c0n
|
Tony, would you talk about the AOL prog 'scene' from an employee point of view? I'm sure you got stories if you were there in the 90s. The kids that were making the progs which caused a lot of grief for AOL, I heard. AOL introduced rate limiters, and things to get into overhead accounts. A lot of those guys migrated to AIM after the Y2K era.
The "scene" got me into programming, it was the first time I learned about the "programmers program", a compiler. I got a hold of VB3 and dodi's decompiler and promptly decompliled Yong Ho's (MaGuS) program called "FATE X 3.0". I learned a lot from it and I attribute that time period to my career today. I never release any prog, but I had many unreleased progs that I distributed between local friends.
It would be interesting to hear what was going on at AOL during that time period. What was the issues, the problems, and how were things dealt with?
BOOM!
|
ohhihohello57
|
Ah, so I see AOL had to deal with their equivalent of Yahoo! Messenger's booters initially. Heck, there's even the VB3/4/5/6 recipe of these "proggies". I always thought rate limits were implemented from day 1.
Nice that something as simple (and annoying) as that led to your programming career. Personally, I started out with a cup of juice, a computer, Notepad, and the internet's hand to start creating batch "viruses" that did nothing but spit out intimidating text, along with regular batch scripts that were half-baked at best, before eventually switching to VB6. Not as interesting as pulling up VB, actually studying the code of another hack and applying it to your skillset, but still something.
I feel like if I had taken that route, I probably would've been more passionate in my craft, since compared to the next script kiddie program, creating batch scripts are very boring, considering they're DOS commands stuffed inside a file, and DOS isn't a programming language, and if it was, wouldn't be the best one. So you can only imagine how hard I crashed and burned when it came to VB6 and not creating the next script kiddie program, but instead stupid programs I meshed from various internet tutorials. =p
if (Nerd->Personality == (NERD_PERSON_FRONTFACING + NERD_PERSON_SMARTALEC)) { return; }
|
tonyshowoff
|
Well, for the most part that was handled elsewhere, the only time it came down to engineers (and when I say that, I am referring to people using C++, Java, et al not people using FDO and TCL, aside from TIK) was when an issue of filtering malformed HTML for punters or whatever came up.
Rate limits, as I mentioned to OP over IM, as is my recollection, actually came about more because of jackasses in public chats who weren't even technical people, just copy/pasting obnoxious garbage over and over trying to ruin chat experiences, which is why initially the chat room rate limit on the AOL client was pretty severe compared to AIM. If you recall it just straight up disconnected you.
As far as the prog community goes, most engineers were dismissive of it, it was seen as a bunch of stupid kids, but a few, myself included, contributed code and just general information sometimes to those who wanted to learn. Script kiddies and stuff were obnoxious, but for the most part, it was a fairly small and isolated community. Initially the private chats they used were banned, but that stopped when it was realised that didn't do anything to stop it.
There were attempts as well to promote semi-official and even third party programs like AOL PowerTools which operated by taking over the interface rather than working as a separate window. Of course these all sucked because they had to work within the Terms of Service and so never did anything remotely interesting, or even when ToS wasn't an issue, there was fear of certain things seeming "too much like punters." For some reason they believed this would destroy the prog community, really.
In my experience, and I can't speak to this officially, but in departments that were customer facing there was a total ignorance and hatred of prog makers, users, etc. In fact in the late 90s there was a total technical ignorance of what they even were, the chat rooms even when they were called "vb" were called "warez" chats. Keep in mind too that "warez" was pronounced "war-eez" or "war-ez" (like Juarez, Mexico), which is embarrassing.
Also the word "progs" wasn't really used, they were all called "punters" regardless of what they did, at least in my memory.
The more concerning part came later when people figured out how to mess with FDO and do a lot of things that straight up violated ToS and was potentially bad for other users... remember Hypa(h) stealing all AIM three character screennames? We saw that happen, but we couldn't do a damn thing about it, no way to roll back.
There were ways to mitigate some of this on the backend, but typically only after an incident happened, and for the most part engineers kept telling management that their insistence on crappy design lead to this disaster. There were also many web-facing issues messed up largely by out-sourced Indian engineers or internal engineers who were just crappy. These types of things lead people to get access to all sorts of things, not to mention that within AOL access to Cris and other places was a common problem.
AOL and AIM get a bad rap saying engineers/programmers were stupid, and this is somewhat true, especially later, but largely untrue, the problem was just as with many large companies, you have technically ignorant people dictating policy. You want to keep your job, you gotta do what you gotta do, or break the rules and try to get it done right and get yelled at a lot as is my and a few other people's case.
I am still proud today that AOL got so many people into programming, and it's why I tried to help, even when I was obligated to make sure people couldn't break things. There's a reason why certain things, like the malformed pre tag were never fixed, ... either because we didn't see the point, or there weren't any engineers left after AOL's idiotic downturn to fix them.
|
ohhihohello57
|
That's one hell of a write-up you got there, Tony. O_O
I feel bad for AOL for having to deal with the script kiddies who thought they were the "1337 haxx0rs" and just obnoxious jerks in general, but also for the people in the "prog" community that were genuinely helpful and informative, but were generalized with the obnoxious jerks and bashed by AOL as well.
I also can't believe AOL was as ignorant back then as they are now. IDK exactly how all the Indian engineers they rounded up bombed AOL (there must be some good ones out there), but AOL should've done quality checks on the engineers, Indian or not.
And lol @ AOL tech support at the time caling the "prog" "vb" chats "warez". From what I can piece up on these "proggie" people, not much pirating was done, unless you consider reverse-engineering and packet sniffing "pirating". =p
At least I know how to properly pronounce warez now... =p
if (Nerd->Personality == (NERD_PERSON_FRONTFACING + NERD_PERSON_SMARTALEC)) { return; }
|
tonyshowoff
|
> IDK exactly how all the Indian engineers they rounded up bombed AOL (there must be some good ones out there), but AOL should've done quality checks on the engineers, Indian or not.
In the late 90s a lot of companies began outsourcing to Indian companies and there's nothing inherently wrong with Indian engineers, the problem is that the cheapest ones tend to be also very crappy.
> And lol @ the AOL engineers at the time caling the "prog" "vb" chats "warez". From what I can piece up on these "proggie" people, not much pirating was done, unless you consider reverse-engineering and packet sniffing "pirating". =p
That wasn't engineers saying "warez" incorrectly or anything, that was all customer facing people, i.e. support people, ToS people, but also upper-management, when upper-management knew what was going on at all. Also Steve Case is actually a cool guy and is technical, despite constant bashing of him. He could be a jackass sometimes though and not think out policy too much.
Believe it or not, and I imagine you will, it was largely thought that because the protocol was such a disaster that nobody would reverse engineer it, it would be pointless. Needless to say that when AIM was initially done this scared some people in management, especially when Microsoft began supporting OSCAR. The solution was, and I kid you not, and this is a simplification, was to send a test SNAC which exploited a bug in AIM, if the bug wasn't there then the client was disconnected as likely being MSN.
Jeeze that's embarrassing.
|
ohhihohello57
|
"In the late 90s a lot of companies began outsourcing to Indian companies ... the problem is that the cheapest ones tend to be also very crappy."
lol now I see what you meant.
"it was largely thought that because the protocol was such a disaster that nobody would reverse engineer it, it would be pointless."
"... when Microsoft began supporting OSCAR. The solution was, and I kid you not, and this is a simplification, was to send a test SNAC which exploited a bug in AIM, if the bug wasn't there then the client was disconnected as likely being MSN."
I heard. tbh, when I first heard about that, I was asking myself why a company would utilize a bug in their own software just to ward off third-party clients from using OSCAR. Just absurd. It's like Yahoo!'s shoddy attempts at "secure" authentication just to ward third-party clients off from using their IM protocol, YMSG, but much more concerning.
And fun fact, I mainly use MSN via a third-party server named Escargot (https://escargot.log1p.xyz/), which I am a developer for. Be warned that some of the community now comprises of prepubescent kids (for some reason), and you may or may not have a good time with them on the service. =p
if (Nerd->Personality == (NERD_PERSON_FRONTFACING + NERD_PERSON_SMARTALEC)) { return; }
|
fuck
|
A lot of guys in the scene used social engineering to steal INT accounts to access features that AOL employees had. They also had to social the SecurID to sign on. This is how a lot of screen names were reset, that or tricking the reps on the phone to think you're an employee and have them reset the password.
There were also the crackers where you could find a method with no rates for sign on and create a program to try multiple accounts.
You could pull or crack HOST's and go into the AOL chat and "=qpermagag" people which would basically mute them.
OH accounts were scroll since they didn't have rate limit so you could load up a scroller and basically freeze everyone's chat window.
There was also other methods that came out later such as "grouping" which was on groups.aol.com where you could invite the account you wanted to steal and if the account was registered to fake AOL account, it would email you and let you know which account it was registered to. Then you would just register that account and request the password.
German accounts used to let you register curse word screen names like "Bitch" and "whore" as you couldn't do it on american accounts.
There was a bunch of other methods people did as well such as instakiss, free.aol.com, fas.aol.fr, etc.
Ahh the nostalgia.
|
ohhihohello57
|
lol for a sec I thought you were the same person that was originally replying to me (Tony). Nice to see that we got some other accounts of the lolligagging that AOL caused out of their sheer stupidity.
Let me just say that whoever was working at AOL and got tricked into giving their admin creds by random strangers should've been fired on the spot, or better yet, not have gotten the job at all. In any field of technology, in that matter. Heck, not even at your average supermarket. They seem to lack the most two basic functions any human should have: common sense and suspicion. If I was taking one of those employee's places and some rando(s) called me about giving me my admin creds to a chat service I manage, I would've ended the convo then and there. Not only would've I not wanted to get fired for that, but I know that whoever was asking for the creds was most likely up to no good. Or if that wasn't the case, probably screw everything up out of their own stupidity. I'd want to make the customer's experience worthwhile, along with the staff's experience, so I wouldn't give out creds willy nilly like that to let someone else ruin their fun.
As Tony said, by the time this was all revolving, none of the original AOL engineers were there to fix these problems, as they didn't follow the simple rule of breaking the rules to make the rules, and as Tony added, "getting yelled at a lot for it" before either quitting or being shown the door. In this case, those engineers could've reproduced the problem (to put it alternatively, dare I say it, make a "prog" involving that bug) to get to the bottom of the mystery and make AOL better, both for the customers and the people behind it. But unfortunately, they were too scared to even try, as they didn't want to risk getting yelled at and (hopefully not) getting fired for it. In the end, if they tried reproducing the problem, assuming they didn't have malicious intentions like the infamous "proggie" script kiddies did, and got to the bottom of the mystery to help improve the service, they would've made everyone happy.
And lol @ the ability to exploit the German AOL service to register vulgar screennames. =p
if (Nerd->Personality == (NERD_PERSON_FRONTFACING + NERD_PERSON_SMARTALEC)) { return; }
|
|
![[Reply]](img/forum/topicreply2.png)