Friday, March 31, 2006

well HACKERS are human beings after all

okay so when the word HACKER comes to your mind ..the thoughts tyhat flash are like ...some geeks...involved in malicious acts...stealing data from someones system.... breaking down someones system....causing damage...and stuff like that...
There's nothing of that sort....... a perfect definition of a hacker goes like this..
Hackers solve problems and build things, and they believe in freedom and voluntary mutual help. .

To follow the path:
look to the master,
follow the master,
walk with the master,
see through the master,
become the Master..

notice... last master has a CAPS "M" ..coz thats wt matters the most.

Being a hacker is a lot of fun... coz once you have done with your basics and you have set your goals..you are on...but it requires lot of hard work...hmmm perseverance..as does any other jobs in this world..rome was not built in a day..same way it takes years to gain the knowledge through various mediums... internet..books.. practicals...small dummy tests that u perform ... gradually you ascend the ladder of success...you help the community by finding flaws in the system..(here the system doesnt mean a computer system... it means the entire web community!)
Wt i believe is there is no such thing called ethical hacker... all hackers are ethical...thats wt i feel..
The world is full of interesting things...theres so much to learn...so much to gain..so in the end the entire thing is upon you... you have to believe in your self.....your learning capabilites...you application of knowledge is all that matters..
Hackers (and creative people in general) should never be bored or have to drudge at stupid repetitive work, because when this happens it means they aren't doing what only they can do — solve new problems. This wastefulness hurts everybody. Therefore boredom and drudgery are not just unpleasant but actually evil.
Ir does happen sometimes.. that a guy keeps on doing things repetedly..coz gaining a skill isnt easy..but to an onlooker all this seems irrelevant...things that lead to dead end..
Hackers dont like to be dominated... the are free thinkers... all the fascinating things that they imagine is actually possible..and if they are being ordered to work in some pre defined fashion... then it will end up affecting their skills...in a negative fashion.

few things not to do for an aspiring hacker
· Don't use a silly, grandiose user ID or screen name.
· Don't get in flame wars on Usenet (or anywhere else).
· Don't call yourself a ‘cyberpunk’, and don't waste your time on anybody who does.Don't post or email writing that's full of spelling errors and bad grammar.

it really does matter... professionally nobody likes material full of mistakes...

Monday, March 27, 2006

The instant messengers aren't safe enuff..

You really dun know the things till u go into the depth..well studying closely the architecture of a web messenger i see ...that if a person wid something bad cooking in his mind can easily design a system to get the passwords without the users even knowing it..they wont have a slightest clue about the entire program.

While going through a security site i found this article interesting so i decided to mention it here..

"Now that companies are getting better at stopping e-mail viruses, says Dan Ingevaldson, director of R&D at ISS, instant messengers are the next obvious target for malicious code and viruses in the future. Also, most popular chat apps do not use a secure layer for text messages, meaning that anyone could intercept and read IM chats outside your corporate firewall.
A HANDFUL OF successful worms have already infected instant-messenging clients, including Aplore, which spreads via AOL Instant Messenger (AIM); Goner, which takes advantage of ICQ; and CoolNow, Message from Jerry (also known as Hello), and Choke, which are all spread via MSN Messenger. So far, no viruses have successfully infected Yahoo Messenger.
Earlier this year, the security organization w00w00 reported two buffer overflows in AIM, the first in January and the second in April. These vulnerabilities, now patched by AOL, made it possible for an attacker to steal your buddy list and spread malicious code throughout the entire AIM community--as well as run malicious code on your computer.
ISS has published a white paper detailing the technical countermeasures system administrators might employ regarding AIM, MSN Messenger, Yahoo Messenger, and ICQ.
Ingevaldson says a lot of companies simply do not allow employees to use instant messengers on the job. Trouble is, the genie is out of the bottle. Instant messaging fills a niche between a phone call and e-mail--it's fast, and not too intrusive. Plus, it's hard to keep employees from installing it, and hard to stop them from using a proxy once they discover the default IM ports have been blocked. "

Like..the popular Yahoo Messenger automatically attempts to connect to non-blocked ports, including port 23, which is used for telnet.

"It is unlikely companies would block telnet," said Ingevaldson. "Yahoo Messenger was designed to make it difficult to block."
FOR TRULY SECURE corporate instant messaging, one alternative suggested by Ingevaldson is Communicator Hub software, which is currently used by Salomon Smith Barney, J.P. Morgan Chase, Merrill Lynch, Credit Suisse First Boston, Goldman Sachs, and other financial institutions. Communicator's instant messaging service traces user activity with identity management, content aggregation and management, and auditing tools.

Unfortunately, widespread use of encrypted instant messaging (either at the consumer or enterprise level) is not expected for a few years. In the meantime, Ingevaldson recommended Trillian, a chat app that connects users to all the major IM clients: AIM, ICQ, MSN Messenger, and Yahoo Messenger. Trillian offers 128-bit blowfish encryption for AIM and ICQ, something these products currently do not provide on their own.
Yet an even bigger threat to your security, said Ingevaldson, are the peer-to-peer file-sharing networks. Recently, KaZaa users faced a clever worm called Benjamin, which infected their computers with thousands of bogus files disguised as popular film, song, and game titles. Two years ago, Gnutella users faced a similar viral threat. Ingevaldson also said SubSeven (a Trojan horse) is all over these networks, and could open company networks to back-door script kiddie attacks.

The danger of allowing employees to use these file-sharing networks at the office goes beyond just viruses and malicious code, though. Hosting illegal copies of copyrighted material can open corporations to lawsuits, as well.
So many issues... there must be some way out.. now we have to find out ..the WAY

Sunday, March 19, 2006

COPS NO MORE TOP

WELL the security has always been an issue but then the hackers n the crackers sometime turn nasty. For eg... this is wt i cam across while browsing one of ma favourite security info site. The article mentions about a new variety of unusually powerful Internet attacks, that can overwhelm popular Web sites and disrupt e-mails by exploiting the computers that help manage global Internet traffic, It was first detected late last year, the new attacks direct such massive amounts of spurious data against victim computers that even flagship technology companies could not cope.
It further went on to explain about the cases examined in south africa where the unknown assailant apparently seized control of an Internet name server in South Africa and deliberately corrupted its contents.

Name servers are specialized computers that help direct Internet traffic to its destinations.
The attacker then sent falsified requests to the compromised directory computer, which unleashed overwhelming floods of amplified data aimed wherever the attacker wanted.

Sunday, January 29, 2006

What people fear the most... ??

Cybercrime Feared 3 Times More Than Physical CrimePublished 08:55:17 26.01.2006
Three times more Americans think they'll be hit by computer crime in the next year than real-world wrongdoing of the old-fashioned kind, a survey released Wednesday by IBM said. The anticipation of cyber exploitation -- everything from viruses to identity scams -- is substantially higher than the actual results of the last 12 months, when six percent reported being victimized by cybercrime and seven percent said they'd been hit by a physical crime.
According to the poll of 700 U.S. adults, this angst is changing a host of online behaviors.
Seventy percent of those surveyed, for instance, said that they only shop at Internet sites that display a security protection seal or icon, while 64 percent claimed that they don’t conduct e-transactions on a shared computer.
Half said they don't use open public wireless networks, like those at coffee shops and airports, and 38 percent won't bank online.
In fact, the IBM survey noted that substantial numbers of Americans have gone even further in turning their backs on the online world because of security worries.
Twenty-seven percent said they've stopped buying goods online from unfamiliar e-retailers, 18 percent noted that they'd stopping paying bills online, and 16 percent -- or one in six -- said they've stopped playing online games because of crime anxiety.
People are taking drastic steps like these, said the survey, because a majority -- 53 percent -- hold themselves responsible for protecting themselves from cyber crime.
"As awareness of these new threats emerges, it's key that consumers, business, and government agencies work together to help alleviate public worry about cybercrimes," said Stuart McIrvine, director of IBM's security strategy, in a statement.
IBM's survey results are in sync with a number of other recent polls, all of which have concluded that data breaches, worm attacks, and identity thievery are changing consumer behavior. A Consumer Reports survey in October 2005, for example, said that one in four had stopped buying things online and one in three had cut on back e-purchases over identity theft worries.