From [email protected] Sat Dec 20 08:36:05 2008
Path: egsner!news.cirr.com!goblin1!goblin2!goblin.stu.neva.ru!news-xfer.nntp.sonic.net!posts.news.sonic.net!nnrp1.nntp.sonic.net!not-for-mail
Newsgroups: alt.hacker
Subject: Re: Twenty computer questions, please help!
From: Gandalf  Parker <[email protected]>
References: <[email protected]>
Message-ID: <[email protected]>
User-Agent: Xnews/5.04.25
Date: 19 Dec 2008 14:51:09 GMT
Lines: 215
Organization: Sonic.Net
NNTP-Posting-Date: 19 Dec 2008 14:51:09 GMT
NNTP-Posting-Host: 0ade825d.news.sonic.net
X-Trace: DXC=h:MBMJDLk8LKB<nS@=SX8Dm4K\QM1CV^@1OYf0H`?;XAUI4:bfRCRGMcDNTnA\ZFAB5WoclUgil[IUEDUbhLX`jO
X-Complaints-To: [email protected]
Xref: egsner!news.cirr.com alt.hacker:63860
X-IMAPbase: 1230221477 1
Status: O
X-Status:
X-Keywords:
X-UID: 1

chesucat <[email protected]> contributed wisdom to
news:[email protected]:


What is this? homework? job interview?


> 1) What area of mathematics is most applicable to computer science?

Id say bit-math

> 2) What prevents macintosh (Unix based) from running on a PC?

"Because of its native roots in Motorola and PowerPC code, this has
traditionally required instruction level emulation. Two things have
changed. Apple based Mac OS X on NeXT code, which could run on Intel. And
since 2006 Apple has been making Intel PCs."

> 3) What is legal and permissible to reverse engineer and decompile in
> the United States?

When its the only way to gain access to the functional properties. In order
to create compatable software or hardware. At least that has been
specifically held up in law. However, any reverse engineering is generally
considered as not being illegal itself. Its what you do with the answers
you get which is usually the problem. RE has been used on competitors
software. If you use their code in your work then you are illegal. If you
use the RE to insure that they have not used your code in their work, then
you are not.

> 4) Is all penetration testing illegal?

Not at all. As long as its with permission. On the other hand it is too
often used as an excuse when someone is caught so it REALLY does not work
(even if its true) in cases where no permission was given. Thats rather
like finding a house unlocked, walking in, getting caught and claiming "I
was just testing your security".


> 5) Is there any educational resources available to the general public
> on signals intelligence?

Sure plenty of it. Remember that anything talking about what it is, the
dangers of it, the advantages of it, would also be considered "educational
resources". But if you mean how to do SIGINT then yes there is some but Id
venture a guess that its not up to par with government and military uses.

> 6) Is a polymorph virus based on Java script?

It can be but strictly speaking polymorphic viruses have been around alot
longer than java. The first I think was back in the 80's. Altho java
probably made it easier by making polymorphism a term in the programming
FAQ and providing ways to have it work (legitimately) in code.

> 7) Why does Comcast throttle, monitor, and limit Internet usage?

Its not as new as you think. ISPs have always oversold their services. Its
not as if they can really give EVERYONE that much bandwidth at the same
time, or give everyone that much hard drive space, or give everyone
unlimited access to the things they promise (and it used to be included
that they couldnt possibly maintain as many dialup lines as would be needed
if all the users wanted to call at the same time). ISPs used to do many
things to convince the hogs to move on while the regularly-paying-but-
seldom-using customers were encouraged to stay.

But lately changes in the net have even the most clueless user able to stay
on 24/7 with at least their computer doing things actively even if they are
asleep. And even kids can hog bandwidth and storage by streaming videos and
tv all day. With comcast users sharing the cable lines, comcast has had to
be more up front about its limits.

> 8) Why are Chinese and Indian (Hindu) people rumored to be more savvy
> and capable to computational study and understanding?

As in a natural ability? I dont think so. But their countries have pulled
ahead in the teaching of such.

> 9) Why do hackers take credit for keygens, (isn't the software the
> amazing part)?

Maybe if they write one. I wouldnt call them a hacker for using one. We
call that a skiddie (scipt kiddie)

> 10) Isn't Usenet heavily monitored by prying eyes?

It always has been. You would be amazed at the amount of information that
is gleened by running a newserver. Im not sure if ANYTHING pertaining to
usenet can be considered "prying eyes". Thats the new american paranoia I
see so much evidence of. After all, it is an open public bulletin board
system. How can it be prying?

> 11) When high profile companies are hacked, and they choose to avoid
>     public exposure of an incident, are there (foia) sources that
>     reports the details and statistics of the circumstances and the
>     vulnerabilities, and ultimately what fixed the 'problems'?

There are but there is no central collection point I can name for you.
Large corporations have their own. Multi-company alliance groups often
share them with each other. There are companies which seek out large
companies offering to sign non-disclosure statements and pay big money to
have access to internal documents of such.

> 12) Isn't all the Internet paranoia 'hype'? I mean if there is so much
>     monitoring going on, isn't it too much, and the resources don't
>     exist to analyze all that info? Are there keywords that a database
>     collects? I just wonder if it's feasible?

Compared to what? As with any subject, comparisons often help clarify. When
has such been true of any monitoring? Nothing ever stops anything, but that
doesnt make an effort completely worthless. And any effort for any purpose
tends to involve something like the 80/20 rule.

On the other hand, anytime I make a statement about what is or is not
feasable I always try to add "yet" to the end of it. There are many mindor
crimes that people on the net used to say "they cant really catch you"
which we see being prosecuted fairly frequently today.

> 13) If storage is moving from hard drives to flash media, what
> happened to quartz technology?

Quartz technology is waiting for optical computing to catch up.

> 14) I found that Ada-ware and no-script on firefox didn't prevent
> (browser misdirection), and auto deletion of cookies and cache didn't
>     prevent a constant browsers redirection, what happened (I think
>     active x objects were also deleted)?

Browser redirection is considered to be a basic feature of html. Sure its
been misused but so has much of the html code. You can protect againsst its
abuse but I dont think any browser would decide to not support parts of the
html protocol completely.

> 15) If a wiretap can monitor a user's computer, is circumvention
> entirely impossible on that ISP?

??? I think you need to explain this more. If someone is wiretapping a
persons COMPUTER then how could the ISP do anything? If the tap is happing
AT the ISP then the user could only bypass it by bypassing the ISP. It does
no good to go to a proxy if you use the same connection to do it. The best
bet in that case would be to get access to an alternate ISP and better yet
an alternate access to the net (dialup, wifi)

> 16) Aren't hacktivists, ethical hackers, and white-hats (thou well
>     intentioned), misdirected in their morality?

Ouch. Bad grouping there I think. And asking the wrong group the question.
This is mostly a white-hat group. By definition that means IMHO breaking no
laws. We hack for legal purposes by legal means.

Ethical hackers I tend to refer to in the grey-hat group. They can often
include vigilanties and  that "the end justifies the means" crowd.

Hacktivists, definetly. Like any activist who crosses any legal line for
their cause. I always find such people highly questionable.

In DnD terms I would consider White-hats, Ethical Hackers, and Hacktivists
to be Lawful Good, Neutral Good, and Chaotic Good.

> 17) How does software communicate with hardware, through machine
> language?

Everything is binary toggles at its lowest point. Whether its hardware or
software.

18) In the world of underground professional hackers, isn't
> there a
>     concern that the engineers, mathematicians, PhD.s, and
>     cryptologist in security agencies throughout the world are making
>     child's play of the effort, and depending on priority and
>     manpower, determinant on the urgency of the covert activity, is
>     all dependent on statistics as to whether a criminal cell gets
>     punished or unpunished? Simply, ain't big brother or big sister
>     watching everything, hmmm...

This would need more definition also. Security agencies have their own
white-hat hackers. So the "world of underground professional hackers" would
be concerned about the above ground professional hackers keeping up with
them.

> 19) Is there any indication that add ons for firefox are malicious in
>     origin?

None that Ive ever seen. A bad one might slip thru but I wouldnt paint it
as if all add-ons were malicious.

> 20) If someone has a problem with their PC, where and what,
> statistically are they likely to do?

Statistically? Most of them take the computer to the computer store which
discovers there is nothing wrong with the machine. Thats because the very
act of FULLY shutting down the computer, unplugging it, removing it from
the cubbyhole its been shoved into, discovering how dusty it is and
cleaning it off because you dont want them to see how you neglected it,
cleaning dust off the vents and blowing out the machine, removing all the
papers and manuals that were shoved in the cubbyhold along with the
computer and semi-blocking its vents, vacueming out the area the computer
was in when you see how dusty that has become, bouncing the computer around
in the car, getting it to the other end and plugging it in, powering it up
after a decent rest and cool down period from its journey.... HEY its
working great now! Get charged the usual minimum 1-hour workbench fee. Take
it home and be perfectly happy with how well it was repaired.

If its a nice store they will at least clean off malware and clean your
registry.

> umm...well, thanks.
> Merry Christmas.

Happy Yuletide.

Gandalf  Parker
--
WARNING: Ask ANY Computer Guru or security expert and they will agree.
The person who is most likely to trash your computer will be coming from
the IP address of 127.0.0.1

You are viewing proxied material from sdf.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.