Monday, April 25, 2005

Think outside the BOX

...Imagine two rooms. Between these two rooms is a solid brick wall.
We, as human being have been conditioned to believe that this wall
keeps us from moving from one room to the other. From the moment each
of us were born, we have been taught that we cannot move between these
rooms. We have been made to think according to predefined rules. We
think… in a box. Boxthinkers. Hacking - by any definition - is the art
of thinking outside of that box. To creatively formulate new,
unconventional ways to do things... Dennis Ritchie (the creator of C),
Linus Torvalds, the people at Xerox who invented the mouse. All became
who they were for thinking outside the box. Kevin Mitnick, Kevin
Paulson - accomplished the legendary computer and phone system break-
in they did for not being boxthinkers... Computer hacking does require
an amount of technical knowledge. That's why you're reading this.
That's why we are here. Arguably more important, though, is
creativity. Resourcefulness, and an open mind. When shown a brick
wall, know that it is possible to get into the other room - all you
have to do is figure out how....

Respect, X_bodo_X

at No comments:

Monday, April 11, 2005

The World's Most Hunted Hacker


KEVIN MITNICK

Feb. 21, 2000
Fifty-nine months in federal prison offers a certain perspective from which to view the recent disruptions in e-commerce. The person or group behind these attacks ought to consider my imprisonment and supervised release quite carefully. This is a hot story because of the targets involved, which include some of the biggest names in e-commerce. Denial-of-service attacks have been around for years, but the sexy victims in this case require the government to ensure public confidence in economic trade on the Net.

We're seeing the actions of apparent vandals--not hackers--who are using tools that hackers developed. No hacker I've ever heard of would do anything remotely resembling these attacks. I mean, it's not as though they have to "get root" on Yahoo's servers to do these things. Unless these people are extremely skilled, they'll be caught quite quickly. If these actions have economic gain as their motive, the perpetrators may have the resources to avoid arrest much longer.

If I could talk with the people carrying out these disruptions, I'd tell them that their actions just aren't the cool thing to do; these attacks aren't impressive. They require no sophistication. They are analogous to throwing paint remover on cars driving down the street, and they're getting a bunch of people angry. I've learned a very painful lesson--avoid any contact with the criminal-justice system, because it's a system that's stacked completely in favor of the prosecution.

If the terms of my release permitted me to do so, I'd tell the people running the sites that were hit three things, all of which they may have done by now: 1) use a network-monitoring tool to analyze the packets being sent to determine their source, purpose and destination; 2) place your machines on different subnetworks of the larger network in order to present multiple defenses; and 3) install software tools that use packet filtering on the router or fire wall to reject any packets from known sources of denial-of-service traffic.

As others have noted, the distributed nature of these attacks makes any defense far more difficult. It has also been apparent that the victims haven't been forthcoming in sharing their experience. This is quite unfortunate, as the best hope of stopping these attacks rests in sharing information about their technical nature, timing and origins. The scattered approach we're witnessing, I might point out, is a distinct contrast to the tightly coordinated efforts used to find and arrest me.

With history as our guide, we can expect that the government will use this event to push through legislation authorizing digital wiretapping without court orders, to outlaw encryption that the government cannot crack and to track the location of cell-phone users without their knowledge. They'll push laws that eliminate individual rights in exchange for more government "protection" against cybercrime.

Mitnick spent 4 1/2 years in pretrial detention before pleading guilty to wire and computer fraud. The opinions expressed here are for informational purposes only and should not be construed as technical advice of any kind.

(source : Times Magazine)
at No comments:

Saturday, April 09, 2005

SwordFish

United States, 2001
U.S. Release Date: 6/8/01 (wide)
Running Length: 1:38
MPAA Classification: R (Violence, profanity, nudity, sex)
Theatrical Aspect Ratio: 2.35:1
Seen at: Ritz East, Philadelphia

Cast: John Travolta, Hugh Jackman, Halle Berry, Don Cheadle, Vinnie Jones, Camryn Grimes, Sam Shepard, Zach Grenier
Director: Dominic Sena
Producers: Joel Silver, Jonathan D. Krane, Paul Winze
Screenplay: Skip Woods
Cinematography: Paul Cameron
Music: Christopher Young
U.S. Distributor: Warner Brothers


SwordFish

This is a great movie on Hacker. virus creating and hijack computer.
at No comments:

Operation TakeDown

Director: Joe Chappelle
Producer: John Thompson, Brad Weston
Screenwriter: David Newman, Leslie Newman, John Danza, Howard A. Rodman
Stars: Skeet Ulrich, Russell Wong, Angela Featherstone, Donal Logue, Christopher McDonald, Master P, Tom Berenger, Jeremy Sisto, Amanda Peet

MPAA Rating: R


Year of Release: 2000


Kevin Mitnick

For this film review, we begin with a history lesson. Kevin Mitnick stands as probably the most famous, the most notorious, and the most successful computer hacker of all time. After nearly 15 years of hacking (alternating with jail and probation time), he was finally apprehended for the last time in 1995, for a collection of tech crimes. and was released from prison in early 2000. (The story of his questionably legal incarceration is itself enough material for a book and a movie.) I interviewed Mitnick shortly after his release; today he's a computer security consultant (though he's not allowed to touch a computer as a term of his release).

Track Downwas produced shortly before Mitnick's release amid much controversy. Mitnick, as you might expect, is a cause celebre among the hacker community, while he's been vilified by the corporate and legal communities. The story of his long career as a hacker was the subject of two major books -- The Fugitive Game, written mainly from Mitnick's point of view, and Takedown, written by the man who captured him. The latter book (widely dismissed by the hacker community as propaganda) got optioned by Miramax, and against all odds, the Kevin Mitnick story became a movie, starring Skeet Ulrich as Mitnick and Russell Wong as Tsutomu Shimomura, the man who "captured" Mitnick and the co-author of Takedown.

But the story doesn't stop with the completion of the film, as Miramax never released it theatrically. (The making of the film was itself subject to a guerrilla documentary called Freedom Downtime, available here.) The film sat on shelves for nearly five years before getting a new (and rather lame) title and a direct-to-DVD release.

And here it is.

Track Down, if it had no basis in fact at all, wouldn't be much of a movie. It'd be the kind of thing you'd see on Showtime after hours, only the computer viruses and worms would come to life somehow. Thank God the film sticks to the guts of Mitnick's life -- although every company and character name (aside from Mitnick and Shimomura) is changed -- without ridiculously delving into the impossible. Sadly, though, the actual exploits of Mitnick are unrecognizable here among all the poetic license the filmmakers and screenwriters have taken. It's nearly impossible to figure out what company Mitnick is trying to hack, break into, or con. The facts are confused beyond hope of recognition. I can't imagine what someone unfamiliar with the proceedings is going to make of this.

The facts aside (and it's impossible to dispute the facts in Track Down, because there's no attempt to be accurate at all), Track Down is simply not a very good movie. Director Joe Chappelle has the unenviable task of helming this mess, having formerly directed a scant few films -- including Halloween 6 and Hellraiser 4 -- that couldn't have presented much of a challenge at all. With Track Down he must have found himself in a huge mess, stuck with a highly technical and convoluted plot and rising stars to coddle. You can almost hear him saying, "Ah, fuck it, let's just put a car chase in here." Mitnick's final hack is given the full Hollywood treatment as he attacks Shimomura's computer while the FBI closes in on his apartment building -- gasp! The pacing is stupid from both a pure storytelling and a historical point of view, though some of Mitnick's work as a social engineer will be of interest to those unfamiliar with the techniques.

Ulrich doesn't resemble Mitnick, though he manages to capture his cocky essence, and Wong's only resemblance to the long-locked Shimomura is the fact that he's Japanese. The supporting cast -- including Donal Logue as a heavily reimagined compatriot of Mitnick's and a scary as hell Angela Featherstone.(playing Shimomura's girlfriend) -- are hit and miss.

Ultimately the film will be of interest only to computer history enthusiasts, and then only as a curiosity. Some will find it laughable, others will find it insulting. I find it primarily a waste of time.



Just see the "Most famous Hacker" on earth in action.......
at No comments:

The Hitch

United States, 2005
U.S. Release Date: 2/11/05 (wide)
Running Length: 1:56
MPAA Classification: PG-13 (Sexual situations, profanity)
Theatrical Aspect Ratio: 2.35:1

Cast: Will Smith, Eva Mendes, Kevin James, Amber Valletta, Julie Ann Emery
Director: Andy Tennant
Producers: James Lassiter, Will Smith, Teddy Zee
Screenplay: Kevin Bisch
Cinematography: Andrew Dunn
Music: George Fenton
U.S. Distributor: Columbia Pictures



Just think this movie is so so so funny.

Watch it and you wil love it .
at No comments:
Subscribe to: Posts (Atom)

Setup Samba Server (Ubuntu)

If you want to share files between your Ubuntu and Windows computers, your best option is to use Samba file sharing. To install, first ope...