Category: Life

You can download the PDF here. For the meeting, we will have a presentation on XSS vulnerabilities. BTW, St3v3, could you email me? I was having trouble getting to your website.

Maclean’s, a popular weekly magazine in Canada, recently had an article called “The Internet Sucks.” It even made the front cover for that week. In essence, this was a piece that loosely tied up all the negative aspects of the Internet to ultimately suggest that it was a waste of money. I sent them back a letter.

(more…)

And so I was checking my mail over at Yahoo today, when I noticed that I had received an email from YouTube. It was to confirm that my account with them had been created.

The problem is that I did no such thing. As it turns out, this is a new technique employed by spammers. An individual had written a script to have spambots register with YouTube, using for its email address those that had been harvested by the spammer. Once registered, these bots then fill YouTube up with as much spam as they can get away with before the account is disabled.

All of this happens at the expense of the legitimate owner of the email address. The reason this scheme works is that YouTube does not verify the legitimacy of the email addresses of its members. This is unlike most online services, which will send a confirmation email to the listed address to make sure that the account is indeed valid.

Needless to say, I used the account name the spambot registered under to request to have my “lost” password emailed to me. I then logged on the spambot’s YouTube account, changed the email address, and set the password to be a random string of alphanumeric digits. This will thus prevent that spambot to log on again.

I worry of the consequences of this use of legitimate email addresses. I mean what if these addresses were used somewhere other than YouTube; somewhere where the owner of the email address could face repercussions because of the acts of the spammer?

This is yet another reason why I despise any willing participant of the spam business. Thank you spammer, for having attempted to send thousands of unwanted junk under my name.

Well, the last major interview for the Piracy Documentary is taking place a little more than a week away. After that, there’s just one more interview, and its one that’s easy to set up. If you visited the main site for the project (piracydocumentary.com), you might have noticed that I took down the links. The more I was thinking of the changes that I wanted to implement, the more I felt uncomfortable leaving that film behind. There’s one bit I especially didn’t like in the movie whereby I posted statistics right after a certain sequence. So I took it all down.

Editing for version 1.0 is set to begin in December. I might be going to the UK come Christmas time to visit some family, so I remain unsure about the release date, as it’s around the same time. We’ll see what comes. I’m not rushing the product out the door like I did in May.

H4CK3R5 is coming along well too. I’ve continuously worked at the script, and will keep doing so until I’m satisfied. Point of inspiration for this is Jason Scott, who once claimed (though I forget where) that he kept working at editing his documentary, and just kept and kept at it until it turned into a product he was truly satisfied with. I’m sure I’m screwing up what he said, but it was something along those lines.

In any case, the script has evolved. It went from a cheesy hacker-action movie to more of a Canadian-style action/thriller. The difference? Well, I’m aiming for realism. Realism of the hacks involved, realism of the fear. I’ve received great input from members at BinRev as to how to pull off certain stunts. It’s great.

I start filming that in May. I have four main concerns at this stage. One is the lighting. There are going to be a few outdoor night scenes in this, and I’m just thinking “how the fook will I get enough lighting.” The other is the microphone work. I have 4 mics at this stage, but none can really handle picking anything up at a distance. For instance, people talking inside a car, or close together at a cafe. There’s the actual camera work. How am I going to film people in a car while it’s driving, from the outside? Finally, I need to get the protagonists down to Virginia for real to do a shoot with some other hackers. With $0 budget, I wonder how I’ll pull it off.

Ultimately, I’ll find a way. This film is an exercise in hacking the film media. I want to prove that a film that looks like it was made on a $150,000 can be done with $3,000. I’ve already got ideas for the lighting, to build my own on the cheap (Yay Canadian Tire!) Camera shots: I’ll find a way. Microphone: a bit of research should solve that. I’ll build my own boom mic.

Back to the real world, I have two major reports due tomorrow. One is already late by a day. I suppose I should stop typing here and go at it, eh?

Have a wonderful day!

In order to encourage attendance at the Ottawa 2600 meetings, I’m organizing “Hack-tastic.” It’s essentially an embellished regular meetup, featuring a presentation by myself on some security topic, hacker jeopardy, and then possibly a bar run. The official poster: