stingwray

Erm, sorry no, DDoSing someone which you have permission to do so is completely legal, obviously you need to have permission to use the resources as well, but there is nothing illegal about the act, penetration testers sometimes use limited DDoS to cause diversion from their other attacks.

Yeah, but I wouldn't go for a hackintosh, not for developing code for the OS X platfrom. Also I recognize the background on the screen in the top right, used to have it myself, looks create in hi-res.

I used the Hak5 code last time, and my first account is really a business account, as I share it with a few colleagues.

Bought another .co.uk domain to go with it. My virtual estate empires begins!

Wow, great deal, may have to buy another account!

Nothing stopping you from tunneling it over ssh, which realistically you should be doing anyway with the quality of security in most applications like this, like remote desktop. Although I assume that it doesn't send keys and mouse movements over the network if they are on the machine they are plugged into, so you could just make sure you do anything sensitive on that machine, although this relies on the user remember this. Perhaps one day I'll have my Linux, Windows, Mac setup running all at the same time, 3 Mac mini's would be awesome for that.

How are you going to power the drive? The desktop optical drive will want to consume more power than the laptop is willing to provide, so while the interfaces are the same just different sockets you'll need to supplement power from some where. I suppose you could link in a couple of usb ports just for power, but seems like bit of a waste of time to be given how cheap the adapters are now.

You have to register the sim for the iPhone to receive the year's free internet and wifi usage you get when buying the iPhone on Pay as you go. Not much use without that, might as well have bought a iPod touch.

You have to register your sim for the iPhone to receive the free internet from O2 on the pay as you go scheme (normally done when buying), if you go into to much negative credit then O2 don't do anything on the network until your back in the black, only emergency calls for you.

Revenue protection is as big a part of revenue making, more so now with the current economic climate. Given the simplicity of detecting the majority of traffic from a tethered device would be a simple as a couple of filters with Wireshark and to stop it a few firewall rules, any self respecting cell provider than can't do it shouldn't be in business. My experience with the UK mobile phone providers is that they are know their stuff and they know it well. Given that the majority of networks can't actually provide the quality or quantity of the service that most providers claim to offer you is the major reason for not allowing to teether your device or use large quantities of bandwidth, its safer to try and limit people rather than loose custom or worse be sued for not providing the service offered. But to be fair on the providers, I know that if you let people teether your device you would have people torrenting all their warez from the phone and ruining the service for other people. So I'm actually quite happy for mobile providers to prevent and punish people from breaching their ToS.

Actually not, the law is extremely difficult in these cases as the voucher is exchanged for money. As the voucher hasn't been stolen from anyone its not stolen property, it would be up to the retailer to examine the voucher and checks its authenticity before accepting it, if they accept it then the services are rendered. Its not the same as making fake money as that is an actual crime, it can be more likened to photocopying a printed voucher for discount or a free product at a store and the store accepting them. Its not actually a crime. The only people who will have difficultly with the law is likely to be the people generating the vouchers for defrauding Apple, but with no way for consumers to check authenticity of codes before purchase and without taking the right away from users to sell on un-wanted cards, there's not much Apple can do about it. The codes are generated so that they can be checked when used for first being authentic and then not having been already used. Because of the large number of possible codes that are usable it is impractical to store all the possibly codes, and makes more sense to store used ones. Codes are checked much like how you can check if an ISBN number is checked to be valid. So in point of fact, Apple is unlikely to be able to do much from the broken code generation, a recall of the physical cards may go some way.

By deducting any money that you top up immediately. They may not get all the money that they want, but you won't be able to make phone calls or sends texts on the phone.

Yeah, I kinda guessed that those were the reasons for their not being one. Its still a shame though as there is a lot of potential in the UK but everyone seems to keep to themselves a lot more than in other countries. Anyway, going back on topic, shall we say that the decision on the dates shall be made at the end of the week? Sunday? Just to keep things moving.

HAR2009 looks a little expensive on the ticket front, early bird tickets are €155, and Belgium and Holland aren't the most exciting places in the world in my mind. I'll probably be going to the CCC again this year as I really enjoyed that, plus the dates are easy to get off for me. I'm kinda looking for something equivalent in the US to go to yearly, in the summer months obviously! I really can't believe that the UK hasn't got a decent con, we should be ashamed of ourselves!

By doing this you are currently breaking the T&C that you agreed to when buying the phone and your leaving yourself liable for the expensive. Basically if O2 find out they can bill you for whatever you like. It looks like tethering will be coming with 3.0 software, but it will cost you to use that feature. I don't agree with that, but hey, we all chose capitalism.

I'm contemplating doing DefCon this year, in the middle of a trip to the States to visit my friends over there, but its early days yet for deciding.

Well the only nuclear bunker that I have been to is The Bunker, which is an awesome place, but I don't think they'll want us lot hanging out there! It looks, feels and sounds like Half Life 1, except for in the server rooms. Closest thing we could get in London is a disused Tube tunnel, but they are pretty well locked off for a number of reasons. I think the original reason for the beginning of the month Moonlit was so that we could all attend the London 2600 meeting on the Friday. Lets see if anyone says they are going to Toorcamp.

Just noticed thats the same weekend as Toorcamp, was anyone planning to go to that? Just in case. And I do mean planning, not just wanting, I'm guessing everyone would have wanted to go to that.

So with moving digininja to July thats 7 to 6 for July. I have to say I did vote for June because it was my suggestion, but I'm not fussed either way. So shall we call it July? First weekend being 3rd, 4th and 5th, Friday to Sunday respectively.

This just popped into my inbox this morning via Bruce Schneier's Crypto-Gram news letter, which if your not reading you really need to start now. Gives a short but excellent overview of the resent PHPBB password bust and what analysis of the passwords found.

Well apart from choosing obviously week passwords, the strength of a password is more dependent on how intelligent the person trying to crack it is. Obviously more powerful systems are useful, but with good heuristics you can dramatically reduce the amount of key space that you have to search. Example being if you know the password is greater than 5 characters long, then you know you don't need to check any passwords which are 5 characters or less in length. This is why that although strong password policies do increase password strength, it is also a little like occam's razor, as any potential attack can now reduce their key space. The most interesting research is on how people actually pick their passwords and the frequency that which certain combinations and word mangling rules are used. Statistical analysis of this provides are large amount of information which you can then use to dramatically increase the chances of breaking a password. At better way of analyzing the strength of a password is to look at the entropy of the password, passwords which are very random will have the highest security (obviously with a sufficiently long length), so a good start will be a statistical analysis of your password, to see if there are any pairs of characters which are very common in the language of your password, eg. 'th', 'st', 'ee' and 'oo' are all relatively common in english and for this reason should be avoided in your password. Even if you consider your password random, like '4IeeP%' a good cracker will prioritize checking possible passwords with common phrases in them first, making your password more likely to be found. Also given the ease of access to large amount of computing power, through private networks or even botnets, checking large numbers of passwords is almost worryingly trivial for some now.

Sweet, now all I have to do is cycle through another 38 pages because I've just missed the one that I wanted to read.

Or alternatively you could keep both your sanity and money in your wallet and use Open Solaris with ZFS.

Anything with 'Open' in the name. So that leaves OpenBSD and Open Solaris in my mind.

Undervolting isn't that dangerous, normally ends in instability and corruption rather than physical damage. Correct voltage is required for most things, less current may prevent devices from working but an adaptor with a higher current rating shouldn't cause problems, unless you start force feeding the power into the device.