The people who can benifit most from music swapping are those musicians who don't have, or got turned down by the big record companies.
The people that it doesn't affect are scum like Metallica (don't flame, I was a huge met fan before thier napster crusade) who already have made thier fortune and any money they have lost by this means would be a drop in the bucket.
And what of the people who make music for a hobby? Not for profit. Anyways, If I really like a CD enough, i'll go buy it. Most MP3's burned to cd sound sub par; almost like a tape, so if it has more than 2 or 3 songs that won't get played out, then it's worth 15 dollars.
Actually, the therorized component that is promenent in mountain dew is yellow #5.
I grew up with a friend who lived on mountain dew, and I personally hated the stuff.... later on, I discovered that while I had gotten the regular 6-7 incher, he had, what his first *lay* described as "HIS DICK WAS AS SMALL AS MY 4 YEAR OLD BROTHERS!!!"
Either way, I don't want to drink something that looks like mountain dew does.... its just not a natural color to drink.
red = cherries = good for you
green = veggies = very good for you
blue =.... hmm.... blueberries... = not BAD for ya
yellow = uhh... tell me what food comes in yellow?
And don't say bananas unless you eat the peel, and don't say you smoke it cuz that don't count:)
I would bet that the yellow bell peppers and such are genetically engeneeried.
The fact of evolution simply points out that the yellow color is not something we need. Like it or love it... Then again, you could say we don't need beer, but I would have to slap you.
Re:Hmm.... I submitted this one a week ago
on
Electric Armor
·
· Score: 1
ah, thanks... I won't submit any more stories from that website.
Hmm.... I submitted this one a week ago
on
Electric Armor
·
· Score: 1
Only difference was it was on a different website.
http://www.ananova.com/news/story/sm_652954.html
theres the link for ya.
I have an ATI Radeon 8500
on
Tenebrae Quake
·
· Score: 1
My cpu is a nueral net process.... errr its a p4 1.5 and i get about 5 fps on the default settings. (640x400x32)
Now, I thought that the 8500 had big fat pipelines and such? WATSA DEEEEEAAAL?
Any Geforce3 or 4 users try this yet? I keep wondering to myself if ATI gets thier benchmarks by skipping important steps.
They knew there were going to be tons of D&D people running out to get it the first day, and they also know that D&D people like collectors stuff... so what do they do? Wait for around x-mas and release something else.
Typical corporate nonsence.
Apples and oranges....
on
Men vs. Machines
·
· Score: 3, Interesting
Humans and computers don't play chess the same way. The grandmasters can forsee, what is it like 10 of every move into the game, while the computer can see every move forseeable.
I've never been a big fan of playing computers in chess, and that goes way back to the old battle chess game.... remember that one, where your characters would duke it out when a player made a capture? Anyways, I was able to beat that one a couple times, but mostly it totally wooped my ass for the simple fact I was 10, didn't have much *game* and lacked the mental capacity to see 100 moves into the game.
IMO, the computer should be limited to a set amount of moves and time, and should have to consider which moves it should concentrate on, instead of looking at every single move possible. I'd also like some randomization in the game.
Did anyone read the Discover article about someguy who went on to say the center of the earth was actually a ball of uranium? It would explain for the magnetic properties of the earth. I'm not sure if it relates to this in any way but maybe it will spark something.
It would be an excellent PR thing for the people who draw these lines to simply redraw the line for extreme cases like this where they are cutting someone's house in half.
It would also be nice to have some sort of prescedent to settle total B.S. border disputes where parts of people's domiciles get divided in land quarels. I'm sure this has happened before, and in my opinion, unless the people that built thier house KNEW they were building on someone else's land, they should simply have to redraw the lines, or in the first case, pay a monetary supplement.
well, big friggen laser beams just aren't
on
Spy Fly
·
· Score: 1
the *cool* kind of weapons unless they are mounted on sharks.
Either that or maybe some dogs that bark and when they bark bees fly out.... maybe put some lasers on those suckers.
So what OS will this run on?
on
Spy Fly
·
· Score: 1
I would only asume windows.... as its so *buggy*
I couldn't resist:P
And if so, are you feeling the employment crunch like I am? I havn't had a job in quite a long time, and now that both williams and worldcomm are basically folding, tulsa will basically go under.
Its depressing here. You can tell its a very bad economy just for the fact that nessisity items are going up and luxury items are going WAY down in price.
I just signed up on ebay to sell a couple of things. I had no idea the difficulty they gave me just to sign up! They charge fees wherever little bit they can, and you can DAMN WELL expect that they will start charging our ISP's more, so we will get hit.
Then again, worldcomm never would hire me... sure did fire a lot of my real life friends with that 800 person layoff. Boy, has that made my job search easier. =(
Heres the entire thing if it *disapears* (sorry if
on
L0pht And The FBI
·
· Score: 1, Redundant
this insn't allowed in legth.... I just noticed I saw it before it got potentially/.'ed so forgive me if.
-upg
'Hacker' security biz built on FBI snitches
By Thomas C Greene in Washington
Posted: 17/07/2002 at 18:59 GMT
I can prove it to ya,
Watch the rotation;
It all adds up to
A fucking situation
- - Public Enemy
On Monday I reported a speech by Gweeds at H2K2, in which the grand hypocrisy of hackers weaseling their way from the scene to the mainstream by forming security outfits was denounced very nicely. A torrent of e-mail denouncing him soon followed, some of which I've posted here.
Even I was attacked merely for reporting what he'd said. Suffice it to say that Gweeds has managed to piss off a large number of scene denizens past and present, though I suspect this is connected to his apparently athletic promiscuity: he's tied for second in the hacker sex chart v. 9.28, with 27 links. No doubt he's 0wned the wrong bitch from time to time, steadily adding to his enemies list.
He also named names in the speech, in particular ISS, L0pht/@Stake and Sir Dystic, three prime examples of energetic blackhat pimping for venture capital and cushy jobs, Gweeds believes. In particular, he expressed a suspicion that L0pht/@Stake was somehow connected to NIPC (the National Infrastructure Protection Center), which may have helped the h4x0r glam rockers gain credibility and rise in profile among influential members of the federal bureaucracy. This connection also helped get Mudge a high-profile hacker-hysteria FUD session before Congress, he suspects.
On Monday, when I posted the first item in this series, I didn't know personally if the speech was punctiliously accurate, but it absolutely rang true to me. All too true.
Surely no one imagined that I wouldn't dig deeper into this deliciously nasty confluence of FUD, favors and venture capital flowing between the blackhat community and the Feds, with the cons serving as a handy, mediating conduit.
And indeed, Gweeds appears to have hit on a number of dirty little secrets, though with a few minor inaccuracies, none of which is sufficient to undermine his basic thesis. There does indeed appear to be a circle jerk between commercialized blackhat sellouts and the Feds; and the cons do appear, perhaps inadvertently, to provide the venue and privacy needed for such liaisons. And finally, there does seem to be a significant amount of snitching for favors and 'trust' building going on between the two 'communities', a la the despised JP model.
Flamboyant anti-establishment gestures and costumes do not a blackhat make. Your friendly neighborhood hacker turned young security businessman may well be looking to 'develop' your exploit, hack out a patch and pimp for proppies on BugTraq, and then rat you out to the Feds for gain and favor. This is how it works:
FUD platform
Soon after I posted my report Monday, @Stake's Chris Wysopal (aka Weld Pond) vehemently denied any connection with NIPC to me in an e-mail exchange. He further insisted that I 'correct' the inaccuracies in Gweeds' statements. I explained that it wasn't proper for me to edit someone else's words, or even to express doubt, unless I believed or at least suspected that the statements were inaccurate. In this case I didn't.
"I'm going to let it stand, again because any inaccuracies are his, not mine, and I prefer to let readers make up their own minds about it. However, last night I did post your and several other people's letters criticizing his talk," I replied.
I'd also put a link to that letters page in the original story so readers can easily find the counterpoint. Finally, I invited Wysopal to write a rebuttal, which I offered to publish on The Register.
"I am not going to write a 'point of view' piece that is parallel to an article that leads the reader to believe that patent falsehoods are true. Letters to the editor are much different than qualifying statements where they stand or issuing an errata," he replied. "[Several] statements by Gweeds are false. They were spoken by a man with an agenda. You have become his FUD platform."
Me, a FUD platform -- right. There's a definite pot/kettle equation in play here, as we'll see.
dann0
According to Wysopal, Gweeds got a number of facts wrong. "There is no evidence that the L0pht testified at the behest of NIPC. NIPC was formed two months prior to our testimony. We didn't even speak to anyone from NIPC until much, much later. The L0pht testified at the request of Senator Thompson. This coincided with a GAO report on the weaknesses of government security. Our testimony did not mention a criminal solution to the government security problem. We were not advocating an increased cyber police force or increased penalties."
And that is strictly correct, though not entirely true. NIPC is not where L0pht's Fed relationship was developed. But according to documents I've received, L0pht did have a relationship with FBI Special Agent Dan Romando, or 'dann0' as they called him, a Boston agent with a cybercrime-enforcement background. Our dann0 was an old friend of Mudge's from high school; and our dann0 had also been an intern in Senator Thompson's office before joining the FBI.
If you want to know how L0pht got an invitation to testify "at the request of Senator Thompson," you'll find Agent Romando's hand all over that one. Ditto for Mudge's famous meeting with then-President Bill Clinton.
And why did dann0 Romando bother to help the L0pht cyber-ninjas gain national fame? Was it out of friendly loyalty?
I wish it were. I have evidence indicating that L0pht members served as confidential FBI informants and actively solicited dirt on fellow blackhats. I have evidence indicating that they've offered to pay cash for such information. And they name dann0 Romando specifically as their FBI handler. That's right, those anti-establishment pop-underground h4x0r heroes have at least attempted, probably with success, to rat out their friends and enemies in service of good relations with the FBI.
Relations, I should add, that paved the way for their splashy media hagiography. We can safely infer a pretty significant haul of snitch-work behind dann0's generosity in assisting this monumental fraud.
And as for not advocating increased penalties for cyber-wrongdoing, that's just window dressing. L0pht was in fact spreading cyber-terror FUD to fuel expensive national cyber-defence measures and increased penalties for hackers while exhibiting themselves as both the emblem of the Dark Forces America has to fear, and her White Knights of salvation.
When a guy like Mudge addresses a gaggle of naive, technically-illiterate Congressmen, claiming to be able to break into any network on Earth, only a fool will imagine that the consequence will be anything other than more Draconian laws. That's how Congress deals with threats. That's how Congress has always dealt with threats: give more money to the Feds for investigation and enforcement, bump up the penalties, and let the evil bastards rot. There is no other outcome to be expected from testimony like that. And sure enough, nowadays hacking can lead to a life sentence.
And Wysopal calls me a FUD platform....
'Sploits for me, jail for you
So how does some cheese-eater gang of l4m3r blackhats-turned-security-advisors make its bones in the wider world of legitimate security services? Gweeds talked about a 'model' of selling out, and I'd like to add my own contribution to it. It goes like this:
Since you really don't have any skillz worth mentioning, no background in computer science, no military cryptography training, you'll have to learn to talk the talk. Outrageous clothes and piercings (preferably from a nail gun), blue hair and bad skin freely exhibited at cons are a big plus here. Journalists love this kind of shit and will usually assign you a high, imaginary threat level. Teenagers will too.
Develop relationships with members of the real blackhat underground. Hit them up for kewl new 'sploits they're using. Maybe pay cash for them; maybe barter for them with other kewl 'sploits or illegal gear you're cobbling up in your basement, like pager monitoring devices, say.
Rely on the fact that your grateful FBI handler will see that you never get raided. When you do receive a new exploit, either by paying cash or through barter, pretend it's yours. Don't worry; the real blackhat doesn't want publicity, believe me. Develop the exploit, refine it, and at the same time develop a patch or at least a workaround. Post to BugTraq and PacketStorm. Receive proppies from envious wannabes and be worshiped by dumbfuck security journalists. Apply for VC, and develop a shell corporation containing people with actual business experience to receive and manage the money for you.
Hire eager PR flacks who can tell your fascinating story to the press in the simplistic, hagiographic terms they prefer to be fed, the way ABC News drones lapped up this drivel:
"[L0pht], described as a 'hacker think tank,' testified about lax computer security before the Senate Governmental Affairs Committee in May 1998. They said any of them could easily bring down the Internet in North America, although other experts dismissed the claims as exaggerated. Committee Chairman Fred Thompson allowed L0pht's members to use only their on-line handles 'due to the sensitivity of their work.'"
And be sure to get your peers to pimp for you; remember, the more 31337 they think you are, the better for everyone else in the biz:
"Russ Cooper, who publishes the NTBugtraq newsletter exposing security risks in Microsoft products, called the group "eight brilliant geniuses."
Like Mudge, call yourself a "Chief Scientist," or like Marc Maiffret, a "Chief Hacking Officer" or like Russ Cooper, a "Surgeon General". Only journos like myself will actually laugh in your face, so it's a pretty safe practice.
Keep trading with the blackhats, and release your occasional 'discoveries' which they make possible. Ensure that your PR flacks spam the living shit out of every journo on the planet whenever this occurs.
Go in front of Congress every chance you get: remind them of how scared they should be. Tell them that the Internet is about to be brought down, along with planes and trains and power grids, and tell them how you can hack the Apache server at www.MinuteMan.mil and launch a withering nuclear assault on Kansas City with your lame Windoze box.
And don't be wasteful with precious resources. Just as a cook will use the bones from a carcass to make delicious stock, if a blackhat whose work you've been plagiarizing runs out of new tricks, you can always toss him to the FBI for additional mileage. Maybe you can even get him busted for the shit you sold him, haha.
Now that's what I call a business model. ®
Note: L0pht/@Stake declined two invitations to comment for this article.
Related Link
Mudge's hilarious hagiography, telling us among other things that he's "a renowned scientist in cryptanalysis." And asserting that he's "consulted and even conducted training courses for members of Congress, the Department of Justice, NASA, the US Air Force, and other government agencies."
Cash'n'Carrion Reg Shop Register Recruitment -- Real jobs for real people
Seems to me they are.... It used to be the FSB limited at 100mhz, but now we have 533mhz bus speeds, and our hard drives are laggin behind badly.
Anyone that has used a hard drive with a 8 meg buffer will say they can feel the difference. My guess is that these things will support Serial ATA before conventional hard drives do. (j/k)
In all seriousness, it was just a matter of time before this happened. Seems like if you want to do anything these days you have to totally rethink it and build it from the ground up. Holograms huh? Whoduthunkit?
Its a fact that that game increases cognative thinking, especially in pre-teens. I assume some day they will make it a manditory game in school, as it is one of the greatest cause and effect games out on the computer.
Either that or we are all just a bunch of blockheads:)
Come now... Most slashdotter's consider themselves to be elitest in one area or another in the realm of electronics, so it should be no big deal to simply use the ports that the ISP's HAVE to allow... or just use IRC.
Anyways, where I live, people have been uncapping thier modems and I feel it becuase I am a gamer. I say GOOD FOR THE ISP! I remember one isp saying "1% of our customers use 20% of the bandwidth." If anything, kazaa needs to come with the settings set to NO UPLOADS ALLOWED becuase i'm sure most people that are quite ignorant are a majority in the bandwidth hogging. All in all, I just want a low ping to frag the rest of you in Q3... but isn't that what we all want? (aside from downloading resevoir dogs of course:)
Most people get scared away with linux as soon as they get X running and discover there is very little they can actually do without someone right next to them holding thier hand.
If they are able to get online, chances are the documentation is just too sketchy for a layman to understand, so you need a friend to help you with it.
UNFORTUNATLY, and im not trying to flame or be a troll here, most new people to linux at this point are not complete computer nerds. They have decent windows experience, and know what hardware is, but they don't know anyone who is running linux, and if they go look for help on irc (this has happened to me) they are baraged by "WTF did you install *that* distro for? *This distro rules*" and whatnot. Its a very hard world for linux.
I was thinking about it the other day, and the main reason why all the IT people are having a hard time getting a job is becuase M$ is making things easier and easier for joe shmoe to do, and doesn't need a tech anymore.
You get linux to that level of simplicity and you might have more than 5% of americans using it at home.
I assume these are quite high in carbs, so if you go on the atkins diet, is beer a no no? Its kinda bad becuase you have all these *LITE* beers, but have you ever seen a nutrition content label on any?
I sure haven't.
And what about those of us who have very limited funds? We can't just go buy 8 dollar steaks every night. Are expected just to eat eggs as a primary staple?
Sorry for the multiple questions, but both are worth a couple of nurons firing. =)
Slashdot Mirror
The people who can benifit most from music swapping are those musicians who don't have, or got turned down by the big record companies.
The people that it doesn't affect are scum like Metallica (don't flame, I was a huge met fan before thier napster crusade) who already have made thier fortune and any money they have lost by this means would be a drop in the bucket.
And what of the people who make music for a hobby? Not for profit. Anyways, If I really like a CD enough, i'll go buy it. Most MP3's burned to cd sound sub par; almost like a tape, so if it has more than 2 or 3 songs that won't get played out, then it's worth 15 dollars.
Actually, the therorized component that is promenent in mountain dew is yellow #5. I grew up with a friend who lived on mountain dew, and I personally hated the stuff.... later on, I discovered that while I had gotten the regular 6-7 incher, he had, what his first *lay* described as "HIS DICK WAS AS SMALL AS MY 4 YEAR OLD BROTHERS!!!" Either way, I don't want to drink something that looks like mountain dew does.... its just not a natural color to drink. red = cherries = good for you green = veggies = very good for you blue = .... hmm.... blueberries... = not BAD for ya
yellow = uhh... tell me what food comes in yellow?
And don't say bananas unless you eat the peel, and don't say you smoke it cuz that don't count :)
I would bet that the yellow bell peppers and such are genetically engeneeried.
The fact of evolution simply points out that the yellow color is not something we need. Like it or love it... Then again, you could say we don't need beer, but I would have to slap you.
ah, thanks... I won't submit any more stories from that website.
Only difference was it was on a different website. http://www.ananova.com/news/story/sm_652954.html theres the link for ya.
My cpu is a nueral net process.... errr its a p4 1.5 and i get about 5 fps on the default settings. (640x400x32) Now, I thought that the 8500 had big fat pipelines and such? WATSA DEEEEEAAAL? Any Geforce3 or 4 users try this yet? I keep wondering to myself if ATI gets thier benchmarks by skipping important steps.
Now that linux is becoming mainstream, it wouldn't suprise me one bit if they are in the process of making an AOL OS.
HEAD MY WARNING! =)
(im serious)
With XP, you only have to enter a couple things, namely, the cdkey, your user name, and click what kind of network you are on.
I havn't installed redhat since 7.0, but I doubt its gotten easier than that. I mean come on.... Windows is built to be easy. Linux is not.
They knew there were going to be tons of D&D people running out to get it the first day, and they also know that D&D people like collectors stuff... so what do they do? Wait for around x-mas and release something else.
Typical corporate nonsence.
Humans and computers don't play chess the same way. The grandmasters can forsee, what is it like 10 of every move into the game, while the computer can see every move forseeable. I've never been a big fan of playing computers in chess, and that goes way back to the old battle chess game.... remember that one, where your characters would duke it out when a player made a capture? Anyways, I was able to beat that one a couple times, but mostly it totally wooped my ass for the simple fact I was 10, didn't have much *game* and lacked the mental capacity to see 100 moves into the game. IMO, the computer should be limited to a set amount of moves and time, and should have to consider which moves it should concentrate on, instead of looking at every single move possible. I'd also like some randomization in the game.
Did anyone read the Discover article about someguy who went on to say the center of the earth was actually a ball of uranium? It would explain for the magnetic properties of the earth. I'm not sure if it relates to this in any way but maybe it will spark something.
It would be an excellent PR thing for the people who draw these lines to simply redraw the line for extreme cases like this where they are cutting someone's house in half.
It would also be nice to have some sort of prescedent to settle total B.S. border disputes where parts of people's domiciles get divided in land quarels. I'm sure this has happened before, and in my opinion, unless the people that built thier house KNEW they were building on someone else's land, they should simply have to redraw the lines, or in the first case, pay a monetary supplement.
the *cool* kind of weapons unless they are mounted on sharks.
Either that or maybe some dogs that bark and when they bark bees fly out.... maybe put some lasers on those suckers.
I would only asume windows.... as its so *buggy* I couldn't resist :P
And if so, are you feeling the employment crunch like I am? I havn't had a job in quite a long time, and now that both williams and worldcomm are basically folding, tulsa will basically go under. Its depressing here. You can tell its a very bad economy just for the fact that nessisity items are going up and luxury items are going WAY down in price.
I just signed up on ebay to sell a couple of things. I had no idea the difficulty they gave me just to sign up! They charge fees wherever little bit they can, and you can DAMN WELL expect that they will start charging our ISP's more, so we will get hit. Then again, worldcomm never would hire me... sure did fire a lot of my real life friends with that 800 person layoff. Boy, has that made my job search easier. =(
this insn't allowed in legth.... I just noticed I saw it before it got potentially /.'ed so forgive me if.
-upg
'Hacker' security biz built on FBI snitches
By Thomas C Greene in Washington
Posted: 17/07/2002 at 18:59 GMT
I can prove it to ya,
Watch the rotation;
It all adds up to
A fucking situation
- - Public Enemy
On Monday I reported a speech by Gweeds at H2K2, in which the grand hypocrisy of hackers weaseling their way from the scene to the mainstream by forming security outfits was denounced very nicely. A torrent of e-mail denouncing him soon followed, some of which I've posted here.
Even I was attacked merely for reporting what he'd said. Suffice it to say that Gweeds has managed to piss off a large number of scene denizens past and present, though I suspect this is connected to his apparently athletic promiscuity: he's tied for second in the hacker sex chart v. 9.28, with 27 links. No doubt he's 0wned the wrong bitch from time to time, steadily adding to his enemies list.
He also named names in the speech, in particular ISS, L0pht/@Stake and Sir Dystic, three prime examples of energetic blackhat pimping for venture capital and cushy jobs, Gweeds believes. In particular, he expressed a suspicion that L0pht/@Stake was somehow connected to NIPC (the National Infrastructure Protection Center), which may have helped the h4x0r glam rockers gain credibility and rise in profile among influential members of the federal bureaucracy. This connection also helped get Mudge a high-profile hacker-hysteria FUD session before Congress, he suspects.
On Monday, when I posted the first item in this series, I didn't know personally if the speech was punctiliously accurate, but it absolutely rang true to me. All too true.
Surely no one imagined that I wouldn't dig deeper into this deliciously nasty confluence of FUD, favors and venture capital flowing between the blackhat community and the Feds, with the cons serving as a handy, mediating conduit.
And indeed, Gweeds appears to have hit on a number of dirty little secrets, though with a few minor inaccuracies, none of which is sufficient to undermine his basic thesis. There does indeed appear to be a circle jerk between commercialized blackhat sellouts and the Feds; and the cons do appear, perhaps inadvertently, to provide the venue and privacy needed for such liaisons. And finally, there does seem to be a significant amount of snitching for favors and 'trust' building going on between the two 'communities', a la the despised JP model.
Flamboyant anti-establishment gestures and costumes do not a blackhat make. Your friendly neighborhood hacker turned young security businessman may well be looking to 'develop' your exploit, hack out a patch and pimp for proppies on BugTraq, and then rat you out to the Feds for gain and favor. This is how it works:
FUD platform
Soon after I posted my report Monday, @Stake's Chris Wysopal (aka Weld Pond) vehemently denied any connection with NIPC to me in an e-mail exchange. He further insisted that I 'correct' the inaccuracies in Gweeds' statements. I explained that it wasn't proper for me to edit someone else's words, or even to express doubt, unless I believed or at least suspected that the statements were inaccurate. In this case I didn't.
"I'm going to let it stand, again because any inaccuracies are his, not mine, and I prefer to let readers make up their own minds about it. However, last night I did post your and several other people's letters criticizing his talk," I replied.
I'd also put a link to that letters page in the original story so readers can easily find the counterpoint. Finally, I invited Wysopal to write a rebuttal, which I offered to publish on The Register.
"I am not going to write a 'point of view' piece that is parallel to an article that leads the reader to believe that patent falsehoods are true. Letters to the editor are much different than qualifying statements where they stand or issuing an errata," he replied. "[Several] statements by Gweeds are false. They were spoken by a man with an agenda. You have become his FUD platform."
Me, a FUD platform -- right. There's a definite pot/kettle equation in play here, as we'll see.
dann0
According to Wysopal, Gweeds got a number of facts wrong. "There is no evidence that the L0pht testified at the behest of NIPC. NIPC was formed two months prior to our testimony. We didn't even speak to anyone from NIPC until much, much later. The L0pht testified at the request of Senator Thompson. This coincided with a GAO report on the weaknesses of government security. Our testimony did not mention a criminal solution to the government security problem. We were not advocating an increased cyber police force or increased penalties."
And that is strictly correct, though not entirely true. NIPC is not where L0pht's Fed relationship was developed. But according to documents I've received, L0pht did have a relationship with FBI Special Agent Dan Romando, or 'dann0' as they called him, a Boston agent with a cybercrime-enforcement background. Our dann0 was an old friend of Mudge's from high school; and our dann0 had also been an intern in Senator Thompson's office before joining the FBI.
If you want to know how L0pht got an invitation to testify "at the request of Senator Thompson," you'll find Agent Romando's hand all over that one. Ditto for Mudge's famous meeting with then-President Bill Clinton.
And why did dann0 Romando bother to help the L0pht cyber-ninjas gain national fame? Was it out of friendly loyalty?
I wish it were. I have evidence indicating that L0pht members served as confidential FBI informants and actively solicited dirt on fellow blackhats. I have evidence indicating that they've offered to pay cash for such information. And they name dann0 Romando specifically as their FBI handler. That's right, those anti-establishment pop-underground h4x0r heroes have at least attempted, probably with success, to rat out their friends and enemies in service of good relations with the FBI.
Relations, I should add, that paved the way for their splashy media hagiography. We can safely infer a pretty significant haul of snitch-work behind dann0's generosity in assisting this monumental fraud.
And as for not advocating increased penalties for cyber-wrongdoing, that's just window dressing. L0pht was in fact spreading cyber-terror FUD to fuel expensive national cyber-defence measures and increased penalties for hackers while exhibiting themselves as both the emblem of the Dark Forces America has to fear, and her White Knights of salvation.
When a guy like Mudge addresses a gaggle of naive, technically-illiterate Congressmen, claiming to be able to break into any network on Earth, only a fool will imagine that the consequence will be anything other than more Draconian laws. That's how Congress deals with threats. That's how Congress has always dealt with threats: give more money to the Feds for investigation and enforcement, bump up the penalties, and let the evil bastards rot. There is no other outcome to be expected from testimony like that. And sure enough, nowadays hacking can lead to a life sentence.
And Wysopal calls me a FUD platform....
'Sploits for me, jail for you
So how does some cheese-eater gang of l4m3r blackhats-turned-security-advisors make its bones in the wider world of legitimate security services? Gweeds talked about a 'model' of selling out, and I'd like to add my own contribution to it. It goes like this:
Since you really don't have any skillz worth mentioning, no background in computer science, no military cryptography training, you'll have to learn to talk the talk. Outrageous clothes and piercings (preferably from a nail gun), blue hair and bad skin freely exhibited at cons are a big plus here. Journalists love this kind of shit and will usually assign you a high, imaginary threat level. Teenagers will too.
Develop relationships with members of the real blackhat underground. Hit them up for kewl new 'sploits they're using. Maybe pay cash for them; maybe barter for them with other kewl 'sploits or illegal gear you're cobbling up in your basement, like pager monitoring devices, say.
Rely on the fact that your grateful FBI handler will see that you never get raided. When you do receive a new exploit, either by paying cash or through barter, pretend it's yours. Don't worry; the real blackhat doesn't want publicity, believe me. Develop the exploit, refine it, and at the same time develop a patch or at least a workaround. Post to BugTraq and PacketStorm. Receive proppies from envious wannabes and be worshiped by dumbfuck security journalists. Apply for VC, and develop a shell corporation containing people with actual business experience to receive and manage the money for you.
Hire eager PR flacks who can tell your fascinating story to the press in the simplistic, hagiographic terms they prefer to be fed, the way ABC News drones lapped up this drivel:
"[L0pht], described as a 'hacker think tank,' testified about lax computer security before the Senate Governmental Affairs Committee in May 1998. They said any of them could easily bring down the Internet in North America, although other experts dismissed the claims as exaggerated. Committee Chairman Fred Thompson allowed L0pht's members to use only their on-line handles 'due to the sensitivity of their work.'"
And be sure to get your peers to pimp for you; remember, the more 31337 they think you are, the better for everyone else in the biz:
"Russ Cooper, who publishes the NTBugtraq newsletter exposing security risks in Microsoft products, called the group "eight brilliant geniuses."
Like Mudge, call yourself a "Chief Scientist," or like Marc Maiffret, a "Chief Hacking Officer" or like Russ Cooper, a "Surgeon General". Only journos like myself will actually laugh in your face, so it's a pretty safe practice.
Keep trading with the blackhats, and release your occasional 'discoveries' which they make possible. Ensure that your PR flacks spam the living shit out of every journo on the planet whenever this occurs.
Go in front of Congress every chance you get: remind them of how scared they should be. Tell them that the Internet is about to be brought down, along with planes and trains and power grids, and tell them how you can hack the Apache server at www.MinuteMan.mil and launch a withering nuclear assault on Kansas City with your lame Windoze box.
And don't be wasteful with precious resources. Just as a cook will use the bones from a carcass to make delicious stock, if a blackhat whose work you've been plagiarizing runs out of new tricks, you can always toss him to the FBI for additional mileage. Maybe you can even get him busted for the shit you sold him, haha.
Now that's what I call a business model. ®
Note: L0pht/@Stake declined two invitations to comment for this article.
Related Link
Mudge's hilarious hagiography, telling us among other things that he's "a renowned scientist in cryptanalysis." And asserting that he's "consulted and even conducted training courses for members of Congress, the Department of Justice, NASA, the US Air Force, and other government agencies."
Cash'n'Carrion Reg Shop Register Recruitment -- Real jobs for real people
Seems to me they are.... It used to be the FSB limited at 100mhz, but now we have 533mhz bus speeds, and our hard drives are laggin behind badly.
Anyone that has used a hard drive with a 8 meg buffer will say they can feel the difference. My guess is that these things will support Serial ATA before conventional hard drives do. (j/k)
the man who wished for a 12 inch pianist? =)
In all seriousness, it was just a matter of time before this happened. Seems like if you want to do anything these days you have to totally rethink it and build it from the ground up. Holograms huh? Whoduthunkit?
Its a fact that that game increases cognative thinking, especially in pre-teens. I assume some day they will make it a manditory game in school, as it is one of the greatest cause and effect games out on the computer.
:)
Either that or we are all just a bunch of blockheads
becuase mine is kind of greenish brown.... can anyone help?
Come now... Most slashdotter's consider themselves to be elitest in one area or another in the realm of electronics, so it should be no big deal to simply use the ports that the ISP's HAVE to allow... or just use IRC.
:)
Anyways, where I live, people have been uncapping thier modems and I feel it becuase I am a gamer. I say GOOD FOR THE ISP! I remember one isp saying "1% of our customers use 20% of the bandwidth." If anything, kazaa needs to come with the settings set to NO UPLOADS ALLOWED becuase i'm sure most people that are quite ignorant are a majority in the bandwidth hogging. All in all, I just want a low ping to frag the rest of you in Q3... but isn't that what we all want? (aside from downloading resevoir dogs of course
I don't have the greatest monitor in the world so im stuck at 1024x768 so I can get a decent refresh rate.
However, If I need some extra space when i'm using photoshop, i'll up it to 1280x1024 and let my eyes bleed.
Most people get scared away with linux as soon as they get X running and discover there is very little they can actually do without someone right next to them holding thier hand. If they are able to get online, chances are the documentation is just too sketchy for a layman to understand, so you need a friend to help you with it. UNFORTUNATLY, and im not trying to flame or be a troll here, most new people to linux at this point are not complete computer nerds. They have decent windows experience, and know what hardware is, but they don't know anyone who is running linux, and if they go look for help on irc (this has happened to me) they are baraged by "WTF did you install *that* distro for? *This distro rules*" and whatnot. Its a very hard world for linux. I was thinking about it the other day, and the main reason why all the IT people are having a hard time getting a job is becuase M$ is making things easier and easier for joe shmoe to do, and doesn't need a tech anymore. You get linux to that level of simplicity and you might have more than 5% of americans using it at home.
Would you want to play with my *joystick* baby? That was wrong... maybe he just will make a better tv than a window. Don't kill me please.
I assume these are quite high in carbs, so if you go on the atkins diet, is beer a no no? Its kinda bad becuase you have all these *LITE* beers, but have you ever seen a nutrition content label on any? I sure haven't. And what about those of us who have very limited funds? We can't just go buy 8 dollar steaks every night. Are expected just to eat eggs as a primary staple? Sorry for the multiple questions, but both are worth a couple of nurons firing. =)