AO - Max security for a connected world

[gore]

Funny, we're always glad over at the Taz to receive any new tut in any way, shape, or form. Tut threads there don't degenerate into flame wars, regardless of the topic, and are usually expanded upon by both the author and our other members as softwares change, or if methodologies differ. ONE single tutorial written over a year ago has generated an UnGodly amount of responses, asking everything from 'will this work with this hardware' to clarification on the 'how to' process in hardware specific instances. The methods used have been refined to a point where a kindergartener could comprehend it now, and updates come whenever the software changes.

Amazing what a user-run forum can do eh? Uncannily enough, there are no ap's, rep points, or anything that can be assigned to any poster - if someone posts ignorant fluff, his info is quickly corrected by the other members and that user learns.

Incidentally, if the specific tut I'm talking about were posted here, it would've been deleted and the user banned. It involves cracking. Since that user is known to operate on both forums, he'll remain nameless here, and we're bloody glad to have his instruction there.

Now do I support such activities by allowing them to exist and remain in a forum I moderate? Not truly, but as previously stated in this thread I learn the methods of those who would crack my own network, and by doing so strengthen it against that style of attack. Security is a double-edged sword at best, and learning about it comes in many, many forms. To get cliche about it, "Know your enemy."

Nuff said.
|ce

I personally don't ban or close threads about that. I think it would be a bit hypocritical to do that. anyone in ANY security profession should know how the other side operates because there is no way you're going to know how to prevent that unless you first understand how it works.

Even people like professional safe crackers have a legitimate use in a business. Safe's are rated by how long it takes to crack them, if you want it tested, to see how safe your safe is, are you going to ask the people who make it? Or have someone who does it REALLY well, try it out and tell you?

Or that show "It takes a Thief".. It's a really good show, and people who do home security most likely know exactly how to break into a house. That doesn't make them a criminal if they do it on their own property the same way me setting up Windows 98 SE and not patching it to break in doesn't make me one.

That's me personally.

[xiphias360]

lol, well gore's hard at work doing that for me. actually, it stayed up for more than a minute this time, maybe he got tired, heh. Yeah i guess i can give the little guy a break...

Hey Ice, would they frown on such a signature at that tazz zone? if not, i may need to swing by...

[JPnyc]

Funny, we're always glad over at the Taz to receive any new tut in any way, shape, or form. Tut threads there don't degenerate into flame wars, regardless of the topic, and are usually expanded upon by both the author and our other members as softwares change, or if methodologies differ. ONE single tutorial written over a year ago has generated an UnGodly amount of responses, asking everything from 'will this work with this hardware' to clarification on the 'how to' process in hardware specific instances. The methods used have been refined to a point where a kindergartener could comprehend it now, and updates come whenever the software changes.

Amazing what a user-run forum can do eh? Uncannily enough, there are no ap's, rep points, or anything that can be assigned to any poster - if someone posts ignorant fluff, his info is quickly corrected by the other members and that user learns.

Incidentally, if the specific tut I'm talking about were posted here, it would've been deleted and the user banned. It involves cracking. Since that user is known to operate on both forums, he'll remain nameless here, and we're bloody glad to have his instruction there.

Now do I support such activities by allowing them to exist and remain in a forum I moderate? Not truly, but as previously stated in this thread I learn the methods of those who would crack my own network, and by doing so strengthen it against that style of attack. Security is a double-edged sword at best, and learning about it comes in many, many forms. To get cliche about it, "Know your enemy."

Nuff said.
|ce

That's fine for some small forum that you run. You don't have the same liability issues that we do. It's just a fact of life. I understand the double-edged sword involved in security, but while you're educating people on how to secure their site, you're also telling those who would seek to compromise it, how to do it. Which of those two do you think is more likely to see it?

[gore]

And back off topic we go again...We do have a PM system in place. I know we do, because I've sent you how many now trying to resolve this?

[gore]

That's fine for some small forum that you run. You don't have the same liability issues that we do. It's just a fact of life. I understand the double-edged sword involved in security, but while you're educating people on how to secure their site, you're also telling those who would seek to compromise it, how to do it. Which of those two do you think is more likely to see it?

I have mixed feelings about that. Anyone who wants to do that can easily find another site to teach them, so in that respect you'd be somewhat covered already as there are countless sites to teach you how to do this sort of thing and just say "this is for information / research purposes only we aren't responsible for what you do with this information and it's illegal to do this to things you don't own" and that usually covers the butt.

On the other end I also understand that problem with who exactly sees it.

[Egaladeist]

OK...I'm going to interject here...

obviously, xiphias360 gore has crawled under your skin and you can't shake him off...gore does have that affect sometimes...but your constant baiting is ruining what could be a very useful thread...

go start a hate gore thread and stay out of this one if you don't have something valuable to contribute.

[|3lack|ce]

Ah, but Gore, here's the rub. Your individual actions are not necessarily the actions of other moderators, and you bloody well know it. I knew when you took the mod spot you were known to hit both sides of that line occasionally, and I was glad to see it getting into the mods group. There *are* other moderators who'll nuke a thread and a user in a freakin heartbeat over the mere mention of the word 'hack' or 'crack' or 'phreak', or any implication thereof.

JPNyc: What you seem to be asking is 'why did you stay' to each of us oldtimers - to help your editors provide for the forum, I'll give you the following: I came here and stuck around because there was a time lag of about 2 minutes from an original post before I had a viable solution to whatever problem I had. I look at the main forum index today and see topics 4 days old *Still* on the front page. Time was when any new topic had a front page (most active) life of about 5 minutes if it weren't worthy of much note, or quickly resolved. I'd suggest finding a nice core-group of users to answer questions - nihil is usually on top of it, although his ego runs off with him on occasion, but you need others. MsMittens was a wonderful one to get with - and her news posts were quite nicely accepted as well. Y'all ran off TigerShark for whatever reason I don't know, but I most certainly welcomed any instruction he deemed to give in his posts - that guy should've been a mod. But I digress - back to the point, plain and simple. I stayed because I got correct answers in a very rapid fashion. Others benefitted from my stay because I did my best to provide correct answers as rapidly as I could. At one time this was my browser homepage, because I enjoyed it so much. I lost it after the big blowup with spidey back in the day - read about it in addicts a couple years ago now, I don't remember any details other than it drove me away, although I'm still very much of the opinion that he has absolutely no business modding here.

And there ya have it.
|ce

[edit to Xip] Not that I've seen yet - we usually handle personal issues by pm's though - but most of our membership gets along quite well too, with a very few exceptions. We've got a "Slap Me Silly" forum as well, which is by request to join, limited to *one* active thread at a time, and is wonderful for flaming/venting.[/edit]

[xiphias360]

J to tha P can post where he wants, now back in line, you!

[JPnyc]

I have mixed feelings about that. Anyone who wants to do that can easily find another site to teach them, so in that respect you'd be somewhat covered already as there are countless sites to teach you how to do this sort of thing and just say "this is for information / research purposes only we aren't responsible for what you do with this information and it's illegal to do this to things you don't own" and that usually covers the butt.

On the other end I also understand that problem with who exactly sees it.

My point was not that the information is not available out there, but rather who can and can't afford to join that group who makes it available. There's a very fine line to be danced around here, and unfortunately, unlike small personally owned forums, we have to tiptoe constantly around it. We simply don't have a choice.

[xiphias360]

obviously, xiphias360 gore has crawled under your skin and you can't shake him off

i think you got that backwards, wanna see my inbox?? Oh wait, you can't. He said i'd be banned if i posted PMs, lol...