my company...Tamago
today we launch a private beta. Its live...and if you buy something...your credit card will be processed. The wesite sucks...it will be changed tonight/tommorrow.
you'll have to punch a hole in port 9000 probably...not much on there; we're putting oin stuff now.
wanna help?
i'm programming the 'billboard' component...showning sales ranks and what's been newly uploaded.
enjoy.
Lemon Obrien <[EMAIL PROTECTED]> wrote:
Lemon Obrien <[EMAIL PROTECTED]> wrote:
openSSL follows the SSL protocol. The protocol allows for the dynamic selection of various common algorythms....Linux and BSD both have security issues b/c their source is open.i know the story is old...its just to prove a point.
Enzo Michelangeli <[EMAIL PROTECTED]> wrote:Or OpenSSL and the whole of Linux and *BSD, for that matter. Shall
we stop using all of them, switching to Microsoft products to get
better security? ;-)
Enzo
----- Original Message -----
From: "David Barrett" <[EMAIL PROTECTED]>
Sent: Wednesday, August 16, 2006 7:18 AM
> Isn't limewire open source?
>
> On Tue, 15 Aug 2006 4:17 pm, Lemon Obrien wrote:
>> yeah...but with java you can easily do it...find the encryption class you
>> need...or get access to the data before encryption...just by creating an
>> extension of a known class and over-riding it's virtual method....its not
>> hard. I've done this plenty of times with professional products like
>> 'weblogic' commerce server...i wanted funtionality from a class they
>> provided. Of course when you do this; you busting the warrenty...but who
>> cares.
>>
>> now, think of the desktop...then think of giving your program away to get
>> users; You know, to find out how limewire worked...i decompiled it. i've
>> even decompiled class wtihin the security package provided by sun...to
>> see what was going on...and maybe to steal...shhh....don't tell anyone.
>>
>> oh yeah...JXTA sucks...unless you're corporate and making something
>> totally irrelivant. Try going through a firewall with that shit...last
>> time i checked it was a no-go.
>>
>> don't get me wrong....java has its place. I use it to do payment
>> processing and email stuff...writing small servers doing simple stuff.
>>
>> its just, most people who do java can't do anything else...
>>
>> Daniel Brookshier <[EMAIL PROTECTED]>wrote:
>>
>>> Yikes! Decompile is hardly a security issue. We obfuscate Java all the
>>> time to prevent the random prying eye, but C and all other languages are
>>> just as easily hacked. You can not hide references to libraries and such
>>> in either language. There is no such thing as code security, just
>>> obscurity.
>>> Daniel Brookshier
>>>
>>> office 972-422-5261
>>>
>>> cell 214-207-6614
>>>
>>> On Aug 15, 2006, at 3:29 PM, Lemon Obrien wrote:
>>>
>>>> you've never decompiled java then...i have...especially if i wanted to
>>>> changed how something worked.
>>>>
>>>> Mike Duigou <[EMAIL PROTECTED]>wrote:
>>>>
>>>>> Lemon Obrien wrote:
>>>>>> depends on the data you're transporting. I specificaly stayed away
>>>>>> from java cause it was easy to crack...and the data transported, as
>>>>>> well as the protocols, are sensitive.
>>>>>
>>>>> That's ridiculous. Strong crypto is strong crypto no matter what
>>>>> implementation language you use. The same applies for good protocol
>>>>> design--the quality of the design matters far, far more than the
>>>>> language it is implemented in.
>>>>>
>>>>>>> */Sashidhar Reddy Mukkamalla /* wrote:
>>>>>>>
>>>>>>> Hi Group,
>>>>>>> I am trying to develop a p2p app. Can anyone point me some
>>>>>>> literature about security issues/concerns with p2p applications in
>>>>>>> particular and network programs in general. Any pointers would be
>>>>>>> greatly helpful (both introductory and advanced)
>>>>>
>>>>> Any time spent reading about the fundamental algorithms, technologies
>>>>> and standards will be time well spent. It will be generally applicable
>>>>> no matter what type of application you are building or environment you
>>>>> are building it for.
>>>>>
>>>>> Whenever I need a refresher on any topic I usually start here:
>>>>>
>>>>> http://www.cs.auckland.ac.nz/~pgut001/tutorial/index.html
>>>>>
>>>>> or
>>>>>
>>>>> http://ospkibook.sourceforge.net/docs/OSPKI-2.4.7/OSPKI-html/ospki-book.htm
>>>>>
>>>>> and then branch off into google searches from there. Some of the
>>>>> specific topics are very dated e.g. "Skipjack" but the issues always
>>>>> remain relevant.
>>>>>
>>>>> Mike
>>>>>
>>>>> _______________________________________________
>>>>> p2p-hackers mailing list
>>>>> [email protected]
>>>>> http://lists.zooko.com/mailman/listinfo/p2p-hackers
>>>>
>>>> You don't get no juice unless you squeeze
>>>> Lemon Obrien, the Third.
>>>>
>>>> _______________________________________________
>>>>
>>>> p2p-hackers mailing list
>>>>
>>>> [email protected]
>>>>
>>>> http://lists.zooko.com/mailman/listinfo/p2p-hackers
>>>
>>> _______________________________________________
>>>
>>> p2p-hackers mailing list
>>> [email protected]
>>> http://lists.zooko.com/mailman/listinfo/p2p-hackers
>>
>> You don't get no juice unless you squeeze
>> Lemon Obrien, the Third._______________________________________________
> p2p-hackers mailing list
> [email protected]
> http://lists.zooko.com/mailman/listinfo/p2p-hackers
>
_______________________________________________
p2p-hackers mailing list
[email protected]
http://lists.zooko.com/mailman/listinfo/p2p-hackers
You don't get no juice unless you squeeze
Lemon Obrien, the Third._______________________________________________
p2p-hackers mailing list
[email protected]
http://lists.zooko.com/mailman/listinfo/p2p-hackers
You don't get no juice unless you squeeze
Lemon Obrien, the Third.
_______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
