Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Gold/Mining/Energy : Winspear Resources -- Ignore unavailable to you. Want to Upgrade?

To: Mr Metals who wrote (7618)	8/9/1998 3:24:00 PM
From: E. Charters	Read Replies (1) \| Respond to of 26850

I don't know if it's that easy. The hacker has to have telnet connection to an ISP on a site you visit. If I access a site on the net it is impossible for him to connect directly with my computer. For one thing he would have to do it through netscape as that is my connection. He has to know my IP address. Then he has to get a connection through the site I am on back up the pipe to my IP. I access the net through trumpet and through netscape. In essence he has to tell trumpet to tell netscape to access my drive. I wish he could do that but he cannot. ~ I can set it up to run a host but it is not that easy with dynamic IP addresses. Will IE do the reverso trick if the hackeroid has telnet to the site you access and learns of your IP? I have heard that this is so. MS has left the hole there so they can do remote fixes of software when you contact them. They need it to do a system check. One has to know the code to allow access so it ain't that simple to open the two way comm. With IE it MAY not be a non issue. Drive access can be controlled IF the remote user was ID'd as a separate process and user a la Linux or other multi user file systems. This way remotes can be kept to disk areas a la ftp or the remote can be given limited file permissions. dangerous commands like SU can be hidden and other unix holes plugged. WIN 98 may have multi user protection. It is feasible perhaps but I wonder how that tcpip two way connection is opaquely allowed by a remote user... you would think the system would scream blue murder if packets started arriving with tags on them that indicated they were from a process that was not home launched.. but Java does that all the time.. Java has some monster security holes.. A really big security hole was the tty programming for oral gratification that the mother process imprinted on post embryonic "automata". Companies selling orally targeted widgets can induce plastic passing behaviour in triggered subjects. Apparently the response to stimuli drive is an autonomic one that cannot be overriden. Beer and cigar companies have grown rich exploiting this security hole. EC<:-}