PeakOil is You
Hacking PO site: why ??
Re: Hacking PO site: why ??
by SoothSayer » Wed 21 Jun 2006, 12:15:35
Btree ... respect, man, respect.
Technology will save us!
-
SoothSayer - Heavy Crude
- Posts: 1167
- Joined: Thu 02 Mar 2006, 04:00:00
- Location: England
Re: Hacking PO site: why ??
by Kingcoal » Wed 21 Jun 2006, 12:55:01
$this->bbcode_second_pass_quote('lutherquick', '
')Most hacking that I have seen and most viruses take advantage of exploits that were put there because of poor architecture or developed by inexperienced programmers.
')Most hacking that I have seen and most viruses take advantage of exploits that were put there because of poor architecture or developed by inexperienced programmers.
I look at it this way, the bad programmers make you look good when you fix their crap.
"That's the problem with mercy, kid... It just ain't professional" - Fast Eddie, The Color of Money
-
Kingcoal - Expert
- Posts: 2149
- Joined: Wed 29 Sep 2004, 03:00:00
- Location: Pennsylvania, USA
Re: Hacking PO site: why ??
by lateStarter » Wed 21 Jun 2006, 15:59:19
LQ, what is 'low-level' C++? Just curious... C+, or just 'C'? Can I take a course in 'low-level C++' and get paid the big bucks like you?
On a side-note... I don't belive there is anything 'high-tech' or complicated about any WEB related technology. In my mind, any WEB related tech was like the difference between laying carpet and being an architect... Same reason why I resisted getting involved with SIP...
Added after Edit: Sorry about that LQ. I wasn't trying to bust your balls. I just didn't ever recall making a conscious decision to write low-level C++... After another beer and a good laugh, I can't really even believe we are discussing/arguing about this sort of trivia with all that is going down around us today. Unless of course, it is to keep a sense of humuor...
On a side-note... I don't belive there is anything 'high-tech' or complicated about any WEB related technology. In my mind, any WEB related tech was like the difference between laying carpet and being an architect... Same reason why I resisted getting involved with SIP...
Added after Edit: Sorry about that LQ. I wasn't trying to bust your balls. I just didn't ever recall making a conscious decision to write low-level C++... After another beer and a good laugh, I can't really even believe we are discussing/arguing about this sort of trivia with all that is going down around us today. Unless of course, it is to keep a sense of humuor...
We have been brought into the present condition in which we are unable neither to tolerate the evils from which we suffer, nor the remedies we need to cure them. - Livy
-
lateStarter - Heavy Crude
- Posts: 1058
- Joined: Wed 06 Apr 2005, 03:00:00
- Location: 38 km west of Warsaw, Poland
Re: Hacking PO site: why ??
by lutherquick » Thu 22 Jun 2006, 11:21:29
lateStarter,
Actually, low level in C++ is not correct... I did not think before I wrote...
Generally, the future of good software engineering, and the history, lies with good understanding of fundamentals...
Programming is like vocabulary... If you have a great vocabulary, then you can express an idea, quick and short... Programming is the same, if you understand the fundamentals well, then your architectures are simple, small, easy to modify and future proof.
Honestly, even after 4 years of programming, I was still lost (in terms of software fundamentals). Not until I started writing IP (TCP/IP) stacks from scratch, in low level ASM, did I finally become great...
Experience is the most important part of software engineering... A degree is nice, but not so important.
Yes, SIP, I worked with it... it's ok...
Anyway... any "Joe" can pick up a book and write in PHP in 24 hours... too many WEB classes take a janitor or some dish washer and turn them into (what they claim) a software engineer in a 6 month crash course.
Maybe it's why the FBI blew $178 million dollars on a piece of software that can't even demo.
Hackers are exploiting incompetence and inexperience. Hackers are here in the software world because of the same baby boomer management that was used in gathering the evidence for wmd in Iraq, that management is also in the software world.
Actually, low level in C++ is not correct... I did not think before I wrote...
Generally, the future of good software engineering, and the history, lies with good understanding of fundamentals...
Programming is like vocabulary... If you have a great vocabulary, then you can express an idea, quick and short... Programming is the same, if you understand the fundamentals well, then your architectures are simple, small, easy to modify and future proof.
Honestly, even after 4 years of programming, I was still lost (in terms of software fundamentals). Not until I started writing IP (TCP/IP) stacks from scratch, in low level ASM, did I finally become great...
Experience is the most important part of software engineering... A degree is nice, but not so important.
Yes, SIP, I worked with it... it's ok...
Anyway... any "Joe" can pick up a book and write in PHP in 24 hours... too many WEB classes take a janitor or some dish washer and turn them into (what they claim) a software engineer in a 6 month crash course.
Maybe it's why the FBI blew $178 million dollars on a piece of software that can't even demo.
Hackers are exploiting incompetence and inexperience. Hackers are here in the software world because of the same baby boomer management that was used in gathering the evidence for wmd in Iraq, that management is also in the software world.
-
lutherquick - Tar Sands
- Posts: 529
- Joined: Fri 04 Feb 2005, 04:00:00
- Location: NJ
Re: Hacking PO site: why ??
by PolestaR » Thu 22 Jun 2006, 16:59:52
$this->bbcode_second_pass_quote('Kingcoal', '')$this->bbcode_second_pass_quote('PolestaR', 'T')he real hackers make your skills look like spaghetti qbasic.
Err ah, speak for yourself. When I started writing software 20 years ago it was assembly, remember that? Everything was low level and about as cryptic as could be. Networking was primitive by today's standards.
These days I write in ladder logic mostly. Why? That's where the money is.
Yes and what you don't seem to understand that *today* IT IS STILL ASSEMBLY. Just because you forgot about ASM/low level 20 years ago doesn't mean it's useless in todays world. Some can open an executable in a hex editor and read code in that format like it's a Dan Brown novel. Can you do that for 5 different architectures? Can you read 500K lines of C/C++ equivalant in ASM and reverse engineer their protection logic? In 2 days?
The code recall of the best I have seen is amazing. You might think you are great, that you can solve any problem and you may be right. The best just do it very quick.
Bringing sexy back..... to doom
- PolestaR
- Tar Sands
- Posts: 955
- Joined: Tue 21 Jun 2005, 03:00:00
Re: Hacking PO site: why ??
by PolestaR » Thu 22 Jun 2006, 17:15:49
$this->bbcode_second_pass_quote('lutherquick', 'K')ingcoal,
Well, these hackers hacked what? PHP ... PHP isn't a real language. Most of my web server technologies are written in low level C++. with high performance databases based on low level Btree, no SQL...
Well, these hackers hacked what? PHP ... PHP isn't a real language. Most of my web server technologies are written in low level C++. with high performance databases based on low level Btree, no SQL...
Yeah, PHP is a real language. You can go check it out on www.php.net . Wouldn't it be fantastic if there was some platform independent C/C++ type langauge so that if the server was running WinDoze, *nix or beos it would just work... oh I mean.. woops.
$this->bbcode_second_pass_quote('lutherquick', 'M')ost of the internet is running web servers that run "easy" scripting languages, all this, so managers and teens and jump in and pretend to be a software engineer in 24 hours...
Yes well, if they didn't extend the base of people capable of programming then managers would be talking to white faced geeks like myself instead of tanned Java programmers. I wouldn't want to be forced writing PHP/web shit all day long when my best is in C/C++ and ASM.
$this->bbcode_second_pass_quote('lutherquick', 'M')ost hacking that I have seen and most viruses take advantage of exploits that were put there because of poor architecture or developed by inexperienced programmers.
I seriously doubt what the hackers did to take advantage of this site had anything to do with the architecture of PHP. Unless you are an expert in "security" and stay up to date in it, any code you write which accepts input (like the admins/webmasters of this site you are insulting) has the possibility of being misused. This is a problem with ALL languages, even ones you might class as "good" like C++. or JAVA. I think you can draw a line between being an experienced programmer and security in general. Whilst they seem to relate they are different.
Even the best programmers make mistakes, and that is what I would class exploited code as, a mistake.
Bringing sexy back..... to doom