Please create an account to participate in the Slashdot moderation system


Forgot your password?
Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Submission + - What is your best hacking and/or DOS story?

drfreak writes: I started using the Internet early in the upper 1980's. Back then most people didn't have direct access. We'd dial into a server instead which gave us shell accounts to play with and use text-based content such as UseNet and IRC.

Even with the net being that limited many of us forged our first attacks; often just to mess with our friends but sometimes also to punish an adversary. It was all in good fun back then and no real damage was intended. It also gave my friends at the time and myself a lot of new experience coding because it is always more fun to have a goal when writing a script or program than to just do "Hello World."

Ok, so I'll disclose my personal favorite: Hanging out on EFNet IRC a lot, I was always attracted to the misfits called "Operators" which actually ran (still do) the network and hanged out there. Many people (including myself) have tried and failed to hack that channel and kick all the operators out as a badge of honor. Knowing I didn't have the skill at the time to write a bot to do it, I took a bare-bones approach and read the IRC RFC looking for loopholes.

My Friends and I were so intent on hacking IRC we experimented with creating our own network of servers just to see how they operated. While doing that I had an epiphany that there was no limit on how many people can be listed in a -o message. The only limit was in the client, which was typically four.

So, I convinced a friend who was an IRCop to give me an O: line to test my new server. I then commenced to login via telnet masquerading as said server and de-op nearly everyone on #twilight_zone. The only thing which prevented my success was I was typing the list by hand and someone joined at the same time so didn't get de-opped. I was banned forever from that channel for managing to de-op a few dozen people in one line, but I still felt successful for pulling off something a regular bot could never do by my own hands in a telnet session. The only reason I wasn't banned from that network forever was out of respect for the research and attention it took to pull off the attack. I also had no idea what social engineering was back then but it was key to getting server-level access.

So what are your early benign hacks, folks?

Submission + - slashdot drives away people with beta 2

An anonymous reader writes: For many months now, people have been quietly redirected to slashdot's beta site ( Any negative feedback of the beta is ignored and/or disavowed. The majority of viewers do not like the beta — resulting in major loss of viewership.

Will slashdot alienate existing users of the site and keep pushing the beta OR will it keep the users and boot the beta?

Submission + - Swirls in the Afterglow of the Big Bang Could Set Stage for Major Discovery (

sciencehabit writes: Scientists have spotted swirling patterns in the radiation lingering from the big bang, the so-called cosmic microwave background. The observation itself isn't Earth-shaking, as researchers know that these particular swirls or "B-modes" originated in conventional astrophysics, but the result suggests that scientists are closing in on a much bigger prize: B-modes spawned by gravity waves that rippled through the infant universe. That observation would give them a direct peek into the cosmos' first fraction of a second and possibly shed light on how it all began.

Submission + - UK and Canada Internet Censorship Madness (Hangout On Air) (

Lauren Weinstein writes: This Hangout On Air is scheduled to discuss UK Prime Minister David Cameron's expanding plans for broad Internet censorship, content blocking, flagging, and criminalization in the UK (and his increasingly confused and ignorant responses to questions about his plans) plus similar proposals that are now being made in Canada. What are the implications of these ideas for civil rights and free speech in these nations and in other countries around the world?

Submission + - Lenovo computers banned from top secret networks (

An anonymous reader writes: Since Lenovo bought out IBM's PC division its computers have been blacklisted by the secret services of the US, UK, Canada, Australia and New Zealand because evidence was found that security vulnerabilities had been left hidden, which could have allowed "back door" entry.
It is essentially a fresh example, after Huawei of Western governments refusing to deal with Chinese tech companies due to spying concerns.

Submission + - Famed Hacker Barnaby Jack Dies Days Before Black Hat Conference (

wiredmikey writes: A shocking and sad day today in the security industry. Well known hacker Barnaby Jack has passed away, sending a shock through the security community. Jack, a famed white hat hacker, was scheduled to present at the Black Hat conference on Tuesday, and present research on vulnerabilities in implantable medical devices.

Shocked reactions hit the Twittersphere on Friday, as many in the industry conveyed their condolences, shock, and even disbelief, hoping new of the death was some sort of hoax.

"I just wake up and heard this, really sad, I can't believe this, no words," Cesar Cerrudo, CTO, IOActive Labs, said in an email to SecurityWeek.

Barnaby Jack is probably best known for his ATM hacking demonstrations, which he likes to refer as “Jackpotting”, and has performed at a few conferences, including a demonstration at Black Hat 2010 that got media attention around the world.

The San Francisco Medical Examiner's office told to Reuters that Jack had died in San Francisco on Thursday, but did not provide additional details.

Submission + - Feds demand user passwords (

An anonymous reader writes: Following the /. story on the Feds demanding the SSL keys, now the feds are demanding the user passwords, and in some cases, the encryption algorithm and salt

If the government is able to determine a person's password, which is typically stored in encrypted form, the credential could be used to log in to an account to peruse confidential correspondence or even impersonate the user. Obtaining it also would aid in deciphering encrypted devices in situations where passwords are reused.


Some of the government orders demand not only a user's password but also the encryption algorithm and the so-called salt, according to a person familiar with the requests. A salt is a random string of letters or numbers used to make it more difficult to reverse the encryption process and determine the original password. Other orders demand the secret question codes often associated with user accounts.

I'm next expecting to see the regulation or law demanding that all users use plain text for all web transactions, to catch terrorists and for the children

Submission + - Hallibuton pleads guilty to destorying simulation data from 2010 Gulf oil spill (

An anonymous reader writes: Oilfield services giant Halliburton will plead guilty to destroying computer test results that had been sought as evidence in the Deepwater Horizon disaster, the Justice Department announced Thursday. Company officials threw out test results that showed "little difference" between the number of devices Halliburton said was needed to center the cement casing in the well at the heart of the disaster and the number well owner BP installed, according to court papers. The issue has been key point of contention between the two companies in hearings and litigation ever since the April 2010 blowout. BP and Halliburton are still battling over responsibility for the disaster in a New Orleans federal courtroom. BP had no comment on the plea agreement Thursday evening.

Submission + - Free Font Helps People with Dyslexia (

Thornburg writes: There is a free font available which has been designed to make it easier for people with dyslexia to read. DailyTech has a piece which pulls together a BBC interview and blog postings by the designer, Abelardo Gonzalez, who received a C&D letter from another font designer who charges $69 for his dyslexia related font.

Submission + - Yet another call for abolishing patents, this one from the Fed ( 1

WOOFYGOOFY writes: The most recent call for curtailing patents comes not just from an unexpected source, the St. Louis Fed, but also in its most basic form- total abolition of ALL patents.

Via the Atlantic Monthly,

a new working paper from two members of the St. Louis Federal Reserve, Michele Boldrin and David Levine:

in which they argue that while a weak patent system may mildly increase innovation with limited side-effects, such a system can never be contained and will inevitably lead a stifling patent system such as that presently found in the U.S.

They argue: "...strong patent systems retard innovation with many negative side-effects. and ..political demand for stronger patent protection comes from old and stagnant industries and firms, not from new and innovative ones. Hence the best solution is to abolish patents entirely through strong constitutional measures and to find other legislative instruments, less open to lobbying and rent-seeking".

They acknowledge that some industries could suffer under a such a system, they single out pharma, and suggest that other legislative measures be found to foster innovation whenever there is clear evidence that laissez-faire under-supplies it.

Submission + - Recent AVG 2011 update causes widespread problems (

phx_zs writes: Last night's mandatory update of AVG 2011 Free edition has caused most 64bit Windows 7 PCs to fail while loading windows. On their website they have an FAQ with instructions on how to repair the issue using a boot CD or USB device."

Submission + - Competitor threatens suit - counter DMCA takedown?

An anonymous reader writes: Zen Magnets, a maker of neodymium magnets, has been under assault by the much larger and better distributed Buckyballs, a maker of a nearly identical toy. After Zen Magnets listed a couple of eBay auctions with a set of Buckyballs and a set of their own, asking customers to decide which was higher quality, Buckyballs replied with a legal threat. Zen Magnets responded with an open video response, in which they presented the voicemail from Buckyballs and demonstrated their claims of quality through repeatable, factual tests, providing quantitative data to back up their assertions.

Soon after, Buckyballs CEO Jake Bronstein got the video taken down from Youtube via a DMCA takedown, despite the fact that the only elements not made by Zen Magnets are the voicemail he left and some images of himself, which are low resolution and publicly available online.

Zen Magnets is now asking for help as they don't know what to do. It's appalling and I can't imagine that it is infringing, but I am not a lawyer. What would you do in this scenario?

(I am affiliated with neither company, although Thinkgeek sells Buckyballs...Slashdot & ThinkGeek share a corporate overlord.)

Submission + - Open Source Music Fingerprinter C&D'd (

Nushio writes: The code wasn't even released, and yet Roy van Rijn, a Music & Free Software enthusiast received a C&D from Landmark Digital Services, owners of Shazam, an Android application that allows you to find a song, by listening to a part of it. And if that wasn't enough, they want him to take down his blog post (Google Cache) explaining how he did it because it "may be viewed internationally. As a result, [it] may contribute to someone infringing our patents in any part of the world".

Submission + - Hotels the industry leader in credit card theft. (

katarn writes: A study released this year found that 38 percent of the credit card hacking cases last year involved the hotel industry. At hotels with inadequate data security, the greatest amount of credit card information can be obtained using the most simplified methods. It doesn’t require brilliance on the part of the hacker. Most of the chronic security breaches in the hotel industry are the result of a failure to equip, or to properly store or transmit this kind of data, and that starts with the point-of-sale credit card swiping systems.

The trouble with being poor is that it takes up all your time.