Sloth

it was this morning at 9:15am est @ 25c3 in Berlin lol.... and a bit more proof for ya mate hope that helps you classify this a bit more correctly Security Alerts: http://www.microsoft.com/technet/security/...ory/961509.mspx http://blog.mozilla.com/security/2008/12/3...ficate-forgery/ Wired news article: http://blog.wired.com/27bstroke6/2008/12/berlin.html

If you missed the amazing live streaming lecture from the 25th Chaos Communication Congress in Berlin this morning you really missed out on a great presentation. Never fear though the paper from Alexander Sotirov & associates has already surfaced on the interweb. The paper outlines the full attack (minus some critical reproduction info) of how one would go about creating and using a rogue CA certificate, that theoretically could cripple the internet and cause global user panic (ok maybe i'm being a bit to dramatic, but still). Yes i know this sort of attack has been theory for sometime but now it has been POCed (talk about one hell of a man in the middle attack). Oh well enough of my senseless babel.....on to the link: http://www.win.tue.nl/hashclash/rogue-ca/ Hope you all enjoy this paper as much as myself :) -Sloth

wait hold up we talking about riding or flying? im cheap...

disagree, fighting makes for a good drama :) if so many people are disappearing maybe its time for a Hak5 casting session! Personally Darren is my fav. :P more on topic sucks to see change in cast and sad to see people go. but even in the greatest of tv shows the cast changes up from time to time. oh well as long as i'm not left mistrusting my technolust i don't care :)

:'(

and plus you never know when you might be in need of a magnet ;)

ok just thought i would throw my 2 cents in here. hacking a hotmail account or equivalent (i.e Gmail, Yahoo, AoL) via brute force is possible. i am not going to spoon food you a skiddie program as im sure your google-fu could use the training. but the process works a bit like this: Hotmail, Yahoo, and Gmail all have security features on their "websites" that do lock outs or require capchas to be typed. So to circumvent this problem you turn to their messenger service which do not have these features (i.e. MSN Messenger, Yahoo Messenger, AiM). From there you can freely at your leisure brute force away with out the worry of the 5 try lock out. Even though an account may of been used strictly for "e-mail" and never for the instant messenger aspect there is nothing stopping you from logging into it via. The pass and s/n are the same as the http e-mail login. Good Luck in your google searches. And thats about all i will say on this matter. -Sloth

found this an interesting read http://www.mythtv.org/wiki/index.php/Contr...tTV_D11_via_USB hope it helps...

@ rastetter not to get in the middle of a lovers quarrel or anything but...if you were to read through the 28 pages it is noted atleast a dozen an a half times the drives that work...i mean i know some people are to eager to read through all the discussion and development tips on projects in forums, specially when there over 25 pages long...but i know i always try to befor i ever try anything or even start to ask questions...considering that through out the past 28 pages i have seen snibits of code pop up here and there that are not included in any payload on the wiki...nice little additions for personal preferances that users developed....oh well this goes for everyone i suppose who is new to the use of forums...people generally get mad when they answer the same questions over and over and over in a developmental thread...oh well just my 1 9/10 cents... @ aardwolf yeah i agree with the why the hell would a n00b want to even mess with this but hey if i get time ill put ya together a nice lil how-to & Faq for you to sticky -=o) -Sloth

sircrumpet- found that back on page 17...hope thats what you were looking for. -Sloth

kind of off topic but referring back to my last post about the privlage escalating, it seems that one of the computers i tested it on had some spyware running on it and now everytime i log on with the username i tested it with it automaticly boots me into system, which i think sucks personally...so just wanted to give fair warning to anyone who is going to mess around with the privlage escalating to make sure you have NO unwanted apps that you dont want to obtain "system"...oh well... -Sloth

correct me if im wrong but i dont think this works the way you think it does. ok the only way i got this to work was by trying from admin account to escalate to system, this did not work to escalate from limited user to system. maybe i did something wrong but i think it was a proof of concept to get higher privlages than admin, not an actual escalation from limited to higher privlage. -Sloth

actually all staples are running this promo untill the 23rd 512mb = 14.99 1gig = 24.99 2gig = 44.99 all U3 enabled Sandisk Cruzer Micros

So obviously bigger is always better, (at least in my opinion) but I was just wondering what size U3 stick everyone is running? does the 256mb U3 sticks work rather well or is there just not enough room for all the fun stuff and then all those logs you been packing on there. Is the 2 or 4gig sticks just way to big and dare I say it over kill? Just wondering what the general consensus is on size before I go buying a bunch to leave laying around places. Edit: also what sizes are being used for the standard USB sticks? got a couple free 64meg ones layin about. -Sloth