How to rm yourself

[Ergot]

su user && links ?

[Eric]

I am root, but again, the command doesn't exist.

Btw, what are you doing surfing the web as root?

He was trying to find out how to rm himself... duh.

[c0n]

su user && links ?

Oh, okay.

[iago]

And if you're a whitehat, consider doing this. If you don't do it to yourself, then a blackhat will just do it to you... so if a blackhat does to it to you, don't sue him! He's only doing what is right! Plus, you were supposed to do it to yourself anyway.

Go ahead and try.  If you can crack me, all the power to you. 

[c0n]

And if you're a whitehat, consider doing this. If you don't do it to yourself, then a blackhat will just do it to you... so if a blackhat does to it to you, don't sue him! He's only doing what is right! Plus, you were supposed to do it to yourself anyway.

Go ahead and try.  If you can crack me, all the power to you. 

Who said anything about "cracking" you? A little on the edge, are you? Yeah, you're right though... your box is probably invincible.

[iago]

And if you're a whitehat, consider doing this. If you don't do it to yourself, then a blackhat will just do it to you... so if a blackhat does to it to you, don't sue him! He's only doing what is right! Plus, you were supposed to do it to yourself anyway.

Go ahead and try.  If you can crack me, all the power to you. 

Who said anything about "cracking" you? A little on the edge, are you? Yeah, you're right though... your box is probably invincible.

You seem to make it sound like whitehats can't secure themselves.  "If you don't do it to yourself, then a blackhat will just do it to you"?  Well, I'm definitely whitehat, so find a blackhat who can crack me. 

[Warrior]

I'll take the job

[dx]

Appears the homosexual hacking brigade has arrived on the x86 forums.

[c0n]

Appears the homosexual hacking brigade has arrived on the x86 forums.

This suddenly turned from 'how to rm yourself' to 'hacking'. This was nothing along the lines of hacking, other than stupid 'whitehat' and 'blackhat' labels.
Perhaps more cocaine will calm you down, darkxir. You've been very irritable lately. If you have no money for cocaine, then perhaps it would be 'wise' to go
begging for quarters on the street until you have enough money to buy a few bricks cocaine.

You seem to make it sound like whitehats can't secure themselves.  "If you don't do it to yourself, then a blackhat will just do it to you"?  Well, I'm definitely whitehat, so find a blackhat who can crack me.

"Secure" is an illusion. Nothing is truly secure, because there is always a way around.

[Warrior]

HAHAHAHAHAHAHAAHAHAHAHHAHAHAHHAHAHHAHHAHAHAHHAHA.
Man you rock c0n.

[iago]

You seem to make it sound like whitehats can't secure themselves.  "If you don't do it to yourself, then a blackhat will just do it to you"?  Well, I'm definitely whitehat, so find a blackhat who can crack me.

"Secure" is an illusion. Nothing is truly secure, because there is always a way around.

Feel free to find a way into my network.  Let me know when you do. 

And you're right, if somebody is dedicated enough there is very little you can do against them.  For example, you can find my address, fly to my house, kill my family, and gain physical access to my computers while I'm not home.  How can I stop you? I can't.  So yes, I'm not totally secure.  But I'm reasonably secure. 

Security is based on risk management.  You ascertain the risks, and accept a certain level.  That's what us "whitehats" do.

[c0n]

You seem to make it sound like whitehats can't secure themselves.  "If you don't do it to yourself, then a blackhat will just do it to you"?  Well, I'm definitely whitehat, so find a blackhat who can crack me.

"Secure" is an illusion. Nothing is truly secure, because there is always a way around.

Feel free to find a way into my network.  Let me know when you do. 

And you're right, if somebody is dedicated enough there is very little you can do against them.  For example, you can find my address, fly to my house, kill my family, and gain physical access to my computers while I'm not home.  How can I stop you? I can't.  So yes, I'm not totally secure.  But I'm reasonably secure. 

Security is based on risk management.  You ascertain the risks, and accept a certain level.  That's what us "whitehats" do.

You whitehats have no clue about the 0days out there, though. So perhaps you aren't so secure afterall? Maybe from kiddies... but people who write their own exploits and don't post them on bugtraq can get into many systems. You're not a whitehat if you just secure your system, though. You're a whitehat if you contribute to the 'security industry', which would be posting 'useful' information on stupid BugTraq, and releasing vulnerabilities to the public (and letting kiddies get ahold of exploits). If you only know about securing your box, iago, then you're not a whitehat. You're just some dude who can secure his system (to the full extent of what is known). For instance, if you're running the current version of Apache httpd, you still are not safe from attacks to the Apache httpd, because someone could have found a vuln. And guess what, there isn't a patch out yet. So unfortunately, your only chance would be to plug the 0day vuln holes by coding your own patch.

But yes, other than that, you are right about the risk management part. And don't get me wrong, I said nothing about hacking you or anybody, iago. The little article was a joke.

[iago]

You whitehats have no clue about the 0days out there, though. So perhaps you aren't so secure afterall? Maybe from kiddies... but people who write their own exploits and don't post them on bugtraq can get into many systems. You're not a whitehat if you just secure your system, though. You're a whitehat if you contribute to the 'security industry', which would be posting 'useful' information on stupid BugTraq, and releasing vulnerabilities to the public (and letting kiddies get ahold of exploits). If you only know about securing your box, iago, then you're not a whitehat. You're just some dude who can secure his system (to the full extent of what is known). For instance, if you're running the current version of Apache httpd, you still are not safe from attacks to the Apache httpd, because someone could have found a vuln. And guess what, there isn't a patch out yet. So unfortunately, your only chance would be to plug the 0day vuln holes by coding your own patch.

But yes, other than that, you are right about the risk management part. And don't get me wrong, I said nothing about hacking you or anybody, iago. The little article was a joke.

I do work in the "industry", and I do contribute to other whitehats.  I'm pretty sure that makes me a whitehat.

Yes, there might be 0day's out there that I can't protect myself from.  All I can defend myself with is exploits that are public knowledge, and by keeping myself fully up to date. 

There is a pretty big debate about the merits and drawbacks of full versus responsible versus no disclosure, which is a waste of time to get into here.  Suffice it to say that I prefer full, so that, if there IS an unpatched vulnerability in Apache 1.3.33, I can shut it down or restrict connections till they patch it.  Or, if it came to be a problem, I could patch it myself.  I'd rather know about a 0day along with kiddies than not know about it at all.

[c0n]

You whitehats have no clue about the 0days out there, though. So perhaps you aren't so secure afterall? Maybe from kiddies... but people who write their own exploits and don't post them on bugtraq can get into many systems. You're not a whitehat if you just secure your system, though. You're a whitehat if you contribute to the 'security industry', which would be posting 'useful' information on stupid BugTraq, and releasing vulnerabilities to the public (and letting kiddies get ahold of exploits). If you only know about securing your box, iago, then you're not a whitehat. You're just some dude who can secure his system (to the full extent of what is known). For instance, if you're running the current version of Apache httpd, you still are not safe from attacks to the Apache httpd, because someone could have found a vuln. And guess what, there isn't a patch out yet. So unfortunately, your only chance would be to plug the 0day vuln holes by coding your own patch.

But yes, other than that, you are right about the risk management part. And don't get me wrong, I said nothing about hacking you or anybody, iago. The little article was a joke.

I do work in the "industry", and I do contribute to other whitehats.  I'm pretty sure that makes me a whitehat.

Yes, there might be 0day's out there that I can't protect myself from.  All I can defend myself with is exploits that are public knowledge, and by keeping myself fully up to date. 

There is a pretty big debate about the merits and drawbacks of full versus responsible versus no disclosure, which is a waste of time to get into here.  Suffice it to say that I prefer full, so that, if there IS an unpatched vulnerability in Apache 1.3.33, I can shut it down or restrict connections till they patch it.  Or, if it came to be a problem, I could patch it myself.  I'd rather know about a 0day along with kiddies than not know about it at all.

Kiddies cannot keep their hands off their . and / keys, though. They just go around ./'ing everything they can find vulnerable (which is very limited to them). Needless to say, if only real hackers know about it, then it isn't as big of a problem as it is with the kiddies. You don't have hundreds and thousands of little 14 year olds running around with codes that could potentially bring whole networks down when you don't disclose it, do you? There's a difference between fully disclosing shit (showing it to everyone on the net, which includes kiddies), and privately posting it to the vendor itself. Pr0j3kt M4yh3m for life. Props to Phrack High Council, h0no, dk, and other pr0j3kt m4yh3m cells for taking out the "big tough guys" in the whitehat security industry. It is a very big problem -- that is, the 'security industry'.

[iago]

Kiddies cannot keep their hands off their . and / keys, though. They just go around ./'ing everything they can find vulnerable (which is very limited to them). Needless to say, if only real hackers know about it, then it isn't as big of a problem as it is with the kiddies. You don't have hundreds and thousands of little 14 year olds running around with codes that could potentially bring whole networks down when you don't disclose it, do you? There's a difference between fully disclosing shit (showing it to everyone on the net, which includes kiddies), and privately posting it to the vendor itself. Pr0j3kt M4yh3m for life. Props to Phrack High Council, h0no, dk, and other pr0j3kt m4yh3m cells for taking out the "big tough guys" in the whitehat security industry. It is a very big problem -- that is, the 'security industry'.

As I said, if a vulnerability is disclosed, then people have the opportunity to defend themselves against it.  I'd prefer having the chance to defend myself than to have the chance of a 0day I never knew about hitting me.  And to the people who don't keep up with the lists/updates, too bad for them.