Tuesday, October 30, 2007
I saw some lame TV show (guess where) about how they "caught" some Internet cracker who stole some "sensitive information" or something. Of course, he can't be extradited from Argentina or wherever he lives to the US, even though they have a warrant for his "misuse of a computer" (LOL), because well, "ha-ha". The funniest part is how they "caught" him, I mean, found his identity: he boasted in some chat room, and then the investigators used "powerful Internet tools, called Internet search engines" to look up his alias or something, and then found his posts on some forum. Hell yeah. I remember when I was in high school in the computer lab and bored to death and the admins or however they were called left some passwd file on public ftp, which I of course opened, because it was public, unrestricted, unprotected and even without a notice stating that I am not allowed to "go there". I later learned that I had misused the computer, as the admin came steaming into the computer lab, IP logged and matched and all - "Did you look into the passwd from this computer?" "Yes." "You're not allowed to do that." "Really?" Of course, being public, open internet-accessible ftp and all, I took the liberty of downloading it all from outside the building without the guy lecturing me about what bits I am allowed and prohibited from sending into his network port. This happened some days later, and the files still had not been removed from public view. I vaguely remember also finding some winDOS .pwl files (oh, the old times) which, unless fake, were indeed crackable, unlike the passwd which contained no actual password hashes. And now I'm wondering, was that some kind of honeypot or plain stupidity?