelly kind of person consumers are; 3. record digital video for FAIR USE.
But hey, after step 1, step 2 and 3 are quite easy... hmmm, OK, now I guess they are going to require some new digital eye lids, so if you are seeing a protected video, your eyes will automatically shut.
Now seriously, it's time to write your congressman again. No way we can let them take more of our rights.
It cannot come to the same free-speech-is-illegal, people's-rights-don't-mean-a-dime level like it came with DeCSS.
I think that instead of 11-digit identification number, they should be given each person an IPv6 address.
OK, we've still got privacy problems, but at least we are one step closer to some real use of IPv6 technology.
I think about this some times: what if I can't type for some time and loose a great deal of money because of that?
In your case, what if you've broken both of your arms? (hope this never happens:-) ) Is there any insurance that we can get on this cases (like accident insurance or similar) that would save our asses on this kind of misfortune?
To put this in perspective, if you search for my name on the web, you are going to find some hits, mostly on mailing lists, that clearly express my position on many topics.
It's there, related to my name, because I'm not ashame of my views. Of course I'll take care not to post pictures of me naked:-) and personal things I don't want public.
But when you're signing a petition, you are stating "hey, I think this is right (or wrong) and to clarify my opinion I'm writhing my name down here!"
Now Mr. Fahmawi says "If I had a more generic name, I'd sign petitions with impunity." Come on, what is that? The Anonymous Coward Syndrome? Mr. Fahmawi, are you pro or con your OWN ideas? Are you going to sign for that? Because if you're not, I think you should talk to a psychiatrist (identity problems, anyone?)
I've signed some petitions myself, they are online (I've even signed to send my name to Mars, proving how geek I am). But think of this: if it wasn't for the internet, would you make some piece of information about you public? If the answer is yes, then don't come complaining about privacy issues. Privacy, and I'm all for it, is meant to protect PRIVATE information, data you wouldn't disclose even if there was NO internet.
But if worse comes to worst, you can always drop an email to Google asking for your info to be removed.
Now, NYT, could you please get back to the objective journalism and quit this whining?
On a related matter, how are people covering 9 to 25 stores buildings? I thought that an Yagi antenna at the roof, aiming down, could do the job, but I'm not quite sure. How do you solve this? Several antennas, several AP's?
Comments and suggestions would be greatly appreciated.
Best regards...
If I can't hear a sound in space...
on
Space Music
·
· Score: 1
I've done it with OpenBSD. It's actually quite simple and easy to set up.
One thing I've found helpful was to do it first on a harddrive set only for this (trying to boot it, recompiling and all), and then burning the CD. The first time I tried it, I was making it on top of another intallation and that got me tunning the former installation, which had nothing to do with my intended CD, just to cleanly compile it all.
Take a look at this article and man mfs.
I've got a Photosmart 100 from HP this month. It's printout is definitely amazing, worth a look on your local computer store. Plus, it's really small and highly portable (HP even has a carry bag for it).
I keep all my digital photos online, so friends and familly can easily reach it, and I print whatever I think would look great on the coffe table:-)
And after I bought a 128Mb Memory-stick for my Sony DSPC1 camera, I only shoot high-res pictures with the email option, so I don't have to resize it for the least affortunates of my friends that are still running on modem.
We shoot script(1) up everytime an admin procedure gets started so we document every line that appears on a terminal. Later we add commentaries for each of these lines, explaining it's purpose, and archive the hole file.
With this you can infer what an specific environment looks like, how installations were dealt with or problems were solved, amongst other administrative duties.
I guess the only disadvantage is that all your administrators will have to learn how to get away without emacs and vi, since they usually don't do well with script(1). Of course, there's always ed(1).
I'd say that since you now has "a point to prove", the first thing you should do is pray for your network NOT to be cracked into. If this comes to happen, some very suspicious eyes would fall on you.
Why don't you suggest a limited pen-test, documenting very well how you could get in, what damages you could inflict and, most important, how should it all be fixed (but don't, at any point, be picky with The Engineer, or else this all could be seemed as an ego war.)
A Brazilian company I consult for had 5 developers in house, but couldn't keep up with the payrolls.
Their solution was quite creative: one of the company's partner opened another company with de laid off developers and started working as a contractor, and not only for the former company but also to others.
I'd say that getting together and helping each other may be a very good solution. Of course, if you are going to build a whole new enterprise and have only one client, it would be ruined fast, but if you can find a good manager and (possibly) a good salesperson, you all can end up earning more than before.
Re:I had to CRACK my way out...
on
Disconnecting
·
· Score: 1
Have you ever heard of friends? I mean, if there was an ISP where I live, maybe, just maybe, there could be other clients, other people with Internet access...
But anyway, your post was funny (and I guess it was meant to be.) So, yes. I'm the best cracker ever... I'm so damn good that I can access computers by thought!:-)
Slashdot Mirror
Can anyone post a good banana bread recipe?
OK, so this is Slashdot and I should say something technical about it, so:
the BananaKernel
What are other OS vendors doing? It's clear that the new license isn't GNU compatible, and I think that Debian is also going into a direction similar to OpenBSD on this matter.
Anyone care to elaborate on this?
Oh, yeah. It's happened to me many times in the past. The key is to:
1) Write a report explaining the importance of each and every piece of your project;
2) Schedule partial presentations at least every other week;
3) Write another report showing the weaknesses of your competitor, and providing information as to why your project (and in consequence, your client's project) is technically superior.
But don't forget that from a layman's point of view, prettier is almost always better (and the case is not necessarily true).
It's always amusing to find an old bookmarks file and then, just for fun, visiting old pages of friends that I used to visit so often that they earned a place on my bookmarks.
:-)
Now, something that's really weird, and has come to my mind sometimes, is setting cron jobs to send emails and post files after you're dead.
If you don't die, just erase the job and create a new one for another 6 months.
Can you picture the face of your friends when they find out that your blogger or webpage has a new photo of you, 3 months after you're dead? Let's say, hmmmm, from Cancun?
But you simply spoofed your arp and answered for all requests for that address?
What happened when the same IP appeared two times? Your gateway would answer for them both?
As to the proxy issue, would your software analyse requests only on the known proxy ports, or watch every communication that goes through?
If you don't mind me asking, how did you solved the problem of having 2 same static IP addresses on the same net at the same time, with your arp spoof setup?
I'm asking this, because I've seen it working on a Hotel that I stayed some time ago, and it really eats my brains out.
Also, did you managed to solve issues when the client has a proxy setup as well?
OK, this is BAD ADVICE, to say the least. I don't think your former company is going to give you a permission to asses their network.
With that in mind, what you are doing is most likely illegal.
Also remember that, since you were fired, you are probably being seen as a bitter and hateful person that would like to hurt (blackmail, even) your former employee. That "assessment" could easily be turned against you as "cracking" or "threatening" or even "terrorism" (that seems to be in vogue right now.)
They could redirect all outbound connections to a proxy, no matter what it is (it would just break the protocol).
If you're using their DNS server, then you would still resolve names, but even your SSH or POP3 connections would be redirected to the proxy and fail.
I think I saw something working in this fashion somewhere...
Oh, yeah?!
Could you level up your ideas a little bit and elaborate a little more on your answer, for instance, explaining WHY do you think this is stupid?
Remember, this is a forum where we are supposed to discuss new ideas, not bash people around. So, please, if you don't have anything good to say, think again before posting!
You can use authpf to allow access through your firewall only to logged in users. With this, each user has to first authenticate and then s/he can access the network.
One caveat with this method is that you need a SSH client on your user's computer. For UNIX-Like you can use plain SSH (users are normally familiar with it), but for Windblows, you should take something like putty and change it so it would look more like a login interface.
Uh-oh! Dumb me! I don't know why I was thinking 60Gb, instead of 4.7Gb on one DVD. OK, back to Archos again!
Damn early hours...
Last July I was choosing between portable mp3 players, and saw the Sony CD-R/RW player/recorder. I must say that it looked damn ugly and too clumsy to carry around.
This new one surely beats it on looks and size, and it can play from DVDs (I think...). Back at that time, I chose the Archos Jukebox Recorder 20Gb, so it wouldn't be necessary to carry medias along (like 35 mp3 CDs), but looking at the possibility of playing DVD (that is, more than 20Gb in ONE SINGLE MEDIA), I guess this new player from Sony has a huge appeal to me.
1. Crack the cable decoder to allow firewire all the time;
2. crack whatever encryption exists to keep the content safe from the devil, ugly, smelly kind of person consumers are;
3. record digital video for FAIR USE.
But hey, after step 1, step 2 and 3 are quite easy... hmmm, OK, now I guess they are going to require some new digital eye lids, so if you are seeing a protected video, your eyes will automatically shut.
Now seriously, it's time to write your congressman again. No way we can let them take more of our rights.
It cannot come to the same free-speech-is-illegal, people's-rights-don't-mean-a-dime level like it came with DeCSS.
I think that instead of 11-digit identification number, they should be given each person an IPv6 address.
OK, we've still got privacy problems, but at least we are one step closer to some real use of IPv6 technology.
I think about this some times: what if I can't type for some time and loose a great deal of money because of that? :-) ) Is there any insurance that we can get on this cases (like accident insurance or similar) that would save our asses on this kind of misfortune?
In your case, what if you've broken both of your arms? (hope this never happens
To put this in perspective, if you search for my name on the web, you are going to find some hits, mostly on mailing lists, that clearly express my position on many topics. :-) and personal things I don't want public.
It's there, related to my name, because I'm not ashame of my views. Of course I'll take care not to post pictures of me naked
But when you're signing a petition, you are stating "hey, I think this is right (or wrong) and to clarify my opinion I'm writhing my name down here!"
Now Mr. Fahmawi says "If I had a more generic name, I'd sign petitions with impunity." Come on, what is that? The Anonymous Coward Syndrome? Mr. Fahmawi, are you pro or con your OWN ideas? Are you going to sign for that? Because if you're not, I think you should talk to a psychiatrist (identity problems, anyone?)
I've signed some petitions myself, they are online (I've even signed to send my name to Mars, proving how geek I am). But think of this: if it wasn't for the internet, would you make some piece of information about you public? If the answer is yes, then don't come complaining about privacy issues. Privacy, and I'm all for it, is meant to protect PRIVATE information, data you wouldn't disclose even if there was NO internet.
But if worse comes to worst, you can always drop an email to Google asking for your info to be removed.
Now, NYT, could you please get back to the objective journalism and quit this whining?
that Ford really sucks, it's an awesome technology.
On a related matter, how are people covering 9 to 25 stores buildings?
I thought that an Yagi antenna at the roof, aiming down, could do the job, but I'm not quite sure.
How do you solve this? Several antennas, several AP's?
Comments and suggestions would be greatly appreciated.
Best regards...
can the "enraged representatives of the avant-garde, experimentalist composer John Cage" sue God for copyright violation? :-) Maybe the Via Lactea owners?!
I've done it with OpenBSD. It's actually quite simple and easy to set up.
One thing I've found helpful was to do it first on a harddrive set only for this (trying to boot it, recompiling and all), and then burning the CD. The first time I tried it, I was making it on top of another intallation and that got me tunning the former installation, which had nothing to do with my intended CD, just to cleanly compile it all.
Take a look at this article and man mfs.
I've got a Photosmart 100 from HP this month. It's printout is definitely amazing, worth a look on your local computer store. Plus, it's really small and highly portable (HP even has a carry bag for it). :-)
I keep all my digital photos online, so friends and familly can easily reach it, and I print whatever I think would look great on the coffe table
And after I bought a 128Mb Memory-stick for my Sony DSPC1 camera, I only shoot high-res pictures with the email option, so I don't have to resize it for the least affortunates of my friends that are still running on modem.
We shoot script(1) up everytime an admin procedure gets started so we document every line that appears on a terminal. Later we add commentaries for each of these lines, explaining it's purpose, and archive the hole file.
With this you can infer what an specific environment looks like, how installations were dealt with or problems were solved, amongst other administrative duties.
I guess the only disadvantage is that all your administrators will have to learn how to get away without emacs and vi, since they usually don't do well with script(1). Of course, there's always ed(1).
I'd say that since you now has "a point to prove", the first thing you should do is pray for your network NOT to be cracked into. If this comes to happen, some very suspicious eyes would fall on you.
Why don't you suggest a limited pen-test, documenting very well how you could get in, what damages you could inflict and, most important, how should it all be fixed (but don't, at any point, be picky with The Engineer, or else this all could be seemed as an ego war.)
A Brazilian company I consult for had 5 developers in house, but couldn't keep up with the payrolls.
Their solution was quite creative: one of the company's partner opened another company with de laid off developers and started working as a contractor, and not only for the former company but also to others.
I'd say that getting together and helping each other may be a very good solution. Of course, if you are going to build a whole new enterprise and have only one client, it would be ruined fast, but if you can find a good manager and (possibly) a good salesperson, you all can end up earning more than before.
Have you ever heard of friends? I mean, if there was an ISP where I live, maybe, just maybe, there could be other clients, other people with Internet access... :-)
But anyway, your post was funny (and I guess it was meant to be.) So, yes. I'm the best cracker ever... I'm so damn good that I can access computers by thought!