Hijacking (Re:Spammers may use this to hide)
on
No More WHOIS scams?
·
· Score: 2
Go Daddy may also cancel the registration of a domain name, after thirty (30) days, if that name is being used in association with spam
So what happens when they or somebody else decides to remove your domain ownership from you. All they have to do is forge a spam header or two and say you've been using it for spamming, then bye-bye domain. Heck, since they've got control of your domain, they could send proxy-spam and then shut you for it.
I'm not generally so paranoid, but I prefer to have certain control over what I pay for - phorm
Until you try shipping something internationally. Once it crosses from USPS to another carrier (even to Canada, which has no bordering oceans) they become completely useless as to where your package went. No forwarded carrier ID, nada. Packages have a tendency to vanish for long periods time awaiting transfer to another carrier before finally making it over, even to Canada.
A little TLC in getting it transferred through the border would make me a much happier person.
I think one of the big questions when accusing somebody of "hacking" should be intent. While this is of course one of the hardest ground to judge, hackers tend to fall along lines the lines of.
Fame: Doing something for popularity or fame
Profit: Doing something for profit
Personal gain: Doing something to gain personally or to lessen a personal expense, either by not paying for software/services or otherwise.
Entertainment: Simply because the hacker has nothing better to do with his/her time
Security: Doing something for the purpose of forwarding the intent of security etc
Revenge/attack: Self explanitory
Script kiddies or typical hack-it-cause-I-can types would tend to fall into "Fame" or "Entertainment".
If you have somebody who's informed a company of their problem, waited for them to do something, and then finally anonymously or semi-anonymously posted the problem, then we have the "security" types that are looking out for all of us. Somebody who posts it as "hey look at me, I hacked XXX/YYY and somebody should fix it" is just looking for fame or possibly profit.
I think that if you can hack a system and then offer a viable fix/solution without the indicated repercussion of telling everyone in the world what the problem is, then you shouldn't be blacklisted as a "black hacker".
However, if you go off and tell everyone that so-and-so's software/network is insecure because they didn't pay you, then you're no better than an extortionist or a crook.
If you've bypassed security on a product that was hindering legitimate users, we have another really hard area to define. Anything that gets done to a company's product generally should be done with the grace of the producing company.
Perhaps one of the biggest problems is those who just jump out and post something on the internet without thinking of the ramifications to the owner/users of the product. If you post a security vulnerability and fix, you may be allowing a certain amount of people to fix the problem, but you're also letting all the hackers out there know where there's easy prey in those that don't see the fix soon enough.
In the same hand, if companies legally lambaste anyone who hacks and then offers a solution to their woes, it only makes things worse.
Corporations with insecure products/networks need to recognise that running for the lawyers isn't always the best solution, while those doing the hacking need to recognise that extortionist/fame mongering/otherwise damaging tactics aren't helping either.
If more companies can work with legitimate hackers in a productive way (as stated in the article, many have internal hackers), without inviting dozens of script-kiddies to poke at their servers, then perhaps one day the important people (we, the end-users) will find a day when we can legitimately use the products we pay for, in a meaninful manner, and without security woes.
It's not what you can do, it's how you do it that counts - phorm
In most cases of rampant idiotic teenage download-everything-without-paying yes. However, my 2 CD's full of fully legit mp3 downloads do argue against this.
As more try-before-you-buy mp3 shops come up, hopefully this will become more popular.
Would rather pay for something I DL'ed and liked than a CD of mixed semi-crapola anyday - phorm
The good thing about this is that a lot of useful technologies do spring from military use, however. So eventually if the military blasts out the cash in prototype and production models, this might work its way into improved civilian aircraft.
Jet engines probably wouldn't have come out until much later if not for WW1 and WW2 (notable WW2). I think the internet started in military practive as well (ARPAnet?).
So we have the military to thank for slashdot? hmmm - phorm
Since the issue in this case is around the editing of the media, perhaps a better idea would be for somebody to create a cheap hardware mod that works with most DVD players that would allow you to enter cards with data on various types of scenes in movies. For example:
type A: pornographic
type B: violent
type C: cowboyneil
Then, let the user tag into the card what scenes he/she doesn't want, and have the hardware skip ahead during those scenes. Of course, this would probably have the hardware vendors down your back, making the playstation mod-chip case look like a picnic. If there were a legal/grey-area-legal way to pull it off though, it would be a good idea. Since the original material isn't altered in any way (only the viewing post-material), there shouldn't be any contentions with the original creators.
And yes, sometimes it is nice to watch a movie for plot without seeing gibbles and bits everywhere - phorm
There are major health considerations when setting up the transmit hardware
Being that I don't know much about the ranges wherein these transmissions become dangerous, it would be cool if somebody "in the know" could elaborate more on this. Can you actually fry people's brains with these satellites, or create cancer-causing radiation?
My parents have a mini-dish in their back yard, somewhat similar to the one shown on this page. It's mounted pretty low, so I think that it would be about head-level on a tall person. Should I recommend that it be moved lest they cause somebody brain damage?
Seems that California tends to lead the way for many controversial tech/legal issues, for better or worse. It's nice to see that this round is a definitive win for the good guys. Hope they make the same decision up here in BC. I haven't gotten cellspam yet, but I'm expecting it to start soon. At 10c/message, they would be a lot worse than just spam email.
As it is, myself and several others I know who handle domains have gotten emails from a company asking us to "renew" our domain. Further reading into this shows that the company sending the letter had no relation to the company from which the original domain was bought (though the word "renew" indicates a renew of the original
"contract", scamming buggers). I figure that they go out looking for expiring domains and use WHOIS to find the billing contact to send their crapmail to. Being as there are many potentially more malicous uses for this, perhaps hiding the WHOIS isn't such a bad idea in some cases.
In agreement with the other responders, this sounds like crap to me. Installing a complete lockdown on machines tends to p*ss off employees, and just generally cause problems. Locking down an existing open network is a pain in the butt to admins too, every time new software has to be installed the admin has to be called in.
I'm currently working in a local school district, and this is the only siutation I've found lockdowns useful, since kids intentionally tend to cause crap or download porn etc. In a business with reasonable adults, you can at least hope/expect that they won't be causing deliberate damage to the machines.
This shameful plug should be used to plug um... nevermind - phorm
Fortunately, no humans (except dead humans) are grey, so that skin tone was available.
I guess you haven't met some of our IT staff here. I think a few of them haven't seen the sun in several decades, and have a nicotine coating which dulls their skin hue. That or they ARE aliens, I just always assumed that their personal quirks were an old IT-admin thing...
That explains that odd probe-like tool in the PC fixit kit - phorm
Anytime your data is on somebody else's server, then you've lost a certain amount of control over that data. A cool idea might be to have a login that allow remote sites to access personal repository servers in order to retrieve required data. Of course, this would only work if you have a domain and/or static IP of your own to designate as the repository, otherwise - same problem again.
Maybe an itty bitty serial hardware device that contains the more significant data, which you could carry on a keychain or something would work?
So they see a flicker of light. How do they know that this flicker is the "beginning" flicker of light and matter separation. For all we know it could be a few extraterrestrial teenaliens flickering their headlights at us...
Hey Xorg, bet this will really confuse people 10 billion years from now - phorm
This is actually a good point. Maintaining favorites on an individual computer. I really hate how browsers tend to manage my "favorites" etc. I'd prefer to either have a global favorites which I can update from anywhere, and retrieve with a password - and which nukes when I logoff.
Maybe I'll make an app for this and sync it on my webserver. Email me (email link on website) if anyone is interested in the finished project, or helping me work in it (making it cross-platform,etc). Area management would be nice too, so that "global" groups are loaded from anywhere, but some do/don't when at work, etc.
(so that "porn" doesn't load at work, yes) - phorm
I've seen these groups available on my local ISP. Makes me sick, why the hell would they even include these newgroups. Don't they know which newsgroups they're posting available?
Filtering things at an ISP isn't a great idea, but not provided it in their public content doesn't seem bad to me. Do ISP's pick what goes into the newgroup, or is it added by a default list or some other odd means of populating. I've noticed different ISP's having different newsgroups available, many seem to allow the illegal ones though?
Exactly my point. Why bother with having HUGE TiVo hard drives when you can just dump either to a PC and then record as divX, or just include a semi-permanent storage device that works with TiVo? It'd be sweet to have an addin that hooks right to TiVo and burns DivX CD's, or maybe SVCD/DVD-ROMs. Maybe there is stuch a device, and I'm not aware?
Personally, I haven't had broadcast TV for over 2 years now, never missed it - phorm
Has anybody noticed a trend lately of large corporations or companies making offers to the public source movements. Is this a play between them for notice, or are they finally starting to figure out that it's better to play nice with open source than fight against it?
How so? They chose to go to the spoof site, and to enter the CC info. In this case, the culprit would be going to the site in question, it would not be peering into their computer. I think where it would more likely fail would be under "entrapment" or some reference to deceptive practices. If taking CC #'s was criminal (which it might be), harvesting IP's might be better.
Nope. But they *can* look in through the door, and if they see something going on that's illegal through that open door they can take appropriate action.
So that's what those odd animal noises were from - phorm
Wouldn't it be better to do this:
Have law enforcement set up mirror sites, and have the IP redirect to these instead of blocking the KP sites. Then, when the idiot kiddy-lover signs up using his credit card *bam* firstname, lastname, he's ready to fry.
Go Daddy may also cancel the registration of a domain name, after thirty (30) days, if that name is being used in association with spam
So what happens when they or somebody else decides to remove your domain ownership from you. All they have to do is forge a spam header or two and say you've been using it for spamming, then bye-bye domain. Heck, since they've got control of your domain, they could send proxy-spam and then shut you for it.
I'm not generally so paranoid, but I prefer to have certain control over what I pay for - phorm
Until you try shipping something internationally. Once it crosses from USPS to another carrier (even to Canada, which has no bordering oceans) they become completely useless as to where your package went. No forwarded carrier ID, nada. Packages have a tendency to vanish for long periods time awaiting transfer to another carrier before finally making it over, even to Canada.
A little TLC in getting it transferred through the border would make me a much happier person.
If you have somebody who's informed a company of their problem, waited for them to do something, and then finally anonymously or semi-anonymously posted the problem, then we have the "security" types that are looking out for all of us. Somebody who posts it as "hey look at me, I hacked XXX/YYY and somebody should fix it" is just looking for fame or possibly profit.
I think that if you can hack a system and then offer a viable fix/solution without the indicated repercussion of telling everyone in the world what the problem is, then you shouldn't be blacklisted as a "black hacker".
However, if you go off and tell everyone that so-and-so's software/network is insecure because they didn't pay you, then you're no better than an extortionist or a crook.
If you've bypassed security on a product that was hindering legitimate users, we have another really hard area to define. Anything that gets done to a company's product generally should be done with the grace of the producing company.
Perhaps one of the biggest problems is those who just jump out and post something on the internet without thinking of the ramifications to the owner/users of the product. If you post a security vulnerability and fix, you may be allowing a certain amount of people to fix the problem, but you're also letting all the hackers out there know where there's easy prey in those that don't see the fix soon enough.
In the same hand, if companies legally lambaste anyone who hacks and then offers a solution to their woes, it only makes things worse.
Corporations with insecure products/networks need to recognise that running for the lawyers isn't always the best solution, while those doing the hacking need to recognise that extortionist/fame mongering/otherwise damaging tactics aren't helping either.
If more companies can work with legitimate hackers in a productive way (as stated in the article, many have internal hackers), without inviting dozens of script-kiddies to poke at their servers, then perhaps one day the important people (we, the end-users) will find a day when we can legitimately use the products we pay for, in a meaninful manner, and without security woes.
It's not what you can do, it's how you do it that counts - phorm
In most cases of rampant idiotic teenage download-everything-without-paying yes. However, my 2 CD's full of fully legit mp3 downloads do argue against this.
As more try-before-you-buy mp3 shops come up, hopefully this will become more popular.
Would rather pay for something I DL'ed and liked than a CD of mixed semi-crapola anyday - phorm
The good thing about this is that a lot of useful technologies do spring from military use, however. So eventually if the military blasts out the cash in prototype and production models, this might work its way into improved civilian aircraft.
Jet engines probably wouldn't have come out until much later if not for WW1 and WW2 (notable WW2). I think the internet started in military practive as well (ARPAnet?).
So we have the military to thank for slashdot? hmmm - phorm
Since the issue in this case is around the editing of the media, perhaps a better idea would be for somebody to create a cheap hardware mod that works with most DVD players that would allow you to enter cards with data on various types of scenes in movies. For example:
type A: pornographic
type B: violent
type C: cowboyneil
Then, let the user tag into the card what scenes he/she doesn't want, and have the hardware skip ahead during those scenes. Of course, this would probably have the hardware vendors down your back, making the playstation mod-chip case look like a picnic. If there were a legal/grey-area-legal way to pull it off though, it would be a good idea. Since the original material isn't altered in any way (only the viewing post-material), there shouldn't be any contentions with the original creators.
And yes, sometimes it is nice to watch a movie for plot without seeing gibbles and bits everywhere - phorm
There are major health considerations when setting up the transmit hardware
Being that I don't know much about the ranges wherein these transmissions become dangerous, it would be cool if somebody "in the know" could elaborate more on this. Can you actually fry people's brains with these satellites, or create cancer-causing radiation?
My parents have a mini-dish in their back yard, somewhat similar to the one shown on this page. It's mounted pretty low, so I think that it would be about head-level on a tall person. Should I recommend that it be moved lest they cause somebody brain damage?
That explains the voices in my head - phorm
Seems that California tends to lead the way for many controversial tech/legal issues, for better or worse. It's nice to see that this round is a definitive win for the good guys. Hope they make the same decision up here in BC. I haven't gotten cellspam yet, but I'm expecting it to start soon. At 10c/message, they would be a lot worse than just spam email.
As it is, myself and several others I know who handle domains have gotten emails from a company asking us to "renew" our domain. Further reading into this shows that the company sending the letter had no relation to the company from which the original domain was bought (though the word "renew" indicates a renew of the original "contract", scamming buggers). I figure that they go out looking for expiring domains and use WHOIS to find the billing contact to send their crapmail to. Being as there are many potentially more malicous uses for this, perhaps hiding the WHOIS isn't such a bad idea in some cases.
I have a hard time seeing political discourse being listed as hate speech
A lot of people *hate* the government to some extends though, and this often goes a bit too far in discussion (as the same as many slashdot rants).
The actions of a few tarnish the reputations of many - phorm
In agreement with the other responders, this sounds like crap to me. Installing a complete lockdown on machines tends to p*ss off employees, and just generally cause problems. Locking down an existing open network is a pain in the butt to admins too, every time new software has to be installed the admin has to be called in.
I'm currently working in a local school district, and this is the only siutation I've found lockdowns useful, since kids intentionally tend to cause crap or download porn etc. In a business with reasonable adults, you can at least hope/expect that they won't be causing deliberate damage to the machines.
This shameful plug should be used to plug um... nevermind - phorm
Fortunately, no humans (except dead humans) are grey, so that skin tone was available.
I guess you haven't met some of our IT staff here. I think a few of them haven't seen the sun in several decades, and have a nicotine coating which dulls their skin hue. That or they ARE aliens, I just always assumed that their personal quirks were an old IT-admin thing...
That explains that odd probe-like tool in the PC fixit kit - phorm
Anytime your data is on somebody else's server, then you've lost a certain amount of control over that data. A cool idea might be to have a login that allow remote sites to access personal repository servers in order to retrieve required data. Of course, this would only work if you have a domain and/or static IP of your own to designate as the repository, otherwise - same problem again.
Maybe an itty bitty serial hardware device that contains the more significant data, which you could carry on a keychain or something would work?
So they see a flicker of light. How do they know that this flicker is the "beginning" flicker of light and matter separation. For all we know it could be a few extraterrestrial teenaliens flickering their headlights at us...
Hey Xorg, bet this will really confuse people 10 billion years from now - phorm
This is actually a good point. Maintaining favorites on an individual computer. I really hate how browsers tend to manage my "favorites" etc. I'd prefer to either have a global favorites which I can update from anywhere, and retrieve with a password - and which nukes when I logoff.
Maybe I'll make an app for this and sync it on my webserver. Email me (email link on website) if anyone is interested in the finished project, or helping me work in it (making it cross-platform,etc). Area management would be nice too, so that "global" groups are loaded from anywhere, but some do/don't when at work, etc.
(so that "porn" doesn't load at work, yes) - phorm
I've seen these groups available on my local ISP. Makes me sick, why the hell would they even include these newgroups. Don't they know which newsgroups they're posting available?
Filtering things at an ISP isn't a great idea, but not provided it in their public content doesn't seem bad to me. Do ISP's pick what goes into the newgroup, or is it added by a default list or some other odd means of populating. I've noticed different ISP's having different newsgroups available, many seem to allow the illegal ones though?
Exactly my point. Why bother with having HUGE TiVo hard drives when you can just dump either to a PC and then record as divX, or just include a semi-permanent storage device that works with TiVo? It'd be sweet to have an addin that hooks right to TiVo and burns DivX CD's, or maybe SVCD/DVD-ROMs. Maybe there is stuch a device, and I'm not aware?
Personally, I haven't had broadcast TV for over 2 years now, never missed it - phorm
Has anybody noticed a trend lately of large corporations or companies making offers to the public source movements. Is this a play between them for notice, or are they finally starting to figure out that it's better to play nice with open source than fight against it?
How so? They chose to go to the spoof site, and to enter the CC info. In this case, the culprit would be going to the site in question, it would not be peering into their computer. I think where it would more likely fail would be under "entrapment" or some reference to deceptive practices. If taking CC #'s was criminal (which it might be), harvesting IP's might be better.
Nope. But they *can* look in through the door, and if they see something going on that's illegal through that open door they can take appropriate action.
So that's what those odd animal noises were from - phorm
Hmmm, So we go after people for crimes they have yet to commit, is what he is arguing. Someone should make a movie about that
>Hmmm, So we go after people for crimes they have yet to commit
Collecting Kiddy Porn is illegal in most states though, so there's still a crime.
Can't somebody just embed a virus in an image that mails the personal info of these perverts to the FBI or something? - phorm
Wouldn't it be better to do this:
Have law enforcement set up mirror sites, and have the IP redirect to these instead of blocking the KP sites. Then, when the idiot kiddy-lover signs up using his credit card *bam* firstname, lastname, he's ready to fry.
When there's no natural source of light? Or does this work on non-natural sources. These might be a bit more predicable.
No dark labs for THESE randomizing circuits - phorm
to create battlebots and large spider-like walker droids?
My other car is an AT-AT - phorm
The best power would be if everyone were smart, and supported the GPL. Then, simple, nobody buys/uses their product, and it ends up ebay for $0.01
Waiting for nuclear missiles to be available on ebay - phorm