Hacker Group L0pht Making a Comeback 110
angry tapir writes "The news report begins with shots of a tense space shuttle launch. Engineers hunch over computer banks and techno music pounds in the background. There is a countdown, a lift-off, and then you see a young man in a black T-shirt and sunglasses, apparently reporting from 'space.' This is the Hacker News Network, and after a decade offline it is lifting off again, this time with a quirky brand of video reports about security. Hacker News Network is one of the side projects of the Boston-based hacker collective known as L0pht Heavy Industries. They're the guys who famously told the US Congress that they could take down the Internet in about 30 minutes, and who helped invent the way that security bugs are reported to computer companies."
Are they relevant? (Score:4, Interesting)
Once upon a time these guys were the baddest of the badasses. But nowadays Russia, China, and North Korea have become real threats.
What can a group of guys in Boston do that could rival Russian hackers?
Re:Are they relevant? (Score:5, Funny)
What can a group of guys in Boston do that could rival Russian hackers?
tea party?
Re:Are they relevant? (Score:5, Funny)
Re: (Score:2)
If I had mod points, you'd get them.
Re: (Score:1)
Re:Are they relevant? (Score:5, Funny)
Mate, Bostonians are what you get when you mix pirates and ninjas. Chuck Norris is scared of Boston. Last time they threw a Tea Party they instigated the overthrow of the largest empire in history! A few blokes from Boston are enough to wipe out the Third Reich, Mossad, Chuck Norris and the SBS all in an afternoon.
Regards,
Phil
Re:Are they relevant? (Score:4, Funny)
Re: (Score:3, Informative)
For those who don't get the reference.. This link [fredrickville.com] will help.
Re: (Score:2)
North Korea? WTF??? (Score:1)
Re: (Score:1)
Aqua Teen Hunger Force.
I can't recall any Russians who were able to paralyze an entire city in fear with nothing but an amusing comic book character. It rivals something Chuck Norris could do.
Or maybe the Boston PD is a bunch of scared little pussies. Naaah, nobody would believe THAT.
Re: (Score:1)
Re: (Score:1)
Wow, another dumbass from Boston who can't tell the difference between a cop and a citizen.
Just for you, I'll expand my criticism, which if you could read you would notice was directed towards the Boston PD, to the entire populus of the Boston metropolitan area.
Every person in Boston is a dumbass, afraid of the blinking lights.
If I'm going to get accused of generalizing about the entire city, I may as well make the generalization. If there's one thing I hate, it's being wrongly accused.
Re: (Score:1)
And just to rub it in...
http://www.liquidmatrix.org/blog/wp-content/uploads/2009/06/screencap.png [liquidmatrix.org]
Apparently Boston can't tell if it's a computer virus or a tornado. It must be the same effect that causes them to believe that their women are good looking.
Re: (Score:2)
http://www.liquidmatrix.org/blog/wp-content/uploads/2009/06/screencap.png [liquidmatrix.org]
Apparently Boston can't tell if it's a computer virus or a tornado.
What if it's a virus that makes your computer bomb ?
(I don't think you can still get the Mac to display the bomb thingie though)
Re: (Score:2, Informative)
...
Oh wait.
Yes, those servers are important, but they don't handle every single DNS lookup directly. They wouldn't be able to withstand that. Taking down those servers would only inconvenience people by temporarily preventing them from contacting domains that weren't in their DNS server's cache.
A more effective target would be to attack IXPs and prevent the traffic from flowing between Internet carriers. There are quite a lot of those, though, and i
Sung to the theme, "Welcome back Kotter" (Score:1)
Comment removed (Score:5, Insightful)
Re: (Score:3, Insightful)
Re: (Score:1)
Re:Hmmm... (Score:4, Funny)
that would be neigh to impossible.
And yet I can't see where the horses come in
Re:Hmmm... (Score:4, Interesting)
Heh.. the Russians might just be out for revenge.
Interesting article [techradar.com] about how the CIA took advantage of the fact that the USSR had given up on domestic computer systems development, and had taken to cloning IBM and Dec gear.
From examples spiked with malware....
Excerpt:
In the early 1980s, the Russians were constructing a trans-Siberian oil pipeline, and needed an automated system to properly manage it. Softening attitudes allowed them to legitimately purchase older models of computers on the open market. They then approached the American authorities for permission to buy the necessary software. When the US refused, the KGB stole the application.
However, the software they stole had been doctored to go haywire after a while. It would open valves unexpectedly and set pressures too high for the pipeline's welds. When the explosion came, US seismologists measured the blast at three kilotons.
Re: (Score:2, Flamebait)
Stories like those make me love the US gov. How cool is that, seriously? To plan something like that? That's Dr. Evil's genius plans being paid for by the US gov and aimed at other nations. As long as the plans are are targeted at problems and not just for evil's sake, i'd say keep it up!
Re: (Score:1)
Re:Hmmm... (Score:5, Insightful)
More like they're not willing to attack a target they perceive as critical to their operation.
For example, a hacker may find it funny to send something via the Border Gateway Protocol to disable access to Youtube; other hackers might consider this good, since it encouraged productivity. If he instead disables the entire Internet via BGP, he cripples himself and can't do much until the problem is recovered. Said hacker won't be able to brag about taking out the Internet, since no computer enthusiast likes critical infrastructure being taken out.
If a hacker accidentally took out an internet when trying to demonstrate something believed to be harmless (e.g. the Morris Worm), then that's okay. We all make mistakes and gain experience not to do it a third time.
Re: (Score:2)
Re: (Score:3, Funny)
Re: (Score:2)
There's how many Evil Scientists bent on destroying the world around?
Most people just want money; money that keeps coming.
Re: (Score:2)
My hat's kind of brownish... (Score:2)
Maybe you could call it "tan" or "dun", I don't know. Keeps the sun out of my eyes, anyway. Isn't that what matters?
Re: (Score:3, Insightful)
Assuming these guys are 'white hats', and they are not _necessarily_ the most able or l337 hax0rs out there, then why has someone not already attempted to take the internet down in 30 minutes already? For, say, 1 million dollars? I call hubris..
The statement was made in 1998 [senate.gov] when security was extremely lax with a majority of the hacking community residing in the west.
Re: (Score:3, Insightful)
Re: (Score:2)
Because usually, this gets you shot. And I think you can be as cool a l33t h4x0r as you want. If you are a stain on the walls, it does not matter, does it? ^^
I say, if the government would sign something, stating that they would get away with it, with some UN guarantee backing it... *Then* you could see people attempting this.
Oh, and back when they said it, the security of the internet was a complete joke compared to now. One botnet trojan/virus from today could wipe the whole net from back then without pro
Conficker, Slammer, Mytob and other M$ technologie (Score:2)
Because usually, this gets you shot. And I think you can be as cool a l33t h4x0r as you want. If you are a stain on the walls, it does not matter, does it? ^^
I say, if the government would sign something, stating that they would get away with it, with some UN guarantee backing it... *Then* you could see people attempting this.
Oh, and back when they said it, the security of the internet was a complete joke compared to now. One botnet trojan/virus from today could wipe the whole net from back then without problems. :)
Not if you add "with a computer" to the activity. Look at a group we see injecting code known to be unsafe into airports, hospitals, schools and military sites. Not even an eyebrow is being raised, let alone a rifle scope. The military has been sitting on its hands while this group brings the infrastructure and parts of the economy to its knees. MSFT racketeering causes billions of dollars of damage each quarter.
Re: (Score:2)
Because how do you make money off of it? You just take everything down and... profit?
Let's face it. The internet is much more profitable for your hacker group if you keep it running and allow your bots, and spam generators, and everything else to communicate with each other and report back your earning reports.
Now, some yahoo could go ahead and launch the attack, but that would require use of one of those botnets, and then you'd have to answer to a lot of angry Russians. Last I checked, they don't have t
Hackers NEED the internet (Score:1)
Anti-Sec (Score:1)
The Anti-Sec folks won't like this!
I reported a MySQL security bug to a recent Slashdot front page and got a 'Thanks - looking into it'. Not sure it has been fixed yet. This gives me no right to publish it anywhere if you ask me. Not yet anyway.
Re:Anti-Sec (Score:5, Insightful)
Re: (Score:2, Informative)
9/11 was planed by Jewish people
The WTC was planed. 9/11 was *planned*.
Re: (Score:1)
The Antisec guys just have a problem with "security experts" who earn their living by doing nothing but posting exploits (without contacting anyone but Secunia) and generally spreading fear.
I haven't really understood their views on non-disclosure but my guess is they'd rather have no disclosure at all than the farce that is full disclosure.
Re: (Score:2)
I haven't really understood their views on non-disclosure but my guess is they'd rather have no disclosure at all than the farce that is full disclosure.
My guess is that they don't want people ruining their fun. It's a lot easier to have a bag of tricks if people aren't aware of what said tricks are.
Re: (Score:1)
But what's more dangerous, the bag of tricks in the hands of a few skilled people or an open bulletin board with 0day-exploits for everyone?
What makes this question even more complicated for me is that Secunia, the people who protect us from exploits if we pay them, is sponsoring this practice.
Re: (Score:3, Insightful)
But what's more dangerous, the bag of tricks in the hands of a few skilled people or an open bulletin board with 0day-exploits for everyone?
What makes this question even more complicated for me is that Secunia, the people who protect us from exploits if we pay them, is sponsoring this practice.
The bag of tricks in the hands of a few - hands down. What we're talking about here is carte blanc access in the hands of a select few. We have to trust that the motives of these few strangers will fall in line with ours. And then we have to trust that the "select few" will remain few. Eventually they won't in both cases. Individuals will use these exploits to cause damage. And knowledge of these exploits will spread until even the least trusted in the underground has access to it.
We ran this gambit i
Pioneers of the glamourous geek lifestyle (Score:5, Insightful)
Re:Pioneers of the glamourous geek lifestyle (Score:5, Interesting)
Re: (Score:1)
That's clearer. Still, I expect Bill Gates has been much more of an ambassador (If I asked the 50 people that I am most closely related to what 'lopht' was, they would first think I was talking about a thing you put a bed on and then not have heard of the group, but most of them would know who Bill Gates is), and that much of the rest of it has been due to a simple increase in numbers of people who write software (and other similar tasks that go beyond the uses that the majority has for computers).
Re: (Score:1)
You make a good point. People knew about the Microsoft millionaire phenomenon probably before l0pht. Perhaps I should say that the press coverage of l0pht inspired me more than Bill Gates. I've known quite a few people that did the "bunch of guys hacking on the same stuff in the same apartment which also happens to be where they live" thing. One group of people that I knew actually lived in the apartment next door to the hacking apartment. One of them is even famous, (for a geek,) for having done some
Re: (Score:3, Insightful)
I imagine that a substantial part of the sudden increase in society's respect for geeks, (maybe mostly their potential incomes,) was due to the glamorous press exposure l0pht received at that time.
Or maybe it's that whole Internet thing that was popping up around that time. The geeks became attractively rich. The tech stopped being black boxes hidden in white-floored, air-conditioned caves and became vehicles for wealth and ubiquitous services. And did I mention the geeks becoming attractively rich?
I doubt "society" in general paid much attention to L0pht (beyond the attention the mysterious hacker "whiz kid" usually gets). There was already about a decade of exposure to the microcomputer and the [time.com]
Re:Pioneers of the glamourous geek lifestyle (Score:5, Funny)
Doesn't get me laid, though, does it?
literature request (Score:4, Insightful)
Since I like history and dead-tree, anyone have a suggestion for a good book covering the history of these 1990s hacking/security/blackhat/whitehat/grayhat groups, and what you might call the fragmentation/dissolution of the underground? There's good material on the 80s, but much less on the 90s, it seems, despite a decade having passed.
The only one I know of with more than a passing mention is a 20-page overview in Ch. 3 ("Hacking in the 1990s") of the book Hacker Culture [amazon.com] (2003). Others?
Re:literature request (Score:5, Informative)
Re: (Score:1)
Out of the Inner Circle [wikipedia.org]
And here:
The Hacker's Handbook [wikipedia.org]
I have both of these and they are excellent. The Bill Landreth book is the better one though.
Re: (Score:2)
While those look like good suggestions, they were both published in the 1980s, so I'm guessing they don't cover very much of the 1990s. =] I'll take a look at them for the 80s content, though; thanks.
Re: (Score:2)
Since I like history and dead-tree, anyone have a suggestion for a good book covering the history of these 1990s hacking/security/blackhat/whitehat/grayhat groups, and what you might call the fragmentation/dissolution of the underground? There's good material on the 80s, but much less on the 90s, it seems, despite a decade having passed.
The only one I know of with more than a passing mention is a 20-page overview in Ch. 3 ("Hacking in the 1990s") of the book Hacker Culture [amazon.com] (2003). Others?
Masters of Deception: The Gang that Rules Cyberspace [amazon.com] comes to mind.
Re: (Score:1)
It's centered around Kevin Mitnick's story, but Jonathan Littman's "The Fugitive Game" does cover a pretty interesting swath of both eras. It's considerably less histrionic than certain other works by people whom I wouldn't necessarily regard to be disinterested parties. It's well written and the depth of some of Mr. Littman's research warmed my heart.
Suelette Dreyfus' "Underground" covers a fair amount of the 1990's as well. It's on Project Gutenberg, but worth owning a copy of if you want some perspective
Nice and all... (Score:2)
Re: (Score:2)
I'm sure they could, but the audio fits with the space-station backdrop. It also reminds me of the 1994 game Burn:Cycle.
Just like your parent's timers (Score:2, Funny)
First impression.. (Score:4, Informative)
I watched the last news video of them. Here is my impression:
* They recreated the feel of the 80's hacker optic mixed with matrix in an endless loop
(no, that was not a compliment)
* 20 % of the show was advertisement (maybe more)
* The news are mostly a summary on what you read here on security.slashdot.com
* The tone of the show gets boring.. well, immediately
The basic idea is nice, but the actual show is not that impressive. Could get better though..
L0pht history (Score:5, Insightful)
L0pht Heavy Industries went corporate [securityfocus.com] in 2000, and became "@Stake", which was acquired by Symantec in 2004, and disappeared into the Symantec empire.
L0pht, founded in 1992, was itself a descendant of the Cult of the Dead Cow [cultdeadcow.com], founded in 1984 and still around, more or less.
There have been various spinoffs and buybacks along the way, but it's been a while since cutting edge work came from that crowd.
Re: (Score:1)
Re: (Score:2)
First thing I thought about when I saw this article was the CODC "The Cow"! I can remember staying up late reading the hundreds of text files they had on their site. Everything from phone phreaking, to atm hacking, to religion slamming, to top ten lists of humor. I think it is about time to go spend some time reading those texts again.
Wow! (Score:1)
circa MMIX ... (Score:1)
Wish they could bring back (Score:1, Informative)
I wish they could bring back the fine articles Sercrity Portal used to have, in particular, "Ask Buffy, by Buffy Overflow". Great stuff there.
Re: (Score:1)
I think the term is "social skills."
Remind me again... (Score:2)
Why in the world would one visit the web site?
I try to avoid getting my oil changes at Joe's ChopShop and Used Parts emporium, and I avoid banking at Webegone Bank and Trust.
Oh, sure, I'm sure these are the "whitehats".
Re: (Score:2)
Well knowing some of these folks personally (count the digits in my slashdot ID if you're wondering for how long)... perhaps because they have credible insights into the industry and technology, and secondarily because given some of their day jobs, it's exceedingly unlikely they'd choose to be affiliated overtly with a site that was malicious?
Just a thought.
bbs.l0pht.com (Score:2, Interesting)
Re: (Score:1)
Count Zero, IMO
Re: (Score:1)