salam sejahtera semua, Menarik juga pasal cadangan live hacking tu. Kelemahan keselamatan tidak pada pc/notebook/server je. cctv, network cam, billboard, atm (terutama yg based on propreitary OS :D) kat malaysia ni pun banyak yang bocor juga. ;)
P/S: Microsoft masih x patch SMB2 lagi kan? Kalau bug yg sama wujud pada FLOSS, rasanya x sampai 24 jam sudah ada patch. Wassalam. On 10/8/09, fenris <[email protected]> wrote: > Br lps tgk surrogates :) > > -----Original Message----- > From: lutfi raffi <[email protected]> > Sent: Thursday, 8 October 2009 5:00 PM > To: [email protected] > Subject: [osdcmy-public] Re: 2 idea setelah masuk linux varsiti > > tiba-tiba teringat cerita die hard 4.0..... > > > > > On Thu, Oct 8, 2009 at 4:54 AM, Boh Yap <[email protected]> wrote: > > hi, > > the "Open Hacking" idea is really interesting and will draw a lot of > attention, so I'll like to add a few thoughts, from different > angles... > > As a pure publicity exercise its great, but whether it will benefit > FOSS, there is pro & cons. > > 1. We will attract people, but the right ppl? > > Yes, quite a few Uni 'kids' I talk to say they wanna be hackers (or > 'security experts'), due to the 'glory' and common media perception... > > But the real hackers know, it takes hard work, experience and real > knowledge. > > What will happen is you will attract a lot of 'wannabe hackers', to > your 'hacking school'. You/We'll be conducting a lot of classes, but > soon as they find out they have to read thick technical manuals > they'll give up. From my experiance in teaching not only programming, > but other skills that require real dedication, hard work & sacrifice, > the drop rate is 90% if you're lucky. > > Or they become (or we teach them to be) 'script kiddies', trawl the > 'net for exploits and tools other have written and use those. So we > are back to square one, just being 'Users' and not 'Producers'. Come > on, guys (who really know the stuff) with FOSS tools like Metasploit, > Nessus, etc... it ain't difficult. > > > 2. We end up creating a bunch of ppl that controls a botnet, and > become real 'crackers'! > > With some knowledge, and the tools are out there, a bunch of hackers > can start building a botnet, and then then start to use this for > really bad purposes. This is turning to the 'darkside' - do we want to > create that situation? > > > Now for the positive points: > > 3. All the security hacks will show the weakness of Proprietary SW (PSW), > especially MS. > > There's a lot of MS based servers (and some Linux one's prob) that > have not been patched with the latest security upgrades (dare I guess > many government sites?). Exploiting these shouldn't be too diffcult. > > Showing the public how vulnerable PSW is may swing support towards FOSS! > > > 4. Demo of Security attacks should also target clients/desk/lap tops, > not only servers. > > Fact is, many Windoze clients get easily compromised, via email and > web and become bots, which are then used for spamming etc. I get spam > from idiots whose computers have been compromised, but still don't > seem do anything about it! > > If hacks can be done to show how vulnerable the average client is, > then it will serve to educate the public, strike a blow against the > botnets, and maybe get users to switch to a 'safer' OS. > > let the flames begin.... ;-) > > > > > 2009/10/8 lutfi raffi <[email protected]>: >> Template lebih kurang amcam ni: > > > > http://www.malaysiakini.tv/video/17876/bns-postal-votes-in-danger-.html > > > > > > > > 2009/10/8 lutfi raffi <[email protected]> > >> > >> @wan: masih berteguh untuk buat macam malaysia kini sebab nampak lebih > >> kemas dan profesional... > >> > >> > >> > >> 2009/10/8 red1 <[email protected]> > >>> > >>> Mohd Rizal Mohd Shahari wrote: > >>> > WOW!... Idea bernas ni. Tp live hacking tu x kantoi ke nnt? > >>> > > >>> > > >>> > > >>> i bincang with Syazwan because we want to give ideas that can pull the > >>> crowds and layppl in the streets. If you interbiu about FOSS org > >>> mengantuk je. Student pun tanak datang dengar. But if u say, "u going > to > >>> show how to hack into the universiti, silap2 pak guard dengan pembasuh > >>> jamban pun nak masuk dengar. > >>> > >>> Of course, kene minta kebenaran memang itu syarat tetap. Lepas tu boleh > >>> bagi mereka masa utk bersiap dan kita rancang serangan ke atas mereka. > >>> Apabila dapat tembus, silap2 dapat hadiah dari mereka suruh tutup mulut > >>> tentang kekantoian sistem mereka. Atau hacker kita diambik sebagai > >>> pakar-perunding luar. Macam ni akan lebih memasyurkan HACKERM sehingga > >>> luar negara, kerana yang saya tahu tiada lagi program TV yang > >>> menunjukkan keje2 mcm ni. > >>> > >>> So, berapa hacker kita ade ni? Takkan Syazwan seorang je? Cmon.. lets > >>> assemble 3 platoon elit komando siber kita! > >>> > >>> > >> > > > > > > > > > > > > > -- > #------- > regds, > > Boh Heong, Yap > > > > > > > > > --~--~---------~--~----~------------~-------~--~----~ Join Open Source Developers Club Malaysia http://www.osdc.my/ Facebook Fan page http://www.facebook.com/group.php?gid=98685301577 http://www.facebook.com/OSDC.my You received this message because you are subscribed to the Google Groups "OSDC.my Mailing List" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/osdcmy-list?hl=en -~----------~----~----~----~------~----~------~--~---
