Thu Jun 16, 2011 3:13 am
Re: These guys must have too much spare time.
I think hackers actually make security better in the end, and the real criminals are these bastards that store terrabytes of personal info about us but then don't invest in quality security to begin with, nonchalantly putting us all at risk while rolling around in the cash they charged us to do it.
the problem with lulsec is the whole showing off their botnet and taking requests thing, kinda douchey and not constructive (sign of immaturity?)... ddos is not necessarily exposing a security fault of the victim but rather showing the glaring security problems that have been inherent in windows for a while now and thus allowing the creation of these zombie armies to carry out attacks... hopefully the new OS paradigm shift that's happening (iOS, android, chromeOS etc.) will qwell some of the zombie problem, and leave using a real PC to those who actually need it... but anywho
hacking citibank because they actually put account numbers in the query strings of their urls
whisky tango foxtrot:
hopefully this is gonna get some asshat "program manager" that insisted on doing it that way (its never the programmer
I blame the management!)... and that's constructive to the industry in the end, even though there is collateral damage if the stolen info gets used for evil purposes.
the problem with lulsec is the whole showing off their botnet and taking requests thing, kinda douchey and not constructive (sign of immaturity?)... ddos is not necessarily exposing a security fault of the victim but rather showing the glaring security problems that have been inherent in windows for a while now and thus allowing the creation of these zombie armies to carry out attacks... hopefully the new OS paradigm shift that's happening (iOS, android, chromeOS etc.) will qwell some of the zombie problem, and leave using a real PC to those who actually need it... but anywho
hacking citibank because they actually put account numbers in the query strings of their urls
whisky tango foxtrot:
In the Citi breach, the data thieves were able to penetrate the bank’s defenses by first logging on to the site reserved for its credit card customers.
Once inside, they leapfrogged between the accounts of different Citi customers by inserting various account numbers into a string of text located in the browser’s address bar.
hopefully this is gonna get some asshat "program manager" that insisted on doing it that way (its never the programmer
I blame the management!)... and that's constructive to the industry in the end, even though there is collateral damage if the stolen info gets used for evil purposes.- 0
