Overclock.net › Forums › Industry News › Technology and Science News › Consolidated LulzSecurity News Thread -=Updated 6/15/2011=-
New Posts  All Forums:Forum Nav:

Consolidated LulzSecurity News Thread -=Updated 6/15/2011=- - Page 48  

post #471 of 708
The problem is that you can never be sure if the site is completely free of vulnerabilities.
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
post #472 of 708
People shouldn't praise Lulzsec, they've done nothing productive. All they've done is leak innocent people's personal information, and DDoS'd various gaming servers. All for the "lulz".
post #473 of 708
Quote:
Originally Posted by __Pat__ View Post
To all people who say a properly secure website can be penetrated, please explain how, if there are no vulnerabilities, a penetration would occur? You're really not making any sense.
Or are you guys just spouting what you've been told by security "experts" (read: people like Blackberg security http://www.blackbergsecurity.us/ ), without any true knowledge of the conversation at hand, simply because you disagree with my position on the matter?

Don't get me wrong, I didn't say it was a walk in the park to properly secure a website, but it's not impossible either. Proper coding, along with testing your website for vulnerabilities would go a long way from having an unencrypted database to be got from an SQL injection.
And how do you ensure no vulnerabilities? You do realize that many vulnerabilities are secured because they have been exploited. In essence, the hack comes first, the patch comes later. So anyone who discovers a new vulnerability now has an inside track via an exploit that is unknown to those trying to keep intruders out. These are basic security concepts, it's clear you know nothing about it.
post #474 of 708
Quote:
Originally Posted by Iceman23 View Post
And how do you ensure no vulnerabilities? You do realize that many vulnerabilities are secured because they have been exploited. In essence, the hack comes first, the patch comes later. So anyone who discovers a new vulnerability now has an inside track via an exploit that is unknown to those trying to keep intruders out. These are basic security concepts, it's clear you know nothing about it.
Clearly you read half my post.
Quote:
Don't get me wrong, I didn't say it was a walk in the park to properly secure a website, but it's not impossible either. Proper coding, along with testing your website for vulnerabilities would go a long way from having an unencrypted database to be got from an SQL injection.
And would you rather have these vulnerabilities hacked by a hacker who tells no one about them and uses him for himself?
Lala
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7-750 @ 3.00GHz Intel DP55WB Sapphire HD 5870 @ 950/1200 1.212V Kingston 2x2GB DDR3 1333.3 
Hard DriveOSMonitorPower
1TB WD Black, 1TB WD Green Win 7 Ultimate 64 bit Samsung P2370H Thermaltake ToughPower 750W 
Case
Thermaltake M9 Black 
  hide details  
Lala
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7-750 @ 3.00GHz Intel DP55WB Sapphire HD 5870 @ 950/1200 1.212V Kingston 2x2GB DDR3 1333.3 
Hard DriveOSMonitorPower
1TB WD Black, 1TB WD Green Win 7 Ultimate 64 bit Samsung P2370H Thermaltake ToughPower 750W 
Case
Thermaltake M9 Black 
  hide details  
post #475 of 708
Quote:
Originally Posted by __Pat__ View Post
Clearly you read half my post.

And would you rather have these vulnerabilities hacked by a hacker who tells no one about them and uses him for himself?
Nope, read the whole thing, you're still wrong. If there's a person using a computer or it is connected to a network, it is hackable.

And nope again, I would rather have vulnerabilities discovered by hackers who notify the company and the creators of the vulnerable software so that it can be patched and secured. You can try to justify it any way you like, but you're simply mistaken.
post #476 of 708
Quote:
Originally Posted by Iceman23 View Post
Nope, read the whole thing, you're still wrong. If there's a person using a computer or it is connected to a network, it is hackable.
That's the reasoning that's behind companies having such a low standard of security. There's a difference between a hacker being able to hack some useless part of the website, and being able to hack your main database.

Quote:
And nope again, I would rather have vulnerabilities discovered by hackers who notify the company and the creators of the vulnerable software so that it can be patched and secured. You can try to justify it any way you like, but you're simply mistaken.
So you're agreeing with me
Lala
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7-750 @ 3.00GHz Intel DP55WB Sapphire HD 5870 @ 950/1200 1.212V Kingston 2x2GB DDR3 1333.3 
Hard DriveOSMonitorPower
1TB WD Black, 1TB WD Green Win 7 Ultimate 64 bit Samsung P2370H Thermaltake ToughPower 750W 
Case
Thermaltake M9 Black 
  hide details  
Lala
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7-750 @ 3.00GHz Intel DP55WB Sapphire HD 5870 @ 950/1200 1.212V Kingston 2x2GB DDR3 1333.3 
Hard DriveOSMonitorPower
1TB WD Black, 1TB WD Green Win 7 Ultimate 64 bit Samsung P2370H Thermaltake ToughPower 750W 
Case
Thermaltake M9 Black 
  hide details  
post #477 of 708
Quote:
Originally Posted by __Pat__ View Post
That's the reasoning that's behind companies having such a low standard of security. There's a difference between a hacker being able to hack some useless part of the website, and being able to hack your main database.
Once again you have absolutely no clue about network security.You've gone from saying websites can be unhackable to saying that they can get into useless parts of the website. Which is it?

Quote:
So you're agreeing with me
I'm not agreeing with you whatsoever, LulzSec did not conduct their hacking anywhere close to the manner in which I described. I'm done trying to explain this to you, I don't think you even know what you're arguing about anymore.
post #478 of 708
Quote:
Originally Posted by Iceman23 View Post
Once again you have absolutely no clue about network security.You've gone from saying websites can be unhackable to saying that they can get into useless parts of the website. Which is it?
I'm meeting you half-way through. I still maintain that a properly secured website cannot be hacked. But since you say that a properly secured website is impossible to attain, I'm arguing you on the basis of trying to achieve maximum humanly possible security.

Quote:
I'm done trying to explain this to you, I don't think you even know what you're arguing about anymore.
All I can say is that the feeling's mutual.
Lala
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7-750 @ 3.00GHz Intel DP55WB Sapphire HD 5870 @ 950/1200 1.212V Kingston 2x2GB DDR3 1333.3 
Hard DriveOSMonitorPower
1TB WD Black, 1TB WD Green Win 7 Ultimate 64 bit Samsung P2370H Thermaltake ToughPower 750W 
Case
Thermaltake M9 Black 
  hide details  
Lala
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7-750 @ 3.00GHz Intel DP55WB Sapphire HD 5870 @ 950/1200 1.212V Kingston 2x2GB DDR3 1333.3 
Hard DriveOSMonitorPower
1TB WD Black, 1TB WD Green Win 7 Ultimate 64 bit Samsung P2370H Thermaltake ToughPower 750W 
Case
Thermaltake M9 Black 
  hide details  
post #479 of 708
Quote:
Originally Posted by __Pat__ View Post
I'm meeting you half-way through. I still maintain that a properly secured website cannot be hacked.
This seems like a pointless assertion though. It's like saying that a piece of string that is of infinite length cannot be measured. Well... yea... but it doesn't exist so why bother mentioning it? What do you define as "properly secured" anyway?
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
post #480 of 708
Quote:
Originally Posted by __Pat__ View Post
I'm meeting you half-way through. I still maintain that a properly secured website cannot be hacked. But since you say that a properly secured website is impossible to attain, I'm arguing you on the basis of trying to achieve maximum humanly possible security.
You can't ever be 100% properly secured - it is impossible to know all vulnerabilities before they are discovered. Therein lies the fundamental flaw of every statement you make.

And once again, I also agree that hacking can be done in a manner to achieve maximum human security and without causing harm - BUT THIS IS NOT WHAT LULZSEC IS DOING.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Technology and Science News
This thread is locked  
Overclock.net › Forums › Industry News › Technology and Science News › Consolidated LulzSecurity News Thread -=Updated 6/15/2011=-