[HN Gopher] I got an FBI record at age 11 from dabbling in crypt...
___________________________________________________________________
I got an FBI record at age 11 from dabbling in cryptography (2015)
Author : monort
Score : 356 points
Date : 2022-01-28 18:43 UTC (4 hours ago)
(HTM) web link (web.stanford.edu)
(TXT) w3m dump (web.stanford.edu)
| Scoundreller wrote:
| > To me, $8 represented 40 round trips to the beach by streetcar,
| or 80 admission fees to the movies.
|
| I guess we can be impressed that round trip municipal public
| transit is now cheaper than a movie admission fee.
| errcorrectcode wrote:
| I wonder if gifted and talented programs may also be used to
| inventory brain capital and feed into algorithmic threat
| identification, watchlist(s), and/or clandestine services
| recruiting.
| waiseristy wrote:
| oliv__ wrote:
| I agree you should be able to do that without consequences but
| there's nothing brave about pulling down an American flag and
| stepping on it.
| wheybags wrote:
| In Afghanistan? Maybe not. In the USA? That could be
| something very brave indeed. (Rabid patriots please recall
| brave does not mean good nor bad)
| waiseristy wrote:
| In many time periods in this countries short history, you
| would be dead wrong. But, I was more pointing to the bravery
| of these FBI agents, investigating this horrendous crime
| gs17 wrote:
| Assuming the flag wasn't your property (and that you weren't
| a four year old like in the story), you probably shouldn't be
| allowed to do it, but it should be at most a minor vandalism
| case for local police, not the FBI.
| goodpoint wrote:
| > you probably shouldn't be allowed to do it
|
| Why, assuming it belongs to you?
| gs17 wrote:
| I said to assume the opposite of that. The case they were
| citing was definitely not the owner of the flag doing it.
| [deleted]
| vmception wrote:
| Reports aren't indictments or any curb of freedom from the
| government
|
| You have to argue in front of a federal judge that the
| existence of reports chills your speech, but you also have to
| prove you were effected, so its like schrondinger's speech
| where the judge cant curb a government behavior if you cant
| prove something you didnt do, happened.
| [deleted]
| dang wrote:
| Please don't start nationalistic flamewars on HN. They're
| tedious, repetitive, and nasty--just what we don't want here.
|
| https://news.ycombinator.com/newsguidelines.html
| mangokamikaze wrote:
| phkahler wrote:
| >> My mother told the investigators how glad she was to get the
| glasses back, considering that they cost $8. The sourpuss did a
| slow burn, then said "Lady, this case has cost the government
| thousands of dollars. It has been the top priority in our office
| for the last eight weeks. We traced the glasses to your son from
| the prescription by examining the files of all optometrists in
| the San Diego area." He went on to say that they had been
| interviewing our friends and neighbors for several weeks.
|
| Mom: "And how is that foolishness my problem?"
| 14 wrote:
| It's sad that people on positions of authority are always
| paranoid someone is lying. I was recently pulled over and I was
| sure I hadn't done anything and it was on a very busy highway
| through town and I was literally at a side road so turned off and
| immediately pulled over. It took seconds. The officer as he
| approached me put his thumb on the back of my car. From my
| reading they do that to leave their fingerprints if something
| goes wrong. He approached and said he just wanted to check if I
| had my license, something they are not supposed to do since it
| fosters racial profiling they are supposed to have a reason. But
| he said I noticed you don't have an N on your car(the N indicated
| new drivers) and you looked a little young so wanted to check.
| Just a bullshit story since I am 40, had 2 teenage kids and a 6
| year old in my car and enough facial hair to say I was way beyond
| a 5 o'clock shadow. Then he began to lecture me how when a car
| pulls onto a side street it makes him very suspicious. I said
| well I don't want anyone getting hit from behind and he replied
| That he is not affraid of getting hit. All very well I am glad
| you are not but I had 3 kids in the car and have seen enough
| videos of officers getting plowed and I didn't want to be part of
| that. He let me go and with that I am once again annoyed with the
| police. If I've done something ticket me I've never omce fought a
| ticket. I pay my dues. But like I say that rule is to stop racial
| profiling so I take it seriously.
| wildlogic wrote:
| FBI file here also for hacking in middle school... later added
| onto for messing around making tesla coils and mixing up rocket
| fuel.
| ajross wrote:
| So... the headline invokes an inappropriate image. The author
| attracted the attention of the FBI _in 1942, when "cryptography"
| meant wartime codebreaking, and his amateur cypher got lost and
| then found and turned in by a genuinely concerned citizen_.
|
| I mean, OK. Sure, it's bad that kids interested in math get
| caught up in this. But come on, it was the middle of the biggest
| war in history and real spies were indeed doing real work with
| codes like that. This says nothing about modern enforcement
| regimes, nor should it.
| unethical_ban wrote:
| As it relates to the man's story, the most offensive part about
| it is the demeanor of the agents angry at the kid and being
| abrupt with the mother. The FBI rightfully investigated at the
| time what seemed to be a coded key, which is very uncommon. The
| boy did nothing wrong, and he wasn't punished.
|
| But if the FBI wants to be pissy for hitting a false positive,
| do it at the water cooler, not toward innocent people. They
| should have offered the kid a job.
| vkou wrote:
| This is the important take-away, here.
|
| If he were dabbling with radios at the age of 11, in 1942, he'd
| have ran into the same kinds of problems.
|
| Hell, simply being of the wrong ethnicity was more than enough
| to dump a world of problems on your head in that time period.
| 120,000 people were sent to internment camps for doing
| literally nothing, and we're wringing hands over a kid getting
| a house call from the FBI.
| Broken_Hippo wrote:
| _Hell, simply being of the wrong ethnicity was more than
| enough to dump a world of problems on your head in that time
| period. 120,000 people were sent to internment camps for
| doing literally nothing, and we 're wringing hands over a kid
| getting a house call from the FBI._
|
| Actually, wring hands at both things. The camps were
| atrocities, even if they didn't match quite the enemies'
| atrocities. But they were _also_ doing this sort of thing to
| many different sorts of folks.
| vkou wrote:
| On the scale of hand-wringing, this doesn't even register.
| Nothing bad happened to him. The police looked into it,
| decided this was probably not an issue, filed it, and moved
| on. No laws were broken. No procedures were violated.
| Nobody's fundamental human rights were curtailed. The
| procedures or laws in place weren't unfair or excessive.
|
| This isn't the Rosa Parks, or the Rodney King, or the
| George Floyd of police abuse. This isn't the springboard
| for broad, or even narrow reform. This is the system
| _working_. I understand that a tinkerer may feel offended
| by the fact that the police even looked into this _in the
| middle of a world war_ [1], but if that's the poster child
| of your problems with the police, you are in a staggeringly
| privileged position, compared to on-going, actual problems,
| affecting millions of people every year (outside of the
| context of, well, a world war.)
|
| [1] That was in large part won by intelligence and counter-
| intelligence.
| tgsovlerkhgsel wrote:
| Most importantly, there is something modern enforcement could
| learn from the story: _nothing bad (aside from a stressful
| meeting) actually happened to the suspected but ultimately
| innocent kid_
| herbst wrote:
| Isn't it weird for Americans to know that their own secret
| service is monitoring their kids?
| bityard wrote:
| Generally, the secret service doesn't monitor kids unless they
| believe that they are somehow a threat to the president.
|
| If you read the story, you'd know that the FBI wasn't
| "monitoring kids", they were investigating an incident that
| _could_ have had something to do with international espionage,
| colored significantly by wartime paranoia. They were obviously
| embarrassed when all of their leads pointed to a kid.
|
| However, even today, the FBI doesn't monitor kids. Tech giants
| and social networks do that for them.
| bink wrote:
| Well, maybe not anymore, but the Secret Service used to be
| charged with investigating computer crimes. I was the victim
| of one of their covert raids at the Pentagon City mall way
| back in the early 90s.
|
| They dressed up like mall cops and searched us all. It even
| ended up on the front page of the Washington Post.
|
| https://www.washingtonpost.com/archive/politics/1992/11/12/h.
| ..
| kmano8 wrote:
| Ran a `netsend` once from the school library. Saw it pop all over
| everyone's screens, and immediately :homer:'d out of there.
| Unfortunately don't remember the text I sent.
| isuckatcoding wrote:
| What a wonderful and adventurous life! I really enjoyed reading
| that.
|
| Makes me think about what stories I'll have to tell about my life
| in 40-50 years.
| gtsop wrote:
| Please sir
|
| max-width: 100%; overflow-x: none;
|
| Edit: sorry completely messed up my css
|
| <meta name="viewport" content="width=device-width, initial-
| scale=1.0">
| pphysch wrote:
| Anyone know what unholy magic generated this page's HTML?
| Microsoft Word -> "Export to HTML" or something?
| wging wrote:
| Seems likely - it starts out like this:
| <html xmlns:o="urn:schemas-microsoft-com:office:office"
| xmlns:w="urn:schemas-microsoft-com:office:word"
| xmlns:st1="urn:schemas-microsoft-com:office:smarttags"
| xmlns="http://www.w3.org/TR/REC-html40"> <head>
| <meta http-equiv=Content-Type content="text/html;
| charset=windows-1252"> <meta name=ProgId
| content=Word.Document> <meta name=Generator
| content="Microsoft Word 10"> <meta name=Originator
| content="Microsoft Word 10">
| tgsovlerkhgsel wrote:
| Lesson learned: "We traced the glasses to your son from the
| prescription by examining the files of all optometrists in the
| San Diego area." - if you want your possessions found, you can
| either attach a note with your home address or an AirTag... or
| simply something _so_ sketchy that an intelligence agency
| delivers your stuff together with an awesome story.
| 0cVlTeIATBs wrote:
| A gangster was in prison, when he received a letter from his
| mother. "We miss you very much, and it will be hard for your
| father to till the garden without you." "Don't do that, that's
| where I buried the guns!" he wrote back. A while later he
| received another note: "Some men from the prison completely dug
| up our garden looking for those guns, but they didn't find
| anything." "I know, mama. It was the least I could do for you."
| nickagliano wrote:
| Did anyone else look into his Stanford biography page? Pretty
| insane stuff.
|
| https://web.stanford.edu/~learnest/
|
| http://web.stanford.edu/~learnest/bucket/
|
| In a section headed by an anime girl, he claims to have, "figured
| out when and how a bunch of other fantasies got into our DNA and
| will shortly post an article on this web site that will explain
| how that happened, why it is causing modern humans to make
| billions of bad decisions each day, and how we and our
| descendants are likely to be wiped out soon unless we begin
| dealing with this problem in a rational way."
|
| Then there's a weird picture of his face, which is how he thinks
| he'll look in 2043, when "he plans to croak at age 112".
|
| On his bucket list page,
|
| "My choice as a troublemaker will be to get shot in the back
| while running away from an jealous husband in May 2043".
|
| Very weird stuff.
| scruple wrote:
| Found a couple links [0][1] that appear to be follow-ups to
| that section about fantasies.
|
| [0]: https://web.stanford.edu/~learnest/earth/fantasy.html
|
| [1]: https://web.stanford.edu/~learnest/earth/fantasies.html
| KineticLensman wrote:
| Let me die a youngman's death not a clean and inbetween the
| sheets holywater death not a famous-last-words peaceful out of
| breath death
|
| When I'm 73 and in constant good tumour may I be mown down at
| dawn by a bright red sports car on my way home from an allnight
| party
|
| Or when I'm 91 with silver hair and sitting in a barber's chair
| may rival gangsters with hamfisted tommyguns burst in and give
| me a short back and insides
|
| Or when I'm 104 and banned from the Cavern may my mistress
| catching me in bed with her daughter and fearing for her son
| cut me up into little pieces and throw away every piece but one
|
| Let me die a youngman's death not a free from sin tiptoe in
| candle wax and waning death not a curtains drawn by angels
| borne 'what a nice way to go' death
| empressplay wrote:
| That last bit I think is stolen from Lazarus Long
| angst_ridden wrote:
| A person I know studied in East Germany in the early 80s via a
| very limited exchange program. After the wall came down, she
| requested her Stasi file.
|
| It was fascinating what was in the file - lots of
| misunderstandings and misinterpretations. For example, she was
| upset when the Challenger exploded, and this mystified the Stasi
| informers who had previously identified her as a pacifist (in
| their minds, the Shuttle was 100% military).
|
| Similarly, she was trying to research what happened to a relative
| who had remained in Germany in the late 30s, and whether she had
| died of natural causes or been sent to the camps. The Stasi file
| was filled with speculations on the details of this "sleeper
| agent" with whom she was trying to establish contact.
|
| All this to say that from the mindset of a spy, everything is
| spy-craft. Everyone's world-view shapes their interpretation of
| events and reality itself. Was the shuttle a military venture?
| Partly. Was it also a tool for science? Yup. But the
| functionaries who looked at her data in the heat of the cold war
| certainly couldn't see those distinctions.
|
| For what it's worth, she was able to get her Stasi file, but has
| never been able to get a copy of her FBI file.
| joebob42 wrote:
| Hey, my mother was in almost exactly the same situation and has
| been talking to people about it. They should get in touch,
| although I'm not sure how to do that.
| angst_ridden wrote:
| Did she study in Rostock in '86?
| joebob42 wrote:
| Yeah, I'm not certain of the year but yeah.
|
| Edit: no, she was 88.
|
| From brown? Afaiu that was the main program.
| angst_ridden wrote:
| Yup, Brown. I'm sure they know one another!
| headcanon wrote:
| I wonder how much of that was just regular Stasi bureaucrats
| trying to keep their job. If everyone on their watchlist was a
| potential spy, then maybe their bosses stay scared enough to
| keep them employed? Or maybe that was the metric they used for
| promotions, and it inevitably became a target, resulting in a
| massive inflation of potential "spies" within the bureaucracy.
| nicbou wrote:
| This might be a good way to explain my discomfort with online
| tracking.
|
| Machines categorising you based on your behaviour, without your
| knowledge nor your consent. It's not so bad when it serves you
| ads (unless it sells alcohol to alcoholics), but there's no
| telling what similar algorithms would say about you in the
| hands of a rogue government. They can find vulnerable people,
| people who hate certain people [0], people who talk to certain
| people or hold certain ideas.
|
| What makes it even more terrifying is that machines can
| categorise people much faster, based on a much broader set of
| information. It's not just informants and paper reports, but
| millions of fine data points.
|
| I'm bringing all my data together[1], and the result is a graph
| of every place I've visited, every conversation I've had,
| everything I looked up, every book I've read, every transaction
| I've made, every video I've watched and everyone I've talked
| to. There's even more data about me in the wild, and if you
| combined it with other people's data, you could figure out even
| more about my every move.
|
| It's a good thing that the Stasi was a few decades early.
|
| [0] https://www.propublica.org/article/facebook-enabled-
| advertis...
|
| [1] https://nicolasbouliane.com/projects/timeline
| angst_ridden wrote:
| One other funny detail is that most of the Stasi file was
| handwritten notes in pencil. The vast majority of it was crap.
| It seems that a lot of her associates were obligated to report
| on her to the Stasi, but either couldn't or didn't want to give
| any details that would be harmful to anyone.
|
| Much of it was along the lines of "[fellow student] says
| [subject] was disinclined to denounce rent-control as a
| counter-revolutionary ploy during a late-night discussion with
| [other student]." or "[room mate] overheard [subject] calling
| her family in the US, and did not hear any overt discussion of
| politics."
| pvg wrote:
| _but has never been able to get a copy of her FBI file_
|
| This can be confusing because there are various bewildering
| options, some of which are slower (or outright ineffective for
| personal records) than others but getting FBI records is
| comparatively straightforward once you've navigated the maze. I
| did it a few years ago and they sent me a CD's worth of stuff,
| plus a note of things they had not sent me or had redacted with
| instruction on challenging their decisions on these.
| angst_ridden wrote:
| I'm not positive, but I seem to recall she said that she
| requested files, but just got back a folder of redacted
| sheets only showing a few dates and her name scattered
| throughout.
| champagnois wrote:
| It makes me wonder -- does everyone end up investigated for their
| interest in HTTPS and trying to think up encryption methods?
|
| It seems even having a passive interest in computer science or
| cryptocurrency would inevitably lead to one taking a class or
| buying a book on these topics. The business person in me always
| brainstorms the various potential business applications of any
| technology -- and that inevitably leads to a lot of discussion.
|
| Any system of policing that results in entire professions and
| swathes of hobbyists being considered and treated as enemies of
| the state is essentially the same level of injustice as the witch
| trials of old and shows our species has not improved all that
| much.
| mmh0000 wrote:
| May I suggest, a brief reading of the Wikipedia article on
| Crypto Wars[0]:
|
| The Crypto Wars is an unofficial name for the attempts of the
| United States (US) and allied governments to limit the public's
| and foreign nations' access to cryptography strong enough to
| thwart decryption by national intelligence agencies, especially
| the National Security Agency (NSA).
|
| [0] https://en.wikipedia.org/wiki/Crypto_Wars
| not2b wrote:
| Not any more, but back in the 1970s and before cryptography was
| considered the province of the military and spies, not for
| civilians to mess with, in the US and the UK. State-of-the-art
| crypto was treated much like tech for nuclear weapons. The
| pioneers of public key cryptography had to fight for their
| right to publish.
| champagnois wrote:
| I cannot imagine an entry level class in Web Development (or
| even a coding bootcamp) not dedicating some time to crypto
| and SSL / SSH.
|
| Anyone doing a deepdive on these topics would seemingly be
| put on a list. It is absurd.
| not2b wrote:
| Netscape was required to severely cripple SSL to be allowed
| to export it in the early 1990s. Since "export" included
| putting software on an FTP server, this meant no open
| source crypto software could be on US servers. GNU
| addressed that problem by hosting some software in Europe.
|
| See https://en.wikipedia.org/wiki/Export_of_cryptography_fr
| om_th...
| localhost wrote:
| I liked the old-school vibe of this page, so I decided to view
| source it. This was written using ... Microsoft Word(!)
| dekhn wrote:
| in case you're not aware, the author of this is a known (but not
| well-known) AI researchers from way, way back.
|
| He invented the "finger" protocol. I chose the university I went
| to based on the qualitty of the plan files so in some sense, he's
| the reason I ended up at UCSC.
| kragen wrote:
| Finger protocol, port 79: >dekhn[CRLF]
| <[dekhn's login status, .plan, etc.] <[EOF]
|
| HTTP/0.9 protocol, port 80: >GET
| /~dekhn/[CRLF] <[dekhn's home page, etc.]
| <[EOF]
|
| HTTP was a slightly enhanced finger, so in some sense he's the
| reason for the web.
| jacquesm wrote:
| I never made that connection before, thank you!
| dekhn wrote:
| I'm not sure if there is any historical evidence backing
| that up (IE, Tim Berners-Lee used Finger protocol as an
| inspiration. A lot of the UNIX protocols of the time were
| like that (NNTP in particular), simple call/response with
| textual commands and arguments.
| bink wrote:
| Almost any protocol from back then looked similar. Check
| out IRC: http://books.gigatux.nl/mirror/irchacks/05960068
| 7X/irchks-CH...
| jacquesm wrote:
| Let's ask. Also 79 -> 80... that's a bit of a hint.
|
| Edit: asked.
| kragen wrote:
| I look forward to hearing what TimBL says!
|
| I think Finger itself was a copy of the Whois protocol,
| which runs on port 43. I'm pretty sure sri-nic.arpa
| supported that.
|
| Things like NNTP, SMTP, IRC, and FTP were pretty
| different. They're textual, yes, but they're highly
| stateful protocols with lots of back-and-forth to get
| anything done. DNS, NFS, and SNMP (or was that later?)
| were stateless, but used optimized binary structures over
| UDP.
|
| Later, numerical status codes and long-lived connections
| got added back in to HTTP, but they weren't there in
| HTTP/0.9. Designed at the same time, Gopher (port 70) was
| also a finger-style (or whois-style) protocol, and I
| don't think it has status codes either.
| dekhn wrote:
| I think that's because Dr. Lee picked the lowest unused
| port at that time.
|
| But let us know.
| jacquesm wrote:
| If he answers, for sure.
| partiallypro wrote:
| How does one find out that you have an FBI record?
| easrng wrote:
| I assume the easiest way is to do something that would cause
| you to get one.
| Broken_Hippo wrote:
| You probably don't find out unless you've been visited by the
| FBI. Once you are visited, though, you can be pretty certain
| that you do.
| dylan604 wrote:
| You can have an FBI file and never meet anyone working for
| the FBI. Similar to how you can have a FB profile while never
| joining FB.
| tyingq wrote:
| There's this: https://www.fbi.gov/services/cjis/identity-
| history-summary-c...
|
| An FOIA request would probably be more comprehensive, though
| also more work.
| Bootvis wrote:
| Fun story but the fact that he totally lost touch with his
| childhood friend over something so silly makes me sad.
| Broken_Hippo wrote:
| It makes me even more sad that we haven't remedied that sort of
| thing everywhere by giving children rights, including free
| association with others. In other words, parents cannot govern
| friends and romantic partners.
| rPlayer6554 wrote:
| So would you be alright with your son/daughter choosing their
| romantic partner as a 50 yr old pedophile, drug dealer,
| and/or avid supporter of whichever religion or cause you find
| the most perverse and destructive to humanity?
| amatecha wrote:
| There's definitely a balance to be had... Kids don't
| generally have those rights because they have far too little
| life experience to judge the effects of associating with
| people. Adults have seen the life paths of those around them
| and observed where certain directions can lead. So, parents
| look out for their kids. Sometimes the parents just have poor
| judgement, heh
| nostrademons wrote:
| Runs into the same problem the majority of people have in
| capitalist democracies: rights are tied to economic ability.
| Kids are usually economically tied to their parents, so if a
| parent decides "Wups, gotta take a new job across the
| country" or even "I'm sorry, I don't have time to drive you
| there."
|
| (As a side note - dumb parents tell their kids "No, you can't
| be friends with ...." Smart parents ensure their kids will
| never meet ... before their kids are even born, through
| zoning laws and buying a home in a good neighborhood. I
| wonder if housing policy advocates realize how much of
| housing policy is driven by ensuring that your kids associate
| with "the right" sort of people.)
| bityard wrote:
| Are you a parent?
| dang wrote:
| One past thread:
|
| _How I got an FBI record at age 11 from dabbling in cryptography
| (2015)_ - https://news.ycombinator.com/item?id=14229412 - April
| 2017 (133 comments)
| vmception wrote:
| Protip: an FBI record means nothing and you can check if you have
| one too!
|
| There is a gov site somewhere maybe someone else knows the url
| herbst wrote:
| Is there something like that for foreigners from the NSA CIA
| WhateverA too?
| Someone1234 wrote:
| I assume this one:
|
| https://www.fbi.gov/services/cjis/identity-history-summary-c...
|
| But it isn't clear to me if this would provide the kind of
| information presented in the article (e.g. if you've been
| simply investigated for a suspected crime).
|
| > listing certain information taken from fingerprint
| submissions kept by the FBI and related to arrests and, in some
| instances, federal employment, naturalization, or military
| service.
| bravetraveler wrote:
| I've wondered if they've kept tabs on me since I was
| young/dumb...
|
| Back before SSL/TLS became a thing, ARP poisoning was all you
| really needed to find out some _fun_ details. It was basically
| pretending you 're both the network gateway and a client.
|
| This and some poor decisions on my part ended up with an
| expulsion my senior year, never had a phone call like this - just
| angry people from the state.
| spullara wrote:
| A friend of mine in 1997 got arrested for poking around in air
| force computer systems. He was charged with a felony not because
| he did any damage but because it cost $40k to track him down. He
| also had to pay that back.
|
| https://attrition.org/~jericho/works/security/crime_punishme...
|
| "Once again, when computer crime enters the equation,
| circumstances seem to change. In May of 1997, Wendell Dingus was
| sentenced by a federal court to six months of home monitoring for
| computer crime activity. Among the systems he admitted to
| attacking were the U.S. Air Force, NASA and Vanderbilt
| University. What is different about this case is the court's
| order for Dingus to repay $40,000 in restitution to the Air Force
| Information Warfare Center (AFIWC) for their time and effort in
| helping to track him.Once again, when computer crime enters the
| equation, circumstances seem to change. In May of 1997, Wendell
| Dingus was sentenced by a federal court to six months of home
| monitoring for computer crime activity. Among the systems he
| admitted to attacking were the U.S. Air Force, NASA and
| Vanderbilt University. What is different about this case is the
| court's order for Dingus to repay $40,000 in restitution to the
| Air Force Information Warfare Center (AFIWC) for their time and
| effort in helping to track him."
| anonymousiam wrote:
| This story contains a link to another of his stories (also
| published in Communications of the ACM, February 1989).
|
| Old as it is, it seems quite relevant in our current race-
| obsessed culture:
| https://web.stanford.edu/~learnest/les/mongrel.htm
| BizarroLand wrote:
| Yeah, I read that. I wonder if in another 75 years we'll have
| become as much more enlightened about race as we did from the
| 1950's to now and look back on some of our present policies and
| practices with horror and disgust.
|
| Seems unlikely, the first 80% of improvement is the easiest and
| we've got to be somewhere close to that now, but I could be
| wrong.
| Hackergamer123 wrote:
| m4tthumphrey wrote:
| Off topic: I'm watching Hackers[0] for the first time tonight and
| this is on Hacker News.
|
| [0] https://www.youtube.com/watch?v=peBuMWtkw8s
| sudosysgen wrote:
| I got a CSIS record at the age of 12 for the same reason. It
| turned out after someone did a FOIA request that the IRC chatroom
| I was having some crypto fun in had a CSIS record.
|
| Sadly after that a lot of people got spooked and I lost touch
| with many there. Never got to meet my friend despite living in
| the same city :(
| belval wrote:
| This story (assuming it's true) should serve as an excellent
| example of why you need privacy even if you think that you don't.
| In peace time the NSA is only looking for "terrorist" and leaves
| everyone alone, but in case of war they would start creating
| lists for any and everything. All it takes is one "tough" agent
| trusting their gut feeling/algorithm based on your browsing
| history and shopping habits to put a target on your back and you
| are done.
|
| EDIT: Replacing "if there's any truth to it" by "assuming it's
| true". I did not mean to imply that the author made up the whole
| story and thought both expressions were equivalent.
| not2b wrote:
| The "if there is any truth to it" remark was unnecessary. The
| author was very well known on the net when it was a much
| smaller place (the old Usenet days), and implying that he made
| it up is, to say the least, impolite.
|
| His Wikipedia page: https://en.wikipedia.org/wiki/Les_Earnest
| belval wrote:
| You may know him but I did not, so I erred on the safe side
| and added the "if there is any truth to it" as it's a much
| safer default to assume that everything I read on the
| Internet is possibly made up.
| SamBam wrote:
| I'd say it still sounds a bit hostile. I'd suggest
| "assuming it's true" as a nicer way of saying it.
| belval wrote:
| Seeing the reply I'm getting, I think this is just the
| "English is my second language" showing on my side. I
| always assumed both expression were somewhat equivalent
| but clearly they aren't.
| fuzzybear3965 wrote:
| As a native speaker it appears to me that your audience
| is being a little uncharitable (they being, ironically,
| intellectually ungenerous toward you).
| HeyLaughingBoy wrote:
| I think what /u/not2b was getting at in the bigger picture,
| is that we can decide for ourselves if something is not
| likely to be the truth.
|
| But if you explicitly add "if there is any truth to it" to
| your post, then it suggests to the reader that the story is
| probably false and that's not a very useful premise to
| start from.
| loup-vaillant wrote:
| > _I erred on the safe side_
|
| The safe side is giving them the benefit of the doubt.
| Possibly made up, sure, but your "if there's any truth to
| it" gave a _most probably_ made up vibe. Not only is that
| uncalled for, it's pretty inaccurate.
| wyre wrote:
| I don't think assuming stories as untruthful is using good
| faith. I think this line of thinking heavily contributes to
| this post-truth society we live in; if everything online is
| a lie that leaves the individual to create their own truth
| from the lies leading to this idea of post-truth. Obviously
| there is more nuance than this because websites need views
| for ad revenue and people like lying online for imaginary
| internet points or attention, but I see little reason to
| lie on HN unless it's for a company's PR.
| dylan604 wrote:
| Not believing everything you read that causes searching
| for additional credible sources for corroboration should
| be the healthy approach. It's quite disengenious to
| assume the original poster immediately jumped to any
| conclusion without additional research and landing that
| it was fake.
| grej wrote:
| relevant, and worth rereading: https://jacquesmattheij.com/if-
| you-have-nothing-to-hide/
| jacquesm wrote:
| I was wondering where all that traffic suddenly came from. As
| for those neighborhoods that were raided: the 'new' City Hall
| of Amsterdam is built right on top of one of the largest of
| them. Not a house left standing of those blocks.
| tgsovlerkhgsel wrote:
| "and you are done" While I agree about the need for privacy, I
| don't think this story is a good argument for it. One of the
| interesting aspects of this story is that the main actual
| consequence of this privacy invasion was that he got his
| glasses back.
| goodpoint wrote:
| Only because he was white and born in US. Had he been the son
| of a middle-eastern immigrant in 2011, daddy would have
| disappeared.
| belval wrote:
| But that's probably because he was a child, not of Japanese
| descent, and one of the two agent actually believed the
| story.
|
| If he had been a 30 years old Japanese weirdo that likes to
| keep "codes" in his wallet I am pretty sure the story would
| be very different.
| nickysielicki wrote:
| > In peace time the NSA is only looking for "terrorist" and
| leaves everyone alone
|
| If you say so.
| drfuchs wrote:
| Yeah, he's for real, and I heard him tell this story (and a
| number of others) about 40 years ago, for what that's worth. In
| addition to his other info on the web mentioned elsewhere here,
| there are also quite a selection of his files from the Stanford
| AI Lab (SAIL) system, that have been pulled off of old backup
| tapes, and with permission appear at
| https://www.saildart.org/LES (note the 3-letter account name,
| and 3-letter, single-level subdirectory names that you can
| click down into).
| sam0x17 wrote:
| Combined with a continual state of "war on terror" and a post-
| conventional-warfare world, this time is basically all the time
| anyway.
| toshk wrote:
| meowface wrote:
| Very good point. Everything is framed under the status quo. If
| shit hits the fan, all those assumptions immediately fly out
| the window. If the writ of habeas corpus is suspended, NSA
| instantly transforms from shady to Stasi.
| _moof wrote:
| _> In peace time_
|
| And honestly, when was the last time of any significant
| duration when the US was not involved in a military conflict?
| BizarroLand wrote:
| Seems like the safest bet would be to fully inventory every
| human, know everything about them as well or better than they
| do, and then, once you're highly assured of their safety to the
| commonwealth of the country monitor them for even the slightest
| changes in their disposition or regular pattern of activity.
|
| Of course, you would have to completely disregard any concept
| that people would have a freedom to privacy to do that, and you
| would also have to account for natural changes over time.
|
| People make new friends, get exposed to new ideas, and
| gradually change no matter how hard you try to lock them in a
| box. The data storage and processing requirements to monitor
| America's 350 million people would be understated as
| staggering, the man hours for perfect enforcement incalculable,
| and even if you reached Pareto parity (monitoring 80% of the
| highest-risk individuals 100% of the time) you're still going
| to have people slip through the cracks.
|
| I would place a $100 bet on this already being the practice of
| the 3 letter agencies and if they haven't fully rolled it out I
| would hazard an extra tenner on that they're within 5 years of
| completing it as long as their funding isn't disrupted.
|
| The only defense most of us have against it is that we're not
| individually interesting so we probably never register as more
| than a blip on a hard drive somewhere under most circumstances,
| human eyes never prying into the worlds we make for ourselves.
| kromem wrote:
| Where this apparatus gets really interesting is the addition
| of AI.
|
| Suddenly cross-referencing pockets of activity in the giant
| trove of permanently stored data can be done for every
| citizen, not just ones of interest.
|
| You can start modeling and simulating behavior off that data
| to predict future actions like in Minority Report.
|
| But if you look far enough into the future on that trend and
| link it into Microsoft's recent patent on resurrecting dead
| people as AI chatbots from social media data, the treasure
| trove of all online activity for every citizen becomes a
| curious anthropological artifact as the people in it die off.
|
| Did you have a nuclear scientist on the verge of a fusion
| breakthrough die before they could finish their paper? Just
| feed the entirety of their digital life into the system and
| extrapolate the non-digital using generalized "human
| experience" models built off everyone else to resurrect a
| copy of them (or many copies) in a simulated continuation of
| their day to day thinking and working.
|
| Very few people fully understand the extent of the digital
| footprints we are leaving behind in the context of trends in
| big data.
|
| The data we are leaving behind in mass collection will
| eventually take on (literally) new life.
| tgflynn wrote:
| This title needs to be qualified with "during World War II" or
| (1942).
| snvzz wrote:
| Wait until they learn about people using perfect cryptography
| (one-time pad).
| [deleted]
| relaunched wrote:
| I love the post. I smiled quite a lot, not only because of the
| stories themselves, but because of my own childhood tomfoolery,
| oftentimes including my childhood best friend.
| jolmg wrote:
| > At some point the Jack Armstrong program invited listeners to
| mail in a Wheaties box top to get a decoder ring that could be
| used to decipher secret messages that would be given near the end
| of certain broadcasts.
|
| I remember seeing that in "A Christmas Story":
|
| https://www.youtube.com/watch?v=6_XSShVAnkY
| aeturnum wrote:
| > _The friendlier one eventually described how much it had cost
| to investigate another recent case where a person was reported to
| have pulled down an American flag and stepped on it. Only after
| the investigation was well under way did they learn that the
| perpetrator of this nefarious act was only four years old._
|
| I never cease to be amused and amazed by the incredible lack of
| imagination discernment law enforcement personnel display at all
| levels. I'm sure some smart people work at the three letter
| agencies, but there sure is a range!
|
| To me, I take it as a lesson about the dangers of dogmatic
| following of rules and how such a system will inevitably provoke
| people into work that have less than zero desired value.
| Obviously, as 1984 and many other works remind us, the value is
| in reinforcing the power of the system - but the official line of
| the system is to say that's not the case.
|
| The reason government agencies are so fond of crushing people who
| have the bad luck to become centered in their gaze is that they
| know or suspect they are not clever enough to match wits with a
| below-average four year old and they would never want that
| possible fact to become public knowledge.
| sunjester wrote:
| I have 2 such FBI records and every time I do a background check
| for a job they don't know what it's for and neither do I. I wish
| there was a way I could find out if it was computer related or
| not.
| Hackergamer123 wrote:
| causi wrote:
| I had to have a sit-down with the school admins because I used
| the "netsend" command to send the letter q, one time, to every PC
| in the school. I thought it was just going to go to the computers
| in the computer lab.
| chheplo wrote:
| He was able to tinker with a radio at age of 10, in 1940. I had
| my first electronic at 19, in 2003, growing up in India. Today,
| almost anyone in the world can have access to the latest tech
| easily. Great minds were there and are everywhere in the world,
| they just didn't have access to resources. Think how fast the
| research monopoly of US is going to shrink.
| HeyLaughingBoy wrote:
| Growing up in a Third-World country, I was tinkering with
| electronics at age 10 and built my first crystal radio at age
| 11 from junk parts. Dumpster-diving isn't hard as long as you
| don't mind the occasional dead dog.
| jacquesm wrote:
| Apart from the dead dogs my experience in a first world
| country was quite similar. But for some reason I'm more
| impressed with you, probably because here in NL electronics
| were relatively easy to come by because people were throwing
| away older generating electronics with great regularity to
| buy something newer.
|
| Whereas I would expect that in the 3rd world by the time you
| got your fingers on it it must have been technically beyond
| salvage.
|
| Crystal radios are neat!
| HeyLaughingBoy wrote:
| Thank you. I found the same to be true, though. Most people
| don't know how to repair radios, or don't know anyone who
| can do it, so if it's anything more complex than a broken
| wire, it ended up in the trash. At least the cheap,
| handheld transistor radios did. Happily, everything was
| through-hole in the 70's so parts were easy to remove :-)
| jacquesm wrote:
| Yes, thank god for through hole parts, otherwise I don't
| think I ever would have made it this far. VLSI is killing
| poor kids' ability to get started with electronics.
|
| What did you do your soldering with?
|
| My first soldering iron(s) were simply screwdrivers in
| the stove :)
|
| I even recycled the solder but it took a while to
| understand that you need flux as well as solder to make a
| good joint.
| HeyLaughingBoy wrote:
| I don't think heating up a screwdriver ever occurred to
| me!
|
| My first soldering iron was huge! I don't remember who
| gave it to me, but it was clearly not for electronics. It
| had a small wooden handle and a tip that looked like a
| large, bent flathead screwdriver. It could remove parts,
| but not much else. Ha! gotta love google. It looked
| something like this: https://www.amazon.com/Soldering-
| Handle-Chisel-Point-Copper/...
|
| Thinking back, my grandfather was a carpenter and left a
| shop full of tools when he died, so it's possible that it
| used to be his.
|
| I remember asking for a real soldering iron as a
| Christmas or birthday present and getting a low-wattage
| one since they didn't cost that much. Until then,
| everything was held together by wrapping wire onto leads.
|
| The strange thing is that I remember having a small
| soldering iron, but I don't remember ever having actual
| solder.
| jacquesm wrote:
| Interesting thread this. You made me re-live a whole
| bunch of my past and I noticed something funny (or at
| least, I think it is funny): to this day I can't help
| myself, when I walk by a dumpster or the garbage before
| it is picked up I am _still_ scanning for TVs, tape
| recorders etc. It 's so automatic that if not for this
| thread I would not have caught on to what that was all
| about, it's simply a habit.
|
| And I still can't stand waste.
|
| One day we will look back to this age and wonder: how on
| earth could we have been so wasteful that perfectly good
| stuff ended up in a landfill.
|
| That soldering iron of yours looks like the perfect tool
| for some SMD work.
|
| I recall those in the hands of stained glass workers,
| either that or gas heated ones.
|
| My first upgrade from a screwdriver looked like this:
|
| https://i.ebayimg.com/images/g/pEUAAOSw621hLQqd/s-l1600.j
| pg
|
| Which actually worked well enough for tube based
| electronics, (not even hole through, just built up in the
| air on metal frames). And it held the heat a lot longer
| than the screwdrivers, which tended to carbonize after a
| while.
| dhosek wrote:
| A lot of functional electronics end up in third world
| countries as "e-waste." Never underestimate the
| wastefulness of American consumers.
| amatecha wrote:
| I've found entire, functional computers thrown out. My first
| web server was a 386 built from dumpster-dived parts, quickly
| upgraded to a 486 as I found new stuff. I still have those
| computers, too. It's amazing how wasteful people are with
| tech. People, please don't throw out working computers if you
| can avoid it. Take them to a thrift shop or a specialized
| place that will fix them up and sell them, like Free Geek.
| Post an ad on Craigslist "free" section.
| bitwize wrote:
| A year and a half ago, I found an entire HP Elite 8300
| standing by the dumpster in the rain. It was only missing a
| hard disk (likely removed to be shredded).
|
| I brought it in, checked it for rust or damage, let it dry
| for several days, and ordered a hard drive for it. It runs
| fine, and I use it as a repo/build server.
| HeyLaughingBoy wrote:
| Nice. I have an SGI Indigo that I will probably never be
| able to use again because I forgot its login credentials
| years ago. And I think the monitor was proprietary to SGI
| and I tossed because it took up too much room.
|
| Then again, I could probably find a downloadable OS for
| it somewhere online.
| daveslash wrote:
| Previous Discussion:
| https://news.ycombinator.com/item?id=14229412
| torpid wrote:
| My FBI file was for hacking into my school district's AS/400 that
| handled my school's attendance and grading system. Somehow using
| a public IP address with no access restrictions allowed a clear
| telnet path in from home. Compounding username and passwords that
| were all the same for every employee. I didn't change a thing,
| just LOLed and told someone. Bad mistake. This was the late 90s.
|
| Oh well, 2 week suspension and kicked off the computers for less
| than a year. A nice conference with FBI, police, my parents, IT
| and school administration. Fun times.
|
| I learned my lesson to not talk about such things because their
| egoes were too fragile.
|
| When they decided to give students in their website design class
| ftp accounts on the district wide web/email server running an
| ancient version of Debian, they didn't disable the shell, just
| added a login script to a menu for pine, etc. for people who
| telnetted in, which I'm sure the sysadmin was proud of. However,
| a few fast CTRL-C's broke out of his script menu loop and got me
| a shell, and they didn't shadow protect their password files. Ran
| it through john the ripper and had half the district's e-mail
| passwords in a default dictionary file including the root pw in a
| few minutes. LOLed and never told anyone about that.
|
| Good times, the 90s....
| technothrasher wrote:
| > I learned my lesson to not talk about such things because
| their egoes were too fragile.
|
| At my university in the early 90s I went the white hat route
| and had tons of fun. I managed to convince the computing center
| folks to give me a student job in the Unix group, and _then_
| spent the next three years hacking their systems and getting a
| pat on the back when I did it.
| namrog84 wrote:
| > I learned my lesson to not talk about such things
|
| I like how you shared how you learned lesson to not share
| mischievous activities with people in the same post you then go
| and share more things you haven't been caught for.
|
| This is going on your permanent school record! /s
|
| That's great. I know even as of recent of 2021 I've seen some
| places that had 0 security on things.
| dylan604 wrote:
| another thing probably learned is statute of limitations!
| JumpCrisscross wrote:
| > _I like how you shared how you learned lesson to not share
| mischievous activities with people in the same post you then
| go and share more things you haven 't been caught for_
|
| American public schools are quite adept at teaching distrust
| in authority, particularly in bureaucrats. That doesn't mean
| distrust in everybody.
| Tr3nton wrote:
| HelloFellowDevs wrote:
| I think the example is in the great grand parent comment
|
| > Oh well, 2 week suspension and kicked off the computers
| for less than a year. A nice conference with FBI, police,
| my parents, IT and school administration. Fun times.
|
| Something that most would believe as non-malicious and
| just for the lolz received a (what I personally think is)
| heavy punishment. So as a kid you learn to just keep that
| to yourself because you don't know if you'll get a "oh
| thanks for telling us" or a "you're expelled". Its not
| explicitly said to distrust but you learn from
| experience.
| anikan_vader wrote:
| > American public schools are quite adept at teaching
| distrust in authority, particularly in bureaucrats.
|
| It's an important lesson to teach kids while they're young!
| Strange, though, how you never see it on the formal
| curriculum.
| pixiemaster wrote:
| it's a hidden lesson, only for privileged kids.
| 908B64B197 wrote:
| How is that a lesson for privileged kids only?
| [deleted]
| _-david-_ wrote:
| The American public school system likes to teach that they
| are an authority that should be trusted.
| littlestymaar wrote:
| That must be reverse psychology. /s
| bitwize wrote:
| cgriswald wrote:
| I think this is especially prevalent in schools. You'll see
| things like this even for things that aren't related to
| computers. When I was a kid, drugs in your locker were your
| drugs, even though breaking into the lockers was trivial and
| stashing drugs in other people's lockers was the way business
| was done.
|
| I wouldn't have told the school of a theft I witnessed even
| if I knew there were cameras recording the entire thing.
| You're guilty unless you can prove someone else was more
| guilty and they're not really concerned about the truth of
| the matter so they're not trying to help you.
| dheera wrote:
| > I didn't change a thing, just LOLed and told someone
|
| > Oh well, 2 week suspension
|
| God damn, these idiot school people have no fucking clue that
| someone who points out a security flaw to you _without_
| inflicting any harm is actually doing something good, and that
| behavior should be _encouraged_ and _rewarded_.
| gojomo wrote:
| BRB, preparing my YC S22 application: "BugBakeSale"
|
| "We're bug bounties for America's school districts: HackerOne
| for the K12 market. The product is free if you let our
| corporate partners, who also fund the bounties, recruit the
| winners."
| loup-vaillant wrote:
| Seriously, they would have deserved that the school
| mysteriously becomes littered with printed (or typed) sheets of
| paper explaining how to access the system and change everyone's
| grade.
|
| If it were me, for the second time I would have considered
| adding a file to everyone's FTP account (including the admins &
| professors themselves) explaining how they too can escalate to
| root.
| BLKNSLVR wrote:
| > because their egoes were too fragile
|
| If anyone else reading can learn vicariously, this line is
| almost universally true and manifests itself in a multitude of
| ways.
| andai wrote:
| When I was 11 or 12 we had a bunch of old Windows (2000?) boxes
| with a shared network folder -- all the students' files were in
| the same folder. I had just learned about basic batch file
| "programming" so I made one called Change Your Grades Click
| Here!!.bat which asked for your username and password (we had
| individual accounts on the Mac computers) and saved them to a
| hidden text file in the same folder. Most people didn't fall
| for it, but I got one girl's login that actually worked, which
| scared the shit out of me, and I deleted the program. (I really
| wanted to tell her that "emma" is not a good password, but I
| thought it wouldn't turn out well for me.)
|
| A few years later, I cracked the admin password (with a
| Ophcrack live USB) for a silly reason: they had the machines
| mostly locked down, and I wanted to change the desktop
| background hahah. I remember being quite disappointed in the
| sysadmins that the admin password for all the machines in
| school was a common dictionary word, cracked in 30 seconds.
|
| Oh, once I met a guy who identified as a "hacker" (in the sense
| of breaking into systems illegally) and he told me (then a
| young teen) to "have my fun" before I turned 18 and then to
| stop, which in retrospect was very good advice.
| vagrantJin wrote:
| > I got one girl's login that actually worked, which scared
| the shit out of me, and I deleted the program. (I really
| wanted to tell her that "emma" is not a good password, but I
| thought it wouldn't turn out well for me.
|
| With all due respect for HN policy of nuanced, Intelligent
| debate.
|
| "Wimp"
| rootsudo wrote:
| Ah yes, grabbing the SAM file. That's still a valid attack
| vector if local admin password rotation isn't in play.
| lokimedes wrote:
| I had sysadmin rights on my school's Windows servers after some
| very simple social engineering (for a 10 year old). The real
| irony was that I was called to the principal's office on
| multiple occasions because I seemed to be able to fix things on
| the network that the local "admin" (e.g. music teacher)
| couldn't. Fun times indeed.
|
| It completely ruined my respect for authority figures. Which in
| retrospect has been the most valuable outcome from being the
| local "that kid from Wargames"
| jpmoral wrote:
| >It completely ruined my respect for authority figures.
|
| It looks like they realised they were out of their depth and
| found someone who could help. Were they wrong to trust you?
| RotaryTelephone wrote:
| Had a similar problem with feeling betrayed by authority
| figures when I was called in to be questioned about a hacking
| incident while in middle school just because I was good at VB
| in programming glass. Can really ruin a kid's confidence for
| years to come in case anyone in such position is reading this
| now.
| 908B64B197 wrote:
| > It completely ruined my respect for authority figures.
|
| It sounds like they were right to trust you? Doesn't sound
| like you ever did anything bad with admin credentials. And
| you even used it to fix stuff.
| Teknoman117 wrote:
| I was in high school from 2007 to 2011. Half of it in rural
| Alabama, the other half in the Bay.
|
| Even being in the tech capital of the world, the school
| administration's views on technology and information access
| were so backwards. Our school basically didn't allow
| accessing any websites that weren't on some allowlist.
| Teachers had accounts to bypass the content filter.
|
| We had a game design class that happened after school.
| Usually that period was reserved for making up classes you
| failed, but ROP courses that didn't align with the district's
| curriculum goals were taught as well.
|
| Needless to say, pretty much every resource we needed was
| blocked. So the teacher would give out his content filter
| bypass credentials, because the school wouldn't entertain any
| exceptions to students not being allowed to have them even
| though they knew there were classes on campus that would have
| tremendous difficulty. A couple of times a student would leak
| the credentials to others on campus and it'd take all of 5
| minutes to get to everyone on campus via social media.
|
| They'd always treat everyone who knew the bypass accounts as
| "guilty unless proven otherwise". I ended up in detention a
| few times for even knowing it. Parents complained to the
| school a bunch, school just always blanket said "bypassing
| the content filter as a student is against policy for any
| reason. No exceptions."
|
| Makes me think back to 1st grade in 1999 when I was first
| given internet access and being told not to use Google
| because "it wasn't safe". Couldn't have been that bad because
| it took another half decade for me to inadvertently end up on
| the "adult" part of the internet.
| rootsudo wrote:
| Public network shares, cain&abel, learning about NTLM
| downgrading and well, these were the days when Wifi was "new"
| and wireless B and G was considered wow, 54mbps.
|
| Back then, everything really felt like magic.
|
| Old netsend trick, pre windows xp SP2.
|
| There were enough stories at this time online that I knew it
| was best to say nothing. Did nothing bad, just explored,
| learned quite a few things and well was surprised how really
| easy it was to do things.
|
| Nowadays, I feel kids won't/don't get that chance to explore
| - which is sad. Internet is curated through apps and
| "enagement" user experience and cloud services/SAAS.
|
| Maybe they can spot a lifetime link to a google sheets master
| password document. ;)
| partiallypro wrote:
| I had two friends that did similar in the early 2000s, except
| that while the school knew there was a breach, they never
| caught who did it. Had all student social security numbers,
| grades, attendance, etc pulled into a thumb drive on the school
| network. I imagine this happened a lot around various school
| districts, especially in that time when school networks were
| less secure.
| twox2 wrote:
| Good times indeed. I got into similar mischief, but my school
| didn't really mind. I got a slap on the wrist, because they
| were to prestigious to court negative attention. Then I got
| into similar shit in college. I reported it and got lucky
| again. The guy in charge of their cybersecurity program invited
| me to take his class which was all master's students and phd
| candidates as a freshman. I would have bombed as it was all
| over my head cryptography/math, but at the time I did some
| extracurricular research that got me a passing grade.
| empressplay wrote:
| Late 80s and my junior high school computerized attendance
| reporting (and some grades) through shared documents on a
| 'teacher' Appletalk share I had access to (because I set it
| up!) Well now... ;) Honestly though I never did any of that
| sort of thing for profit, I managed to satisfy my needs selling
| disks with games on them and then turning a blind eye when
| people were playing them during class hours (I was basically
| used as a free labour resource by the school so I don't feel
| bad about that in the slightest.) Ah, the things we did when we
| were teenagers...
| avgDev wrote:
| This reminds of a Costco bug I discovered, it appears that they
| fixed it lol.
|
| So, Costco runs AS/400 in stores, and their online store is in
| .Net MVC. I worked with both technologies and often have to
| communicate with AS/400 devs and they are close to their
| retirement so little fucks are given. Plus, working with DB2 is
| annoying in general, the .NET data provider from IBM is
| expensive and sucks.
|
| Now onto the bug, when you purchased items online at a
| discount, you were able to return to store at a full price as
| their systems were not communicating that a discount was
| applied. I returned several items, but did not realize until I
| bought a laptop that was $400 off and tried returning it. I
| ended up calling Costco and letting them know. Unfortunately,
| they didn't give me any lifetime membership or a good citizen
| award.
|
| If any Costco devs read this and know about this send me some
| love.
| windexh8er wrote:
| Costco still has issues of resolving discounts on a return. I
| won't state the bug explicitly but I had a conversation with
| them about how they refunded me a significant amount I never
| paid on a large purchase and showed them the delta via
| receipts. Local management was appreciative but didn't seem
| to have an idea of how to proceed to make things right.
| Ultimately they said my account would be flagged as owing the
| difference so the next time I shopped I would be charged for
| the incorrect refund. The problem is that that didn't work
| either and I don't shop there often. I tried to do the right
| thing but ultimately it ends up being their responsibility to
| handle it when the customer is standing right in front of
| them showing their loss of revenue.
| giantg2 wrote:
| "I tried to do the right thing but ultimately it ends up
| being their responsibility to handle it when the customer
| is standing right in front of them showing their loss of
| revenue."
|
| I bought some lions mane mushrooms from a grocery store,
| which cost $10-12 per lbs. The cashier rang them up as
| "regular" (button) mushrooms at $2 per lbs. I pointed out
| the mistake and she tried to correct it but chose the
| button mushroom again. I brought it up a second time and
| she selected a different incorrect mushroom at a slight
| increase ($4/lb?). At that point, I gave up. She's the one
| ringing it up. I tried.
| mleonhard wrote:
| I met someone many years ago who bragged that they did this
| with sales tax. They purchased expensive items at Costco in
| Oregon, paying 0% sales tax, and then returned those items in
| Washington and received a full refund plus 10% sales tax.
| This was the first time I met a person who appeared normal
| but lacked social mores against fraud.
| beepbooptheory wrote:
| Honestly that person sounds cool and if they aren't normal
| then I haven't met a normal person in my whole life.
| Zenst wrote:
| > I learned my lesson to not talk about such things because
| their egoes were too fragile.
|
| Yip, ego's and people talk are the downfall of many an innocent
| `self-education` in the area of IT security.
|
| Post 80's and laws started to change, prior, in the UK it was
| theft of electricity being the only way to nail some people.
| Crazy fun times.
|
| Though I do miss the old phone system per-say, outdials,
| wardialing, things like that, was common with many and just
| seemed more mysterious as you could only learn thru word of
| mouth or self-education as no books or internets and BBS's were
| not as cheap in the UK or common as we never had the official
| free local calls aspect as you fine folks had in the US.
|
| Do recall a chap getting kicked out of college for doing
| something I'd done previously, just that he had a bigger ego
| and not as delicate with the power to steal the admin password.
| Which involved an ICL George 3 OS mainframe in the times of
| very large disc platters and admin console journaling that had
| no encryption. so they rotated discs without adding extra wear
| of zeroing the previous content, only the file table so you
| could end up with a user disc platter that had formally been
| used as a admin console jounal reposatory and could create
| files without zeroing and dump the previous contents of the
| disc of that way...which eventually got you the admin password.
|
| Do recall few instances of work related cases in which I needed
| to do things so, kinda hacked what I needed (resourcefulness)
| like upon a DPS7 Honeywell mini computer in which needed the
| admin password to do something and nobody had it at hand at
| that time of night and the passowrds were kept in a file that
| was encrypted so I worked out the encryption key by looking at
| the file as was poor encryption and text files have lots of
| spaces so saw a pattern with the word OPERA in and tried and
| tada, got what I needed. The spooked admin next day wondered
| how I did it so I told him fully, he then went and redid the
| encryption and challenged me to see if that was secure, I
| looked at the encrypted file and kinda worked out by the
| patterning that it had been encrypted twice....yes with the
| same password OPERA only encrypted with that and then encrypted
| again with the same. Educational for all back then. Today, not
| as easy to do that, but still a great story of times of old.
|
| My ego prevents anything else and was an ethical hacker and the
| 90's was an era in which, we white hats would and was the
| internet security, bringing down pedo's and bad actors like
| that that frequented some platforms with ease (looking at you
| AOL). So whilst illegal per-say, was case of no real official
| policing of such things as we do today.
|
| But darn, some things learned and worked out, well zero day
| exploits back then were not as financially economical as they
| are today and heck, and some never really appreciated how long
| they would stay obscured from the wild.
|
| I also liked hardware back then, was also fun and many a hidden
| switch to get a feature you would normally pay silly money for
| some engineer to `install` though was just some hidden switch
| was not that uncommon. Heck even today you get kit that is same
| inside with a model up just adding some small thing and example
| would be some Fluke multimeters that you effectively pay
| hundred for a small capacitor and another digit on the outer
| shell, is a good example current today.
|
| Fun times indeed, but darn, goalposts always moving.
| fnord77 wrote:
| just curious - has this ever shown up on employer background
| checks?
| 0xbadcafebee wrote:
| I was punished three times for computer curiosity before I
| learned my lesson. No good deed goes unpunished, especially
| when it makes somebody powerful look bad.
| stank345 wrote:
| > they didn't shadow protect their password files
|
| Could you please explain what this means? Googling didn't
| reveal much.
| pmw wrote:
| https://en.wikipedia.org/wiki/Passwd#Shadow_file
| jll29 wrote:
| The UNIX family of operating system (Unices) historically
| stored passwords in /etc/passwd, which was readable (but
| passwords were soon hashed, i.e. passed through a one-way
| function to obfuscate them).
|
| Eventually, shadow passwords were introduced to have the
| passwords themselves stored in another place with stricter
| access rights (readable only by the sysadmin or their group),
| so even the hashed versions were inaccessible to normal
| souls, whereas other information traditionally kept in
| /etc/passwd - e.g. the user's full name - could and can still
| be retrieved from that file by making it widely readable -
| just without the passwords, which were moved to the
| "shadows".
|
| See also https://en.wikipedia.org/wiki/Passwd, section
| "Shadow file" for more details.
| lr1970 wrote:
| > Could you please explain what this means? Googling didn't
| reveal much.
|
| An classic UNIX /etc/passwd file is readable by all local
| users and in the past used to contain the password hashes.
| One can download these hashes and crack the passwords
| offline. At some point the problem was recognized and
| password hashes were moved to special /etc/shadow file which
| is accessible only to root and members of shadow group making
| /etc/passwd useless for extracting passwords.
| hermitdev wrote:
| I was in junior high early 90s when I got into trouble with my
| school's networks. Setup was Novell Netware, DOS 6.x. I was
| never a Netware expert by any means, but by that time I'd been
| using DOS at home for quite a number of years and knew my way
| around pretty well. Anyways, the network crashed. I got accused
| of causing the crash because a teacher had seen me with "a
| black screen open", aka a DOS prompt. Our Netware setup didn't
| allow for direct DOS access; we had a limited set of DOS apps
| from a menu we could run. Well, among those apps was
| WordPerfect for DOS. There was some function key combo that'd
| suspend WordPerfect and dump you at a DOS command prompt (I
| forget the key combo, but we all had those keyboard templates
| at the time that listed out the various commands helpfully,
| right in front of you, at school, even!).
|
| Well, being at a DOS prompt was enough circumstantial evidence
| for me to get suspended for a week (no FBI record, AFAIK). My
| parents, despite being strict, were also fair and asked me
| point blank, "Did you have anything to do with what you're
| being accused of?". Told them no, I was just at a DOS prompt
| (probably to play either nibbles or gorillas - those classic
| BASIC games). To their credit, their opinion was if I was going
| to serve the time, I might as well know how to do the crime
| (know, not actually _do_ ). I had already been tagging along to
| continuing education computer classes my mom was attending, but
| my parents started buying me more and more computer books. It
| got me started down the programming path. I'd already been
| pretty friendly with our sysadmin at school and he knew I had
| nothing to do with what happened and hadn't accused me, but the
| school needed a scape goat, and I was it. He felt bad for me
| and choose to help me out with my learning, too, instead of
| continuing the punishment. He gave me a copy of the software he
| used for after hours remote access over direct dialup. Think it
| was called Carbon Copy? It was basically just telnet over
| dialup that allowed me direct access to _his_ PC on the network
| after hours before I even knew what telnet was. So, I 'd
| connect after dinner and play around for hours as network
| admin. It wasn't multiprocessed, so I had to be patient.
| Typically when I'd log in, he was running a nightly backup
| manually that he'd kick off before he left for the night. I
| just had to wait for it to complete, then I could do whatever I
| wanted. I had full access to the grading/attendance system. I
| could message teachers as other teachers, etc. I could have
| granted admin access to anyone, but I was smart enough to never
| touch my own account, instead, created fake admin users and
| used those, instead. I'd hide files in plain sight using the
| ALT+255 trick to embed a nonprintable character in
| file/directory names. You could see them, you just couldn't
| directly access them without renaming them for most programs.
| Fun times. I never did anything destructive, though I could
| have easily.
|
| Security in the 90s was a joke. They were good times, indeed :)
|
| I continued my shenanigans into college. College was my first
| encounter with Windows NT networks & l0phtcrack. I remember one
| night, walking into my dorm room with the SAM file from a lab
| PC on a floppy. I popped it into my own PC, started cracking
| the passwords, expecting it to run all night. As I got up from
| my PC to head down for dinner, I was surprised to see that I'd
| already cracked the administrator password. It was just a 5
| character password that was the building code & room number for
| campus IT. I already knew better than to do anything from my
| own PC, only ever worked from different lab PCs in different
| buildings and under assumed accounts. Never reported anything,
| either, for fear of reprisal.
| [deleted]
| ada1981 wrote:
| Anyone else hear Dick Tracey's voice for the "They are your son's
| alright" part?
| tester756 wrote:
| >After we left the form by her front door her parents somehow
| figured out who had done that and, when Bobby's and my parents
| learned of this stunt they decreed that we would no longer play
| together. We followed that guidance for over 40 years.
|
| oh
| errcorrectcode wrote:
| So my database course used a proprietary database hosted on-
| campus with IP ACLs. I setup a proxy on the campus cluster and
| mirrored 90% of it before the lecturer turned it off. I don't
| understand why they would even look, much less care, about
| policing closed-source documentation like the Stasi. If it
| happened these days, it would've been an Aaron Swartz situation.
| xtracto wrote:
| > This was just after local citizens of Japanese descent had been
| rounded up and taken away to concentration camps, though I was
| not aware of that at the time.
|
| Now that was a piece of history I had never herd about:
|
| https://www.britannica.com/event/Japanese-American-internmen...
|
| Apparently Mexican concentration camps were not the US first
| throw at it.
| phendrenad2 wrote:
| I'm sure more than half of HN has an FBI profile. I know that
| from an early age I would do internet searches for everything and
| anything I found fascinating, including hacking, piracy,
| anonymous proxies, nuclear energy, wilderness survival, firearms,
| communism, cults, wikileaks, snowden, assange, and a multitude of
| conspiracy theories.
|
| I grew up fine and have never broken the law. But I sometimes
| wonder if some computer system or agency sees me differently,
| just based on keywords.
| buserror wrote:
| I had the french secret service come and interrogate me in ~88
| (bad cop/good cop) because I had doctored a RS232 cable to be
| NULL modem, to be able to connect to the X25 "transpac" network
| using a terminal. I was 'drafted' in the army back then,
| basically unpaid slave labour, and I was risking 40+ days in
| prison for sabotage. I 'escaped' due to a coupe of forward
| thinking officers who didn't think that was a way to handle a
| smart 18yo kid.
| AlexanderTheGr8 wrote:
| Can you imagine what will happen when measuring pupil dilation
| goes mainstream? Any authoritarian govt will be able to measure
| your _true_ intentions. There is no way to hide your pupil
| dilation.
|
| For example, if you are browsing twitter and see a post of your
| country "liberating" its enemies. If your pupils and pulse
| indicate that you don't approve of your country's actions,
| suddenly you will lose some rights as a citizen. Maybe your house
| gets raided for "suspicion of terrorism"
|
| With AR/VR devices about to go mainstream, this is very possible.
|
| Any thoughts?
| bcopa wrote:
| King
| c0nsumer wrote:
| Be sure to read the follow-up
| (https://web.stanford.edu/~learnest/cyclops/bash1.htm) about the
| challenges the author faced in trying to help move forward a
| reasonably safe standard for bicycle helmets.
| dahart wrote:
| Yeah, came to say the same. The multi-part saga of helmet
| safety is fascinating history, and enlightening to hear the
| story of the people who were fighting this fight for so long.
| I'm bookmarking this!
___________________________________________________________________
(page generated 2022-01-28 23:00 UTC)