The AM Forum

Don't know if these are the homos(sapiens) that hacked the forum but interesting that AMForum shows up in their listing of "defaced" websites. 

http://www.zone-h.org/component/option,com_attacks/Itemid,45/filter_defacer,Dengesiz+Team/page,2

Glad we're back up and running.

Just wonder why we were targeted.  I know AMFone gets a lot of hits but it's not like we're mainstream and have a 2 million members. Maybe I'm wrong.   :-\

Whoever hacked the board needs to be brought to justice! It's a shame that someone with that type of knowledge couldn't put it to constructive use.

Just my two cents worth. I'm glad to see the board is back.

Regards,
Joe Cro N3IBX

whoever hacked us (like they really want to be known) needs to growup and get a meaningful life and a girlfriend. They need to spend less time behind their computers being the pencil neck immature douche bags that they are.  They live behind a computer with the intent of making others suffer and find entertainment by vandalizing ones property which isn't any different than me going to Gary's house and spray painting it.  Hacking isn't rocket science.  It's perserverance and these twerps have a lot of useless time on their hands.

Bob said:
Bob if you looked closely at that zone-h.org, (I think that was the same one I looked at), you will see that this bunch of sewer swine has been responsible for over 5200 sites hacked or defaced. From what liitle I have gleaned, they are a bunch of Turkish Muslim assholes hell-bent on spewing their hatred. That's why I refer to them as swine since they abbhor pigs. We were targets because that's the way the dice rolled.

Mike, I noticed that too. 

All the more reason I think they (hackers and vandals) need to get lives.  They're incapable of independant thought.  They're just automotons that need to be guided by someone else and don't have the wherewithall to do anything for themselves.  Basically, useless human debris in my opinion.  I'm going to stop here because I'm on the edge of forum rules plus I don't want to let these gropers think they got to us.

Let's get the nomenclature right folks. The people who defaced the board are not "hackers" they are "crackers". The process of breaking in and defacing things in cyberspace is called "cracking" not "hacking". Big difference between the two. A "hacker" is a skilled programmer who is capable of solving (often complex) problems quickly using programming skills and knowledge acquired through years of experience. "Hackers" are generally constructive and do good things. Crackers are the ones who break into computers, deface websites, etc. usually for either recognition or for some monetary gain,  Some crackers are also very skilled but most are just cheap copycat script kiddies.

I stand corrected. However,  truth be told we're both wrong as far as nomenclature goes.  They're vandals with nothing better to do except sit in front of their useless computer and make life miserable for others. What the enjoyment is in doing that, I don't know.  It's not logical to me. 

And I'm a hypcrite because, come to think of it I sit in front of my computer and make my life miserable too.... I can't get away from it. I'm a dweeb.

You described a cracker  perfectly. A person who uses a computer in ways that make other people miserable.

Don't  feel bad. There  is nothing wrong with spending lots of time in front of the computer if it is constructive and you  are doing things that you enjoy,. find interesting, and fullfilling.  Heck, it's no different than many of us who will spend days and days setting up an antenna, rebuilding a transmitter, building a class E rig, etc. For us it's enjoyment and satisfying. But I'd imagine there are others who would consider radio people to be strange, geeky, weird, etc. 

touchè.  good point about radio. Yes I'm a radio a dweeb at heart.

It's back up already - that was fast.  Thanks, Gary!

I wish them all paindul ulcerating and pustulent cancers, and I will laugh out loud while listening to the sweet sound of the lamentations of their women.

And I'm a pacifist vegetarian. Geez!

-Paul W2JTD

Bravo Gary for getting the site back up so quickly. You showed those hackers!

ha, thats a lot from you paul :),,,  I worked on a major mainframe operating system
itself on par with IBM, for over 10 years.  A hole in security was a major scram. I
fixed a few of them, trust me Microsoft should be liable for billions for their slip
shod security. On a talk show I offered to be a prosecution witness if it ever came
to pass, with my OS experience. In this case I suspect it is this forum application
that may be at fault. dunno, dunno bill gates stuff..

CRACKERS !!! not hackers  ;D ;D ;D

Problem is that this forum runs php instead of Perl. And we all know Perl is better.  ;D ;D ;D

A Perl of great worth!

for the old buzzards


                     http://www.officialjanis.com/b_albums_pearl2.html

The same mentality as the people who break out the windows of vacant buildings, or as in one case I recall, broke into the TX building of an AM broadcast station gone dark and busted up all the 833A's in the transmitter.  Around here, they regularly make the rounds smashing rural mailboxes.

In the local vernacular we call them "trash."

They smash rural mailboxes around here, too.
And blow them up, put rattlers in them, and...

Crackers? What are you talking about. Crackers are certain white people from the South. Or something you put cheese on. These guys were hackers, pure and simple and Gary showed them hackers the what for!

HAH!  They IFFED... when they should have ELSED!  Losers.

I always thought the term "computer programmer" was a bizzare term. Any idiot can learn to program a computer, How does  "computer programmer" become a ultimate carreer or professional goal ? It's a joke. And with todays high level langauges it's eassier than ever. Most "programmers" I have known learned to program on their own. By profession most of them were scientists, engineers, mathematicians, physicists, musicians, actors, english teachers, soothsayers etc. Those are true professions. Computer  programming is something one learns to do so they can use computers to make certain jobs easier. Some learn it because they think it's enjoyable. Oh yeah, I understand some people work for software companies and they program computers everyday for a living. That's fine and I am sure many are extremely skilled. But I still don;t consider "computer programming" a profession in and of itself.

I thought Crackers were from down south.

That's exactly what Steve/HUZ said. So we'll have to leave it at that bypopular opinion.  :)

Guess I should have read the entire thread.
Say, You haven't seen a Ted Nugent thread around here, have you?  ;D

Huntin' season has started so Ted is a bit busy killin' n grillin'.
I have a feeling he'll be back. He'll need some veges to round out his plate.

John,

I've worked in companies that create electronics products my whole career.  Since 1977 the products include software.  In that situation you see the "computer programmers" that are "professionals" and the ones that are "idiots".  There is a big difference.   Both groups give the hardware engineers some grief, but the idiots give us much more grief.

They're called Computer Scientists and theoretically, they apply scientific principles to software programming and the like. Lots of people program and about 99.9% do it poorly (no structure, commenting, etc.) Thus, we end up with buggy programs, piss poor user interfaces, diffucult to edit or update software, and continual reinvention of the wheel.

Yep, there pretty much all hackers - don't know what they're doing (just like a crappy golf player/hacker).

Food for thought

In my opinion there are two issues here and two different titles. There is 'computer programmer' and 'software engineer'. I suppose that if you can make a program print, "Hello world" then you are a computer programmer? Or not? Young kids who do this have been called computer experts or geniuses. I cringe when I hear this!
I call the IS people in our company 'computer programmers' cause they write business type software to run on a computer, based on known designs.
Software engineers, however, have to first design the system, then the algorithms to implement the system in real time, and finally the easy part is to write the code and debug the syntax. Seems like 80% of the project is spent on the design and documentation phase.

The first two parts are the most difficult and require an engineering degree. I just finished designing an algorithm to implement a FIR filter for an embedded system.

Lots of math!

 Also when I do digital communications design I am required to do lots of advanced math.
Over the years I have done hardware design including VHF receivers but now I am
doing embedded software and find it challenging which I like. The challenge for me comes from figuring out a design, dealing with real time issues, and the peculiarities  and often vagueness’ of the hardware.
When I was in undergraduate school the hardest course I took was 'Numerical Algorithms'.
My boss is a PHD EE from MIT and he can write programs but can't make a FIR filter fit in a certain number of bytes and execute fast enough in real time so that nothing crashes, literally! When he finishes a new hardware design, which includes one or more microprocessors, he brings it to me and usually says, "Here Bob, make this do something usefull".

I don't think either computer programmer or software engineer is a joke as a profession. Besides they pay well!
Also my final point is that I don't consider the 'modern language' C or C++ to be easy.
In fact these languages don't have as strict a sytax as earlier languages and allow a 'programmer' to easily makes mistakes and get undesired results. Especially if your doing an object oriented design. Actually I find assembly language to be easier.
Just my thoughts on the subject.

Regards
Q, W1QWT

This is what separate the men from the boys. Too many so called programmers these days just start out coding without doing any design or planning. It's all about showing off your coding chops instead of thinking. Another trait amongst such so called programmers is that usually they can only do it in one language or one script. That's why you get the goofiness of the C/C++ versus Objective C versus Visual Basic or Perl versus PHP wars. No matter what the application or requirement, they try to jam it into their little code box, usually with terrible results.

C is not easy. In that I mean it's easy to write C code but it's not easy to use C correctly. C  sort of straddle the line between being a high level and a low level programming langauge. C does allow low level access to systems resources. It also allows one to access and allocate areas of memory via pointers, and thats where a  lot of people get into trouble and wind up writing buggy code thats chock full of memory leaks and other assorted problems. I've  noticed that some people writing C code use pointers but don't  have a grasp on what  they are doing. The very concept of pointers, indirect pointers confuses many early on in their study of C and unfortunately many still don;t have a grasp when they start programming. Some of these people need to  either re-learn how to use C correctly or else program in some "safer" langauge,like Java which has no pointers. . Then there are those who tend to overuse pointers in C. That can be as bad or worst than not knowing how to use them.  No need to give examples here as anyone who's following me thus far has probably seen plenty of sloppy use of pointers.  And understanding how Assembly and how C function calls translate to assembly as well as a working knowledge of how the stack can be helpful.

Assembly langauge is not as hard as some make it out to be. And while I probably wouldn't use it to code  many projects these days it still comes in quite handy and, if nothing else, a working knowledge of assembly can give programmers a more thorough understanding of how things are structured on the  machine level.
 
Just my 2 cents.

software/hardware interface design makes me want to wrap my head in duct tape and place my hand drill on my forehead and drill away..    klc

The problem I have with hackers is that whikle some of them are bright, capable of solving problem and wring code they may produce code that works very well  but is difficult to maintain. many of them have bad attitudes,lack communications skills,  and their code is not easilly adaptable. I have noticed this problem in a lot of open source code that I have examined and used but it is also true in the closed  source world.

Few  people have the skill to write quality code that  does not contain the problems you are describing. The few that can are probably right here on this board. After all, we  AM'ers do everything perfect.  ;D

I was called "cracker" lots in 24 years working in the state prison. 

Either I had visions of watching the lion tamer at the circus, or I got hungry thinking about Saltines and peanut butter.

ha, Q and steve HUZ.  as a engineer supporting existing code, you all have that
right about design and documentation! (let alone meaningful symbols instead
of I , J , K , we had those to ). . We had 60+ engineers over many years working on our
products.

   Finally left to 4 of us, sigh.  Some pieces, written sweet, easy to walk their
thinking paths.   Others, I could shoot!  one jerk snuck in a one line 4000hex add to
a image header pointer offset. kept me guessing until I did a code diff, since before
he was hired. no comments, just tucked that lil' mo-fo in my code. checking the
library insertion dates from bad coders proved valuable!

Often projects have deadlines and the rush to get the project completed and the product to market precludes the idea of good design and documentation from beginning to end. Many projects seem to start out with good design in mind but rapidly deteriorate as deadlines draw nearer, deadline extensions run out,  and pressure from managers starts  to get  heavier  and heavier. Suddenly codse turns from we'll designed andf organized to sloppier and slopper coding with more and more bugs, quick fixes, patchworkand less and less documentation.  Then when it comes time for someone to maintain/ upgrade/ modify  the code they wind up spending more  time trying to decipher whatit all means and what it does than fixing it.  The overall result ? more time wasted for the time saved earlier.
Fixing someone else's sloppy code can bemore difficult than writing it yourself  from scratch.

John said:

They're not bugs, they are features! ;)

Yes, I have found that supporting existing code is one of the most difficult aspects of the job. I have also seen code written cryptically, to showoff I suspect. I have also seen lots of code written without proper documentation. I remember one of my professors telling us that we should strive to "write well documented code and to always use standard syntax contructions to avoid confusing those that follow us".
I have tried to follow that advice during my career and I think I have done well.
Sometimes I have to put my foot down to management and take the time to do it right. Also with each project I provided a "software design document" which has everything you need to know in order to maintain it including how to regenerate it, algorithm design theory, flow charts and or state diagrams, function timing information, and even test suites and  software test results. I force every line of code to be executed to find surprises.
When all that is done then I will release it to Beta.
In my opinion someone who inserts obscurity into code or who finds a new way to accomplish the same thing as the textbook method  is doing an injustice to those down the road and to thier company. After all if someone comes along two years later with the charge to make a change and sees some bizzare, non textbook code, they have to then take the time to understand what is going on before they can start the task at hand. In effect making the job longer than it should be and somethimes going down into the dissasembled code to see what is going on. Oh yeh one other problem with using non standard constructions I have run into is that when the code is recompiled with a newer version of compiler the results may change.

And another Oh yeh while I am at it. "Robust code" if you will. I have run into lightning stikes changing Special function registers in microprocessors. Having been bit by this many years ago I now keep checking the SFR's for change and if detected I reset them. I could tell you of problems I have had with watchdog timers but that is for another time.

Regards and Happy Labor Day
I am painting the house! Oh Boy!

Q, W1QWT

Q, I maintained the libraries and that can be a job will sloppy checkins. one
thing we had, I would impliment at another job. we called it source code
text. a dated kept in what we call notes, really much like this forum. it
was a paper trail. type of fix, why, what modules touched, who reviewed
it etc. - yes everyones work was looked over by others. finally i looked over
all of them!  It was the vms operating system itself, so a mistake could
screw up thousands of customers. sounds like we've all been there with
lousy code!

Kind of like a revision chekins system like CVS or RCS of the Unix world. You have a central repository, developers/maintainers check out code, make the changes, check it back in, but it can be reviewed before being committed to another/latest revision. You can also do branches, etc. Most important, if a bad  bug gets committed you can roll things back. Good way to  get out of trouble when people start runnin the code and  saying OUCH !!  vms was  cool. I learned on it for years. Ran it on the VAX. Sure miss those days. I do mostly Unix now. Haven't played vms in years.
 

The AWA Message Board (http://www.antiquewireless.org/awaboard//awaboard.html) got hacked the same day.  It is an open board with free access like the old AM Window BB, so all they had to do was enter the site and post bogus messages. One of the bogus posts contained a link named cirky, which was really a link to www.yourfreevids.com.  That URL is blocked by my custom HOSTS file.  Another bogus message linked to meta.7search.com which also shows up in the HOSTS file.

I did a Google search for the yourfreevids site, and here is the result:

This site is known to contain spyware, trojans or other malware or it wouldn't be listed on the custom HOSTS file.

Nowadays if a discussion board is not secure, spammers flood it using a number of tricks, so that they can leave their stupid advertisements.  Google picks up the ads, customers find them using Google, and that's how spammers make money off the bogus member entries.  You see all kinds of commercial website links in "comments" and "referers" on blog boards, and likewise on discussion boards you see bogus robot "users" leaving ads in posts and signature files, and the personal website fields often have stupid commercial sites in them.  Kids find scripts that insert characteristic member names with machine-gun speed, and you see this, blindly copied and run, all the time.  Discussion boards have been under siege for years.  I swear, if some group wrote a worm program that would take over the script kiddies' computers, and posted it as a new exploit, they could get a big botnet going in a matter of hours, before anybody knew what was happening.

The board writers are probably in on it with the spammers, because some of the stupidest things are written into the board releases.  Board managers need to modify the board code to prevent that stuff, and it's really not very hard to keep that stuff out.  That's why I consider the gaping security holes in free boards to be deliberate.

Board management can block that stuff fairly easily.  The really bad stuff is the trick calls and malformed packet games that more sophisticated hackers play.  They get in by sending a sequence of obscure commands that everybody forgot, or by tricking input parsing code into crashing, in a way that gives them control.  They are really on the edge of their seats looking for the latest new exploit, and then jumping on boards that they have checked out and listed ahead of time.

<edit> fixed spelling "eseasily"

CMM a and formal verification. Lots less bugs, way better code.

Most free bbs'es are examples of poor coding and are hack jobs. They are hobby programs.  They lack good design. All to often hack style developers slam dunk a project into their favorite langauge ignoring good design.  Then they document and support their project in "hack speak".  That totally pisses me off.

This is a major problem in ( but not limited to) the open source arena. And believe me, I do  like and use a lot of open source. But a lot of it and the attitudes of a lot of developers give me chills.  Like when I read in the Linux Journal that a hack style  programmer is to be praised and classified as a good programmer gives me flu like symptoms. I am not sdaying I dislike open souce, I use it extensively myself. But whatmakes programmers think that they are somehow above good design.

As Steve pointed out CMM.  Don't code till you embellish quality design. It'swhat separates real software engineers from hack (hobby) programmers..

real CMM sends the hackers packing but sometimes they move into CMM because they can't code.

Hmm.....I thought the title of 'computer programmer' went out a decade ago or more? We've always been called 'Systems Programmers' or sysproggies, until a few years back when the warm-fuzzies decided it should be changed to 'Systems Developers'. We don't actually develop anything, we program it to work in our shop using our parameters. IBM develops their software (like zOS), then issues a new release. But what do I know?  ::)

The hackers (aren't crackers really just a sub-species of hackers?) apparently have a running competition as to who can deface or corrupt the most sites. I don't think it was a particular attack against amfone (or they would've left a message like "SSB RoOLz"), more likely an opportunity to exploit known holes in the software and gain more bragging rights. Turks, Iranians, whatever. A few years ago it was the Chinese and Koreans along with some former Eastern Bloc countries. They're probably still at it too. 

Best thing to do is avoid software they target. Easier said than done, for the average user.