Topic: Computer security (Read 24606 times)

Thad · « **on:** April 19, 2008, 09:39:14 PM »

So, okay. Apparently some ISP's have started a practice of giving custom 404 pages with ads on them. This probably sounds like a great idea to a business major. For someone with a computer background, on the other hand, allowing actual data to be transferred to and from addresses that don't actually exist should probably sound like a bad idea. (Every net admin who actually implemented this system is unworthy of the job title.)

Per The Reg, Earthlink's ad host allows for what they're calling Provider-in-the-Middle attacks (a variation on Man-in-the-Middle, in which a third party intercepts secure communications and tricks each side into believing he's the other). In essence, if you type in "ww.microsoft.com", you get a 404 page that your browser believes is actually on a valid Microsoft subdomain. Using an XSS vuln, someone can link to that phony subdomain and access your microsoft.com cookies and, I would imagine, set up phishing sites which pass a security cert check.

Earthlink's ad company has already closed the hole, but there are bound to be others like it. This is an inherently bad idea; deliberately spoofing a website is, by its very nature, an invitation for phishing attacks.

Dan Kaminsky, the security researcher who found the hole, has also tied the issue back to net neutrality -- this is, after all, a concrete example of ISP's interfering with the content their users receive.

JDigital · « **Reply #1 on:** April 20, 2008, 03:07:40 AM »

Verizon or someone did something like this while ago. What happened was that any domain that didn't resolve would isntead automatically resolve to a custom search page. In effect, Verizon were cybersquatting on every unregistered domain for everyone on the internet.

Of course, this was a ridiculous hack to the DNS system, since now every possible internet hostname resolved. Verizon dropped it after a while, but the Iraqi information minister they hired reassured us that feedback was mainly positive and outcry from internet users had nothing to do with their decision.

Royal☭ · « **Reply #2 on:** April 24, 2008, 04:19:40 PM »

Okay, so I'm a pirate. Big deal, everyone commits some form of copyright infringement on these forums.

But the other day, I put my DVD of Oblivion in disc drive and attempted to install, but everytime about 56% of the way through it gave me an error and quit. Looking on the back I noticed there's a scratch. Thinking that I'd rather not pay for another copy of a game I already purchased once, I decide to just torrent it and use my info with that.

Today my internet was turned off until I called the company. Apparently a tracker was on the torrent and Bethesda, or more likely 2K, had flagged down my IP, checked my hard drive and notified my ISP that I was doing illegal stuff. So naturally my ISP did the chickenshit thing and shut me down. When I called them, they just kind of diverted blame and tried to gloss over the fact that major publishers had no problems illegally scanning my hard drive.

Now, this isn't meant to be some power to the people down with the man bullshit post, this is more of a "How do I not less this happen again?" post. Basically, what extra measures can I take to ensure that even if a file has a tracker on it they won't be able to sniff down my IP or even know that I'm doing anything? Any tips?

Kazz · « **Reply #3 on:** April 24, 2008, 04:25:14 PM »

Oblivion sucks! Play something else!

Niku · « **Reply #4 on:** April 24, 2008, 04:32:44 PM »

Stop being a filthy pirate.

Royal☭ · « **Reply #5 on:** April 24, 2008, 04:42:39 PM »

Seriously not helping.

Brentai · « **Reply #6 on:** April 24, 2008, 10:19:26 PM »

I really doubt anybody scanned your hard drive. Besides the question of "How the heck did they manage that?" there's also the fact that all they needed was proof that your IP was connected to that torrent.

Anyway, there are some solutions to your "problem", but they're not things I want to elaborate on a public forum very much (I'm already in trouble for saying too much shit here, apparently). Nothing's going to make you 100% undetectable super-L33T, anyway, so the best thing to do is to realize that was just shit luck, that it doesn't happen that often, and count your blessings that it apparently blew over somewhat.

Also, if you're missing either a firewall or scanner, you deserve what you just got. Also also, check the comments on torrents before you download them; most users will catch traps way before you stumble onto them.

Norondor · « **Reply #7 on:** April 24, 2008, 11:39:04 PM »

keep an open, unsecured wireless network running in your house. if your wireless router has power settings that let you adjust the broadcast range, keep it as low as possible. in this way, you can always claim that someone was wardriving, or it was your asshole neighbor.

Thad · « **Reply #8 on:** May 01, 2008, 12:14:41 AM »

It's an arcane solution, but Tor will hide your ass pretty effectively.

(YEARS-LATER EDIT: This advice is terrible enough for me to edit my post years later. Do not use Tor for piracy. From a practical standpoint, it's too slow, and from an ethical one, there are people who need that bandwidth for much more important shit than you getting a copy of Oblivion. Like speaking out against oppressive regimes.)

If I could prove I'd had my Internet connection shut down for torrenting a game I had legally purchased, I'd talk to a lawyer. But that's because I would literally be willing to spend the next decade of my life trying to fight the DMCA. (Think I mentioned this before, but I have recently been putting serious thought into studying copyright law.)

Fredward · « **Reply #9 on:** May 01, 2008, 03:14:05 PM »

last time i used tor i got banned from pyoboards

Thad · « **Reply #10 on:** May 01, 2008, 04:57:25 PM »

Well, it's a proxy, right? So he could easily configure his BT client to use it while keeping his browser proxy-free.

That DOES bring up another point, though: since forum admins can have legitimate concerns with Tor as a result of things like ban-dodging, people who share torrents could likewise object to it because it could be used to mask the identities of people who don't stick around to seed. However, in my experience, the majority of people who share torrents don't care.

Arc · « **Reply #11 on:** May 01, 2008, 09:14:35 PM »

PeerGuardian is the answer you seek.

Been running on my system non-stop for two years now.

Don't P2P without it.

sei · « **Reply #12 on:** May 03, 2008, 05:00:55 AM »

Not a perfect solution, but I use it too. Kind of annoying when it blocks shit erroneously (pyoko IRC, Mythos, other things people care about even less) but white-listing isn't that hard.

Quote from: http://phoenixlabs.org/pg2/faq/

How safe is PeerGuardian, really?

Well, it is accurate in the sense that it blocks everything on your blocklist. It is impossible to know _all_ the addresses to block so while it will increase your safety to a good extent, it can never be perfect.

Also, don't do anything completely retarded, like downloading movies near their release dates.

MadMAxJr · « **Reply #13 on:** May 03, 2008, 07:34:00 AM »

PeerGuardian is awsome, unless you use Vista. (Before you bombard me with hatred, it IS for work related reasons.) I have yet to find something just as awesome that'll run on this OS. I'd migrate all my demonoid downloads to my Linux box, but they don't have a solution for that either.

sei · « **Reply #14 on:** May 03, 2008, 01:26:48 PM »

I'm kind of liking the NoScript plug-in for Firefox. It's kind of surprising just how many off-site scripts are embedded in a lot of the places I visit.

I feel kind of bad blocking stuff like google-analytics, and can imagine things like browser statistics and user trends leaning towards the less informed, as more people adopt the sort of stuff that kind of opts them out of being tracked.

Royal☭ · « **Reply #15 on:** May 04, 2008, 05:36:11 PM »

Quote from: MadMAxJr on May 03, 2008, 07:34:00 AM

PeerGuardian is awsome, unless you use Vista.

Fuck. Is there anyway to actually get it working, or am I fucked?

Rico · « **Reply #16 on:** May 04, 2008, 06:36:45 PM »

The Beta works alright in Vista. I had it running for a little while, but found PeerGuardian pretty obnoxious when trying to play an actual game online and having to individually safelist about 50 Blizzard IPs to use battle.net.

Mongrel · « **Reply #17 on:** June 11, 2008, 05:08:30 PM »

Oh hay remember us lol?

Yeah, they're still at it.

P.S. I couldn't find the old 'China is fucking etc.' thread, which is really where this belongs. Feel free to split this if you think it merits it.

Thad · « **Reply #18 on:** June 11, 2008, 05:59:29 PM »

I can't merge them.

Closest we've got is Olympic Torch Ceremony Disruptions, which this decidedly doesn't fit with. I'll split if enough conversation spawns.

Mongrel · « **Reply #19 on:** June 11, 2008, 06:35:15 PM »

Hah, no wonder. Now why on earth did I think that conversation had continued onto this board?...

News:

Author Topic: Computer security (Read 24606 times)