×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

106 comments

Keeping the Haxors on their Toes. (0, Insightful)

Anonymous Coward | more than 3 years ago | (#33107364)

I Like it.

Re:Keeping the Goatses on their Butts. (-1, Troll)

Anonymous Coward | more than 3 years ago | (#33107398)

Re:Keeping the Goatses on their Butts. (-1, Offtopic)

Anonymous Coward | more than 3 years ago | (#33107546)

Sorry, off topic, but can we find out who moderated this insightful and make them wear a sandwich board that says 'I think goatse insightul' as well as revoking all moderation rights?

Re:Keeping the Goatses on their Butts. (-1, Offtopic)

Anonymous Coward | more than 3 years ago | (#33108080)

Sorry, off topic, but can we all stand around and laugh at the retard who clicked a link that said "goatse" believing it to be "insightful".

Re:Keeping the Goatses on their Butts. (-1, Offtopic)

Johann Lau (1040920) | more than 3 years ago | (#33108580)

Insightful? Insightfullest! If there are deeper insights to be had than what the goatse man is so kindly offering to the internet day in day out, I don't wanna know them.

Of course (5, Insightful)

Anonymous Coward | more than 3 years ago | (#33107376)

Unlike many presenters at Black Hat, Michael responsibly disclosed the flaw to organizers, who quickly fixed the issue.

If that seems like altruism, think: why would Mozilla want a bunch of black hat hackers pissed off at them?

Re:Of course (1, Interesting)

Anonymous Coward | more than 3 years ago | (#33108084)

If that seems like altruism, think: why would Mozilla want a bunch of black hat hackers pissed off at them?

If this post sounds like cynicism, it is.

Re:Of course (-1, Troll)

Runaway1956 (1322357) | more than 3 years ago | (#33108222)

Let me try to apply some analytical reasoning here.

Black.

Hat.

Hackers.

WOW - BLACK HAT HACKERS!!!

There's no need to piss any of them off. In fact, it would probably have been better not to try sucking up to them. Just fly under the radar, avoid attention. Keep your frigging mouth tightly SHUT.

Analytical conclusion? Michael's a friggin' idiot.

Re:Of course (0)

Anonymous Coward | more than 3 years ago | (#33108860)

Unlike many presenters at Black Hat, Michael responsibly disclosed the flaw to organizers, who quickly fixed the issue.

If that seems like altruism, think: why would Mozilla want a bunch of black hat hackers pissed off at them?

Doesn't matter if they're pissed off at them or not, Mozilla is big enough that they're probably going to be looked at regardless. I don't think any extra ire will do much of a difference.

Re:Of course (1)

GooberToo (74388) | more than 3 years ago | (#33110330)

If that seems like altruism, think: why would Mozilla want a bunch of black hat hackers pissed off at them?

Fixed it for you.

If that seems like altruism, think: why would Mozilla want a bunch of black hat hypocritical hackers pissed off at them? After all, such rational is what black hatters use to justify almost every action, disclosure, and exploitation. To be pissed at such an exploit would mean thy are a bunch of small minded, hypocritical bitches.

in soviet rusia (4, Funny)

Anonymous Coward | more than 3 years ago | (#33107404)

  Applications find bugs on black hats.

Sue the bastard! (-1, Redundant)

Anonymous Coward | more than 3 years ago | (#33107422)

They should really sue this guy, for snooping and questionable hacking!

responsibility (3, Interesting)

Anonymous Coward | more than 3 years ago | (#33107430)

The responsibility aspect is one area where the Black Hat guys could earn a lot of respect by doing the right thing. It's a dick move to just disclose stuff without giving companies a chance to fix their mistakes, no matter how stupid it is.

Re:responsibility (4, Insightful)

Cylix (55374) | more than 3 years ago | (#33107442)

Then exactly how would they sale online streaming events for 395 and equally expensive conference tickets?

Re:responsibility (1)

benji fr (632243) | more than 3 years ago | (#33107692)

maybe because some people are living far away from Vegas, and that the trip to and from Vegas will cost them at least 3 times the ticket, (and I don't mention hotel and food...)

Re:responsibility (1)

Khyber (864651) | more than 3 years ago | (#33107822)

bandwidth certainly doesn't cost that much, and the equipment used has more than likely been paid for/paid for itself.

it's just a flat-out money pit.

Re:responsibility (2, Insightful)

Hinhule (811436) | more than 3 years ago | (#33108106)

Most likely they want actual attendees and if it's too cheap to just watch the stream these computer people may just sit and watch it from the comfort of their own mancave instead of showing up.

Re:responsibility (4, Funny)

Linker3000 (626634) | more than 3 years ago | (#33107990)

If the cost of attendance and video streaming is worrying you, why not just persuade your local ATM to provide the cash for you. I believe there was a presentation about this..but then things get recursive...

Re:responsibility (1)

socz (1057222) | more than 3 years ago | (#33110636)

That's why you pay the $395, because the room was full and you couldn't get in :P

Re:responsibility (0)

Anonymous Coward | more than 3 years ago | (#33107654)

But since when is video worth $395? I'd expect that from the MPAA but not a hacker's conference.

Re:responsibility (1)

DickeyP (1651593) | more than 3 years ago | (#33107988)

It'll be worth $395 when Elisha Cuthbert and Jessica Alba release their first co-starring porno.

Re:responsibility (1)

martin-boundary (547041) | more than 3 years ago | (#33108006)

I doubt it, they'd have to do some *very* kinky shit to compete with the, er, "cream" of what fills the net for free these days.

Re:responsibility (0)

Anonymous Coward | more than 3 years ago | (#33107888)

I continue to fail to see how, in any meaningful way, not disclosing it to the public is so terrible.

Cooperation would certainly be better, but stupid or severely harmful? Doubt it.

Re:responsibility (2)

plover (150551) | more than 3 years ago | (#33108948)

Excuse me, but were you there at Blackhat? No? Surprise.

Had you attended, you would have noticed that every presenter discussed vulnerabilities only after responsible disclosure. Nobody at Blackhat was surprising any vendors with 0day exploits. Timothy's summary above is full of shit.

Now, I won't say every vendor was responsible about patching their systems upon notification. Too bad for them. But the Blackhat guys were all approaching the topic responsibly.

Re:responsibility (1)

couchslug (175151) | more than 3 years ago | (#33112700)

"The responsibility aspect is one area where the Black Hat guys could earn a lot of respect by doing the right thing. "

That assumes DTRT is "respected" instead of "punished".

Prisoner's Dilemma? (2, Interesting)

nmb3000 (741169) | more than 3 years ago | (#33107444)

Interesting. You have an unknown number of users accessing the video feeds for free. The system has equilibrium and is yet unstable (they might find out at any time and block everyone). Now enter one prisoner who rats out everyone else. The end result? That one individual gets a free legitimate account and free access to the video streams while everyone else has their access blocked.

Honestly? It sounds like Michael Coates is a little bit of a douche. A small handful of users accessing the stream for free doesn't really hurt anything and it's not like this was some serious security vulnerability. Reading his blog post, he makes it sounds more like he uncovered some huge security exploit. Truth is all he really did is save a somewhat inept third party development company a little bandwidth money.

He should have just waited until the conference was finished and then notified them for future reference. That way everyone clever enough to notice the exploit got their little bonus and the company learns its lesson. No real harm done.

Re:Prisoner's Dilemma? (-1, Redundant)

Lunoria (1496339) | more than 3 years ago | (#33107460)

Michael Coates did that right thing. If you were the one hosting the video stream, you'd rather people got it for free, rather then pay you the money you deserve for hosting it? Watching the video streams without paying for them is wrong.

Re:Prisoner's Dilemma? (2, Insightful)

Anonymous Coward | more than 3 years ago | (#33107480)

Its a "black hat" conference. Perhaps the reward for them being stupid enough to have hire a dumb 3rd party to do the video conference is to have, like the OP said, a few (note: "few") people be able to stream for free. The biggest irony is it would be "black-hats" streaming for free from black hats, so the conference people really have no say if they do not want to appear hypocritical.

Re:Prisoner's Dilemma? (0)

Anonymous Coward | more than 3 years ago | (#33109906)

The biggest irony is it would be "black-hats" streaming for free from black hats, so the conference people really have no say if they do not want to appear hypocritical.

Yo dawg, we heard you liked black hats, so we black-hatted the streams from Black Hat, so you could be a Black Hat while streaming black hats from Black Hat...

Re:Prisoner's Dilemma? (5, Funny)

johnhp (1807490) | more than 3 years ago | (#33107498)

And if there's one thing attendees of Black Hat respect, it's intellectual property... oh wait. Ordinarily I'd say pirating video streams is morally questionable, but hacking access to the video stream of a security conference is so poetic that I refuse to believe it could be evil.

Re:Prisoner's Dilemma? (2, Interesting)

c0lo (1497653) | more than 3 years ago | (#33107910)

Ordinarily I'd say pirating video streams is morally questionable, but hacking access to the video stream of a security conference is so poetic that I refuse to believe it could be evil.

The best example that being a cracker is not synonym with being dishonest.
Even more, I see it as a good example of a wise strategy on long term: if disclosing the flaw before giving a chance the organizers to patch it would have exposed the organizers to ridicule. And one would rely on the same ridiculed persons to have a DEFCON 2011? Opportunism rarely make good sense in scarcity conditions.

Re:Prisoner's Dilemma? (1)

pclminion (145572) | more than 3 years ago | (#33114412)

I don't know where people get these ideas about Black Hat. Black Hat has some "interesting" attendees, but for the most part the audience is made up of security professionals. I go to Black Hat every year as part of work. Despite the name of the conference, the atmosphere there is very much "white hat." Some of the presenters are in the gray area, but most of the presenters are just other security professionals who are at the top of their game.

No punches are pulled at Black Hat, and the policy is full disclosure in extreme detail, but we're mostly all there to figure out how to COMBAT the behavior of black hats, not become them ourselves. If you want an insane orgy of malice, that's what Defcon is for.

Re:Prisoner's Dilemma? (2, Interesting)

martin-boundary (547041) | more than 3 years ago | (#33107720)

True, he should have first posted the streamdumps on rapidshare, and then told the organizers how to fix the flaw. Bandwidth problem solved, everybody is happy :)

because it's stealing (2, Insightful)

YesIAmAScript (886271) | more than 3 years ago | (#33107478)

The product has a price. If you take the product without paying, you're stealing the product.

Why am I supposed to feel ad for those who had illegal free feeds and no longer do?

Bandwidth does cost money you know. I'll tell you what, I'll just start siphoning gas out of your car. Not so much that you can't afford it, but just a little. No harm done, right?

Re:because it's stealing (1)

Compaqt (1758360) | more than 3 years ago | (#33107584)

Umm, yeah, well, blackhats would never steal digital products, of course.

Watching a few self-proclaimed bad guys talk about security is like stealing from Mother Teresa, right?

Re:because it's stealing (1)

Anonymous Coward | more than 3 years ago | (#33107616)

$395 worth of bandwidth? Hmm, someone needs to get out of the early 90's...

Re:because it's stealing (3, Insightful)

YesIAmAScript (886271) | more than 3 years ago | (#33107758)

Just because the price is high doesn't make it not stealing.

If you think the product provides a poor value, then don't buy it and do without. Just as you would do if it were a shirt in a store.

Re:because it's stealing (-1)

Anonymous Coward | more than 3 years ago | (#33107808)

That still doesnt make it stealing, its just not paying for a copy. If you go to Target Copy and order 100 copies of something and not pay for it, it would be considered non-payment for service rendered and not stealing.

Re:because it's stealing (5, Insightful)

iammani (1392285) | more than 3 years ago | (#33107824)

Ahh can we please stop calling it 'stealing'. If I were to steal a shirt in a store, the store would deprived of the shirt. That is not the case here

Call it unethical, freeloading, leeching, but not stealing.

Re:because it's stealing (-1, Troll)

gutnor (872759) | more than 3 years ago | (#33108012)

Can we stop arguing and just go calling it stealing. Same lost battle than Hacker is not a Cracker.

In any case, here you deprive somebody of the money he should have received, so it sort of makes sense. (well, unlike what people says, who really would pay once they have seen a movie ? Probably the same oldtime making the difference between stealing and copyright violation. The younger, they have trouble even accepting the fact that producing music, movies or GPL code has any value at all, if it is available for free as a torrent.)

Re:because it's stealing (2, Funny)

Anonymous Coward | more than 3 years ago | (#33108030)

In any case, here you deprive somebody of the money he should have received,

Agreed, some people deserve money just because!

Re:because it's stealing (1)

gutnor (872759) | more than 3 years ago | (#33108308)

Because he released his work under a scheme offered by the government. His choice, not yours - not happy with the terms, don't buy it - but do not infringe his rights.

Re:because it's stealing (2, Insightful)

tehcyder (746570) | more than 3 years ago | (#33108476)

In any case, here you deprive somebody of the money he should have received,

Agreed, some people deserve money just because!

No, they deserve money because they provided a service. Or do you not think that lawyers, programmers, stockbrokers and architects should not be paid, just because they haven't created a physical object?

Re:because it's stealing (0)

Anonymous Coward | more than 3 years ago | (#33108652)

If someone earns money encouraging others to crack systems, it's difficult to say that the person cracking their system is in the wrong. At the very least it's incredibly morally ambiguous, if this person is allowed to profit from the kind of behaviour he's actively trying to stop being perpetrated against himself.

Re:because it's stealing (0)

Anonymous Coward | more than 3 years ago | (#33112284)

You are right, they should get paid to perform the *service* that needs to be done, e.g. creating the design, program, etc. Once that is created, they should be *done*, paid, and happy. Why should they get paid every time their product is *distributed*? That is not a useful service that we need to pay them for -- we are quite capable of distributing works ourselves, for free. In fact, trying to do otherwise leads to very unnatural consequences, as we are seeing with all these copyright violation issues. Other professions don't expect to be paid every time their product is *used*. They are paid to *produce* it. Why should authors and other content creators be different?

Re:because it's stealing (0)

Anonymous Coward | more than 3 years ago | (#33113412)

I provide a service. It might be something that people have no use for, but damn could I use some of that money I deserve.

Re:because it's stealing (0, Troll)

mike2R (721965) | more than 3 years ago | (#33108036)

Ahh can we please stop calling it 'stealing'.

Can we please stop obsessing about this meaningless piece of sophistry? Stealing is a word, not a reference to the criminal law code in your particular jurisdiction. The usage is fine.

Re:because it's stealing (5, Informative)

martin-boundary (547041) | more than 3 years ago | (#33108140)

Stealing is a word, not a reference to the criminal law code in your particular jurisdiction.

I agree with you, and I also move that we start calling all RIAA employees pedophiles. It's a fine word, not a reference to the criminal code!

Re:because it's stealing (1)

mike2R (721965) | more than 3 years ago | (#33108274)

Well that makes sense, apart from the fact that it doesn't.

If the RIAA were involved in something that was something that was generally regarded to be pedophilia, but was not actually illegal but required the victim to sue, then I'm sure people would do so.

Bit like the way people call them bastards when most of them are probably legitimate.

Re:because it's stealing (0)

Anonymous Coward | more than 3 years ago | (#33108718)

Ask a random sampling of people who have ever downloaded a song or copied a friend's CD if they consider themselves to be thieves. I suspect the majority of people do not consider this "stealing" as you suggest, it's just something perpetuated by the labels and big media and of course they're not biased at all. If it's such a horrendous crime as the labels suggest (and I'll let you judge for yourself if you think it is) it should stand on its own merits - if they can't get a sufficiently shocked reaction from the public by calling it copyright infringement, then maybe it's not as shocking a "crime" as they suggest. The irony is that the labels are the ones twisting the language to their own ends, and when people simply point out the correct usage of the language you think they are the ones who are in the wrong, not the ones who are outright lying to try and make a point?

Re:because it's stealing (1)

kevinNCSU (1531307) | more than 3 years ago | (#33109212)

Ask a random sampling of people in prison for killing other people if they consider themselves murderers. I suspect a majority do not consider what they did 'murder' either.

Re:because it's stealing (1)

mike2R (721965) | more than 3 years ago | (#33109526)

I'm sure you are right about copying a CD from a friend. But someone who's entire iPod is full of pirated music? Or has a massive collection of pirated DVDs? Or who bypasses a paywall costing several hundred quid to get access to a conference?

On slashdot no, maybe most people wouldn't call that stealing. But out in the real world people very often would - this is the thing that I think many of the "information wants to be free" types don't quite get. Apart from student age groups and below, they are a minority, and not a large one.

Re:because it's stealing (0)

Anonymous Coward | more than 3 years ago | (#33108332)

No. The doubleplusgood redefinition of words is the beginning of everything bad. First you have to confuse the people of the meaning of words and then make it seem like it has always meant something else than it actually meant.

No, we can't stop "obsessing" over words retaining their goddamn meaning.

Re:because it's stealing (3, Informative)

mike2R (721965) | more than 3 years ago | (#33108398)

steal
v. stole (stl), stolen (stln), stealing, steals
v.tr.
1. To take (the property of another) without right or permission.
2. To present or use (someone else's words or ideas) as one's own.
3. To get or take secretly or artfully: steal a look at a diary; steal the puck from an opponent.
4. To give or enjoy (a kiss) that is unexpected or unnoticed.
5. To draw attention unexpectedly in (an entertainment), especially by being the outstanding performer: The magician's assistant stole the show with her comic antics.
6. Baseball To advance safely to (another base) during the delivery of a pitch, without the aid of a base hit, walk, passed ball, or wild pitch.

v.intr.
1. To commit theft.
2. To move, happen, or elapse stealthily or unobtrusively.
3. Baseball To steal a base.

n.
1. The act of stealing.
2. Slang A bargain.
3. Baseball A stolen base.
4. Basketball An act of gaining possession of the ball from an opponent.

Re:because it's stealing (1)

Ash Vince (602485) | more than 3 years ago | (#33108600)

To take (the property of another) without right or permission.

So whether this counts as stealing all really comes down to whether we are going to allow intellectual property to be a type of property. Sounds like and interesting debate but it is still a complete waste of time.

The reality is that when all the people here advocating watching a stream without paying for the content grow up and get a job producing something that can be easily digitised they will realise it is not so hot when people do this and then do not pay you for your work. Hell, maybe it is too expensive, but then so is my rent so I need to make money somehow.

In both cases the seller gets to set the price of what they produce, that is simply how capitalism works, regardless of whether it is data or a physical item being sold. If something is priced too high, nobody buys it and the seller has to reduce the price. If enough people do buy it though, then the seller does not need to drop the price.

I hated these concepts when I was a poor student though, since I had no money and everything like this seemed to expensive. I lived on that much per month, now I can spend it in a week easy.

Now going back to the case at hand: Security researchers generally spend exceeding long hours doing what they do, for many years before they get any good. Then even after they discover something noteworthy they also have to spend time rehearsing their talk at the show. Then they have to travel there, probably at great expense via air from another country. So after investing all that time in something, should they not be able to get some return on that time investment?

Re:because it's stealing (1)

weirdcrashingnoises (1151951) | more than 3 years ago | (#33109200)

To take (the property of another) without right or permission.

So whether this counts as stealing all really comes down to whether we are going to allow intellectual property to be a type of property. Sounds like and interesting debate but it is still a complete waste of time.

I agree with the general emphasis and message of your post. However, you failed to notice that "take" and "copy" are two different words with different definitions.

Re:because it's stealing (1)

ScrewMaster (602015) | more than 3 years ago | (#33110894)

That looks like a typical Webster's definition. Here's one from the 'Lectric Law Library [lectlaw.com] . If we're going to be discussing the legality of things, a legal definition is more relevant:

STEAL

the wrongful or willful taking of money or property belonging to someone else with intent to deprive the owner of its use or benefit either temporarily or permanently. No particular type of movement or carrying away is required.

Any appreciable change in the location of the property with the necessary willful intent constitutes a stealing whether or not there is any actual removal of it from the owner's premises.

This term imports, ex vi termini, nearly the same as larceny; but in common parlance, it does not always import a felony; as, for example, you stole an acre of my land.

In slander cases, it seems that the term stealing takes its complexion from the subject-matter to which it is applied, and will be considered as intended of a felonious stealing, if a felony could have been committed of such subject-matter.


I'll leave you to draw your own conclusions.

Re:because it's stealing (1)

mike2R (721965) | more than 3 years ago | (#33111676)

Which quite neatly, takes us back to my original point about how these various crimes (or whatever you want to call them) of virtual property can quite correctly be called stealing in common usage, even if they do not fall under the legal definition of theft.

Re:because it's stealing (3, Informative)

Fulminata (999320) | more than 3 years ago | (#33108290)

In this case though, it really is stealing. Someone is paying for the increased bandwidth being used.

That cost may be less than $395, but it's also greater than $0, so real theft is involved because someone is out some money as a result of the action. Not theoretical "lost sale" money, but real money that someone will have to actually pay.

Re:because it's stealing (0)

Anonymous Coward | more than 3 years ago | (#33109964)

Someone is paying for the increased bandwidth being used.

Maybe... Do they pay a fixed "all you can eat" service plan, or are they getting charged by the (M|G)byte?

It's kind of like a farmer who's harvested too much crop to fit on his trucks going to the store.
If someone were to then go and take some of the crop (which would have spoiled anyway), should it have the same penalty as stealing it from the store?

Re:because it's stealing (1)

ScrewMaster (602015) | more than 3 years ago | (#33110928)

If someone were to then go and take some of the crop (which would have spoiled anyway), should it have the same penalty as stealing it from the store?

Yes, because it's the same crime. A court might take into consideration, when determining punishment, whether anyone was harmed. But either way the rightful owner was deprived of his property. It's his choice how to dispose of his excess goods. It might be that he donates his overage to local charities ... in which case someone would be harmed by the criminal's actions.

Re:because it's stealing (1)

philipmather (864521) | more than 3 years ago | (#33108326)

I've heard this argument before, that it's not theft/stealing because you aren't depriving the victim of any physical asset, this is however disingenuous at best. You may not be depriving them of the talk's content or IP but you are depriving them of the bandwidth needed to deliver it.

I'd agree that in the real world the organizers would be buying such bandwidth in big chunks and that would imply that the odd hacker streaming it for free wouldn't push them over the edge of throughput capacity but it's quite possible that they're paying by amount used, amount used above a certain burst limit or that they don't factor that increased demand into next years budget and hence spend more on it the following year.

Basically, you are depriving someone of real a physical asset, bandwidth or otherwise as someone else pointed out the money spent on that bandwidth so can we drop this "It's not stealing because I'm not depriving anyone" crutch?

Finally, just because I've punched a logical hole in this particular point of contention you should not conclude that I don't, in some more general way agree with you on a wider standpoint.

Re:because it's stealing (1)

dave420 (699308) | more than 3 years ago | (#33108506)

Well, in this case, the people downloading for free were not paying for their bandwidth usage, something which is not so abstract. Obviously it's not worth $400, maybe a few cents, but even so. Otherwise I agree with your point entirely.

Re:because it's stealing (0)

Anonymous Coward | more than 3 years ago | (#33112274)

Lets say I put up a subscription and balance out for everyone who pays for it. It is enough if all 200 of my subscribers log in at the same time and get the whole thing in 10 mins. Then suddenly 10k extra users show up for the party (hey its FREE!) and now it takes 10 hours to download. How are you not stealing from the subscribers? You are taking their time as now their feeds will be slower. They paid for a fixed feed to be delivered in a quick fashion.

To take something is not necessarily of something of monetary value. Also you are not necessarily stealing from 'the store'.

How about we make this a car analogy. I have a perfect cloning machine. I can point it at something and make a perfect copy of it. Some dude owns a rare corvette only 50 were ever made. It is worth a lot of money. Its a nice neighborhood and he keeps it in his driveway once and awhile. He likes to show off a little. I show up and point my PCM at it and poof I drive off with my perfect copy of his car right down to the little ding his daughter put in the bumper. Did I steal from this guy? Yes and no. No in that he still has his car. He can still drive it around. It is still relatively rare there are 51 now instead of 50. Lets say my buddies show up and say 'hey that is a sweet ride can I have a copy'. Sure why not I can make a perfect copy and I still have mine and the orig dude still has his. Suddenly there are 200k of this car driving around, as its a pretty sweet ride and free. Here is where the yes part comes in. The value of the original car is now worthless. The second I took that copy I stole value from that guy and all the other owners. They had invested in those rare cars. But *I* decided to come along and make the money they put into it disappear.

You are using a mental justification for stealing from others.

Rarity sometimes make for value. That rarity is how some people make money. You have somehow decided that rarity is not a good thing. Or as I like to tell people if everyone had a million dollars a million dollars is not worth much.

Re:because it's stealing (0)

Anonymous Coward | more than 3 years ago | (#33107840)

Just because the price is high doesn't make it not stealing.

You're right, that's not what makes it not stealing.

Re:because it's stealing (1)

Khyber (864651) | more than 3 years ago | (#33107830)

"Bandwidth does cost money you know"

Bandwidth does not cost $395 per person for a medium-bitrate 24/7 video and audio feed from a conference.

Please. I could spend maybe 99 bucks per month for 2TB data throughput for my Camfrog video server and serve 10,000+ video streams simultaneously, and it would still take me about half a month to reach my cap.

Re:because it's stealing (1)

Adult film producer (866485) | more than 3 years ago | (#33107968)

huh? You're not paying $395 for BW.. you're paying for the content.

Re:because it's stealing (1)

delinear (991444) | more than 3 years ago | (#33108926)

GGP suggested it's stealing because there was a measurable loss in the form of the bandwidth that the organisers had to pay for, nobody's disupting the cost of the content, but GGP was trying to bypass the arguments about whether content can be "stolen" (and the whole debate about a lost sale versus the lost possibility of a sale, etc), GP was merely demonstrating the tenuousness of this argument when the bandwidth cost is really just an incidental cost (it's like splitting your shopping at the store into two bags when you know it could fit in one, it's costing the store real money but they don't care, it's an incidental cost, what they really care about is whether you pay for your shopping).

Re:because it's stealing (1)

Americano (920576) | more than 3 years ago | (#33108794)

And would that "bandwidth" just magically work, with no outside maintenance or infrastructure? What? You mean it requires servers, and salaried employees, and a host of properly implemented technology to provide bandwidth? And the company needs to actually make an operating profit in order to expand its offerings, replace old infrastructure, and develop new business? And you're also learning something new from a bunch of security experts?

Gee, maybe that's why it costs $395?

Your view is so reductionist it's ridiculous. What you are paying for is the knowledge & expertise of the people who are presenting, and the people who are running the video stream - the "bandwidth" is a fraction of that total cost. People pay thousands of dollars to take college classes - are they "just paying to rent the use of a desk" for a night or two a week? You aren't "just paying for the bandwidth" anymore than those people are simply renting a desk.

I'll explain to you why you pay $5 a cup for coffee at Starbucks as opposed to the pennies that the raw materials cost in my next class. It costs $395. I think that's a pretty remarkable deal.

Re:because it's stealing (1)

Redlazer (786403) | more than 3 years ago | (#33107892)

If gas cost as little as bandwidth did, and continued to fall steadily like bandwidth does, then your analogy would be totally worthless.

You can't equate the two. Bandwidth gets easier and cheaper with time. Oil gets rarer and has to be physically moved.

Re:Prisoner's Dilemma? (1, Interesting)

Psaakyrn (838406) | more than 3 years ago | (#33107562)

No real harm except to the reputation of the conference itself. A conference about security should probably be secure, unless intentionally insecure. It doesn't sound like it's intentional.

Watch out Mozilla, IE might eat your lunch! (-1, Offtopic)

bogaboga (793279) | more than 3 years ago | (#33107520)

While I appreciate Mozilla's efforts, I think they should put more efforts into fending off the renewed assault from IE. According to these statistics, [mashable.com] IE is on the path of eating Mozilla's lunch. And that's not good to hear.

Re:Watch out Mozilla, IE might eat your lunch! (0)

Anonymous Coward | more than 3 years ago | (#33107730)

If anybody is on the path of eating Mozilla's lunch, it's Google.

e4s. (-1, Redundant)

Anonymous Coward | more than 3 years ago | (#33107578)

Encountered whil3 learn what mistakes

I work with (2, Insightful)

Anonymous Coward | more than 3 years ago | (#33107622)

the company that organizes these online events. Believe me, this stuff is expensive to put together and while $395 is a lot of money, it does need to be paid for if conferences like this are to exist. Letting people in for free will detract from the exclusivity and ultimate quality of the event online or physical. Being Black Hat, it's not surprising someone figured out an exploit!

Re:I work with (1, Insightful)

Anonymous Coward | more than 3 years ago | (#33108678)

Let's face it, black hat is just a shitty conference attended by self-proclaimed security researchers. And it's too expensive.

Responsible Disclosure (5, Interesting)

TXISDude (1171607) | more than 3 years ago | (#33107642)

As one who has attended many BlackHat conferences - I take offense to the line "Unlike many presenters at Black Hat, Michael responsibly disclosed the flaw to organizers, who quickly fixed the issue" In my experience, BlackHat presenters have followed responsible disclosure - including this year's high profile ATM exploit talk, which, for instance can not be replicated by those in attendence (proof was given that it can be hacked, but the sourcecode was not released) - and the industry certainly knew it was coming for > 1 year - and the end of the presentation gave simple directions about how to mitigate the issues. . .

Re:Responsible Disclosure (1)

elrous0 (869638) | more than 3 years ago | (#33109378)

More often than not, it's not the black hats themselves who behave irresponsibly--it's the software companies who, when notified of a flaw, drag their heals on fixing the problem and then have the gall to bitch about it when the hacker finally gets tired of it and goes public.

Re:Responsible Disclosure (0)

Anonymous Coward | more than 3 years ago | (#33110162)

I gotta say I agree with this, the presenters at BH were for the most part releasing with CVE's already on the books, or a contact at the company already informed far in advance (for instance some of the bugs were fixed prior to release, so it was difficult to demo.) Also, much of BH wasn't about 'sploiting vulns. It was more conceptual and general. (See the difference in keynotes for instance.) Defcon had a few presentations, for instance the SCADA presentation, where the presenter basically fell on his face and let the world know of these vulns in highly sensitive systems but didn't disclose them to the manufacturer.

I think this just goes more to the People don't know what the fuck they're talking about category. There's a lot of that, see the inquirer's article on General Hayden's keynote. (I'll give you a hint, he didn't say any of what they claim he did.)

Misleading (5, Insightful)

Anonymous Coward | more than 3 years ago | (#33107698)

Unlike many presenters at Black Hat, Michael responsibly disclosed the flaw to organizers, who quickly fixed the issue.

It's obvious why it was quickly fixed - because he disclosed it to the people who were losing out from the flaw.

A false contrast is being drawn to situations where a supplier, whose OWN security is not at risk and who frequently see discovery of flaws as more of a cost than a benefit, is not given sole access to the details of the flaw.

It could have ended up very different (4, Insightful)

Okind (556066) | more than 3 years ago | (#33107766)

Unlike many presenters at Black Hat, Michael responsibly disclosed the flaw to organizers, who quickly fixed the issue.

Bugs cost money to fix. In this case, fixing the bug could also cause more paying customers (the freeloaders also willing to pay, no matter how small their number). So it was in their best interest to fix the bug.

But let's be realistic here: Micheal Coates was lucky.

There are many instances (some of them documented extensively here), where reporting the bug causes the reporter financial and legal harm. Especially with security related bugs, companies see no potential gain in fixing the bug and cleaning up -- only costs, which piss off their investors. That is, unless the story gets out and people get angry. But by starting a fight with the honest, reponsible reporter, people are much more likely to think: 'must be a disgruntled customer/ex-employee/...'. Result: not enough bad publicity to raise a stink.

Obv (2, Funny)

Sockatume (732728) | more than 3 years ago | (#33108150)

In Soviet Russia, Mozilla finds security flaw in Black Hat!

Re:Obv (0)

Anonymous Coward | more than 3 years ago | (#33109886)

Your headgear seems to be emitting a buzzing noise, sir. Perhaps you have a bee in your bonnet?

$395 a head is an evil elitist rip-off scam (0)

Anonymous Coward | more than 3 years ago | (#33108482)

Talk about evil. What a rip off. Sheesh, hacking used to be fun, Now the corporate blood suckers are using it to exploit the masses. Greed really sucks.

Re:$395 a head is an evil elitist rip-off scam (0)

Anonymous Coward | more than 3 years ago | (#33110558)

Corporate blood suckers? It's the same guys making a living chating "Information just wants to be free" who are charging this, not corporations.

Slashdot (-1, Offtopic)

Anonymous Coward | more than 3 years ago | (#33108504)

/. is like a giant social experiment where 95% of the subjects are sociopaths.

Yes but... back in the day... (1)

Kildjean (871084) | more than 3 years ago | (#33109942)

That is the problem with Black Hat "Hackers" today... They are way too honest for their own good. Heck in back in my day, we would have all gotten in that conference for free, and we would be on our way to Paris to discuss it.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...