topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Tuesday March 19, 2024, 3:30 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: Everything Is Broken  (Read 20248 times)

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,884
    • View Profile
    • Donate to Member
Everything Is Broken
« on: May 22, 2014, 08:38 PM »
Once upon a time, a friend of mine accidentally took over thousands of computers. He had found a vulnerability in a piece of software and started playing with it. In the process, he figured out how to get total administration access over a network. He put it in a script, and ran it to see what would happen, then went to bed for about four hours. Next morning on the way to work he checked on it, and discovered he was now lord and master of about 50,000 computers. After nearly vomiting in fear he killed the whole thing and deleted all the files associated with it. In the end he said he threw the hard drive into a bonfire. I can’t tell you who he is because he doesn’t want to go to Federal prison, which is what could have happened if he’d told anyone that could do anything about the bug he’d found. Did that bug get fixed? Probably eventually, but not by my friend. This story isn’t extraordinary at all. Spend much time in the hacker and security scene, you’ll hear stories like this and worse.

It’s hard to explain to regular people how much technology barely works, how much the infrastructure of our lives is held together by the IT equivalent of baling wire.

Computers, and computing, are broken.








from Versioning


« Last Edit: May 22, 2014, 10:21 PM by app103 »

Edvard

  • Coding Snacks Author
  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 3,017
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #1 on: May 22, 2014, 10:16 PM »
Reminds me of a story I heard once where a girl working on some database stuff for a rather large company came across a vulnerability.  She dutifully reported it to her superiors, and after the money people figured out how much it would cost them to fix it, the management said (in a nutshell) "We're not going to fix it, and the bug is obscure enough that if our stuff gets hacked we know who to come looking for".

Also, this:
The IC [Intelligence Community] are some of the most surveilled humans in history. They know everything they do is gone over with a fine-toothed comb — by their peers, their bosses, their lawyers, other agencies, the president, and sometimes Congress. They live watched, and they don’t complain about it.

In all the calls for increased oversight, the basics of human nature gets neglected. You’re not going to teach the spooks this is wrong by doing it to them more.

Touché.  :(

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,646
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #2 on: May 22, 2014, 11:21 PM »
Also, this:
The IC [Intelligence Community] are some of the most surveilled humans in history. They know everything they do is gone over with a fine-toothed comb — by their peers, their bosses, their lawyers, other agencies, the president, and sometimes Congress. They live watched, and they don’t complain about it.

In all the calls for increased oversight, the basics of human nature gets neglected. You’re not going to teach the spooks this is wrong by doing it to them more.

Touché.  :(

Perhaps, but if the clowns in congress start getting fried by restaurant heat lamp level spotlights for some of their "perfectly innocent", "private" conversations ... The funding for the spook programs should start drying up rather quickly.

Internal oversight for the IC is less about toeing the line and more about pushing the envelop to see who find or create the stretchiest loophole without getting hung by it. It's nothing more than an orgy level CYA gangbang. Whose the pivot for this free-for-all..? We are!

We really just need a don't be that guy poster child to rally a grass roots movement behind to push these vermin out of their holes and into the sunlight where they can bloody well fry to death for all I care.

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 11,186
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #3 on: May 23, 2014, 07:46 AM »
We really just need a don't be that guy poster child to rally a grass roots movement behind to push these vermin out of their holes and into the sunlight where they can bloody well fry to death for all I care.
-Stoic Joker (May 22, 2014, 11:21 PM)

We've had them, to one extent or another.  They've gotten fried.  And people have just gotten more careful.

Everything is Broken?  Well yes... including the people.

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #4 on: May 23, 2014, 09:08 AM »
Dunno...That particular tale sounds just a little too neat and "made to order" to my ears.

There are a lot of these "I once knew a guy, who knew a guy, who knew a guy who hacked {insert details}" tales out there. And people in the IT and IT security communities are just as capable of spinning a "good story" as the next person. Especially if it'll get them a raise or an interview segment on PBS's Tell Me More.

But I suppose (ok I know) it's possible, so I'll give Quinn the benefit of the doubt about her article while I wonder how somebody could possibly compromise over 50,000 remote PCs so easily, and in such a short period of time, without creating so much as a ripple in the IT pond.

That guy must have been good. As in very good.  8)
« Last Edit: May 23, 2014, 09:20 AM by 40hz »

MilesAhead

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 7,736
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #5 on: May 23, 2014, 09:23 AM »
Hmm, I have no interest in hacking into sites... unless Halle Berry is working me over.  Instead of "Swordfish" that film should've been titled "Sword Swallower."  :)

There seems to be this myth that it's trivial to hack into systems.  I guess my I.Q. is much lower than I thought.  I've been programming for a long time and I can't even figure out how to add a dozen zeros to the end of my bank balance.  Talk about "free checking."  That account would pay you just for being there.  :)

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #6 on: May 23, 2014, 11:04 AM »
Hmm, I have no interest in hacking into sites... unless Halle Berry is working me over.  

Somehow I think you'd be interested in doing pretty much anything if the comely Ms. Berry were working you over. (Sometimes you gotta take the good with the bad, right?)  ;D:Thmbsup:

Check her out in The Cloud Atlas. I think I like the way she looks better with longer hair and scruffed up a bit. You? ;)




MilesAhead

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 7,736
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #7 on: May 23, 2014, 12:53 PM »
I thought she looked hottest in Bulworth.

HalleBerry_Bulworth.png

If they could get her to be twin sisters then I say legalize cloning.  ;)

TaoPhoenix

  • Supporting Member
  • Joined in 2011
  • **
  • Posts: 4,642
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #8 on: May 23, 2014, 03:36 PM »
Heh well after watching way too many cop shows, "I can't tell you who" doesn't last seventeen seconds under "You are under oath. Who was it?".

Meanwhile while this one *may* be an urband legend, given enough years with the death of Win XP, I wouldn't put it totally past possibility.


MilesAhead

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 7,736
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #9 on: May 23, 2014, 04:00 PM »
Heh.  On the under oath bit, Nixon served on th House Unamerican Activities Commitee(HUAC) in the 50s.  They got Alger Hiss for Perjury.  So when Watergate started to stink he kept saying that it's the coverup that gets you convicted.  They get you for Perjury rather than the original charge.

G. Gordon Liddy, one of the Plumbers, must have heard this.  Also he used to be an Assistant Prosecutor.  When the Senate Select Committee brought him in to testify in private session, the clerk held out the Bible and went through the ritual "Do you solemnly.. yadda yadda.." to which Liddy replied in a clear loud voice "No! I do not!"

They asked him to leave.

Likewise in John Sirica's Courtroom Liddy refused to testify.  I think he holds the record for time served in DC Jail for Contempt of Court.  But I don't think he was convicted of any of the Watergate charges.

I always got a kick out of Liddy doing that because I thought of that myself.  Clerk asks if you intend to tell the truth and you say "To be honest Your Honor, I intend to lie my ass off."  :)


Edit:  I give myself one demerit for retelling my favorites.  Perhaps the Clockwork Orange Therapy could ameliorate this tendency.  :)
« Last Edit: May 23, 2014, 04:08 PM by MilesAhead »

Edvard

  • Coding Snacks Author
  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 3,017
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #10 on: May 23, 2014, 05:15 PM »
Also, this:
The IC [Intelligence Community] are some of the most surveilled humans in history. They know everything they do is gone over with a fine-toothed comb — by their peers, their bosses, their lawyers, other agencies, the president, and sometimes Congress. They live watched, and they don’t complain about it.

In all the calls for increased oversight, the basics of human nature gets neglected. You’re not going to teach the spooks this is wrong by doing it to them more.

Touché.  :(

Perhaps, but if the clowns in congress start getting fried by restaurant heat lamp level spotlights for some of their "perfectly innocent", "private" conversations ... The funding for the spook programs should start drying up rather quickly.

Internal oversight for the IC is less about toeing the line and more about pushing the envelop to see who find or create the stretchiest loophole without getting hung by it. It's nothing more than an orgy level CYA gangbang. Whose the pivot for this free-for-all..? We are!

We really just need a don't be that guy poster child to rally a grass roots movement behind to push these vermin out of their holes and into the sunlight where they can bloody well fry to death for all I care.
-Stoic Joker (May 22, 2014, 11:21 PM)

I don't think anybody, including me, is trying to gloss over what's being done to the innocent in the name of security, or apologize for these guys.  Just remember they're humans too.  I have trouble calling anybody 'vermin' until culpability is proven.  And the poster child?  I wouldn't wish that on my worst enemy. 


Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,646
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #11 on: May 24, 2014, 12:01 AM »
Just remember they're humans too.

I fail to see why I should bother focusing on something that they themselves have obviously forgotten. They have positioned themselves as grand and glorious superhero inquisitors. With massively invasive machines that catalog everyone's waking moments. These systems just beg to be abused ... And they are already. They just had some shit on the news about the fuzz abusing the in car background checking systems in a recreationally frequent fashion. These new and incredibly sophisticated systems will pull up everything including your credit/employment history, tax records, and etc. on anyone with just a tag number. Like the tag numbers that they have a dedicated camera to automatically scan for ... At All Times ... Trolling for PC excuses..

Now at what point exactly during a routine traffic stop does a police officer have any rational need for somebody's ****ing Credit Report?? ...Or employment history for that matter.

I can't find a link to the current news report, but I did find this on google http://www.copwatch....g/databaseabuse.html ...So it's apparently not just a singular isolated incident.

And that of course is just the local yokels that haven't quite been mitliterized to the point of completely forgetting their - To Protect and Serve - purpose for employment.

I have trouble calling anybody 'vermin' until culpability is proven.

By the time we're all running around with chips in our heads that tell us when to report to the rehabilitation center for having "improper" thoughts ... I'm pretty sure it'll be too late.


And the poster child?  I wouldn't wish that on my worst enemy.

It ain't like we haven't had enough warning shots. Yet people still sit there like they thing it'll just all work out.


These people have had our trust for the last decade and look where that has gotten us ... Very far out into a deep lake of shit.

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #12 on: May 24, 2014, 06:51 AM »
@SJ - Dude! You're blocking. Let it out! Tell us how you really feel!  :P ;D

(kidding...) ;)

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #13 on: May 24, 2014, 07:05 AM »
And that of course is just the local yokels that haven't quite been mitliterized to the point of completely forgetting their - To Protect and Serve - purpose for employment.
-Stoic Joker (May 24, 2014, 12:01 AM)

They're working on it however, Next round of behavioral conditioning special training they get sent to will fix that. :-\


MilesAhead

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 7,736
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #14 on: May 24, 2014, 10:10 AM »
Stoic Joker said:
Now at what point exactly during a routine traffic stop does a police officer have any rational need for somebody's ****ing Credit Report?? ...Or employment history for that matter.

Common scenario:  Two cops in squad car on traffic patrol.  They spot someone driving erratically.  They pull the car over.  One cop gets out and talks to the inebriated driver, then comes back to the patrol car.  Cop waiting in the car says "Is he anybody?"  Meaning if he's just a nobody they'll charge him with DUI.  But if he's somebody they might let him sleep it off in the car and get a phone number for later when they need a favor.

With the computer info it takes out the guesswork.  People who used to be somebody won't be able to rest on their laurels.  If they have fallen on hard times they won't be able to fake it. Nothing worse than letting a guy slide only to be unable to get the favor later.  :)

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #15 on: May 24, 2014, 01:24 PM »
  5242113537_898e5e5fe2.jpg

MilesAhead

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 7,736
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #16 on: May 24, 2014, 03:51 PM »
^^^ very cool.   :Thmbsup:

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,884
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #17 on: May 25, 2014, 11:12 AM »
Now at what point exactly during a routine traffic stop does a police officer have any rational need for somebody's ****ing Credit Report?? ...Or employment history for that matter.
-Stoic Joker (May 24, 2014, 12:01 AM)

And why do prospective employers need access to an applicant's credit report?


wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 11,186
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #18 on: May 25, 2014, 11:53 AM »
Now at what point exactly during a routine traffic stop does a police officer have any rational need for somebody's ****ing Credit Report?? ...Or employment history for that matter.
-Stoic Joker (May 24, 2014, 12:01 AM)

And why do prospective employers need access to an applicant's credit report?



Certain jobs it is justified, but overall it isn't.

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #19 on: May 25, 2014, 12:04 PM »
Now at what point exactly during a routine traffic stop does a police officer have any rational need for somebody's ****ing Credit Report?? ...Or employment history for that matter.
-Stoic Joker (May 24, 2014, 12:01 AM)

And why do prospective employers need access to an applicant's credit report?



Sometimes in financial institutions, or other jobs where fidelity bonding is the norm, or for procurement officer-type positions, the justification (if you want to call it that) is to attempt to have some assurance the person in question doesn't have "factors" in their life that may affect their decision making or integrity when dealing with (or being around) large sums of money.

There's pros and cons to the argument. But in my experience people with no financial problems aren't all that less likely to do something stupid than most people burdened with serious personal financial problems.

I think most people are basically honest - or they're not.

People who get caught often present their financial problems in an attempt to explain or justify a theft or other malfeasance. Which probably led to the belief that a credit report is also a good indication of somebody's "character." Truth is, all a CR really does show is how often you're able to pay your bills on time.

Perhaps there's a link between bill paying and one's character. But if there is, it's a pretty tenuous one IMHO. :down:

« Last Edit: May 25, 2014, 12:11 PM by 40hz »

MilesAhead

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 7,736
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #20 on: May 25, 2014, 12:37 PM »
There will be no end to the "background check" as more "factors" are appended.  For instance, since there is no government backed single payer health system in the U.S. the family history will be sifted for diseases that may cause health expenditures to spike.  Stuff like Cancer etc..

Then of course the DNA signature that denotes a high risk of insubordination will be isolated.  Must test for that.  Also creativity.  We know what a mess those kinds of people make of things.  Always upsetting the apple cart.  Even replacing the apple cart with one driven by internal combustion.  There's just no end to unpredictability unless these bad seeds are filtered.


« Last Edit: May 25, 2014, 12:50 PM by MilesAhead »

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,884
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #21 on: May 25, 2014, 01:36 PM »
Now at what point exactly during a routine traffic stop does a police officer have any rational need for somebody's ****ing Credit Report?? ...Or employment history for that matter.
-Stoic Joker (May 24, 2014, 12:01 AM)

And why do prospective employers need access to an applicant's credit report?



Sometimes in financial institutions, or other jobs where fidelity bonding is the norm, or for procurement officer-type positions, the justification (if you want to call it that) is to attempt to have some assurance the person in question doesn't have "factors" in their life that may affect their decision making or integrity when dealing with (or being around) large sums of money.

There's pros and cons to the argument. But in my experience people with no financial problems aren't all that less likely to do something stupid than most people burdened with serious personal financial problems.

I think most people are basically honest - or they're not.

People who get caught often present their financial problems in an attempt to explain or justify a theft or other malfeasance. Which probably led to the belief that a credit report is also a good indication of somebody's "character." Truth is, all a CR really does show is how often you're able to pay your bills on time.

Perhaps there's a link between bill paying and one's character. But if there is, it's a pretty tenuous one IMHO. :down:



My first encounter with this practice was back in the 80's, when submitting an application for a cashier job at a well known discount retailer. They were in the practice of accepting applications, whether a job opening was available, or not. And they would not tell you if one was available, or not. And every application had to be accompanied by $20 cash, to cover the costs of the credit report check, non-refundable.

I was given a similar excuse when I asked why. I thought it was rather offensive, the idea that people that have had a hard time paying their bills due to unemployment, and young people with no credit history, were automatically labeled as thieves, unworthy of a ~$4.00/hr minimum wage job in a junk store.

I think the real thieves in this case was the company, sucking $20 bills out of the pockets of the unemployed, without telling them if they even had any openings. And I told them that, as I tore up my application and walked out.

I have been a bonded cashier, without having to pay to submit a job application, first. The bonding took place after hire, with the employer absorbing any and all costs involved. I didn't have to pay and sign papers giving them the right to snoop into my private info, just to have my application tossed in a pile for 90 days, just in case there might be an opening.

But crap like this has become much more common, making job hunting for crappy minimum wage jobs much more expensive than it used to be (even for jobs as a dishwasher in a restaurant). You want to know why so many people can't seem to get off welfare or unemployment? Among other things, maybe they can't afford job hunting, at a cost of $20-$50 per application, for jobs that may not even exist.

MilesAhead

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 7,736
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #22 on: May 25, 2014, 03:39 PM »
There was a short bit in Mad Magazine one time about a guy handing in a job application.  In the next frame 4 identical HR workers say in unison "there are no job openings."

In the industrial park in the town where I live there was a factory that personified the Mad Magazine bit.  The had a permanent sign Help Wanted.  I went in several times over the years and spent 1/2 hour filling out the application.  When I asked about the openings they said they would call if anything came up.  I finally wised up and quit going there.  I think it was a make work for the HR guys.

On occasion I would happen by there years later.  Same Help Wanted sign.  It reminded me of one of those Pizza Places that never sold any pizza.  Tony Soprano hung out in the back room making phone calls.  ;)

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #23 on: May 25, 2014, 04:27 PM »
You want to know why so many people can't seem to get off welfare or unemployment?

Largely because jobs simply aren't out there from what I can see. ;)

re bonding: I only had one time when a potential client insisted on fidelity bonding for any of our employees that would have anything to do with their account. Since we're a very small company, and we all routinely pass information and tasks back and forth, that would have meant all of us. When we were told we'd be awarded the contract pending bonding, I told them fine - and asked for a separate purchase order to cover the price of the $1900 quote we received for the bond. They declined and we didn't get the assignment. Which was fine by us.

Funny thing was, this potential client was a three person company that installed in-ground sprinkler systems and had about $700K in annual revenues. Why they needed bonded people to handle their entry-level W2K server, 2 laptops and 2 PCs (during normal business hours only) is anybody's guess.

We normally deal with financial service providers, small brokerage and fund management companies, and attorneys. To date NONE of them have requested bonding in order for us to do business with them. And we have been granted remote system - and 7x24 premise access - for almost all of these clients.

As one broker put it: We wouldn't sue if somebody messed with our computer network. We'd call the FBI. :tellme:






40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: Everything Is Broken
« Reply #24 on: May 25, 2014, 04:47 PM »
There was a short bit in Mad Magazine one time about a guy handing in a job application.  In the next frame 4 identical HR workers say in unison "there are no job openings."

I prefer this one myself:



I've sat through a few interviews that weren't too far removed from this sketch. :-\