Phoenix.pm: [scott@illogics.org: Thursday Meeting Automated Pre-Announcement]

intertwingled intertwingled at qwest.net
Mon Aug 4 04:41:29 CDT 2003


Scott, the packet kid! =)

Scott Walters wrote:

>Did my script get the date right? If so, I'll point it at the list instead
>of just myself ;)
>
>Just back from DEFCON where Nathan Torkington, of all people, was lurking.
>Okey, he wasn't lurking per se, but he was there. He states that ORA
>made him the new security editor. Just as I was explaning that most of
>the time a company sends someone to DEFCON, they don't do it again,
>someone went cruising into the lobby carrying a giant bong, followed by a 
>hoarde soon-to-be-stoned. Gnat didn't seem very comfortable with that. Of 
>course, the party was only starting. 
>
>Team Immunix lost Capture the Flag (now Root-Fu) for the second
>year in a row, placing second, again, and again, only by a narrow
>margin. This sucks because I was on this team. I got a rather
>radical glow-in-the-dark-penguin-in-a-gas-mask-looking-frumpy
>tee, though. There is a lot of good that can be done by a Perl
>programmer in this contest - auditing Perl (an old version of
>Slash and several CGIs were part of the services you were
>required to provide and keep up), and mounting attacks. Nits of the 
>rules made interesting applications of Perl beyond just exploiting
>Perl on the other side. Last year, I used Perl, sh, and Python
>to convince remote teams machines to damage their own score by 
>transmitting large amounts of unrequested data, effectively
>using one team to DoS other teams. This year was trickier -
>you had to convince them to initiate the request. I really don't
>have too much interesting in security, but Root-Fu is one
>heck of an intense, fun, challenging game with lots of room
>for creativity and thinkiing on your feet.
>
>Next year, I'd love to recruit a chunk of PhoenixPM to help =)
>
>Kevin Mitnick's team won the current battery of Hacker Jepordy,
>and then went on to win the playoffs against last years team.
>At one point, someone noticed the thing that Kevin was idely
>fidgeting with was a Blackberry. It turns out that people in
>the audiance were emailing him answers. It also turned out
>that this isn't against the rules, though it is likely to be
>next year. Kevin looks vibrant, healthy, and happy. He spent a
>lot of time up on the stage at Hacker Jepordy just grining
>at the audiance. Yes, there is something sly to his grin, but
>he certainly doesn't exude evil. For those of you not familiar
>with Kevin Mitnick, he is kind of the hacker poster boy.
>He is famous for not ever doing anything malicious - damaging
>systems, releasing damining information, and so forth - but
>for learning a lot of things that people felt threatened
>by and for being very hard to arrest. When prosected, the
>case was blown out of proportion: all sorts of paranoid garbage
>like Kevin might have cruise missile launch codes so he
>should be put in solitary confinement (he was put in solitary for
>over a year, which is itself illegal), and that bandwidth
>goes for a large dollar amount per K, so he cost the network
>hundreds of thousands of dollars were all accepted in the
>first of many hacker kangaroo courts. A large campaign to
>"Free Kevin" sprung up, drawing attention to the lack of ethics
>in how "hackers" were handled in court, which has done atleast
>some good to make the feds play by their own rules.
>
>"Secure Programming Cookbook for C and C++" is on shelves now.
>Go buy your copy. I won't make any money from it, but it doesn't
>suck, unlike the last thing I did technical review on ;)
>
>Okey, thats my DEFCON report.
>
>-scott
>
>
>----- Forwarded message from scott at illogics.org -----
>
>Received:  from straylight (localhost [127.0.0.1])
>Encoding:  8bit
>Subject:  Thursday Meeting Automated Pre-Announcement
>Date:  Tue, 5 Aug 2003 00:00:02 -0700
>To:  scott at illogics.org
>From:  scott at illogics.org
>
>
>Hi,
>
>This is an automated message - this upcoming Thursday, the 11st, is a Perl Mongers
>night! 
>
>Pack up your favorite old and new books, your problem code, your clever
>hacks, pick a new or favorite module from CPAN or your library to mention,
>if you want to share.
>
>If no topic has been announced, this is your chance to present that 
>algorithm or module or technique - it doesn't have to be spectacular -
>people of all abilities show up and there is plenty of room for novice,
>intermediate, and expert content. If you don't suggest something, Doug,
>Kurt and Scott's inventory will be exhausted eventually, and no one wants
>that.
>
>Watch this space for confirmation of the meeting date and announcement of the
>final topic selection. 
>
>
>
>
>----- End forwarded message -----
>
>
>  
>





More information about the Phoenix-pm mailing list