From gandalf@the.dead.isp.of.community.net Sat Dec 20 08:36:05 2008 Path: egsner!news.cirr.com!goblin1!goblin2!goblin.stu.neva.ru!news-xfer.nntp.sonic.net!posts.news.sonic.net!nnrp1.nntp.sonic.net!not-for-mail Newsgroups: alt.hacker Subject: Re: Twenty computer questions, please help! From: Gandalf Parker References: Message-ID: User-Agent: Xnews/5.04.25 Date: 19 Dec 2008 14:51:09 GMT Lines: 215 Organization: Sonic.Net NNTP-Posting-Date: 19 Dec 2008 14:51:09 GMT NNTP-Posting-Host: 0ade825d.news.sonic.net X-Trace: DXC=h:MBMJDLk8LKB contributed wisdom to news:gie6jr$11j$1@chessie.cirr.com: What is this? homework? job interview? > 1) What area of mathematics is most applicable to computer science? Id say bit-math > 2) What prevents macintosh (Unix based) from running on a PC? "Because of its native roots in Motorola and PowerPC code, this has traditionally required instruction level emulation. Two things have changed. Apple based Mac OS X on NeXT code, which could run on Intel. And since 2006 Apple has been making Intel PCs." > 3) What is legal and permissible to reverse engineer and decompile in > the United States? When its the only way to gain access to the functional properties. In order to create compatable software or hardware. At least that has been specifically held up in law. However, any reverse engineering is generally considered as not being illegal itself. Its what you do with the answers you get which is usually the problem. RE has been used on competitors software. If you use their code in your work then you are illegal. If you use the RE to insure that they have not used your code in their work, then you are not. > 4) Is all penetration testing illegal? Not at all. As long as its with permission. On the other hand it is too often used as an excuse when someone is caught so it REALLY does not work (even if its true) in cases where no permission was given. Thats rather like finding a house unlocked, walking in, getting caught and claiming "I was just testing your security". > 5) Is there any educational resources available to the general public > on signals intelligence? Sure plenty of it. Remember that anything talking about what it is, the dangers of it, the advantages of it, would also be considered "educational resources". But if you mean how to do SIGINT then yes there is some but Id venture a guess that its not up to par with government and military uses. > 6) Is a polymorph virus based on Java script? It can be but strictly speaking polymorphic viruses have been around alot longer than java. The first I think was back in the 80's. Altho java probably made it easier by making polymorphism a term in the programming FAQ and providing ways to have it work (legitimately) in code. > 7) Why does Comcast throttle, monitor, and limit Internet usage? Its not as new as you think. ISPs have always oversold their services. Its not as if they can really give EVERYONE that much bandwidth at the same time, or give everyone that much hard drive space, or give everyone unlimited access to the things they promise (and it used to be included that they couldnt possibly maintain as many dialup lines as would be needed if all the users wanted to call at the same time). ISPs used to do many things to convince the hogs to move on while the regularly-paying-but- seldom-using customers were encouraged to stay. But lately changes in the net have even the most clueless user able to stay on 24/7 with at least their computer doing things actively even if they are asleep. And even kids can hog bandwidth and storage by streaming videos and tv all day. With comcast users sharing the cable lines, comcast has had to be more up front about its limits. > 8) Why are Chinese and Indian (Hindu) people rumored to be more savvy > and capable to computational study and understanding? As in a natural ability? I dont think so. But their countries have pulled ahead in the teaching of such. > 9) Why do hackers take credit for keygens, (isn't the software the > amazing part)? Maybe if they write one. I wouldnt call them a hacker for using one. We call that a skiddie (scipt kiddie) > 10) Isn't Usenet heavily monitored by prying eyes? It always has been. You would be amazed at the amount of information that is gleened by running a newserver. Im not sure if ANYTHING pertaining to usenet can be considered "prying eyes". Thats the new american paranoia I see so much evidence of. After all, it is an open public bulletin board system. How can it be prying? > 11) When high profile companies are hacked, and they choose to avoid > public exposure of an incident, are there (foia) sources that > reports the details and statistics of the circumstances and the > vulnerabilities, and ultimately what fixed the 'problems'? There are but there is no central collection point I can name for you. Large corporations have their own. Multi-company alliance groups often share them with each other. There are companies which seek out large companies offering to sign non-disclosure statements and pay big money to have access to internal documents of such. > 12) Isn't all the Internet paranoia 'hype'? I mean if there is so much > monitoring going on, isn't it too much, and the resources don't > exist to analyze all that info? Are there keywords that a database > collects? I just wonder if it's feasible? Compared to what? As with any subject, comparisons often help clarify. When has such been true of any monitoring? Nothing ever stops anything, but that doesnt make an effort completely worthless. And any effort for any purpose tends to involve something like the 80/20 rule. On the other hand, anytime I make a statement about what is or is not feasable I always try to add "yet" to the end of it. There are many mindor crimes that people on the net used to say "they cant really catch you" which we see being prosecuted fairly frequently today. > 13) If storage is moving from hard drives to flash media, what > happened to quartz technology? Quartz technology is waiting for optical computing to catch up. > 14) I found that Ada-ware and no-script on firefox didn't prevent > (browser misdirection), and auto deletion of cookies and cache didn't > prevent a constant browsers redirection, what happened (I think > active x objects were also deleted)? Browser redirection is considered to be a basic feature of html. Sure its been misused but so has much of the html code. You can protect againsst its abuse but I dont think any browser would decide to not support parts of the html protocol completely. > 15) If a wiretap can monitor a user's computer, is circumvention > entirely impossible on that ISP? ??? I think you need to explain this more. If someone is wiretapping a persons COMPUTER then how could the ISP do anything? If the tap is happing AT the ISP then the user could only bypass it by bypassing the ISP. It does no good to go to a proxy if you use the same connection to do it. The best bet in that case would be to get access to an alternate ISP and better yet an alternate access to the net (dialup, wifi) > 16) Aren't hacktivists, ethical hackers, and white-hats (thou well > intentioned), misdirected in their morality? Ouch. Bad grouping there I think. And asking the wrong group the question. This is mostly a white-hat group. By definition that means IMHO breaking no laws. We hack for legal purposes by legal means. Ethical hackers I tend to refer to in the grey-hat group. They can often include vigilanties and that "the end justifies the means" crowd. Hacktivists, definetly. Like any activist who crosses any legal line for their cause. I always find such people highly questionable. In DnD terms I would consider White-hats, Ethical Hackers, and Hacktivists to be Lawful Good, Neutral Good, and Chaotic Good. > 17) How does software communicate with hardware, through machine > language? Everything is binary toggles at its lowest point. Whether its hardware or software. 18) In the world of underground professional hackers, isn't > there a > concern that the engineers, mathematicians, PhD.s, and > cryptologist in security agencies throughout the world are making > child's play of the effort, and depending on priority and > manpower, determinant on the urgency of the covert activity, is > all dependent on statistics as to whether a criminal cell gets > punished or unpunished? Simply, ain't big brother or big sister > watching everything, hmmm... This would need more definition also. Security agencies have their own white-hat hackers. So the "world of underground professional hackers" would be concerned about the above ground professional hackers keeping up with them. > 19) Is there any indication that add ons for firefox are malicious in > origin? None that Ive ever seen. A bad one might slip thru but I wouldnt paint it as if all add-ons were malicious. > 20) If someone has a problem with their PC, where and what, > statistically are they likely to do? Statistically? Most of them take the computer to the computer store which discovers there is nothing wrong with the machine. Thats because the very act of FULLY shutting down the computer, unplugging it, removing it from the cubbyhole its been shoved into, discovering how dusty it is and cleaning it off because you dont want them to see how you neglected it, cleaning dust off the vents and blowing out the machine, removing all the papers and manuals that were shoved in the cubbyhold along with the computer and semi-blocking its vents, vacueming out the area the computer was in when you see how dusty that has become, bouncing the computer around in the car, getting it to the other end and plugging it in, powering it up after a decent rest and cool down period from its journey.... HEY its working great now! Get charged the usual minimum 1-hour workbench fee. Take it home and be perfectly happy with how well it was repaired. If its a nice store they will at least clean off malware and clean your registry. > umm...well, thanks. > Merry Christmas. Happy Yuletide. Gandalf Parker -- WARNING: Ask ANY Computer Guru or security expert and they will agree. The person who is most likely to trash your computer will be coming from the IP address of 127.0.0.1