<article>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#article09_06_05_2349206</id>
	<title>Hackers Claim $10K Prize For StrongWebmail Breakin</title>
	<author>Soulskill</author>
	<datestamp>1244210040000</datestamp>
	<htmltext>alphadogg writes <i>"Telesign, a provider of voice-based authentication software, challenged hackers to break into its StrongWebmail.com Web site late last week. The prize: $10,000. On Thursday, a group of security researchers claimed to have won the contest, which <a href="http://www.networkworld.com/news/2009/060409-hackers-claim-10000-prize-for.html">challenged hackers to break into the Web mail account</a> of StrongWebmail CEO Darren Berkovitz and report back details from his June 26 calendar entry. The hackers, led by Secure Science Chief Scientist Lance James and security researchers Aviv Raff and Mike Bailey, provided details from Berkovitz's calendar to IDG News Service. In an interview, Berkovitz confirmed those details were from his account. However, Berkovitz could not confirm that the hackers had actually won the prize. He said he would need to check to confirm that the hackers had abided by the contest rules, adding, 'if someone did it, we'll kind of put our heads down.'"</i></htmltext>
<tokenext>alphadogg writes " Telesign , a provider of voice-based authentication software , challenged hackers to break into its StrongWebmail.com Web site late last week .
The prize : $ 10,000 .
On Thursday , a group of security researchers claimed to have won the contest , which challenged hackers to break into the Web mail account of StrongWebmail CEO Darren Berkovitz and report back details from his June 26 calendar entry .
The hackers , led by Secure Science Chief Scientist Lance James and security researchers Aviv Raff and Mike Bailey , provided details from Berkovitz 's calendar to IDG News Service .
In an interview , Berkovitz confirmed those details were from his account .
However , Berkovitz could not confirm that the hackers had actually won the prize .
He said he would need to check to confirm that the hackers had abided by the contest rules , adding , 'if someone did it , we 'll kind of put our heads down .
' "</tokentext>
<sentencetext>alphadogg writes "Telesign, a provider of voice-based authentication software, challenged hackers to break into its StrongWebmail.com Web site late last week.
The prize: $10,000.
On Thursday, a group of security researchers claimed to have won the contest, which challenged hackers to break into the Web mail account of StrongWebmail CEO Darren Berkovitz and report back details from his June 26 calendar entry.
The hackers, led by Secure Science Chief Scientist Lance James and security researchers Aviv Raff and Mike Bailey, provided details from Berkovitz's calendar to IDG News Service.
In an interview, Berkovitz confirmed those details were from his account.
However, Berkovitz could not confirm that the hackers had actually won the prize.
He said he would need to check to confirm that the hackers had abided by the contest rules, adding, 'if someone did it, we'll kind of put our heads down.
'"</sentencetext>
</article>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229541</id>
	<title>Interesting approach</title>
	<author>l2718</author>
	<datestamp>1244214600000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext>Offering bounties is a great approach to finding bugs in your code.  The crackers are taking quite a legal risk, however -- what if the owner of the computer decided that they "exceeded the hacking authorization"?</htmltext>
<tokenext>Offering bounties is a great approach to finding bugs in your code .
The crackers are taking quite a legal risk , however -- what if the owner of the computer decided that they " exceeded the hacking authorization " ?</tokentext>
<sentencetext>Offering bounties is a great approach to finding bugs in your code.
The crackers are taking quite a legal risk, however -- what if the owner of the computer decided that they "exceeded the hacking authorization"?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229969</id>
	<title>Re:Telegraphing</title>
	<author>bitt3n</author>
	<datestamp>1244220780000</datestamp>
	<modclass>Funny</modclass>
	<modscore>4</modscore>
	<htmltext><p><div class="quote"><p>The size of the prize -- $10,000 -- indicates that the company thought it reasonably possible that they'd get hacked, and/or desired to avoid motivating any serious hacking attempt.  Neither explanation gives me much confidence in their product.
</p><p>And wow did it ever backfire.  Normally they do these kinds of promotions in the hopes that nobody will bother, so that the company can later say "We offered a wheelbarrow of cash, and still nobody hacked us!".  As if <i>that</i> was equivalent to a real security audit.</p></div><p>Perhaps they'll fix their software by simply offering a lower prize.</p><p>"Hack our software, and win a free small soda with purchase of any McDonald's value meal!"</p></div>
	</htmltext>
<tokenext>The size of the prize -- $ 10,000 -- indicates that the company thought it reasonably possible that they 'd get hacked , and/or desired to avoid motivating any serious hacking attempt .
Neither explanation gives me much confidence in their product .
And wow did it ever backfire .
Normally they do these kinds of promotions in the hopes that nobody will bother , so that the company can later say " We offered a wheelbarrow of cash , and still nobody hacked us ! " .
As if that was equivalent to a real security audit.Perhaps they 'll fix their software by simply offering a lower prize .
" Hack our software , and win a free small soda with purchase of any McDonald 's value meal !
"</tokentext>
<sentencetext>The size of the prize -- $10,000 -- indicates that the company thought it reasonably possible that they'd get hacked, and/or desired to avoid motivating any serious hacking attempt.
Neither explanation gives me much confidence in their product.
And wow did it ever backfire.
Normally they do these kinds of promotions in the hopes that nobody will bother, so that the company can later say "We offered a wheelbarrow of cash, and still nobody hacked us!".
As if that was equivalent to a real security audit.Perhaps they'll fix their software by simply offering a lower prize.
"Hack our software, and win a free small soda with purchase of any McDonald's value meal!
"
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229491</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231289</id>
	<title>Log On/Off, In/Out Annoyance</title>
	<author>msgmonkey</author>
	<datestamp>1244284140000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>What greatly annoys me is when I see a site has that has for example a "Log On" button but the corresponding button is called "Log Out" when it should be "Log Off".</p></htmltext>
<tokenext>What greatly annoys me is when I see a site has that has for example a " Log On " button but the corresponding button is called " Log Out " when it should be " Log Off " .</tokentext>
<sentencetext>What greatly annoys me is when I see a site has that has for example a "Log On" button but the corresponding button is called "Log Out" when it should be "Log Off".</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229695</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229485</id>
	<title>Rules?</title>
	<author>Anonymous</author>
	<datestamp>1244213880000</datestamp>
	<modclass>Redundant</modclass>
	<modscore>0</modscore>
	<htmltext><p>Rules? LOL.. Ok just as long as all hackers abide by the rules I'm sure all our information is safe<nobr> <wbr></nobr>:)</p></htmltext>
<tokenext>Rules ?
LOL.. Ok just as long as all hackers abide by the rules I 'm sure all our information is safe : )</tokentext>
<sentencetext>Rules?
LOL.. Ok just as long as all hackers abide by the rules I'm sure all our information is safe :)</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231951</id>
	<title>Re:The Catch</title>
	<author>koiransuklaa</author>
	<datestamp>1244295180000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>It would take a half a day at most. Camp outside his office or home, figure out which cell tower he is on (line of site) and poke an antenna in the path of the microwave link the tower uses to talk to the exchange. (This traffic is all unencrypted, bog standard T1/E1 stuff) - do whatever you need to do to trigger the text alert, suck down the CCITT-7 channel, then pick through the SMS payload until you find the code. Log in and take the cash.</p></div></blockquote><p>I'm not saying GSM isn't swiss cheese from todays security POV, but you make it sound like you would definitely succeed in that: in practice it would require a lot of effort and luck. First of all you're implying all BTS-BSC traffic goes over microwave which just isn't true: most of it is cable (probably partly because of the insecurity of the protocol). I've also heard some manufacturers break the standard and encrypt the BTS-BSC traffic in networks that are all their equipment (no links just hearsay, sorry).</p><p>Second, while locating the cell might not be hard, locating the BSC is more work and getting to the line of sight could be a real pain... these are implementation details of the attack but IMO important since you said "this is easy money": I disagree, it probably would not be easy even if you were lucky and the link really was microwave, definitely not half a day. Plus it absolutely would be criminal at least here in Finland, I'm guessing your laws don't actually require you to 'monitor a call' either for it to be criminal...</p><p>It's entirely possible that breaking the phone-BTS encryption could be an easier solution -- at least if they were still using A5/2 (an encryption shown to be just slightly better than ROT-13 when there is any known plaintext), but I guess that's not the case in the US. Social engineering or just lifting the phone from the CEOs pocket are almost certainly easier...</p></div>
	</htmltext>
<tokenext>It would take a half a day at most .
Camp outside his office or home , figure out which cell tower he is on ( line of site ) and poke an antenna in the path of the microwave link the tower uses to talk to the exchange .
( This traffic is all unencrypted , bog standard T1/E1 stuff ) - do whatever you need to do to trigger the text alert , suck down the CCITT-7 channel , then pick through the SMS payload until you find the code .
Log in and take the cash.I 'm not saying GSM is n't swiss cheese from todays security POV , but you make it sound like you would definitely succeed in that : in practice it would require a lot of effort and luck .
First of all you 're implying all BTS-BSC traffic goes over microwave which just is n't true : most of it is cable ( probably partly because of the insecurity of the protocol ) .
I 've also heard some manufacturers break the standard and encrypt the BTS-BSC traffic in networks that are all their equipment ( no links just hearsay , sorry ) .Second , while locating the cell might not be hard , locating the BSC is more work and getting to the line of sight could be a real pain... these are implementation details of the attack but IMO important since you said " this is easy money " : I disagree , it probably would not be easy even if you were lucky and the link really was microwave , definitely not half a day .
Plus it absolutely would be criminal at least here in Finland , I 'm guessing your laws do n't actually require you to 'monitor a call ' either for it to be criminal...It 's entirely possible that breaking the phone-BTS encryption could be an easier solution -- at least if they were still using A5/2 ( an encryption shown to be just slightly better than ROT-13 when there is any known plaintext ) , but I guess that 's not the case in the US .
Social engineering or just lifting the phone from the CEOs pocket are almost certainly easier.. .</tokentext>
<sentencetext>It would take a half a day at most.
Camp outside his office or home, figure out which cell tower he is on (line of site) and poke an antenna in the path of the microwave link the tower uses to talk to the exchange.
(This traffic is all unencrypted, bog standard T1/E1 stuff) - do whatever you need to do to trigger the text alert, suck down the CCITT-7 channel, then pick through the SMS payload until you find the code.
Log in and take the cash.I'm not saying GSM isn't swiss cheese from todays security POV, but you make it sound like you would definitely succeed in that: in practice it would require a lot of effort and luck.
First of all you're implying all BTS-BSC traffic goes over microwave which just isn't true: most of it is cable (probably partly because of the insecurity of the protocol).
I've also heard some manufacturers break the standard and encrypt the BTS-BSC traffic in networks that are all their equipment (no links just hearsay, sorry).Second, while locating the cell might not be hard, locating the BSC is more work and getting to the line of sight could be a real pain... these are implementation details of the attack but IMO important since you said "this is easy money": I disagree, it probably would not be easy even if you were lucky and the link really was microwave, definitely not half a day.
Plus it absolutely would be criminal at least here in Finland, I'm guessing your laws don't actually require you to 'monitor a call' either for it to be criminal...It's entirely possible that breaking the phone-BTS encryption could be an easier solution -- at least if they were still using A5/2 (an encryption shown to be just slightly better than ROT-13 when there is any known plaintext), but I guess that's not the case in the US.
Social engineering or just lifting the phone from the CEOs pocket are almost certainly easier...
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230847</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229695</id>
	<title>Hate to be a pedant.... But,</title>
	<author>Anonymous</author>
	<datestamp>1244216340000</datestamp>
	<modclass>Offtopic</modclass>
	<modscore>1</modscore>
	<htmltext><p>"break-in'", or "break-in"?</p><p>This is annoying, just as is "Logout", wich is best thought of as an act, so it should be writtein as "Log out", nnnnnnnoTTTTT, "Logout". When i see "logout" i think "oh, a PLACE". When i see "Log out", i thank the smarter site editor and imagine an act, not a place... But,that's just me...</p></htmltext>
<tokenext>" break-in ' " , or " break-in " ? This is annoying , just as is " Logout " , wich is best thought of as an act , so it should be writtein as " Log out " , nnnnnnnoTTTTT , " Logout " .
When i see " logout " i think " oh , a PLACE " .
When i see " Log out " , i thank the smarter site editor and imagine an act , not a place... But,that 's just me.. .</tokentext>
<sentencetext>"break-in'", or "break-in"?This is annoying, just as is "Logout", wich is best thought of as an act, so it should be writtein as "Log out", nnnnnnnoTTTTT, "Logout".
When i see "logout" i think "oh, a PLACE".
When i see "Log out", i thank the smarter site editor and imagine an act, not a place... But,that's just me...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229845</id>
	<title>Re:The Catch</title>
	<author>mysidia</author>
	<datestamp>1244218620000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>
Or find a bug in the webmail system that lets them get through without access to the phone number, lets them prevent or redirect the call.
</p><p>
At one extreme...  figure out how their system works, how it makes its outgoing calls, and one night, install some passive "taps"  outside their building   to capture the outgoing call  when they attempt to login....
</p></htmltext>
<tokenext>Or find a bug in the webmail system that lets them get through without access to the phone number , lets them prevent or redirect the call .
At one extreme... figure out how their system works , how it makes its outgoing calls , and one night , install some passive " taps " outside their building to capture the outgoing call when they attempt to login... .</tokentext>
<sentencetext>
Or find a bug in the webmail system that lets them get through without access to the phone number, lets them prevent or redirect the call.
At one extreme...  figure out how their system works, how it makes its outgoing calls, and one night, install some passive "taps"  outside their building   to capture the outgoing call  when they attempt to login....
</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231221</id>
	<title>Re:This is obvious</title>
	<author>TheLink</author>
	<datestamp>1244282940000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>There are always rules in a contest.<br><br>Rule #0 - A "win" is defined by the rules.<br><br>If there are no rules, there is no winning. If there is no winning, what sort of contest is it? And who gets the prize?<br><br>Yes there may be a weak link in the armor, but if you don't follow the rules you SHOULDN'T get the $10K.</htmltext>
<tokenext>There are always rules in a contest.Rule # 0 - A " win " is defined by the rules.If there are no rules , there is no winning .
If there is no winning , what sort of contest is it ?
And who gets the prize ? Yes there may be a weak link in the armor , but if you do n't follow the rules you SHOULD N'T get the $ 10K .</tokentext>
<sentencetext>There are always rules in a contest.Rule #0 - A "win" is defined by the rules.If there are no rules, there is no winning.
If there is no winning, what sort of contest is it?
And who gets the prize?Yes there may be a weak link in the armor, but if you don't follow the rules you SHOULDN'T get the $10K.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229577</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229553</id>
	<title>Put the Vi.agr.a team on it!!!</title>
	<author>Anonymous</author>
	<datestamp>1244214780000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>They'll break it.  Guaranteed.  Or your money back.</p></htmltext>
<tokenext>They 'll break it .
Guaranteed. Or your money back .</tokentext>
<sentencetext>They'll break it.
Guaranteed.  Or your money back.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230923</id>
	<title>Re:This is obvious</title>
	<author>houghi</author>
	<datestamp>1244321760000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>Because they might not be interested to see if it as a whole can be hacked, but if certain parts can be hacked. They might be aware that it can be DDOSsed. They know that social engineering will work, so they do not need or do not want to test those parts of the security.</p><p>It is like a bargame. You have a glass with beer and on top is a coaster. You must drink the beer without touching the coaster and when done drinking the coaster must be on top of the glass again.<br>The solution would be to take two barstools, place them close together, get the glass from top to bottom so that the coaster rests on the two stools and the glass is still in your hand. Drink the beer, and pick up the coaster with the glass.</p><p>Now you could say "why rules? Just drink the beer." But the challenge is not drinking the beer. The challenge is to solve the problem on HOW to do it. The beer is the prize.</p></htmltext>
<tokenext>Because they might not be interested to see if it as a whole can be hacked , but if certain parts can be hacked .
They might be aware that it can be DDOSsed .
They know that social engineering will work , so they do not need or do not want to test those parts of the security.It is like a bargame .
You have a glass with beer and on top is a coaster .
You must drink the beer without touching the coaster and when done drinking the coaster must be on top of the glass again.The solution would be to take two barstools , place them close together , get the glass from top to bottom so that the coaster rests on the two stools and the glass is still in your hand .
Drink the beer , and pick up the coaster with the glass.Now you could say " why rules ?
Just drink the beer .
" But the challenge is not drinking the beer .
The challenge is to solve the problem on HOW to do it .
The beer is the prize .</tokentext>
<sentencetext>Because they might not be interested to see if it as a whole can be hacked, but if certain parts can be hacked.
They might be aware that it can be DDOSsed.
They know that social engineering will work, so they do not need or do not want to test those parts of the security.It is like a bargame.
You have a glass with beer and on top is a coaster.
You must drink the beer without touching the coaster and when done drinking the coaster must be on top of the glass again.The solution would be to take two barstools, place them close together, get the glass from top to bottom so that the coaster rests on the two stools and the glass is still in your hand.
Drink the beer, and pick up the coaster with the glass.Now you could say "why rules?
Just drink the beer.
" But the challenge is not drinking the beer.
The challenge is to solve the problem on HOW to do it.
The beer is the prize.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229577</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28232677</id>
	<title>Re:The Catch</title>
	<author>cOle2</author>
	<datestamp>1244301480000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I'm no hacker but if you already have access to their systems then wouldn't it be easier to just change the phone number to one you control than to intercept a phone call or some such. Just a thought.</p></htmltext>
<tokenext>I 'm no hacker but if you already have access to their systems then would n't it be easier to just change the phone number to one you control than to intercept a phone call or some such .
Just a thought .</tokentext>
<sentencetext>I'm no hacker but if you already have access to their systems then wouldn't it be easier to just change the phone number to one you control than to intercept a phone call or some such.
Just a thought.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229623</id>
	<title>Re:Hu?</title>
	<author>Tubal-Cain</author>
	<datestamp>1244215500000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext>I could understand if they don't want to pay up to someone that hacked something other than their software. Exploiting a Window bug may count if they are not cross-platform may count, but bribing the janitor probably doesn't. Yes, a real cracker may hack one of this product's customers that way, but Telesign couldn't be at fault for that.</htmltext>
<tokenext>I could understand if they do n't want to pay up to someone that hacked something other than their software .
Exploiting a Window bug may count if they are not cross-platform may count , but bribing the janitor probably does n't .
Yes , a real cracker may hack one of this product 's customers that way , but Telesign could n't be at fault for that .</tokentext>
<sentencetext>I could understand if they don't want to pay up to someone that hacked something other than their software.
Exploiting a Window bug may count if they are not cross-platform may count, but bribing the janitor probably doesn't.
Yes, a real cracker may hack one of this product's customers that way, but Telesign couldn't be at fault for that.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229477</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28234047</id>
	<title>Re:Password are bad for security.</title>
	<author>\_Sharp'r\_</author>
	<datestamp>1244310000000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>1. Install script in end user's browser using drive-by download on site you get them to access, emailed javascript, etc... multitude of ways.<br>2. Wait for end user to accomplish steps 1-3a for you, which he will the next time he checks his mail.<br>3. Installed script passes whatever you want back to you since it now has secured access to your secure site. (???? step)<br>4. Profit $10K!</p><p>The phone call method of security is useless if you can just wait for the end user to legitimately accomplish it for you when they think they're doing it for themselves.</p></htmltext>
<tokenext>1 .
Install script in end user 's browser using drive-by download on site you get them to access , emailed javascript , etc... multitude of ways.2 .
Wait for end user to accomplish steps 1-3a for you , which he will the next time he checks his mail.3 .
Installed script passes whatever you want back to you since it now has secured access to your secure site .
( ? ? ? ? step ) 4 .
Profit $ 10K ! The phone call method of security is useless if you can just wait for the end user to legitimately accomplish it for you when they think they 're doing it for themselves .</tokentext>
<sentencetext>1.
Install script in end user's browser using drive-by download on site you get them to access, emailed javascript, etc... multitude of ways.2.
Wait for end user to accomplish steps 1-3a for you, which he will the next time he checks his mail.3.
Installed script passes whatever you want back to you since it now has secured access to your secure site.
(???? step)4.
Profit $10K!The phone call method of security is useless if you can just wait for the end user to legitimately accomplish it for you when they think they're doing it for themselves.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230597</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229759</id>
	<title>Re:Telegraphing</title>
	<author>Foodie</author>
	<datestamp>1244217240000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>$10,000 is not a bad price to pay for that much publicity.  Too bad they got hacked in such a short amount of time.</htmltext>
<tokenext>$ 10,000 is not a bad price to pay for that much publicity .
Too bad they got hacked in such a short amount of time .</tokentext>
<sentencetext>$10,000 is not a bad price to pay for that much publicity.
Too bad they got hacked in such a short amount of time.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229491</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230597</id>
	<title>Password are bad for security.</title>
	<author>Anonymous</author>
	<datestamp>1244229960000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Passwords are a bad means of securing a computer. Sure, passwords are far cry more secure means no authentication at all, but they do have some pretty severe limitations...</p><p>1) Any breach of a password pretty much kills them. Dead. If your ex-GF/BF gets the password to your webmail account, god help you, because the password in their hands works just as well as in yours.</p><p>2) Usually you don't have any (obvious) way of knowing that the breach occurred.</p><p>3) Because of (1) and (2), they are highly vulnerable to social engineering attacks: just convince somebody to give the password and it's game over. And it doesn't have to be you: it could be the system administrator, somebody at the help desk, you name it.</p><p><i>So they have to hack the phone company's system too, or find a way to clone his cellphone, so they can intercept the call and approve access?</i></p><p>Yes. That's the point, and it's a good point, too. This is a good step towards improving security, and I've toyed with doing something similar with our web-based product. Basically, the idea goes like this:</p><p>1) End user enters login name, clicks the "next" button.</p><p>1a) (in the background, a text message is sent to user's cell phone, with a code tied to the account and to the specific login session)</p><p>2) End user enters password, clicks the "next" button.</p><p>2a) (password verified against login account)</p><p>3) End user enters code that they've received on their phone, click next</p><p>3a) (system compares login, password, session, and entered code. If they all match, user is allowed through.</p><p>In order compromise this system without actually rooting the server, the hax0r has to: know the login &amp; password, have the cell phone or hax0rz the phone company, AND know the session code sent to the end user's browser. While not actually impossible, it's a damned sight more difficult than just a username/password!</p><p>Usually, the only way to accomplish these is to either BE the person, or steal their phone AND know their login/password. And if the phone is stolen, the rightful owner only needs to make a phone call to report it stolen, so the attack window is very small.</p><p>This is a GOOD thing folks!</p></htmltext>
<tokenext>Passwords are a bad means of securing a computer .
Sure , passwords are far cry more secure means no authentication at all , but they do have some pretty severe limitations...1 ) Any breach of a password pretty much kills them .
Dead. If your ex-GF/BF gets the password to your webmail account , god help you , because the password in their hands works just as well as in yours.2 ) Usually you do n't have any ( obvious ) way of knowing that the breach occurred.3 ) Because of ( 1 ) and ( 2 ) , they are highly vulnerable to social engineering attacks : just convince somebody to give the password and it 's game over .
And it does n't have to be you : it could be the system administrator , somebody at the help desk , you name it.So they have to hack the phone company 's system too , or find a way to clone his cellphone , so they can intercept the call and approve access ? Yes .
That 's the point , and it 's a good point , too .
This is a good step towards improving security , and I 've toyed with doing something similar with our web-based product .
Basically , the idea goes like this : 1 ) End user enters login name , clicks the " next " button.1a ) ( in the background , a text message is sent to user 's cell phone , with a code tied to the account and to the specific login session ) 2 ) End user enters password , clicks the " next " button.2a ) ( password verified against login account ) 3 ) End user enters code that they 've received on their phone , click next3a ) ( system compares login , password , session , and entered code .
If they all match , user is allowed through.In order compromise this system without actually rooting the server , the hax0r has to : know the login &amp; password , have the cell phone or hax0rz the phone company , AND know the session code sent to the end user 's browser .
While not actually impossible , it 's a damned sight more difficult than just a username/password ! Usually , the only way to accomplish these is to either BE the person , or steal their phone AND know their login/password .
And if the phone is stolen , the rightful owner only needs to make a phone call to report it stolen , so the attack window is very small.This is a GOOD thing folks !</tokentext>
<sentencetext>Passwords are a bad means of securing a computer.
Sure, passwords are far cry more secure means no authentication at all, but they do have some pretty severe limitations...1) Any breach of a password pretty much kills them.
Dead. If your ex-GF/BF gets the password to your webmail account, god help you, because the password in their hands works just as well as in yours.2) Usually you don't have any (obvious) way of knowing that the breach occurred.3) Because of (1) and (2), they are highly vulnerable to social engineering attacks: just convince somebody to give the password and it's game over.
And it doesn't have to be you: it could be the system administrator, somebody at the help desk, you name it.So they have to hack the phone company's system too, or find a way to clone his cellphone, so they can intercept the call and approve access?Yes.
That's the point, and it's a good point, too.
This is a good step towards improving security, and I've toyed with doing something similar with our web-based product.
Basically, the idea goes like this:1) End user enters login name, clicks the "next" button.1a) (in the background, a text message is sent to user's cell phone, with a code tied to the account and to the specific login session)2) End user enters password, clicks the "next" button.2a) (password verified against login account)3) End user enters code that they've received on their phone, click next3a) (system compares login, password, session, and entered code.
If they all match, user is allowed through.In order compromise this system without actually rooting the server, the hax0r has to: know the login &amp; password, have the cell phone or hax0rz the phone company, AND know the session code sent to the end user's browser.
While not actually impossible, it's a damned sight more difficult than just a username/password!Usually, the only way to accomplish these is to either BE the person, or steal their phone AND know their login/password.
And if the phone is stolen, the rightful owner only needs to make a phone call to report it stolen, so the attack window is very small.This is a GOOD thing folks!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229577</id>
	<title>This is obvious</title>
	<author>Anonymous</author>
	<datestamp>1244215020000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext><p>If they idea is to determine whether it can be cracked, why are there rules?  Whether they followed some self-imposed rules or not, it still indicates that there is a weak link in the armor.</p></htmltext>
<tokenext>If they idea is to determine whether it can be cracked , why are there rules ?
Whether they followed some self-imposed rules or not , it still indicates that there is a weak link in the armor .</tokentext>
<sentencetext>If they idea is to determine whether it can be cracked, why are there rules?
Whether they followed some self-imposed rules or not, it still indicates that there is a weak link in the armor.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229491</id>
	<title>Telegraphing</title>
	<author>Anonymous</author>
	<datestamp>1244214000000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext><p>The size of the prize -- $10,000 -- indicates that the company thought it reasonably possible that they'd get hacked, and/or desired to avoid motivating any serious hacking attempt.  Neither explanation gives me much confidence in their product.
</p><p>And wow did it ever backfire.  Normally they do these kinds of promotions in the hopes that nobody will bother, so that the company can later say "We offered a wheelbarrow of cash, and still nobody hacked us!".  As if <i>that</i> was equivalent to a real security audit.</p></htmltext>
<tokenext>The size of the prize -- $ 10,000 -- indicates that the company thought it reasonably possible that they 'd get hacked , and/or desired to avoid motivating any serious hacking attempt .
Neither explanation gives me much confidence in their product .
And wow did it ever backfire .
Normally they do these kinds of promotions in the hopes that nobody will bother , so that the company can later say " We offered a wheelbarrow of cash , and still nobody hacked us ! " .
As if that was equivalent to a real security audit .</tokentext>
<sentencetext>The size of the prize -- $10,000 -- indicates that the company thought it reasonably possible that they'd get hacked, and/or desired to avoid motivating any serious hacking attempt.
Neither explanation gives me much confidence in their product.
And wow did it ever backfire.
Normally they do these kinds of promotions in the hopes that nobody will bother, so that the company can later say "We offered a wheelbarrow of cash, and still nobody hacked us!".
As if that was equivalent to a real security audit.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229805</id>
	<title>Blackjacking's been around for awhile</title>
	<author>sgt\_doom</author>
	<datestamp>1244218020000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext>Hacking (or blackjacking, to use the vernacular) cells has been in existence for quite awhile, with probably Thai coders taking the lead, with Chinese, Americans, Germans and Brits coming up from the rear.....</htmltext>
<tokenext>Hacking ( or blackjacking , to use the vernacular ) cells has been in existence for quite awhile , with probably Thai coders taking the lead , with Chinese , Americans , Germans and Brits coming up from the rear.... .</tokentext>
<sentencetext>Hacking (or blackjacking, to use the vernacular) cells has been in existence for quite awhile, with probably Thai coders taking the lead, with Chinese, Americans, Germans and Brits coming up from the rear.....</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229653</id>
	<title>Re:The Catch</title>
	<author>Gi0</author>
	<datestamp>1244215860000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext>If i could hack the phone company's system, or find a way to clone their CEO cellphone,besides hacking their system,would i be willing to let them know for just 10 grant?Nop.That knowledge has got to be more precious.</htmltext>
<tokenext>If i could hack the phone company 's system , or find a way to clone their CEO cellphone,besides hacking their system,would i be willing to let them know for just 10 grant ? Nop.That knowledge has got to be more precious .</tokentext>
<sentencetext>If i could hack the phone company's system, or find a way to clone their CEO cellphone,besides hacking their system,would i be willing to let them know for just 10 grant?Nop.That knowledge has got to be more precious.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231899</id>
	<title>Re:Hu?</title>
	<author>Anonymous</author>
	<datestamp>1244294580000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>These guys are all professional penetration testers- Aviv Raff was involved in finding the carpetbomb exploits against browsers a while back, and Mike Bailey was the person who published a bunch of holes in McAfee's web site last month.</p><p>I rather suspect that it was an intelligent hack, and the other articles (google: strongwebmail) seem to comfirm that.</p></htmltext>
<tokenext>These guys are all professional penetration testers- Aviv Raff was involved in finding the carpetbomb exploits against browsers a while back , and Mike Bailey was the person who published a bunch of holes in McAfee 's web site last month.I rather suspect that it was an intelligent hack , and the other articles ( google : strongwebmail ) seem to comfirm that .</tokentext>
<sentencetext>These guys are all professional penetration testers- Aviv Raff was involved in finding the carpetbomb exploits against browsers a while back, and Mike Bailey was the person who published a bunch of holes in McAfee's web site last month.I rather suspect that it was an intelligent hack, and the other articles (google: strongwebmail) seem to comfirm that.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231467</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230089</id>
	<title>Re:Hate to be a pedant.... But,</title>
	<author>artor3</author>
	<datestamp>1244222340000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Yeah, and blackbirds are just black birds, so it should be written that way!</p><p>Or, you could learn English as its actually used, instead of pretending its a programming language.</p></htmltext>
<tokenext>Yeah , and blackbirds are just black birds , so it should be written that way ! Or , you could learn English as its actually used , instead of pretending its a programming language .</tokentext>
<sentencetext>Yeah, and blackbirds are just black birds, so it should be written that way!Or, you could learn English as its actually used, instead of pretending its a programming language.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229695</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28234903</id>
	<title>Re:The Catch</title>
	<author>toddestan</author>
	<datestamp>1244317020000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>The only detail that your missing is that you would also his username and password in addition to being able to tap his cell phone.</p></htmltext>
<tokenext>The only detail that your missing is that you would also his username and password in addition to being able to tap his cell phone .</tokentext>
<sentencetext>The only detail that your missing is that you would also his username and password in addition to being able to tap his cell phone.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230847</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231325</id>
	<title>Re:Hu?</title>
	<author>Nikker</author>
	<datestamp>1244284800000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Question:  Is this StrongWebmail.com a software or a service ? <br> <br>
Question: Since the CEO got his information retrieved with out his permission would you trust their claims with your own data?</htmltext>
<tokenext>Question : Is this StrongWebmail.com a software or a service ?
Question : Since the CEO got his information retrieved with out his permission would you trust their claims with your own data ?</tokentext>
<sentencetext>Question:  Is this StrongWebmail.com a software or a service ?
Question: Since the CEO got his information retrieved with out his permission would you trust their claims with your own data?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229623</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230007</id>
	<title>Re:Hu?</title>
	<author>Anonymous</author>
	<datestamp>1244221500000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>Why shouldn't bribing a janitor count?  If I'm paying someone to call me every time I want to log into my email, then I'm probably pretty paranoid about security and don't want other people gaining access to my email.  If security is so bad that random employees (including the janitor) can read my email, and those employees are so untrustworthy that they can be easily bribed, then that's just as real of a security problem as if their software were flawed.
</p><p>Security is often only as strong as its weakest point.  If the point of this prize was to prove that your email is secure on their servers, then gaining unauthorized access to other people's email on their servers should be enough to claim the prize.</p></htmltext>
<tokenext>Why should n't bribing a janitor count ?
If I 'm paying someone to call me every time I want to log into my email , then I 'm probably pretty paranoid about security and do n't want other people gaining access to my email .
If security is so bad that random employees ( including the janitor ) can read my email , and those employees are so untrustworthy that they can be easily bribed , then that 's just as real of a security problem as if their software were flawed .
Security is often only as strong as its weakest point .
If the point of this prize was to prove that your email is secure on their servers , then gaining unauthorized access to other people 's email on their servers should be enough to claim the prize .</tokentext>
<sentencetext>Why shouldn't bribing a janitor count?
If I'm paying someone to call me every time I want to log into my email, then I'm probably pretty paranoid about security and don't want other people gaining access to my email.
If security is so bad that random employees (including the janitor) can read my email, and those employees are so untrustworthy that they can be easily bribed, then that's just as real of a security problem as if their software were flawed.
Security is often only as strong as its weakest point.
If the point of this prize was to prove that your email is secure on their servers, then gaining unauthorized access to other people's email on their servers should be enough to claim the prize.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229623</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229827</id>
	<title>Re:Hate to be a pedant.... But,</title>
	<author>geekprime</author>
	<datestamp>1244218320000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>@davidsyes</p><p>No, that's just you.</p><p>Sorry.</p></htmltext>
<tokenext>@ davidsyesNo , that 's just you.Sorry .</tokentext>
<sentencetext>@davidsyesNo, that's just you.Sorry.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229695</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230863</id>
	<title>Re:Hu?</title>
	<author>houghi</author>
	<datestamp>1244320680000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>You could even tell your employees that if somebody does get into the mailbox that way, the only way for them to claim their prize is to tell who was the leak. That then would result in directly and immediately firing the person.</p><p>That way everybody is aware of the challenge and people will be double care full about giving out any details.<br>Make them also aware that people from IT also should not be asking for your password.</p><p>You have increased security for no cost.<nobr> <wbr></nobr>:-D</p></htmltext>
<tokenext>You could even tell your employees that if somebody does get into the mailbox that way , the only way for them to claim their prize is to tell who was the leak .
That then would result in directly and immediately firing the person.That way everybody is aware of the challenge and people will be double care full about giving out any details.Make them also aware that people from IT also should not be asking for your password.You have increased security for no cost .
: -D</tokentext>
<sentencetext>You could even tell your employees that if somebody does get into the mailbox that way, the only way for them to claim their prize is to tell who was the leak.
That then would result in directly and immediately firing the person.That way everybody is aware of the challenge and people will be double care full about giving out any details.Make them also aware that people from IT also should not be asking for your password.You have increased security for no cost.
:-D</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230007</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229651</id>
	<title>Full Details</title>
	<author>LSDelirious</author>
	<datestamp>1244215860000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>here: Official Contest Rules, Terms, and Conditions</htmltext>
<tokenext>here : Official Contest Rules , Terms , and Conditions</tokentext>
<sentencetext>here: Official Contest Rules, Terms, and Conditions</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229787</id>
	<title>Re:Hu?</title>
	<author>maxwells\_deamon</author>
	<datestamp>1244217780000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I suspect and hope that the statement was just a way to delay until the person in charge of the contest (some committee perhaps) officially confirms the win so that the check can be written.</p><p>that said, if you set something like this up with no rules you are being quite dumb.</p><p>for instance you can not violate law,  don't ambush employees in the parking lot with weapons.  Don't physically break into the building, don't download the employee database...</p></htmltext>
<tokenext>I suspect and hope that the statement was just a way to delay until the person in charge of the contest ( some committee perhaps ) officially confirms the win so that the check can be written.that said , if you set something like this up with no rules you are being quite dumb.for instance you can not violate law , do n't ambush employees in the parking lot with weapons .
Do n't physically break into the building , do n't download the employee database.. .</tokentext>
<sentencetext>I suspect and hope that the statement was just a way to delay until the person in charge of the contest (some committee perhaps) officially confirms the win so that the check can be written.that said, if you set something like this up with no rules you are being quite dumb.for instance you can not violate law,  don't ambush employees in the parking lot with weapons.
Don't physically break into the building, don't download the employee database...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229477</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28235549</id>
	<title>Re:The Catch</title>
	<author>Anonymous</author>
	<datestamp>1244320320000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>In the US, this level of skill generally hires out for more than 10 grand for an on-site engagement.  The money is actually too low, which is why it is surprising anyone succeeded - nobody good enough should get involved for that little, especially since it's not even guaranteed, you might fail if they are good or someone else might beat you to it if they are bad.</p></htmltext>
<tokenext>In the US , this level of skill generally hires out for more than 10 grand for an on-site engagement .
The money is actually too low , which is why it is surprising anyone succeeded - nobody good enough should get involved for that little , especially since it 's not even guaranteed , you might fail if they are good or someone else might beat you to it if they are bad .</tokentext>
<sentencetext>In the US, this level of skill generally hires out for more than 10 grand for an on-site engagement.
The money is actually too low, which is why it is surprising anyone succeeded - nobody good enough should get involved for that little, especially since it's not even guaranteed, you might fail if they are good or someone else might beat you to it if they are bad.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230847</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28235975</id>
	<title>Re:Hate to be a pedant.... But,  ... really odd</title>
	<author>davidsyes</author>
	<datestamp>1244279700000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>that this site behaves like an emo-machine...</p><p>Yesterday, my original post/comment was -1, flamebait. This AM, it was 2, Insightful, up to an hour ago (12 PM PST). Now, it's -1, Offtopic.</p><p>So, i state an opinion, which a sane, normal grammar/English teacher might be enthusiastically jump on, yet in this site chock-full of would-be intelligent people has a number of pain-pushing lurkers and some even with very low numbers who deign to seek and stomp down the rating given by someone trying to be benevolent.</p><p>This is why i've stated over an over that slashdot is a breeding ground for emotionally disturbed (but outwardly intelligent-- mostly, but not all) people who have so much frustration in their lives that they just explode and take it out on someone for the smallest little infraction they cannot tolerate. I'm NOT just talking about subscribers/readers. I am 80\% sure there are a few on-duty moderators who sit back and watch and allow such scoring to occur.</p><p>I propose, as i have in the past, that slashdot create a heuristics-like scoring and capping system where punishers are denied moderating priveleges or at least have them degraded. "Balancers" would be accorded extra privileges when they promote or rescue comments. The scoring system would show how many moderators/readers read the thread scored/attacked, show the plot, and suggest from the database a handful of decent moderators/readers to weigh in to counter the effect of wingnut/one-shot/reactionary attackers who in large number (or, from the looks of things, small numbers) come along and just bury someone, not so much to suppress their comment from read-level view, but to also psychologically assail someone as if to say, "you're not welcome here -- unless you keep your TERSE opinions to yourself..."....</p><p>All it needs to look like is a combination of Tektronix oscillator and a mini-scoring table. Nothing too hard to invent, and i certainly will not recognize any patent claims, because such a thing is described here in words, and is obvious and easy to visualize, and deserves no patent protection anyway. With the brainpower at VA/slashdot, such a scoring system would go a long way toward removing digital bully power in a geek forum. (And, yeh, 99\% of the time that i am a paid contributor/subscriber, i post with the No Subscriber Bonus box checked, so i automatically start low, relying only on readers to buoy me, not my ego to buoy my comments.)</p><p>If anything, such code could be Open Source developed and published as prior art before some commercial entity picks up my comments/idea and tries to patent it. If such a system exists, it ought to reviewed for patent revocation.</p></htmltext>
<tokenext>that this site behaves like an emo-machine...Yesterday , my original post/comment was -1 , flamebait .
This AM , it was 2 , Insightful , up to an hour ago ( 12 PM PST ) .
Now , it 's -1 , Offtopic.So , i state an opinion , which a sane , normal grammar/English teacher might be enthusiastically jump on , yet in this site chock-full of would-be intelligent people has a number of pain-pushing lurkers and some even with very low numbers who deign to seek and stomp down the rating given by someone trying to be benevolent.This is why i 've stated over an over that slashdot is a breeding ground for emotionally disturbed ( but outwardly intelligent-- mostly , but not all ) people who have so much frustration in their lives that they just explode and take it out on someone for the smallest little infraction they can not tolerate .
I 'm NOT just talking about subscribers/readers .
I am 80 \ % sure there are a few on-duty moderators who sit back and watch and allow such scoring to occur.I propose , as i have in the past , that slashdot create a heuristics-like scoring and capping system where punishers are denied moderating priveleges or at least have them degraded .
" Balancers " would be accorded extra privileges when they promote or rescue comments .
The scoring system would show how many moderators/readers read the thread scored/attacked , show the plot , and suggest from the database a handful of decent moderators/readers to weigh in to counter the effect of wingnut/one-shot/reactionary attackers who in large number ( or , from the looks of things , small numbers ) come along and just bury someone , not so much to suppress their comment from read-level view , but to also psychologically assail someone as if to say , " you 're not welcome here -- unless you keep your TERSE opinions to yourself... " ....All it needs to look like is a combination of Tektronix oscillator and a mini-scoring table .
Nothing too hard to invent , and i certainly will not recognize any patent claims , because such a thing is described here in words , and is obvious and easy to visualize , and deserves no patent protection anyway .
With the brainpower at VA/slashdot , such a scoring system would go a long way toward removing digital bully power in a geek forum .
( And , yeh , 99 \ % of the time that i am a paid contributor/subscriber , i post with the No Subscriber Bonus box checked , so i automatically start low , relying only on readers to buoy me , not my ego to buoy my comments .
) If anything , such code could be Open Source developed and published as prior art before some commercial entity picks up my comments/idea and tries to patent it .
If such a system exists , it ought to reviewed for patent revocation .</tokentext>
<sentencetext>that this site behaves like an emo-machine...Yesterday, my original post/comment was -1, flamebait.
This AM, it was 2, Insightful, up to an hour ago (12 PM PST).
Now, it's -1, Offtopic.So, i state an opinion, which a sane, normal grammar/English teacher might be enthusiastically jump on, yet in this site chock-full of would-be intelligent people has a number of pain-pushing lurkers and some even with very low numbers who deign to seek and stomp down the rating given by someone trying to be benevolent.This is why i've stated over an over that slashdot is a breeding ground for emotionally disturbed (but outwardly intelligent-- mostly, but not all) people who have so much frustration in their lives that they just explode and take it out on someone for the smallest little infraction they cannot tolerate.
I'm NOT just talking about subscribers/readers.
I am 80\% sure there are a few on-duty moderators who sit back and watch and allow such scoring to occur.I propose, as i have in the past, that slashdot create a heuristics-like scoring and capping system where punishers are denied moderating priveleges or at least have them degraded.
"Balancers" would be accorded extra privileges when they promote or rescue comments.
The scoring system would show how many moderators/readers read the thread scored/attacked, show the plot, and suggest from the database a handful of decent moderators/readers to weigh in to counter the effect of wingnut/one-shot/reactionary attackers who in large number (or, from the looks of things, small numbers) come along and just bury someone, not so much to suppress their comment from read-level view, but to also psychologically assail someone as if to say, "you're not welcome here -- unless you keep your TERSE opinions to yourself..."....All it needs to look like is a combination of Tektronix oscillator and a mini-scoring table.
Nothing too hard to invent, and i certainly will not recognize any patent claims, because such a thing is described here in words, and is obvious and easy to visualize, and deserves no patent protection anyway.
With the brainpower at VA/slashdot, such a scoring system would go a long way toward removing digital bully power in a geek forum.
(And, yeh, 99\% of the time that i am a paid contributor/subscriber, i post with the No Subscriber Bonus box checked, so i automatically start low, relying only on readers to buoy me, not my ego to buoy my comments.
)If anything, such code could be Open Source developed and published as prior art before some commercial entity picks up my comments/idea and tries to patent it.
If such a system exists, it ought to reviewed for patent revocation.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229695</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229731</id>
	<title>Re:Hate to be a pedant.... But,</title>
	<author>Anonymous</author>
	<datestamp>1244216820000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>This comment is a good vision test.<nobr> <wbr></nobr>;)</p></htmltext>
<tokenext>This comment is a good vision test .
; )</tokentext>
<sentencetext>This comment is a good vision test.
;)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229695</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229753</id>
	<title>Re:The Catch</title>
	<author>Jaime2</author>
	<datestamp>1244217180000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext>Or hack the authentication system so that it thinks you already went through all that stuff when all you did was forge an authentication proof.  Their system is very resistant to some types of attacks, like password guessing.  But, it is no stronger than a normal username and password against most attacks on the system itself.  SrongWebmail.com's biggest mistake was thinking that they knew of all of their weaknesses.</htmltext>
<tokenext>Or hack the authentication system so that it thinks you already went through all that stuff when all you did was forge an authentication proof .
Their system is very resistant to some types of attacks , like password guessing .
But , it is no stronger than a normal username and password against most attacks on the system itself .
SrongWebmail.com 's biggest mistake was thinking that they knew of all of their weaknesses .</tokentext>
<sentencetext>Or hack the authentication system so that it thinks you already went through all that stuff when all you did was forge an authentication proof.
Their system is very resistant to some types of attacks, like password guessing.
But, it is no stronger than a normal username and password against most attacks on the system itself.
SrongWebmail.com's biggest mistake was thinking that they knew of all of their weaknesses.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28234363</id>
	<title>Re:Hu?</title>
	<author>blhack</author>
	<datestamp>1244312460000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>This was exploited using a bug in strongwebmail's software.</p><p>They weren't sanitizing or validating inputs on CGIs, which allowed the contest winner to run some javascript on the target's machine.</p><p>The other thing they weren't doing was protecting themselves against CSRF attacks.</p><p>This was ABSOLUTELY a problem with strongwebmail's software.  Yes, user interaction was required, but the interaction was to exploit flaws in the software.</p></htmltext>
<tokenext>This was exploited using a bug in strongwebmail 's software.They were n't sanitizing or validating inputs on CGIs , which allowed the contest winner to run some javascript on the target 's machine.The other thing they were n't doing was protecting themselves against CSRF attacks.This was ABSOLUTELY a problem with strongwebmail 's software .
Yes , user interaction was required , but the interaction was to exploit flaws in the software .</tokentext>
<sentencetext>This was exploited using a bug in strongwebmail's software.They weren't sanitizing or validating inputs on CGIs, which allowed the contest winner to run some javascript on the target's machine.The other thing they weren't doing was protecting themselves against CSRF attacks.This was ABSOLUTELY a problem with strongwebmail's software.
Yes, user interaction was required, but the interaction was to exploit flaws in the software.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229623</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229673</id>
	<title>RULES?</title>
	<author>Anonymous</author>
	<datestamp>1244216100000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>one question stands out in my mind.... what WERE the rules to the contest? and was it stated they could be changed at any time?</p></htmltext>
<tokenext>one question stands out in my mind.... what WERE the rules to the contest ?
and was it stated they could be changed at any time ?</tokentext>
<sentencetext>one question stands out in my mind.... what WERE the rules to the contest?
and was it stated they could be changed at any time?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230847</id>
	<title>Re:The Catch</title>
	<author>digitalchinky</author>
	<datestamp>1244320320000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>5</modscore>
	<htmltext><p>Damn, I wish I lived in the US. This is easy money.</p><p>For 10 grand in prize money - wow, they didn't think about this very well. The kit you need is all available on ebay for less than a grand. I already have the modems, EDT data capture cards, a couple of Sun ultra's (old, but they do the job dependably), a spectrum analyser, antennas, level converters, up/down converter, transceivers and a bunch of cables to connect it all together.</p><p>It would take a half a day at most. Camp outside his office or home, figure out which cell tower he is on (line of site) and poke an antenna in the path of the microwave link the tower uses to talk to the exchange. (This traffic is all unencrypted, bog standard T1/E1 stuff) - do whatever you need to do to trigger the text alert, suck down the CCITT-7 channel, then pick through the SMS payload until you find the code. Log in and take the cash.</p><p>Legal? I'd say absolutely, you haven't actually monitored a 'cell phone' at all, nor have you tuned your receive gear to any part of the spectrum used by a cell phone. All you've done is read the out of band signalling system on an entirely separate trunk over a link, that is not breaking the 'do not monitor phone calls' rule. (No such rules exist where I live, mostly because radio is still thought of as magic by the Government)</p></htmltext>
<tokenext>Damn , I wish I lived in the US .
This is easy money.For 10 grand in prize money - wow , they did n't think about this very well .
The kit you need is all available on ebay for less than a grand .
I already have the modems , EDT data capture cards , a couple of Sun ultra 's ( old , but they do the job dependably ) , a spectrum analyser , antennas , level converters , up/down converter , transceivers and a bunch of cables to connect it all together.It would take a half a day at most .
Camp outside his office or home , figure out which cell tower he is on ( line of site ) and poke an antenna in the path of the microwave link the tower uses to talk to the exchange .
( This traffic is all unencrypted , bog standard T1/E1 stuff ) - do whatever you need to do to trigger the text alert , suck down the CCITT-7 channel , then pick through the SMS payload until you find the code .
Log in and take the cash.Legal ?
I 'd say absolutely , you have n't actually monitored a 'cell phone ' at all , nor have you tuned your receive gear to any part of the spectrum used by a cell phone .
All you 've done is read the out of band signalling system on an entirely separate trunk over a link , that is not breaking the 'do not monitor phone calls ' rule .
( No such rules exist where I live , mostly because radio is still thought of as magic by the Government )</tokentext>
<sentencetext>Damn, I wish I lived in the US.
This is easy money.For 10 grand in prize money - wow, they didn't think about this very well.
The kit you need is all available on ebay for less than a grand.
I already have the modems, EDT data capture cards, a couple of Sun ultra's (old, but they do the job dependably), a spectrum analyser, antennas, level converters, up/down converter, transceivers and a bunch of cables to connect it all together.It would take a half a day at most.
Camp outside his office or home, figure out which cell tower he is on (line of site) and poke an antenna in the path of the microwave link the tower uses to talk to the exchange.
(This traffic is all unencrypted, bog standard T1/E1 stuff) - do whatever you need to do to trigger the text alert, suck down the CCITT-7 channel, then pick through the SMS payload until you find the code.
Log in and take the cash.Legal?
I'd say absolutely, you haven't actually monitored a 'cell phone' at all, nor have you tuned your receive gear to any part of the spectrum used by a cell phone.
All you've done is read the out of band signalling system on an entirely separate trunk over a link, that is not breaking the 'do not monitor phone calls' rule.
(No such rules exist where I live, mostly because radio is still thought of as magic by the Government)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613</id>
	<title>The Catch</title>
	<author>LSDelirious</author>
	<datestamp>1244215380000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>5</modscore>
	<htmltext><p>from <a href="http://www.strongwebmail.com/secure/email/contests/hack" title="strongwebmail.com" rel="nofollow">StrongWebmail's Site</a> [strongwebmail.com] </p><p> <strong>There's just one catch: to access a StrongWebmail.com email account, the account's owner must receive a verification call on his pre-registered phone number. So even though you have our CEO's username and password, you still have some work to do because you don't have access to his telephone. If you do manage to be the first person to break into his email account, there's $10,000 in it for you - just register below to get started. Good luck! </strong> </p><p>So they have to hack the phone company's system too, or find a way to clone his cellphone, so they can intercept the call and approve access? They might be cool with having their own systems hacked, but it sounds like they are now involving a phone company, which might not be too thrilled to be a part of their little game - the only way around that I can see is to hack the StrongWebmail system to change the "pre-registered" phone number....</p><p>
and who the hell wants an email account you have to approve via phone call every time you login?!? What if your phone is lost/broken/dead/no reception/etc.. then you have no way in</p></htmltext>
<tokenext>from StrongWebmail 's Site [ strongwebmail.com ] There 's just one catch : to access a StrongWebmail.com email account , the account 's owner must receive a verification call on his pre-registered phone number .
So even though you have our CEO 's username and password , you still have some work to do because you do n't have access to his telephone .
If you do manage to be the first person to break into his email account , there 's $ 10,000 in it for you - just register below to get started .
Good luck !
So they have to hack the phone company 's system too , or find a way to clone his cellphone , so they can intercept the call and approve access ?
They might be cool with having their own systems hacked , but it sounds like they are now involving a phone company , which might not be too thrilled to be a part of their little game - the only way around that I can see is to hack the StrongWebmail system to change the " pre-registered " phone number... . and who the hell wants an email account you have to approve via phone call every time you login ? ! ?
What if your phone is lost/broken/dead/no reception/etc.. then you have no way in</tokentext>
<sentencetext>from StrongWebmail's Site [strongwebmail.com]  There's just one catch: to access a StrongWebmail.com email account, the account's owner must receive a verification call on his pre-registered phone number.
So even though you have our CEO's username and password, you still have some work to do because you don't have access to his telephone.
If you do manage to be the first person to break into his email account, there's $10,000 in it for you - just register below to get started.
Good luck!
So they have to hack the phone company's system too, or find a way to clone his cellphone, so they can intercept the call and approve access?
They might be cool with having their own systems hacked, but it sounds like they are now involving a phone company, which might not be too thrilled to be a part of their little game - the only way around that I can see is to hack the StrongWebmail system to change the "pre-registered" phone number....
and who the hell wants an email account you have to approve via phone call every time you login?!?
What if your phone is lost/broken/dead/no reception/etc.. then you have no way in</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231467</id>
	<title>Re:Hu?</title>
	<author>mrmeval</author>
	<datestamp>1244287320000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Kidnapping his secretary and removing apendages till they talked is not worthy of paying for. Sneaking in and looking at his calendar while he's taking a dump is not worth paying for. Blackmale...No. Social  engineering..No. They actually had to be intelligent and hack.</p></htmltext>
<tokenext>Kidnapping his secretary and removing apendages till they talked is not worthy of paying for .
Sneaking in and looking at his calendar while he 's taking a dump is not worth paying for .
Blackmale...No. Social engineering..No .
They actually had to be intelligent and hack .</tokentext>
<sentencetext>Kidnapping his secretary and removing apendages till they talked is not worthy of paying for.
Sneaking in and looking at his calendar while he's taking a dump is not worth paying for.
Blackmale...No. Social  engineering..No.
They actually had to be intelligent and hack.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229477</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229477</id>
	<title>Hu?</title>
	<author>Anonymous</author>
	<datestamp>1244213820000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext><p>Wait I'm confused??? They expected the hackers to follow rules?</p></htmltext>
<tokenext>Wait I 'm confused ? ? ?
They expected the hackers to follow rules ?</tokentext>
<sentencetext>Wait I'm confused???
They expected the hackers to follow rules?</sentencetext>
</comment>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_21</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28232677
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229653
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28234903
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230847
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_19</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229651
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28234047
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230597
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231899
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231467
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229477
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229787
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229477
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229827
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229695
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28235975
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229695
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229731
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229695
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230923
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229577
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230089
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229695
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231951
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230847
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229753
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_22</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28235549
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230847
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229805
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229845
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229759
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229491
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_23</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231325
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229623
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229477
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_20</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231221
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229577
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231289
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229695
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28234363
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229623
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229477
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230863
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230007
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229623
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229477
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_05_2349206_5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229969
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229491
</commentlist>
</thread>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_05_2349206.2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229477
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229787
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231467
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231899
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229623
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28234363
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230007
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230863
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231325
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_05_2349206.0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229695
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229827
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230089
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229731
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28235975
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231289
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_05_2349206.3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229541
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_05_2349206.1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229491
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229969
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229759
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_05_2349206.4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229577
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231221
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230923
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_05_2349206.5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229613
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229653
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230597
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28234047
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28230847
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28231951
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28234903
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28235549
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229805
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229651
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229845
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28229753
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_05_2349206.28232677
</commentlist>
</conversation>
