IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New Interesting "analysis" / Guess-of-motives
Interesting too.. the local IGM general disgruntlement with Steve's flamboyant prose, in various of his pronouncements over the years - has its counterparts in that thread, too. Except that he also has his defenders. Who note that, re all that original poo-poohing re Steve's "raw sockets" tirade: SP2 closed the suckers, years (after hopefully, nobody noticing?) later.

As to his suspicions (as already noted here) how's come the fix in 9x got conveniently disregarded in >9.x? Nothing overtly paranoid in Steve's take: he, like the author of thread are *all* guessing re pgmr. motivations. (Nobody evah tells the Whole-truth about 'motivations' anyway) cf. "Baby it's your mind that attracts me... Really."

I notice that at least a couple responders are also aware of his assy lang. wizardry. Well, that stuff may be abstruse but its not unfathomable. Even moi had a brief immersion in the power/speed of assembly; I ackshully wrote a few bars of one riff. Certainly exercises the little grey cells, after about line 10. How many lines in SpinRite? (Though.. the exe remains still, astoundingly tiny, compared with the shortest C+slovenly masterpiece.)

I don't mind Steve's 'style' - his audience is not (typ) the anointed, anyway. But he certainly doesn't need to defend his techno competence: Let's see someone/anyone? do a clean-room clone of Spin Rite. I dare ya. Name the bet.

'Til then, I give him an A- for being among the few who continue to dig into projects that manifestly Won't make him any $$ ..and, even when they attack his fav OS (which does, indirectly "make him some $$".) And.. he Found this one; still he gets dissed: by the Anointed-who-never-looked. Cheap shots. Like at an AMA convention re gall-bladder speed-removal techniques.

Hands up: anyone here ever used his Shields Up?
(when you left your test suite in the Norton's saddle bags)

Grudgingly?


Steve: +3
Beast: -4

(-2 of that - for a new low in artlessness of "excuses" - rivalling the number of subsequent "reasons for Iraq invasion", besides those awful invisible WMDs.)


My three accumulator rotations, Left.

New Shields up is a waste of time.
Nmap is far better, and doesn't provide a web-based DDOS mechanism.

(Crappy IP address hashing in the algorithm used to generate the URL that initiates the scan means that I can use grc.com to hit other people's computers. Security-minded, my arse)

Steve should stick to hard disks.


Peter
[link|http://www.no2id.net/|Don't Let The Terrorists Win]
[link|http://www.kuro5hin.org|There is no K5 Cabal]
[link|http://guildenstern.dyndns.org|Home]
Use P2P for legitimate purposes!
New Elitist smugness
Steve realizes the attention span and priorities of the impatient/uninformed majority-caste.
For the unwashed, Shields Up is simple and a fuck of a lot better than nothing at all == the Usual situation.

Now tell me how many of the clueless are going to find out how to install and use WinPcap first, then remember wtf DOS was, then launch their nmap and go back to gaze again at that [link|http://www.insecure.org/nmap/install/inst-windows.html#fig-windows-cmdshell-exec| DOS readout] and interpret same. Ditto the "Win" version that still displays in DOS box. Stark as evah. woo.

Nicely accurate details - for those familiar with such details.
For the rest - it's Google time to find out [what a port is] exactly which ports should be open and why/when. And how to CLOSE them (by port #) in whatever serves as their 'firewall' du jour.

They won't find any 'interpretive assistance' at insecure.org [if they find That] but... it's Out There, innit.

Sure, Peter -- LOTS of folks can, will do this;
they Love increasing their l33T skillz - piece o'cake.
We should restrict such tests to only those who can savour all the details and find out how to interpret them. Right after they learn how to edit the Registry.

As to hijacking via his site -?- I guess so.
But then, lots of folks open e-mail attachments too.
So Steve should make it comprehensive, free, easy + bulletproof, or: it sux, izzat it?
Maybe he should require e-mail confirmation of your addy before you can push that button.



You're a crank, y'know?

(But then, I too have mixed feelings about people who've been 'using' these machines for 10 years and get all weepy-eyed on first discovering what the word 'backup' might mean. Fuck-em - maybe they SHOULD all have to use nmap and XP-Hovel-edition forever...)

Speaking of us unwashed -
Hey! I almost.. got a Beast-modem to function in Mepis! init-string Bingo, etc.
Hell, >IT< thought it was 'Active', except ...

when it came to ackshully processing those little AT thingies and deciding to dial something. Mepis-Hovel-edition?
(The Hayes Optima is fine - but that was too easy.) ;^>




Ed: Optima or nit-picky ackurasy

Expand Edited by Ashton Jan. 29, 2006, 06:10:34 AM EST
New Whatever, Ash.
ShieldsUP is a DDOS waiting to happen. (Or not waiting at all: who knows?)

(Its usage is also against the AUP of most ISPs - portscanning anything for any reason is usually verboten. You probably won't get caught, though.)

But hey, it's EASY, so therefore it's GOOD.

Gibson knows loads about hard disks and next to bugger-all about security.

I don't genuflect before his image.


Peter
[link|http://www.no2id.net/|Don't Let The Terrorists Win]
[link|http://www.kuro5hin.org|There is no K5 Cabal]
[link|http://guildenstern.dyndns.org|Home]
Use P2P for legitimate purposes!
New Sorry Ash, but Peter is right here.
New I acknowledge those valld criticisms.
But I also accept that - until some DDOS affair is definitely traced back to his site / or / ISPs more uniformly trap port scans.. (or at least sequential ones of this magnitude) -- it's still probably the closest thing to nmap that the clueless will actually use.

And it does, at least - flag the wide-open machines. The user may not grok much, but seeing a lot of red boxes -- just may prompt a few to ask someone to tell them the obvious.

Anyone who manages to close some of those ports, finally - is one less zombie. And isn't that what we mainly bitch about? the millions who don't even know that they don't know shit?


Then again.. likely it is merely Pearls before swine.
Maybe if grc closed its doors, there'd be no perceptible change in the zombie population. But since we can't measure that, anyway - -

     Steve Gibson: "WMF flaw was a deliberate back door". - (Andrew Grygus) - (30)
         He needs to adjust his tinfoil IMHO -NT - (altmann) - (9)
             He's got a pretty good case - (bepatient) - (8)
                 Yup - (broomberg)
                 Is there more in it that what was in the transcript? - (altmann) - (3)
                     Where'd you find a transcript? - (jb4) - (2)
                         On GRC - (Another Scott)
                         Podcast is just an MP3 -NT - (drewk)
                 A guy over at SysInternals is said to be . . . - (Andrew Grygus) - (2)
                     Sysinternals verdict: Not a back door - (altmann) - (1)
                         Just stupidity and incompetence, eh? SOP for M$. -NT - (n3jja)
         Seems very unlikely to me - (JayMehaffey) - (13)
             But thats just as bad - (bepatient) - (5)
                 Do I unnderstand this right? - (drewk) - (3)
                     did $MS understand multithreading when they wrote it? -NT - (boxley)
                     It is part of that - (JayMehaffey)
                     No. - (broomberg)
                 I would say not quite as bad - (JayMehaffey)
             Microsoft have an explanation. - (static) - (6)
                 Artful Dodging - (admin) - (1)
                     Link fixed. - (static)
                 I like how that "blog" doesn't allow comments, too. -NT - (admin)
                 If it's brought forward from legacy stuff . . . - (Andrew Grygus) - (2)
                     Dang. Beat me to it. That was my first thought. -NT - (mmoffitt) - (1)
                         No default program for WMF = No "critical" vulnerability -NT - (altmann)
         Interesting "analysis" / Guess-of-motives - (Ashton) - (5)
             Shields up is a waste of time. - (pwhysall) - (4)
                 Elitist smugness - (Ashton) - (3)
                     Whatever, Ash. - (pwhysall) - (2)
                         Sorry Ash, but Peter is right here. -NT - (inthane-chan)
                         I acknowledge those valld criticisms. - (Ashton)

Closed-captioned for the hearing impaired.
102 ms