[ Reply | Next | Previous | Up ]
From: (The Path Of Rage)
Date: 11 Feb 1999
Time: 12:29:21
Remote Name: 209.240.200.75
Group: alt.discuss.webtv.hacking Date: Sat, Feb 6, 1999, 7:00pm (EST-1) From: Ecwfrk2@webtv.net (The Path Of Rage) Re: My apologies to the <missincali>
I answered this question in a post a few months ago. With the same bullshit. Could the IP:port trick be misused? Could the DNS names be misused (as far as we know)?Could the willie codes be misused? If you say yes, then anything is a potentially weapon for abuse andweshould all just step away lest the people interested in abuseget some info. In essence if we had information that potentially could be misused by by malicious morons who just want to bomb people, would you want anyone to post it? <snip> Yada.Yada. Yada. Here's another execuse to hide the fact that info is hoarded only for ego. If there was a method to get good inside info from WTV but posting it would alert them and close the security hole before it's was milked for all it could be.... Milked by who? You and your inner circle are the only ones deserving of the chance to milk that info? And if you think sayWebTV is watching. Are you really stupid enough to believe that they get their info from the newsgroup when they have access to logs and even our mail (whether they say they go through it or not)? As for the "secret" newsgroups, you do know that when you open a message the page is loaded into WebTV's proxy servers cache don't you? All they have to do is go through that cache and read the page from their HD and they know what you know. So if you think they don't know something soon after you do, you're an ignorant fool. As I said, they have much more efficient ways of getting info than wading through this group looking for it. would you trade never knowing that trick to possibliy get info you otherwise might never get at all? Like they would get the info either... Even the person in question has stated that he does not consider himself irresponsible and is STILL witholding sensitive information. You're right. And that's something I plan to rectify. But I will not give out info someone has asked me to keep private. You asked me to keep the refferer code private after I gave it eibbor, I have since honored that. MattMan asked me not to give out the other code, I haven't. If I have it and wasn't asked to keep it private, I won't. (BTW I'm not saying that to embarass him or expose the obvious internal contradiction in his own arguement. Though I do find it curious that while I have put 140+ hours trying to gather in one place as much information in one place as I can, but still protecting sensitive information as does the person in question, I'm accused not only of NOT sharing info but in fact collecting TOO much info and since it would be a my site, I'm a glory hog.... even if I give credit every chance I get... which is what's really wrong with me.. I stuck in some credit game blah blah, etc etc) [Translation of the above rant] BTW, since I have some suckers listening I'll take this opportunity to launch a few more person, factless attacks and while I'm at it I'll throw out some self-serving, "I'm a hero to all" bullshit to try and lure you all back into the trap. But releasing the validated page was another matter. You still refuse to acknwledge that the trick used was disabled weeks after it was first done. How releasing something that WebTV already knew about (and they didn't get it from this group since it has never been posted, so where do you think they found out about that? As Isaid, they havefar more efficent ways of finding out what people are doing...) was such a grave injustice, I have no idea. If you get into the mind of WTV what they seem to be most concerend about is our ability to direct access WTV URLs. OK. You really are stupid. If you think that WebTV would really give you clues as to what they are concerned about, you truly are an egotistical moron. Just because they have taken that away recently does not mean that is what their concern was. Their motivation was probably more to the effect of preventing people putting links to places like download-o-rama and vendatelly and willies in their sig (which was happening everywhere, even in places like previews where those codes are far less sanitised and therefore far more dangerous) for where innocent, unknowing subscribers could get to them and screw up their box. Maybe I'll repost all the tricks that have been taken away in the past two upgrades. And then look at that list and decide how many of those trick deactivations could really be attributed only to WebTV knowing about them. The next upgrade will target at least 2 more methods we now use of direct accessing URLs. Yep. And how often have those methods been posted? But they're stil being taken away. Hmmm... And yet although you know they will be taken away you still don't tell people what they are. And you still say your motivation for withholding info is to prevent WebTV from finding out about it? Or maybe someone could abuse those methods... but WE can access those pages Actually we can't. Unless WebTV changed the URLs of the Spell Check help pages since I was a previewer (and if they did then I could very easily be wrong) they aren't available to us yet. we may have a way to write over the TV Logs or some such. Who Knows? That would be nice. I would love to kill my cookies. But the more people we have working on that, the better the chances of success. Remember, it took WebTV 3 days to get rid of the hacking code (which seems to be their record for removing a leak in the infrastructure). I think that 3 days of 350 (based on a counter I put in 1 post, it got around 400 hits, allowing for my checking the count and accidental reloads 350 would be fairly conservative) unique people being able to experiment with a trick for 3 days would be alot better than 5-20 (there are no more than 20 people in here that get all the good info. The number is likely closer to the 5 than the 20) sitting on the code for 3-6 months.