nookiemonster's comments

Drama.exe

There's this thing called sequestration going on that's disrupting the budgets of all the federal agencies.

The feds are cutting budget for ridiculous things like the blue angels.

But they're totally going to be maintaining the budget for hacker cons in Las Vegas.

This is all about street cred for defcon & nothing to do with "taking a break." Jeff Moss is too sophisticated to be throwing away all those relationships. This is a stunt circle jerk.

who is gwern?

Hey, here's a cool story about Weev: He's totally the kind of guy society should tolerate.

http://bedizen.livejournal.com/258763.html

Increment is the wrong word. They implemented the Luhn algorithm, which is not the same as i++

Mobile operators have to certify devices, even if they don't include them in the portfolio.

This is a consequence of commitments to a country's spectrum management organizations.

If an operator expresses commitment, I would take this is a very important initial step, but not necessarily an indicator of full blown embracement of a platform. Operators will schedule time for a device to go through their certification labs. This means that a device can get approval from the regional spectrum bodies for qualifications that ensure the device doesn't interfere with authorized spectrum devices. Lab certification is not free- the operators are eating a cost. But certainly it's not the same thing as buying pallets of devices and trying to sell them to consumers.

I want this anecdote about weev to be the first thing that people talk about when someone brings up any comparison to Weev.

http://bedizen.livejournal.com/258763.html

Comparing Weev to Aaron is like comparing the dali lama to hitler. Weev is actively cultivating this comparison. DO NOT FEED THE FUCKING TROLL.

Something I didn't understand at 18 (that I do at 35) is that your 'enemies' may be dealing with things you simply cannot understand.

If a coworker is belligerent to an 18 year old, they are assholes. To a 35 year old (at least to me), the first thing I think of is that I have no idea what their home life is like.

People endure crazy life experiences. I am working with them on a problem that results in revenue for both of us. Just because we're making money, doesn't mean that they're dealing with problems of personal identity, cancer, financial ruin, etc.

Age matters, kid. It fucking sucks. It's cool that you're punk rock about this. But you will achieve more & achieve faster when you realize that age really does matter.

(p.s.- age is not a way to measure wisdom, but it is a wisdom indicator)

Defcon is a party. You should definitely go.

idiots. Most of the fucks who pull this shit are no-value skiddies.

Cargo Cult Capitalism:

Successful startups are filled with young people, so fire all the olds.

7 million dead birds seems like it would be easy to video/photograph. Choosing to forego documentation that supports these claims has to be intentional.

trivially? please, more detail. Also: own is a loaded term. Please, more detail. Getting access to the sdcard is not the same as owning.

On windows mobile 6.0, you could send wap pushes that linked to signed apps which would auto-execute/install.

right now, there aren't any vulns which are similar in danger that I am aware of. SMS isn't a super friendly medium for stack manipulation, and most modern mobile OS'es implement ASLR.

The browser is the more likely vector today.

I work for a carrier. People simultaneously depend on our services and actively hope for our demise. So I hope you understand the context when I say you need to thicken your skin.

The motivation for an attack is irrelevant. Threats are things that need to be planned for appropriately in a business plan. Pretending the entertainment industry is not as ridiculously overpowered relative to the revenue it generates only works with the hyperbole you have injected. Well done, but I am not falling for it.

I doubt your friends are as naive as you. So if it is any solace, you should find great comfort in the fact that the industry is sophisticated enough to survive for a few more paltry tablescraps for the next 20 years or so.

+1

I can only use trello for mumdane work tasks or personal work if there is no self hosted solution.

This decision is a mistake, Joel. I love trello, but i cannot trust a hosted solution with my plans for taking over a market. Please give us an installable version. anything else is amature hour or naive.

Code signining is a control that is intended to restrict the software that can run to only those apps which have been granted the right to run.

Your second question is a good one, but given is context, it is unrelated. If apple signs a python interpreter, they do so at their peril, for obvious reasons.

Running unsigned code is an exploit, my friend.

Charlie is one of the founders of the controversial "no more free bugs" movement.

The amount of skill necessary to identify AND exploit bugs is so great that the bug reports themselves have value,far beyond attribution in the patch notesand a T-Shirt. This is especially true when there is in fact a lack market of bad people willing to pay good money for 0 day vulns.

thus, reporting vulns that way doesnt necessarily make sense. Charlie's walking a fine line: He is not a BadGuy, but he also isn't giving away security consulting to companies with 200 billion market capitaliazations. Apple should pay him good money to look at this stuff. Otherwise, its going to be only BadGuys.

shocking that the popular press missstates anything tech.

Charlie is extremely well known in the security community. They know who he is. This isnt their first trip to the rodeo with Charlie.

Defcon is cheap to attend. You should go sometime and get a feel for the event. If a trip to Vegas is out of your price range, go check visit Hot Topic. You'll get the proper feel.

The Defcon crowd is awfully touristy. I mean that professionally.

In fact, it's far more the marketing success of defcon that should get attention from hacker news. They have been building quite an empire over the last 19 years.