| A crazy Shockwave animation on this page of some anti-piracy website. Presumably anti-piracy, pro-drugs. The moral of the story is apparently "Pirate your software, because then you get licensed software and $500 cash for three minutes in your computer". [01:45] [0 comments]
|
|
Friday 17 August 2001
|
|
|
| The second part of 'Why it's good that RavenBlack is not a naughty hax0r' is to do with worms. All the common worms of today rely on a particular remote-vulnerability in the target machine. While this is an effective way to spread rapidly, it's less than effective against halfway-secure machines. I dub my theoretical worm 'The Brain Worm'. What the Brain Worm would do is behave rather like a manual hacker. It would infect machines with the invisible tricksy kernel rootkit, and sit quietly monitoring the various logged information. A short time after hearing things that sound like passwords, it would proceed to attempt to log into the source or destination machine related to that password, using the same username as it was associated with. It would then also have a few guesses at a root password (being the same, perhaps) before deploying all the common
local exploits. After a week or so of this near-dormant activity, The Brain Worm would go on a rampage of randomly seeking out the common remote-vulnerabilities, on the assumption that it's probably already collected all the passwords it's going to, by that point. Such a worm would have already taken ravenblack.net twice, like the live hax0rs did. Though never again. [20:29] [0 comments]
|
|
| Today's lesson is 'Why it's good that RavenBlack is not a naughty hax0r'. The lesson begins with rootkits. The thing about rootkits is that they must make it difficult to tell that they are present. A common way to do this is by having the kit reside in the kernel, thus hiding it from any of the command-line processes. However, such a kit can still often be detected by an external port-scan. Also, when connecting to the machine, Mr Hax0r could never be sure that he is not being monitored, perhaps by an external transparent firewall. Two solutions to this quandary spring to mind, for me. One is to have the rootkit triggered by an ICMP packet of a particular size (and perhaps content). The other would be to have a DNS-response-packet be the trigger, which is doubly sneaky because the DNS-response
needn't come from Mr Hax0r - his triggering action would be to fake a DNS-request from the victim's port X, asking about an owned IP. The triggering packet, then, would not come from the Hax0r, but rather, from a perfectly legitimate DNS server. Such would get through many firewalls unnoticed, even. [19:55] [0 comments]
|
|
| Tsk. Three times in the last couple of days, I've had something to blog, and my DNS servers have been down just long enough for me to forget what it is. I've also been learning to use Jeskola Buzz (or maybe this link as that one is down), and Photoshopping things. [04:18] [0 comments]
|
|
Thursday 16 August 2001
|
| I'm afraid I have to inform you that I've just rewritten the rules for the world. All programmer-girls must now report to me for immediate something-or-other. The good ones will form RavenBlack Software, and the rest, I'm afraid, will be thrown into a pit with crocodiles or giant amoebas or something. That's just the way it is. [21:17] [0 comments]
|
|
|
Tuesday 14 August 2001
|
I've changed my mind - ravenblack.net does not appear to require a full reinstall, due to the sheer excellence of FreeBSD. The stupid accounts are now locked closed, all the non-stupid passwords have been changed, and there's even a lovely firewall just in case some daft hax0ring backdoors were left open. Which I'm pretty sure they weren't.
However, it was confirmed that the box had been rooted, thanks partially to the blog. It was Saturday night when the box was suspiciously inactive, yet with no gap in the logs. The time-stamps on my Saturday blog entries are correct. But look at the first Sunday blog entry - 7:30am. Who would believe that I would be awake at 7:30am? Not me. So, the computer magically lost ten hours coincidentally during the time when nobody could connect, and the log was presumably conveniently erased. I'm inclined to believe that there's a hacking group, rather than a single hacker, making the rounds. This time-stamp thing is far clumsier than the original hacker. On the other hand, maybe unfamiliarity with BSD just left him panicking. [22:01] [0 comments]
|
|
|
Monday 13 August 2001
|
| Oh, yes, the upshot of all that is, ravenblack.net will be down again for a day or two or three, soonish. [12:17] [0 comments]
|
|
More tales of hax0ring, children. I'm sure you're all very excited by it. Because it's not boring to hear about other people's computer woes.
Those of you who've been following my exploits will remember that ravenblack.net was rooted a scant week ago due to a user getting their password taken from their keystrokes. After setting up with a different operating system, my wife then proceeded to negate all the extra security by giving the root password to the one of her stupid friends that I most object to.
The other day, ravenblack.net suspiciously stopped responding. It was during a storm, we thought it was a power glitch. Next day, it was working again, and the logs said no reboots had occurred. The logs also showed no gaps in service, despite (to our perception) an approximately three hour silence.
All very suspicious, of course. The lady, in a (futile) attempt to assuage my objections to Mr Stupid having root, told him how to better secure his box, which he did. He then reinstalled, without doing any sort of securing, thus making her explanation a waste of her time, and, of course, probably giving both his password and the root password to our pet hax0r.
The good thing about this recurrence is that, because I predicted that it would happen exactly this way, the lady will listen to me next time. Like she doesn't when I point out things in the past that she's repeating. (She says 'Grarh' about my mentioning this.) [12:16] [0 comments]
|
|
|
Sunday 12 August 2001
|
| Oh, also, shaving is probably a good idea, pre-latex. But you don't have to. It came off my arm without taking away hair, after a bath. Do not attempt to peel it off hair without heating. Unless you like having your hair ripped out. Also, it doesn't double as waxing, it's not that good. [19:28] [0 comments]
| The bloke of Ophelia Burning just wrote to me to thank me for recommending them on my recommendations page. Since nobody ever reads that, and he's nice enough to thank me, I thought it warranted an extra mention here. Cheers, coop. [16:20] [0 comments]
| Lesson six of liquid latex: Applying liquid latex on top of clothes results in very reusable, easily removed, well-fitting latex clothing. Unfortunately, it still smells like liquid latex. [16:12] [0 comments]
|
|
| Lesson five of liquid latex: It hurts like a bastard to remove, even if you did all the other things. Remove it in a hot bath - this way it comes off very easily. It may become less reusable, however. [16:11] [0 comments]
| Lesson four of liquid latex: If you would like to have something reusable after the one use, apply the latex over nylons. It will come away in one stretchy piece. However, it will take longer to dry in any places where the nylons are not in contact with your skin. [16:10] [0 comments]
| Lesson three of liquid latex: I hope you're not applying these lessons in order. Apply cold cream or vaseline or even talcum powder, or something, before applying liquid latex. This will make it easier to remove. [16:08] [0 comments]
|
|
| Lesson two of liquid latex: It takes a long time to dry. Give it an hour in contact with skin, or three hours if it's not. Have something interesting you can do that doesn't involve moving much, or sitting down, or anything. Reading a book that you don't mind ruining is probably a good choice. [16:07] [1 comment]
| Lesson one of liquid latex: It's cold, it drips, and it smells. Be on a plastic sheet or something. [16:05] [0 comments]
| I realised that, since I learned several lessons about the use of liquid latex, I should perhaps share the benefit of my experience in case anyone else is tempted to try it. I shall do so later. This entry is just to remind me. [15:42] [0 comments]
|
|
This server gets a fair bit of traffic from Code Red infected machines. I am sorely tempted to make a default.ida script which responds to the attempt by connecting to the source machine, and using the Code Red exploit to force it to repair itself. However, being in America, I'm aware that to do so would be to break the (stupid) law.
Two ideas to avoid the (stupid) law have been discussed around here. Firstly, one could put some sort of text on index.html disclaiming in some way - offering it as a service. That way it would no longer be unauthorised access to a computer system, and hence no longer illegal.
The second idea is more of a joke - encrypting the active part of the repair code so that the destination machine decrypts it before running it. Then, when your beneficiary tries to sue you for repairing their machine without authorisation, you could countersue for them having broken your encryption without authorisation, under the DMCA. [15:30] [0 comments]
|
|
|
Saturday 11 August 2001
|
| Last night I was mostly coated in latex, and then photographed. Pictures now must be cropped and sized with Photoshop, and maybe some of them can even be turned into proper art, rather than mere narcissism. [22:52] [0 comments]
| Okay, I think I'm done with the glyphs. Yesterday I had a few things to blog, but didn't because I hadn't done a glyph yet. Then I forgot what they were. This is annoying, and has nearly happened several times, therefore, no more glyphs. [22:39] [0 comments]
|
|
|
Thursday 9 August 2001
|
| Apologies for the days of non-service - the ravenblack.net machine was hax0red due to that person who got rootkitted getting their password nabbed, and Lunix being far from impenetrable to people who have a user account, unless extreme security in the form of Tripwire and such is set up. And even then, it's not great. The hax0r was at least a nice person (and a pretty good hax0r too, my compliments to you if you're reading this... Please don't try again), who didn't decide to do something like rm -rf, nor deface websites, they just put a rootkit in and stayed quiet... And almost undetectable, if it weren't for the machine being crap at rebooting making us suspicious. Also, Mr Hax0r, you need a better keystroke logger. Still, damn nice rootkit. My compliments. [09:04] [0 comments]
| Also, any of you who play Warlocks - I'm sure you've noticed that the database has been erased. We backed up most stuff before reinstalling everything, but the databases were missed. Oops [09:04] [0 comments]
|
|
| "The moving walkway is ending, please look down... The moving walkway is ending, please look down..." And I... I couldn't take it any more, I said NO, No I'm not going to look down, I refuse to look down, I will not be part of this stupid game any more, I will not let you rule my life, Miss Whoever-you-are. And I didn't know what to do so I just... I stopped looking down. And I tripped over the end of the moving walkway. [09:04] [0 comments]
| I assume XiaoXiao is some sort of gun-noise thing in Japanese. Sounds reasonably like it, and that's certainly a gunny link. [09:04] [1 comment]
|
|
|
|
|
Sunday 5 August 2001
|
| I hate the day after buying food, when there's all the food you bought in the house, and you go to look for something to eat and don't fancy any of it. [04:23] [0 comments]
|
|
|
Saturday 4 August 2001
|
| I've also finally gotten around to making Motepad consistent with the (incorrect) mechanisms that Notepad uses. Which is to say, "Motepad my stupid filename with spaces in it.txt" will now work, instead of insisting that the parameter be (correctly) quoted, as it previously did. The upshot of this is that it now works with Internet Exploder's "View Source" option. Which is good. But I still feel bad about succumbing to incorrectness. Tsk. [22:27] [0 comments]
| The surrealism daemon is now complete, making the random surrealism generator much more efficient than previously. Hooray! [22:23] [0 comments]
|
|
| I also saw Jean-Claude Van Damme's 'The Quest', which was on TV. I was surprised, at the start, that it wasn't exactly the same as Kickboxer, but then all was made well as, about a third of the way through, he was back on track, kicking and boxering all over the shop. Still, the beginning made a nice change from the usual Kickboxery, and then the Kickboxisms themselves were rather entertaining - the best fighter from each nation compete. The stereotypes were fantastic, especially Scotland, though I was disappointed to see no headbutting from the gentleman. No wonder he lost his fight. I was also pleased to see the Sumo Wrestler win a couple of fights, rather than being depicted as a bumbling useless guy like they often are. If you're amused by Martial Arts, or by stereotypes, The Quest is a good movie. It's also ideal for putting on a tape with Jackie Chan movies, as an ironic sort of contrast. [21:26] [0 comments]
|
|
| I saw Legally Blonde last night. I rate it yellow. Worth watching on TV, but I wouldn't recommend going out to see it, or renting it. Predictable, in a Disney-esque sort of way, but it would have been even less entertaining if it weren't. Whoever directed it can be crowned king of unsubtle foreshadowing. [21:19] [0 comments]
| A silent blog-day yesterday, with nothing to say, not even a glyph. Sorry about that. I even had a complaint - excellent. [21:13] [0 comments]
| 
[21:12] [0 comments]
|
|
|
Friday 3 August 2001
|
|
Wednesday 1 August 2001
|
| As mentioned yesterday, I have now scanned the originals of Simulacrum of Proof and Step into my Subconscious. I decided not to bother with Twisting through Windows because the ballpoint version wasn't so much an original art as a concept sketch, and also it sucked. [11:14] [0 comments]
|
|
| I purchased something unusual at the supermarket today. [10:46] [0 comments]
| WARNING: Have you been exposed to Fear Mongering? Have you seen posters or heard voices with emphasis on a lot of words? Are you starting to feel worried? Palms sweating? Trembling? You could be subject to anxiety attacks! We can help! Call 1-800-FEAR-ME. [10:18] [0 comments]
| 
[10:15] [0 comments]
|
|
| I must stop answering people's simple programming questions, then maybe they'll stop bloody asking them. People who are mutual reference books, you're welcome to keep asking questions. People who ask interesting questions, you too can keep it up. People who I don't mind spending time to help, ask away. The rest of you people who keep asking me what functions to use, or whether something will do what you expect, bloody ask Google and/or try it, don't waste my time with your stupid bloody question. This has been a public service announcement. Thank you. [00:02] [0 comments]
|
|
Tuesday 31 July 2001
|
|
| Last night I went to help a person accused of trying to hack their web-host. We'd been told their IP had done it, so it was either packet-sniffing-and-spoofing, a trojan on the windows box, or some rootkitting on the Linux. After some monkeying around, the Windows box was cleared of guilt. The rootkit was suspected when we discovered make and gcc to be apparently missing from the Linux. It was confirmed with ipchains not existing on the Linux, and yet ipchains blocking my UDP port scan. So, fun with rootkits. [20:02] [0 comments]
| My Tron video arrived. half.com is good. [19:48] [0 comments]
| 
[19:47] [0 comments]
|
|
| Interesting and unlikely observation number 732 - purple Pez, eaten immediately after mild curry tastes startlingly like beer. [00:02] [0 comments]
| Splendidly offensive, and already getting sued; this image. [00:00] [0 comments]
|
|
| | | |
