Feeds

cDc bores two thousand people at once

And other way kewl tricks

  • alert
  • submit to reddit

Build a business case: developing custom apps

Defcon 08: by wireless

The Cult of the Dead Cow -- authors of Back Orifice and BO2K and the undisputed glam rockers of the hacking underground -- amazed the crowds at Defcon with an hour of shallow meditations on site defacements, network security, and themselves.

We knew we were in trouble at the opening, as member Tweety Fish kicked off the long-anticipated festivities with the disclaimer, "Just to let you guys know, um, we were pretty much perfectly aware that, that, that, we were not going to top last year? So, we're not going to try? So, we're just going to talk to you a while."

And things proceeded rapidly downhill from there.

At last year's presentation, Tweety noted, he had given "a little bit of a speech that was directed towards some of the younger members of our audience? And their habit of putting dumbass, pointless, misspelled shit on other people's Web pages? And I didn't tell people not to do it last year? .... But I've been following it for the past year, and, um....you can stop now. It's just not going to be cool."

And then things proceeded further downhill, as a totally unrehearsed, unprepared cDc continued to wing it for the masses.

"It's sad to think of this as the high point of the year," one enervated audience member remarked to us.

We stuck around only long enough to hear member Deth Veggie explain that our expectations of an interesting presentation were extravagant because, "We're not a software company?"

All right, fair enough. No one said they had to be a software company. But no one asked them to convene for an hour with two thousand expectant people in a hot room when they had nothing of interest to say, either.

Later, during a press conference, Tweety Fish reminded us that "people shouldn't expect a new tool from us each year, because....we're not a software company?"

Perhaps we left the hot room a bit too early. Sir Dystic, we learned, did write a tool which exploits a few long-standing NetBios protocol weaknesses, enabling a user to kill a network running NetBios by commandeering and otherwise manipulating machine name assignments. The tool is available from cDc, and the software patch to defeat it is now available from Microsoft.

As for what cDc has been occupying itself with this year -- since they haven't been hacking out the code to any newsworthy extent -- we are not quite sure. "I think that the thing we're most focused on right now is trying to get people involved....in developing a theory of what hacktivism actually is," Tweety suggested during the press conference.

We thought this could be an exciting development, but Tweety was less than encouraging. "I don't think it has evolved enough, and I think there are too many people who have [merely] talked about it....it just hasn't happened yet," he said.

A good example of 'real' hacktivism, Tweety reckoned, was Bronc Buster's hack of October 1998 which defaced the official, government-controlled Chinese Society for Human Rights Studies Web site with a substitute page claiming "I simply cannot believe the total bullshit propaganda on this Web site," and linking to critics of China's authoritarian regime, such as human rights group Amnesty International.

Another might be hacking "a corporate Web site for a clothing manufacturer that had crazy, unfair labour practices in some part of the world, and revealed information about that which you couldn't get any other way."

And that, we reckon, is a very promising seed well worth cultivating. Thus far, the cDc Web site has made a small start with its Hacktivismo page, which contains little more than a couple of links and some text borrowed from the electrohippiesWeb site.

If the cDc had the grace to sit this Defcon session out and quietly put their efforts into developing such a concept, exchanging ideas on their Web site, networking with other crews, coming up with some appropriate tools, and presenting it all as a coherent, tangible proposal, we would have had the pleasure of writing a very positive, perhaps even flattering, article.

Maybe next year. We will see. ®

Next gen security for virtualised datacentres

More from The Register

next story
Video of US journalist 'beheading' pulled from social media
Yanked footage featured British-accented attacker and US journo James Foley
Kate Bush: Don't make me HAVE CONTACT with your iPHONE
Can't face sea of wobbling fondle implements. What happened to lighters, eh?
Caught red-handed: UK cops, PCSOs, specials behaving badly… on social media
No Mr Fuzz, don't ask a crime victim to be your pal on Facebook
Ballmer leaves Microsoft board to spend more time with his b-balls
From Clippy to Clippers: Hi, I see you're running an NBA team now ...
Amazon takes swipe at PayPal, Square with card reader for mobes
Etailer plans to undercut rivals with low transaction fee offer
Microsoft exits climate denier lobby group
ALEC will have to do without Redmond, it seems
Assange™: Hey world, I'M STILL HERE, ignore that Snowden guy
Press conference: ME ME ME ME ME ME ME (cont'd pg 94)
Call of Duty daddy considers launching own movie studio
Activision Blizzard might like quality control of a CoD film
US regulators OK sale of IBM's x86 server biz to Lenovo
Now all that remains is for gov't offices to ban the boxes
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.