Air Proxy+13 year old brother=grrrrrr

Energize said:
You can't brute force any decent website, even if they had the actual database containing the user names and hashes they wouldn't be able to brute force it because they use a salt to prevent the use of rainbow tables. The story doesn't add up.
Click to expand...

Yes but a magic roundabout will get by that problem and then it's just a matter of applying the correct glitter and the password is yours.

well i don't think i'll be able to change your mind and i don't think you'll be able to change mind either. i thought he was year 11 not 13 so makes a small difference but not enough. i don't think what he's doing is wrong at all. i "hacked" into all my friends email accounts and would send emails to their friends etc. nothing wrong with that imo and i only learnt new ways to get into their accounts. i also knew not to hack into the teachers account and didnt need my "dad" to tell me not to do it.
Click to expand...

Any decent person respects other peoples privacy. What if you'd seen a very private email while on one of your hacking sprees? If I knew a friend of mine had hacked into my email or facebook for whatever reason he wouldn't be a friend any longer.
 
sorry fella, but i dont know what brute forcing is.... but he was able to tell me of personal emails in my fb account all said with a smirk...i was flabbergasted.
 
rotters said:
just been over to set up a new laptop for my mother and was told by my little brother that he could get round any firewall/family/parental control issues if he really wanted too.

I said ok go on prove it. he produced this website... www.you.derp.us ive never heard of an air proxy before, he now says that the year 11's at school have taught them all about them. He even showed me he knew my facebook log in as there are password crunching websites out there that produce passwords by putting names in it.

quite angry that he's got involved in all this...what next online bank robbery??



rotters
Click to expand...

oh don't be so worried mate, he's just talking big to sound like he knows what he's on about. brute-forcing your way into a website like facebook is next to impossible if their security setup was written anytime in the last five years or so.

did he actually know your facecrack password? if so, he's probably key-glanced you when you were entering it or he might have put a software keylogger on a PC you logged in on.

he sounds like a Script Kiddy with delusions of talent ;)
 
rotters said:
sorry fella, but i dont know what brute forcing is.... but he was able to tell me of personal emails in my fb account all said with a smirk...i was flabbergasted.
Click to expand...

he's either guesses/seen your pw or you've been left logged in and he's checked.
 
rotters said:
sorry fella, but i dont know what brute forcing is.... but he was able to tell me of personal emails in my fb account all said with a smirk...i was flabbergasted.
Click to expand...

He possibly used a keylogger, saw you enter the password, you were afk, or just guessed it.

Proxies are used by everyone and their dog for getting past firewalls at school and work, so that doesn't indicate he's fallen into the wrong crowd.
 
Last edited:
rotters said:
sorry fella, but i dont know what brute forcing is.... but he was able to tell me of personal emails in my fb account all said with a smirk...i was flabbergasted.
Click to expand...

brute forcing a password is when you get the password by using brute force - ie trying every password the programme can think of.

It usually has a dictionary to go at, and can can be programmed to try every word / date in its dictionary.

It can also usually be set to do an alphabetical attack, but if your password is say 10 characters long or so, and includes a random ASCI character (such as a ! or # or something) then the length of time to brute force the password is even longer.

As an example, a 10 digit password using random characters from the ASCI keyset would generate password of 64bit strength. From wiki

In 2002, distributed.net successfully found a 64-bit RC5 key in four years, in an effort which included over 300,000 different computers at various times, and which generated an average of over 12 billion keys per second.
Click to expand...

That took them 4 years with 300,000 computers. If he's only got his 1 computer, that means it would take him approximately 1.2 million years to brute force your 10 digit password.

Chances of him brute forcing your password if its your mothers maiden name or first pets name however, are about 5 minutes :/ Your password isnt something he could guess is it ? or an actual dictionary word ?
 
Darg said:
Any decent person respects other peoples privacy. What if you'd seen a very private email while on one of your hacking sprees? If I knew a friend of mine had hacked into my email or facebook for whatever reason he wouldn't be a friend any longer.
Click to expand...

at 13? really think people are looking into things too much. he's either acting older then he is, or messing around learning something new which is slightly not so innocent. i hear people all the time on this forum saying about pranks to do on friends such as screenshot desktop and hide icons. you could say there could be something private on their desktop as much as there could be something private on their emails but that's probably not going to be the case at 13.

people talk about respect but then don't give this kid very much.

rotters said:
I think im more annoyed that he can get around the family/parental restrictions i put in place tonight on his new laptop. the school stuff isnt too bad (apart from the facebook hacking).
Click to expand...

wow. would it not be better to respect this kid and teach him right from wrong rather then completely disrespect him and make it impossible for him to go to certain sites. you sound wonderful.

rotters said:
and you call me not very nice...you sound like a perfectly wonderful person.
Click to expand...

what's wrong with hacking into friends accounts when we did it to each other? it was in the name of fun and nothing more. we were allowed the freedom to explore what is right and what is very wrong and never took it too far.


edit: 20 years difference! way to go mum and dad.
 
Last edited:
Mammalian said:
at 13? really think people are looking into things too much. he's either acting older then he is, or messing around learning something new which is slightly not so innocent. i hear people all the time on this forum saying about pranks to do on friends such as screenshot desktop and hide icons. you could say there could be something private on their desktop as much as there could be something private on their emails but that's probably not going to be the case at 13.

people talk about respect but then don't give this kid very much.
Click to expand...

The op is 32.

So he may well have personal emails.
 
Mammalian said:
people talk about respect but then don't give this kid very much.
Click to expand...

the fact that he's smirking about it and bragging about it says he's not currently not treating what he's doing with the respect it deserves

At the moment he think its cool and rebelling.

Needs to be stamped out and a point made. As somebody already suggested, taking his laptop + the internet away for a week should do the trick.
 
MrLOL said:
That took them 4 years with 300,000 computers. If he's only got his 1 computer, that means it would take him approximately 1.2 million years to brute force your 10 digit password.

Chances of him brute forcing your password if its your mothers maiden name or first pets name however, are about 5 minutes :/ Your password isnt something he could guess is it ? or an actual dictionary word ?
Click to expand...

Not to mention facebook etc locks you out for X amount of minutes + asks for a capatcha (sp?) after so many fails so that time would be a couple of orders of magnitude larger.
 
Tefal said:
Not to mention facebook etc locks you out for X amount of minutes + asks for a capatcha (sp?) after so many fails so that time would be a couple of orders of magnitude larger.
Click to expand...

i'm guessing the OP does what everybody else does and uses the same password for everything and he's got it from something that can be brute forced then tried it on FB et voila ! he's reading the OP's inbox.
 
Kids will be kids. I spent a good deal of time in secondary school playing Quake over the schools LAN. We had a really cool IT department. They realised they could either fight us or work with us ;)
 
At the end of the day the kid used a proxy which everyone does at school and likely used the op's computer while he was afk to read his emails. While he should be reprimanded for invasion of privacy the op's fears about him being involved with anything more serious are unfounded and a white list or combined keyword & port blocking will prevent him bypassing the firewall.
 
MrLOL said:
i'm guessing the OP does what everybody else does and uses the same password for everything and he's got it from something that can be brute forced then tried it on FB et voila ! he's reading the OP's inbox.
Click to expand...

im quite careful, if i find he's used a key logger ill not be impressed.
 
rotters said:
im quite careful, if i find he's used a key logger ill not be impressed.
Click to expand...

is your password something that he could guess ?

We (as humans) are terrible for this. Sadly my password is crap as its a piece of information somebody could find out down at the town hall within half an hour probably.

My dad tried to lock me out of the UK living channel back in the old sky days ( ;) for those that remember what it turned into at 00:00) and he passworded it with:

His birth day,month,year

which was also ...

the same as the pin code for the debit card. My sister in laws pin code ? her birth day/month/year also

People always use something memorable for their passwords.
 
You sure you don't have the password saved in firefox and he has just gone options -> security -> saved password in firefox and said show passwords ...

Just beat him up, be a good brother :)
 
You must log in or register to reply here.
Back
Top Bottom