Ad Terras Per Aspera

Yet another social engineering prank. I predict its not for a game or a movie, but just a simple social engineering prank. Update: I was right!

Theodore Ts’o presents: The ext4 Filesystem

Google officially announces Google Checkout

Well, I had an interesting conversation with someone on IRC a few minutes ago, discussing my earlier article on possible future monitors. Basically, to sum up his argument, he said that HDMI is the future because a few companies are already adopting it as an alternative to DVI.

The reasons I think that’s wrong is because both DVI and HDMI are pretty much technological dead ends;

• Most if not all video cards manufactured right now, even ones with HDMI ports, cannot do the HDCP copy protection scheme due to a hardware limitation: they didn’t want to pay the expensive licensing fee for HDCP so they didn’t include it, and it can’t be emulated in software.
• Most people will use HDMI devices as DVI devices with converters, due to very little HDMI equipment being available.
• Limited bandwidth: With a single-link DVI connection, at a 60hz refresh rate, the resolutions of 1920×1080, 1920×1200, and 1600×1200 are the maximums for the various display ratios (16:9, 16:10, and 4:3 respectively). Already monitors are shipping that require more bandwidth for that, and few video cards have dual-link plugs or support using two plugs for dual-link.¹ Also, VGA, the previous popular standard, although analog, supports higher resolutions than what dual-link does.
• Type B (aka higher bandwidth) HDMI plugs are in the same boat as dual-link DVI: not many pieces of hardware support them, and unlike DVI allowing two single-link plugs to combine together to form one dual-link connection, you cannot combine two Type A plugs into one Type B.
• 8-bit per channel only: DVI and HDMI cannot display 12-bit and 16-bit per channel data.²

On the other hand, DisplayPort fixes most of these limitations;

• DisplayPort uses Phillip’s DPCP (DisplayPort Copy Protection), which uses the easily implemented AES encryption standard and allows multiple DPCP sessions at once for allowing more than one secure content session displayed at once. DPCP nor anything it relies on requires a license.
• DisplayPort supports up to four connection links in the current single plug design, allowing expandability into the next several decades.
• A single DisplayPort link has enough bandwidth to exceed anything dual link DVI or VGA can do: 24-bit 2560×1600 at 72hz is using about 65% of a single link.
• DisplayPort natively supports 8-bit, 10-bit, 12-bit, and 16-bit per channel.

So, taking all of this into account, due to it’s technologically superior and cheaper to implement design, plus far stronger copy protection to ease the fears of people like George Lucas, I feel that DisplayPort is the future of display technology.

_{[1]: The only hardware that actually supports dual-link DVI are workstation class video cards, ie, really expensive ones. Cards that support the use of two plugs to make a dual-link connection don’t allow more than one monitor plugged in due to only having two DVI plugs to begin with. In addition, some cards allow really strange things, like using the analog part of a DVI plug and the digital part of a DVI plug to allow two monitors; this is a really stupid idea.}

_{[2]: A hack does exist that allows 16-bit per channel data to be displayed on two single-link DVI connections, putting the least significant 8 bits on the second connection, but this is both not standardized (and very few devices support it) and not able to display resolutions that require a dual-link connection.}

So, it seems, Rob got a beat down not unlike what what the US military did to Nagisaki on August 6, 1945. Lots of collateral damage, lots of /kills, and lots of people running for cover and/or leaving the network.

The attack was perpetrated by user named Jmax, who is a member of Bantown. For those that have never heard of Bantown, think of them as the GNAA on steroids.

So, Jmax somehow acquired the ircd.conf from one of the volunteer servers (presumably the admin of that machine sent it to him), which contains the password hashes for all the oper accounts, including Rob’s.

Now, a one-way hash produced by MD5 is quite useless. You can get the password out of it, but it requires a lot of CPU power to do, as you have to guess every possible combination that fits the hash.

One of the Bantown members claims they have access to a giant Cray machine deep in a research facility somewhere that has 2048 CPUs, in addition to a few racks of dual Opteron machines. If this is true or not, I don’t know… but it does explain how they cracked it so quickly.

So, getting on with the show, Jmax cracks the hash, and notices one gigantic security flaw in Rob’s oper account… mainly that it uses levin@* as the hostmask. For those that don’t get hostmasks. Now, normally, this should be levin@*.isp.he.connects.to.com, so at least Jmax would have to compromise a computer that matched that hostmask.

Jmax logs into lilo’s oper accounts, and then proceeds to /squit and otherwise delink the entire network, /kill half the network, and set new topics for a bunch of big channels. He also delinked services and/or compromised hundreds of nickserv and chanserv passwords. (Which reminds me, its time to change your passwords, everyone.)

What Jmax did is basically legal according to Federal law. Will the FBI go after him? No. Jmax, Freenode, and Rob are all small fries. There was no money lost, there was no actual damage done, and stuff was fixed within a few hours.

Now, does this mean I condone such actions? No. What Jmax did was still wrong, yet unfortunately legal. Does this mean I still want to see changes in how Freenode is operated? Yes. Does this mean I still think Rob should drop Spinhome, and actually earn his pay from PDPC? Yes.