Well, brute-forcing techniques don't generally try "every possible combination" until they have exhausted some list of common passwords (with permutations on those common phrases).
Anyway, I think PGP uses SHA-1 to convert your passphrase into a 160-bit hash key (i.e. any passphrase you use is converted into a 160-bit value). Ideally, no two passphrases generate the same key, but in practice it's possible to find a collision in an average case time of 2^80 iterations... difficult, but computationally feasible.
I'm not sure how related to the current discussion this is, but I suppose that 2^80 random attempts should produce a matching passphrase, even if it isn't the original passphrase.
William Stallings' "Cryptography and Networking Security" has a good treatment of the vulnerabilities in MD5 and SHA-1, although it doesn't mention the relatively recent MD5 collision vulnerability (search/. for many dupes on that matter).
This is the grandparent: "People who judge a software product by its name are idiots... And if you happen to be working for people like that, then you have my sincere condolences..."
and then the parent: "Now you may call me an idiot again, but that's ok as it only..."
See above? If the firewall is blocking incoming connections, then Script Kiddie #152373 can't send instructions to the listening zombie server, rendering it useless unless it either a) is automated... is it still a "zombie" then? For the purposes of Prolexic's report, I mean. b) initiates a connection with the attacker's machine, which would be stupid since that means hardcoding your IP into your zombie client.
Of course, if you use access point hiding, WEP, MAC filtering, AND boot the Access Point at exactly 1 minute after midnight on Friday 13th on a leap year when the moon is full and in via combusta, the combined protective scheme makes the Access Point mysteriously unhackable.
(before you mod this down, it's true. It's on Wikipedia!)
Apparently, there are still a ton of bugs running that one on your platform. I recommend an upgrade to an open solution, particularly something that comes with an onboard Historical Context Translator.
Perhaps they are, it just wasn't the point I was making, so I didn't want to imply I was making that analogy.
One problem with the analogy, though, is that in the case of filesharing, there are other people attempting to provide the product at a higher price. As a result, those people feel that the warez groups are infringing on their profit. Which, I suppose, gives an argument for warez groups being WORSE than drug dealers;-)
On the other hand, I could list for you a number of people that have completely ruined their lives by using marijuana and LSD. Not as many as I could list from alcohol, though. Still... "fairly harmless" might not be such a good description.
but I'm basically just thinking out loud at this point, so don't take any of this too seriously.
I wasn't making a claim on the maturity of spending all your free time online. I was making a point about the immaturity of considering "drinking some beers and getting some ass" to be the height of one's week.
If you juxtapose two things to show how bad one is, make sure the other thing you pick is at least marginally better.
Wow. In context, I'm fairly certain you just suggested that I commit felonies. I'll get right on that. Drug trafficking and warez, here I come!
In seriousness, though, since none of my personal experiences were relevant for this discussion, I didn't make reference to them. The intricacies and pitfalls of programming language x, how to install Linux distribution ynix, or what happened at political protest z are hardly useful when talking about internet piracy and/or mentioning drug dealing, which are both areas I have next to no experience in, I'm rather happy to report.
I was only citing references to avoid giving the impression that I DID have experience in areas where I did not. Notice how I didn't start my conversation with "I r teh 1337 w4r3z d00d and it wurks liek tihs" (no offense intended toward people actually in the warez community). I started my discussion on warez with the phrase "as I understand it."
The only reason I didn't initially mention Means' book is that I was using it as an analogy, and as a result I thought it was so far off-topic that it shouldn't really matter whether the information was accurate as long as the intention got through.
My use of "mules" in this instance comes from Richard Means' autobiography, "Where White Men Fear to Tread." As a result, it's several decades out of date, but I assumed the basic terminology was the same. It may come down to his erroneous use of the term, though, as I've not come across it anywhere else.
Regardless of my use of the term, the point remains. In any organized operation, the lower-level members are more likely to take the heat when something goes wrong. This applies to the corporate world, hobbyist warez addicts, and the illicit underground economy.
Now, by my count, this post should be modded down for being both redundant and off-topic. So I'd say it's high time I stop posting.
Yes, you do. This is straight from any Introductory Computer Systems or Assembly Language class.
The Memory Hierarchy: 1. Register File 2. Processor Cache (L1 & L2 if applicable) 3. Primary Memory (you call that RAM sometimes, although a RAM Drive on a hard disk would ALSO count here) 4. Secondary Memory (local disks are here) 5. Tertiary Memory (network drives and such)
Yes. It is obvious. Which might be why no one else said it.
Granted, the obvious needs to be stated pretty often; in my estimation, people don't seem able to grok many things that are, to my mind, pretty blatant.
See the 2600 article I mentioned in the grandparent ("A Guide to Internet Piracy" from 21:2) for a slightly more realistic, and much less reactionary, portrayal of the Warez community in it's current state.
The problem, of course, is that 2600's readership is a fraction of Wired's readership... and the most common readers of both magazines are in the same community (by which I mean they are tech/geek types). I don't know if said readers would agree with that statement, but oh well.
That's because you were what is called a "mule" in the world of drug dealing. A mule is the low-end pusher/dealer, the person that deals with individual users, and always the fall guy. Not that I'm saying file sharing and drug dealing are analogous...
In the warez community, as I understand it, you were probably either an "IRC/P2P Kiddie" or a "Racer" (if you got into sitetrading). Both of these are fairly easy to spot (from the perspective of syndicates like the RIAA & MPAA and the feds) because you are moving a lot of copyrighted data in plain text, with unobscured filenames. Until the very recent past, these "middlemen" were seen as fairly harmless by the FBI & co.
Before the MPAA/RIAA campaigns against end users came into play, you would have been given a slap on the wrist (which, it would seem, is what happened). If you were doing the same stuff today, your personal information might have undergone the subpeona process the RIAA & MPAA have become infamous for, and you might have faced a civil suit and/or criminal charges. Consider yourself lucky to have gotten caught back then!
(Most of my information comes from the article "A Guide to Internet Piracy" in 2600 Magazine, issue 21:2. It looks to be the same information, pretty much, as the Wired article mentioned in the top post, although I admit I have not RTFA. This is slashdot, after all...)
Slashdot Mirror
Well, brute-forcing techniques don't generally try "every possible combination" until they have exhausted some list of common passwords (with permutations on those common phrases).
/. for many dupes on that matter).
Anyway, I think PGP uses SHA-1 to convert your passphrase into a 160-bit hash key (i.e. any passphrase you use is converted into a 160-bit value). Ideally, no two passphrases generate the same key, but in practice it's possible to find a collision in an average case time of 2^80 iterations... difficult, but computationally feasible.
I'm not sure how related to the current discussion this is, but I suppose that 2^80 random attempts should produce a matching passphrase, even if it isn't the original passphrase.
William Stallings' "Cryptography and Networking Security" has a good treatment of the vulnerabilities in MD5 and SHA-1, although it doesn't mention the relatively recent MD5 collision vulnerability (search
That is really fast.
MGS is not very long.
You're right on both counts!
Playing the game at a relatively slow speed, I completed it on Normal in ~5 hours... just to give a benchmark (but I suck at MGS games...)
"Taking several hours for the Live CD to boot"
It's already been covered elsewhere, but I'm gonna mention it here in case someone missed the posts above this one:
The above quote is not true. It's the install to hard disk that "takes several hours". The liveCD environment is precompiled.
This is the grandparent:
"People who judge a software product by its name are idiots... And if you happen to be working for people like that, then you have my sincere condolences..."
and then the parent:
"Now you may call me an idiot again, but that's ok as it only..."
Now... where exactly did he call you an idiot?
Ah... duh. I forgot about IRC...
right then, ignore my entire post.
See above? If the firewall is blocking incoming connections, then Script Kiddie #152373 can't send instructions to the listening zombie server, rendering it useless unless it either
a) is automated... is it still a "zombie" then? For the purposes of Prolexic's report, I mean.
b) initiates a connection with the attacker's machine, which would be stupid since that means hardcoding your IP into your zombie client.
"Its no Enterprise or Dr. Who"
And thank god for that!
Of course, if you use access point hiding, WEP, MAC filtering, AND boot the Access Point at exactly 1 minute after midnight on Friday 13th on a leap year when the moon is full and in via combusta, the combined protective scheme makes the Access Point mysteriously unhackable.
(before you mod this down, it's true. It's on Wikipedia!)
"WoW"
"the originality!!!!!!!!!!!!"
I gather that
a) you've been playing too much World of Warcraft (or talking about it too much)
b) both your '1' and shift keys are stuck
Tabbed browsing, at least, is a useful (industry-standard) feature. I wouldn't berate MS for that one, it's good to see them catching up.
However, still no proper CSS2 support? It'll still render every other bloody website improperly.
"2) Tolerance 0.90 beta"
Apparently, there are still a ton of bugs running that one on your platform. I recommend an upgrade to an open solution, particularly something that comes with an onboard Historical Context Translator.
"That is what should be on the front page of Slashdot, not this stuff about drivers that I don't understand."
/. slogan for more details)
You, sir, are an idiot. (see
Perhaps they are, it just wasn't the point I was making, so I didn't want to imply I was making that analogy.
;-)
One problem with the analogy, though, is that in the case of filesharing, there are other people attempting to provide the product at a higher price. As a result, those people feel that the warez groups are infringing on their profit. Which, I suppose, gives an argument for warez groups being WORSE than drug dealers
On the other hand, I could list for you a number of people that have completely ruined their lives by using marijuana and LSD. Not as many as I could list from alcohol, though. Still... "fairly harmless" might not be such a good description.
but I'm basically just thinking out loud at this point, so don't take any of this too seriously.
I'm impressed by your ability to miss the point.
I wasn't making a claim on the maturity of spending all your free time online. I was making a point about the immaturity of considering "drinking some beers and getting some ass" to be the height of one's week.
If you juxtapose two things to show how bad one is, make sure the other thing you pick is at least marginally better.
Wow. In context, I'm fairly certain you just suggested that I commit felonies. I'll get right on that. Drug trafficking and warez, here I come!
In seriousness, though, since none of my personal experiences were relevant for this discussion, I didn't make reference to them. The intricacies and pitfalls of programming language x, how to install Linux distribution ynix, or what happened at political protest z are hardly useful when talking about internet piracy and/or mentioning drug dealing, which are both areas I have next to no experience in, I'm rather happy to report.
I was only citing references to avoid giving the impression that I DID have experience in areas where I did not. Notice how I didn't start my conversation with "I r teh 1337 w4r3z d00d and it wurks liek tihs" (no offense intended toward people actually in the warez community). I started my discussion on warez with the phrase "as I understand it."
The only reason I didn't initially mention Means' book is that I was using it as an analogy, and as a result I thought it was so far off-topic that it shouldn't really matter whether the information was accurate as long as the intention got through.
My use of "mules" in this instance comes from Richard Means' autobiography, "Where White Men Fear to Tread." As a result, it's several decades out of date, but I assumed the basic terminology was the same. It may come down to his erroneous use of the term, though, as I've not come across it anywhere else.
Regardless of my use of the term, the point remains. In any organized operation, the lower-level members are more likely to take the heat when something goes wrong. This applies to the corporate world, hobbyist warez addicts, and the illicit underground economy.
Now, by my count, this post should be modded down for being both redundant and off-topic. So I'd say it's high time I stop posting.
"Who cares about these people?"
Copyright holders.
But seriously... not everyone derives the most enjoyment in their lives from "going out and getting some ass."
Do that many people really forget to grow up after their college frat boy days?
Yes, you do. This is straight from any Introductory Computer Systems or Assembly Language class.
The Memory Hierarchy:
1. Register File
2. Processor Cache (L1 & L2 if applicable)
3. Primary Memory (you call that RAM sometimes, although a RAM Drive on a hard disk would ALSO count here)
4. Secondary Memory (local disks are here)
5. Tertiary Memory (network drives and such)
And for hard drives, it's usually spelled "disk."
Yes. It is obvious. Which might be why no one else said it.
Granted, the obvious needs to be stated pretty often; in my estimation, people don't seem able to grok many things that are, to my mind, pretty blatant.
See the 2600 article I mentioned in the grandparent ("A Guide to Internet Piracy" from 21:2) for a slightly more realistic, and much less reactionary, portrayal of the Warez community in it's current state.
The problem, of course, is that 2600's readership is a fraction of Wired's readership... and the most common readers of both magazines are in the same community (by which I mean they are tech/geek types). I don't know if said readers would agree with that statement, but oh well.
That's because you were what is called a "mule" in the world of drug dealing. A mule is the low-end pusher/dealer, the person that deals with individual users, and always the fall guy. Not that I'm saying file sharing and drug dealing are analogous...
In the warez community, as I understand it, you were probably either an "IRC/P2P Kiddie" or a "Racer" (if you got into sitetrading). Both of these are fairly easy to spot (from the perspective of syndicates like the RIAA & MPAA and the feds) because you are moving a lot of copyrighted data in plain text, with unobscured filenames. Until the very recent past, these "middlemen" were seen as fairly harmless by the FBI & co.
Before the MPAA/RIAA campaigns against end users came into play, you would have been given a slap on the wrist (which, it would seem, is what happened). If you were doing the same stuff today, your personal information might have undergone the subpeona process the RIAA & MPAA have become infamous for, and you might have faced a civil suit and/or criminal charges. Consider yourself lucky to have gotten caught back then!
(Most of my information comes from the article "A Guide to Internet Piracy" in 2600 Magazine, issue 21:2. It looks to be the same information, pretty much, as the Wired article mentioned in the top post, although I admit I have not RTFA. This is slashdot, after all...)
It's a good thing you write in Java for a living. If you were writing in English, you'd be fired.
Well, actually, you just described the serial transfer protocol used to get data from the keyboard, not the keyboard itself.
Microsoft will, of course, patent both.