
Re: Hakin9's new Nmap Guide - dewey
http://seclists.org/nmap-dev/2012/q3/1050
======
dguido
It looks like Jonathan Brossard was the author:
<https://twitter.com/jonoberheide/status/251902357720403971>

I doubt this is widely known on Hacker News, but Hakin9 is one of the most
spammy organizations in infosec. They constantly beg everyone with any
relationship to security online to write articles for them and it seems
impossible to get them to stop. The creation of this epic troll was likely a
direct response to that.

The articles they do get tend to be more centered around using and running
tools, which isn't that useful and doesn't help you grow, and are filled with
typos and errors. I wouldn't be surprised if there were also egregious
examples of plagiarism hidden in their magazine like what was discovered at
the Infosec Institute
(<http://attrition.org/errata/plagiarism/infosec_institute/>).

~~~
fuzzbang
Actually, @fygrave put together the document (using scigen and a draft from
jonathan), so both of them should get credit.

------
heelhook
I have dealt with Hakin9 a few years ago and was extremely disappointed by how
they handle themselves. After publishing my article (a piece about overwriting
system calls by rewriting pointers in the system_table and practical uses) it
took them close to 10 months to be paid and only did so after harassing them
for months.

Its hilarious, albeit not too surprising, that they published this without
even bothering to read it (they crowdsource their proof reading and expect
beta readers to report if they are about to publish something inaccurate or
outright stupid).

------
bri3d
Quite an old tool, but SciGen ( <http://pdos.csail.mit.edu/scigen/> ) is great
for generating this style of satirical paper using choice buzzwords.

SciGen has famously been used to get falsified publications into several
"real" journals - citations are available on the SciGen page linked above and
worth checking out.

------
ewadudzic
Hello everyone,

My name is Ewa Dudzic, I have been the chief editor of Hakin9 for the last 15
years. I would like to make a statement concerning the article which you are
mentioning in this post. First of all I would like sincerely apologize to
everyone of you and all our readers for what has happened. I have to admit
that it was the unintentional mistake on our part. It should not have been
published but for some reasons, which we are currently investigating
internally, it was published causing as I can see a lot of negative opinions.
Mentioning that I would like to thank you for all your reactions. As negative
as they sound I humbly accept them and take full responsibility for that
mistake on our part. I can only wish that this hopefully one-time error will
not undermine the general perception of Hakin9 as professional magazine
offering the highest standard possible. I would also like to kindly ask you
not to pass the judgment on authors collaborating with us (who devote their
professionalism and heart to the content of each issue) basing on this
example. I can assure you we will investigate the matter to prevent such
"accidents" in the future. If you have any other questions or comments please
do not hesitate to contact me via email: ewa.dudzic@hakin9.org

~~~
gcrow
No idea if that is actually Ewa Dudzic, but this post is similar to past
responses to previous hakin9 spam. All useless in stopping them. She also
appears to no longer be listed as their chief editor on their website.

Also - hakin9 has only been around for 7 years, not 15. Sigh.

------
Stratoscope
"...pushing CPU microcode updates to the Windows 8 kernel..."

"...we asked (and answered) what would happen if mutually noisy ﬂip-ﬂop gates
were used instead of virtual machines..."

"...J. P. Ito’s seminal treatise on sufﬁx trees and observed effective USB key
space..."

Lovely. They've been SocialTexted!

<http://en.wikipedia.org/wiki/Sokal_affair>

------
alexholehouse
Outstanding. My personal favourite is,

 _"Our experiments soon proved that exokernelizing our fuzzy Knesis keyboards
was more effective than making autonomous them, as previous work suggested.
Our experiments soon proved that microkernelizing our PDP 11s was more
effective than exokernelizing them, as previous work suggested. We note that
other researchers have tried and failed to enable this functionality."_

~~~
geofft
Is this SCIgen? It looks like the same style, and "exokernel" vaguely
identifies it as the right co-conspirators. :-)

~~~
quanticle
As I understand it, it was a SciGen paper that was enhanced to make it more
readable.

------
Zenst
Pretty funny - found this one that made me laugh:

"Despite the results by Qian et al., we can disconfirm that the much-touted
real-time algorithm for the improvement of the transistor runs in &#x3a9;(2n)
time. This may or may not actually hold in reality. Along these same lines,
the frame- work for NMAP consists of four independent components: wireless
methodologies, voice- over-IP, the appropriate unification of systems and
Byzantine fault tolerance, and robust theory. This seems to hold in most
cases. Therefore, the framework that our application uses is solidly grounded
in reality."

------
aakside
"The rest of this paper is organized as follows. First, we motivate the need
for A* search. Second, we place our work in context with the previous work in
this area. As a result, we conclude."

------
jgrahamc
The "Rogue MD5 signing" value of d41d8cd98f00b204e9800998ecf8427e is the MD5
of the empty string.

------
ChuckMcM
Trying to read some of that 'paper' was really funny. Definitely worth a look.

------
iuguy
I routinely get spammed by Pentest Magazine affiliates asking me to write for
them, was thinking about doing something similar but these guys beat me to it.
Well played!

------
jyap
This is awesome.

Anyone have a link to this?

 _There is even an ASCII penis in the "sample output" section, but apparently
none of this raised any flags from Hakin9's "review board"._

~~~
dchest
It's in the output of DICKS:

    
    
      |--[ Exploiting remote IP stack pool overflow:
      | Anti ROP kernel heap non exec stack payload bypass
      |8======================================================> ((

------
jmias
Hum ...? or did they?(got punked!) i am starting to believe on negative viral
campaigns

------
oelmekki
Hilarous. Great job, writing team, now I want to buy this magazine.

------
countzeroasl
hackin9 got punk'd!!! Get down guys!

------
gregcmartin
absolutely brilliant

