DOCSLIB.ORG

2600: the Hacker Quarterly

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
2600: the Hacker Quarterly WHA Rf;.QLLY IJI.Q "Hac(.cing can get you in a who(e (0+ �ore +rout>(e than you +hink and if a co�p(ete(y creepy +hing +0 do." - lXlJ wet> page ai�ed a+ kidf +0 difcourage hacking (www.u5doj.!Jov/k.jd5pa!Je/do ..do nt/reck.(e55.ht�) s'rll If If 2600(lSSN 0749-3851) is published Editor-In-Chief quarterly by 2600 Enterprises Inc. Emmanuel Goldstein 7 Strong's Lane, Setauket, NY 11733. Second class postage permit paid at lavoUI and Design shapeSHIFTER Setauket, New York. Cover Design snc. The Chopping Block Inc. POSTMASTER: Send address changes to OfficeManager P.O. Box 752, Middle Island. NY Tamprut 2600, 11953-0752. Wrilers:Bernie S .. Billst. Blue Whale. Copyright (c) 1999 2600 Enterprises. Inc. Noam Chomski. Eric Corlev. Dr. Delam. Yearly subscription: U.S. and Canada - Derneval. Nathan Dortman. John Drake. $18 individual, $50 corporate (U.S. funds). Paul Estev. Mr. French. Thomas Icom. Joe630. Kingpin. Mm. Kevin Mitnick. The Overseas - $26 individual. $65 corporate. Prophet. David Ruderman. Seraf. Silent Back issues available for 1984-1998 at $20 Switchman. Scott Skinner. Mr. Upsetter per year. $25 per year overseas. Individual issues available from 1988 on Webmaslers:Kerrv. Macki at $5 each. S6.25 each overseas. Nelwork Ooeralions:CSS.lzaac Broadcasl Coordinalors: Juintz. ADDRESS ALL Shihlock. AbsoluteO. silicon. cnote. Anakin SUBSCRIPTION CORRESPONDENCE TO: IRC Admins:autojack. ross 2600 Subscription Dept., P.O. Box 752. Insoiralional Music: Joe Strummer. Middle Island. NY 11953-0752 Svd Barrett. real earlv Flovd. Ron Geesin ([email protected]). ShoUI OUIS: Hippies From Hell. etov. claudus. The Stony Brook Press. 112. FOR LETTERS AND ARTICLE www.indvmedia.org.Studio X. and everyone who stood UP in Seallle SUBMISSIONS, WRITE TO: RIP: Krvstalia 2600 Editorial Dept., P.O. Box 99, Middle Island, NY 11953-0099 Good luck: Nahali ([email protected], [email protected]). 2600 Office Line: 516-751-2600 2600 FAX Line: 516-474-2677 Viulencer Vandalsr Victims As the 90's fade into history, it's not down the USIA for eight days. This is how likely the unhealthy trends of our society long it took them to lnstall decent security, will do the same anytime soon. In many something they had never bothered to do In ways we've become practically enslaved to the first p1ace:He didn't take away their se­ the corporate agenda, to the great detriment curity - fhey never had it to begin with. But of the individual. this fact wasn't seen as relevant In any of the The signs have been around for a while. stories that ran. And what about the act of You've seen them repeatedly in these pages. taking a oung person away from his People interested in technology who ask100 friends an family for more than a year and many: questions or probe too aeeply or thor­ forcing himJ to live with potentially danger­ ougnly are seen as a threat because they ous cnminals? Well... that's justice. might adversely affect profits or embarrass In both cases that which is most precious those in authonty. The net has steadily been to our society - the individual- was made to transforming from a place where freedom of suffer because their actions and form of ex­ speech is paramounf to one where it all re­ pression caused humiliation of some greater volves around the needs of business. power. We've seen this before in the hacker Now there's nothing wrong with com­ world with Bernie S. and Kevin Mitnick mprce, people making a profit, or even peo­ (who is at last scheduled for release on Janu­ ple wHo just don't care about the thIngs ary 21, 2000). Peor.le who go to forbidden others value. After all, there's room for all places, utter. forbiad�n speech, or are just types in the world as well as on the net. But seen as an Inconvemence are stepped on, that's not how it's panning out. Increasingly, abused, even tortured. the needs of the individual are bein� saCrI­ Why: punish such relatively harmless in­ ficed for the needs of big business. "Corpo­ dividuals, whether they be hackers or rate mentalitv is replacIng our sense of demonstrators, with such passionate individual liberty. And ifs pointing us vengeance? Could it be that their very exis­ down a very dark road. tence constitutes a real threat that the au­ Consider things that have happened in thorities have no idea how to handle? the very recent past. In Seattle, the disparities between what A teenage hacker from Washington State happened and what was reported were al­ pleaded guilty to hacking several prominent mos1 comical - vandalism of commercial government web sites, including the White property being reported as violence whereas House and the United States Tnformation viofence agaInst individuals was mostly Agency. Despite there being no damage glossed over, with the exception of certain caused to any: of the sites (apart from embar­ foreign and alternative media. What kind of rassment ana having the index.html file re­ a sOCiety are we turning into when commer­ named), the government felt that 15 months cial losses are more important than the hu­ in prison ana a $40,000 fine was appropri­ man injuries? How couId the good people of ate. Rej?orts say: he could have gotten 15 years Time/Warner (CNN) have missed this? Or and a $"250,000 fine. Microsoft and General Electric (MSNBC)? Later that same month coincidentally in Or even Disney !ABC)? Why would SUCh the same state, police fired tear gas and shot bastions of journalism Ignore the real story:? rubber bullets at a crowd of peaceful Were they maybe more concerned with demonstrators who were protesting the whether the WTO would continue to look World Trade Organization's meeting in Seat­ out for them and their interests? tle. Many said it was the worst civIl unrest We ma indeed have developed a horri­ since Vietnam. bly cynicar outlook on society. fi's hard not At first glance, you might not think these to when things like this are so often toler­ stories have very much to do with one an­ ated. But the flipside is that our view of the other. But when you analyze them a little individual has only strengthened. If there's more closely, it's not difficult to see that they one thing we've learned from recent events, are both symptoms of the same disease. it's that people aren't as brain dead as we Much of the un\Jfovoked brutality in­ were led to Believe. People do care, they are flicted by the Seattle Police went unre­ paying attention, and tHey see the ominous ported, despite the abundance of sound and fanes of the future. Few persons seem to r.icture images. But every major network trust the government anymore, big business dutifully ran a story about the "violent anar­ is increaSIngly seen as a threat to our free­ chists" who started all the trouble. In the dom, and individual troublemakers are fill­ end, whenever the word "violence" was ing our expanding prison system. mentioned, one thought only of those peo­ It's nof very difficult to see how we got ple. to this sorry state. All of the mergers and Zyklon caused no damage to any of the consolidation of power have carried a heavy systems he got into. Yet tfie mass media and inevitable price. The real question IS painted him as someone dangerous. He re­ how do we regaIn control of our destinies? named a file. But all reports say that he shut 'smU'."'S.1,1.'tI,'*}1 Winter 1999-1900 Page S files on the 0.62 boot disk. Follow the in­ structions for unzipping and making the The fOllo�Tn��Ws described boot disk and the data disk. If you can't for the purposes of education. I'm aware get this far, you have no business doing this procedure could be and has been this in the first place. used to circumvent the security of any When this is done, copy ntfs.o to the Windows NT machine which the user has boot disk, edit the Modules file, add the physical access to. I do not condone the line "ntfs" to it (no quotes), and save the use of this information for illegal pur­ file. At this point it is best if you boot the poses, nor am I responsible for anything disk a few times, first to test it and sec­ stupid anyone does with this information. ond to get familiar with what will happen NTFS support in Linux is still Beta, read­ and how Trinux will respond to com­ ing and copying from the drive is safe, mands given it. This way there are no but copying to the drive is an "at your sunrises. own risk" deal. WHAtl'JERt Now take the two floppies to the ma­ �One of the many misconceptions about Windows NT is that it's a secure chine you want to access. Boot the first operatin9 system and that by formatting disk. When it asks if you have a data disk, a disk with NTFS and properly setting put in the second disk and type "y" then permissions, nobody can access the in­ hit return. It will then ask you again. Type formation on that disk without permission "n" and hit return. to do so. When it is finished booting, you will There are two problems with this the­ have a "Trinux 0.61" prompt. Type "ins­ ory.
Load more

Recommended publications
  • Unity Conference, Num- Stay Afloat.” Diversity Be a Fad
    TW MAIN 07-21-08 A 19 TVWEEK 7/17/2008 4:33 PM Page 1 SPOTLIGHT ON THE ELECTION TELEVISIONWEEK July 21, 2008 19 BARACK OBAMA’S HISTORIC PRESIDENTIAL BID A HOT TOPIC AT UNITY ... PAGE 20 INSIDE SPECIAL SECTION Keynote Speaker Abdoulaye Wade, President of Senegal NABJ’S Outlook Leaders of the National Association of Black Journalists say the group is focused on the challenge of NewsproTHE STATE OF TV NEWS tough economic times. Page 22 Top Issue for NAHJ Immigration reform remains a key theme for the National Association of Hispanic Journalists. Page 24 Fighting Stereotypes Arab American journalists talk about how 9/11, the war in Iraq and attitudes toward the Middle East affect their work. Page 25 A Broad Spectrum How the AAJA serves its diverse membership while fighting for fairness and accuracy. Page 26 Covering China Bringing the Olympics to a Chinese audience in the U.S. Page 27 Small but Dedicated Native American journalists make sure they’re heard despite their COLORCOLOR relatively small numbers. Page 28 UNITY ‘08 What: Joint conference of the IT UNITY four major associations repre- senting journalists of color, Ebony’s Monroe Explains the Plan as 10,000 held every four years Journalists of Color Gather in Chicago Where: McCormick Place West, Chicago Once every four years the four biggest associations Q&A for journalists of color join forces for a major conference, When: July 23-27 billed as the largest gathering of journalists in the nation. Who: Presented by Unity: Nearly 10,000 participants are expected this week for Unity ’08, tak- Journalists of Color, a coali- ing place July 23-27 at McCormick Place West in Chicago.
    [Show full text]
  • The Pulitzer Prizes 2020 Winne
    WINNERS AND FINALISTS 1917 TO PRESENT TABLE OF CONTENTS Excerpts from the Plan of Award ..............................................................2 PULITZER PRIZES IN JOURNALISM Public Service ...........................................................................................6 Reporting ...............................................................................................24 Local Reporting .....................................................................................27 Local Reporting, Edition Time ..............................................................32 Local General or Spot News Reporting ..................................................33 General News Reporting ........................................................................36 Spot News Reporting ............................................................................38 Breaking News Reporting .....................................................................39 Local Reporting, No Edition Time .......................................................45 Local Investigative or Specialized Reporting .........................................47 Investigative Reporting ..........................................................................50 Explanatory Journalism .........................................................................61 Explanatory Reporting ...........................................................................64 Specialized Reporting .............................................................................70
    [Show full text]
  • Internet Evidence Finder Report
    Patrick Leahy Center for Digital Investigation (LCDI) Internet Evidence Finder Report Written and Researched by Nick Murray 175 Lakeside Ave, Room 300A Phone: 802/865-5744 Fax: 802/865-6446 http://www.lcdi.champlin.edu July 2013 IEF Report 6/28/2013 Page 1 of 33 Patrick Leahy Center for Digital Investigation (LCDI) Disclaimer: This document contains information based on research that has been gathered by employee(s) of The Senator Patrick Leahy Center for Digital Investigation (LCDI). The data contained in this project is submitted voluntarily and is unaudited. Every effort has been made by LCDI to assure the accuracy and reliability of the data contained in this report. However, LCDI nor any of our employees make no representation, warranty or guarantee in connection with this report and hereby expressly disclaims any liability or responsibility for loss or damage resulting from use of this data. Information in this report can be downloaded and redistributed by any person or persons. Any redistribution must maintain the LCDI logo and any references from this report must be properly annotated. Contents Introduction ............................................................................................................................................................. 5 Prior Work: .......................................................................................................................................................... 7 Purpose and Scope: ............................................................................................................................................
    [Show full text]
  • Coleman-Coding-Freedom.Pdf
    Coding Freedom !" Coding Freedom THE ETHICS AND AESTHETICS OF HACKING !" E. GABRIELLA COLEMAN PRINCETON UNIVERSITY PRESS PRINCETON AND OXFORD Copyright © 2013 by Princeton University Press Creative Commons Attribution- NonCommercial- NoDerivs CC BY- NC- ND Requests for permission to modify material from this work should be sent to Permissions, Princeton University Press Published by Princeton University Press, 41 William Street, Princeton, New Jersey 08540 In the United Kingdom: Princeton University Press, 6 Oxford Street, Woodstock, Oxfordshire OX20 1TW press.princeton.edu All Rights Reserved At the time of writing of this book, the references to Internet Web sites (URLs) were accurate. Neither the author nor Princeton University Press is responsible for URLs that may have expired or changed since the manuscript was prepared. Library of Congress Cataloging-in-Publication Data Coleman, E. Gabriella, 1973– Coding freedom : the ethics and aesthetics of hacking / E. Gabriella Coleman. p. cm. Includes bibliographical references and index. ISBN 978-0-691-14460-3 (hbk. : alk. paper)—ISBN 978-0-691-14461-0 (pbk. : alk. paper) 1. Computer hackers. 2. Computer programmers. 3. Computer programming—Moral and ethical aspects. 4. Computer programming—Social aspects. 5. Intellectual freedom. I. Title. HD8039.D37C65 2012 174’.90051--dc23 2012031422 British Library Cataloging- in- Publication Data is available This book has been composed in Sabon Printed on acid- free paper. ∞ Printed in the United States of America 1 3 5 7 9 10 8 6 4 2 This book is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE !" We must be free not because we claim freedom, but because we practice it.
    [Show full text]
  • Faith Engaging Culture.” Indeed, the Programs of the Buechner Institute Are an Invitation to Keep the Investigation Invigorated, an Exhortation to Wakefulness
    Faith Eugene Peterson Eugene — — imagined venture.” imagined Bristol,TN37620 1350 KingCollegeRoad The “The Buechner Institute is a wonderfully wonderfully a is Institute Buechner “The Director, The Buechner Institute Buechner The Director, BUECHNER INSTITUTE Institute Buechner The Director, Culture Engaging Dale Brown Dale Dale Brown Dale Blessings, Blessings, to drop on in. on drop to Engaging Engaging Faith Faith matter. Hoping for an occasional lightning strike, we invite you you invite we strike, lightning occasional an for Hoping matter. Again this year, we invite you to conversation on matters that that matters on conversation to you invite we year, this Again commenting on the present—paying attention. present—paying the on commenting Culture future, the on ecting refl past, the to listening experience, cultural to wakefulness. That’s what we are up to here, clarifying our our clarifying here, to up are we what That’s wakefulness. to invitation to keep the investigation invigorated, an exhortation exhortation an invigorated, investigation the keep to invitation culture.” Indeed, the programs of the Buechner Institute are an an are Institute Buechner the of programs the Indeed, culture.” series of presentations under the general rubric: “faith engaging engaging “faith rubric: general the under presentations of series Such considerations strike me as excellent fare for a thoughtful thoughtful a for fare excellent as me strike considerations Such this time and place? and time this today, the present. What sort of people ought we to be in in be to we ought people of sort What present. the today, the future. And we get up most mornings wondering about about wondering mornings most up get we And future.
    [Show full text]
  • Convention Preview
    CONVENTION PREVIEW National Association of Black Journalists • July 2002 • $2.50 27th ANNUAL CONVENTION & JOB FAIR July 31 - August 4 Midwest Express Center BRING IT ON Wisconsinisconsin BlackBlack MediaMedia AssociationAssociation isis ReadyReady forfor PrimePrime TimeTime DROP IN YOUR NON- PROFIT INDICIA Write for the Journal! NABJ Journal — the official publication of the National Association of Black Journalists NABJ Journal, the news magazine of the National Association of Black Journalists, is back with a commitment to serving its readers. But we need you, too. Contribute to the Journal with fascinating stories focusing on the journalism industry, news, trends and personalities affecting African American journalists. To submit stories or ideas, photos or letters, call (301) 445-7100; fax to (301) 445-7101 or e-mail [email protected]. JULY 2002 VOL. 20 NO. 2 OFFICIAL PUBLICATION OF THE NATIONAL ASSOCIATION OF TABLE OF BLACK JOURNALISTS NABJ Contents Publisher Condace Pressley Editor Rick Sherréll Copy Editors Andre Bowser Sharyn Flanagan Diane Hawkins Jon Perkins Lamar Wilson Contributing Writers Stephania Davis Errin Haines Eugene Kane M.L. Lake Gregory Lee Richard Prince Layout & Design Carolyn Wheeler CEW Productions NABJ Officers African World Festival, Milwaukee, Wisc. Aug. 2-4 President Condace Pressley WSB Radio (Atlanta) Vice President - Vice President - Features Broadcast Print Columns Mike Woolfolk Bryan Monroe From the President 2 WACH-TV (Columbia, S.C) San Jose Mercury News CONVENTION PREVIEW: To Our Readers 3 Secretary Treasurer Career-Wise 16 Gregory Lee Glenn E. Rice The Washington Post The Kansas City Star No longer Ol’ Milwaukee Departments Parliamentarian Immediate The evolution of a Genuine Sharyn Flanagan Past President Chapter Spotlight 5 American City .
    [Show full text]
  • Library COLUMNS January 2006 Vol
    Library COLUMNS January 2006 Vol. 4 No. 23 Pulitzer Prize winner Leonard Pitts to Speak at UNCG Friends of the Library Dinner March 20 Leonard Pitts, Jr. – columnist, The dinner will be held in Cone Ballroom in Elliott Univer‐ author, and Pulitzer Prize sity Center. Tickets are now on sale through the University winner – will headline the Box Office. The price is $35 for members and $45 for non‐ annual Friends of the Library members. Tickets for the presentation only are available dinner March 20. for $10. Parking is available in the Walker Avenue Parking Deck. Pitts, who won the Pulitzer Prize for commentary in 2004, Special thanks to The News and Record , the presenting spon‐ started his career as a former sor for the event. writer for Casey Kasemʹs ra‐ dio program ʺAmerican Top UNCG Friends of the Library Dinner 40.ʺ The Miami Herald hired With Leonard Pitts, Jr. him in 1991 as a pop music critic, but by 1994 he was Monday, March 20, 2006 writing about race and cur‐ 6 p.m. Program begins at 8 p.m. rent affairs in his own column in the Cone Ballroom in Elliott University which was syndicated nationally. His 1999 book Becoming Center on the UNCG campus. Dad: Black Men and the Journey to Fatherhood was a bestseller. Leonard Pitts was born and raised in Southern California. Tickets for the reception, dinner and pro- Since 1995, he has lived in Bowie, Maryland, a suburb of gram are $35 for members and $45 for non- Washington, D.C., with his wife and five children.
    [Show full text]
  • Introduction to Online Sexual Exploitation Curriculum 1 Safe Online Outreach Project Learning Objectives
    Introduction To Online Sexual Exploitation: Curriculum February 2003 Safe OnLine Outreach Project © M. Horton 2003 Safe OnLine Outreach Project Acknowledgements This document is the result of many hours of hard work and dedication. I'd like to thank Renata Karrys, Jaynne Aster, Nikki O'Halloran, Charlaine Avery, Lisa Ingvallsen and Elizabeth Nethery for their support and assistance in producing this document. Additionally the SOLO Advisory Committee, the Canadian National Crime Prevention - Community Mobilization Program, the Vancouver Foundation, Athabasca University/MediaCan and Parents Against Sexual Abuse have all been instrumental in turning this idea into a Project. Lastly, David and Conor have been silent contributors to this project since it began. Their support is woven into each page. Merlyn Horton SOLO Project Coordinator February 2003 Safe OnLine Outreach Project February 3, 2003 Introduction to the Curriculum Dear Reader, The curriculum you hold in your hands was produced in a former pottery studio in the middle of a coastal rain forest in British Columbia, Canada; the physical launch pad for this examination of a virtual issue. It is the result of three years of research. This introduction is intended to outline a context for the curriculum and to give you an overview of how to use this curriculum, who should present this curriculum and how appropriate audiences might be chosen. Context The philosophical foundation for this curriculum, and indeed for the Safe OnLine Outreach Project, is the United Nations Convention on the Rights of the Child (CRC)1. The CRC is one of four Conventions created by the United Nations to further the goal of recognizing the inherent dignity and rights of all members of the human family2.
    [Show full text]
  • Sample Chapter
    5674ch01.qxd_jt 9/24/03 8:44 AM Page 1 11 TheThe OnlineOnline WorldWorld 5674ch01.qxd_jt 9/24/03 8:44 AM Page 2 Today’s online world has changed dramatically in the last decade. Back then, online to the average user meant a telephone connection directly to either another computer or to an online service, such as CompuServe or AOL. The Internet now dominates all online activity. In popular parlance, the Internet is synonymous with the World Wide Web, although it is much more, as we’ll explain in this book. The Internet can be described generally as a “network” of networks. It is a transportation vehicle for applications. In fact, the visual representations of the Net look like a road map. If lines are drawn between each connection, between larger and larger connections, and between smaller and smaller ones, the end result is a web of connections—a virtual road map. This book is divided into four rough sections. The first is for beginners. It is to get anyone up to speed quickly with the information needed about the Web. Each chapter has recommended Web sites (to type the address, or Uniform Resource Locator [URL] into your Web browser) to help direct you. The second section has more detailed information about downloads, email, secu- rity, and information on virus protection. The third part is about how to create a Web site, Web tools, blogging, and what you can add to your Web site (such as streaming media, RSS feeds, and XML, among other things). The fourth part is by far the densest.
    [Show full text]
  • News Censorship Dateline
    NEWS CENSORSHIP DATELINE LIBRARIES In his October video, Dorr reads To fight back against the self- Coeur D’Alene, Idaho a blog post titled “May God and the anointed censor, the library is display- Books that a patron judged to be crit- Homosexuals of OC Pride Please For- ing the recently found missing movies ical of President Donald Trump disap- give Us!” from his website, which he with a sign that reads: “The Berkley peared from the shelves of the Coeur calls “Rescue The Perishing.” The Public Library is against censorship. d’Alene Public Library. video ends with Dorr burning Two Someone didn’t want you to check Librarian Bette Ammon fished this Boys Kissing, a young adult novel by these items out. They deliberately hid complaint from the suggestion box: David Levithan; Morris Micklewhite all of these items so you wouldn’t find “I noticed a large volume of books and the Tangerine Dress, a children’s them. This is not how libraries work.” attacking our president. And I am book about a boy who likes to wear a Arnsman said the most recent Fifty going to continue hiding these books tangerine dress, by Christine Balda- Shades movie, Fifty Shades Freed, was in the most obscure places I can find cchino; This Day In June, a picture noticed missing in mid-June. A year to keep this propaganda out of the book about a pride parade, by Gayle ago, she said, the second of three Fifty hands of young minds. Your liberal E. Pitman, and Families, Families, Fam- Shades movies, Fifty Shades Darker, angst gives me great pleasure.” ilies! by Suzanne and Max Lang, about also went mysteriously missing.
    [Show full text]
  • Exinda Applications List
    Application List Exinda ExOS Version 6.4 © 2014 Exinda Networks, Inc. 2 Copyright © 2014 Exinda Networks, Inc. All rights reserved. No parts of this work may be reproduced in any form or by any means - graphic, electronic, or mechanical, including photocopying, recording, taping, or information storage and retrieval systems - without the written permission of the publisher. Products that are referred to in this document may be either trademarks and/or registered trademarks of the respective owners. The publisher and the author make no claim to these trademarks. While every precaution has been taken in the preparation of this document, the publisher and the author assume no responsibility for errors or omissions, or for damages resulting from the use of information contained in this document or from the use of programs and source code that may accompany it. In no event shall the publisher and the author be liable for any loss of profit or any other commercial damage caused or alleged to have been caused directly or indirectly by this document. Document Built on Tuesday, October 14, 2014 at 5:10 PM Documentation conventions n bold - Interface element such as buttons or menus. For example: Select the Enable checkbox. n italics - Reference to other documents. For example: Refer to the Exinda Application List. n > - Separates navigation elements. For example: Select File > Save. n monospace text - Command line text. n <variable> - Command line arguments. n [x] - An optional CLI keyword or argument. n {x} - A required CLI element. n | - Separates choices within an optional or required element. © 2014 Exinda Networks, Inc.
    [Show full text]
  • DMK BO2K8.Pdf
    Black Ops 2008: It’s The End Of The Cache As We Know It Or: “64K Should Be Good Enough For Anyone” Dan Kaminsky Director of Penetration Testing IOActive, Inc. copyright IOActive, Inc. 2006, all rights reserved. Introduction • Hi! I’m Dan Kaminsky – This is my 9th talk here at Black Hat – I look for interesting design elements – new ways to manipulate old systems, old ways to manipulate new systems – Career thus far spent in Fortune 500 • Consulting now – I found a really bad bug a while ago. • You might have heard about it. • There was a rather coordinated patching effort. • I went out on a very shaky limb, to try to keep the details quiet – Asked people not to publicly speculate » Totally unreasonable request » Had to try. – Said they’d be congratulated here Thanks to the community • First finder: Pieter de Boer – Michael Gersten – 51 hours later – Mike Christian • Best Paper • Left the lists – Bernard Mueller, sec- – Paul Schmehl consult.com – Troy XYZ – Five days later, but had full – Others info/repro • Thanks • Interesting thinking (got close, – Jen Grannick (she contacted kept off lists) me) – Andre Ludwig – DNSStuff (they taught me – Nicholas Weaver LDNS, and reimplemented – “Max”/@skst (got really really my code better) close) – Everyone else (people know – Zeev Rabinovich who they are, and know I owe them a beer). Obviously thanks to the Summit Members • Paul Vixie • People have really been • David Dagon incredible with this. – Georgia Tech – thanks for • What did we accomplish? the net/compute nodes • Florian Weimer • Wouter Wijngaards • Andreas Gustaffon • Microsoft • Nominum • OpenDNS • ISC • Neustar • CERT There are numbers and are there are numbers • 120,000,000 – The number of users protected by Nominum’s carrier patching operation – They’re not the Internet’s most popular server! • That’s BIND, and we saw LOTS of BIND patching – They’re not the only server that got lots of updates • Microsoft’s Automatic Updates swept through lots and lots of users • Do not underestimate MSDNS behind the firewall.
    [Show full text]