rambling about ramifications of technology
Has anyone else been following the SonyBMG DRM fiasco(s)? The rootkit that is XCP, the spyware that is MediaMax?
So, I have yet to come across a web filter I couldn't simply bypass in some simple fashion. Does anyone know of a challenge? I've heard that BESS and SmartFilter, from N2H2, are really hard to get around ... but they aren't. Of course, I heard this from the programmer implementing the security for them -- he's my exfiance's father, and one helluva programmer, but apparently he doesn't know enough about networking. Comes from being a windows programmer, I suppose. (When I say he's a helluva programmer, I mean he's REALLY GOOD at what he does -- the man wrote a word processor in assembly, and was responsible for the LapLink product that oldschoolers know so well. So, although I'm kinda glib about his networking knowledge -- which is good, but not at Does It For A Living(tm) level -- please don't think I'm insulting the guy.)
You know, I've been getting inside of "locked boxes" for so long, I can't imagine a windows box being secure enough to actually prevent me from running a program I want to run on it, as long as I have physical access to it. A long time ago, I created and memorized a way to remove registry restrictions using ... any program with an "open file" windows dialog. So, I suppose, if an admin actually locked out all programs with an open file dialog box, I couldn't do anything. (Or, you know, if it was off and not bootable for whatever reason, like a password on the hard drive, or some BIOS's.) Of course, a computer locked down to that extent is no longer a computer so much as an appliance, like a POS system is -- that's "Point Of Sale", and not (necessarily) "Piece Of Shit". I have to admit that I can't get into all of those. If a computer can no longer open any user-specified files, then it's not very useful as a computer, you know?
Now, I know how to lock myself out of things. In general, I know how to make things zanfur-proof. There are API's I exploit that you can disable. You can take it off the network, make sure it can't boot from anything but the internal hard drive, and lock me out of the physical box. Unless I feel like taking the bitch apart, I'm out of luck. So, library computers? Yeah, not gonna break out the tools right there, unless they're paying me to do it. (I can't count the number of times I've been hired just to break into a box that someone forgot the password of -- windows, linux, bsd, hpux, irix, cisco routers, managed switches, whatever. Haven't failed yet. Honestly, if you know where to look for the information, it's not hard, and really quite unimpressive, as skills go.) Thing is, if you lock a box down to that point, it's ... useless. If there's any computer, supposed to be used as a computer, for work or research or schooling or whatever, sit me in front of it and I'll have admin access inside of five minutes. Of course, once I have admin access, it's a small matter to find and rip out the components that are in my way.
This isn't just talk, either. Once, I was called in as a guest speaker to a class for the CAC people at the UW (that's the computer admin staff for the University of Washington), to talk on the topic of UNIX security. The instructor spoke about how they had spent the last week securing the test machine. During the time it took him to explain this, and who I was and why I was there, I sat down at the machine and got myself a root prompt. This took about thirty seconds. Not preplanned in any way, shape, or form -- but it was a very nice intro into my lecture. (I also went to jail for breaking into the UW university-wide staff and student server clusters, and the Computer Science department's server clusters, under circumstances that were somewhat less than legit. Don't be stupid; jail sucks. So does a criminal record. And the whole trial process, which I've ranted about elsewhere. Even if I am the only person I know who can honestly say he's a convicted hacker, all it means is that I was a stupid hacker.)
The reason I bring all this up is to point out that, in order to actually lock down a computer in any hard, meaningful way, you have to destroy what makes it useful in the first place. I may not be a representative slice of the population, but I happen to know a representative slice of the population. And, they know me. See where this is going? Now, SONY is attempting to lock you out of your own computer's CD copying functionality. What in the world for? It won't even stop grandma from copying a CD, because she'll just ask me to do it for her, and I can copy any CD you can play in a CD audio player. So can any linux user, and there are plenty enough of us around that almost everyone knows one of us, and knows that we're "good with those computer things". The people who actually program these protections can't honestly believe it will stop the majority, technobabble or no.
Still, DRM is a Big Thing(tm) right now. Someone explain to me how this makes sense, from a practical standpoint.
So, I have yet to come across a web filter I couldn't simply bypass in some simple fashion. Does anyone know of a challenge? I've heard that BESS and SmartFilter, from N2H2, are really hard to get around ... but they aren't. Of course, I heard this from the programmer implementing the security for them -- he's my exfiance's father, and one helluva programmer, but apparently he doesn't know enough about networking. Comes from being a windows programmer, I suppose. (When I say he's a helluva programmer, I mean he's REALLY GOOD at what he does -- the man wrote a word processor in assembly, and was responsible for the LapLink product that oldschoolers know so well. So, although I'm kinda glib about his networking knowledge -- which is good, but not at Does It For A Living(tm) level -- please don't think I'm insulting the guy.)
You know, I've been getting inside of "locked boxes" for so long, I can't imagine a windows box being secure enough to actually prevent me from running a program I want to run on it, as long as I have physical access to it. A long time ago, I created and memorized a way to remove registry restrictions using ... any program with an "open file" windows dialog. So, I suppose, if an admin actually locked out all programs with an open file dialog box, I couldn't do anything. (Or, you know, if it was off and not bootable for whatever reason, like a password on the hard drive, or some BIOS's.) Of course, a computer locked down to that extent is no longer a computer so much as an appliance, like a POS system is -- that's "Point Of Sale", and not (necessarily) "Piece Of Shit". I have to admit that I can't get into all of those. If a computer can no longer open any user-specified files, then it's not very useful as a computer, you know?
Now, I know how to lock myself out of things. In general, I know how to make things zanfur-proof. There are API's I exploit that you can disable. You can take it off the network, make sure it can't boot from anything but the internal hard drive, and lock me out of the physical box. Unless I feel like taking the bitch apart, I'm out of luck. So, library computers? Yeah, not gonna break out the tools right there, unless they're paying me to do it. (I can't count the number of times I've been hired just to break into a box that someone forgot the password of -- windows, linux, bsd, hpux, irix, cisco routers, managed switches, whatever. Haven't failed yet. Honestly, if you know where to look for the information, it's not hard, and really quite unimpressive, as skills go.) Thing is, if you lock a box down to that point, it's ... useless. If there's any computer, supposed to be used as a computer, for work or research or schooling or whatever, sit me in front of it and I'll have admin access inside of five minutes. Of course, once I have admin access, it's a small matter to find and rip out the components that are in my way.
This isn't just talk, either. Once, I was called in as a guest speaker to a class for the CAC people at the UW (that's the computer admin staff for the University of Washington), to talk on the topic of UNIX security. The instructor spoke about how they had spent the last week securing the test machine. During the time it took him to explain this, and who I was and why I was there, I sat down at the machine and got myself a root prompt. This took about thirty seconds. Not preplanned in any way, shape, or form -- but it was a very nice intro into my lecture. (I also went to jail for breaking into the UW university-wide staff and student server clusters, and the Computer Science department's server clusters, under circumstances that were somewhat less than legit. Don't be stupid; jail sucks. So does a criminal record. And the whole trial process, which I've ranted about elsewhere. Even if I am the only person I know who can honestly say he's a convicted hacker, all it means is that I was a stupid hacker.)
The reason I bring all this up is to point out that, in order to actually lock down a computer in any hard, meaningful way, you have to destroy what makes it useful in the first place. I may not be a representative slice of the population, but I happen to know a representative slice of the population. And, they know me. See where this is going? Now, SONY is attempting to lock you out of your own computer's CD copying functionality. What in the world for? It won't even stop grandma from copying a CD, because she'll just ask me to do it for her, and I can copy any CD you can play in a CD audio player. So can any linux user, and there are plenty enough of us around that almost everyone knows one of us, and knows that we're "good with those computer things". The people who actually program these protections can't honestly believe it will stop the majority, technobabble or no.
Still, DRM is a Big Thing(tm) right now. Someone explain to me how this makes sense, from a practical standpoint.