Phoenix.pm: [firstname.lastname@example.org: Thursday Meeting Automated Pre-Announcement]
intertwingled at qwest.net
Mon Aug 4 04:41:29 CDT 2003
Scott, the packet kid! =)
Scott Walters wrote:
>Did my script get the date right? If so, I'll point it at the list instead
>of just myself ;)
>Just back from DEFCON where Nathan Torkington, of all people, was lurking.
>Okey, he wasn't lurking per se, but he was there. He states that ORA
>made him the new security editor. Just as I was explaning that most of
>the time a company sends someone to DEFCON, they don't do it again,
>someone went cruising into the lobby carrying a giant bong, followed by a
>hoarde soon-to-be-stoned. Gnat didn't seem very comfortable with that. Of
>course, the party was only starting.
>Team Immunix lost Capture the Flag (now Root-Fu) for the second
>year in a row, placing second, again, and again, only by a narrow
>margin. This sucks because I was on this team. I got a rather
>tee, though. There is a lot of good that can be done by a Perl
>programmer in this contest - auditing Perl (an old version of
>Slash and several CGIs were part of the services you were
>required to provide and keep up), and mounting attacks. Nits of the
>rules made interesting applications of Perl beyond just exploiting
>Perl on the other side. Last year, I used Perl, sh, and Python
>to convince remote teams machines to damage their own score by
>transmitting large amounts of unrequested data, effectively
>using one team to DoS other teams. This year was trickier -
>you had to convince them to initiate the request. I really don't
>have too much interesting in security, but Root-Fu is one
>heck of an intense, fun, challenging game with lots of room
>for creativity and thinkiing on your feet.
>Next year, I'd love to recruit a chunk of PhoenixPM to help =)
>Kevin Mitnick's team won the current battery of Hacker Jepordy,
>and then went on to win the playoffs against last years team.
>At one point, someone noticed the thing that Kevin was idely
>fidgeting with was a Blackberry. It turns out that people in
>the audiance were emailing him answers. It also turned out
>that this isn't against the rules, though it is likely to be
>next year. Kevin looks vibrant, healthy, and happy. He spent a
>lot of time up on the stage at Hacker Jepordy just grining
>at the audiance. Yes, there is something sly to his grin, but
>he certainly doesn't exude evil. For those of you not familiar
>with Kevin Mitnick, he is kind of the hacker poster boy.
>He is famous for not ever doing anything malicious - damaging
>systems, releasing damining information, and so forth - but
>for learning a lot of things that people felt threatened
>by and for being very hard to arrest. When prosected, the
>case was blown out of proportion: all sorts of paranoid garbage
>like Kevin might have cruise missile launch codes so he
>should be put in solitary confinement (he was put in solitary for
>over a year, which is itself illegal), and that bandwidth
>goes for a large dollar amount per K, so he cost the network
>hundreds of thousands of dollars were all accepted in the
>first of many hacker kangaroo courts. A large campaign to
>"Free Kevin" sprung up, drawing attention to the lack of ethics
>in how "hackers" were handled in court, which has done atleast
>some good to make the feds play by their own rules.
>"Secure Programming Cookbook for C and C++" is on shelves now.
>Go buy your copy. I won't make any money from it, but it doesn't
>suck, unlike the last thing I did technical review on ;)
>Okey, thats my DEFCON report.
>----- Forwarded message from scott at illogics.org -----
>Received: from straylight (localhost [127.0.0.1])
>Subject: Thursday Meeting Automated Pre-Announcement
>Date: Tue, 5 Aug 2003 00:00:02 -0700
>To: scott at illogics.org
>From: scott at illogics.org
>This is an automated message - this upcoming Thursday, the 11st, is a Perl Mongers
>Pack up your favorite old and new books, your problem code, your clever
>hacks, pick a new or favorite module from CPAN or your library to mention,
>if you want to share.
>If no topic has been announced, this is your chance to present that
>algorithm or module or technique - it doesn't have to be spectacular -
>people of all abilities show up and there is plenty of room for novice,
>intermediate, and expert content. If you don't suggest something, Doug,
>Kurt and Scott's inventory will be exhausted eventually, and no one wants
>Watch this space for confirmation of the meeting date and announcement of the
>final topic selection.
>----- End forwarded message -----
More information about the Phoenix-pm