Lets have a hacking day!!!
Yes, lets do have one... but before you start screaming out at me for promoting criminal activities, hear me out.. :) i know this idea would most likely be stepped on, laughed about and sometimes spit on as well... but that happens all the time so wats the difference...
i was thinkin that huge companies like dhiraagu and wataniya an ROL who's data and network security is critical to them... should have a hacking contest.... u know organised networks security analysis if you will.... we all know all systems have flaws... but it can be mitigated
if you think about it.. the idea isnt so far fetched... my idea of how it should work... example: Dhiraagu..
lets say dhiraagu sponsors contest.. the aim of the contest is to find weaknesses and flaws within their existing system... internet, mobile, data, POTS, watever....u know.. get together a band.. some food.. a bunch of nerds, script kiddes and hardcore programmers, and the rest... make a party out of it... offer cool prizes maybe.. even cash and certificates.. job offers... even...for guys who find the weaknesses or faults within the existing system... THE ONLY CONDITION BEING.... that they have to tell dhiraagu HOW they did wat they did.. to get into the system.... so that they can fix it asap...
of coz the thought of leaving the data vulberable to these type of people would prolly make dhiraagu piss in their pants... hehe but well.. can always work around it if it were organised... and of coz is always much better when u can monitor what they are doing :) but just think about how much more secure their networks would be after lets say a week contintued attacks :)
of coz an extenstion of that would be.. to encourage people to come upto dhiraagu with flaws they find without going public or using it... in return for a reward for finding such issues... again... minimize damages caused.......
plz drop ur comments on this... :)
posted by Daadi @ 9:19 PM
17 Comments:
i support, it, fatty, ur idea is kool.
lets see what otheres have to say..
i agree with you fatty,
i love the idear..
but.. and again BUT..
how would companies who have got too much "pride" in themselves to accept a single problem within them agree to do something of this sort...
These big boys keep lying to our faces(customers faces) all the time.
For example within the past month or so, this blog have exposed 3 main flaws with screen shots as evidence. But have anyone accepted that it was a flaw? NO?
even when we called Focus Infocom while connected with their free internet they accuse us of lying and say it will not happen and we will NOT be getting free internet and there was nothing wrong!
Dhiraagu still claims there is nothign wrong and they are down for yearly maintenance or whatsoever
what the problem with accepting one's own fault and correcting them. but as i said before the big boys have got too much PRIDE in themselves.
so fatty, maybe this talk of a hacking day sponsored by dhiraagu or whatsoever is out of the question. BUT
why not find a way to have an independent hacking day :)
See the problem with an independent ‘hacking’ outing.. or rather lets call it a ‘security analysis and reporting convention’… is that there are going to be legal implications, I mean lets say we do hold something like that.. u can be assured that dhiraagu, wataniya and ROL are going to gang up on us an take us all to see the nice men at the police station..
Using ‘lets hack Dhiraagu, week’ example:
But with a sponsored convention, the participants are free from the legal implications of such acts, because they are in effect given the permission to test out their systems are of coz will be reporting back to Dhiraagu, the same principle as bringing in a security consultant.
Concerns yes maybe, that the crowd who do come in will be an undisciplined bunch with lack of professionalism... who might do more bad than good. Of coz.. But they should ask themselves, that those guys who want to hack in or do whatever else.. Will be doing it now as well… so isn’t it better they do it while they are watching so that they can identify and fix problems on the spot?
I mean.. Dhiraagu spits out thousands upon thousands on advertising campaigns… why not something like this.? This could probably end up giving them back more than they put in?
Maybe squid ur right! The pride problem might be there?.... but they should not think of it as a pride problem.. maybe a challenge… to the public.. which says.. “hey.. our engineers and technicians are so good that we are confident that you guys can’t break into our system”.. and if you do.. ur good enuf so that we’ll give you a reward for telling us wat you did?
Guess this is wishful thinking
nice idea,
rootwars sound much better.
So whats for the winner.
Mabbie we can have hack-teams.
:( but when all this is over, the Police, the NSS, the MIB, the Secret Service n all the govt shits will be wanting you to do their dirty jobs.
If only we can hide our real identity and do this it will be much better, Also the winnner can b paid through something like paypal :P
squid:
u mentioned dhiraagu still claims that theres nothing wrong in their system, and that they're down for yearly maintenance... i assume you're talking about their e-bill system?
if so, thats a totally different answer i got when i called their helpdesk.. they admitted that there is a problem with their system and are trying to fix is asap.. also, told me that the "fixing" work is carried out by some guys in London!!
anyways, keep an eye on my blog. i'l be publishing the whole "chat" between me and the helpdesk officer, shortly.. stay tuned!
cheers! :)
London? from my knowledge the whole e-billing software is done by a company in India and they are waiting for the guys from india to come and work on it since they have some warranty on it.
let us know what comes up
You know... i've just been asked the question....
"Why do you guys at digitalsquid bother with this? you're only puttin yourself in harm's way.. u can't win against big companies like Dhiraagu... and wat do you get out of this anyway? its better to mind your own business.. "
does anyone want to wager a guess/comment .. as to why or why not we are doing this.. or why should be doing this?
This is called Risk Analysis. It can also be called Penetration Testing. This is a good thing for those BIG companies as it helps them to revise and improve their security.
exactly.. lot of companies do it... the most experienced professional engineer does not think like a low down hacker.. ;)
so good idea or not?
good idea
but the thing is they wont "waste" their money for this.
why dont u guys send a letter to dhiraagu about this?? so it'l be more official
diabolicaldevil :-)
u serious?? LOL... maybe while we are at it we should sugges that we would organise that contest too :D
who do we speak to about sponsorship?? any ideas?
altho i dont think they like us very much...
dont think anyone would give sponsership for this. but still we can always try rite??
ya they dont like the blog, most of all they dont want others to find their flaws.
im sure that dhiraagu/ROL techies will read this blog, but they dont say anything here [dunno abt those Anonymous guys]
villa has got some good employees, one replied here when something abt them was posted here
i think im goin a bit out of topic so i'll stop here
diabolical, u'd be surprised to know how much money dhiraagu spends on pentests already.
If you guys are technically so Proficient in hacking and doin Security Analysis, why dont you come up with a SECURITY FIRM to give solution instead of been the part of the problem.
if u ask me, i think we need to change da phrase used from "hacking" to security analyzing or smtn! dat word wud scare da hell outa most organisation!
neways i thinks its a really kewl idea cus as sum ppl have said, da networks wud b better dho!
but hey hehe lets leav sum bugs not messed with so dat we cud compromise em later! hehe just an evil thought! of course, ethics are all left to da individuals! but hear me out! those companise wud do dat if da roles are vice versa!
neways i welcome such a day! let there b alota anouncing!
muah to all da dhiraagees!!! i love u guys!
n btw am kinda new here, but to tell u da truth this is really kewl!
what the hack are you guys talking abt?? Dhiraagu doesn't have any security. So This is useless, they don't wanna make it secure either.
Oh first thing is, YOU ARE TALKING ABOUT CRACKING YOU IDIOTS, i am proud to say i am a hacker, (I DONT MEAN CRACKING) So what ever you do, search the dictionary for CRACKERS and HACKERS and understand the meaning. I hate when people say that HACKERS are BAD,NO, some of us go pass the line to cracking but I AM STILL NOT PAST that LINE.
We invented the internet, we made the programmes you run, We make the Anti-virus You use...But when SOME OTHER CREEPS COME AND USE INTERNET FOR "BLUE FILMS" YOU BLAME US..
(oh yeh, i want to say that i love the idea anyway)
THAT IS WHAT I HATE ABOUT YOU GUYS.
yeah, the idea is goooood, but...these companys are visited by pro's...o should i say 'pro hackers' on the companys requests to check out...how u can screw up th'r systems?....n by the way these guys normaly come from Microsoft or from leading computer security companys....ROL shit cans dont kno a damn thing about network security...bt thanks for free internet. :)
Post a Comment
<< Home