WhatChout

Members
  • Content count

    792
  • Joined

  • Last visited

Everything posted by WhatChout

  1. The window size is the size of the data transmitted in the given segment. It isn't randomly generated, it's negotiated upon the three-way hanshake, and then (usually) dynamically changed to account for the reliability (or lack thereof) of the link. The options notify the communicating hosts of numerous session-specific options. One of them can be selective acknowledgement of received communication or the mentioned window scaling.
  2. Yes, potentially it could infect your PC. No, it couldn't. Conficker requires the MS08-067 not to be installed. Stop spreading misinformation. Why would anyone give a shit about this if a patch from October is sufficient protection? Because 30% of Windows out there don't have it installed.
  3. Yes, potentially it could infect your PC. No, it couldn't. Conficker requires the MS08-067 not to be installed. Stop spreading misinformation.
  4. If you find that your system is infected, security standards would demand that you reformat and reinstall. That may or may not be the case. Either way, there is no sure way of completely disinfecting a system once it has been infected, and so, if you suspect that the machine is infected, security standards would dictate that you treat it as if it is. Try using ComboFix. At least we will know if it's malware.
  5. OK, now I understand it. You don't get what the article says.
  6. I suggest you read up on networking and DNS before setting up software that requires at least basic understanding of both. See link in my signature for free books. If you feel like paying, I recommend the Cisco course books for networking and O'Reilly for the DNS stuff. (http://oreilly.com/catalog/9780596001582/)
  7. All the more reason corporations/spam networks would want to pursue this. O_O I'm guessing you haven't read the article.
  8. "Open port" doesn't mean anything besides "there is a program replying on that port". I suggest that before you trying "doing something" to an open port, you read up on networking topics. You can find lots of books about it by following the link in my signature.
  9. TSS: Homebrew Computer Club Part 1: http://www.youtube.com/watch?v=NLRtZ-qWA6o Part 2: Part 3: Part 4: Bill Gates: How a Geek Changed the World Part 1: Part 2: Part 3: Part 4: Part 5: Part 6: Part 7:
  10. In other words no key. In other words, you still need a key. But Windows, for example, does store logs of file writes. They will still keep you under arrest without your computer for a pretty long time.
  11. Most hashing functions require the size of the input to be a multiple of a certain number, so if it's too short or too long, it gets ones or zeroes appended to be of the required size (or multiple of). Thanks, I didn't know that.
  12. That's why I included the "scrambles input" part. Then there must have been some sort of miscommunication between us, for which I'm sorry. That's a bad analogy because puking on people isn't really useful, while making original input unrecoverable is, from the point of security. It's also not so much a side effect as it is another use of the same function. I'd say that's more a result of you not padding the original input to a required length. Sure, the result is small, therefor the input is recoverable, but that would be the case with every hashing function if we used input below certain length, since we're dealing with 2^n possible inputs per given output at worst. (that is, assuming equal domain distribution) I'd disagree. F(x) = x + 1 is resistant to collisions for all x in R, yet it is recoverable. The key is both collision resistance and infeasibility of inversion of resulting output.
  13. I'd argue that it is. What you're presenting is a desired hash function. It has uniform distribution and no collisions. However, to be a hash function, a function simply has to accept input, be deterministic, and produce output that is scrambled so that the original input can never be deduced from the output. Indeed, H(x) = 0 is a hashing function! It has collisions for every input value, but it accepts input, is deterministic and produces scrambled output. SHA-0 has collisions too, but it still is a hashing function. But I feel like we're going off-topic...
  14. Could you link to those articles? Were they written by proffesionals/scientists or journalists? Were they peer-reviewed?
  15. I've looked through the detailed description of their product: http://www.guidancesoftware.com/products/d...s/EFDetails.pdf And nowhere did I find claims of being able to restore overwritten data. That doesn't really amaze me, since if it was possible, there would be lots of papers discussing it and companies like OnTrack would proudly anonounce such features on their front page. Maybe you misunderstood your friend in some way.
  16. How exactly would you expect to encrypt/decrypt anything without a key? Once a data has been overwritten, it's impossible to recover. I'm not always convinced about that, I'm a believer of once it's overwritten it takes more time and money to recover. However, i would be interested to see any proof of that, it would ease my paranoia a bit when i dispose of old hdd's The original idea of restoring overwritten data came from Peter Gutmann, who suggested the use of scanning transmission electron microscopy. He argued that since an overwrite of a bit doesn't really produce a whole number in terms of analog signal, then the use of a STM can provide a means for reading the overwritten data. There's a few problems with this idea - one is that such reads would be ambiguous. Once a drive has been in use for some time, a zero can really be more like a .13, a one can be more like .93 or 1.2. Overwrite that zero with a one and you might get more than a one, overwrite that one with a zero and you might get something that could have been either of them, depending on how you interpret the decimal parts. The second problem is that such a capability has never been proven to be real, and 13 years have passed since Gutmann published his paper. Teams of researches were able to read single bits, but not with a 100% certainty. Overall, the story of secret agencies being able to read overwritten data is a long circulating urban legend, supported only in theory by one paper written by one man. For a more in-depth analysis, you can check http://www.nber.org/sys-admin/overwritten-data-guttman.html
  17. How exactly would you expect to encrypt/decrypt anything without a key? Once a data has been overwritten, it's impossible to recover.
  18. That would first require him to get off the network, otherwise the behavior of a network with two same MAC addresses is unpredictable. Well, as the name suggests, spoofing a MAC address conceals your real one. Routers don't assign IPs, DHCP servers do. Routers don't operate on frames but on packets, so the question doesn't really make sense. If you meant switch, then as I said, the behavior of a network with two same MAC addresses is unpredictable.
  19. You don't. Hashes are not used to encrypt anything, they are used to scramble the original data so that it's impossible to get it back from the resulting hash.
  20. How the school network is organised (in details) would be a good start.
  21. What exactly is "blanket" about statements quoting from the EULA? There's no generalization in it. Which was my point. Of course hardly anyone cared to read my first reply in the topic. Which was my point. For someone who has read through tons of EULAs and should know a bit about nearly non-existant privacy in the XXI century, you sure do buy the "improve our software" line.
  22. Triumph of The Nerds: Part 1 - http://video.google.com/videoplay?docid=-2539790754467363791 Part 2 - http://video.google.com/videoplay?docid=-5444663153778650128 Part 3 - http://video.google.com/videoplay?docid=-8579920210107554913 Unauthorized Access: The Code Linux: http://video.google.com/videoplay?docid=-3498228245415745977
  23. Actually that's very possible, customer tracking is a real feature of Verint's software. http://verint.com/video_solutions/releases...2&year=2003 (scroll to 3:50) And yes, that is a blanket statement.
  24. Most sniffing software (like Wireshark) will allow you to only capture packets that interest you, like ones transmitted to or from a specific MAC address.
  25. Not at all, I don't have anything against you personally. I tend to get passionate in discussion but that's because I like discussions, not because I hate people on the other side. Well, that's the problem. Since the OS is proprietary you can only guess what functions it has implemented. What I suggest is that if someone feels uncomfortable and feels that all of this infringes his privacy, then he should use another Operating System. That would be interesting, although your friends may be under NDAs requiring them not to talk about WGA in too many details. What I know so far is that WGA has typical characteristics of spyware - it installs in a misleading way, it "phones home" regularly and has features such as enforcing validation before installing updates and locking people out of features of their OS.