Feeds

cDc bores two thousand people at once

And other way kewl tricks

  • alert
  • submit to reddit

Security for virtualized datacentres

Defcon 08: by wireless

The Cult of the Dead Cow -- authors of Back Orifice and BO2K and the undisputed glam rockers of the hacking underground -- amazed the crowds at Defcon with an hour of shallow meditations on site defacements, network security, and themselves.

We knew we were in trouble at the opening, as member Tweety Fish kicked off the long-anticipated festivities with the disclaimer, "Just to let you guys know, um, we were pretty much perfectly aware that, that, that, we were not going to top last year? So, we're not going to try? So, we're just going to talk to you a while."

And things proceeded rapidly downhill from there.

At last year's presentation, Tweety noted, he had given "a little bit of a speech that was directed towards some of the younger members of our audience? And their habit of putting dumbass, pointless, misspelled shit on other people's Web pages? And I didn't tell people not to do it last year? .... But I've been following it for the past year, and, um....you can stop now. It's just not going to be cool."

And then things proceeded further downhill, as a totally unrehearsed, unprepared cDc continued to wing it for the masses.

"It's sad to think of this as the high point of the year," one enervated audience member remarked to us.

We stuck around only long enough to hear member Deth Veggie explain that our expectations of an interesting presentation were extravagant because, "We're not a software company?"

All right, fair enough. No one said they had to be a software company. But no one asked them to convene for an hour with two thousand expectant people in a hot room when they had nothing of interest to say, either.

Later, during a press conference, Tweety Fish reminded us that "people shouldn't expect a new tool from us each year, because....we're not a software company?"

Perhaps we left the hot room a bit too early. Sir Dystic, we learned, did write a tool which exploits a few long-standing NetBios protocol weaknesses, enabling a user to kill a network running NetBios by commandeering and otherwise manipulating machine name assignments. The tool is available from cDc, and the software patch to defeat it is now available from Microsoft.

As for what cDc has been occupying itself with this year -- since they haven't been hacking out the code to any newsworthy extent -- we are not quite sure. "I think that the thing we're most focused on right now is trying to get people involved....in developing a theory of what hacktivism actually is," Tweety suggested during the press conference.

We thought this could be an exciting development, but Tweety was less than encouraging. "I don't think it has evolved enough, and I think there are too many people who have [merely] talked about it....it just hasn't happened yet," he said.

A good example of 'real' hacktivism, Tweety reckoned, was Bronc Buster's hack of October 1998 which defaced the official, government-controlled Chinese Society for Human Rights Studies Web site with a substitute page claiming "I simply cannot believe the total bullshit propaganda on this Web site," and linking to critics of China's authoritarian regime, such as human rights group Amnesty International.

Another might be hacking "a corporate Web site for a clothing manufacturer that had crazy, unfair labour practices in some part of the world, and revealed information about that which you couldn't get any other way."

And that, we reckon, is a very promising seed well worth cultivating. Thus far, the cDc Web site has made a small start with its Hacktivismo page, which contains little more than a couple of links and some text borrowed from the electrohippiesWeb site.

If the cDc had the grace to sit this Defcon session out and quietly put their efforts into developing such a concept, exchanging ideas on their Web site, networking with other crews, coming up with some appropriate tools, and presenting it all as a coherent, tangible proposal, we would have had the pleasure of writing a very positive, perhaps even flattering, article.

Maybe next year. We will see. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
The 'fun-nification' of computer education – good idea?
Compulsory code schools, luvvies love it, but what about Maths and Physics?
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
'Cowardly, venomous trolls' threatened with TWO-YEAR sentences for menacing posts
UK government: 'Taking a stand against a baying cyber-mob'
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.