Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by twocs

  1. Well, the login for OkCupid currently doesn't work, saying " Sorry, we're having technical difficulties right now. Check back later."
  2. Weird, the forum link doesn't work. Anyway, this problem was already discussed with OkCupid engineers in 2009, and they refused to remove the "feature". This is certainly not a one-time login. I've clicked on the Login Instantly link in lots of proxies around the world and it's still valid. Also, a google search for "site:http://www.okcupid.com/l" (the /l is for instant login) reveals a number of people's account logins that they must have posted to somewhere. Facebook just cancelled auto login that still required a password for security concerns. OkCupid's links don't even require a password.
  3. A few years ago there was some thread about OkCupid's instant login cookies on their forums. Since then, they have kept the instant login feature but made it more difficult to brute force. Here is an example link that someone would receive in their inbox: Login Instantly! Looks long and hard to impersonate. But the really strange thing is that when I use this link in some proxies, then click any link, it will log me in as a different OkCupid user. It's really bizarre. Not sure what we are supposed to do about this kind of information, but like I said, they have known about it for 3 years already. Any ideas?
  4. That's just stupidity talking. The rich get richer because they know how to make money, not because they like to hire people when they are not taxed as much. By having higher taxes it does mean it's harder to become rich, but it doesn't mean there will be less jobs--the harder it is to get rich, the more that rich people need help to get rich, so they hire more people. Just because you can say something doesn't make it true. You need statistics or examples to back up your claims, not whines that you don't like to help other people by paying your taxes. Taxes pay for roads, schools, law enforcement, defense, all of which contribute to the well-being of individuals and businesses. If you think you're getting richer because your paying 5% less tax, your a fool.
  5. Wired has just rated the top ten evil computers in all existence. http://blog.wired.com/underwire/2009/01/top-10-evil-com.html Looks like Evil Server isn't so evil after all. Time for some new stickers?
  6. Although I think using the cloud for virtualization and storage could be a blessing, I also worry about the ramifications of this trend. For example, if police ever have a reason to suspect you of doing any kind of hacking, the first place they can check is your Dropbox... and you'll never even know they're snooping in your files. They can always use the excuse that what you're doing might be related to "terrorism" somehow. Also, if I were to use a service such as Dropbox, I'd like it to be secure. I wonder about the security of this service because if you sign up, you basically agree with their claim that "Dropbox is very concerned with safeguarding your information. We employ reasonable measures designed to protect your information from unauthorized access." So because you could read that on their website, you can't sue them when someone hacks them and steals your identity. Furthermore, you void any and all rights to actually check whether that security is really reasonable. According to the Dropbox legal mumbojumbo, you are not allowed to reverse compile their software, make changes to their software, or to use any other software to access the service. I believe that this may actually be an illegal restriction, but I'm not a lawyer. But I'm going to have to go with Richard Stallings and the Free Software Foundation's stand on this type of service and recommend that we should not trust our data in such a way. On the other hand, there's probably big money in this business, so I'd suggest some hackers to start up a similar service of your own. Perhaps offer storage space, free for 2 GB or $5/month for 10 GB.
  7. Hollow them out and make a cute aquarium.
  8. Seems that this purpose is exactly what Backtrack 3 is built for. Plenty of fun scanners and injectors. But you'd better get it in writing that your cousin authorizes this activity. You may find yourself thrown to the squad car in this kind of situation, and a piece of paper that says you're legit may be a real asset in such an event. You can read "Chapter 2: Anatomy of a Hack" on the Ethical Hacker on this subject.
  9. Just wanted to say that BT4 may be based on Ubuntu (See this thread) Hopefully the color scheme will be kept in black. It's uber hackworthy!
  10. CLI version: http://aapr.sourceforge.net/ According to bruteforce cracking software, simple means more than four characters in length... Maybe it's on the crack-goodness Hak5 password list? http://wiki.hak5.org/wiki/Password_lists And I'm not so sure on this ten under score is a good round of golf or what. http://search.yahoo.com/search?p="ten+under+score"
  11. If only voters on the Internet (using Myspace or Facebook) was voting for President in 2008, here's how it would have looked: Blue = Obama Shocking... Everything is blue in IP world...
  12. Quick, learn Python 2 before they completely revamp everything for Python 3!!! Not much time left now... Python 3000 Changelog For example, print was: print "Hello World!" That old way will be broken, favoring: print ("Hello", "World!")
  13. Terrible troll... lolz. Point #1: Most people in America supported Obama. Didn't you see the front page? Point #2: Most people who use the Internet supported Obama. The 50% of Americans without broadband are predominantly in red states.
  14. Do like Richard Stallman did and copy a bunch of existing programs...
  15. I've reg'ed for the "Clear the Packets" team event.
  16. Wake up! Go back to your 1200 baud modem and tell me that. I don't what you're talking about, but the Internet is a necessity. Over fifty percent of American's don't have broadband. It's really a shame that in 2008, half of Americans don't know that high speed data access is more important than eating healthy food and getting enough sleep at night.
  17. Anyone interested in joining a wargame (http://p6drad-teel.net/~windo/wargame/)? The game won't commence until 20 people have signed up, and right now it's at only 10 people. I'll do it if you'll do it ;) .
  18. Not a joke... Now there's a new one from Microsoft: an info video styled like a children's book titled "Mommy, Why's There a Server in the House? Helping Your Child Understand the Stay at Home Server" http://www.stayathomeserver.com/MommySite/default.aspx What are they going to think of next? Makes me think about a Hak5 version: "Darren, Why Is There Evil Server in the HakHouse? Helping Your Community Understand the Stay at HakHouse Evil Server."
  19. [Don't want to hijack the thread, but this is about the localhost method, as it seems like there still some confusion about it. And it's how I did it using Vista... since some of the old versions of lpinstaller don't work for Vista (I'm dealing with version 1.6, can anyone confirm they have switchblade working with this version?)] I did get the same message, so I had to tweak a few things myself. I guess one easy way to go about checking the web server: First, check the Apache logs, like the access/error logs, to see if a file was requested. If there was a file requested, you can see what a particular file was requested, and where it should be located. You can make the necessary nested folders to hold your file in the htdocs folder. On the other hand, it could be that you haven't yet told the server who it is supposed to be. To do this, add the code to the httpd.conf file in the Apache conf folder: ServerName www.u3.com:80 => [in this case you can also add another line to the host file] or if you downloaded from sandisk: ServerName u3.sandisk.com:80 I'd guess it's one of these two things, i.e. the folder structure wasn't correct or the server file (httpd.conf) wasn't configured. If not, then we can try to figure out what else is needed.
  20. Instead of reverse engineering the sandisk app, would it be easier to change the dns entry? dailygeeks.com/howto/add-a-permanent-entry-to-the-dns-cache-in-vista/ You would change your dns settings before running the installer. Instead of going to the real u3.com, the traffic would be redirected from u3.sandisk.com/download/apps/lpinstaller/isofiles/X.iso to the IP address of the server that holds X.iso that you want to be installed on the U3 partition. Once complete, you could just revert your dns settings. You would insert this code into the host file: u3.sandisk.com # Redirects all traffic bound for u3.sandisk.com (in this example: redirects to hak5.org) The advantage of this approach would be that you wouldn't need to change the installer, nor would you need to run the server on your own computer. On the other hand, if you've already nailed down how to change the installer, that approach would avoid the need to switch the Windows host file that holds this dns settings.
  21. According to http://hak5.org/forums/index.php?showtopic=9598, many computers see the U3 partition as a USB CD drive. But as far as other reports, they have suggested that only a small proportion of BIOSes allow booting from the U3 partition of USB drives.
  22. Aussies got jealous of the Great Firewall of China, so they decided to make their own Great Barrier Firewall. Luckily the most significant benefit will be that more Aussies become interested in hacking so that they can get to the Internet that they want.
  23. I'd hope the Hak5 University would support both synchronous and asynchronous functionality. That way there can be "live" classes and also stuff to do and ways to talk when people aren't online at the same time. One thing I was thinking is about research. A university is about teaching and learning, of course, but also it's about research. What kind of research projects would Hak5 university tackle? Would anyone be interested in trying to publish some work that gets done?
  • Create New...