Just read your article on profiling hackers. You are ahead of your time.

The stuff coming out of your site is so advanced I hope the
world is ready for it. The FBI and NSA should be contracting
you for special jobs.

I like to think that I am ahead of things too, but you take the
cake. I don't have time to do the following but it might be

Have a honeypot machine where you actually WATCH the hackers at
play. Let them get into the machine and have another web site
where they can be watched. It's similar to your real-time
monitoring of the hacks against your site but even more
entertaining because, the "hackers will be hacked".

Walt Howard

aka Wally Whacker

Who? Us? Do something like have honeypots and entire phantom networks installed so that we
could monitor hacker activity and profile attack patterns in real-time? Nahh....

Dear Editor:

I am a lawyer writing on behalf of Jay Dyson, a gentleman upon whom
this site recently commented. I'm sorry to say that your comments
were in several respects either false, defamatory or both.
First, Mr. Dyson never threatened to use a gun to kill a member of the
Hagis gang, or anyone else for that matter. A February 6, 2000
article by Forbes magazine writer Adam Penenberg states as follows,
quoting Mr. Dyson: "I have no intention of dragging u4ea to the
authorities,' he [Dyson] says, fingering his.45, "This is strictly
between him and me. I will do whatever it takes to see this end [of
the harassment] come about." The writer of that story certainly
inferred that Mr. Dyson was threatening some sort of revenge. That
conclusion was Mr. Penenberg's to draw. But it was not what Mr. Dyson

Threatening to harm someone is a serious matter and a criminal
offense. Mr. Penenberg drew a dangerous inference, which is
inaccurate, but it is his right to infer. You stated as "fact"
something which was false. This is defamatory and poor journalism.
Second, Mr. Dyson has not and does not engage in flame wars on the
dc-stuff or any other mailing list. I believe that most members of
that list find Mr. Dyson's posts have a very high signal-to-noise

Most importantly, I must remind you and your readers that while the FBI
questioned Mr. Dyson in connection with their investigation of the Hacking for Girliez group,
he is not formally charged with or accused of anything. Nor should he
be. I am Mr. Dyson's lawyer and I spoke personally with the
investigating FBI agents. As far as I know, Mr. Dyson is not now a
suspect in or a target of any FBI investigation. If you know
differently, please contact me with your information.

I do not believe that these conflicts between people in the hacker
community, many, if not most, of which are personal and
inconsequential, should result in legal action. Hackers would be a
lot better off if less time and energy was spent baiting each other,
and more spent, well, hacking (and battling the bad press). However,
as Mr. Dyson's attorney, I could not help but write. I hope you will
print this letter as a counterpoint to your own allegations. One
beauty of the Internet is its open nature. Perhaps the real truth
will emerge from this exchange.

Jennifer Granick

HAHA, crack me up. Ok, first off, it was Carolyn Meinel who had this information up on her
HappyHacker.org domain. I have no editorial control over any of her stuff, so you'll have to bitch her out yourself. Secondly, did any of you read this piece of crap that Adam Penenberg wrote? It's pathetic even to his standards. He did a story about some screwed up dude that lost 100 pounds and bought a bunch of guns because some hacker broke into his personal webpage. Oh, it gets better. His wife got so upset because she got an e-mail from this hacker, that she divorced this guy, and had to file for disability because she's too emotionally distraught to work. No, I'm not making this up, this is actually what Forbes reporter Adam Penenberg wrote about! Haha, I was crying I was laughing so hard when I read it. ****, I get attacked an average of 340 times an hour. If I was as screwed up as this Dyson family is, I should weigh about 45lbs and be living in an insane asylum. Haha. Oh, I love it. God help that family if the neighbor's dog starts barking at night, it might drive the whole lot of them to commit some sort of ritualistic suicide the likes of which we haven't seen since the hale-bopp comet was around. For those of you that missed this story which should either win Penenberg the Pulitzer Prize or a job as senior editor for the National Enquirer, here's the link. Oh my, leave it to Penenberg to give us all a good laugh (the sad part is that he's not trying to). What next Adam? BatBoy found in AOL Data Center?

Augur Submitted The Following:


I've been reading your page for a rather long time, and have always enjoyed it. Now personally, it isn't quite where my interest lies, it focuses a bit to much (in purely my own opinion) on current events related to electronic security, rather than the security itself (the very large quantity of popular news media links, for example). Still, your site is of generally superior quality. My favourite section (the same, I'm sure, as that of numerous other readers) is the (usually) weekly mailbag. I'm just writing to submit that perhaps an additional required field be added to your submission form, specifically, one inquiring as to history of mental illness in the person's family and self. I'm forced, by the general senseless nature of the ravings which mock you and critisize your genetic background and heritage, to estimate that better than half of these persons will suffer from considerable mental distress. Statistics could be posted in a new section of your site, measuring a random sampling of the Internet pub
lic against the results from those who submit to your mailbag. These results could, in-turn, be divided into to classes, compared against each other, those with an anti-{antionline/JP} slant, and those with a pro(antionline/JP) slant. This would be most intriguing.

I know, I know I know. This concept is inheirently flawed (as is my spelling), calling upon the first of the two true (and ryhming) constants (Everyone lies) these statistics would be valueless. Still, these would be a most diverting exercise.

Good day.

Ok, way over my head. Any psych students looking for thesis topic? I'd be more than happy to violate our posted privacy statements in order to give you research data about our assorted viewership. All of the world's privacy advocates are far too distraught over DoubleClicks' Cookies to notice anyway.


The silliest thing i've been hearing the past week has to do with "unless you're running tight security, you deserve to be hacked, or if you're hacked it's your own fault."

All i can say to those journalists is:

Do you have bulletproof windows at your office? Does that give me the right to perch across the street with a sniper rifle and see if they're bulletproof?

The answer to both questions is NO! There are vulnerabilities to many aspects of your life. Just because you're not sporting a 6-point roll cage and a fire supression system in your commuter car; it doesn't give someone else the right to ram into you and see if you could survive the collision. Like most people out there, none of my cars have alarm systems on them. Whether or not they do, it doesn't give someone the right to steal something out of them. If they do break into the car then they should not whine when they're arrested.

Computer security, personal security, and security in general. Just because vulnerabilities exist, it does not inherently give someone else the right to exploit them.

Obin Robinson

Preach on brother-man! While it may be technically possible for someone to go purchase a gun and then shoot up a few dozen people, we as a society have made it very clear that we would not accept such an activity, and we would make sure that anyone doing such a thing would face a stiff penalty. This would insure that the offending individual would never commit such an act again, and also to act as a deterrent to others from committing similar acts. We as a society have made laws about denial-of-service attacks. While it may be technically possible for an individual to shut down any given website for a period of time, anyone committing such an act would face a stiff penalty. This would insure that the offending individual would never commit such an act again, and also to act as a deterrent to others from committing similar acts. Catch my drift? The media has been listening to the computer criminals that are trying to come up with pathetic ways to justify their actions for far too long now.

"The experiences of the past, where such tools enabled people to come up with patches is factual proof that full disclosure will improve security."

Imagine the same logic applied to weapons of mass destruction. If we don't invent a new infectious agent first, someone else will. We have to release this into the wild so that enough people will die that someone has to invent a cure. We just make the weapons, its up to you to defend yourselves. It's all for the good of the . If we don't release them first, someone else might come along and invent the same thing, and then where will you be (umm, how about in the exact same boat?)

There's no practical limit to the number of exploits that will be found and used. There's no practical limit to the number of attacks that can be invented. Why do I feel like a hamster on a little wheel? Patch, check, patch, check, patch, check. Will we ever see the end of this cycle? I doubt it. Personally, I can't see the favor Mixter thinks he's doing me.

- Mycos