Blatherdome 4: My Resignation
Moderators: Col. Khaddafi, ( G_R )
- rezombad
- Tire Aficionado
- Posts: 7703
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Sun Jun 30, 2013 7:54 pm
- Pendulum
- Tire Aficionado
- Posts: 4359
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Wed Oct 24, 2012 12:51 am
- Kazekirimaru
- Tire Aficionado
- Posts: 9702
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Thu Mar 28, 2013 4:50 am
- Location: Bertrand, MI
- Kazekirimaru
- Tire Aficionado
- Posts: 9702
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Thu Mar 28, 2013 4:50 am
- Location: Bertrand, MI
- Pendulum
- Tire Aficionado
- Posts: 4359
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Wed Oct 24, 2012 12:51 am
- Pendulum
- Tire Aficionado
- Posts: 4359
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Wed Oct 24, 2012 12:51 am
Good, good. Excellent ebj. Now tell him you're worried about him.To be fair only like six of us play MGTO regularly and maybe two play Modern on there.Does anyone have a Modern deck I can borrow on MTGO for the MOCS?
I asked FOS since they actually play Magic but naturally all 20 of them ignored my post.
Also we hate you. <3
- Pendulum
- Tire Aficionado
- Posts: 4359
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Wed Oct 24, 2012 12:51 am
- Kazekirimaru
- Tire Aficionado
- Posts: 9702
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Thu Mar 28, 2013 4:50 am
- Location: Bertrand, MI
- Kazekirimaru
- Tire Aficionado
- Posts: 9702
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Thu Mar 28, 2013 4:50 am
- Location: Bertrand, MI
- Pendulum
- Tire Aficionado
- Posts: 4359
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Wed Oct 24, 2012 12:51 am
- Kazekirimaru
- Tire Aficionado
- Posts: 9702
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Thu Mar 28, 2013 4:50 am
- Location: Bertrand, MI
- Kazekirimaru
- Tire Aficionado
- Posts: 9702
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Thu Mar 28, 2013 4:50 am
- Location: Bertrand, MI
- Pendulum
- Tire Aficionado
- Posts: 4359
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Wed Oct 24, 2012 12:51 am
- rezombad
- Tire Aficionado
- Posts: 7703
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Sun Jun 30, 2013 7:54 pm
- ExarionUniverse1
- Tire Aficionado
- Posts: 874
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Thu Nov 15, 2012 6:51 pm
Black Hat: How to create a massive DDoS botnet using cheap online ads
JavaScript in online ads can zombify browsers to carry out denial of service attacks
By Tim Greene, Network World
August 01, 2013 02:28 PM ET
Network World - Las Vegas -- The bad news is if you click on the wrong online ad, your browser can be immediately enlisted in a botnet carrying out a denial of service attack to take down Web sites.
The good news is that as soon as you move on to another Web site, the browser is released with no harm done, according to researchers who revealed the hack at the Black Hat security conference.
“Who’s problem is this?” says Jeremiah Grossman, CEO of White Hat Labs and one of the researchers. “Browsers? Ad networks? Who fixes this?”
GROWING THREAT: Shorter, higher-speed DDoS attacks on the rise, Arbor Networks says
MORE BLACK HAT: Top 20 hack-attack tools
nQUIZ: Black Hat's most notorious incidents
The bot-herding scheme relies on the fact that when a browser connects to a Web site, the site has near-complete control of the browser for as long as it’s on that page. It can run code from HTML to JavaScript in the browser that can set off a whole string of possible attacks, he says.
In the case of creating an on-the-fly botnet, Grossman and his associate Matt Johansen placed JavaScript within ads that they placed on Web pages via an advertising network. They paid to have the ad garner a certain number of clicks. The cost of a million-browser botnet is about $150, he says.
The JavaScript made the hijacked browser make repeated requests to a target Web server in an effort to overwhelm it. For the test it was the researchers’ own Apache server hosted in the Amazon cloud.
Each browser could generate six HTML requests at a time due to a connection limit set in the browser in order to maintain performance and stability. If the JavaScript instructed that
the browsers make FTP requests instead, the number jumps to 100 requests or more, Grossman says.
“To scale [the botnet] up you need to get a lot of browsers running it,” he says.
Adding arbitrary JavaScript to ads is easy to do and in the experience of the researchers wasn’t checked very closely by the ad network. To make it more convenient to change the malicious script, rather than placing the script itself in the ad, they put in the script source. That way they could alter the script on their own servers and have the changes picked up by the ad without having to deal with the ad network again, Johansen says.
The researchers paid the ad network to distribute their ad and within 18 hours it was generating 8.1 million requests to the server coming in fast enough to take it down. That was using HTTP requests six at a time without using the FTP bypass, Grossman says. Since the users whose browsers were enlisted to the botnet were unwitting, they didn’t want to make any changes to the browsers, he says.
The upside for attackers is that the botnet is random with no command-and-control server that defenders could take down. Grossman says he is uncertain whether it would be possible forensically to track down the ad at the center of such a botnet and ultimately track it to the individuals who bought the ad. “You could be tracked by who paid for the guilty ad,” he says.
Ad blockers that are used to speed up the loading of Web pages and make them less annoying to users could become a security tool if this technique catches on, Grossman says, but he didn’t have a way to stop such attacks. “We used the way the Web works and took down our own server,” he says.
http://www.networkworld.com/news/2013/0 ... tml?page=2
- rezombad
- Tire Aficionado
- Posts: 7703
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Sun Jun 30, 2013 7:54 pm
I wish I was able to go to defcon. My boss is out of town so I can't get paid until monday.
You post on dtr? Cool? Honestly, I don't know who posts there and who doesn't.
I actually read that site quite a bit but its mostly because a lot of the people I used to interact with on MTGS are over there.
It should be a privilege to post here
- ( G_R )
- Tire Aficionado
- Posts: 14645
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Thu Sep 20, 2012 12:15 am
- Location: Mania
- ExarionUniverse1
- Tire Aficionado
- Posts: 874
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Thu Nov 15, 2012 6:51 pm
- Pendulum
- Tire Aficionado
- Posts: 4359
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Wed Oct 24, 2012 12:51 am
- ExarionUniverse1
- Tire Aficionado
- Posts: 874
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Thu Nov 15, 2012 6:51 pm
- Checkbox
- Tryhard of the Year 2012
- Posts: 6355
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Mon Sep 24, 2012 7:08 pm
- Location: Rochester, NY
shut the fuck upWait, you are accusing me of uploading the Hanson bro pic?
G_R : still need to prove your claims that it was someone else who uploaded photo . your a gifted tech , you can prove it.
Nope. Didn't do it. You'll have to take my word for it.
thats the issue hermano I can't ..
whisper words of wisdom
- ( G_R )
- Tire Aficionado
- Posts: 14645
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Thu Sep 20, 2012 12:15 am
- Location: Mania
And I don't care.Wait, you are accusing me of uploading the Hanson bro pic?
G_R : still need to prove your claims that it was someone else who uploaded photo . your a gifted tech , you can prove it.
Nope. Didn't do it. You'll have to take my word for it.
thats the issue hermano I can't ..
That explains why people keep coming over for chicken nuggets
- ExarionUniverse1
- Tire Aficionado
- Posts: 874
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Thu Nov 15, 2012 6:51 pm
consensus and ceasefire then?And I don't care.Wait, you are accusing me of uploading the Hanson bro pic?
G_R : still need to prove your claims that it was someone else who uploaded photo . your a gifted tech , you can prove it.
Nope. Didn't do it. You'll have to take my word for it.[/
quote]
thats the issue hermano I can't ..
Checkbox : you checkered soul
- Tom Servo
- Tire Aficionado
- Posts: 1580
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Tue Jan 08, 2013 10:34 pm
- Location: Electric Avenue
- Contact:
Black Hat: How to create a massive DDoS botnet using cheap online ads
JavaScript in online ads can zombify browsers to carry out denial of service attacks
By Tim Greene, Network World
August 01, 2013 02:28 PM ET
Network World - Las Vegas -- The bad news is if you click on the wrong online ad, your browser can be immediately enlisted in a botnet carrying out a denial of service attack to take down Web sites.
The good news is that as soon as you move on to another Web site, the browser is released with no harm done, according to researchers who revealed the hack at the Black Hat security conference.
“Who’s problem is this?” says Jeremiah Grossman, CEO of White Hat Labs and one of the researchers. “
Browsers? Ad networks? Who fixes this?”
GROWING THREAT: Shorter, higher-speed DDoS attacks on the rise, Arbor Networks says
MORE BLACK HAT: Top 20 hack-attack tools
QUIZ: Black Hat's most notorious incidents
The bot-herding scheme relies on the fact that when a browser connects to a Web site, the site has near-complete control of the browser for as long as it’s on that page. It can run code from HTML to JavaScript in the browser that can set off a whole string of possible attacks, he says.
In the case of creating an on-the-fly botnet, Grossman and his associate Matt Johansen placed JavaScript within ads that they placed on Web pages via an advertising network. They paid to have the ad garner a certain number of clicks. The cost of a million-browser botnet is about $150, he says.
The JavaScript made the hijacked browser make repeated requests to a target Web server in an effort to overwhelm it. For the test it was the researchers’ own Apache server hosted in the Amazon cloud.
Each
browser could generate six HTML requests at a time due to a connection limit set in the browser in order to maintain performance and stability. If the JavaScript instructed that the browsers make FTP requests instead, the number jumps to 100 requests or more, Grossman says.
“To scale [the botnet] up you need to get a lot of browsers running it,” he says.
Adding arbitrary JavaScript to ads is easy to do and in the experience of the researchers wasn’t checked very closely by the ad network. To make it more convenient to change the malicious script, rather than placing the script itself in the ad, they put in the script source. That way they could alter the script on their own servers and have the changes picked up by the ad without having to deal with the ad network again, Johansen says.
The researchers paid the ad network to distribute their ad and within 18 hours it was generating 8.1 million requests to the server coming in fast enough to take it down. That was using HTTP requests six at a time
without using the FTP bypass, Grossman says. Since the users whose browsers were enlisted to the botnet were unwitting, they didn’t want to make any changes to the browsers, he says.
The upside for attackers is that the botnet is random with no command-and-control server that defenders could take down. Grossman says he is uncertain whether it would be possible forensically to track down the ad at the center of such a botnet and ultimately track it to the individuals who bought the ad. “You could be tracked by who paid for the guilty ad,” he says.
Ad blockers that are used to speed up the loading of Web pages and make them less annoying to users could become a security tool if this technique catches on, Grossman says, but he didn’t have a way to stop such attacks. “We used the way the Web works and took down our own server,” he says.
http://www.networkworld.com/news/2013/0 ...
tml?page=2
Eric, Ren and Jensen were activists
Heads loaded with theory, their hearts are filled with passion
Shared the same left wing politics
Liked the same music, they were part of the protest movement
Now, Anna presented herself as a feminist
Studied the way they talked and dressed
Fashioned herself an anarchist
Eric fell in love with Anna at the meeting of the crime think conference
He didn't know it but Anna was an FBI informant
Heads loaded with theory, their hearts are filled with passion
Shared the same left wing politics
Liked the same music, they were part of the protest movement
Now, Anna presented herself as a feminist
Studied the way they talked and dressed
Fashioned herself an anarchist
Eric fell in love with Anna at the meeting of the crime think conference
He didn't know it but Anna was an FBI informant
- Kazekirimaru
- Tire Aficionado
- Posts: 9702
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Thu Mar 28, 2013 4:50 am
- Location: Bertrand, MI
- Tom Servo
- Tire Aficionado
- Posts: 1580
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Tue Jan 08, 2013 10:34 pm
- Location: Electric Avenue
- Contact:
Onar spits hot fire
Eric, Ren and Jensen were activists
Heads loaded with theory, their hearts are filled with passion
Shared the same left wing politics
Liked the same music, they were part of the protest movement
Now, Anna presented herself as a feminist
Studied the way they talked and dressed
Fashioned herself an anarchist
Eric fell in love with Anna at the meeting of the crime think conference
He didn't know it but Anna was an FBI informant
Heads loaded with theory, their hearts are filled with passion
Shared the same left wing politics
Liked the same music, they were part of the protest movement
Now, Anna presented herself as a feminist
Studied the way they talked and dressed
Fashioned herself an anarchist
Eric fell in love with Anna at the meeting of the crime think conference
He didn't know it but Anna was an FBI informant
- Col. Khaddafi
- Regular Scumbag
- Posts: 9956
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Mon Sep 17, 2012 11:52 pm
- Location: Manasjap madness
[quote="[url=viewtopic.php?p=85729#p85729:16iftgc1]ExarionUniverse1 » Thu Aug 01, 2013 10:02 pm[/url:16iftgc1]":16iftgc1]
N_S : I know right ? But the joke is on you because DTR drama is daily.
[/quote:16iftgc1]
I dunno man, I thought your recent Magecraft drama was pretty hilarious, specially that bit about people begging you to delete their accounts from the site and your replies about how you won't do it under any circumstances.
My favorite is still that cross-site DTR/Magecraft drama where Yomako was too shy about telling you that he wasn't willing to be a mod on your site and you insisting so much to the point that the poor guy had to make up a story about people from DTR sending terrorist threats to around 100 persons on Magecraft injunctioning them to stop supporting MTGS OR ELSE...
Tires all around!
N_S : I know right ? But the joke is on you because DTR drama is daily.
[/quote:16iftgc1]
I dunno man, I thought your recent Magecraft drama was pretty hilarious, specially that bit about people begging you to delete their accounts from the site and your replies about how you won't do it under any circumstances.
My favorite is still that cross-site DTR/Magecraft drama where Yomako was too shy about telling you that he wasn't willing to be a mod on your site and you insisting so much to the point that the poor guy had to make up a story about people from DTR sending terrorist threats to around 100 persons on Magecraft injunctioning them to stop supporting MTGS OR ELSE...
Tires all around!
- Tom Servo
- Tire Aficionado
- Posts: 1580
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Tue Jan 08, 2013 10:34 pm
- Location: Electric Avenue
- Contact:
I wish someone would choke this clerk. So far she sings out of tune, wants a cheeseburger like I didn't already know, and has said 'you're going to make me "defend" for myself?'
Eric, Ren and Jensen were activists
Heads loaded with theory, their hearts are filled with passion
Shared the same left wing politics
Liked the same music, they were part of the protest movement
Now, Anna presented herself as a feminist
Studied the way they talked and dressed
Fashioned herself an anarchist
Eric fell in love with Anna at the meeting of the crime think conference
He didn't know it but Anna was an FBI informant
Heads loaded with theory, their hearts are filled with passion
Shared the same left wing politics
Liked the same music, they were part of the protest movement
Now, Anna presented herself as a feminist
Studied the way they talked and dressed
Fashioned herself an anarchist
Eric fell in love with Anna at the meeting of the crime think conference
He didn't know it but Anna was an FBI informant
- Tom Servo
- Tire Aficionado
- Posts: 1580
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Tue Jan 08, 2013 10:34 pm
- Location: Electric Avenue
- Contact:
She thinks she's being cute.
Eric, Ren and Jensen were activists
Heads loaded with theory, their hearts are filled with passion
Shared the same left wing politics
Liked the same music, they were part of the protest movement
Now, Anna presented herself as a feminist
Studied the way they talked and dressed
Fashioned herself an anarchist
Eric fell in love with Anna at the meeting of the crime think conference
He didn't know it but Anna was an FBI informant
Heads loaded with theory, their hearts are filled with passion
Shared the same left wing politics
Liked the same music, they were part of the protest movement
Now, Anna presented herself as a feminist
Studied the way they talked and dressed
Fashioned herself an anarchist
Eric fell in love with Anna at the meeting of the crime think conference
He didn't know it but Anna was an FBI informant
- Tom Servo
- Tire Aficionado
- Posts: 1580
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Tue Jan 08, 2013 10:34 pm
- Location: Electric Avenue
- Contact:
When really she's a dumb, tone deaf whore
Eric, Ren and Jensen were activists
Heads loaded with theory, their hearts are filled with passion
Shared the same left wing politics
Liked the same music, they were part of the protest movement
Now, Anna presented herself as a feminist
Studied the way they talked and dressed
Fashioned herself an anarchist
Eric fell in love with Anna at the meeting of the crime think conference
He didn't know it but Anna was an FBI informant
Heads loaded with theory, their hearts are filled with passion
Shared the same left wing politics
Liked the same music, they were part of the protest movement
Now, Anna presented herself as a feminist
Studied the way they talked and dressed
Fashioned herself an anarchist
Eric fell in love with Anna at the meeting of the crime think conference
He didn't know it but Anna was an FBI informant
- iamabadman
- Defender of GRR
- Posts: 9315
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Wed Sep 19, 2012 11:58 pm
- Location: Where angels fear to tread.
Also iirc Onar's just the skinniest dude evah.
skype webcam giveaway?
N_S : I know right ? But the joke is on you because DTR drama is daily.
G_R : still need to prove your claims that it was someone else who uploaded photo . your a gifted tech , you can prove it.
jesus fucking christ onar shut the fuck up you fucking commie cunt. boo fucking hoo your in a wheelchair. wheelchaired people can do stuff, so go out and do something. stop being a fucking retarded baby. i'd say trust me that gr didnt hack anything but you are too much of a fucktard
to understand this you shit stain. dont like posting here? dont like reading what we say? DONT LIKE THE FUCKING SITE? THEN STOP COMING TO THE SITE! EASY MOTHERFUCKING PEEASY DUMBASS!
- Col. Khaddafi
- Regular Scumbag
- Posts: 9956
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Mon Sep 17, 2012 11:52 pm
- Location: Manasjap madness
- iamabadman
- Defender of GRR
- Posts: 9315
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Wed Sep 19, 2012 11:58 pm
- Location: Where angels fear to tread.
- Col. Khaddafi
- Regular Scumbag
- Posts: 9956
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Mon Sep 17, 2012 11:52 pm
- Location: Manasjap madness
- iamabadman
- Defender of GRR
- Posts: 9315
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Wed Sep 19, 2012 11:58 pm
- Location: Where angels fear to tread.
- Kaitscralt
- A frog among toads
- Posts: 21216
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Thu Sep 20, 2012 12:48 am
- iamabadman
- Defender of GRR
- Posts: 9315
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Wed Sep 19, 2012 11:58 pm
- Location: Where angels fear to tread.
- Kazekirimaru
- Tire Aficionado
- Posts: 9702
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Thu Mar 28, 2013 4:50 am
- Location: Bertrand, MI
-
- Tire Aficionado
- Posts: 6074
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Wed Dec 05, 2012 4:28 am
- Location: La Marque, Texas
- Corruption Watch
- Regular Member
- Posts: 475
(View: POSTS_VIEWTOPIC /POSTS_VIEWTOPIC_INTO) - Joined: Tue Feb 26, 2013 12:53 am
- Location: The Watchtower
Return to “Blathering Archives”
Who is online
Users browsing this forum: No registered users and 23 guests