[Moderator: I think this reply will speak for most of us. Last of the thread..] Reply From: Anonymous On Fri, 25 Sep 1998, mea culpa wrote: > At a hacker convention - yes, they have a convention - a group of > hackers released some new hacker software they call "Back Orifice," a pun > on Microsoft's BackOffice. The hackers claim that Back Orifice can allow > hackers complete, unobstructed access to an individual's desktop and hard > drive on any PC running Windows '95 or Windows '98. (They claim to be > working on an NT version). For the hackers to get access, a user must > unwittingly download Back Orifice from the Internet to their own computer. And judging from the technical savvy of the average Microsoft user, many of them *will* unwittingly download BackOrifice. These are the same people who propagate the "Good Times" and "Join the Crew" virus hoaxes, for pete's sake. > Microsoft says you'd have to be pretty stupid to download a file from > an untrusted source, but I'm sure Back Orifice can find its way around. Uh...Microsoft says that Microsoft users are "pretty stupid." Wow. First time that company's called a spade a spade. > And now these hackers - who claim to have written Back Orifice for > the *good* of the computer industry - have created it, security risks on > the Internet are that much greater. > > Thanks a lot, guys. You're welcome. But seriously, would the author of this diatribe prefer that hackers kept these nifty little vulnerabilities to themselves and gradually released them, one-by-one until every system out there was crawling with little baby BackOrifices? I'd suggest Mr. Hanback abandon his ostrich-like stance with regard to computer security. > Hackers claim they write this kind of software to reveal security > holes in software so that manufacturers can fix them. Fine, but the group > that created Back Orifice also allows it to be downloaded freely from the > Internet by any psychotic geek who desires to see what his fatal > attraction has stored on her hard drive. You forgot to throw in "Digital Pearl Harbor" and "Electronic Terrorism," Mr. Hanback. Come on, if you want to whip up hysteria, at least make an effort! > Forgive me if I question the hackers' intentions. If they meant well, > they wouldn't be demonstrating their software to the world at large. > They'd be sharing it with Microsoft, who could then fix the problem. These problems *have* been shared with Microsoft innumerable times in one form or another. That nothing was done to repair them is certainly no fault of cDc. > Here's my advice to computer users who fear Back Orifice: Don't > download files from sources you don't know or don't trust. And start > asking Microsoft for a fix. So far, the company has not released any > indication that it plans to secure Windows against Back Orifice. The latter part of this paragraph demonstrates who the true villian in this whole mess is. Microsoft has long been aware of the problems, yet did nothing. > How do we know that hackers have become a danger to society? The > White House took special precautions to make sure no one could intercept > the closed-circuit broadcast of the president's testimony to Kenneth > Starr's grand jury. If the White House is worried about the problem, we'd > probably better be worried too. And the cryptologic methods that the White House utilized in that closed-circuit broadcast are the *same* robust cryptologic methods which they seek to deny the average American citizen. Now try to tell me that Washington really has our best interests at heart. > And if you meet a hacker named Sir Dystic (the individual who > released Back Orifice, and whose name is an obvious play on "sadistic"), > punch him in the nose. Or maybe you can just sue him for invasion of > privacy. Uh..."punch him in the nose." Now *WHERE* have I heard that before?? Oh. Oh yeah...*that* "book." Well, when I next run into Sir Dystic, I'll clap him on the back and buy him a drink. Anyone who can, by merely releasing one software package, make a Software Giant look like a bungling fool is A-Okay in my book. Fools such as Mr. Hanback are hardly worth the derision they've earned. > In fact, "hacker" is too mild a term for people who try to force a > corporation's hand by threatening the computing safety of millions of > innocent people. By that definition, these people are not hackers; they're > cyber-terrorists. -- *rolling eyes* Someone forget their medication. -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:05:54 PDT