MysticWicks endorsement: "I've always, always regarded the Discordians as being people who chose to be Discordians because they can't be arsed to actually do any work to develop a relationship with a specific deity, they were too wishy-washy to choose just one path, and they just want to be a mishmash of everything and not have to work at learning about rituals or traditions or any such thing as that."
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Show posts MenuQuote from: Page 58The PODGE of the Sacred Chao is symbolized as The Golden Apple of Discordia, which represents the Eristic Principle of Disorder.
Quote from: Page 58The Pentagon represents the Aneristic Principle of Order and symbolizes the HODGE.
Quote from: Page 56It is the HODGE-PODGE of the Erisians. And, instead of a Podge spot on the Hodge side, it has a PENTAGON which symbolizes the ANERISTIC PRINCIPLE, and instead of a Hodge spot on the Podge side, it depicts the GOLDEN APPLE OF DISCORDIA to symbolize the ERISTIC PRINCIPLE.
Quote from: http://animalstalkinginallcaps.tumblr.com/post/10777435327/you-have-a-meth-addiction-carla-were-not-even
YOU HAVE A METH ADDICTION CARLA.
WE'RE NOT EVEN HAVING THIS CONVERSATION BECAUSE I'M A DOG AND YOU CAN'T TALK TO DOGS. THINK ABOUT IT.
I'M NOT EVEN YOUR DOG. YOU PROBABLY STOLE ME, BECAUSE YOU'RE ON METH.
GO TO REHAB. DRY YOURSELF OUT. YOU STILL HAVE SOME TEETH LEFT.
QuoteStephen Wilce's action-packed career appeared to rival the great heroes of thriller stories.
The British-born military scientist had worked as a spy, served with the Duke of York as a helicopter pilot, competed in the Winter Olympics, captained a Royal Navy swimming team and was a special forces soldier who ended up on an IRA death list.
He also boasted that he had designed the Polaris missile guidance system, that he was a member of the Welsh national rugby union team and, last but not least, that he was a guitarist on the British folk music circuit.
The only trouble was that Wilce's yarns were just that – total fiction
...
It has all proved very embarrassing for the New Zealand government, who employed the British expat as a senior intelligence officer.
...
The CV he tendered impressed a defence panel so much that he was given top level security clearance.
He oversaw 80 staff and had access to highly classified intelligence.
QuoteRisky.Biz understands multiple intruders have compromised Hell Pizza's 400mb database. While it does not contain any credit card information, it does contain in excess of 230,000 rows of customer entries.
The company operates 64 stores in New Zealand, three in England, nine in Australia and one in Ireland.
The database entries include the full names, addresses, phone numbers, e-mail addresses, passwords and order history for the company's customers. The information is "doing the rounds" across New Zealand.
Some who came into contact with the database contacted the company last year, posing as "concerned customers", but received no acknowledgement of the data breach. They fear the database may have already found its way into the wrong hands.
When contacted by Risky.Biz, Hell Pizza co-owner Stuart McMullin said he was unaware of the data breach. He offered no comment when a list of questions was e-mailed to him, beyond acknowledging the contact from "concerned customers" in 2009.
"I have spoken to my IT staff and they are not aware that our site was hacked or any records lost," McMullin wrote in an e-mail to Risky.Biz. "There were a couple of 'customers' that thought it was the case last year who emailed us - perhaps these are the sources you are referring to - but not to our knowledge."
While the database has become a valuable tool for security professionals in New Zealand, they believe the exposure of the data is exposing the company's customers to spam and other attacks.
It's possible that many users have recycled their passwords between their e-mail, PayPal, TradeMe, banking, eBay, Hell Pizza and other accounts. Even if just a few percent of the company's customers are recycling passwords, the database is worth obtaining, they say.
Downloading the Hell Pizza database, apparently, was very easy.
One source Risky.Biz spoke to says they looked into the security of the website when rumours of the breach started doing the rounds:
Immediately I spotted the SQL Queries being made by the Flash SWF as part of the query string to the server-side. The Flash client makes queries which are hard-coded in the .swf (this is dumb as it means SQL Injection is effectively a 'feature' of the store).
You could easily alter the query string to show the hashes stored in the MySQL users table. I figured out the version of MySQL was 4.0 (Debian Sarge) - and the hashes in this version are very weak, cracking them would take less than a couple of hours.
MySQL was listening on a remote port, so one could simply log in remotely and run queries or dump the database slowly so as to not be noticed.
Security researcher and Metasploit creator H D Moore described the security arrangements of the online ordering portal, as described above, as "about 50 steps of fail".
Another penetration tester says the Hell Pizza database is an excellent example of "non critical" information that could still be used by attackers for great benefit.
The Chair of New Zealand's Internet Task Force, Paul McKitrick, told Risky.Biz that he had heard rumours of the database circulating around the security community as far back as last year.
"A database like this of New Zealand users' personal information provides miscreants with a valuable list of commonly used, New Zealand-centric passwords which could prove useful in brute forcing passwords," he said.
"If Hell Pizza were aware of this then they should have notified their customers. I do not know what actions Hell Pizza took, but I was a customer and I have never received any notification that my personal information has been compromised."
McKitrick, the former head of the New Zealand Government's Centre for Critical Infrastructure Protection, added organisations that collect and store the personal details of their customers, have a responsibility to notify their customers if they believe that there has been a breach of their personal information.
"This enables customers to do something about mitigating their own personal exposure, such as ensuring that the compromised password was changed everywhere it had been used, because people frequently reuse their passwords."
Hell Pizza reported the breach to police after Risky.Biz provided it with some database excerpts it could verify.
QuoteDear Valued Hell Customer,
We have been approached by a party claiming to be in possession of customer details from the previous Hell website which is no longer in operation. The samples that we received included details of four customers from 2006, including phone numbers and email addresses and order information. We can confirm that credit card data was not at risk as this is held independently on a secure banking website.
Whilst we are still investigating the matter, we can confirm that the information was obtained without our knowledge and we have approached the New Zealand Police with a view to lodging a formal complaint. Hell recognises the importance of protecting customer information and additional security measures were implemented earlier this year when our new website was rolled out (again, we reiterate that this is not an issue affecting the new website). As a further security measure your may wish to consider changing your passwords on other sites if they were the same as the old Hell Pizza website.
We apologise for the incident and any inconvenience that this may have caused.
Sincerely,
Stu McMullin – Director Hell Pizza
We acknowledge that some of you have asked to be removed from the database and we have only included you for the purposes of this notification.