-
July 21st, 2003, 04:30 PM
#11
Senior Member
Originally posted here by AciDriveHB
Actually I think I will email the guy and see if I get a responce, just so we can make something of it (possibly)
~AciD
Yes, I agree. I think it will be interesting playing around with that theory.
I can't wait to see haquer's definition of 'e-mail hacking'. LMAO
Beware Clarity! A person talking to you in clear language is clearly using obsolete ideas.
-
July 21st, 2003, 04:34 PM
#12
Edit: Revised this post to be a little more friendly. Sometimes I get steamed and use some pretty foul language. :-)
I find it disturbing that this guy got neg-ed to death for this post. This guy simply stated he was aware of a Yahoo vulnerability and was willing to share info if interested. He did not say something stupid like "I can teach you how to hack into Yahoo e-mail!". Some of you claim to have neg-ed him because you think he is lying. Well, since he got neg-ed to the point of being banning, I guess we'll never know.
I always consider security bugs in Yahoo (and other similar services) pretty serious. Considering that the service is so widely used, I think that anyone interested in computer security should find this issue interesting if nothing else. But instead of thinking that maybe there are people out there that consider this important, you neg the guy until he is banned. And let's face it. The only reason why is because he mentioned Yahoo instead of something else you people are interested in.
I guarantee that if the word "Yahoo" was replaced with "Slackware", he would have NEVER got neg-ed. Probably would have been given positive points for bringing it to the attention of everyone. Half the people here would want to know about it so they can patch their systems. But since it was Yahoo, he got neg-ed to death. That's pretty pathetic. Just because you don't use Yahoo, many others still do. There are people that use simple applications instead of dedicating their life to learning complex ones. There is nothing wrong with that. In fact if it wasn't for those people, many of you wouldn't have anything to brag about or to act all high and mighty about. Yet, you neg the guy until he is banned. For making a post that is in fact on topic. Yea, that's right, a security issue in Yahoo is still a computer security topic.
Maybe it should be specified up top of this site: "Computer Security WE FEEL is important". God forbid someone posts a security issue about an application you don't use.
An Ounce of Prevention is Worth a Pound of Cure...
-
July 21st, 2003, 04:59 PM
#13
Jared: You make a good point..... You probably didn't need to lob the insults around though. If Haquer had possession of a new exploit don't you think we'd also have heard about it though. This is the guy who also says he has an FTP site with longhorn on it.
In other circumstances your indignation would be appropriate, (when we know there is an exploit out there but the code is yet to be made public and someone comes on and says thay have it), but I do think that in this case you went a little off the deep end for someone who probably deserves the negs anyway.......
Just my 2c.....
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
July 21st, 2003, 05:03 PM
#14
I think it was exactly how he presented himself. He was saying he got an offline IM and that if anyone wanted to let him know. When exactly has anyone gotten any information from an offline message that was creditable when dealing with security? Especailly when it was that product? He gave us no information at all in who sent it, what it was about? I don't understand why he didn't post the message here in the tread?
Plus have you looked at this s thread?
Hello all. I just wanted to let you guys know that I have Windows Longhorn v.4015 on an ftp server. I am willing to deal and\or trade with some one for this operating system. I also have Windows 2003 Server. If anyone is interested, please either post here or email ssgtkole@go.air-force.com.
Doesn't exactly sound like he was all up to par with our theme of not hacking and Warez and such.
Just a thought...
~AciD
[edit] that's what I get for forgetting to hit the submit button [/edit]
[shadow]There is no right and wrong, only fun and boring...
Formatting my server because someone hacked into it sounds pretty boring to me...
That\'s why it\'s all about AntiOnline.com![/shadow]
-
July 21st, 2003, 05:07 PM
#15
I would also echo Jared's comments, though agree that Haquer should have presented his case/ideas a bit better were he wanting to be listened to, etc. Simply neg'ing people in to oblivion for mentioning hacks to Yahoo, Hotmail, AOL/AIM, Microsoft, or any of our other "favorite pieces of bugware" or such is, well... I don't exactly agree with it.
At the same time, I don't necessarily believe that "we'd simply know about it if it existed already" -- could be a Day 0 bug or something that's still in a pre-announcement phase that no one's mentioned... or still just a work-in-progress (though again, given the way the case was presented, more likely just a k00l d00d trying to get a response).
Guess I'll throw my own $0.02... FWIW... *shrug*
[edit]
And, yeah... just as AciDriveHB said, as our messages crossed in-flight... doesn't sound like this guy was "quite up to presenting his case" -- doesn't mean he didn't somehow have a line on something, but, well... *shrug*
But, if all spam were to be believed, I'd be filthy rich and my penis would be a few miles long by now, I think...
[/edit]
\"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"
-
July 21st, 2003, 05:14 PM
#16
LOL you guys are making good points about not negging him. But the whole fact of the AP system to start with is the fact that we give them out when we don't like something. Haquer should have read the FAQ's of the site and actually "lurked" around and saw how we worked. Then maybe he would have been more informative about his information.
I think most of us go on gut feeling about newbies like this. And I would have to say 90% we are right about their intentions. Though we have a ton of newbies coming through here and such and don't get on their case unless we have reason. Personally I think we have a reason to be wonder what exactly Haquer was trying to get at.
I did send him an email, I also visited his website and sent him another email about it. So we will see if I get any responce.
~AciD
[shadow]There is no right and wrong, only fun and boring...
Formatting my server because someone hacked into it sounds pretty boring to me...
That\'s why it\'s all about AntiOnline.com![/shadow]
-
July 21st, 2003, 11:43 PM
#17
Senior Member
Yea, I use Yahoo, my son uses Yahoo, and my daughter uses Yahoo. I would have liked to know what he had to say. Well, maybe someone else will have that info. I hate to think we missed a chance to fix the problem. We could have been heros instead of Pac Men. On the other hand it could have be a trap. We have to wait and see, maybe.
Freddy
-
July 22nd, 2003, 12:03 AM
#18
Fred Brown said:
. We could have been heros instead of Pac Men
OK:
\"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
Author Unknown
-
July 22nd, 2003, 02:51 AM
#19
Senior Member
I doubt this is what the guy was talking about but i ran across an exploit at packstorm that allows a user to
Exploit for Yahoo Messenger, Yahoo Module that allows for remote command execution on a victim machine via bad URI handling. Requires the victim to view the html. Homepage: http://www.dtors.net/. By bob
like i said i doubt this is what the guys was talking about but here it is anyway.
-
July 22nd, 2003, 05:08 AM
#20
Banned
Im so fed up with all this bull about email accounts getting "hacked" get over it.
If u do not like it then DONT use Email. hell Dont use the inter net, there is allways going to be some idiot out there thinking that he/she is all that just cos thay "hacked" an account.
Get over it, keep ur security high and change pass words regurlly tho simontainusly and dont do what the bank telles you "we recomend using to diffrent passwords and altering between the to". that is just idiousy. use a dif password every time and please nothing ovious.
thay are going to do it one way or enouther. so make it HARD for them in hopes thay will fail or give up.
If u dont like it then dont do it.
Nightfalls_Girl
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|